AI Chat Paper
Note: Please note that the following content is generated by AMiner AI. SciOpen does not take any responsibility related to this content.
{{lang === 'zh_CN' ? '文章概述' : 'Summary'}}
{{lang === 'en_US' ? '中' : 'Eng'}}
Chat more with AI
Powered by AMiner. Clicking this button will take you away from SciOpen.
Home Tsinghua Science and Technology Article
PDF (8.6 MB)
Cite
EndNote(RIS) BibTeX
Collect
Submit Manuscript AI Chat Paper
Show Outline
Outline
Show full outline
Hide outline
Outline
Show full outline
Hide outline
Open Access

tsrCert: Traceable Self-Randomization Certificate and Its Application to Blockchain Supervision

School of Cyber Science and Technology, Beihang University, Beijing 100191, China
Hangzhou Innovation Institute, Beihang University, Hangzhou 310051, China
Key Laboratory of Cryptography of Zhejiang Province, Hangzhou Normal University, Hangzhou 311121, China
School of Information, Renmin University of China, Beijing 100872, China
School of Software and BNRist, Tsinghua University, Beijing 100084, China
Show Author Information

Abstract

Traditional public key infrastructure (PKI) only provides authentication for network communication, and the standard X.509 certificate used in this architecture reveals the user’s identity. This lack of privacy protection no longer satisfies the increasing demands for personal privacy. Though an optimized anonymous PKI certificate realizes anonymity, it has the potential to be abused due to the lack of identity tracking. Therefore, maintaining a balance between user anonymity and traceability has become an increasing requirement for current PKI. This paper introduces a novel traceable self-randomization certificate authentication scheme based on PKI architecture that achieves both anonymity and traceability. We propose a traceable self-randomization certificate authentication scheme based on the short randomizable signature. Specifically, certificate users can randomize the initial certificate and public key into multiple anonymous certificates and public keys by themselves under the premise of traceability, which possesses lower computational complexity and fewer interactive operations. Users can exhibit different attributes of themselves in different scenarios, randomizing the attributes that do not necessarily need to be displayed. Through security and performance analysis, we demonstrate the suitability of the improved PKI architecture for practical applications. Additionally, we provide an application of the proposed scheme to the permissioned blockchain for supervision.

Keywords

public key infrastructuretraceable self-randomization certificaterandomizable signatureanonymity and traceabilityblockchain supervision

References

[1]
D. Cooper, S. Santesson, S. Farrell, et al., Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile, RFC 5280, https://www.rfc-editor.org/rfc/rfc5280, 2008.
Crossref
[2]
D. Chaum, Security without identification: Transaction systems to make big brother obsolete, Commun. ACM, vol. 28, no. 10, pp. 1030–1044, 1985.
Crossref Google Scholar
[3]
R. L. Rivest, A. Shamir, and Y. Tauman, How to leak a secret, in Proc. Int. Conf. Theory and Application of Cryptology and Information Security (ASIACRYPT), Gold Coast, Australia, 2001, pp. 552–565.
Crossref Google Scholar
[4]
D. Chaum, Blind signatures for untraceable payments, in Advances in cryptology, Boston, MA, USA: Springer, 1983, pp. 199–203.
Crossref
[5]
D. Chaum and E. Heyst, Group signatures, in Proc. Advances in Cryptology – Int. Conf. Theory and Application of Cryptographic Techniques (EUROCRYPT), Brighton, UK, 1991, pp. 257–265.
Crossref Google Scholar
[6]
J. Camenisch and A. Lysyanskaya, An efficient system for non-transferable anonymous credentials with optional anonymity revocation, B. Pfitzmann, Ed. in Lecture Notes in Computer Science, Berlin, Germany: Springer, 2001, pp. 93–118.
Crossref
[7]
A. Lysyanskaya, R. L. Rivest, A. Sahai, and S. Wolf, Pseudonym systems, in Selected Areas in Cryptography, Berlin, Germany: Springer, 2000, pp. 184–199.
Crossref
[8]
M. H. Au, P. P. Tsang, W. Susilo, and Y. Mu, Dynamic universal accumulators for DDH groups and their application to attribute-based anonymous credential systems, in Proc. Cryptographers’ Track at the RSA Conference, San Francisco, CA, USA, 2009, pp. 295–308.
Crossref Google Scholar
[9]
V. Benjumea, J. Lopez and J. M. Troya, Anonymous attribute certificates based on traceable signatures, Inter. Res., vol. 16, no.2, pp. 120–139, 2006.
Crossref Google Scholar
[10]
F. Baldimtsi and A. Lysyanskaya, Anonymous credentials light, in Proc. ACM SIGSAC Conf. Computer and Communications Security (CCS), Berlin, Germany, 2013, pp. 1087–1098.
Crossref Google Scholar
[11]
J. Camenisch and E. Van Herreweghen, Design and implementation of the idemix anonymous credential system, in Proc. 9th ACM Conf. Computer and communications security, New York, NY, USA, 2002, pp. 21–30.
Google Scholar
[12]
A. Delignat-Lavaud, C. Fournet, M. Kohlweiss, and B. Parno, Cinderella: turning shabby X.509 certificates into elegant anonymous credentials with the magic of verifiable computation, in Proc. 2016 IEEE Symp. on Security and Privacy (SP), San Jose, CA, USA, 2016, pp. 235–254.
Crossref Google Scholar
[13]
J. Camenisch and A. Lysyanskaya, Signature schemes and anonymous credentials from bilinear maps, in Proc. 42nd Annu. Int. Cryptology Conf. (Crypto), Santa Barbara, CA, USA, 2004, pp. 56–72.
Crossref Google Scholar
[14]
M. Mondal, Double-edged swords: The good and the bad of privacy and anonymity in social media, in Proc. 28th ACM Conf. Hypertext and Social Media, Prague, Czech Republic, 2017, pp. 1–2.
Google Scholar
[15]
S. Park, H. Park, Y. Won, J. Lee, KISA, and S. Kent, Traceable anonymous certificate (rfc5636), https://www.rfc-editor.org/rfc/rfc5636.html, 2011.
[16]
I. Q. Azurmendi, J. L. Hern’andez-Ardieta, V. G. Martınez, L. H. Encinas, and D. A. Guardeno, A coercion-resistant and easy-to-use internet e-voting protocol based on traceable anonymous certificates, in Proc. 3th Jornadas Nacionales de Investigación en Ciberseguridad, Madrid, Spain, 2017.
Google Scholar
[17]
A. Miyaji and K. Umeda, A fully-functional group signature scheme over only known-order group, in Proc. Applied Cryptography and Network Security (ACNS), Huangshan, China, 2004, pp. 164–179.
Crossref Google Scholar
[18]
N. Kaaniche and M. Laurent, Attribute-based signatures for supporting anonymous certification, in Proc. Computer Security - European Symp. on Research in Computer Security (ESORICS), Heraklion, Greece, 2016, pp. 279–300.
Crossref Google Scholar
[19]
S. Lee, H. C. Kwon, and D. Seo, Privacy-preserving pki design based on group signature, https://ro.ecu.edu.au/ism/122/, 2011.
[20]
S. Bouzefrane, K. Garri, and P. Thoniel, A user-centric pki based-protocol to manage fc2 digital identities, Int. J. Comput. Sci., vol. 8, no. 1, pp. 1694–0814, 2011.
Google Scholar
[21]
H. J. Bickenbach, Common PKI 2.0, https://www.bundesnetzagentur.de/EVD/SharedDocuments/Downloads/QES/CommonPKIv2.002.html, 2013.
[22]
X. Boyen, U. Herath, M. McKague, and D. Stebila. Associative blockchain for decentralized PKI transparency, Cryptogr., vol. 5, no. 2, pp. 1–14, 2021.
Crossref Google Scholar
[23]
P. Li, J. Lai, and Y. Wu, Event-oriented linkable and traceable anonymous authentication and its application to voting, J. Inf. Secur. Appl., vol. 60, p. 102865, 2021.
Crossref Google Scholar
[24]
X. Liu, Y. Wang, Y. Li, and H. Cao, PTAP: A novel secure privacy-preserving & traceable authentication protocol in VANETs, Comput. Netw., vol. 226, p. 109643, 2023.
Crossref Google Scholar
[25]
S. Nakamoto, Bitcoin: A peer-to-peer electronic cash system, https://bitcoin.org/bitcoin.pdf, 2008.
[26]
