| 摘要: |
| 随着网络技术的普及,个人隐私和信息安全的保护已成为全球关注的问题。群签名技术允许群组中的成员在保持签名者匿名的同时,代表整个群组进行签名,并在必要时能够追踪签名者的身份。因此,该技术在电子投票和匿名认证等领域具有广泛的应用。然而,现有的群签名方案在成员属性的动态管理、安全性以及抵抗拥有无限计算能力的攻击者方面存在局限性。为了解决这些问题,本文提出了一种基于属性的失败停止群签名方案。方案通过Groth-Sahai证明系统和可验证加密技术在标准模型下实现了CCA(Chosen Ciphertext Attack)匿名性,确保即使在强大对手的存在下也能提供高水平的安全性。方案还引入了失败停止签名技术,进一步增强了安全性,通过检测和停止未经授权的操作,防止潜在的漏洞和系统滥用。方案支持成员属性的动态管理和撤销,允许管理员根据需要高效地更新和撤销成员凭证,从而保证群签名系统的长期安全。此外,群组中允许管理员追踪签名属性集,确保只有授权的属性用于签名过程。方案还使群组成员能够提供证据,证明在遭受攻击时应停止该方案以防止敌手的进一步的恶意行动。本文还提出了一个简化方案,该方案仅提供CPA(Chosen Plaintext Attack)匿名性,但保留了原方案的核心功能,提供了安全性和效率之间的平衡,适用于计算资源有限的设备。最后,通过与类似方案的比较分析,展示了本文方案在安全性和功能性方面的优势。本文所提出的方案不仅增强了对拥有无限计算能力的对手的安全性,还具有动态管理成员属性的功能,使其在需要兼顾安全性和效率的实际应用场景中具有可行性。 |
| 关键词: 属性基群签名 失败停止签名 Groth-Sahai证明系统 标准模型 CCA匿名性 动态聚合器 |
| DOI: |
| 投稿时间:2024-05-23修订日期:2024-07-18 |
| 基金项目:福建省社会科学规划项目(FJ2024B088)、福建省高校以马克思主义为指导的哲学社会科学学科基础理论研究项目(FJ2024MGCA028) |
|
| Fail-Stop Attribute-Based Group Signature Scheme with CCA Anonymity in Standard Model |
|
liaodongxu, chengxiaogang
|
| (College of Computer Science and Technology, Huaqiao University) |
| Abstract: |
| Due to the proliferation of network technology, the protection of personal privacy and information security has become a global concern. Group signature technology allows a member of a group to sign on behalf of the entire group while main-taining the anonymity of the signer, enabling the traceability of the signer's identity when necessary. Therefore, it has a wide range of applications in fields such as electronic voting and anonymous authentication. However, existing group signature schemes have limitations in terms of dynamic management of member attributes, security, and resistance to attackers with unlimited computational power. To solve these problems, this paper proposes a fail-stop attribute-based group signature scheme. The scheme achieves CCA (Chosen Ciphertext Attack) anonymity under the standard model through the Groth-Sahai proof system and verifiable encryption technology, ensuring that it can provide a high level of security even in the presence of powerful adversaries. It also introduces the fail-stop signature to further enhance security by enabling the detection and halting of unauthorized actions, thus preventing potential breaches and misuse of the sys-tem. The scheme supports dynamic management and revocation of member attributes, allowing administrators to effi-ciently update and revoke member credentials as needed, ensuring the security of the group signature system over time. Additionally, it allows administrators to trace the signature attribute set, ensuring that only authorized attributes are used in the signing process. The scheme also enables group members to provide evidence that the scheme should be stopped in the event of an attack to prevent further malicious actions by the adversary. This paper also proposes a simplified scheme that only provides CPA (Chosen Plaintext Attack) anonymity while retaining the core functionality of the original scheme, offering a balance between security and efficiency, making it suitable for applications with limited computational re-sources. Finally, the advantages of this paper's scheme in terms of security and functionality are demonstrated through comparative analysis with similar schemes. The proposed scheme not only enhances the security against opponents with unlimited computing power, but also has the function of dynamically managing member attributes, making it feasible in practical application scenarios that require both security and efficiency. |
| Key words: attribute-based group signatures fail-stop signatures Groth-Sahai proof system standard model CCA-anonymity dy-namic accumulators |
