In recent years,the issue of preserving the privacy of parties involved in blockchain transactions has garnered significant attention.To ensure privacy protection for both sides of the transaction,many researchers are...In recent years,the issue of preserving the privacy of parties involved in blockchain transactions has garnered significant attention.To ensure privacy protection for both sides of the transaction,many researchers are using ring signature technology instead of the original signature technology.However,in practice,identifying the signer of an illegal blockchain transaction once it has been placed on the chain necessitates a signature technique that offers conditional anonymity.Some illegals can conduct illegal transactions and evade the lawusing ring signatures,which offer perfect anonymity.This paper firstly constructs a conditionally anonymous linkable ring signature using the Diffie-Hellman key exchange protocol and the Elliptic Curve Discrete Logarithm,which offers a non-interactive process for finding the signer of a ring signature in a specific case.Secondly,this paper’s proposed scheme is proven correct and secure under Elliptic Curve Discrete Logarithm Assumptions.Lastly,compared to previous constructions,the scheme presented in this paper provides a non-interactive,efficient,and secure confirmation process.In addition,this paper presents the implementation of the proposed scheme on a personal computer,where the confirmation process takes only 2,16,and 24ms for ring sizes of 4,24 and 48,respectively,and the confirmation process can be combined with a smart contract on the blockchain with a tested millisecond level of running efficiency.In conclusion,the proposed scheme offers a solution to the challenge of identifying the signer of an illegal blockchain transaction,making it an essential contribution to the field.展开更多
To overcome the drawbacks such as high computational cost, unreasonable security model and long signature length in existing certificateless ring signature schemes, we propose an efficient certificateless ring signatu...To overcome the drawbacks such as high computational cost, unreasonable security model and long signature length in existing certificateless ring signature schemes, we propose an efficient certificateless ring signature scheme in this paper. Our construction is inspired by some efficient ID-based ring signature schemes, and uses bilinear pairings as a basic tool. Using a reasonable security model, the unforgeability of the proposed scheme is proven based on the intractability of the computational Diffie-Hellman (CDH) problem. The signature length of the new scheme is only |G2|+n|G1| (|Gi| is the bit length of an element in group Gi, i =1, 2). Compared with other existing certificateless ring signature schemes, the newly proposed scheme has a shorter signature length and is more efficient and practical.展开更多
Quantum algorithms bring great challenges to classical public key cryptosystems, which makes cryptosystems based on non-commutative algebraic systems hop topic. The braid groups, which are non-commutative, have attrac...Quantum algorithms bring great challenges to classical public key cryptosystems, which makes cryptosystems based on non-commutative algebraic systems hop topic. The braid groups, which are non-commutative, have attracted much attention as a new platform for constructing quantum attack-resistant cryptosystems. A ring signature scheme is proposed based on the difficulty of the root extraction problem over braid groups, which can resist existential forgery against the adaptively cho-sen-message attack under the random oracle model.展开更多
Group signature allows the anonymity of a real signer in a group to be revoked by a trusted party called group manager. It also gives the group manager the absolute power of controlling the formation of the group. Rin...Group signature allows the anonymity of a real signer in a group to be revoked by a trusted party called group manager. It also gives the group manager the absolute power of controlling the formation of the group. Ring signature, on the other hand, does not allow anyone to revoke the signer anonymity, while allowing the real signer to form a group (also known as a ring) arbitrarily without being controlled by any other party. In this paper, we propose a new variant for ring signature, called Revocable Ring Signature. The signature allows a real signer to form a ring arbitrarily while allowing a set of authorities to revoke the anonymity of the real signer. This new variant inherits the desirable properties from both group signature and ring signature in such a way that the real signer will be responsible for what it has signed as the anonymity is revocable by authorities while the real signer still has the freedom on ring formation. We provide a formal security model for revocable ring signature and propose an efficient construction which is proven secure under our security model.展开更多
An attribute-based ring signature scheme in lattice was proposed in this paper. In this signature scheme, an entity’s attributes correspond to the columns of a lattice matrix, and the signature was generated by using...An attribute-based ring signature scheme in lattice was proposed in this paper. In this signature scheme, an entity’s attributes correspond to the columns of a lattice matrix, and the signature was generated by using a subset of these attributes. The entities possessing these attributes form a ring. The scheme is computationally efficient than the schemes based on the integer factor problem and discrete logarithm problem, furthermore it is still secure in quantum computing environment.展开更多
Bitcoin has gained its popularity for almost 10 years as a "secure and anonymous digital currency". However, according to several recent researches, we know that it can only provide pseudonymity rather than real ano...Bitcoin has gained its popularity for almost 10 years as a "secure and anonymous digital currency". However, according to several recent researches, we know that it can only provide pseudonymity rather than real anonymity, and privacy has been one of the main concerns in the system similar to Bitcoin. Ring signature is a good method for those users who need better anonymity in cryptocurrency. It was first proposed by Rivest et al. based upon the discrete logarithm problem (DLP) assumption in 2006, which allows a user to sign a message anonymously on behalf of a group of users even without their coordination. The size of ring signature is one of the dominating parameters, and constant-size ring signature (where signature size is independent of the ring size) is much desirable. Otherwise, when the ring size is large, the resultant ring signature becomes unbearable for power limited devices or leads to heavy burden over the communication network. Though being extensively studied, currently there are only two approaches for constant-size ring signature. Achieving practical constant-size ring signature is a long-standing open problem since its introduction. In this work, we solve this open question. We present a new constant-size ring signature scheme based on bilinear pairing and accumulator, which is provably secure under the random oracle (RO) model. To the best of our knowledge, it stands for the most practical ring signature up to now.展开更多
