无随机预言的完全匿名多服务订购系统  被引量：1

作　　者：柳欣[1,2] 雷文庆[2,3] 

机构地区：[1]山东青年政治学院信息工程学院,济南250014 [2]山东省高校信息安全与智能控制重点实验室(山东青年政治学院),济南250103 [3]山东青年政治学院继续教育学院,济南250014

出　　处：《计算机应用》2013年第2期417-422,429,共7页journal of Computer Applications

基　　金：山东省高等学校科技计划项目(J11LG29)

摘　　要：最近,Canard等(CANARD S,JAMBERT A.Untraceability and profiling are not mutually exclusive[C]//TrustBus 2010:Proceedings of the 7th International Conference on Trust,Privacy and Security in Digital Business,LNCS6264.Berlin:Springer-Verlag,2010:117-128)提出了多服务订购的概念以及几个实例化的系统。然而,这些系统仅满足较弱的可撤销的匿名性且不适合于"按次付费"的服务。为此,通过对Canard等的系统进行扩展而提出一个改进的多服务订购系统。新系统利用Liu等(LIU J K,AU M H,SUSILO W,et al.Enhancing location privacy for electricvehicles(at the right time)[EB/OL].[2012-08-01].http://eprint.iacr.org/2012/342)的匿名支付技术实现了对"按次付费"的支持,利用Peng-Bao小区间证明技术实现了对"账户余额足以为当前服务付费"的零知识证明。此外,通过将Cramer等的技术应用于底层∑协议,实现了新系统的构造过程所需的完全零知识的知识证明协议。相对于已有的典型系统,新系统的优势体现在安全性方面:首先,在标准模型下满足可证安全;其次,实现了3个关键性质的最强安全等级,即支付令牌的不可分割性、用户的匿名性和底层证明系统的零知识性。Lately, Canard et al. （CANARD S, JAMBERT A. Untraceability and profiling are not mutually exclusive [ C] // TrustBus 2010： Proceedings of the 7th International Conference on Trust, Privacy and Security in Digital Business, LNCS 6264. Bedim Springer-Verlag, 2010：117 - 128） introduced the notion of multi-service subscription and proposed several instantiations. Unfortunately, their systems only satisfied a weaker variant of anonymity called revocable-anonymity and they were not fit for ＂pay-per-use＂ services. To this end, a revised multi-service subscription system was put forward to extending Canard et al＇s system. The new system achieved pay-per-use subscriptions by incorporating the anonymous payment system raised by Liu et al. （LIU J K, AU M H, SUSILO W, et al. Enhancing location privacy for electric vehicles （at the fight time） [ EB/OL]. [ 2012 -08 -01]. http：//eprint, iacr. org/2012/342）. To allow users to prove in zero-knowledge that their account balance is enough for making a payment for the required access, it also utilized the Peng-Bao range proof for small ranges. Furthermore, it was constructed on several 4-round perfect zero-knowledge proofs of knowledge, which were obtained by applying a technique by Cramer et al. to the underlying Sigma-protocols. Compared with typical systems in the literature, the new solution gains advantages in terms of security. Concretely, it can be proved secure in the standard model. Moreover, it matches the strongest level of three crucial security notions, such as inseparability for spendable tokens, anonymity for users, and zero-knowledge for underlying proof systems.

关 键 词：电子商务 增强隐私保护的机制 匿名访问 知识证明 标准模型 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]