电子学报 ›› 2020, Vol. 48 ›› Issue (8): 1516-1527.DOI: 10.3969/j.issn.0372-2112.2020.08.009

• 学术论文 • 上一篇    下一篇

标准模型下基于身份的混淆乐观公平交换方案

戚珉, 陈明   

  1. 宜春学院数学与计算机科学学院, 江西宜春 336000
  • 收稿日期:2018-09-28 修回日期:2020-05-08 出版日期:2020-08-25 发布日期:2020-08-25
  • 通讯作者: 陈明
  • 作者简介:戚 珉 男. 1975年11月出生,江西樟树人.2000年获南方冶金学院工学学士学位,2010年获南昌大学软件工程硕士学位.现为宜春学院副教授,主要从事计算机通信、信息安全等方面的研究工作. E-mail:qm406@qq.com
  • 基金资助:
    国家自然科学基金(No.61662083);江西省教育厅科学技术研究项目(No.GJJ151037)

ID-Based Ambiguous Optimistic Fair Exchange in the Standard Model

QI Min, CHEN Ming   

  1. School of Mathematics and Computer Science, Yichun University, Yichun, Jiangxi 336000, China
  • Received:2018-09-28 Revised:2020-05-08 Online:2020-08-25 Published:2020-08-25

摘要: 为防止签名验证者利用部分签名取得不公平的优势,Huang等人提出混淆乐观公平交换(Ambiguous Optimistic Fair Exchange,AOFE)方案及其一般构造方法,但是其构造方法没有考虑真实的用户环境.在基于IBC(Identity-Based Cryptography)的用户环境下,文章提出基于身份的混淆乐观公平交换(ID-AOFE)方案构造方法、方案实例、及其选择身份安全模型.提出的ID-AOFE构造方法对Huang等人的AOFE方案进行了简化,采用具有信息提取功能的证据不可区分证明算法替换原方案模型中的基于标签加解密和零知识证明算法.ID-AOFE安全模型以Huang等人的AOFE安全模型为基础,融合了选择身份安全模型,并对ID-AOFE方案的安全性进行了归纳和重新定义.在选择身份安全模型下,提出的ID-AOFE方案实例的公平性被规约到经典密码原语的安全性.此外,文章探讨了ID-AOFE方案的消息交互模型,就争端解决的方案和过程进行了重点分析.

关键词: 乐观公平交换, 签名交换, 基于身份密码学, 非交互的证据不可区分证明, 公平性, 签名者的混淆, 标准模型

Abstract: A generic ambiguous optimistic fair exchange(AOFE)scheme,a variant of OFE,is proposed by Huang et al.The AOFE scheme prevents signature verifiers from convincing anybody about the authorship of a partial signature generated by the signer.However,the AOFE scheme cannot be directly applied to an actual user environment.A generic AOFE scheme and an instantiation of the generic construction in an identity-based user environment were proposed in this paper.In the generic construction of identity-based AOFE(ID-AOFE),the tag-based encryption and zero-knowledge proof algorithms in Huang et al.'s AOFE was removed and the non-interactive witness indistinguishable proof algorithms extracting the hided witness via keys was employed.Furthermore,we summarized and redefined the security of the ID-AOFE scheme.Then,an ID-AOFE security model was defined based on the Huang et al.'s AOFE security model and the selective identity security model.Under the selective identity security model of ID-AOFE,the fairness of our scheme is reduced to the securities of several classical cryptographic primitives.In addition,this paper discussed the message interaction model of the ID-AOFE scheme,and analyzed the mechanism of dispute resolution.

Key words: optimistic fair exchange, signature exchange, identity-based cryptography, non-interactive witness indistinguishable proof, fairness, signer ambiguity, standard model

中图分类号: