CN105812369B - A kind of traceable anonymous authentication method based on elliptic curve - Google Patents

A kind of traceable anonymous authentication method based on elliptic curve Download PDF

Info

Publication number
CN105812369B
CN105812369B CN201610146528.9A CN201610146528A CN105812369B CN 105812369 B CN105812369 B CN 105812369B CN 201610146528 A CN201610146528 A CN 201610146528A CN 105812369 B CN105812369 B CN 105812369B
Authority
CN
China
Prior art keywords
signature
node
message
ring
elliptic curve
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201610146528.9A
Other languages
Chinese (zh)
Other versions
CN105812369A (en
Inventor
舒磊
常芬
王良民
陈媛芳
傅树霞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong University of Petrochemical Technology
Original Assignee
Guangdong University of Petrochemical Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong University of Petrochemical Technology filed Critical Guangdong University of Petrochemical Technology
Priority to CN201610146528.9A priority Critical patent/CN105812369B/en
Publication of CN105812369A publication Critical patent/CN105812369A/en
Application granted granted Critical
Publication of CN105812369B publication Critical patent/CN105812369B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Abstract

The present invention discloses a kind of traceable anonymous authentication method based on elliptic curve, and method includes system initialization and key generation phase, anonymity signature generation stage, signature authentication stage, the stage of link and nodes keep track stage.The present invention improves the ring signatures algorithm in data signature process, by ring signatures in conjunction with elliptic curve, and increases its link property, while providing the traceability to malicious node, to guarantee efficiently and accurately to find malicious node, improves the safety of network.There are no critical value is needed, efficient hop-by-hop message authentication mechanisms are provided.It can solve the problems, such as the sending node privacy leakage in wireless sensor network, while ensure to send the authenticity and integrity of message, malicious node can be tracked when necessary.