Ring signature enables the members to sign anonymously without a manager, it has many online applications, such as e-voting, e-money, whistle blowing etc. As a promising post-quantum candidate, lattice-based cryptogra...Ring signature enables the members to sign anonymously without a manager, it has many online applications, such as e-voting, e-money, whistle blowing etc. As a promising post-quantum candidate, lattice-based cryptography attracts much attention recently. Several efficient lattice-based ring signatures have been naturally constructed from lattice basis delegation, but all of them have large verification key sizes. Our observation finds that a new concept called the split- small integer solution (SIS) problem introduced by Nguyen et al. at PKC'I 5 is excellent in reducing the public key sizes of lattice-based ring signature schemes from basis delegation. In this research, we first define an extended concept called the extended split-SIS problem, and then prove that the hardness of the extended problem is as hard as the approximating shortest independent vectors problem (SIVP) problem within certain polynomial factor. Moreover, we present an improved ring signature and prove that it is anonymous and unforgeable against the insider corruption. Finally, we give two other improved existing ring signature schemes from lattices. In the end, we show the comparison with the original scheme in terms of the verification key sizes. Our research data illustrate that the public key sizes of the proposed schemes are reduced significantly.展开更多
As big data,Artificial Intelligence,and Vehicle-to-Everything(V2X)communication have advanced,Intelligent Transportation Systems(ITS)are being developed to enable efficient and safe transportation systems.Electronic T...As big data,Artificial Intelligence,and Vehicle-to-Everything(V2X)communication have advanced,Intelligent Transportation Systems(ITS)are being developed to enable efficient and safe transportation systems.Electronic Toll Collection(ETC),which is one of the services included in ITS systems,is an automated system that allows vehicles to pass through toll plazas without stopping for manual payment.The ETC system is widely deployed on highways due to its contribution to stabilizing the overall traffic system flow.To ensure secure and efficient toll payments,designing a distributed model for sharing toll payment information among untrusted toll service providers is necessary.However,the current ETC system operates under a centralized model.Additionally,both toll service providers and toll plazas know the toll usage history of vehicles.It raises concerns about revealing the entire driving routes and patterns of vehicles.To address these issues,blockchain technology,suitable for secure data management and data sharing in distributed systems,is being applied to the ETC system.Blockchain enables efficient and transparent management of ETC information.Nevertheless,the public nature of blockchain poses a challenge where users’usage records are exposed to all participants.To tackle this,we propose a blockchain-based toll ticket model named AnonymousTollPass that considers the privacy of vehicles.The proposed model utilizes traceable ring signatures to provide unlinkability between tickets used by a vehicle and prevent the identity of the vehicle using the ticket from being identified among the ring members for the ticket.Furthermore,malicious vehicles’identities can be traced when they attempt to reuse tickets.By conducting simulations,we show the effectiveness of the proposed model and demonstrate that gas fees required for executing the proposed smart contracts are only 10%(when the ring size is 50)of the fees required in previous studies.展开更多
Recent developments in heterogeneous identity federation systems have heightened the need for the related trust management system.The trust management system evaluates,manages,and shares users’trust values.The servic...Recent developments in heterogeneous identity federation systems have heightened the need for the related trust management system.The trust management system evaluates,manages,and shares users’trust values.The service provider(SP)members of the federation system rely on users’trust values to determine which type and quality of service will be provided to the users.While identity federation systems have the potential to help federated users save time and energy and improve service experience,the benefits also come with significant privacy risks.So far,there has been little discussion about the privacy protection of users in heterogeneous identity federation systems.In this paper,we propose a trust value sharing scheme based on a proxy ring signature for the trust management system in heterogeneous identity federation topologies.The ring signature schemes can ensure the validity of the data and hide the original signer,thereby protecting privacy.Moreover,no group manager participating in the ring signature,which naturally matches with our decentralized heterogeneous identity federation topologies.The proxy signature can reduce the workload of the private key owner.The proposed scheme shortens the calculation time for verifying the signature and then reduces the overall time consumption in the process of trust sharing.Our studies prove that the proposed scheme is privacy-preserving,efficient,and effective.展开更多
The coronavirus,formerly known as COVID-19,has caused massive global disasters.As a precaution,most governments imposed quarantine periods ranging from months to years and postponed significantfinancial obligations.Furt...The coronavirus,formerly known as COVID-19,has caused massive global disasters.As a precaution,most governments imposed quarantine periods ranging from months to years and postponed significantfinancial obligations.Furthermore,governments around the world have used cutting-edge technologies to track citizens’activity.Thousands of sensors were connected to IoT(Internet of Things)devices to monitor the catastrophic eruption with billions of connected devices that use these novel tools and apps,privacy and security issues regarding data transmission and memory space abound.In this study,we suggest a block-chain-based methodology for safeguarding data in the billions of devices and sen-sors connected over the internet.Various trial secrecy and safety qualities are based on cutting-edge cryptography.To evaluate the proposed model,we recom-mend using an application of the system,a Raspberry Pi single-board computer in an IoT system,a laptop,a computer,cell phones and the Ethereum smart contract platform.The models ability to ensure safety,effectiveness and a suitable budget is proved by the Gowalla dataset results.展开更多