P. Koshy, D. Koshy, and P. McDaniel, An analysis of anonymity in bitcoin using P2P network traffic, in Financial cryptography and data security, N. Christin and R. Safavi-Naini, Eds. vol. 8437, Berlin, Germany: Springer, 2014.
Crossref
[27]
A. Biryukov, D. Khovratovich, and I. Pustogarov, Deanonymisation of clients in bitcoin P2P network, in Proc. 2014 ACM SIGSAC Conf. Computer and Communications Security, Scottsdale, AZ, USA, 2014, pp. 15–29.
Crossref Google Scholar
[28]
B. Huang, Z. Liu, J. Chen, A. Liu, Q. Liu, and Q. He, Behavior pattern clustering in blockchain networks, Multimed. Tools Appl., vol. 76, no. 19, pp. 20099–20110, 2017.
Crossref Google Scholar
[29]
D. Di Francesco Maesa, A. Marino, and L. Ricci, Data-driven analysis of Bitcoin properties: Exploiting the users graph, Int. J. Data Sci. Anal., vol. 6, no. 1, pp. 63–80, 2018.
Crossref Google Scholar
[30]
H. Zheng, Q. Wu, B. Qin, L. Zhong, S. He and J. Liu, Linkable group signature for auditing anonymous communication, in Proc. 23rd Australasian Conf. Information Security and Privacy (ACISP), Wollongong, Australia, 2018, pp. 304–321.
Crossref Google Scholar
[31]
H. Zheng, Q. Wu, Z. Guan, B. Qin, S. He, and J. Liu, Achieving liability in anonymous communication: Auditing and tracing, Comput. Commun., vol. 145, pp. 1–13, 2019.
Crossref Google Scholar
[32]
T. Ma, H. Xu, and P. Li, Skyeye: A traceable scheme for blockchain, https://eprint.iacr.org/2020/034, 2020.
[33]
Y. Wang, G. Gou, C. Liu, M. Cui, Z. Li, and G. Xiong, Survey of security supervision on blockchain from the perspective of technology, J. Inf. Secur. Appl., vol. 60, p. 102859, 2021.
Crossref Google Scholar
[34]
D. Bogatov, AD. Caro, K. Elkhiyaoui and B. Tackmann. Anonymous transactions with revocation and auditing in hyperledger fabric, in Proc. Cryptology and Network Security: 20th Int. Conf. (CNS), Vienna, Austria, 2021, pp. 435–459.
Crossref Google Scholar
[35]
G. Zhang, X. Chen, B. Feng, X. Guo, X. Hao, H. Ren, C. Dong, and Y. Zhang, BCST-APTS: Blockchain and CP-ABE empowered data supervision, sharing, and privacy protection scheme for secure and trusted agricultural product traceability system, Secur. Commun. Netw., vol. 2022, pp. 1–11, 2022.
Crossref Google Scholar
[36]
J. G. Dumas, P. Lafourcade, F. Melemedjian, J. B. Orfila, and P. Thoniel, Localpki: A user-centric formally proven alternative to pkix, in Proc. 14th Int. Conf. on Security and Cryptography (SECRYPT), Madrid, Spain, 2017, pp. 1–18.
Crossref Google Scholar
[37]
C. Garman, M. Green, and I, Miers, Decentralized anonymous credentials, in Proc. Annu. Network and Distributed System Security Symp. (NDSS), San Diego, CA, USA, 2014, pp. 1–21.
Crossref Google Scholar
[38]
J. Camenisch, M. Drijvers, and M. Dubovitskaya, Practical uc-secure delegatable credentials with attributes and their application to blockchain, in Proc. ACM SIGSAC Conf. Computer and Communications Security (CCS), Dallas, TX, USA, 2017, pp. 683–699.
Crossref Google Scholar
[39]
D. Boneh, B. Lynn, and H. Shacham, Short signatures from the Weil pairing, J. Cryptol., vol. 17, no. 4, pp. 297–319, 2004.
Crossref Google Scholar
[40]
D. Pointcheval and O. Sanders, Short randomizable signatures, in Proc. Cryptographers Track at the RSA Conf. (CT-RSA), San Francisco, CA, USA, 2016, pp. 111–126.
Crossref Google Scholar
[41]
M. Bellare, D. Micciancio, and B. Warinschi, Foundations of group signatures: Formal definitions, simplified requirements, and a construction based on general assumptions. in Proc. Advances in Cryptology-Int. Conf. Theory and Applications of Cryptographic Techniques (EUROCRYPT), Warsaw, Poland, 2003, pp. 614–629.
Crossref Google Scholar
[42]
D. Critchlow and N. Zhang, Security enhanced accountable anonymous PKI certificates for mobile e-commerce, Comput. Netw., vol. 45, no. 4, pp. 483–503, 2004.
Crossref Google Scholar
[43]
D. Boneh and X. Boyen, Short signatures without random oracles and the SDH assumption in bilinear groups, J. Cryptol., vol. 21, no. 2, pp. 149–177, 2008.
Crossref Google Scholar
[44]
C. I. Fan, W. Z. Sun, and V. S. M. Huang, Provably secure randomized blind signature scheme based on bilinear pairing, Comput. Math. Appl., vol. 60, no. 2, pp. 285–293, 2010.
Crossref Google Scholar
[45]
A. Sonnino, M. Al-Bassam, S. Bano , S. Meiklejohn, and G. Danezis, Coconut: Threshold issuance selective disclosure credentials with applications to distributed ledgers, in Proc. Ann. Network and Distributed System Security Symp. (NDSS), San Diego, CA, USA, 2019, pp. 1–15.
Crossref Google Scholar
Tsinghua Science and Technology
Volume 28 Issue 6,
December 2023
Pages 1128-1147
DOI: 10.26599/TST.2023.9010053
Cite this article:
Zhu Y, Zheng H, Qin B, et al. tsrCert: Traceable Self-Randomization Certificate and Its Application to Blockchain Supervision. Tsinghua Science and Technology, 2023, 28(6): 1128-1147. https://doi.org/10.26599/TST.2023.9010053

511

Views

26

Downloads

0

Crossref

0

Web of Science

0

Scopus

0

CSCD

Altmetrics
Received: 28 April 2023
Revised: 25 May 2023
Accepted: 26 May 2023
Published: 28 July 2023
© The author(s) 2023.

The articles published in this open access journal are distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/).
Return