Description

A kind of traceable anonymous authentication method based on elliptic curve
Technical field
It is especially a kind of based on oval bent the present invention relates to the safe information transmission technical field in wireless sensor network The traceable anonymous authentication method of line.
Background technique
About wireless sensor network
Wireless sensor network sensor section generally limited by one or more resourceful base stations and vast resources Point composition.For self-organizing and adaptive group being formed under different scenes to detect, collect, handle and transmit data.Due to Sensor network easily disposes, self-organizing, the easily distinguishing features such as camouflage and strong fault tolerance, answers it widely in civil and military field With.
The application of wireless sensor network mainly has at present:
(1) military field.For monitoring hostile forces and equipment, the real-time status in battlefield and search enemy and attack.
(2) agriculture field.China is used as a large agricultural country, and the high quality and yield of crops have weight to expanding economy It is big to influence.Wireless sensor network has apparent technical advantage in agricultural.The filling of wireless sense network monitoring crop can be used Irrigate state, the air quality of the earth and detection Earth Surface situation.
(3) environment measuring.Environmental protection is always the hot spot of whole world concern.Wireless sensor network can be used for tracking open country Radix Rehmanniae area rare animal and the existence habit for detecting them;For monitoring water quality in real time;And area occurs temporarily for earthquake Emergency communication etc..
(4) building field.The real time status, highway and overpass of bridge can be monitored using sensor network.It is suitable When sensor, as piezoelectric transducer, acceleration transducer, ultrasonic sensor, humidity sensor can cooperate with supervise Survey building structure.
(5) medical domain.Sensor network shows in detection human physiological's data, old man's physical condition and drug control Well.In virtual-sensor intelligent hospital scene, medical services are made of three simple sensors to provide medical condition Monitoring, position tracking and periphery monitoring.
(6) smart home.The design object of Intelligent house system is connection intelligentized Furniture, they can be transported automatically in this way Row and cooperation, for occupant provide convenience as much as possible and comfortably.
Application with wireless sensor network in above each field, the safety of wireless sensor network is also by pass Note.When a sensor network disposition is in unattended or hostile environment, opponent may be captured and pmc sensor section Point, or the sensor node of oneself is injected into network, and network is promoted to receive these illegal nodes as legitimate node.Once Some sensor nodes are controlled, and opponent can start the various attacks from internal network.Therefore, the hair in wireless sensor network It send node privacy leakage problem, how to guarantee to send the authenticity and integrity of message and to how chasing after malicious node Track becomes the emphasis of our researchs.
About ring signatures technology
2001, Rivest etc. was put forward for the first time ring signatures.Then, article proposes that many structures are improved, performance mentions in succession High ring signatures scheme.Ring signatures scheme allows signer to cooperate with other members anonymity signature information, the real signature of message The anonymous collection that person and other members are constituted is referred to as " ring ".It is a kind of without manager, not the establishment process of group, to user For full energy matries simplification group ranking.Any one member uses the private key of oneself with the public key of other ring members in ring, and It needs not move through their agreement and can represent entire ring and sign, and only know signature from this ring simultaneously for verifier Do not know that who is real signer.Conventional ring signatures are un-linkables, that is to say, that nobody can determine that two ring label Name is generated by identical signer.
2004, Liu et al. proposed a kind of ring signatures scheme of variant, created linkable ring signature.This concept Under, the identity of the signer of ring signatures is still anonymous, but if two ring signatures are signed by identical signer, that The two signatures are linkable.Application of the linkable ring signatures in wireless sense network attracts attention, because wireless pass No authoritative center or trusted third party, the formation of group are spontaneous in sense net.When authenticator wonders the sending node of message Whether when being same node, linkable ring signature can meet the needs of under these scenes.So in wireless sense network, Ring signatures are a good candidates as anonymous authentication tool.
About Elliptic Curve Cryptography
1985, Neal Koblitz and Victor Miller respectively independently proposed a kind of common key cryptosystem, referred to as Elliptic curve cipher system (Elliptic Curve Cryptosystem, ECC).ECC is with its less system parameter, key Short and small, low bandwidth realizes the characteristics such as quick, low energy consumption and smaller hardware processor demand, it is shown that its superior performance.Cause This, mono- safe and efficient cryptographic system of Yao Jianli is fitted like a glove using ECC.
Elliptic curve applied to cryptography generally uses the elliptic curve of mould prime number, and p is a prime number greater than 3, Fp It is the finite field of mould p.FpOn curve E is defined as: y2=x3+ax+b mod p;Wherein a, b ∈ FpAnd meet 4a2+27b3≠ 0mod p.It is the point on curve E if number even (x, y) meets above formula, defining ∞ is the infinite point on E.It is assumed that G=(xG, yG) be on curve generation member, rank be N it is sufficiently large.
As a public key encryp, elliptic curve cryptography system also has the characteristics that all of public key encryp.It is public The encryption both sides of key encryption system require two keys: public key and private key.The public key of each party is all the private key by oneself It obtains, encrypting plaintext when will use the public key of other side, and the private key of oneself is used when decrypting ciphertext.
The various message authentication methods based on symmetric-key cryptography and public-key cryptosystem are proposed in recent years.So And there is higher calculating and communication overhead in the most of of these methods, and crack attack to node and lack scalability And elasticity.And lack link property under some application scenarios, it is not strong to the traceability for the node that is cracked.
Summary of the invention
The technical problem to be solved in the present invention are as follows: be based on elliptic curve cryptography, realized using ring signatures technology anonymous Communication, solves the problems, such as sending node privacy leakage in wireless sensor network, it is ensured that send the authenticity and integrity of message;Simultaneously By adding some additional information in ring signatures, the cooperation tracking signer of nodes all in ring can be passed through if necessary True identity solves the problems, such as that signer identity can not track.
The technical solution that the present invention takes specifically: a kind of traceable anonymous authentication method based on elliptic curve, nothing Each node in line sensing network is separately connected Sink node, and method includes:
One, key generation phase:
Assuming that G=(xG,zG) it is generation member on elliptic curve, wherein the discrete logarithm problem based on elliptic curve is difficult Solution problem, it is assumed that H1:{0,1}*→ G and H2:{0,1}*→Zp *It is two hash functions;Common parameter are as follows: param=(G, H1, H2);
It is assumed that the sender A of messagekWant the anonymous message m that sends to other nodes, it is assumed that there is n node in ring, it is anonymous Node collection S={ A1,A2,…,Ak,…,An, node A is not distinguishediWith its public key QiIn the case where, anonymous node collection, that is, public key Collect R={ Q1,Q2,...,Qk,...,Qn};Node AkAn integer d is selected at randomk=[1, N-1] is used as private key, and N is one big Prime number, calculate node AkPublic key Qk=dk×G;
The parameter in following stage: n is member node number in ring;T is an intermediate result value of algorithm, is in signature One part, to the link detection signed;I is equivalent to the subscript of ring members node;R is the random big of random function generation Number;Si, ci are also the random number generated by random function, correspond to respective subscript;G is the upper generation member of elliptic curve; Xi, zi are cross, the ordinate value by the point on the elliptic curve that is calculated;Yi is an intermediate result value of algorithm, right Answer corresponding subscript.
Two, anonymity signature generates the stage:
(2.1) h=H (Q is calculated1,Q2,…,Qk,…,Qn), H is hash function;
(2.2) it calculates
(2.3) random number r, s is selectedi、ci∈Zp *, i ∈ [1, n], i ≠ k;
(2.4) (x is calculatedi,zi)=siG+ciQi,
(2.5) (x is calculatedk,zk)=rG, yk=hr
(2.6) it calculatessk=r-ck dk
(2.7) output signature is σ=(t, s1,…,sn,c1,…,cn);
More than, n is member node number in ring;T is an intermediate result value of algorithm, is a part in signature, uses It is detected with the link of signature;I is equivalent to the subscript of ring members node;R is the random big number that random function generates;si, ciIt is also The random number generated by random function, corresponds to respective subscript;G is the upper generation member of elliptic curve;xi,ziIt is by meter Cross, the ordinate value of point on obtained elliptic curve;yiIt is an intermediate result value of algorithm, corresponding corresponding subscript;
Three, the signature authentication stage:
For ring R={ Q1,Q2,…,Qk,…,Qn, message m and signature sigma to be verified=(t, s1,…,sn,c1,…, cn),
3.1 after the recipient of message receives signature information, and recipient is checked as follows:
A checks whether public key Qi≠ ∞, i=1 ..., n, if otherwise signature is invalid;
B checks public key Qi, i=1 ..., n, if on elliptic curve, if otherwise signature is invalid;
C checks for positive integer M and makes MQi=∞, i=1 ..., n, if otherwise signature is invalid;
It 3.2 above-mentioned inspections and then proceeds as follows:
3.2.1 h=H (Q is calculated1,Q2,…,Qk,…,Qn), (xi,zi)=siG+ciQi,
3.2.2 check whether following equatioies are true:
If equation is set up, 1 is exported, i.e. signature authentication passes through, and otherwise exports 0, i.e. signature authentication does not pass through;
Four, the nodes keep track stage;
For signature unauthenticated in the signature authentication stage, the message received is transmitted to by the receiving node of message Sink node;
After sink node receives the message that forwarding comes, it is assumed that its signature received is σ=(t, s1,…,sn,c1,…,cn), Sink node performs the following operation:
According to the ring R={ Q of information signature1,Q2,…,Qk,…,Qn, member node in sink node and ring one by one into The primary interaction of row, i.e. sink node Xiang Huanzhong member send querying command, and member sends to sink node and disappears through anonymous in ring Breath;
Compared with not carried out one by one by the signature of signature authentication with the signature for the anonymous message that current ring members are sent; The ring members collection as selected by same sending node is identical, so t value is identical in the signature of same node signature different messages, accordingly The node that unverified message can be found completes the tracking of node.
Further, the invention also includes the link stages:
For giving ring R={ Q1,Q2,…,Qk,…,QnAnd two anonymity signature σ=(t, s1,…,sn,c1,…,cn) With σ '=(t ', s '1,…,s′n,c′1,…,c′n);The recipient of signature signs to the two execute signature verification algorithm first, Two signatures are all effectively, then to extract t and t' respectively in the two signatures;Then whether equal compare t and t', if phase Deng, then the two signatures are generated by the same signer, otherwise the two signature un-linkables.
Further, sink node is connected with security server in the present invention, and in the nodes keep track stage, sink node will The anonymous information signature that the information signature received and each ring members return is sent to the comparison that security server is signed, into And complete the tracking of node.
Existing some schemes share private key offer entity authentication end to end between utilizing two nodes, this means that only Recipient is just able to verify that the authenticity of message.That is, intermediate node not can be carried out message authentication, can only forward message until Message is finally authenticated by recipient node.This not only consumes the energy of additional sensor, but also also adds network collision, reduces Message transmission rate.
