An attribute-based anonymous authentication method and system

An anonymous authentication and attribute technology, applied in the field of computer technology and information security, can solve the problems of not being able to obtain other attributes, destroying the user's personal privacy, and third parties not being able to obtain the user's personal information, so as to achieve convenient expansion and improve communication efficiency.

Inactive Publication Date: 2019-04-02
INST OF SOFTWARE - CHINESE ACAD OF SCI +1
View PDF4 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] At present, there are already some research projects that focus on technologies related to anonymous authentication, including the shibboleth project organized by Oasis and the Liberty project of Liberty Alliance, etc., but the core technology of these projects is to use pseudonyms in the communication process so that third parties Obtain the user's personal information, but the service provider can still obtain the user's real identity and associate user behavior, thus destroying the user's personal privacy
, in the present invention, the service provider can only obtain the attributes required by the service, but cannot obtain other attributes, so that the activity association cannot be performed, and the real identity of the user cannot be obtained

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An attribute-based anonymous authentication method and system
  • An attribute-based anonymous authentication method and system
  • An attribute-based anonymous authentication method and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0046] Example 1. Attribute-based anonymous authentication algorithm

specific example

[0048] Assume and is a cyclic group of prime number order with order p (t is used to denote ,illustrate and are two different groups, that is, the present invention needs to set two groups, and use subscript t to distinguish two different prime order cyclic groups), and g is generator of . for arrive bilinear map on .

[0049] A. System setup algorithm

[0050] The algorithm is executed by a trusted party. First, define the maximum number of attributes n that can be included in the credential, and then assign an attribute value ω to each possible user attribute i i (according to the pre-defined allocation method), and additionally select n-1 redundant attributes d j To form a redundant attribute set D, (the distribution of redundant attributes needs to ensure that it will not be repeated with user attributes, if there are less than n user attributes in the credential to be constructed, the trusted party will choose redundant attributes to add to n), These r...

Embodiment 2

[0062] Example 2. Attribute-based anonymous authentication system

[0063] This embodiment aims to provide a specific example of the attribute-based anonymous authentication system of the present invention.

[0064] The system consists of three main bodies: trusted party (Trust Provider, TP), user agent (User Agent, UA), and service provider (Service Provider, SP). The three parts are connected through the network, and the trusted party is responsible for authenticating users and issuing attribute certificates for users. The main work of the user side is completed by the user agent, mainly receiving, storing, querying attribute credentials, and generating verification assertions to assist in the verification of the application service provider. Before requesting services, users need to apply for attribute certificates from trusted parties. When requesting services, they only need to show the attributes that the application service provider needs to be authenticated. For examp...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an attribute-based anonymous authentication method which contains the following steps: 1) a trusted party TP generates a master key x and system public parameters according to set safety parameters; 2) a user U registers with the TP to submit attributes and initiates an attribute certificate issue request; 3) the TP verifies the attributes of the user U and issues an attribute certificate for the user U according to the attributes of the U, the master key x and the system public parameters; 4) the user U initiates an access request to a service provider SP; 5) the SP looks up an access strategy corresponding to the access request and returns the access strategy to the user U; 6) the user U selects an attributes that the U wants to use according to the access strategy, and an anonymous certificate is calculated by the use of the attribute certificate and a private key r and is sent to the SP; and 7) the SP verifies the anonymous certificate, and accepts the access request and provides corresponding service to the user if verification is passed and the access strategy is satisfied. According to the invention, privacy of a user is guaranteed, and a more flexible threshold attribute selective showing scheme is supported.

Description

technical field [0001] The invention belongs to the field of computer technology and information security, and relates to a method for protecting the privacy of user access service behaviors in a cloud computing environment and preventing privacy leakage, and is specifically embodied as an attribute-based anonymous authentication method and system. Background technique [0002] With the development of the Internet and mobile Internet, people's daily life is increasingly dependent on network services, and network services have begun to involve all aspects of basic necessities of life. Especially in recent years, the concept of cloud computing has brought together network services on the Internet, e-government, e-commerce, e-medicine, and various enterprise-level application management systems are widely used, and personal consumption behaviors such as online browsing, shopping, social networking, and games And more and more. Many activities in real life do not require identi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
Inventor 高志刚司晓琳李强张严冯登国张立武刘世超金波邹翔
Owner INST OF SOFTWARE - CHINESE ACAD OF SCI
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap