摘要
当前,已有的可授权电子现金系统通信效率不高,同时其公平交换子协议要求使用低效的cutand-choose证明技术且集中式的可信第三方(trusted third party,TTP)容易遭受拒绝服务攻击.此外,多个相关的公平支付系统或者要求使用cut-and-choose证明技术,或者使用了具有安全性缺陷的可验证加密技术.利用基于属性的自盲化证书系统构造了一个具有属性的直接匿名证明(direct anonymous attestation with attributes,DAA-A)方案,然后基于该方案构造了满足更强可开脱性的可授权电子现金系统.为了提高用户端在支付过程中的运算效率,使用了Arfaoui等人的集合关系证明协议,同时利用预计算技术对用户的知识签名进行了效率优化.为了避免执行低效的cut-and-choose证明,设计了一个支持分布式TTP的乐观公平交换子协议.通过与Golle-Mironov模型相结合,新系统可以应用于外包计算领域.与已有同类系统相比,新系统同时满足允许多次支付、无需使用cut-and-choose技术和用户无状态性等多个理想性质.此外,新系统的公平交换子协议引入了分布式TTP,即考虑了拒绝服务攻击的风险.
At present, the existing endorsed e-cash system has a low communication efficiency, and its fair exchange protocol employs inefficient cut-and-choose proofs. In addition, the centralized TTP (trusted third party) is vulnerable to denial-〇f-service attacks. So far, several related fair payment systems have been proposed. Unfortunately, some of them use cut-and-choose proofs? and the othersadopt verifiable encryption schemes with security flaw. Inspired by the idea of self-blindable attributebasedcredentials, a concrete DAA-A ( direct anonymous attestation with attributes) scheme isconstructed. Based on the new DAA-A scheme? an improved endorsed e-cash system is proposed,which achieves a high level of exculpability. In order to improve users5 computational efficiency in thespending process, the set-membership proof by Arfaoui et al,s is adopted, and the efficiency of user’ssignature of knowledge is also optimized with the technique of pre-computation. In order to bypass theexpensive cut-and-choose proof, a new optimistic fair exchange sub-protocol supporting distributedTTPs is provided. Furthermore, if combined with the Golle-Mironov model, the new system alsosuits for the environment of outsourcing computing. Compared with the previous similar ones, thenew system meets several desirable properties simultaneously? i. e. ? it supports multiple payments?and does not depend on cut-and-choose proofs and allows users to be stateless, etc. What^s more, the fair exchange protocol of the new system considers the risk of denial-〇f-service attacks.
作者
柳欣
张波
Liu Xin;Zhang Bo
出处
《计算机研究与发展》
EI
CSCD
北大核心
2016年第10期2412-2429,共18页
Journal of Computer Research and Development
基金
山东省自然科学基金项目(ZR2015FL023
ZR2014FL011)
山东省高等学校科技计划项目(J14LN61)
山东青年政治学院博士科研启动经费资助项目(14A007)~~
