基于带智能卡的移动终端实现的隐私保护的属性票据方案

Privacy-preserving attribute ticket scheme based on mobile terminal with smart card

为了解决现有电子票据系统难以在资源受限设备中部署,以及无法防止票据在未授权设备之间共享的问题,提出了基于带智能卡的移动终端实现的隐私保护的属性票据方案。其中,智能卡为安全可信但资源受限的核心设备,负责存储密钥信息并处理轻量级的运算;智能终端为功能强大的辅助设备,负责处理与密钥无关但耗时的运算。首先,结合伪随机函数、匿名的临时身份方案、带随机化标签的可聚合签名和Pointcheval-Sanders签名,构造了一个可在带智能卡的移动终端部署的支持属性策略的电子票据方案;其次,给出了电子票据的安全模型并证明了所提方案满足不可链接性和不可伪造性;最后,在个人计算机、国产智能卡(爱信诺ACH512)和智能手机(华为荣耀9i)上实现了所提方案,对比和实验结果表明了所提方案的高效性。

To solve the problem that the existing electronic ticket systems are challenging to deploy in resource-constrained devices and cannot prevent the sharing of tickets among unauthorized devices,a privacy-preserving attribute ticket scheme based on mobile terminal with a smart card was proposed.The smart card was a secure and constrained-yet-trusted core device that holds secret information and performs lightweight operations.The mobile terminal was a powerful helper device that handles key-independent and time-consuming operations.Firstly,the efficient attribute-based ticket scheme deployed on the mobile terminal with a smart card was constructed by combining a pseudorandom function,anonymous ephemeral identities scheme,aggregatable signatures with randomizable tags,and Pointcheval-Sanders signatures.Secondly,the security model of the electronic tickets system was presented,and the proposed scheme was proved to be unlinkable and unforgeable.Finally,the proposed scheme was implemented on a personal computer,a smart card(Aisinochip ACH512),and a smart phone(Huawei Honor 9i),and the comparison and experimental results show that it is efficient.