基于TEE和SE的移动平台双离线匿名支付方案  被引量：1

作　　者：杨波 冯伟[3] 秦宇[3] 张彦超 佟冬 YANG Bo;FENG Wei;QIN Yu;ZHANG Yan-Chao;TONG Dong(National FinTech Evaluation Center,Beijing 100041,China;Research and Development Center,Bank Card Test Center,Beijing 100041,China;Trusted Computing and Information Assurance Laboratory,Institute of Software,Chinese Academy of Sciences,Beijing 100190,China)

机构地区：[1]国家金融科技测评中心,北京100041 [2]银行卡检测中心研发中心,北京100041 [3]中国科学院软件研究所可信计算与信息保障实验室,北京100190

出　　处：《软件学报》2024年第8期3553-3576,共24页Journal of Software

基　　金：国家重点研发计划(2022YFB4501500,2022YFB4501501)。

摘　　要：近年来,中央银行数字货币(CBDC)受到全球多个国家和地区的高度关注.双离线交易作为CBDC的可选属性,在无网络连接的情况下进行支付,被认为具有较大的实用价值.面向CBDC的双离线匿名支付场景,基于可信执行环境(TEE)和安全单元(SE)技术,提出了一种专为移动平台设计的高效双离线匿名支付方案(dual offline anonymous E-payment for mobile devices,OAPM).OAPM适用于资源受限的移动设备,允许移动付款者在不联网状态下安全地向收款者支付数字货币,且不向收款者及商业银行泄露个人隐私信息,付款者的支付行为也不会被链接,同时允许收款者设备处于离线状态,监管机构(如中央银行)在必要情况下能够识别匿名付款者的真实身份.该方案满足数字货币交易的多项重要属性,包括正确性、不可链接性、可追踪性、不可陷害性、机密性、真实性、防双花性以及可控匿名性等.实现了原型系统,并对可能的参数进行了评估.安全性分析和实验结果表明,该方案从安全性和效率两方面均能满足移动用户CBDC双离线交易的实际需求.In recent years,many major economies have paid close attention to central bank digital currency(CBDC).As an optional attribute of CBDC,dual offline transaction is considered to have great practical value under the circumstances for payment without network connection.This study proposes OAPM for CBDC,a dual offline anonymous e-payment scheme for mobile devices user as either a payer or a payee based on trusted execution environment(TEE)and secure element(SE).OAPM is suitable for mobile devices with limited resources.It allows payer to safely pay digital currency to payees without networking,without disclosing personal privacy information to payees and commercial banks,and without linking the payment behaviors of payers.Meanwhile,it allows payees’devices to be offline.Regulators,such as central banks,can identify anonymous payers if necessary.The scheme satisfies a number of important attributes of digital currency transactions,including correctness,unlinkability,traceability,non-frame-up,confidentiality,authenticity,anti-double-cross,controllable anonymity,etc.Finally,the prototype system is implemented and the possible parameters are tested.Security analysis and experimental results show that the scheme can meet the actual needs of CBDC offline transaction of mobile users from both security and efficiency.

关 键 词：央行数字货币(CBDC) 双离线支付 可信执行环境(TEE) 安全单元(SE) 移动设备 安全架构 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论] TP309[自动化与计算机技术—计算机科学与技术]