ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2016, Vol. 53 ›› Issue (10): 2412-2429.doi: 10.7544/issn1000-1239.2016.20160413

所属专题: 2016网络空间共享安全研究进展专题

• 信息安全 • 上一篇    



  1. 1(山东青年政治学院信息工程学院 济南 250103); 2(山东省高校信息安全与智能控制重点实验室(山东青年政治学院) 济南 250103); 3(济南大学信息科学与工程学院 济南 250022) (
  • 出版日期: 2016-10-01
  • 基金资助: 
    山东省自然科学基金项目(ZR2015FL023,ZR2014FL011);山东省高等学校科技计划项目(J14LN61);山东青年政治学院博士科研启动经费资助项目(14A007) This work was supported by the Natural Science Foundation of Shandong Province of China (ZR2015FL023,ZR2014FL011), the Project of Shandong Province Higher Educational Science and Technology Program (J14LN61), and the Doctoral Research Start-up Funding Project of Shandong Youth University of Political Science (14A007).

Improved Endorsed E-Cash System with DAA-A

Liu Xin1,2, Zhang Bo3   

  1. 1(School of Information Engineering, Shandong Youth University of Political Science, Jinan 250103); 2(Key Laboratory of Information Security and Intelligent Control in Universities of Shandong (Shandong Youth University of Political Science), Jinan 250103); 3(School of Information Science and Engineering, University of Jinan, Jinan 250022)
  • Online: 2016-10-01

摘要: 当前,已有的可授权电子现金系统通信效率不高,同时其公平交换子协议要求使用低效的cut-and-choose证明技术且集中式的可信第三方(trusted third party, TTP)容易遭受拒绝服务攻击.此外,多个相关的公平支付系统或者要求使用cut-and-choose证明技术,或者使用了具有安全性缺陷的可验证加密技术.利用基于属性的自盲化证书系统构造了一个具有属性的直接匿名证明(direct anonymous attestation with attributes, DAA-A)方案,然后基于该方案构造了满足更强可开脱性的可授权电子现金系统.为了提高用户端在支付过程中的运算效率,使用了Arfaoui等人的集合关系证明协议,同时利用预计算技术对用户的知识签名进行了效率优化.为了避免执行低效的cut-and-choose证明,设计了一个支持分布式TTP的乐观公平交换子协议.通过与Golle-Mironov模型相结合,新系统可以应用于外包计算领域.与已有同类系统相比,新系统同时满足允许多次支付、无需使用cut-and-choose技术和用户无状态性等多个理想性质.此外,新系统的公平交换子协议引入了分布式TTP,即考虑了拒绝服务攻击的风险.

关键词: 可授权电子现金, 直接匿名证明, 公平交换, cut-and-choose证明, 外包计算

Abstract: At present, the existing endorsed e-cash system has a low communication efficiency, and its fair exchange protocol employs inefficient cut-and-choose proofs. In addition, the centralized TTP (trusted third party) is vulnerable to denial-of-service attacks. So far, several related fair payment systems have been proposed. Unfortunately, some of them use cut-and-choose proofs, and the others adopt verifiable encryption schemes with security flaw. Inspired by the idea of self-blindable attribute-based credentials, a concrete DAA-A (direct anonymous attestation with attributes) scheme is constructed. Based on the new DAA-A scheme, an improved endorsed e-cash system is proposed, which achieves a high level of exculpability. In order to improve users’ computational efficiency in the spending process, the set-membership proof by Arfaoui et al’s is adopted, and the efficiency of user’s signature of knowledge is also optimized with the technique of pre-computation. In order to bypass the expensive cut-and-choose proof, a new optimistic fair exchange sub-protocol supporting distributed TTPs is provided. Furthermore, if combined with the Golle-Mironov model, the new system also suits for the environment of outsourcing computing. Compared with the previous similar ones, the new system meets several desirable properties simultaneously, i.e., it supports multiple payments, and does not depend on cut-and-choose proofs and allows users to be stateless, etc. What’s more, the fair exchange protocol of the new system considers the risk of denial-of-service attacks.

Key words: endorsed e-cash, direct anonymous attestation, fair exchange, cut-and-choose proofs, outsourced computation