高级检索

    基于DAA-A的改进可授权电子现金系统

    Improved Endorsed E-Cash System with DAA-A

    • 摘要: 当前,已有的可授权电子现金系统通信效率不高,同时其公平交换子协议要求使用低效的cut-and-choose证明技术且集中式的可信第三方(trusted third party, TTP)容易遭受拒绝服务攻击.此外,多个相关的公平支付系统或者要求使用cut-and-choose证明技术,或者使用了具有安全性缺陷的可验证加密技术.利用基于属性的自盲化证书系统构造了一个具有属性的直接匿名证明(direct anonymous attestation with attributes, DAA-A)方案,然后基于该方案构造了满足更强可开脱性的可授权电子现金系统.为了提高用户端在支付过程中的运算效率,使用了Arfaoui等人的集合关系证明协议,同时利用预计算技术对用户的知识签名进行了效率优化.为了避免执行低效的cut-and-choose证明,设计了一个支持分布式TTP的乐观公平交换子协议.通过与Golle-Mironov模型相结合,新系统可以应用于外包计算领域.与已有同类系统相比,新系统同时满足允许多次支付、无需使用cut-and-choose技术和用户无状态性等多个理想性质.此外,新系统的公平交换子协议引入了分布式TTP,即考虑了拒绝服务攻击的风险.

       

      Abstract: At present, the existing endorsed e-cash system has a low communication efficiency, and its fair exchange protocol employs inefficient cut-and-choose proofs. In addition, the centralized TTP (trusted third party) is vulnerable to denial-of-service attacks. So far, several related fair payment systems have been proposed. Unfortunately, some of them use cut-and-choose proofs, and the others adopt verifiable encryption schemes with security flaw. Inspired by the idea of self-blindable attribute-based credentials, a concrete DAA-A (direct anonymous attestation with attributes) scheme is constructed. Based on the new DAA-A scheme, an improved endorsed e-cash system is proposed, which achieves a high level of exculpability. In order to improve users’ computational efficiency in the spending process, the set-membership proof by Arfaoui et al’s is adopted, and the efficiency of user’s signature of knowledge is also optimized with the technique of pre-computation. In order to bypass the expensive cut-and-choose proof, a new optimistic fair exchange sub-protocol supporting distributed TTPs is provided. Furthermore, if combined with the Golle-Mironov model, the new system also suits for the environment of outsourcing computing. Compared with the previous similar ones, the new system meets several desirable properties simultaneously, i.e., it supports multiple payments, and does not depend on cut-and-choose proofs and allows users to be stateless, etc. What’s more, the fair exchange protocol of the new system considers the risk of denial-of-service attacks.

       

    /

    返回文章
    返回