计算机科学

计算机科学 ›› 2024, Vol. 51 ›› Issue (11A): 240200079-7.doi: 10.11896/jsjkx.240200079

• 信息安全 • 上一篇    下一篇

基于多级承诺协议的联盟链身份认证方案研究

孙敏, 李新宇, 张鑫   

  1. 山西大学计算机与信息技术学院 太原 030006
  • 出版日期:2024-11-16 发布日期:2024-11-13
  • 通讯作者: 孙敏(minsun@sxu.edu.cn)
  • 基金资助:
    山西省基础研究计划项目(20210302123455,201701D121052)

Study on Identity Authentication Scheme of Alliance Chain Based on Multi-level Commitment Protocol

SUN Min, LI Xinyu, ZHANG Xin   

  1. School of Computer and Information Technology,Shanxi University,Taiyuan 030006,China
  • Online:2024-11-16 Published:2024-11-13
  • About author:SUN Min,born in 1966,master,professor.Her main research interests include blockchain and cryptography.
  • Supported by:
    This work was supported by Shanxi Province Basic Research Program,China(20210302123455,201701D121052).

PDF (PC)

166

摘要: 针对现有方案在差异化隐私保护场景下仅支持粗粒度的属性保护策略,提出了一种基于多级承诺协议的身份认证隐私保护方案(Iascb-Mcp),旨在允许用户根据需求选择性地公开或保密其属性信息,以满足不同隐私场景下的保护需求。该方案通过多级承诺结构实现对用户属性的保护。首先,每个用户属性被分配一个隐私等级,根据隐私等级设计了相应的承诺协议。其次,根据不同隐私级别的用户属性采用不同的身份验证方式,利用零知识证明确保在用户高隐私级别属性不暴露的情况下仍能进行有效身份认证。最后,利用Iascb-Mcp方案构建了一个基于联盟链身份验证的系统,解决了链下用户属性的隐私验证以及链上不同群组之间交易的安全性问题。安全分析与实验结果表明,在身份认证过程中其他用户无法获取证明者的高隐私级别属性;与群签名方案相比,Iascb-Mcp的验证时间降至1~3 s;与双环签名方案相比,新生成的证明文件大小是原文件大小的1/10左右。

关键词: 区块链, 零知识证明, 承诺协议, 身份验证, 隐私保护

Abstract: As existing schemes only support coarse-grained attribute protection policies in differentiated privacy protection scenarios,an identity authentication privacy protection scheme based on multi-level commitment protocol(Iascb-Mcp) is proposed in this paper,which aims to allow users to selectively disclose or keep secret their attribute information according to requirements,so as to meet the protection requirements in different privacy scenarios.The scheme realizes the protection of user attributes through multi-level commitment structure.First,each user attribute is assigned a privacy level,and the corresponding commitment protocol is designed according to the privacy level.Secondly,different authentication methods are adopted according to the user attributes of different privacy levels,and zero-knowledge proof is used to ensure that the user's high privacy attributes can still be effectively authenticated without being exposed.Finally,the Iascb-Mcp scheme is used to construct a system based on al-liance chain authentication,which solves the privacy authentication of off-chain user attributes and the security of transactions between different groups on the chain.The results of security analysis and experiment show that other users cannot obtain the high privacy attribute of the prover in the authentication process.Compared with the group signature scheme,the authentication time of Iascb-Mcp is reduced to 1s to 3 s.Compared with the two-ring signature scheme,the newly generated proof file is about one-tenth of the size of the original file.

Key words: Blockchain, Zero-knowledge proof, Commitment agreement, Identity authentication, Privacy protection

中图分类号: 

  • TP309
[1]LIU Y H,ZHANG J B,MUHAMMD S P,et al.Research onidentity authentication system of Internet of Things based on blockchain technology[J].Journal of King Saud University - Computer and Information Sciences,2022,34(10,Part B):10365-10377.
[2]HUANG H,ZHU P,XIAO F,et al.A blockchain-based scheme for privacy-preserving and secure sharing of medical data[J].Computers & Security,2020,99:102010.
[3]YANG X,LI W.A zero-knowledge-proof-based digital identitymanagement scheme in blockchain[J].Computers & Security,2020,99:102050.
[4]LI W,MEESE C,GUO H,et al.Blockchain-Enabled IdentityVerification for Safe Ridesharing Leveraging Zero-Knowledge Proof[C]//2020 3rd International Conference on Hot Information-Centric Networking(HotICN).2020:18-24.
[5]LIU Y,ZHOU Y,ZHANG R,et al.(Full) Leakage resilience of Fiat-Shamir signatures over lattices[J].Frontiers of Computer Science,2022,16(5):165819.
[6]WU N,XU L,ZHU L.A blockchain based access controlscheme with hidden policy and attribute[J].Future Generation Computer Systems,2023,141:186-196.
[7]CHEN B,LI X,XIANG T,et al.SBRAC:Blockchain-basedsealed-bid auction with bidding price privacy and public verifiability[J].Journal of Information Security and Applications,2022,65:103082.
[8]ŞAHIN M S,AKLEYLEK S.A constant-size lattice-based partially-dynamic group signature scheme in quantum random oracle model[J].Journal of King Saud University-Computer and Information Sciences,2022,34(10,Part B):9852-9866.
[9]FENG M,LIN C,WU W,et al.SM2-DualRing:Efficient SM2-based ring signature schemes with logarithmic size[J].Compu-ter Standards & Interfaces,2024,87:103763.
[10]SANKA A I,CHEUNG R C C.A systematic review of blockchain scalability:Issues,solutions,analysis and future research[J].Journal of Network and Computer Applications,2021,195:103232.
[11]KUMARI P L S,DEVI C H S,THIVAHARAN S,et al.A resilient group session key authentication methodology for secured peer to peer networks using zero knowledge protocol[J].Optik,2023,273:170345.
[12]CASTELLON C,ROY S,KREIDL P,et al.Energy EfficientMerkle Trees for Blockchains[C]// IEEE The 20th International Conference on Trust,Security and Privacy in Computing and Communications(TRUSTCOM 2021).Los Alamitos:IEEE Computer Soc,2021:1093-1099.
[13]HAQ I,WANG J,ZHU Y,et al.A survey of authenticated key agreement protocols for multi-server architecture[J].Journal of Information Security and Applications,2020,55:102639.
[14]TAN P L,WANG R S,ZENG W H,et al.Overview of blockchain consensus algorithms [J].Computer Science,2023,50(S1):691-702.
[15]FIAT A,SHAMIR A.How To Prove Yourself:Practical Solutions to Identification and Signature Problems[M]//ODLYZKO A M.Advances in Cryptology-CRYPTO' 86:Vol.263.Berlin,Heidelberg:Springer Berlin Heidelberg,2006:186-194.
[16]LIPMAA H,SIIM J,ZAJAC M.Counting Vampires:From Univariate Sumcheck to Updatable ZK-SNARK[C]//Advances in Cryptology-ASIACRYPT 2022.Cham:Springer International Publishing Ag,2022:249-278.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发