可信第三方的伪名签名方案研究

doi:10.3778/j.issn.1673-9418.1907051

摘要/Abstract

摘要：

互联网中用户资料极易泄露，用户的匿名性和安全性问题亟待解决。伪名签名方案可以使用户在网络通信中保持匿名，但存在认证机构与域管理机构合谋泄露的风险和对违规用户响应慢的问题。针对该问题，提出了可信第三方参与的伪名签名方案。在该方案中，用户首先向认证机构申请允许使用某个伪名的许可证书，然后使用该许可证书向域管理机构申请该伪名的证书，并使用该伪名在域中构建伪名签名，最后通过追踪中心（可信第三方）快速检测可能存在违规操作的用户，由认证机构进行相应的处理。方案通过双重伪名更好地保证了用户的匿名性，降低了中央认证机构的运算成本，提高了系统的门限，并且在获取违规用户真实身份时具有快速响应能力，降低了系统因用户违规操作带来的潜在损失。

关键词: 伪名签名, 双重伪名, 去匿名化, 部分盲签名

Abstract:

User data on the Internet are extremely easy to leak, and the anonymity and security issues of users need to be resolved. The pseudonym system can make users remain anonymous in network communication, but there are risks of collusion between authentication agencies and domain management agencies and a slow response to the offending user. Aiming at this problem, a pseudonym signature scheme involving trusted third parties is proposed in this paper. The user first applies to the certificate authority for a license permitting the use of a pseudonym, then uses the license to apply for the pseudonym certificate from the domain authority, and uses the pseudonym to construct a pseudonym signature in the domain. Finally, users with illegal operations are quickly detected by tracking center (trusted third party), and the certificate authority will handle the corresponding processing. The proposed scheme guarantees the anonymity of users better by using double pseudonyms, reduces the operation cost of the certificate authority, improves the threshold of the system, has fast response ability in acquiring the real identity of users who violate the rules, and reduces the potential loss of the system caused by users?? illegal operations.

Key words: pseudonymous signature, double pseudonym, de-anonymization, partial blind signature

陈虹，陈红霖，黄洁，肖成龙，郭鹏飞，金海波. 可信第三方的伪名签名方案研究[J]. 计算机科学与探索, 2020, 14(8): 1327-1337.

CHEN Hong, CHEN Honglin, HUANG Jie, XIAO Chenglong, GUO Pengfei, JIN Haibo. Study on Pseudonym Signature Scheme of Trusted Third Party[J]. Journal of Frontiers of Computer Science and Technology, 2020, 14(8): 1327-1337.

参考文献

[1] Chaum D. Blind signatures for untraceable payments[C]//Pro-ceedings of the Advances in Cryptology Santa Barbara, Aug 23-25, 1982. New York: Plenum Press, 1983: 199-203.
[2] Abe M, Fujisaki E. How to date blind signatures[C]//LNCS 1163: Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Secu-rity, Kyongju, Nov 3-7, 1996. Berlin, Heidelberg: Springer, 1996: 244-251．
[3] Chow S S M, Hui L C K, Yiu S M, et al. Two improved parti-ally blind signature schemes from bilinear pairings[C]//LNCS 3574: Proceedings of the 10th Australasian Conference on Information Security and Privacy, Brisbane, Jul 4-6, 2005. Berlin, Heidelberg: Springer, 2005: 316-328.
[4] Tang P Z, Li X X, Zuo L M, et al. Efficient certificateless partially blind signature[J]. Computer Engineering and Design, 2013, 34(2): 439-446.汤鹏志, 李晓雄, 左黎明, 等. 高效安全无证书部分盲签名[J]. 计算机工程与设计, 2013, 34(2): 439-446.
[5] Liu E G, Zhou H J, Zuo L M, et al. New ID-based partially blind signature scheme without trusted private key generator[J]. Computer Applications and Software, 2016, 33(5): 285-288.刘二根, 周华静, 左黎明, 等. 新的基于身份无可信私钥生成中心的部分盲签名方案[J]. 计算机应用与软件, 2016,33(5): 285-288.
[6] Ye Q, Zhou J, Tang Y L, et al. Identity-based against quantum attacks partially blind signature scheme from lattice[J]. Netinfo Security, 2018, 3: 46-53.叶青, 周锦, 汤永利, 等. 格上基于身份的抗量子攻击的部分盲签名方案[J]. 信息网络安全, 2018(3): 46-53.
[7] Li M X, Li F, Wang T. Survey of partially blind signature[J]. Application Research of Computers, 2012, 29(12): 4437-4440.李明祥, 李峰, 王涛. 部分盲签名综述[J]. 计算机应用研究,2012, 29(12): 4437-4440.
[8] Chaum D. Showing credentials without identification trans-ferring signatures between unconditionally unlinkable pseu-donyms[C]//LNCS 453: Proceedings of the 1990 International Conference on Cryptology, Sydney, Jan 8-11, 1990. Berlin, Heidelberg: Springer, 1990: 245-264.
[9] Camenisch J, Lehmann A. Privacy for distributed databases via (un)linkable pseudonyms[J]. IACR Cryptology ePrint Archive, 2017, 2017: 22.
[10] Verheul E R. Privacy protection in electronic education based on polymorphic pseudonymization[J]. IACR Cryptology ePrint Archive, 2015.
[11] Gomaa I, Abd-Elrahman E, Saad E, et al. Virtual identity performance evaluations of anonymous authentication in IDaaS framework[J]. IEEE Access, 2019, 7: 34541-34554.
[12] Lysyanskaya A, Rivest R L, Sahai A, et al. Pseudonym systems[C]//LNCS 1758: Proceedings of the 6th Annual International Workshop on Selected Areas in Cryptography, Kingston, Aug 9-10, 1999. Berlin, Heidelberg: Springer, 1999: 184-199.
[13] Zhang Y. An efficient anonymous authentication protocol with pseudonym revocability[C]//Proceedings of the 5th International Joint Conference on INC, IMS and IDC, Seoul, Aug 25-27, 2009. Washington: IEEE Computer Society, 2009: 1929-1934.
[14] Xue K P, Hong P L, Ma C S. A lightweight dynamic pseu-donym identity based authentication and key agreement protocol without verification tables for multi-server architecture[J]. Journal of Computer and System Sciences, 2014, 80(1): 195-206.
[15] Lu L, Han J S, Liu Y H, et al. Pseudo trust: zero-knowledge authentication in anonymous P2Ps[J]. IEEE Transactions on Parallel and Distributed Systems, 2008, 19(10): 1325-1337.
[16] Zhang X B. Research on partial blind signature and its applica-tion in participatory perception[D]. Xi'an: Xi'an University of Electronic Science and Technology, 2017.张旭彬. 部分盲签名研究及其在参与式感知中的应用[D]. 西安: 西安电子科技大学, 2017.
[17] Bender J, Dagdelen Ö, Fischlin M, et al. Domain-specific pseudonymous signatures for the german identity card[C]//LNCS 7483: Proceedings of the 15th International Conference on Information Security, Passau, Sep 19-21, 2012. Berlin,Heidelberg: Springer, 2012: 104-119.
[18] Bringer J, Chabanne H, Patey A. Collusion-resistant domain-specific pseudonymous signatures[C]//LNCS 7873: Proceed-ings of the 7th International Conference on Network and System Security, Madrid, Jun 3-4, 2013. Berlin, Heidelberg:Springer, 2013: 649-655.
[19] Bringer J, Chabanne H, Lescuyer R, et al. Efficient and strongly secure dynamic domain-specific pseudonymous signa-tures for ID documents[C]//LNCS 8437: Proceedings of the 18th International Conference on Financial Cryptography and Data Security, Christ Church, Mar 3-7, 2014. Berlin, Heidel-berg: Springer, 2014: 255-272.
[20] Kuty?owski M, Hanzlik L, Kluczniak K. Towards practical security of pseudonymous signature on the BSI eIDAS token[R/OL]. [2019-04-25]. https://eprint.iacr.org/2018/1148.