标准模型下基于身份的混淆乐观公平交换方案

doi:10.3969/j.issn.0372-2112.2020.08.009

电子学报 ›› 2020, Vol. 48 ›› Issue (8): 1516-1527.DOI: 10.3969/j.issn.0372-2112.2020.08.009

标准模型下基于身份的混淆乐观公平交换方案

戚珉, 陈明

宜春学院数学与计算机科学学院, 江西宜春 336000

收稿日期:2018-09-28 修回日期:2020-05-08 出版日期:2020-08-25 发布日期:2020-08-25
通讯作者: 陈明
作者简介:戚珉 男. 1975年11月出生,江西樟树人.2000年获南方冶金学院工学学士学位,2010年获南昌大学软件工程硕士学位.现为宜春学院副教授,主要从事计算机通信、信息安全等方面的研究工作. E-mail:qm406@qq.com
基金资助:
国家自然科学基金（No.61662083）；江西省教育厅科学技术研究项目（No.GJJ151037）

ID-Based Ambiguous Optimistic Fair Exchange in the Standard Model

QI Min, CHEN Ming

School of Mathematics and Computer Science, Yichun University, Yichun, Jiangxi 336000, China

Received:2018-09-28 Revised:2020-05-08 Online:2020-08-25 Published:2020-08-25

摘要/Abstract

摘要： 为防止签名验证者利用部分签名取得不公平的优势，Huang等人提出混淆乐观公平交换（Ambiguous Optimistic Fair Exchange，AOFE）方案及其一般构造方法，但是其构造方法没有考虑真实的用户环境.在基于IBC（Identity-Based Cryptography）的用户环境下，文章提出基于身份的混淆乐观公平交换（ID-AOFE）方案构造方法、方案实例、及其选择身份安全模型.提出的ID-AOFE构造方法对Huang等人的AOFE方案进行了简化，采用具有信息提取功能的证据不可区分证明算法替换原方案模型中的基于标签加解密和零知识证明算法.ID-AOFE安全模型以Huang等人的AOFE安全模型为基础，融合了选择身份安全模型，并对ID-AOFE方案的安全性进行了归纳和重新定义.在选择身份安全模型下，提出的ID-AOFE方案实例的公平性被规约到经典密码原语的安全性.此外，文章探讨了ID-AOFE方案的消息交互模型，就争端解决的方案和过程进行了重点分析.

关键词: 乐观公平交换, 签名交换, 基于身份密码学, 非交互的证据不可区分证明, 公平性, 签名者的混淆, 标准模型

Abstract: A generic ambiguous optimistic fair exchange(AOFE)scheme,a variant of OFE,is proposed by Huang et al.The AOFE scheme prevents signature verifiers from convincing anybody about the authorship of a partial signature generated by the signer.However,the AOFE scheme cannot be directly applied to an actual user environment.A generic AOFE scheme and an instantiation of the generic construction in an identity-based user environment were proposed in this paper.In the generic construction of identity-based AOFE(ID-AOFE),the tag-based encryption and zero-knowledge proof algorithms in Huang et al.'s AOFE was removed and the non-interactive witness indistinguishable proof algorithms extracting the hided witness via keys was employed.Furthermore,we summarized and redefined the security of the ID-AOFE scheme.Then,an ID-AOFE security model was defined based on the Huang et al.'s AOFE security model and the selective identity security model.Under the selective identity security model of ID-AOFE,the fairness of our scheme is reduced to the securities of several classical cryptographic primitives.In addition,this paper discussed the message interaction model of the ID-AOFE scheme,and analyzed the mechanism of dispute resolution.

Key words: optimistic fair exchange, signature exchange, identity-based cryptography, non-interactive witness indistinguishable proof, fairness, signer ambiguity, standard model

中图分类号:

TP309

戚珉, 陈明. 标准模型下基于身份的混淆乐观公平交换方案[J]. 电子学报, 2020, 48(8): 1516-1527.

QI Min, CHEN Ming. ID-Based Ambiguous Optimistic Fair Exchange in the Standard Model[J]. Acta Electronica Sinica, 2020, 48(8): 1516-1527.

参考文献

[1] ASOKAN N,SCHUNTER M,WAIDNER M.Optimistic protocols for fair exchange[A].Proceedings of the 4th ACM Computer and Communications Security Conference[C].New York:ACM,1997.7-17.
[2] COX B,TYGAR D,SIRBU M.NetBill security and transaction protocol[A].Proceedings of the first USENIX Workshop of Electronic Commerce[C].New York:USENIX,1995.77-88.
[3] KREMER S.Formal analysis of optimistic fair exchange protocols[D].Brussels,Belgium:University Libre de Bruxelles,2003.
[4] 王彩芬,葛建华.带脱线半可信第三方的公平非否认交换协议[J].电子学报,2002,30(2):286-288. WANG Cai-fen,GE Jian-hua.A new fair non-repudiation protocol with off-line semi-trusted third party[J].Acta Electronica Sinica,2002,30(2):286-288.(in Chinese)
[5] ASOKAN N,SHOUP V,WAIDNER M.Optimistic fair exchange of digital signatures (extended abstract)[A].Proceedings of the Advances in Cryptology-EUROCRYPT (LNCS1403)[C].Berlin:Springer,1998.591-606.
[6] ASOKAN N,SHOUP V,WAIDNER M.Optimistic fair exchange of digital signatures[J].IEEE Journal on Selected Areas in Communication,2000,18(4):593-610.
[7] BOYD C,FOO E.Off-line fair payment protocols using convertible signatures[A].Proceedings of the Advances in Cryptology-ASIACRYPT (LNCS1514)[C].Berlin:Springer,1998.271-285.
[8] 辛向军,李刚,董庆宽,等.一个高效的随机化的可验证加密签名方案[J].电子学报,2008,36(7):1378-1382. XIN Xiang-jun,LI Gang,DONG Qing-kuan,et al.An efficient randomized verifiably encrypted signature scheme[J].Acta Electronica Sinica,2008,36(7):1378-1382.(in Chinese)
[9] GARAY J A,JAKOBSSON M,MACKENZIE P.Abuse-free optimistic contract signing[A].Proceedings of the Advances in Cryptology-CRYPTO (LNCS1666)[C].Berlin:Springer,1999.449-466.
[10] JAKOBSSON M,SAKO K,IMPAGLIAZZO R.Designated verifier proofs and their applications[A].Proceedings of the Advances in Cryptology-EUROCRYPT (LNCS1070)[C].Berlin:Springer,1996.143-154.
[11] 王晓峰,张璟,王尚平,等.新的基于身份的广义指定验证者签名方案[J].电子学报,2007,35(8):1432-1436. WANG Xiao-feng,ZHANG Jing,WANG Shang-ping,et al.A new ID-based universal designated verifier signature scheme[J].Acta Electronica Sinica,2007,35(8):1432-1436.(in Chinese)
[12] WANG Gui-lin.An abuse-free fair contract signing protocol based on the RSA signature[J].IEEE Transactions on Information Forensics and Security,2010,5(1):158-168.
[13] HUANG Q,WONG D S,SUSILO W.A new construction of designated confirmer signature and its application to optimistic fair exchange (extended abstract)[A].Proceedings of the Pairing-Based Cryptography (LNCS6487)[C].Berlin:Springer,2010.41-61.
[14] HUANG Q,WONG D S,SUSILO W.Efficient designated confirmer signature and DCS-based ambiguous optimistic fair exchange[J].IEEE Transactions on Information Forensics and Security,2011,6(4):1233-1247.
[15] HUANG Q,WONG D S,SUSILO W.The construction of ambiguous optimistic fair exchange from designated confirmer signature without random oracles[A].Proceedings of the 15th International Conference on Practice and Theory in Public Key Cryptography[C].Berlin:Springer,2012.120-137.
[16] HUANG Q,YANG G M,WONG D S,et al.Ambiguous optimistic fair exchange[A].Proceedings of the Advances in Cryptology-ASIACRYPT (LNCS5350)[C].Berlin:Springer,2008.74-89.
[17] HUANG Q,YANG G M,WONG D S,et al.Ambiguous optimistic fair exchange:definition and constructions[J].Theoretical Computer Science,2015,562(582):177-193.
[18] GROTH J,SAHAI A.Efficient non-interactive proof systems for bilinear groups[A].Proceedings of the Advances in Cryptology-EUROCRYPT (LNCS4965)[C].Berlin:Springer,2008.415-432.
[19] WANG Y,AU M H,SUSILO W.Perfect ambiguous optimistic fair exchange[A].Proceedings of the 14th International Conference on Information and Communications Security[C].Berlin:Springer,2012.142-153.
[20] HUANG Q,WONG D S,SUSILO W.How to protect privacy in Optimistic Fair Exchange of digital signatures[J].Information Sciences,2015,325:300-315.
[21] GUO Q,CUI Y,ZOU X,et al.Generic construction of privacy-preserving optimistic fair exchange protocols[J].J Internet Serv Inf Secur,2017,7(2):44-56.
[22] SHAMIR A.Identity-based cryptosystems and signature schemes[A].Proceedings of the Advances in Cryptology-CRYPTO (LNCS196)[C].Berlin:Springer,1985.47-53.
[23] BONEH D,FRANKLIN M.Identity-based encryption from the weil pairing[A].Proceedings of the Advances in Cryptology-CRYPTO (LNCS2139)[C].Berlin:Springer,2001.213-229.
[24] BOYEN X,MARTIN L.Identity-based cryptography standard (IBCS)#1:supersingular curve implementations of the BF and BB1 cryptosystems[R/OL].http://www.ietf.org/rfc/rfc5091.txt,2020.
[25] PARTERSON K G,SCHULDT J C N.Efficient identity-based signatures secure in the standard model[A].Proceedings of the 11th Australasian Conference on Information Security and Privacy[C].Berlin:Springer,2006.207-222.
[26] BONEH D,BOYEN X.Short signatures without random oracles[A].Proceedings of the Advances in Cryptology-EUROCRYPT (LNCS3027)[C].Berlin:Springer,2004.56-73.
[27] ZHANG Lei,WU Qian-hong,QIN Bo.Identity-based optimistic fair exchange in the standard model[J].Security&Communication Networks,2013,6(8):1010-1020.
[28] YOUN T K,CHANG K Y.ID-based optimistic fair exchange scheme based on RSA[J].Etri Journal,2014,36(4):673-681.
[29] LOH J C,HENG S H,TAN S Y.A generic framework for accountable optimistic fair exchange protocol[J].Symmetry,2019,11(2):285.
[30] GOYAL V,PANDEY O,SAHAI A,et al.Attribute-based encryption for fine-grained access control of encrypted data[A].Proceedings of the 13th ACM Conference on Computer and Communications Security[C].New York:ACM,2006.89-98.

标准模型下基于身份的混淆乐观公平交换方案

ID-Based Ambiguous Optimistic Fair Exchange in the Standard Model

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	杨启良, 周彦伟, 杨坤伟, 王涛. 标准模型下可公开验证的匿名IBE方案的安全性分析[J]. 电子学报, 2020, 48(2): 291-295.
[2]	丁勇, 王冰尧, 袁方, 王玉珏, 张昆, 田磊. 支持第三方仲裁的智能电网数据安全聚合方案[J]. 电子学报, 2020, 48(2): 350-358.
[3]	崔兆阳, 黄容兰, 万德焕. 一种有效改善系统性能的非正交传输方案[J]. 电子学报, 2020, 48(10): 1915-1922.
[4]	巩林明, 李顺东, 窦家维, 王道顺. 标准模型下抗CPA与抗CCA2的RSA型加密方案[J]. 电子学报, 2018, 46(8): 1938-1946.
[5]	赵艳琦, 来齐齐, 禹勇, 杨波, 赵一. 标准模型下基于身份的环签名方案[J]. 电子学报, 2018, 46(4): 1019-1024.
[6]	莫若, 马建峰, 刘西蒙, 张涛. 一种支持树形访问结构的属性基可净化签名方案[J]. 电子学报, 2017, 45(11): 2715-2720.
[7]	熊余, 唐剑波, 张鸿, 吕翊. TWDM-PON中用户行为感知的动态资源分配策略[J]. 电子学报, 2016, 44(2): 398-404.
[8]	陈明. 标准模型下可托管的基于身份认证密钥协商[J]. 电子学报, 2015, 43(10): 1954-1962.
[9]	杨志军, 丁洪伟, 陈传龙. 完全服务和门限服务两级轮询系统E（x）特性分析[J]. 电子学报, 2014, 42(4): 774-778.
[10]	李琦, 马建峰, 熊金波, 刘西蒙, 马骏. 一种素数阶群上构造的自适应安全的多授权机构CP-ABE方案[J]. 电子学报, 2014, 42(4): 696-702.
[11]	马春光, 石岚, 周长利, 汪定. 属性基门限签名方案及其安全性研究[J]. 电子学报, 2013, 41(5): 1012-1015.
[12]	明洋, 王育民. 标准模型下可证安全的通配符基于身份加密方案[J]. 电子学报, 2013, 41(10): 2082-2086.
[13]	葛爱军, 马传贵, 程庆丰. 标准模型下CCA2安全且固定密文长度的模糊基于身份加密方案[J]. 电子学报, 2013, 41(10): 1948-1952.
[14]	李继国, 杨海珊, 张亦辰. 标准模型下安全的基于证书密钥封装方案[J]. 电子学报, 2012, 40(8): 1577-1583.
[15]	李继国;孙刚;张亦辰. 标准模型下可证安全的本地验证者撤销群签名方案[J]. 电子学报, 2011, 39(7): 1618-1623.