Traditional public key infrastructure (PKI) only provides authentication for network communication, and the standard X.509 certificate used in this architecture reveals the user’s identity. This lack of privacy protection no longer satisfies the increasing demands for personal privacy. Though an optimized anonymous PKI certificate realizes anonymity, it has the potential to be abused due to the lack of identity tracking. Therefore, maintaining a balance between user anonymity and traceability has become an increasing requirement for current PKI. This paper introduces a novel traceable self-randomization certificate authentication scheme based on PKI architecture that achieves both anonymity and traceability. We propose a traceable self-randomization certificate authentication scheme based on the short randomizable signature. Specifically, certificate users can randomize the initial certificate and public key into multiple anonymous certificates and public keys by themselves under the premise of traceability, which possesses lower computational complexity and fewer interactive operations. Users can exhibit different attributes of themselves in different scenarios, randomizing the attributes that do not necessarily need to be displayed. Through security and performance analysis, we demonstrate the suitability of the improved PKI architecture for practical applications. Additionally, we provide an application of the proposed scheme to the permissioned blockchain for supervision.
Follow this author
Downloads: 22 Citations: 16 Articles: 3