CN105847008B - A kind of anonymity booking method - Google Patents

A kind of anonymity booking method Download PDF

Info

Publication number
CN105847008B
CN105847008B CN201610156487.1A CN201610156487A CN105847008B CN 105847008 B CN105847008 B CN 105847008B CN 201610156487 A CN201610156487 A CN 201610156487A CN 105847008 B CN105847008 B CN 105847008B
Authority
CN
China
Prior art keywords
token
user
client
module
login
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610156487.1A
Other languages
Chinese (zh)
Other versions
CN105847008A (en
Inventor
张子剑
陈明新
祝烈煌
佟安格
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Technology BIT
Original Assignee
Beijing Institute of Technology BIT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Technology BIT filed Critical Beijing Institute of Technology BIT
Priority to CN201610156487.1A priority Critical patent/CN105847008B/en
Publication of CN105847008A publication Critical patent/CN105847008A/en
Application granted granted Critical
Publication of CN105847008B publication Critical patent/CN105847008B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3257Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • H04L9/3213Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

A series of a kind of anonymity purchase agreements and its system, comprising the following steps: 1. servers generate system major parameters as logged in period and its public and private key information;2. user and server interact, registration process is executed, process user provides the interval time ordered, and pays corresponding expense, and a legal signature is obtained from ISP;3. user is logged in using the signature, entry stage is logged according to the fixed login period, and is carried out one to signature and blinded operation, generate the current token for logging in the period, it is logged in, logging in end cycle will carry out next period, and replacement token is logged in;4. anonymous agreement provides an attended operation, when being not required to association, user may be selected to execute;It is executable to publish operation 5. user is not desired to visit again service;It include the inspection to expired time and in login and access phase, user can not log in again if if the order time, interval is out of date, guarantee the interests of ISP.

