Nothing Special   »   [go: up one dir, main page]

Skip to main content
Log in

An efficient blockchain-based anonymous authentication and supervision system

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

The fast expansion of the Internet, as well as people’s concern for personal privacy and security, have raised the expectations for the identity authentication process. Although current controlled anonymous authentication techniques may provide anonymous authentication and supervision, they are inefficient. The one issue is the high processing cost of presenting and verifying the certificate. Another issue is that a single certification authority (CA) cannot reply timely when there are various requests for certificates and tracing fraudulent users. This article presents an efficient blockchain-based anonymous authentication and supervision system (EAAS) to overcome these issues. In comparison to previous solutions, our EAAS system adopts a double-layer CA architecture to address the issue that a single CA cannot react to a large number of requests in a short period of time. Additionally, it reduces the computational cost, making certificate presentation and verification more effective. Security analysis indicates that the proposed scheme enjoys anonymity, traceability, and unlinkability, and can resist forgery attacks. The theoretical and experimental comparison demonstrates its practicality in terms of presenting and verifying the certificate.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

Availability of supporting data

Not applicable.

References

  1. Szymkowiak A, Melović B, Dabić M, Jeganathan K, Kundi GS (2021) Information technology and gen z: the role of teachers, the internet, and technology in the education of young people. Technol Soc 65:101565. https://doi.org/10.1016/j.techsoc.2021.101565

    Article  Google Scholar 

  2. Hussain M, Mehmood A, Khan S, Khan MA, Iqbal Z (2019) Authentication techniques and methodologies used in wireless body area networks. J Syst Archit 101:101655. https://doi.org/10.1016/j.sysarc.2019.101655

    Article  Google Scholar 

  3. Wang D, Zhao J, Wang Y (2020) A survey on privacy protection of blockchain: the technology and application. IEEE Access 8:108766–108781. https://doi.org/10.1109/ACCESS.2020.2994294

    Article  Google Scholar 

  4. Camenisch J et al (2010) Specification of the identity mixer cryptographic library. IBM Research–Zurich 1–48

  5. Wang Y, Wang Z, Zhao M, Han X, Zhou H, Wang X, Voundi Koe AS (2022) BSM-ether: bribery selfish mining in blockchain-based healthcare systems. Inf Sci 601:1–17. https://doi.org/10.1016/j.ins.2022.04.008

    Article  Google Scholar 

  6. Wang Z, Fan J, Cheng L, An H-Z, Zheng H-B, Niu J-X (2019) Supervised anonymous authentication scheme. J Softw 6:1705–1720. https://doi.org/10.13328/j.cnki.jos.005746

  7. Boneh D, Boyen X, Shacham H (2004) Short group signatures. In: Franklin M (ed) Advances in Cryptology – CRYPTO 2004. Springer, Berlin, Heidelberg, pp 41–55. https://doi.org/10.1007/978-3-540-28628-8_3

  8. Ho T-H, Yen L-H, Tseng C-C (2015) Simple-yet-efficient construction and revocation of group signatures. Int J Found Comput Sci 26(5):611–624. https://doi.org/10.1142/S0129054115500343

    Article  MathSciNet  MATH  Google Scholar 

  9. Liang W, Wang Y, Ding Y, Zheng H, Liang H, Wang H (2022) An efficient anonymous authentication and supervision system based on blockchain. In: 2022 7th IEEE International Conference on Data Science in Cyberspace (DSC), Guilin, China. pp 306–313. https://doi.org/10.1109/DSC55868.2022.00048

  10. Kou G, Chen L (2021) An supervisable anonymous authentication scheme based on master-slave certificate. In: 2021 IEEE 5th Advanced Information Technology, Electronic and Automation Control Conference (IAEAC), Chongqing, China. pp 2127–2131. https://doi.org/10.1109/IAEAC50856.2021.9390874

  11. I’Anson C, Mitchell C (1990) Security defects in CCITT recommendation x. 509: the directory authentication framework. ACM SIGCOMM Computer Communication Review 20(2):30–34

  12. Lyons-Burke K (2000) Federal agency use of public key technology for digital signatures and authentication. Technical report, Booz-Allen and Hamilton Inc Mclean VA. https://apps.dtic.mil/sti/pdfs/ADA393324.pdf

  13. Zulfiqar M, Janjua MU, Hassan M, Ahmad T, Saleem T, Stokes JW (2022) Tracking adoption of revocation and cryptographic features in x. 509 certificates. Int J Inf Secur 21:653–668. https://doi.org/10.1007/s10207-021-00572-5

    Article  Google Scholar 

  14. Saleem T, Janjua MU, Hassan M, Ahmad T, Tariq F, Hafeez K, Salal MA, Bilal MD (2022) Proofchain: an x.509-compatible blockchain-based PKI framework with decentralized trust. Comput Netw 213:109069. https://doi.org/10.1016/j.comnet.2022.109069

  15. Weinshall D (2006) Cognitive authentication schemes safe against spyware. In: 2006 IEEE Symposium on Security and Privacy (S &P’06). pp 6–300. https://doi.org/10.1109/SP.2006.10

  16. Tian X, Zhu RW, Wong DS (2007) Improved efficient remote user authentication schemes. Int J Netw Secur 4(2):149–154. https://doi.org/10.6633/IJNS.200703.4(2).04

    Article  Google Scholar 

  17. Wang W, Xu H, Alazab M, Gadekallu TR, Han Z, Su C (2021) Blockchain-based reliable and efficient certificateless signature for IIoT devices. IEEE Trans Ind Inf 18(10):7059–7067. https://doi.org/10.1109/TII.2021.3084753

    Article  Google Scholar 

  18. Deebak BD, Memon FH, Khowaja SA, Dev K, Wang W, Qureshi NMF, Su C (2023) A lightweight blockchain-based remote mutual authentication for AI-empowered IoT sustainable computing systems. IEEE Internet Things J 10(8):6652–6660. https://doi.org/10.1109/JIOT.2022.3152546

    Article  Google Scholar 

  19. Wen B, Wang Y, Ding Y, Zheng H, Qin B, Yang C (2023) Security and privacy protection technologies in securing blockchain applications. Inf Sci 645:119322. https://doi.org/10.1016/j.ins.2023.119322

  20. Zhang T, Wang Y, Ding Y, Wu Q, Liang H, Wang, H (2022) Multi-party electronic contract signing protocol based on blockchain. IEICE Trans Inf Syst E105.D(2):264–271. https://doi.org/10.1587/transinf.2021BCP0011

  21. Cao Y, Wang Y, Ding Y, Guo Z, Wu Q, Liang H (2023) Blockchain-empowered security and privacy protection technologies for smart grid. Comput Stand Interfaces 85:103708. https://doi.org/10.1016/j.csi.2022.103708

  22. Huang X, Ding Y, Zheng H, Luo D, Wang Y, Wu J, Zhang L (2022) A privacy-preserving credit bank supervision framework based on redactable blockchain. In: Svetinovic D, Zhang Y, Luo X, Huang X, Chen X (eds) Blockchain and trustworthy systems. Springer, Chengdu, China, pp 18–30. https://doi.org/10.1007/978-981-19-8043-5_2

  23. Chen L, Wang Y, Ding Y, Liang H, Yang C, Wang H (2023) Iot-assisted blockchain-based car rental system supporting traceability. In: Wang X, Sapino ML, Han WS, El Abbadi A, Dobbie G, Feng Z, Shao Y, Yin H (eds) Database systems for advanced applications. Springer, Tianjin, China, pp 712–718. https://doi.org/10.1007/978-3-031-30678-5_61

  24. Li P, Lai J, Wu Y (2021) Event-oriented linkable and traceable anonymous authentication and its application to voting. J Inf Secur Appl 60:102865. https://doi.org/10.1016/j.jisa.2021.102865

    Article  Google Scholar 

  25. Barki A, Desmoulins N, Gharout S Traoré J (2017) Anonymous attestations made practical. In: Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks. WiSec ’17, pp. 87–98. Association for Computing Machinery, New York, NY, USA. https://doi.org/10.1145/3098243.3098258

  26. Deng L, Zeng J (2014) Two new identity-based threshold ring signature schemes. Theor Comput Sci 535:38–45. https://doi.org/10.1016/j.tcs.2014.04.002

    Article  MathSciNet  MATH  Google Scholar 

  27. Yang X, Wu W, Liu JK, Chen X (2015) Lightweight anonymous authentication for Ad Hoc group: A ring signature approach. In: Au M-H, Miyaji A (eds) Provable Security. Springer, Cham, pp 215–226. https://doi.org/10.1007/978-3-319-26059-4_12

  28. Harishma B, Mathew P, Patranabis S, Chatterjee U, Agarwal U, Maheshwari M, Dey S, Mukhopadhyay D (2022) Safe is the new smart: PUF-based authentication for load modification-resistant smart meters. IEEE Trans. Dependable Secure Comput 19(1):663–680. https://doi.org/10.1109/TDSC.2020.2992801

    Article  Google Scholar 

  29. Vasco MIG, Pozo ALPD, Soriente C (2021) A key for John Doe: modeling and designing anonymous password-authenticated key exchange protocols. IEEE Trans Dependable Secure Comput 18(3):1336–1353. https://doi.org/10.1109/TDSC.2019.2919013

    Article  Google Scholar 

  30. Maji HK, Prabhakaran M, Rosulek M (2011) Attribute-based signatures. In: Kiayias A (ed) Topics in Cryptology – CT-RSA 2011. Springer, Berlin, Heidelberg, pp 376–392. https://doi.org/10.1007/978-3-642-19074-2_24

  31. Bellare M, Fuchsbauer G (2014) Policy-based signatures. In: Krawczyk H (ed) Public-Key Cryptography – PKC 2014. Springer, Berlin, Heidelberg, pp 520–537. https://doi.org/10.1007/978-3-642-54631-0_30

  32. Tan S-Y, Groß T (2020) Monipoly—an expressive Q-SDH-based anonymous attribute-based credential system. In: Moriai S, Wang H (eds) Advances in Cryptology – ASIACRYPT 2020. Springer, Cham, pp 498–526. https://doi.org/10.1007/978-3-030-64840-4_17

  33. Crites EC, Lysyanskaya A (2019) Delegatable anonymous credentials from mercurial signatures. In: Matsui M (ed) Topics in Cryptology – CT-RSA 2019. Springer, Cham, pp 535–555. https://doi.org/10.1007/978-3-030-12612-4_27

  34. Blömer J, Bobolz J, Diemert D, Eidens F (2019) Updatable anonymous credentials and applications to incentive systems. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. CCS ’19. Association for Computing Machinery, New York, NY, USA, pp 1671–1685. https://doi.org/10.1145/3319535.3354223

  35. Deuber D, Maffei M, Malavolta G, Rabkin M, Schröder D, Simkin M (2018) Functional credentials. Proc Priv Enhancing Technol 2018(2):64–84. https://doi.org/10.1515/popets-2018-0013

    Article  Google Scholar 

  36. Yang R, Au MH, Xu Q, Yu Z (2019) Decentralized blacklistable anonymous credentials with reputation. Comput Secur 85:353–371. https://doi.org/10.1016/j.cose.2019.05.009

    Article  Google Scholar 

  37. Camenisch J, Drijvers M, Lehmann A (2016) Universally composable direct anonymous attestation. In: Cheng C-M, Chung K-M, Persiano G, Yang B-Y (eds) Public-Key Cryptography – PKC 2016. Springer, Berlin, Heidelberg, pp 234–264. https://doi.org/10.1007/978-3-662-49387-8_10

  38. Urquidi M, Khader D, Lancrenon J, Chen L (2016) Attribute-based signatures with controllable linkability. In: Yung M, Zhang J, Yang Z (eds) Trusted Systems. Springer, Cham, pp 114–129. https://doi.org/10.1007/978-3-319-31550-8_8

  39. Wang X, Chen Y, Ma X (2019) Adding linkability to ring signatures with one-time signatures. In: Lin Z, Papamanthou C, Polychronakis M (eds) Information Security. Springer, Cham, pp 445–464. https://doi.org/10.1007/978-3-030-30215-3_22

  40. Slamanig D, Spreitzer R, Unterluggauer T (2014) Adding controllable linkability to pairing-based group signatures for free. In: Chow SSM, Camenisch J, Hui LCK, Yiu SM (eds) Information Security. Springer, Cham, pp 388–400. https://doi.org/10.1007/978-3-319-13257-0_23

  41. Zheng H, Wu Q, Guan Z, Qin B, He S, Liu J (2019) Achieving liability in anonymous communication: auditing and tracing. Comput Commun 145:1–13. https://doi.org/10.1016/j.comcom.2019.05.021

    Article  Google Scholar 

  42. Derler D, Slamanig D (2018) Highly-efficient fully-anonymous dynamic group signatures. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security. ASIACCS ’18. Association for Computing Machinery, New York, NY, USA, pp 551–565. https://doi.org/10.1145/3196494.3196507

  43. Kuchta V, Sahu RA, Saraswat V, Sharma G, Sharma N, Markowitch O (2018) Anonymous yet traceable strong designated verifier signature. In: Chen L, Manulis M, Schneider S (eds) Information Security. Springer, Cham, pp 403–421. https://doi.org/10.1007/978-3-319-99136-8_22

  44. Gu K, Wang K, Yang L (2019) Traceable attribute-based signature. J Inf Secur Appl 49:102400. https://doi.org/10.1016/j.jisa.2019.102400

    Article  Google Scholar 

  45. Kaaniche N, Laurent M (2016) Attribute-based signatures for supporting anonymous certification. In: Askoxylakis I, Ioannidis S, Katsikas S, Meadows C (eds) Computer Security – ESORICS 2016. Springer, Cham, pp 279–300. https://doi.org/10.1007/978-3-319-45744-4_14

  46. Chaum D, Van Heyst E (1991) Group signatures. In: Proceedings of the 10th Annual International Conference on Theory and Application of Cryptographic Techniques. EUROCRYPT’91. Springer, Berlin, Heidelberg, pp 257–265. https://doi.org/10.1007/3-540-46416-6_22

  47. Blum M, Feldman P, Micali S (1988) Non-interactive zero-knowledge and its applications. In: Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing. STOC ’88. Association for Computing Machinery, New York, NY, USA, pp 103–112. https://doi.org/10.1145/62212.62222

Download references

Acknowledgements

This article was supported in part by the National Key R&D Program of China under project 2020YFB1006003, the Guangxi Natural Science Foundation under grants 2019GXNSFGA245004 and 2023GXNSFAA026236, the National Natural Science Foundation of China under projects 62162017, 62172119 and 61962012, the Zhejiang Provincial Natural Science Foundation of China under Grant No. LZ23F020012, the Swift Fund Fintech Funding, the Guangdong Key R&D Program under project 2020B0101090002, and the special fund of the High-level Innovation Team and Outstanding Scholar Program for universities of Guangxi.

Author information

Authors and Affiliations

Authors

Contributions

All authors contributed to the study conception and design. Material preparation, data collection, and analysis were performed by Weiyou Liang. The first draft of the manuscript was written by Weiyou Liang and all authors reviewed and edited all versions of the manuscript. All authors read and approved the final manuscript.

Corresponding author

Correspondence to Yong Ding.

Ethics declarations

Ethics approval

Not applicable.

Consent to participate

Yes.

Consent for publication

Yes.

Human and animal ethics

Not applicable.

Conflict of interest

The authors declare that they have no conflict of interests.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Liang, W., Wang, Y., Ding, Y. et al. An efficient blockchain-based anonymous authentication and supervision system. Peer-to-Peer Netw. Appl. 16, 2492–2511 (2023). https://doi.org/10.1007/s12083-023-01518-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-023-01518-5

Keywords

Navigation