基于DAA的轻量级多商家多重息票系统

doi:10.11959/j.issn.1000-436x.2016175

Abstract

Abstract:

A multi-coupon system for multi-merchant environments was proposed by extending the DAA (direct anonymous attestation) scheme of Brickell etc.The new system bound the key elements in multi-coupon with the tamper-resistant TPM（trusted platform module）chip,so that it could prevent users from sharing behavior more effectively.By using the server-aided signature verification of Chow etc,the self-blindable credential technique of Yang etc,and range proof of Peng etc,the new system does not require customers to perform expensive pairing operations in the issue protocol and the redeem protocol.Compared with previous similar systems,the new system simultaneously satisfies several ideal properties and it is compatible with the mobile payment framework on the ARM TrustZone platform.Moreover,it has obvious advantages in aspects of communication and computation costs.

Key words: multi-coupon, direct anonymous attestation, server-aided signature verification, range proof, unsplittability

Xin LIU,Qiu-liang XU,Bo ZHANG. Lightweight multi-coupon system for multi-merchant environments with DAA[J]. Journal on Communications, 2016, 37(9): 30-45.

Figures/Tables 4

安全性质实验	Adv充当的角色	B充当的角色
不可伪造性（模式1）	$\bar{U}, \bar{\bar{U}} (h o s t)$	$I, V, \bar{\bar{U}} (T P M)$
不可伪造性（模式2）	$\bar{V}$	,IU
无关联性	$\bar{V}, \bar{I}, \bar{U}$	U
可声明性	$\bar{V}, \bar{I}, \bar{U}$	V
不可分割性	$\bar{U}, \bar{\bar{U}} (h o s t)$	$I, V, \bar{\bar{U}} (T P M)$