Description

A kind of anonymity booking method
Technical field
The present invention relates to a kind of anonymous booking method, belongs to anonymous authentication, signature technology and order technical field.
Background technique
It is accessed using real name mode to the service of order, although can guarantee practicability, privacy of user can be exposed Information.Therefore, in recent years, there are anonymous purchase agreements.Anonymous purchase agreements generally comprise three participants: user (Customer), ordering authorization side (Vendor) and service provider (Supplier);Wherein, user is intended to access order One side of service;Ordering authorization side provides access mandate;Service provider is the provider for the service of ordering.Anonymous purchase agreements tool Body implementation process includes two steps: 1) Customer obtains anonymous ordering authorization to Vendor, is equivalent to an anonymous credential;2) Customer provides legal subscription rights identity to Supplier and accesses Supplier, obtains the service that Supplier is provided. Herein it is noted that (1) Customer uses different tokens when accessing Supplier every time, this token and acquisition Anonymous credential it is related;(2) in many actual anonymous purchase agreements, Vendor and Supplier are same sides.
Canard S and Jambert A in 2010 proposes typical anonymous order system being divided into two classes: (I) user can be with Payment or disposable payment when each access services, so as to access the service until the number fixed;(II) user is paying Fei Houke optionally accesses ordered service in the period at a fixed time, and anonymity purchase agreements proposed by the present invention belong to the Two classes.
Generally there are two evaluation indexes for anonymous purchase agreements and its application system: system reliability and user anonymity.Institute Meaning system reliability is to refer to guarantee that a service provider can obtain costs reimbursement appropriate, guarantees its commercial operation, It cannot allow anyone that can go to access its resource, the user only having subscribed could access and use, and the same time one Account cannot be logged in repeatedly, while can accomplish the limitation of term of validity, guarantee the interests of service provider;User anonymity is Refer to that behavior of the individual privacy for guaranteeing user in the service of ordering is not tracked by service provider, herein, the individual of user is hidden Mainly the personal preference including user and user are accustomed to personal letter breath.
Existing anonymity purchase agreements research focuses primarily upon solution privacy of user in ordering service process and is leaked to clothes The problem of business provider.By deep retrieval, such as with anonymous purchase agreements and its biggish several papers of the application system degree of association Under:
(1) paper: Lee M Z, Dunn A M, Waters B, et al.Anon-pass:Practical anonymous subscriptions[C]//Security and Privacy(SP),2013IEEE Symposium on.IEEE,2013: 319-333;The anonymous purchase agreements proposed in the paper, the token that can guarantee that user logs in each time is all different, guarantees User behavior is not associated, and is improved in efficiency larger.However, the scheme of the paper can not but accomplish the limit for effectively ordering the time limit System, not can guarantee the reliability of system, cause user that can get rid of the limitation for effectively ordering the time limit, to damage service provider Interests;
(2) paper: Blanton M.Online subscriptions with anonymous access [C] // Proceedings of the 2008ACM symposium on Information,computer and communications security.ACM,2008:217-227;The anonymous purchase agreements proposed in the paper, to guarantee to use Each behavior at family is not tracked, log in every time all generate one it is new without used token, it is therefore desirable to will before make Used token storage.However, memory space is increasing as token storage is continuously increased, while checking token whether Also more by use required time, low efficiency is impracticable;
(3) paper: Ramzan Z, Ruhl M.Protocols for anonymous subscription services [J].Unpublished manuscript,2000,39;Server needs to store all orders having been used in the paper Board, and each user sends multiple tokens in the interactive Shi Huixiang server that accesses every time and is obscured to guarantee user's Anonymity.However as being increasing for number of users, server needs the token stored also can be more and more, causes storage empty Between it is excessive;
(4) paper: Camenisch J, Lysyanskaya A.Signature schemes and anonymous credentials from bilinear maps[C]//Advances in Cryptology-CRYPTO 2004.Springer Berlin Heidelberg,2004:56-72;Hideing based on CL algorithm is proposed based on bilinear map Name signature mechanism, provides important references for signature calculation of the invention;
(5) paper: Dodis Y, Yampolskiy A.A verifiable random function with short proofs and keys[M]//Public Key Cryptography-PKC 2005.Springer Berlin Heidelberg,2005:416-431;The method that a pseudo-random function (PRF) generates token is provided, is order of the invention Board calculating provides important references.In addition, Zero Knowledge described in following two document is utilized in the agreement that the present invention is mentioned:
(1)Blum M,Feldman P,Micali S.Non-interactive zero-knowledge and its applications[C]//Proceedings of the twentieth annual ACM symposium on Theory of computing.ACM,1988:103-112.
(2)Boudot F.Efficient proofs that a committed number lies in an interval[C]//Advances in Cryptology—EUROCRYPT 2000.Springer Berlin Heidelberg,2000:431-444.
Existing anonymous purchase agreements above-mentioned and system all have that operation time is longer, memory space is excessive. And all have a similar hypothesis: i.e. hypothesis anonymous payment has practicability, because needing to carry out expense when carrying out anonymous order With payment, in order to guarantee the privacy of user's payment accounts, current programme all uses anonymous payment to carry out, such as bit coin, electronics The means of payment such as cash.However, these anonymous payment modes are not used as common electronic payment mode by ordinary populace, i.e., do not have Standby practicability.
Although above-mentioned anonymous order can protect privacy of user in being applied to video order service scenarios, these bases In the token of cryptography generate and verification mode that there is amount of storage is big, time-consuming, the means of payment is impracticable and does not consider to limit Work out the defect in purchase time limit, it is necessary to be based on particular video frequency online ordering demand scene, explore anonymous purchase agreements and user is hidden Private does not steal more effective agreement and system by service provider or the external world.
Summary of the invention