Compared with prior art, beneficial effects of the present invention are that the certification of intermediate node can be achieved, as long as intermediate node occurs The unauthenticated situation of message, then abandon message, so as to resist simultaneously Denial of Service attack.
The present invention improves the ring signatures algorithm in data signature process simultaneously, by ring signatures and elliptic curve knot It closes, from its link property, completes to improve the safety of network to the traceability of malicious node.Also, signature generates rank The ECC of section, which multiplies, adds as n-1 for 2n-1, ECC, and it is identical that cost is calculated compared with the existing ring signatures based on elliptic curve, and makes Only need 2 n times compared with before small compared to cost (wherein, n is membership in ring) with the number of hash function.
Detailed description of the invention
Fig. 1 show wireless sensor network model schematic of the present invention;
Fig. 2 show the method for the present invention flow diagram.
Specific embodiment
It is further described below in conjunction with the drawings and specific embodiments.
Referring to FIG. 1, the present invention is based on the application foundations of the traceable anonymous authentication method of elliptic curve are as follows: wireless to pass The Sink felt in network is aggregation node, is mainly responsible for the connection of sensor network and outer net, can also regard gateway node as;Sink section Point can give complicated calculating trustship to security server processing, be the gateway for connecting wireless sensor network and outer net;
With reference to Fig. 2, the method for the present invention before application, carries out system initialization first, generates initialization by security server Parameter, security server are responsible for generating in entire signature and Verification System, storage, distribute security parameter.
The method of the present invention includes:
One, and key generation phase:
Assuming that G=(xG,zG) it is generation member on elliptic curve, wherein the discrete logarithm problem based on elliptic curve is difficult Solution problem, it is assumed that H1:{0,1}*→ G and H2:{0,1}*→Zp *It is two hash functions;Common parameter are as follows: param=(G, H1, H2);
It is assumed that the sender A of messagekWant the anonymous message m that sends to other nodes, without loss of generality, it is assumed that have n in ring A node, anonymous node collection S={ A1,A2,…,Ak,…,An, the present invention does not distinguish node AiWith its public key Qi, therefore also have Anonymous node collection, that is, public key sets R={ Q1,Q2,...,Qk,...,Qn};Node AkAn integer d is selected at randomkMake=[1, N-1] For private key, N is a Big prime, calculate node AkPublic key Qk=dk×G;
Two, anonymity signature generates the stage:
Node AkMessage m is sent, private key d is produced in step 1k=[1, N-1] and sending node AkIt is randomly selected Ring members public key (Q1,Q2,…,Qk,…,Qn), in order to generate an effective signature, AkIt follows the steps below:
(2.1) h=H (Q is calculated1,Q2,…,Qk,…,Qn), H here is hash function, such as SHA-1;
(2.2) it calculates
(2.3) random number r, s is selectedi、ci∈Zp *, i ∈ [1, n], i ≠ k;
(2.4) (x is calculatedi,zi)=siG+ciQi,
(2.5) (x is calculatedk,zk)=rG, yk=hr
(2.6) it calculatessk=r-ck dk
(2.7) output signature is σ=(t, s1,…,sn,c1,…,cn);
Three, the signature authentication stage:
For ring R={ Q1,Q2,…,Qk,…,Qn, message m and signature sigma to be verified=(t, s1,…,sn,c1,…, cn),
3.1 after the recipient of message receives signature information, and recipient will be checked as follows:
A checks whether public key Qi≠ ∞, i=1 ..., n;If otherwise signature is invalid;
B checks public key Qi, i=1 ..., n, if on elliptic curve, if otherwise signature is invalid;
C checks for positive integer M and makes MQi=∞, i=1 ..., n, if otherwise signature is invalid;
It 3.2 above-mentioned inspections and then proceeds as follows:
3.2.1 h=H (Q is calculated1,Q2,…,Qk,…,Qn), (xi,zi)=siG+ciQi,
3.2.2 check whether following equatioies are true:
If equation is set up, 1 is exported, i.e. signature authentication passes through, and otherwise exports 0, i.e. signature authentication does not pass through;
Four, the nodes keep track stage;
For signature unauthenticated in the signature authentication stage, the message received is transmitted to by the receiving node of message Sink node;
After sink node receives the message that forwarding comes, it is assumed that its signature received is σ=(t, s1,…,sn,c1,…,cn), Sink node performs the following operation:
According to the ring R={ Q of information signature1,Q2,…,Qk,…,Qn, member node in sink node and ring one by one into The primary interaction of row, i.e. sink node Xiang Huanzhong member send querying command, and member sends to sink node and disappears through anonymous in ring Breath;
Compared with not carried out one by one by the signature of signature authentication with the signature for the anonymous message that current ring members are sent; The ring members collection as selected by same sending node is identical, so t value is identical in the signature of same node signature different messages, accordingly The node that unverified message can be found completes the tracking of node.Specifically, sink node is carrying out letter with ring members After breath exchange, security server is transferred to handle the process of signature link.
The process that security server links signature is as follows:
For giving ring R={ Q1,Q2,…,Qk,…,QnAnd two effective anonymity signatures, i.e., do not recognized by signature The signature sigma of card=(t, s1,…,sn,c1,…,cn) and each ring members return anonymous message in signature sigma '=(t ', s ′1,…,s′n,c′1,…, c′n);The t and t' in two signatures are extracted respectively, and whether equal, if phase if then comparing t and t' Deng then the two signatures are generated by the same signer, otherwise the two signature un-linkables, i.e., non-same signer produces It is raw.
When recipient has found that sender sends malicious messages, step refers to the above nodes keep track and signature link process, For giving ring R={ Q1,Q2,…,Qk,…,QnAnd malicious messages signature sigma=(t, s1,…,sn,c1,…,cn), He Gehuan Signature sigma '=(t ', s ' in anonymous message that member returns1,…,s′n,c′1,…,c′n);The t in two signatures is extracted respectively And t', then compare whether t and t' is equal, if equal, the two signatures are generated by the same signer, it can be complete The tracking of the node of malicious messages is sent in pairs.

Claims (3)

1. a kind of traceable anonymous authentication method based on elliptic curve, each node in wireless sensor network is separately connected Sink node, characterized in that method includes:
One, key generation phase:
Assuming that G=(xG,zG) be on elliptic curve generation member, wherein the discrete logarithm problem based on elliptic curve is to be difficult to resolve to ask Topic, it is assumed that H1:{0,1}*→ G and H2:{0,1}*→Zp *It is two hash functions;Common parameter are as follows: param=(G, H1,H2);
It is assumed that the sender A of messagekWant the anonymous message m that sends to other nodes, it is assumed that have n node, anonymous node collection in ring S={ A1,A2,…,Ak,…,An, node A is not distinguishediWith its public key QiIn the case where, anonymous node collection, that is, public key sets R= {Q1,Q2,...,Qk,...,Qn};Node AkAn integer d is selected at randomk=[1, N-1] is used as private key, and N is a Big prime, Calculate node AkPublic key Qk=dk×G;
Two, anonymity signature generates the stage:
(2.1) h=H (Q is calculated1,Q2,…,Qk,…,Qn), H is hash function;
(2.2) it calculates
(2.3) random number r, s is selectedi、ci∈Zp *, i ∈ [1, n], i ≠ k;
(2.4) it calculates
(2.5) (x is calculatedk,zk)=rG, yk=hr
(2.6) it calculatesi≠k;sk=r-ckdk
(2.7) output signature is σ=(t, s1,…,sn,c1,…,cn);
Three, the signature authentication stage:
For ring R={ Q1,Q2,…,Qk,…,Qn, message m and signature sigma to be verified=(t, s1,…,sn,c1,…,cn),
3.1 after the recipient of message receives signature information, and recipient is checked as follows:
A checks whether public key Qi≠ ∞, i=1 ..., n, if otherwise signature is invalid;
B checks public key Qi, i=1 ..., n, if on elliptic curve, if otherwise signature is invalid;
C checks for positive integer M and makes MQi=∞, i=1 ..., n, if otherwise signature is invalid;
It 3.2 above-mentioned inspections and then proceeds as follows:
3.2.1 h=H (Q is calculated1,Q2,…,Qk,…,Qn), (xi,zi)=siG+ciQi,(i=1 ..., n);
3.2.2 check whether following equatioies are true:
If equation is set up, 1 is exported, i.e. signature authentication passes through, and otherwise exports 0, i.e. signature authentication does not pass through;
Four, the nodes keep track stage;
For signature unauthenticated in the signature authentication stage, the message received is transmitted to sink section by the receiving node of message Point;
After sink node receives the message that forwarding comes, it is assumed that its signature received is σ=(t, s1,…,sn,c1,…,cn), sink Node performs the following operation:
According to the ring R={ Q of information signature1,Q2,…,Qk,…,Qn, sink node carries out once one by one with the member node in ring Interaction, i.e. sink node Xiang Huanzhong member send querying command, and member sends to sink node through anonymous message in ring;
Compared with not carried out one by one by the signature of signature authentication with the signature for the anonymous message that current ring members are sent;Due to Ring members collection selected by same sending node is identical, so t value is identical in the signature of same node signature different messages, accordingly The node for finding unverified message completes the tracking of node.
2. according to the method described in claim 1, it is characterized in that, further include the link stage:
For giving ring R={ Q1,Q2,…,Qk,…,QnAnd two anonymity signature σ=(t, s1,…,sn,c1,…,cn) and σ ' =(t ', s '1,…,s′n,c′1,…,c′n);The recipient of signature signs to the two execute signature verification algorithm first, and two Signature is all effectively, then to extract t and t' respectively in the two signatures;Then whether equal compare t and t', if equal, The two signatures are generated by the same signer, otherwise the two signature un-linkables.
3. according to the method described in claim 1, it is characterized in that, sink node is connected with security server, in nodes keep track rank The anonymous information signature that the information signature received and each ring members return is sent to security server and carried out by section, sink node The comparison of signature, and then complete the tracking of node.
CN201610146528.9A 2016-03-15 2016-03-15 A kind of traceable anonymous authentication method based on elliptic curve Expired - Fee Related CN105812369B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610146528.9A CN105812369B (en) 2016-03-15 2016-03-15 A kind of traceable anonymous authentication method based on elliptic curve

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610146528.9A CN105812369B (en) 2016-03-15 2016-03-15 A kind of traceable anonymous authentication method based on elliptic curve

Publications (2)

Publication Number Publication Date
CN105812369A CN105812369A (en) 2016-07-27
CN105812369B true CN105812369B (en) 2019-09-10

Family

ID=56468393

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610146528.9A Expired - Fee Related CN105812369B (en) 2016-03-15 2016-03-15 A kind of traceable anonymous authentication method based on elliptic curve

Country Status (1)

Country Link
CN (1) CN105812369B (en)

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI625643B (en) * 2016-09-14 2018-06-01 國立勤益科技大學 Anonymity based authentication method for wireless sensor networks
CN108075895B (en) * 2016-11-15 2020-03-24 深圳银链科技有限公司 Node permission method and system based on block chain
CN106779704A (en) * 2016-12-06 2017-05-31 杭州趣链科技有限公司 A kind of block chain anonymous deal method based on ring signatures
CN106506156B (en) * 2016-12-15 2018-08-03 北京三未信安科技发展有限公司 A kind of distributed Threshold Signature method based on elliptic curve
CN106899698B (en) * 2017-04-11 2020-12-18 张铮文 Cross-chain interoperation method between block chains
CN107609417B (en) * 2017-08-29 2019-12-20 北京航空航天大学 Anonymous message sending system and method for auditing and tracking
WO2019071457A1 (en) * 2017-10-11 2019-04-18 深圳大学 Condition traceable user signing method and system in crypto currency
CN107835082B (en) * 2017-12-15 2020-05-22 河海大学 Traceable ring signature authentication protocol based on identity
GB201817506D0 (en) * 2018-03-02 2018-12-12 Nchain Holdings Ltd Computer implemented method and system
CN110278081B (en) * 2018-03-14 2021-09-17 西安西电捷通无线网络通信股份有限公司 Control method and device for group digital signature
CN109688119B (en) * 2018-12-14 2020-08-07 北京科技大学 Anonymous traceability identity authentication method in cloud computing
CN109815728B (en) * 2018-12-21 2020-12-11 暨南大学 Block chain-based fair contract signing method with privacy protection function
CN109727031B (en) * 2018-12-27 2021-10-19 数据通信科学技术研究所 Anonymous digital currency transaction supervision method with hidden center
CN110225023B (en) * 2019-06-06 2021-04-20 湖南大学 Traceable anonymous authentication method and traceable anonymous authentication system
CN110867012A (en) * 2019-11-15 2020-03-06 哈尔滨工业大学(深圳) Method, device and system for de-centering electronic voting based on intelligent contract and storage medium
CN111130758B (en) * 2020-02-03 2021-07-06 电子科技大学 Lightweight anonymous authentication method suitable for resource-constrained equipment
CN112288579B (en) * 2020-12-24 2021-05-04 北京百度网讯科技有限公司 Block chain-based carbon emission reduction treatment method, device, equipment and storage medium
CN112699395B (en) * 2021-01-14 2023-06-06 暨南大学 Attribute-based anonymous authentication method capable of chasing responsibility for fine-grained access control
CN116743396B (en) * 2023-08-14 2023-11-03 深圳奥联信息安全技术有限公司 Optimized ring signature method and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102377565A (en) * 2010-08-06 2012-03-14 陈国敏 Linkable ring signature method based on appointed verifier
CN102684885A (en) * 2012-05-25 2012-09-19 孙华 Identity-based threshold ring signature method
CN103780385A (en) * 2012-10-23 2014-05-07 航天信息股份有限公司 Blind signature method based on elliptic curve and device thereof
CN104967517A (en) * 2015-07-24 2015-10-07 电子科技大学 Network data aggregation method for wireless sensor