Progress in cloud computing makes group data sharing in outsourced storage a reality.People join in group and share data with each other,making team work more convenient.This new application scenario also faces data s...Progress in cloud computing makes group data sharing in outsourced storage a reality.People join in group and share data with each other,making team work more convenient.This new application scenario also faces data security threats,even more complex.When a user quit its group,remaining data block signatures must be re-signed to ensure security.Some researchers noticed this problem and proposed a few works to relieve computing overhead on user side.However,considering the privacy and security need of group auditing,there still lacks a comprehensive solution to implement secure group user revocation,supporting identity privacy preserving and collusion attack resistance.Aiming at this target,we construct a concrete scheme based on ring signature and smart contracts.We introduce linkable ring signature to build a kind of novel meta data for integrity proof enabling anonymous verification.And the new meta data supports secure revocation.Meanwhile,smart contracts are using for resisting possible collusion attack and malicious re-signing computation.Under the combined effectiveness of both signature method and blockchain smart contracts,our proposal supports reliable user revocation and signature re-signing,without revealing any user identity in the whole process.Security and performance analysis compared with previous works prove that the proposed scheme is feasible and efficient.展开更多
Cloud storage has been widely used to team work or cooperation devel-opment.Data owners set up groups,generating and uploading their data to cloud storage,while other users in the groups download and make use of it,wh...Cloud storage has been widely used to team work or cooperation devel-opment.Data owners set up groups,generating and uploading their data to cloud storage,while other users in the groups download and make use of it,which is called group data sharing.As all kinds of cloud service,data group sharing also suffers from hardware/software failures and human errors.Provable Data Posses-sion(PDP)schemes are proposed to check the integrity of data stored in cloud without downloading.However,there are still some unmet needs lying in auditing group shared data.Researchers propose four issues necessary for a secure group shared data auditing:public verification,identity privacy,collusion attack resis-tance and traceability.However,none of the published work has succeeded in achieving all of these properties so far.In this paper,we propose a novel block-chain-based ring signature PDP scheme for group shared data,with an instance deployed on a cloud server.We design a linkable ring signature method called Linkable Homomorphic Authenticable Ring Signature(LHARS)to implement public anonymous auditing for group data.We also build smart contracts to resist collusion attack in group auditing.The security analysis and performance evalua-tion prove that our scheme is both secure and efficient.展开更多
The maturity of 5G technology has enabled crowd-sensing services to collect multimedia data over wireless network,so it has promoted the applications of crowd-sensing services in different fields,but also brings more ...The maturity of 5G technology has enabled crowd-sensing services to collect multimedia data over wireless network,so it has promoted the applications of crowd-sensing services in different fields,but also brings more privacy security challenges,the most commom which is privacy leakage.As a privacy protection technology combining data integrity check and identity anonymity,ring signature is widely used in the field of privacy protection.However,introducing signature technology leads to additional signature verification overhead.In the scenario of crowd-sensing,the existing signature schemes have low efficiency in multi-signature verification.Therefore,it is necessary to design an efficient multi-signature verification scheme while ensuring security.In this paper,a batch-verifiable signature scheme is proposed based on the crowd-sensing background,which supports the sensing platform to verify the uploaded multiple signature data efficiently,so as to overcoming the defects of the traditional signature scheme in multi-signature verification.In our proposal,a method for linking homologous data was presented,which was valuable for incentive mechanism and data analysis.Simulation results showed that the proposed scheme has good performance in terms of security and efficiency in crowd-sensing applications with a large number of users and data.展开更多
The safe storage and sharing of medical data have promoted the development of the public medical field.At the same time,blockchain technology guarantees the safe storage and sharing of medical data.However,the consens...The safe storage and sharing of medical data have promoted the development of the public medical field.At the same time,blockchain technology guarantees the safe storage and sharing of medical data.However,the consensus algorithm in the current medical blockchain cannot meet the requirements of low delay and high throughput in the large-scale network,and the identity of the primary node is exposed and vulnerable to attack.Therefore,this paper proposes an efficient consensus algorithm for medical data storage and sharing based on a master–slave multi-chain of alliance chain(ECA_MDSS).Firstly,institutional nodes in the healthcare alliance chain are clustered according to geographical location and medical system structure to form a multi-zones network.The system adopts master–slave multi-chain architecture to ensure security,and each zone processes transactions in parallel to improve consensus efficiency.Secondly,the aggregation signature is used to improve the practical Byzantine fault-tolerant(PBFT)consensus to reduce the communication interaction of consensus in each zone.Finally,an efficient ring signature is used to ensure the anonymity and privacy of the primary node in each zone and to prevent adaptive attacks.Meanwhile,a trust model is introduced to evaluate the trust degree of the node to reduce the evil done by malicious nodes.The experimental results show that ECA_MDSS can effectively reduce communication overhead and consensus delay,improve transaction throughput,and enhance system scalability.展开更多
In order to protect the user's privacy identity,authentication requires anonymous authentication.Anonymous authentication is divided into unconditional anonymous authentication and traceable anonymous authenticati...In order to protect the user's privacy identity,authentication requires anonymous authentication.Anonymous authentication is divided into unconditional anonymous authentication and traceable anonymous authentication.Unconditional anonymous authentication can verify that the user belongs to an anonymous set,but the user's true identity cannot be obtained.However,in some applications,it is necessary to trace the true identity of the user.Therefore,a traceable anonymous authentication scheme is proposed.In order to prevent random tracing,the proposed scheme uses threshold joint tracing.When the identity of the authenticator needs to be traced,the threshold number of members can jointly trace the identity of the authenticator.In some special network applications such as anonymous electronic voting,in order to prevent repeated authentications and repeated elections,it is necessary to verify whether the two authentication signatures are signed by the same user without revealing the true identity of the user.Therefore,the proposed anonymous authentication scheme should have selective linkability.In order to achieve linkable authentication,the linkable tag is embedded by linkable ring signature.Compared with similar schemes through the simulation experiments,the implementation time of the proposed scheme is slightly better than other schemes.展开更多
Signcryption is a cryptographic primitive that performs encryption and signature in a single logical step more efficiently than sign-then-encrypt approach. Till now, various kinds of signcryption schemes have been pro...Signcryption is a cryptographic primitive that performs encryption and signature in a single logical step more efficiently than sign-then-encrypt approach. Till now, various kinds of signcryption schemes have been proposed. Among them, the requirement of signcrypter's privacy protection is needful in some practical applications. In this paper, a new identity-based anonymous signcryption scheme from hilinear pairings, which is the organic combination of identity-based ring signature and encryption scheme, is proposed. The proposed scheme is indistinguishable against the chosen ciphertext attack under the Decisional Bilinear Diffie-Hellman assumption in the random oracle model. Its unforgeability relies on the computational Diffieellman problem. Compared with the previous schemes, the new scheme is more efficient in computation.展开更多
Purchases of electric vehicles have been increasing in recent years. These vehicles differ from traditional fossil-fuel-based vehicles especially in the time consumed to keep them running. Electric-Vehicle-charging Se...Purchases of electric vehicles have been increasing in recent years. These vehicles differ from traditional fossil-fuel-based vehicles especially in the time consumed to keep them running. Electric-Vehicle-charging Service Providers(EVSPs) must arrange reasonable charging times for users in advance. Most EVSP services are based on third-party platforms, but reliance on third-party platforms creates a lack of security, leaving users vulnerable to attacks and user-privacy leakages. In this paper, we propose an anonymous blockchain-based system for charging-connected electric vehicles that eliminates third-party platforms through blockchain technology and the establishment of a multi-party security system between electric vehicles and EVSPs. In our proposed system, digital certificates are obtained by completing distributed Public Key Infrastructure(distributed-PKI) identity registration,with the user registration kept separate from the verification process, which eliminates dependence on the EVSP for information security. In the verification process, we adopt smart contracts to solve problems associated with centralized verification and opaque services. Furthermore, we utilize zero-knowledge proof and ring-signature superposition to realize completely anonymous verification, which ensures undeniability and unforgeability with no detriment to anonymity. The evaluation results show that the user anonymity, information authenticity, and system security of our system fulfill the necessary requirements.展开更多
Abe et al. proposed the methodology of ring signature (RS) design in 2002 andshowed how to construct RS with a mixture of public keys based on factorization and/or discretelogarithms. Their methodology cannot be appli...Abe et al. proposed the methodology of ring signature (RS) design in 2002 andshowed how to construct RS with a mixture of public keys based on factorization and/or discretelogarithms. Their methodology cannot be applied to knowledge signatures (KS) using the Fiat-Shamirheuristic and cut-and-choose techniques, for instance, the Goldreich KS. This paper presents a moregeneral construction of RS from various public keys if there exists a secure signature using such apublic key and an efficient algorithm to forge the relation to be checked if the challenges in sucha signature are known in advance. The paper shows how to construct RS based on the graph isomorphismproblem (GIP). Although it is unknown whether or not GIP is NP-Complete, there are no knownarguments that it can be solved even in the quantum computation model. Hence, the scheme has abetter security basis and it is plausibly secure against quantum adversaries.展开更多
Based on elliptic curve public key cryptosystem and with the help of ring signature,a traceable and anonymous authentication scheme is proposed.The security of the proposed scheme is based on the difficulty of solving...Based on elliptic curve public key cryptosystem and with the help of ring signature,a traceable and anonymous authentication scheme is proposed.The security of the proposed scheme is based on the difficulty of solving elliptic curve discrete logarithm problem(ECDLP)and the computational Diffie-Hellman assumption(CDHA).In order to prevent random tracing,the threshold technology is introduced into anonymous tracing.In addition,in the signature generation process,using the private key and the additional random number,the signature satisfies unforgeability.Compared with the existing schemes,the communication overhead of the proposed scheme is relatively small.In the case of similar calculational overhead,the proposed scheme not only has anonymous authentication,signature unforgeability,but also has threshold traceability.展开更多
Aiming at the requirement of anonymous supervision of digital certificates in blockchain public key infrastructure(PKI),this paper proposes a ring signature with multiple indirect verifications(RS-MIV).This mechanism ...Aiming at the requirement of anonymous supervision of digital certificates in blockchain public key infrastructure(PKI),this paper proposes a ring signature with multiple indirect verifications(RS-MIV).This mechanism can ensure multiple and indirect verification of certificate signer identity while preserving its anonymity.On this basis,a supervisable anonymous management scheme was designed based on smart contracts,which realizes the anonymity of certificate authority nodes,the anonymous issuance of digital certificates,the anonymous verification of digital certificates,and the traceability of illegal certificate issuers in the blockchain PKI.It is proved that the scheme can guarantee the anonymity and traceability of the certificate issuer’s identity at an acceptable cost.展开更多
基金funded by the National Natural Science Foundation of China (Grant Number 12171114)National Key R&D Program of China (Grant Number 2021YFA1000600).
文摘In recent years,the issue of preserving the privacy of parties involved in blockchain transactions has garnered significant attention.To ensure privacy protection for both sides of the transaction,many researchers are using ring signature technology instead of the original signature technology.However,in practice,identifying the signer of an illegal blockchain transaction once it has been placed on the chain necessitates a signature technique that offers conditional anonymity.Some illegals can conduct illegal transactions and evade the lawusing ring signatures,which offer perfect anonymity.This paper firstly constructs a conditionally anonymous linkable ring signature using the Diffie-Hellman key exchange protocol and the Elliptic Curve Discrete Logarithm,which offers a non-interactive process for finding the signer of a ring signature in a specific case.Secondly,this paper’s proposed scheme is proven correct and secure under Elliptic Curve Discrete Logarithm Assumptions.Lastly,compared to previous constructions,the scheme presented in this paper provides a non-interactive,efficient,and secure confirmation process.In addition,this paper presents the implementation of the proposed scheme on a personal computer,where the confirmation process takes only 2,16,and 24ms for ring sizes of 4,24 and 48,respectively,and the confirmation process can be combined with a smart contract on the blockchain with a tested millisecond level of running efficiency.In conclusion,the proposed scheme offers a solution to the challenge of identifying the signer of an illegal blockchain transaction,making it an essential contribution to the field.
基金the National Natural Science Foundation of China (60673070)the Natural Science Foundation of Jiangsu Province (BK2006217)
文摘To overcome the drawbacks such as high computational cost, unreasonable security model and long signature length in existing certificateless ring signature schemes, we propose an efficient certificateless ring signature scheme in this paper. Our construction is inspired by some efficient ID-based ring signature schemes, and uses bilinear pairings as a basic tool. Using a reasonable security model, the unforgeability of the proposed scheme is proven based on the intractability of the computational Diffie-Hellman (CDH) problem. The signature length of the new scheme is only |G2|+n|G1| (|Gi| is the bit length of an element in group Gi, i =1, 2). Compared with other existing certificateless ring signature schemes, the newly proposed scheme has a shorter signature length and is more efficient and practical.
基金Supported by the National Natural Science Foundation of China (No. 10501053)
文摘Quantum algorithms bring great challenges to classical public key cryptosystems, which makes cryptosystems based on non-commutative algebraic systems hop topic. The braid groups, which are non-commutative, have attracted much attention as a new platform for constructing quantum attack-resistant cryptosystems. A ring signature scheme is proposed based on the difficulty of the root extraction problem over braid groups, which can resist existential forgery against the adaptively cho-sen-message attack under the random oracle model.
基金Dennis Y.W.Liu and Duncan S.Wong were supported by CityU grants(Project Nos.7001844,7001959,7002001).
文摘Group signature allows the anonymity of a real signer in a group to be revoked by a trusted party called group manager. It also gives the group manager the absolute power of controlling the formation of the group. Ring signature, on the other hand, does not allow anyone to revoke the signer anonymity, while allowing the real signer to form a group (also known as a ring) arbitrarily without being controlled by any other party. In this paper, we propose a new variant for ring signature, called Revocable Ring Signature. The signature allows a real signer to form a ring arbitrarily while allowing a set of authorities to revoke the anonymity of the real signer. This new variant inherits the desirable properties from both group signature and ring signature in such a way that the real signer will be responsible for what it has signed as the anonymity is revocable by authorities while the real signer still has the freedom on ring formation. We provide a formal security model for revocable ring signature and propose an efficient construction which is proven secure under our security model.
基金Supported by National High Technology Research and Development Plan of China (2009AA01Z403, 2009AA01Z435)
文摘An attribute-based ring signature scheme in lattice was proposed in this paper. In this signature scheme, an entity’s attributes correspond to the columns of a lattice matrix, and the signature was generated by using a subset of these attributes. The entities possessing these attributes form a ring. The scheme is computationally efficient than the schemes based on the integer factor problem and discrete logarithm problem, furthermore it is still secure in quantum computing environment.
基金This work is supported in part by the National Key Research and Development Program of China under Grant No. 2017YFB0802000, the National Natural Science Foundation of China under Grant Nos. 61472084 and U1536205, the Shanghai Innovation Action Project under Grant No. 16DZ1100200, the Shanghai Science and Technology Development Funds under Grant No. 6JC1400801, and the Shandong Provincial Key Research and Development Program of China under Grant No. 2017CXG0701.
文摘Bitcoin has gained its popularity for almost 10 years as a "secure and anonymous digital currency". However, according to several recent researches, we know that it can only provide pseudonymity rather than real anonymity, and privacy has been one of the main concerns in the system similar to Bitcoin. Ring signature is a good method for those users who need better anonymity in cryptocurrency. It was first proposed by Rivest et al. based upon the discrete logarithm problem (DLP) assumption in 2006, which allows a user to sign a message anonymously on behalf of a group of users even without their coordination. The size of ring signature is one of the dominating parameters, and constant-size ring signature (where signature size is independent of the ring size) is much desirable. Otherwise, when the ring size is large, the resultant ring signature becomes unbearable for power limited devices or leads to heavy burden over the communication network. Though being extensively studied, currently there are only two approaches for constant-size ring signature. Achieving practical constant-size ring signature is a long-standing open problem since its introduction. In this work, we solve this open question. We present a new constant-size ring signature scheme based on bilinear pairing and accumulator, which is provably secure under the random oracle (RO) model. To the best of our knowledge, it stands for the most practical ring signature up to now.
基金supported by the National Natural Science Foundations of China (61472309, 61572390, 61303198, 61402353)the 111 Project (B08038)+1 种基金National Natural Science Foundations of Ningbo (201601HJ-B01382)Research Program of Anhui Education Committee (KJ2016A626, KJ2016A627)
文摘Ring signature enables the members to sign anonymously without a manager, it has many online applications, such as e-voting, e-money, whistle blowing etc. As a promising post-quantum candidate, lattice-based cryptography attracts much attention recently. Several efficient lattice-based ring signatures have been naturally constructed from lattice basis delegation, but all of them have large verification key sizes. Our observation finds that a new concept called the split- small integer solution (SIS) problem introduced by Nguyen et al. at PKC'I 5 is excellent in reducing the public key sizes of lattice-based ring signature schemes from basis delegation. In this research, we first define an extended concept called the extended split-SIS problem, and then prove that the hardness of the extended problem is as hard as the approximating shortest independent vectors problem (SIVP) problem within certain polynomial factor. Moreover, we present an improved ring signature and prove that it is anonymous and unforgeable against the insider corruption. Finally, we give two other improved existing ring signature schemes from lattices. In the end, we show the comparison with the original scheme in terms of the verification key sizes. Our research data illustrate that the public key sizes of the proposed schemes are reduced significantly.
基金supported by the National Research Foundation of Korea(NRF)grant funded by the Korea government(MSIT)(No.2021R1A2C1095591).
文摘As big data,Artificial Intelligence,and Vehicle-to-Everything(V2X)communication have advanced,Intelligent Transportation Systems(ITS)are being developed to enable efficient and safe transportation systems.Electronic Toll Collection(ETC),which is one of the services included in ITS systems,is an automated system that allows vehicles to pass through toll plazas without stopping for manual payment.The ETC system is widely deployed on highways due to its contribution to stabilizing the overall traffic system flow.To ensure secure and efficient toll payments,designing a distributed model for sharing toll payment information among untrusted toll service providers is necessary.However,the current ETC system operates under a centralized model.Additionally,both toll service providers and toll plazas know the toll usage history of vehicles.It raises concerns about revealing the entire driving routes and patterns of vehicles.To address these issues,blockchain technology,suitable for secure data management and data sharing in distributed systems,is being applied to the ETC system.Blockchain enables efficient and transparent management of ETC information.Nevertheless,the public nature of blockchain poses a challenge where users’usage records are exposed to all participants.To tackle this,we propose a blockchain-based toll ticket model named AnonymousTollPass that considers the privacy of vehicles.The proposed model utilizes traceable ring signatures to provide unlinkability between tickets used by a vehicle and prevent the identity of the vehicle using the ticket from being identified among the ring members for the ticket.Furthermore,malicious vehicles’identities can be traced when they attempt to reuse tickets.By conducting simulations,we show the effectiveness of the proposed model and demonstrate that gas fees required for executing the proposed smart contracts are only 10%(when the ring size is 50)of the fees required in previous studies.
基金This work is supported by the National Key Research and Development Project of China(No.2017YFB0802302)the Key Research and Development Project of Sichuan Province(Nos.20ZDYF2324,2019ZYD027,2018TJPT0012)+1 种基金the Science and Technology Support Project of Sichuan Province(Nos.2018GZ0204,2016FZ0112)the Science and Technology Project of Chengdu(No.2017-RK00-00103-ZF).
文摘Recent developments in heterogeneous identity federation systems have heightened the need for the related trust management system.The trust management system evaluates,manages,and shares users’trust values.The service provider(SP)members of the federation system rely on users’trust values to determine which type and quality of service will be provided to the users.While identity federation systems have the potential to help federated users save time and energy and improve service experience,the benefits also come with significant privacy risks.So far,there has been little discussion about the privacy protection of users in heterogeneous identity federation systems.In this paper,we propose a trust value sharing scheme based on a proxy ring signature for the trust management system in heterogeneous identity federation topologies.The ring signature schemes can ensure the validity of the data and hide the original signer,thereby protecting privacy.Moreover,no group manager participating in the ring signature,which naturally matches with our decentralized heterogeneous identity federation topologies.The proxy signature can reduce the workload of the private key owner.The proposed scheme shortens the calculation time for verifying the signature and then reduces the overall time consumption in the process of trust sharing.Our studies prove that the proposed scheme is privacy-preserving,efficient,and effective.
基金funded by Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2022TR140)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.
文摘The coronavirus,formerly known as COVID-19,has caused massive global disasters.As a precaution,most governments imposed quarantine periods ranging from months to years and postponed significantfinancial obligations.Furthermore,governments around the world have used cutting-edge technologies to track citizens’activity.Thousands of sensors were connected to IoT(Internet of Things)devices to monitor the catastrophic eruption with billions of connected devices that use these novel tools and apps,privacy and security issues regarding data transmission and memory space abound.In this study,we suggest a block-chain-based methodology for safeguarding data in the billions of devices and sen-sors connected over the internet.Various trial secrecy and safety qualities are based on cutting-edge cryptography.To evaluate the proposed model,we recom-mend using an application of the system,a Raspberry Pi single-board computer in an IoT system,a laptop,a computer,cell phones and the Ethereum smart contract platform.The models ability to ensure safety,effectiveness and a suitable budget is proved by the Gowalla dataset results.