It is an object of the invention to guarantee that user's online activity is not monitored in anonymous purchase agreements, can prevent user simultaneously Between repeatedly log in, and consider user effectively order the time limit: effective protection privacy of user and service provider's equity can be taken into account;And It further decreases amount of storage and calculates time-consuming, propose a kind of anonymous booking method.
A kind of anonymous booking method proposed by the invention, core concept is: user is to service provider (abbreviation SP) After ordering certain type of online service (mainly include e-book, music and film), a kind of anonymity proposed by the present invention is ordered 1) purchase agreement and its system mainly have the feature that using zero-knowledge proof, CL signature and periodic replacement current token With empty current database;So that the system realization of agreement has the characteristics that low amount of storage and low calculating are time-consuming;2) user can be Any moment anonymously accesses, and is recorded without having to worry about factum, and in access process, SP can not have been obtained Any information for closing user real identification, also cannot achieve the association to user access activity;3) at the same time, the present invention is mentioned Agreement and its system can also prevent user from repeatedly logging in and protecting the equity of SP with the time: the user that system does not allow to cheat carries out Overdraw is attempted to get rid of the limitation for effectively ordering the time limit.
The present invention is achieved by the following technical solutions.
A kind of anonymous order system that a kind of anonymous booking method of the present invention is relied on includes server end and client;Clothes Business device end includes parameter setting module, location registration process module, login process module, connection processing module, logs in end cycle again Module publishes processing module, transmission process module and database;Wherein, type of database be mainly Redis, mysql or Oracle, it includes current database (Cur database) and lower cycle data library (Next database) again;Client includes registration Module, link block, publishes module and request and access modules at login module;
A kind of installation process of each module of anonymous order system of the present invention is as follows: the server end is mounted on the service of SP On device;The client is mounted on the computer of user;
The function of each comprising modules is as follows in a kind of anonymous order system of the present invention:
The function of parameter setting module are as follows: mainly generate the necessary system parameter of server end and agreement need to be implemented it is close Key information;The function of registration module are as follows: user sends registration request by client and mainly sends and orders the time started and order Subscription fee is registered and paid to the purchase end time, and receives the order signing messages of server end, generates the anonymity of login Certificate information;The function of location registration process module are as follows: the registration request and pertinent registration of received server-side user terminal registration module Information, and verified, generation order signature is sent to client after collecting subscription fee;The function of login module are as follows: user Anonymous credential information and the generation current login period obtained when being inputted and registered using client, (in the present invention, user only needed It to be manually entered login in first login, token can be replaced automatically every fixed cycle client later and logged in again, if It is perform attended operation not needing then to log in again, subsequent to will continue to illustrate) login token, issue logging request, log at Access service after function, executes request and access modules;The function of login process module are as follows: client is stepped in server reception It records the logging request of module and log in the verifying of token data, and store token after the validation;The function of link block Are as follows: user carries out selection operation when not needing relevance when client is in logging state, sends connection request and life At next token for logging in the period, connection logs in the period next time;Connect the function of processing module are as follows: received server-side client The connection request at end is simultaneously handled;Log in end cycle module function are as follows: server end a login end cycle it Afterwards, more new database token storage state, and enter next login period;Publish the function of module are as follows: user end to server End, which is sent, publishes request and the current token for logging in the period is sent to server end;Publish the function of processing module are as follows: service Device end receives token for publishing request and its current login period of client, and more new database token status;Request with The function of access modules are as follows: after client logins successfully, issue service request to server end and receive the clothes of server end Business information simultaneously accesses;The function of transmission process module are as follows: the service request of received server-side client carries out respective service Coding transmission is to client;
The connection relationship of the order system all modules, as shown in Figure 1, specifically:
Registration module is connected with location registration process module;Login module and login process module, video request and playing module, Link block and publish module be connected;It link block and login module and connect processing module and is connected;It publishes module and logs in Module is connected with processing module is published;Request is connected with access modules with transmission process module;Database module and login process Module, connect processing module, publish processing module and log in end cycle module be connected.
The realization process of the anonymous booking method is as follows:
Step 1: server end generates system parameter and server public key, private key information by parameter setting module;
Step 2: user's registration, which obtains, orders signing messages, detailed process are as follows:
At the end of step 2.1 user is issued registration request and is inputted the predominantly order time started and ordered by client Between information, construction one to order the time started and order the end time non-interactive zero-knowledge proof, be sent to clothes Business device end;
The registration request and zero-knowledge proof of the transmission of step 2.2 received server-side step 2.1 user terminal are simultaneously tested Card, the order time limit sent according to user terminal, which calculates, needs fee charged, sends charge request to client;
Step 2.3 user is initiated after receiving the charge request of step 2.2, using real name payment accounts to server end Payment request carries out reimbursement of expense;
After step 2.4 received server-side to the payment request of step 2.3 client, the payment request of client is handled, It calculates and is generated based on ordering the time started and ordering the signature of end time information after charges success, is i.e. order A.L.S. Breath, and client is sent this information to, which is exactly legitimate anonymous identity foundation when user being used as to log in;
Step 2.5 user receives the order signing messages of step 2.4 server end transmission, is verified, and save label Name information, and form with to order the information based on start and end time and log in anonymous credential information, so far user's registration completion;
Step 3: user logs in client, and access corresponding service, specific steps are as follows:
Step 3.1 then jumps to step 6 when exiting the request of access with user orientation server sending;Otherwise when user is to clothes When business device has access request, user sends logging request by client, and according to the anonymity obtained when registering Certificate and current login period generate a Proxy Signature and a token disposably accessed, and the Proxy Signature and token are sent out Give server end;
Wherein, the token is generated using PRF method;
The Proxy Signature and token that step 3.2 received server-side step 3.1 client is sent, and Proxy Signature is tested Card, checks token, judges that the token whether there is in Cur database, and proceed as follows according to presence or absence:
If 3.2.1 the token is not present, shows that the token is not used by transmission and is proved to be successful information to client, enter Step 3.3;
If 3.2.2 the token exists, show that the token has been used, then show login failure, returns to failure information to visitor Family end returns to the access request that step 3.1 waits user next time;
Step 3.3 client after receiving step 3.2 server end to Proxy Signature and the successful information of token authentication, It reconstructs one and corresponds to the anonymous credential zero-knowledge proof obtained when registration, be sent to server end;
The zero-knowledge proof information to anonymous credential that step 3.4 received server-side step 3.3 client is sent, goes forward side by side Row verifying, is verified and then token is stored in Cur database, and sends and login successfully information;
Step 3.5 client receiving step 3.4 login successfully information after, so far user logins successfully;It can carry out anonymity The corresponding service of access, client executing respective request and access modules, interact, client with server end transmission process module Corresponding service can be obtained;
Service accordingly specifically includes that Video service, electronic music service, electronic chart in the step 3 and step 3.5 Book service, fine definition picture, PPT material and various file types electronic information service;
Step 4: user is attached operation when being in logging state;
Step 4.1, when that need not go relevance, can be attached operation, using current when user is in logging state It logs in token and connects the token that logs in next time, user sends connection request using client, according to anonymous credential and next The period is logged in, generates next token for logging in the period, and send jointly to server end with the current token for logging in the period;
Relevance need not be gone to refer to user's video or electronics very long in one duration of viewing described in step 4.1 When books, user need not go relevance under this or similar situation, then the attended operation of step 4 need not replace token and step on again Record, i.e., token next time is connected within multiple periods to be regenerated, and tested by experiment, and attended operation is faster than register N times, therefore can be further improved efficiency;
The token in the current login period that step 4.2 received server-side step 4.1 client is sent and next login week The token of phase carries out validation check, returns to information whether verifying to client;
Server end verifying is current to log in token and login token is successfully believed next time to step 4.3 client receiving It is similar with step 3.3 after breath, it reconstructs one and corresponds to the anonymous credential zero-knowledge proof obtained when registration, be sent to service Device end;
The zero-knowledge proof to anonymous credential that step 4.4 received server-side client is sent, and verified, it verifies By next token deposit database name for logging in the period in Next database after success;
Step 4.5 client receives successful connection information, until next login period need not log in again;
Step 5: server end after a login end cycle, empties the data in Cur database, and by Next Token data unloading in database enters in Cur database, and jumps to step 3.1 and wait next login period;
Wherein, any one in step 5 logs in the period, if user is in logging state, and is not desired to be further continued for accessing Service can jump to step 3.1 and publish request by client transmission and send the current token for logging in the period To server end;
At the same time, user, which according to circumstances can set and adjust at any moment of login, logs in the period, in user head When secondary login system, user's operation is needed to log in, after login, in one login period of every mistake, user terminal system will be replaced automatically Token logs in next period, such design can guarantee user when watching a series of short-sighted frequencies or e-book, user's It logs in token to be replaced in time, multiple behavior is not associated, and guarantees user privacy information, and can accomplish that user itself has no body Test deviation;
Step 6: user publishes client, log off, the specific steps are as follows:
Step 6.1 received server-side client publishes request and its current token for logging in the period, from Cur data The token is deleted in library, and publishes successful information to client return;
Step 6.2 client receives server end and publishes successful information, publishes completion;
Signature in step 3 and step 4 of the present invention cannot log in twice simultaneously within a login period, and It include the inspection to expired time and in login and access phase, user can not if if the order time, interval is expired It logs in again, guarantees the interests of ISP.
Beneficial effect
A kind of anonymous booking method of the invention has following beneficial to effect relative to existing anonymous purchase agreements and system Fruit:
(1) system is relatively reliable: this method and one account of system relied on cannot be repeatedly same a login period Shi Denglu, the log-on message so that user can not overdraw get rid of the limitation for effectively ordering the time limit, ensure that the reliable of system Property;