References 31

[1]	CHANG C C , SUN C Y . A secure and efficient authentication scheme for e-coupon systems[J]. Wireless Personal Communications, 2014,77(4): 2981-2996.
[2]	HSUEH S C , CHEN J M . Sharing secure m-coupons for peer-generated targeting via eWOM communications[J]. Electronic Commerce Research and Applications, 2010,9(4): 283-293.
[3]	CHEN L , ENZMANN M , SADEGHI A R ,et al. A privacy-protecting coupon system[C]// The 9th International Conference on Financial Cryptography and Data Security. Roseau, 2005: 93-108.
[4]	NGUYEN L , . Privacy-protecting coupon system revisited[C]// The 10th International Conference on Financial Cryptography and Data Security. Anguilla,British West Indies, 2006: 266-280.
[5]	CHEN L , ESCALANTE A,L?HR H , et al . A privacy-protecting multi-coupon scheme with stronger protection against splitting[C]// The 11th International Conference on Financial Cryptography and Data Security. Scarborough,Trinidad and Tobago, 2008: 29-44.
[6]	L?HR H . Privacy-preserving protocols and applications for trusted platforms[D]. Bochum:Ruhr-Universit, 2012.
[7]	柳欣, 徐秋亮 . 实用的强不可分割多重息票方案[J]. 计算机研究与发展, 2012,49(12): 2575-2590. LIU X , XU Q L . Practical multi-coupon systems with strong unsplittability[J]. Journal of Computer Research and Development, 2012,49(12): 2575-2590.
[8]	柳欣, 徐秋亮 . 并发安全的紧凑多重息票方案[J]. 电子学报, 2012,40(5): 877-882. LIU X , XU Q L . Compact multi-coupon systems with concurrent security[J]. Acta Electronica Sinica, 2012,40(5): 877-882.
[9]	HINAREJOS M F, , ISERN-DEYà A P , FERRER-GOMILA J L ,et al. MC-2D:an efficient and scalable multicoupon scheme[J]. The Computer Journal, 2015,58(4): 758-778.
[10]	WANG W J , FENG D G , QIN Y ,et al. ExBLACR:extending BLACRsystem[C]// The 19th Australasian Conference on Information Security and Privacy. Wollongong,NSW,Australia, 2014: 397-412.
[11]	XI L , FENG D G . FARB:fast anonymous reputation-based blacklisting without TTPs[C]// The 13th Workshop on Privacy in the Electronic Society. Scottsdale,Arizona,USA, 2014: 139-148.
[12]	CANARD S , GOUGET A , HUFSCHMITT E . A handy multi-coupon system[C]// The 4th International Conference Applied Cryptography and Network Security. Singapore, 2006: 66-81.
[13]	ISERNS-DEYà A P , HUGUET-ROTGER L PAYERAS-CAPELLà M M ,et al. On the practicability of using group signatures on mobile devices:implementation and performance analysis on the android platform[J]. International Journal of Information Security, 2014,(8): 1-11.
[14]	CHOW S S M , AU M H , SUSILO W . Server-aided signatures verification secure against collusion attack[J]. Information Security Technical Report, 2013,17(3): 46-57.
[15]	CANARD S , DEVIGNE J , SANDERS O . Delegating a pairing can be both secure and efficient[C]// The 12th International Conference on Applied Cryptography and Network Security. Lausanne,Switzerland, 2014: 549-565.
[16]	BRICKELL E , LI J T . A pairing-based DAA scheme further reducing TPM resources[C]// The 3rd International Conference on Trust and Trustworthy Computing. Berlin,Germany, 2010: 181-195.
[17]	杨波, 冯登国, 秦宇 ,等. 基于可信移动平台的直接匿名证明方案研究[J]. 计算机研究与发展, 2014,51(7): 1436-1445. YANG B , FENG D G , QIN Y ,et al. Research on direct anonymous attestation scheme on trusted mobile platform[J]. Journal of Computer Research and Development, 2014,51(7): 1436-1445.
[18]	CESENA E,L?HR H , RAMUNNO G , et al . Anonymous authentication with TLS and DAA[C]// The 3rd International Conference on Trust and Trustworthy Computing. Berlin,Germany, 2010: 47-62.
[19]	CHEN L , . A DAA scheme requiring less TPM resources[C]// The 5th International Conference on Information Security and Cryptology. Beijing,China, 2010: 350-365.
[20]	张倩颖, 冯登国, 赵世军 . 基于可信芯片的平台身份证明方案研究[J]. 通信学报, 2014,35(8): 95-106. ZHANG Q Y , FENG D G , ZHAO S J . Research of platform identity attestation based on trusted chip[J]. Journal on Communications, 2014,35(8): 95-106.
[21]	BALDIMTSI F , LYSYANSKAYA A . Anonymous credentials light[C]// 2013 ACM SIGSAC conference on Computer & Communications Security. Berlin,Germany, 2013: 1087-1098.
[22]	PIRKER M , SLAMANIG D . A framework for privacy-preserving mobile payment on security enhanced arm trustzone platforms[C]// Proceedings in 2012 IEEE 11th International Conference on Trust,Security and Privacy in Computing and Communications. Liverpool,UK, 2012: 1155-1160.
[23]	AU M H , SUSILO W , MU Y ,et al. Constant-size dynamic k-times anonymous authentication[J]. IEEE Systems Journal, 2013,7(2): 249-261.
[24]	YANG Y , DING X , LU H ,et al. Self-blindable credential:towardslightweight anonymous entity authentication[EB/OL]. .
[25]	PENG K , YI L . Studying a range proof technique-exception and optimization[C]// The 6th International Conference on Cryptology in Africa. Cairo,Egypt, 2013: 328-341.
[26]	DODIS Y , YAMPOLSKIY A . A verifiable random function with short proofs and keys[C]// The 8th International Workshop on Theory and Practice in Public Key Cryptography. Les Diablerets,Switzerland, 2005: 416-431
[27]	SCOTT M . Unbalancing pairing-based key exchange protocols[EB/OL]. .
[28]	AU M H , SUSILO W , YIU S M . Event-oriented k-times revocable-iff-linked group signatures[C]// The 11th Australasian Conference on Information Security and Privacy. Melbourne,Australia, 2006: 223-234.
[29]	PENG K , . A general,flexible and efficient proof of inclusion and exclusion[C]// Cryptographers’ Track at the RSA Conference 2011. San Francisco,CA,USA, 2011: 33-48.
[30]	CAMENISCH J , LYSYANSKAYA A . A signature scheme with efficient protocols[C]// The 3rd International Conference on Security in Communication Networks. Amalfi,Italy, 2002: 268-289.
[31]	PENG K , BOYD C , DAWSON E . Batch zero knowledge proof and verification and its applications[J]. ACM Transactions on Information and System Security, 2007,10(2): 1-28.