基金The work is supported by the National Key Research and Development Program of China(No.2018YFC1604002)the National Natural Science Foundation of China(No.U1836204,No.U1936208,No.U1936216,No.62002197).
文摘Progress in cloud computing makes group data sharing in outsourced storage a reality.People join in group and share data with each other,making team work more convenient.This new application scenario also faces data security threats,even more complex.When a user quit its group,remaining data block signatures must be re-signed to ensure security.Some researchers noticed this problem and proposed a few works to relieve computing overhead on user side.However,considering the privacy and security need of group auditing,there still lacks a comprehensive solution to implement secure group user revocation,supporting identity privacy preserving and collusion attack resistance.Aiming at this target,we construct a concrete scheme based on ring signature and smart contracts.We introduce linkable ring signature to build a kind of novel meta data for integrity proof enabling anonymous verification.And the new meta data supports secure revocation.Meanwhile,smart contracts are using for resisting possible collusion attack and malicious re-signing computation.Under the combined effectiveness of both signature method and blockchain smart contracts,our proposal supports reliable user revocation and signature re-signing,without revealing any user identity in the whole process.Security and performance analysis compared with previous works prove that the proposed scheme is feasible and efficient.
基金supported by the National Key Research and Development Program of China(No.2018YFC1604002)the National Natural Science Foundation of China(No.U1836204,No.U1936208,No.U1936216,No.62002197).
文摘Cloud storage has been widely used to team work or cooperation devel-opment.Data owners set up groups,generating and uploading their data to cloud storage,while other users in the groups download and make use of it,which is called group data sharing.As all kinds of cloud service,data group sharing also suffers from hardware/software failures and human errors.Provable Data Posses-sion(PDP)schemes are proposed to check the integrity of data stored in cloud without downloading.However,there are still some unmet needs lying in auditing group shared data.Researchers propose four issues necessary for a secure group shared data auditing:public verification,identity privacy,collusion attack resis-tance and traceability.However,none of the published work has succeeded in achieving all of these properties so far.In this paper,we propose a novel block-chain-based ring signature PDP scheme for group shared data,with an instance deployed on a cloud server.We design a linkable ring signature method called Linkable Homomorphic Authenticable Ring Signature(LHARS)to implement public anonymous auditing for group data.We also build smart contracts to resist collusion attack in group auditing.The security analysis and performance evalua-tion prove that our scheme is both secure and efficient.
基金supported by National Natural Science Foundation of China under Grant No.61972360Shandong Provincial Natural Science Foundation of China under Grant Nos.ZR2020MF148,ZR2020QF108.
文摘The maturity of 5G technology has enabled crowd-sensing services to collect multimedia data over wireless network,so it has promoted the applications of crowd-sensing services in different fields,but also brings more privacy security challenges,the most commom which is privacy leakage.As a privacy protection technology combining data integrity check and identity anonymity,ring signature is widely used in the field of privacy protection.However,introducing signature technology leads to additional signature verification overhead.In the scenario of crowd-sensing,the existing signature schemes have low efficiency in multi-signature verification.Therefore,it is necessary to design an efficient multi-signature verification scheme while ensuring security.In this paper,a batch-verifiable signature scheme is proposed based on the crowd-sensing background,which supports the sensing platform to verify the uploaded multiple signature data efficiently,so as to overcoming the defects of the traditional signature scheme in multi-signature verification.In our proposal,a method for linking homologous data was presented,which was valuable for incentive mechanism and data analysis.Simulation results showed that the proposed scheme has good performance in terms of security and efficiency in crowd-sensing applications with a large number of users and data.
基金supported in part by the National Natural Science Foundation of China(61871466).
文摘The safe storage and sharing of medical data have promoted the development of the public medical field.At the same time,blockchain technology guarantees the safe storage and sharing of medical data.However,the consensus algorithm in the current medical blockchain cannot meet the requirements of low delay and high throughput in the large-scale network,and the identity of the primary node is exposed and vulnerable to attack.Therefore,this paper proposes an efficient consensus algorithm for medical data storage and sharing based on a master–slave multi-chain of alliance chain(ECA_MDSS).Firstly,institutional nodes in the healthcare alliance chain are clustered according to geographical location and medical system structure to form a multi-zones network.The system adopts master–slave multi-chain architecture to ensure security,and each zone processes transactions in parallel to improve consensus efficiency.Secondly,the aggregation signature is used to improve the practical Byzantine fault-tolerant(PBFT)consensus to reduce the communication interaction of consensus in each zone.Finally,an efficient ring signature is used to ensure the anonymity and privacy of the primary node in each zone and to prevent adaptive attacks.Meanwhile,a trust model is introduced to evaluate the trust degree of the node to reduce the evil done by malicious nodes.The experimental results show that ECA_MDSS can effectively reduce communication overhead and consensus delay,improve transaction throughput,and enhance system scalability.