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20120071884A (en) * 2010-12-23 2012-07-03 한국전자통신연구원 Ring signature method based on lattices

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102377565A (en) * 2010-08-06 2012-03-14 陈国敏 Linkable ring signature method based on appointed verifier
CN102684885A (en) * 2012-05-25 2012-09-19 孙华 Identity-based threshold ring signature method
CN103780385A (en) * 2012-10-23 2014-05-07 航天信息股份有限公司 Blind signature method based on elliptic curve and device thereof
CN104967517A (en) * 2015-07-24 2015-10-07 电子科技大学 Network data aggregation method for wireless sensor

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
《Ad Hoc网络中环签名的研究与应用》;吴云天;《中国优秀硕士学位论文全文数据库信息科技辑》;20120315(第3期);全文
《Improved Ring Signature Scheme Based on Hyper-elliptic Curves》;Xuanwu Zhou;《IEEE》;20100115;全文
《保护用户隐私的可否认的密码算法研究》;曾晟珂;《中国博士学位论文全文数据库信息科技辑》;20131115(第11期);全文

Also Published As

Publication number Publication date
CN105812369A (en) 2016-07-27

Similar Documents

Publication Publication Date Title
CN105812369B (en) A kind of traceable anonymous authentication method based on elliptic curve
Lin et al. HomeChain: A blockchain-based secure mutual authentication system for smart homes
Malani et al. Certificate-based anonymous device access control scheme for IoT environment
Kumar et al. ECCAuth: A secure authentication protocol for demand response management in a smart grid system
Zhang et al. A lightweight authentication and key agreement scheme for Internet of Drones
Wazid et al. AKM-IoV: Authenticated key management protocol in fog computing-based Internet of vehicles deployment
Wazid et al. LAM-CIoT: Lightweight authentication mechanism in cloud-based IoT environment
Shin et al. A privacy-preserving authentication, authorization, and key agreement scheme for wireless sensor networks in 5G-integrated Internet of Things
Das et al. Taxonomy and analysis of security protocols for Internet of Things
Garg et al. Toward secure and provable authentication for Internet of Things: Realizing industry 4.0
Al-Turjman et al. Seamless key agreement framework for mobile-sink in IoT based cloud-centric secured public safety sensor networks
Cui et al. HCPA-GKA: A hash function-based conditional privacy-preserving authentication and group-key agreement scheme for VANETs
Zhang et al. LVPDA: A lightweight and verifiable privacy-preserving data aggregation scheme for edge-enabled IoT
CN109412790B (en) User authentication and key agreement system and method facing to Internet of things
Bera et al. Access control protocol for battlefield surveillance in drone-assisted IoT environment
Chatterjee et al. An effective ECC‐based user access control scheme with attribute‐based encryption for wireless sensor networks
Kong et al. Achieving privacy-preserving and verifiable data sharing in vehicular fog with blockchain
Gupta et al. Quantum-defended blockchain-assisted data authentication protocol for internet of vehicles
Xiong et al. CPPA-D: Efficient conditional privacy-preserving authentication scheme with double-insurance in VANETs
Eddine et al. EASBF: An efficient authentication scheme over blockchain for fog computing-enabled internet of vehicles
Yu et al. SLAP-IoD: Secure and lightweight authentication protocol using physical unclonable functions for internet of drones in smart city environments
Jiang et al. A bilinear pairing based anonymous authentication scheme in wireless body area networks for mHealth
Farash Cryptanalysis and improvement of an efficient mutual authentication RFID scheme based on elliptic curve cryptography
Chaudhry et al. PFLUA-DIoT: A pairing free lightweight and unlinkable user access control scheme for distributed IoT environments
Chaudhry et al. An anonymous device to device access control based on secure certificate for internet of medical things systems

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20190910

Termination date: 20200315