A Distributed Authorized Attribute-Based Network Ring Signature Method

Abstract

The invention discloses an attribute-based network ring signature method with distributed authorization, which belongs to the field of information security. The main method is: in the initialization stage, the distributed key negotiation protocol is used to remove the trusted system center and disperse the attribute authorization mechanism at the same time The key management authority solves the problem of attribute key escrow; in the key distribution stage, by embedding the user identity into the attribute key, it is ensured that the method can resist collusion attacks; in the signature generation stage, by introducing the user identity in the signature The fuzzy factor makes the method have unconditional strong anonymity at the same time. The method has strong anonymity and high security, and can effectively realize anonymous identity authentication and access control functions of cloud computing, electronic medical and other networks.

Description

technical field [0001] The invention relates to a distributed authorization network anonymous identity authentication and signature method for access. Background technique [0002] With the vigorous development of big data applications such as electronic medical care and cloud computing, data authentication and privacy protection have become very realistic and urgently needed to be solved. Attribute-based (attribute-based) ring signatures have no group organization process in the signing process, do not require the participation of group administrators, facilitate the concealment of signer privacy, and can provide stronger anonymity protection than ordinary attribute-based signatures, so they are especially suitable for implementing Anonymous identity authentication and access control functions in networks with high anonymity requirements such as cloud computing and electronic medical care. The analysis shows that the existing attribute-based (attribute-based) ring signatur...

AI Technical Summary

Problems solved by technology

This method embeds user identity information directly into the attribute key, although it can ensure that the signature cannot be generated by collusion of multiple users, but the anonymity of the method is degraded due to the introduction of identity information.

In addition, since the use of a single attribute authority is responsible for the distribution and management of all attribute keys in the system, as long as the attribute authority is compromised by the attacker, the attacker can use the key of the attribute authority to generate the attribute key of any user in the system. Therefore, this approach also suffers from property key escrow issues

[0004] Li et al. "Li J, Chen XF, Huang XY. New attribute-based authentication and its application in anonymous cloud access service [J]. Journal on International Journal of Web and Grid Services, 2015, 11(1): 125-141." Reference Chase et al. "Chase M, Chow S. Improving privacy and security in multi-authority attribute-based encryption [A], In Proceedings of the 16th ACM Conference on Computer and Communications Security [C], 2009: 121-130." The key anonymous distribution protocol improves the existing attribute-based ring signature method, but the introduction of the key anonymous distribution protocol causes the attribute authority AA to generate user attribute keys in the key distribution stage. t 2 key to ensure the security of the scheme, where t is the number of attribute authority AA in the attribute authority set

This undoubtedly reduces the work efficiency of the attribute authority AA and increases the communication cost between the attribute authority AA and the user

Images