基于属性访问策略的批量零知识身份认证方案  被引量：2

作　　者：周雨卫 薛庆水 孙晨曦 马海峰 鞠兴忠 崔墨香 Zhou Yuwei;Xue Qingshui;Sun Chenxi;Ma Haifeng;Ju Xingzhong;Cui Moxiang(School of Computer Science&Information Engineering,Shanghai Institute of Technology,Shanghai 201418,China)

机构地区：[1]上海应用技术大学计算机科学与信息工程学院,上海201418

出　　处：《计算机应用研究》2023年第8期2487-2492,共6页Application Research of Computers

基　　金：国家自然科学基金资助项目(61672350,61170227);教育部基金资助项目(39120K178038,14YJA880033);国家社会科学基金资助项目(16BGL003);上海市社科规划项目(2022BGL003);中国教育技术协会重点项目(XJJ202205016);上海市远距离高等教育协会高等继续教育规划项目(YJLKT-20020011)。

摘　　要：隐私保护技术主要有属性基加密、同态加密、多方安全计算等。针对属性基加密的访问控制中双线性映射耗时问题、同态加密难以非公开地验证明文计算的结果问题以及多方安全计算需要可信第三方等问题,提出了一种基于属性访问策略的批量零知识身份认证方案。该方案是基于Aurora协议提出的,具有良好的抗量子攻击计算潜力;所提方案引入合成证明者,其作用是将各个用户生成的证明合成一个证明以减轻证明者和验证者计算开销,且设计了找出未通过认证用户的查找算法。最后对所提方案进行了安全分析、可行性分析并与其他方案进行了对比分析。经过分析该方案中验证者的时间复杂度可维持在O(n)。Privacy protection technologies mainly include attribute-based encryption,homomorphic encryption,multi-party security computing,etc.Among them,in the access control of attribute-based encryption,bilinear mapping is time-consuming,homomorphic encryption is difficult to verify the results of plaintext computation in a non-public way,and multi-party security computation requires a trusted third party.To solve these problems,this paper proposed a batch zero-knowledge identity authentication scheme based on attribute access strategy.This scheme was based on the Aurora protocol and had good computing potential against quantum attacks.The proposed scheme introduced a synthetic prover,which synthesized the proof generated by each user to a proof,to reduce the computational cost of the prover and the verifier,and designed a search algorithm to find out unauthenticated users.Finally,this paper carried out safety analysis,feasibility analysis,and comparative analysis with other schemes.After analysis,the verification time complexity of this scheme can be maintained in O(n).

关 键 词：抗量子密码 属性访问策略 零知识证明 身份认证 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]