基金Supported by the Key Natural Science Foundation of Anhui Higher Education Institutions(2022AH052536)。
文摘In order to protect the user's privacy identity,authentication requires anonymous authentication.Anonymous authentication is divided into unconditional anonymous authentication and traceable anonymous authentication.Unconditional anonymous authentication can verify that the user belongs to an anonymous set,but the user's true identity cannot be obtained.However,in some applications,it is necessary to trace the true identity of the user.Therefore,a traceable anonymous authentication scheme is proposed.In order to prevent random tracing,the proposed scheme uses threshold joint tracing.When the identity of the authenticator needs to be traced,the threshold number of members can jointly trace the identity of the authenticator.In some special network applications such as anonymous electronic voting,in order to prevent repeated authentications and repeated elections,it is necessary to verify whether the two authentication signatures are signed by the same user without revealing the true identity of the user.Therefore,the proposed anonymous authentication scheme should have selective linkability.In order to achieve linkable authentication,the linkable tag is embedded by linkable ring signature.Compared with similar schemes through the simulation experiments,the implementation time of the proposed scheme is slightly better than other schemes.
基金Supported by the National Natural Science Foundation of China (60573043)the Foundation of National Laboratory for Modern Communications (9140C1107010604)Youth Science and Technology Foundation of University of Electronic Science and Technology of China
文摘Signcryption is a cryptographic primitive that performs encryption and signature in a single logical step more efficiently than sign-then-encrypt approach. Till now, various kinds of signcryption schemes have been proposed. Among them, the requirement of signcrypter's privacy protection is needful in some practical applications. In this paper, a new identity-based anonymous signcryption scheme from hilinear pairings, which is the organic combination of identity-based ring signature and encryption scheme, is proposed. The proposed scheme is indistinguishable against the chosen ciphertext attack under the Decisional Bilinear Diffie-Hellman assumption in the random oracle model. Its unforgeability relies on the computational Diffieellman problem. Compared with the previous schemes, the new scheme is more efficient in computation.
基金supported by the Natural Science Foundation of Beijing (No.M21029)the National Key Basic R&D Program of China (No.2018YFB1800302)the National Natural Science Foundation of China (No.61802005)。
文摘Purchases of electric vehicles have been increasing in recent years. These vehicles differ from traditional fossil-fuel-based vehicles especially in the time consumed to keep them running. Electric-Vehicle-charging Service Providers(EVSPs) must arrange reasonable charging times for users in advance. Most EVSP services are based on third-party platforms, but reliance on third-party platforms creates a lack of security, leaving users vulnerable to attacks and user-privacy leakages. In this paper, we propose an anonymous blockchain-based system for charging-connected electric vehicles that eliminates third-party platforms through blockchain technology and the establishment of a multi-party security system between electric vehicles and EVSPs. In our proposed system, digital certificates are obtained by completing distributed Public Key Infrastructure(distributed-PKI) identity registration,with the user registration kept separate from the verification process, which eliminates dependence on the EVSP for information security. In the verification process, we adopt smart contracts to solve problems associated with centralized verification and opaque services. Furthermore, we utilize zero-knowledge proof and ring-signature superposition to realize completely anonymous verification, which ensures undeniability and unforgeability with no detriment to anonymity. The evaluation results show that the user anonymity, information authenticity, and system security of our system fulfill the necessary requirements.
文摘Abe et al. proposed the methodology of ring signature (RS) design in 2002 andshowed how to construct RS with a mixture of public keys based on factorization and/or discretelogarithms. Their methodology cannot be applied to knowledge signatures (KS) using the Fiat-Shamirheuristic and cut-and-choose techniques, for instance, the Goldreich KS. This paper presents a moregeneral construction of RS from various public keys if there exists a secure signature using such apublic key and an efficient algorithm to forge the relation to be checked if the challenges in sucha signature are known in advance. The paper shows how to construct RS based on the graph isomorphismproblem (GIP). Although it is unknown whether or not GIP is NP-Complete, there are no knownarguments that it can be solved even in the quantum computation model. Hence, the scheme has abetter security basis and it is plausibly secure against quantum adversaries.
基金Supported by the Key Natural Science Foundation of Anhui Higher Education Institutions(KJ2017A857,KJ2019A0727)the Nature Science Youth Foundation of Anhui Province(1708085QF157)the Key Projects of Support Program for Outstanding Youth Talent of Universities in Anhui Province(gxyq2017050)。
文摘Based on elliptic curve public key cryptosystem and with the help of ring signature,a traceable and anonymous authentication scheme is proposed.The security of the proposed scheme is based on the difficulty of solving elliptic curve discrete logarithm problem(ECDLP)and the computational Diffie-Hellman assumption(CDHA).In order to prevent random tracing,the threshold technology is introduced into anonymous tracing.In addition,in the signature generation process,using the private key and the additional random number,the signature satisfies unforgeability.Compared with the existing schemes,the communication overhead of the proposed scheme is relatively small.In the case of similar calculational overhead,the proposed scheme not only has anonymous authentication,signature unforgeability,but also has threshold traceability.
基金This work was supported in part by the National Key Research and Development Program of China under Grant 2018YFB0803603 and Grant 2016YFB0501901in part by the National Natural Science Foundation of China under Grant 61502531,Grant 61702550,and Grant 61802436.
文摘Aiming at the requirement of anonymous supervision of digital certificates in blockchain public key infrastructure(PKI),this paper proposes a ring signature with multiple indirect verifications(RS-MIV).This mechanism can ensure multiple and indirect verification of certificate signer identity while preserving its anonymity.On this basis,a supervisable anonymous management scheme was designed based on smart contracts,which realizes the anonymity of certificate authority nodes,the anonymous issuance of digital certificates,the anonymous verification of digital certificates,and the traceability of illegal certificate issuers in the blockchain PKI.It is proved that the scheme can guarantee the anonymity and traceability of the certificate issuer’s identity at an acceptable cost.