具有匿名撤銷之匿名憑證系統

現今有許多電子互動行為日常生活中廣泛發生，然而，這些行為可能會產生個人隱私洩漏的危害。為了這項目的，匿名憑證系統隨之誕生。匿名憑證系統允許使用者在電子交易行為中同時保護使用者的隱私安全。在匿名憑證系統中，使用者可以從信賴的機構得到一個憑證，進而向服務提供端證明此憑證合法性與滿足服務提供端所需之屬性且過程中不洩漏使用者除了身份外的任何資訊。而現存匿名憑證系統在此步驟通常使用零知識證明來達到保護使用者隱私不被服務提供端所獲取，然而零知識證明的運算量會隨著要證明的屬性數量呈線性成長。此外現存匿名憑證系統也缺乏有效利用的匿名撤銷機制。在本論文中，我們提出一個有效率且具有匿名撤銷之匿名憑證系統。我們利用指定驗證者簽章伴隨變色龍雜湊函數來取代現存匿名憑證系統所採用的零知識證明進而達到效能的提升。此外我們採用群簽章的概念實現一個實際的匿名撤銷方法進而克服現存匿名憑證系統的缺陷。

關鍵字

匿名憑證；匿名撤銷

並列摘要

Anonymous credential systems promise efficient, and ubiquitous access to digital services while preserving user's privacy. In an anonymous credential system, a user Alice can obtain credentials from an organization, and she can prove to the verifier that she has been given appropriate credentials without revealing any information about her identity. And the technique of zero-knowledge proof is adopted in existing anonymous credential systems to protect the attributes from being known by the verifiers. However, the computation of zero-knowledge proof will increase linearly with the number of attributes. And the existing anonymous credential systems are lake of effective revocation approaches. In this thesis, an efficient anonymous credential system with revocation is proposed, and the technique of chameleon hash is adopted to replace complex zero-knowledge proof for performance improvement. In addition, we use the concept of group signatures to implement a practical approach of revocation to overcome the disadvantage of existing anonymous credential systems.

並列關鍵字

Anonymous Credential System ； Revocation ； Anonymity

參考文獻

[1] A. Lysyanskayak, "Signature Schemes and Applications to Cryptographic Protocol

Design," PhD thesis, Massachusetts Institute of Technology, 2002.

crosoft Corporation, 2010.

3)," Microsoft Corporation, 2013.

[7] D. Chaum, "Blind Signatures for Untraceable Payments," Proc. of CRYPTO

國際替代計量

具有匿名撤銷之匿名憑證系統

未授權

主題瀏覽