Metrics

Recommended 0

No Suggested Reading articles found!

已有系统	发布协议复杂度	是否支持兑换不同类型服务	是否允许用户指定兑换次数	是否支持多商家环境	不可分割性质等级	不可分割性实现机制	匿名性等级
文献[3]	O(1)	否	否	否	弱	软件	强
文献[4]	O(1)	否	否	否	弱	软件	强
文献[5]	O(k)	否	是	否	强	软件	强
文献[6]	O(k)	否	是	是	强	软件	强
文献[7]方案1	O(1)	否	是	否	强	软件	强
文献[7]方案2	O(1)	是	是	否	强	软件	强
文献[8]方案1	O(1)	否	是	否	强	软件	强
文献[8]方案2	O(1)	否	是	否	强	软件	强
文献[9]	O(1)	是	是	是	弱	软件	弱
文献[12]	O(1)	是	是	否	—	—	强
本文	O(1)	是	是	是	最强	硬件	强

方案		发布协议			兑换协议
方案	用户		商家/发布者	用户		商家
文献[3]	26 528		2 528	1 343 424		0
文献[4]	651		491	3 790		0
文献[5]	166 400		129 088	25 888		2 528
文献[6]	161 408		137 088	32 864		2 528
文献[7]方案1	13 750		982	14 510		0
文献[7]方案2	15 190		982	8 413		0
文献[8]方案1	1 793		822	16 683		0
文献[8]方案2	17 418		7 003	174 109		5 464
文献[9]	18 848		3 072	29 794		160
本文	982		491	11 326		320

方案			兑换协议
方案	用户	商家/发布者	用户	商家
文献[3]	30Exp(G₁ )	30Exp(G₁ )	1 010Exp(G₁ )	500Exp(G₁ )
文献[4]	P+22Exp(G₁ )	3Exp(G₁ )	2P+48Exp(G₁ )	4P+34Exp(G₁ )
文献[5]	1520Exp(G₁ )	1520Exp(G₁ )	130Exp(G₁ )	120Exp(G₁ )
文献[6]	1 040Exp(G₁ )	550Exp(G₁ )	160Exp(G₁ )	140Exp(G₁ )
文献[7]方案1	2P+96Exp(G₁ )	50Exp(G₁ )	6P+19Exp(G₁ )	4P+21Exp(G₁ )
文献[7]方案2	2P+96Exp(G₁ )	48Exp(G₁ )	2P+42Exp(G₁ )	2P+31Exp(G₁ )
文献[8]方案1	16P+5Exp(G₁ )	13Exp(G₁ )	63Exp(G₁ )	16P+36Exp(G₁ )
文献[8]方案2	16P+127Exp(G₁ )	144Exp(G₁ )	956Exp(G₁ )	17P+847Exp(G₁ )
文献[9]	—	10Exp(G₁ )	2P+34Exp(G₁ )	2P+48Exp(G₁ )
本文	2Exp(G₁ )*	4Exp(G ₁)	2Exp(G₁ )*	2P+33Exp(G ₁)
本文	53Exp(G₁ )**	4Exp(G ₁)	51Exp(G₁ )**	2P+33Exp(G ₁)

Lightweight multi-coupon system for multi-merchant environments with DAA

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 4

References 31

Related Articles 2

Metrics

Recommended 0

[1]	Xin LIU,Qiuliang XU,Bin ZHANG,Bo ZHANG. k-times attribute-based authentication scheme using direct anonymous attestation [J]. Journal on Communications, 2018, 39(12): 113-133.
[2]	Hong-hu ZHEN,Yue CHEN,Peng-xu TAN,Yuan-bo GUO. Asymmetric bilinear pairing based direct anonymous attestation scheme [J]. Journal on Communications, 2010, 31(8A): 37-43.