(2) ensure that privacy of user, i.e. user anonymity are guaranteed: on the one hand: user's appoints in this agreement and system What is logged in twice can not be all associated with by server, and make server end that can not obtain user information, and protect privacy of user; On the other hand: being paid using the real name means of payment, and guarantee real name payment accounts and ordering information onrelevant, guarantee to use The safety of family privacy information;
(3) method of token is generated using PRF and orders association relative to existing anonymity to time limit verification method is ordered View is more efficiently and practical;
(4) in this system after each login end cycle, all tokens are emptied, and the token only connected is put into currently In token list, guarantee the reasonable of memory space, do not increase infinitely, so that system has reasonable memory space.
Detailed description of the invention
Fig. 1 is that middle server end and each module of client are illustrated in a kind of system that anonymous booking method is relied on of the present invention Figure and its annexation figure;
Fig. 2 is the interaction of registration module and location registration process module in a kind of system that anonymous booking method is relied on of the present invention Relational graph;
Fig. 3 login module and login process module and is asked in a kind of system that anonymous booking method is relied on of the present invention Seek the interactive relation figure with access modules and transmission process module;
Fig. 4 is link block and the interaction for connecting processing module in a kind of system that anonymous booking method is relied on of the present invention Relational graph;
Fig. 5 is to publish module in a kind of system that anonymous booking method is relied on of the present invention and publish the interaction of processing module Relational graph.
Specific embodiment
A kind of anonymous purchase agreements of the invention and its system, wherein a kind of anonymity order system include server end and Client, server end are mounted on the server of service provider, and client is mounted on the computer or hand-held mobile whole of user On end;Wherein, the hand-held mobile terminal mainly includes smart phone, ipad and ipod;Server end is configured with data Library, parameter setting module, location registration process module, login process module connect processing module, log in end cycle module, publish Processing module, transmission process module;Client is configured with registration module, login module, and link block publishes module, request with Access modules.
The server end such as logs in period and its public and private key information firstly the need of a series of system parameters are generated;It Afterwards if desired user accesses service, needs to be registered using client, executes registration module, client registers module and service Device end location registration process module interacts, and completes registration process, what process user offer was ordered starts over the time, and pays Corresponding expense obtains a legal signature from server end, constitutes the anonymous credential for logging in and needing;User just uses later The anonymous credential is logged in client, is executed login module, is interacted with server end login process module, is stepped on when logging in Record module can carry out one to signature and blind operation, generate the current token for logging in the period, logged in and executed request and visit It asks module, starts access service, log in the login that end cycle will carry out next period, replacement token is logged in;This guest who is not a relative Family end provides a link block, and when not needing association, user may be selected to execute, and attended operation is than in register efficiency High twice or so, efficiency can be improved in such selectively actuatable;When user is not desired to visit again service, it can execute and publish behaviour Make, publishes system;Login module and login process module and link block with connect in processing module, include to expired The inspection of time, user can not log in again if if the order time, interval is expired.
With reference to the accompanying drawings and examples, anonymous purchase agreements of the invention and its system are further illustrated, and illustrates it Advantage.It should be pointed out that implementation of the invention is not limited by the following examples, the change in any form that the present invention is done Logical or change will fall into the scope of the present invention.
Embodiment 1
Type of database in the present embodiment stores token using redis;Before implementing registration process, service Device end needs to be implemented parameter setting module, mainly generates necessary system parameter and its public key and private key, corresponding specification Step 1 in main body, specific steps are as follows:
Step 1.1 generates security parameter t=80, l=40, s=40;N is generated, n=pq is a big conjunction number, and p and q are Big prime, | n |=100;It generates<gn> refer to by gnThe multiplicative group of generation;
Step 1.2 is chosenSet X=gx, Y=gy, Set public key and private key: Spk=(q, G, GT,g,X,Y,Z1,Z2), ssk=(x, y, z1,z2), wherein G is an elliptic curve group, should in the present embodiment 1 Elliptic curve is y2=x3+ 1modp, q are the ranks of the elliptic curve, and g is the generation member of the elliptic curve, GTIt is ellipse at this A bilinear map group on circular curve, representation are e:G × G → GT, and gT=e (g, g) is bilinear map group Generation member;
Step 1.3 sets token storage collection, σ=({ }, { }), and initialization is all sky, including two parts: σ .cur and σ .next, one is the current token for logging in period all users and logging in of storage, and one is to store the user for having used attended operation The token logged in next time, cur=| σ .cur |, next=| σ .next |;
Step 1.4 sets each time T for logging in the period, and T is set as 1min in the present embodiment, after value setting, It is fixed for logging in the period;
Step 1.5 sets order date extreme value, minimum value t-∞, it is the positive number of a very little, maximum value t, be one very Big positive number, the setting of date extreme value primarily to login and link block is facilitated to carry out zero-knowledge proof to order date, Verify its order date validity;
Followed by the process that user is registered by client, detailed process are as follows:
Step (2.1) user is interacted by client executing registration module with the location registration process module of server end, is used Family selectionOrder starting and end time exps,expeIt calculates Expe=expe- exps, and exp is sent to server, and execute a zero-knowledge proof with the interaction of server location registration process module:
The zero-knowledge proof of step (2.2) server end verification step (2.1), if success, is transferred to step (2.3), if not Step (2.1) is successfully skipped to re-register;
The expense that user should pay is calculated according to the exp of user in step (2.3) server end location registration process module, And it is sent to user terminal;
Step (2.4) user client pays corresponding expense fare using real name payment accounts Account, after paying successfully Server end location registration process module is generated to d, exps,expeSignature:
Order signing messages;
Step (2.5) server end by this sign s=(a, A1,A2,b,B1,B2, c) and it is sent to client;
Step (2.6) client registers module carries out associated verification:
a≠1,e(a,Z1)=e (g, A1),
e(a,Z2)=e (g, A2), e (a, Y)=e (g, b),
e(A1, Y) and=e (g, B1),e(A2, Y) and=e (g, B2),
After being proved to be successful, user saves access anonymous credential sk=(s, d, exps,expe), that is, it succeeds in registration.
In the present embodiment, user is paid using real name payment accounts, its privacy information will not be still revealed, above-mentioned In operation, to d, exps,expeVerifying use zero knowledge proof, server end can not obtain these information, therefore real name Payment accounts can not be associated with the privacy information of user, therefore feasible and practical using real name means of payment;However it is existing its In his anonymous purchase agreements, anonymous payment means can only be used to be paid, if using real name means of payment meeting association user Ordering information.
Embodiment 2
The present embodiment is a kind of login process of the anonymous order system relied on based on the present invention, specifically to access video For service.
Client access Video service viewing video can be logged in after user registration success, user is stepped on by client It records module to log in, be interacted with server end login process module, specific steps are as follows:
Step (3.1) client uses sk=(s=(a, A1,A2,b,B1,B2,c),d,exps,expe) Proxy Signature is generated, It chooses At the beginning of t is the current login period;At the same time, The difference for the time that the present embodiment is carved using current time and the January in 1970 of 0: 0 timesharing on the 1st, and minute is converted to as unit; Type of Client Log-on Module generatesAnd Yd(t), wherein Yd(t) it is token, is to be generated using PRF method, and send it to Server end;
Step (3.2) server end login process module judges token Yd(t);Presence or absence simultaneously carries out corresponding operating:
(3.2.1) is if Yd(t) ∈ σ .cur shows that the token has been used, then login failure, returns to failure information to visitor Family end returns to step (3.1) and waits user's request next time;
(3.2.2) if the token is not present, ifShow that the token is not used by, continue to verify:
(3.2.2.1) login failure if authentication failed returns to step (3.1) and waits user's request next time;
(3.2.2.2) is otherwise proved to be successful, and jumps to step (3.3);
Step (3.3) Type of Client Log-on Module and server end login process module are all calculated as follows respectively:
And execute following zero-knowledge proof:
Wherein r '=1/r2
Step (3.4) server end is by Yd(t) it is stored in the σ .cur in database, updates σ, so far, user just logs in into Function;
Step (3.5) client will continue to execute video request and play, and user can access Video service viewing view Frequently;
In the present embodiment, when generating login token, in addition to using the d in sk, exps,expe, also use current login week T at the beginning of phase, t is unique at the beginning of any one logs in the period, therefore in any a cycle, one User can only have a login token, cannot be used for multiple times simultaneously, this ensure that the interests of service provider;In addition, stepping on The zero-knowledge proof executed when record can be verified to start and end time is ordered, if the order time is expired, user It will be unable to log in, accomplished that the time limit is effectively ordered in limitation in this way, guaranteed the interests of service provider.
Embodiment 3
Connection procedure of the present embodiment based on a kind of anonymous order system of the invention.
When user is in logging state, attended operation can be performed, attended operation is mainly available to may be selected for user Operation, when not needing relevance, user can choose the connection of current period and next period, arrive in this way in next period After coming, user need not log in again;Attended operation is executed by the link block of client, connect processing module with server end Interaction mainly maintains a variable linkn in client link block to carry out by user, and linkn indicates current The login period starts the linkn period after connection, and every end a cycle linkn just subtracts 1, and linkn is kept to after 0 expression It is not connected to, can modify to linkn in any one login period, whether be attached with the period after prompting;
When attended operation, the link block of client uses sk=(s, d, exps,expe) calculate And it is sent to server end, the connection processing of server end Module is verified, and Y is verifiedd(t) ∈ σ .cur andIf not then connection failure, it is verified then Continue to operate;Client link block connects processing module with server end and executes following zero-knowledge proof later:
The connection processing module of server end carries out zero knowledge proof, after being proved to be successful, Yd(t+T) it is added to σ .next In, successful connection;
In the embodiment, attended operation is simpler than register, and execution efficiency is also higher, experiments have shown that attended operation ratio Fast 2 times of register or so, when relevance need not be gone, if user when watching a time longer video, then can be with Using attended operation, efficiency can be improved;And to exp used in implementings≤tcur≤expeRange zero-knowledge proof be mesh It is most efficient in preceding existing scheme, it is ensured that high efficiency.
Embodiment 4
Login end cycle process of the present embodiment based on a kind of anonymous order system of the invention.
After each logs in end cycle, server end, which can execute, logs in end cycle module, to token storage state It is updated, concrete operations are as follows:
The state of storage token in server update database, σ '=(σ .cur=σ .next, σ .next={ }), also It is that σ .cur is emptied and the token in σ .next is all put into σ .cur, σ .next is emptied;Final result is exactly σ ' .cur =σ .next, σ ' .next={ }, while entering next period;
In the present embodiment 4, every a login period, token storage will update once, be stored in only working as data The preceding token for logging in period login and connection, therefore memory space will not infinitely increase, memory space is reasonable.
The above is presently preferred embodiments of the present invention, and it is public that the present invention should not be limited to embodiment and attached drawing institute The content opened, it is all not depart from the lower equivalent or modification completed of spirit disclosed in this invention, both fall within the model that the present invention protects It encloses.

Claims (2)

1. a kind of anonymity booking method, it is characterised in that: a kind of anonymous order system that the method is based on includes server End and client;Server end include again parameter setting module, location registration process module, login process module, connection processing module, It logs in end cycle module, publish processing module, transmission process module and database;Wherein, type of database is mainly Redis, mysql or oracle, it includes current database and lower cycle data library again;Client includes registration module, logs in Module, link block publish module and request and access modules;
Wherein, current database, i.e. Cur database;Lower cycle data library, i.e. Next database;
The installation process of each module of order system is as follows: the server end is mounted on the server of SP;The visitor Family end is mounted on the computer of user;The function of each comprising modules is as follows in the order system:
The function of parameter setting module are as follows: mainly generate the key letter that the necessary system parameter of server end and agreement need to be implemented Breath;The function of registration module are as follows: user sends registration request by client and mainly sends to order the time started and order and ties Subscription fee is registered and paid to the beam time, and receives the order signing messages of server end, generates the anonymous credential of login Information;The function of location registration process module are as follows: the registration request and related registration information of received server-side user terminal registration module, And verified, generation order signature is sent to client after collecting subscription fee;The function of login module are as follows: user uses visitor The anonymous credential information and generation obtained when the input registration of family end currently logs in the period, and (user only needs manual in first login Input logs in, and can replace automatically token every fixed cycle client later and log in again, if performing attended operation not Need to log in again) login token, issue logging request, accessing service after logining successfully, execute request with access mould Block;The function of login process module are as follows: server receives the logging request to Type of Client Log-on Module and carries out login token number According to verifying, and store token after the validation;The function of link block are as follows: user when client is in logging state, It does not need to carry out selection operation when relevance, send connection request and generates next token for logging in the period, connection is next time Log in the period;Connect the function of processing module are as follows: the connection request of received server-side client is simultaneously handled;Log in the period The function of ending module are as follows: server end is after a login end cycle, more new database token storage state, and enters Next login period;Publish the function of module are as follows: client, which is sent, to be published request and will currently log in the period Token is sent to server end;Publish the function of processing module are as follows: received server-side client publish request and its work as The preceding token for logging in the period, and more new database token status;The function of request and access modules are as follows: logined successfully in client Afterwards, service request is issued to server end and receive information on services and the access of server end;The function of transmission process module are as follows: The service request of received server-side client carries out coding transmission to client to respective service;
The connection relationship of the order system all modules, specifically:
Registration module is connected with location registration process module;Login module and login process module, request and access modules, link block And it publishes module and is connected;It link block and login module and connect processing module and is connected;It publishes module and login module and steps on Processing module is connected out;Request is connected with access modules with transmission process module;Database module and login process module are connect Processing module, publish processing module and log in end cycle module be connected;
The booking method, specific steps are as follows:
Step 1: server end generates system parameter and server public key, private key information by parameter setting module;
Step 2: user's registration, which obtains, orders signing messages;The detailed process of step 2 are as follows:
Step 2.1 user issues registration request by client and inputs and predominantly orders the time started and order the end time Information, construction one, to ordering the time started and ordering the non-interactive zero-knowledge proof of end time, is sent to server End;
The registration request and zero-knowledge proof of the transmission of step 2.2 received server-side step 2.1 user terminal are simultaneously verified, root The order time limit sent according to user terminal, which calculates, needs fee charged, sends charge request to client;
Step 2.3 user initiates to pay after receiving the charge request of step 2.2, using real name payment accounts to server end Request carries out reimbursement of expense;
After step 2.4 received server-side to the payment request of step 2.3 client, the payment request of client, expense are handled It collects successfully to calculate afterwards and generate based on ordering the time started and ordering the signature of end time information, is i.e. order signing messages, And client is sent this information to, which is exactly legitimate anonymous identity foundation when user being used as to log in;
Step 2.5 user receives the order signing messages of step 2.4 server end transmission, is verified, and save A.L.S. Breath, and form with to order the information based on start and end time and log in anonymous credential information, so far user's registration completion;
Step 3: user logs in client, and access corresponding service;
The specific steps of step 3 are as follows:
Step 3.1 then jumps to step 6 when exiting the request of access with user orientation server sending;Otherwise when with user orientation server When having access request, user sends logging request by client, and according to the anonymous credential obtained when registering A Proxy Signature and a token disposably accessed are generated with the current login period, and the Proxy Signature and token are sent to Server end;
Wherein, the token is generated using PRF method;
The Proxy Signature and token that step 3.2 received server-side step 3.1 client is sent, and Proxy Signature is verified, it is right Token is checked, judges that the token whether there is in Cur database, and proceed as follows according to presence or absence:
If 3.2.1 the token is not present, shows that the token is not used by transmission and is proved to be successful information to client, enter step 3.3;
If 3.2.2 the token exists, show that the token has been used, then show login failure, returns to failure information to client, Return to the access request that step 3.1 waits user next time;
Step 3.3 client is receiving step 3.2 server end to Proxy Signature and the successful information of token authentication and then structure It makes one and corresponds to the anonymous credential zero-knowledge proof obtained when registration, be sent to server end;
The zero-knowledge proof information to anonymous credential that step 3.4 received server-side step 3.3 client is sent, and tested Card is verified and then token is stored in Cur database, and sends and login successfully information;
Step 3.5 client receiving step 3.4 login successfully information after, so far user logins successfully;It can carry out anonymous access Corresponding service, client executing respective request and access modules, interact, client with server end transmission process module Obtain corresponding service;
Step 4: user is attached operation when being in logging state;
The specific steps of step 4 are as follows:
Step 4.1, when that need not go relevance, can be attached operation when user is in logging state, be logged in using current Token connects the token logged in next time, and user sends connection request using client, according to anonymous credential and next login Period generates next token for logging in the period, and sends jointly to server end with the current token for logging in the period;
Relevance need not be gone to refer to user's video or e-book very long in one duration of viewing described in step 4.1 When, user need not go relevance under this or similar situation, then the attended operation of step 4 need not replace token and log in again, i.e., Token next time is connected within multiple periods to be regenerated, and tested by experiment, N times faster than register of attended operation, Therefore it can be further improved efficiency;
The token in the current login period that step 4.2 received server-side step 4.1 client is sent and next log in the period Token carries out validation check, returns to information whether verifying to client;
After each logs in end cycle, server end, which can execute, logs in end cycle module, carries out to token storage state It updates, concrete operations are as follows:
The state of token, σ '=(σ .cur=σ .next, σ .next={ }), that is, σ are stored in server update database .cur it empties and the token in σ .next is all put into σ .cur, σ .next is emptied;Final result is exactly σ ' .cur × σ .next, σ ' .next={ }, while entering next period;
Every a login period, token storage will update once, be stored in data it is only current log in the period log in and The token of connection;
Step 4.3 client is receiving the current login token of server end verifying and is logging in the successful information of token next time Afterwards, similar with step 3.3, it reconstructs one and corresponds to the anonymous credential zero-knowledge proof obtained when registration, be sent to server End;
The zero-knowledge proof to anonymous credential that step 4.4 received server-side client is sent, and verified, it is proved to be successful It is afterwards in Next database by next token deposit database name for logging in the period;
Step 4.5 client receives successful connection information, until next login period need not log in again;
Step 5: server end after a login end cycle, empties the data in Cur database, and by Next data Token data unloading in library enters in Cur database, and jumps to step 3;
Wherein, any one of step 5 logs in the period, if user is in logging state, and is not desired to be further continued for access service, Step 3.1 can be jumped to publish request by client transmission and the current token for logging in the period is sent to service Device end;
At the same time, user, which according to circumstances can set and adjust at any moment of login, logs in the period, steps on for the first time in user When recording system, user's operation is needed to log in, after login, in one login period of every mistake, user terminal system will replace token automatically Log in next period, such design can guarantee user when watching a series of short-sighted frequencies or e-book, the login of user Token is replaced in time, and multiple behavior is not associated, and guarantees user privacy information, and it is inclined to accomplish that user itself has no experience Difference;
Step 6: user publishes client, log off, the specific steps of step 6 are as follows:
Step 6.1 received server-side client publishes request and its current token for logging in the period, from Cur database The token is deleted, and publishes successful information to client return;
Step 6.2 client receives server end and publishes successful information, publishes completion;
Signature in the step three and step 4 cannot log in twice simultaneously within a login period, and log in and Access phase includes the inspection to expired time, and user can not log in again if if the order time, interval is expired, is guaranteed The interests of ISP.
2. a kind of anonymous booking method as described in claim 1, it is further characterized in that: phase in the step 3 and step 3.5 The service answered specifically include that Video service, electronic music service, E-book service, fine definition picture, PPT material and The electronic information service of various file types.
CN201610156487.1A 2016-03-18 2016-03-18 A kind of anonymity booking method Active CN105847008B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610156487.1A CN105847008B (en) 2016-03-18 2016-03-18 A kind of anonymity booking method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610156487.1A CN105847008B (en) 2016-03-18 2016-03-18 A kind of anonymity booking method

Publications (2)

Publication Number Publication Date
CN105847008A CN105847008A (en) 2016-08-10
CN105847008B true CN105847008B (en) 2019-03-05

Family

ID=56587927

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610156487.1A Active CN105847008B (en) 2016-03-18 2016-03-18 A kind of anonymity booking method

Country Status (1)

Country Link
CN (1) CN105847008B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111612465A (en) * 2016-10-06 2020-09-01 李丽萍 Payment system, collection and payment method, anonymous payment client and server
CN107040535B (en) * 2017-04-07 2020-07-10 网易(杭州)网络有限公司 Method, device and system for monitoring login of mobile application channel and storage medium
US11037118B2 (en) * 2017-04-28 2021-06-15 International Business Machines Corporation Zero knowledge third party guarantee of service on decentralized computing platform
CN109388941A (en) * 2018-10-29 2019-02-26 苏州友教习亦教育科技有限公司 Teacher's permission login method and system
CN109525583B (en) * 2018-11-26 2021-03-12 中国科学院数据与通信保护研究教育中心 False certificate detection method and system for third-party identity management providing service system
CN111817845B (en) * 2019-04-11 2022-07-22 亿度慧达教育科技(北京)有限公司 Anti-crawler method and computer storage medium
CN110314270B (en) * 2019-04-30 2022-05-13 金脑元(武汉)医学生物科技有限公司 Insomnia treatment system and insomnia therapeutic instrument based on cloud server
CN110601936A (en) * 2019-09-24 2019-12-20 涂益民 Digital photo album sharing system based on digital home network
CN115589333B (en) * 2022-11-11 2023-04-28 中电金信软件有限公司 Access request authentication method, device, system and electronic equipment

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103577736A (en) * 2013-11-07 2014-02-12 上海动联信息技术股份有限公司 Low-power-consumption dynamic token and dynamic password generation method

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103577736A (en) * 2013-11-07 2014-02-12 上海动联信息技术股份有限公司 Low-power-consumption dynamic token and dynamic password generation method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"a verifiable random function with short proofs and keys";Dodis Y, Yampolskiy A;《international conference on theory and practice in public key cryptograph》;20051231;摘要
"online subscriptions with anonymous access";M Blanton;《ACM symposium information》;20081231;第3、4、5.4部分

Also Published As

Publication number Publication date
CN105847008A (en) 2016-08-10

Similar Documents

Publication Publication Date Title
CN105847008B (en) A kind of anonymity booking method
Tasca et al. Taxonomy of blockchain technologies. Principles of identification and classification
Ruffing et al. Liar, liar, coins on fire! Penalizing equivocation by loss of bitcoins
Puddu et al. $\mu $ chain: How to Forget without Hard Forks
US10708071B1 (en) Consensus protocols in distributed computing systems
US6385725B1 (en) System and method for providing commitment security among users in a computer network
WO2020015487A1 (en) Identity verification method, login method, apparatuses, and computer device
Au et al. BLACR: TTP-free blacklistable anonymous credentials with reputation
Au et al. PERM: Practical reputation-based blacklisting without TTPs
JP2019053269A (en) System and method for determining ballot of voter collected by electronic voting
Liu et al. Fork-free hybrid consensus with flexible proof-of-activity
Zhang et al. A treasury system for cryptocurrencies: Enabling better collaborative intelligence
Yang et al. Decentralized blacklistable anonymous credentials with reputation
CN110071897B (en) Block chain system based on mobile terminal
CN110537359A (en) The authentication of Behavior-based control
Chen et al. Trusted audit with untrusted auditors: A decentralized data integrity Crowdauditing approach based on blockchain
US11245528B1 (en) Protocols for decentralized networks
Gabay et al. A privacy framework for charging connected electric vehicles using blockchain and zero knowledge proofs
Almashaqbeh Cachecash: A cryptocurrency-based decentralized content delivery network
CN110310192A (en) Transaction processing method, device, equipment and storage medium based on data analysis
Camenisch et al. Federated identity management
US20140101440A1 (en) Digital arbitration
Capodieci P2P energy exchange agent platform featuring a game theory related learning negotiation algorithm
Bhaskar et al. Verito: A Practical System for Transparency and Accountability in Virtual Economies.
Dinh et al. Scaling up anonymous communication with efficient nanopayment channels

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant