CN105847008B - A kind of anonymity booking method - Google Patents
A kind of anonymity booking method Download PDFInfo
- Publication number
- CN105847008B CN105847008B CN201610156487.1A CN201610156487A CN105847008B CN 105847008 B CN105847008 B CN 105847008B CN 201610156487 A CN201610156487 A CN 201610156487A CN 105847008 B CN105847008 B CN 105847008B
- Authority
- CN
- China
- Prior art keywords
- token
- user
- client
- module
- login
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3257—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using blind signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0421—Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
Abstract
A series of a kind of anonymity purchase agreements and its system, comprising the following steps: 1. servers generate system major parameters as logged in period and its public and private key information;2. user and server interact, registration process is executed, process user provides the interval time ordered, and pays corresponding expense, and a legal signature is obtained from ISP;3. user is logged in using the signature, entry stage is logged according to the fixed login period, and is carried out one to signature and blinded operation, generate the current token for logging in the period, it is logged in, logging in end cycle will carry out next period, and replacement token is logged in;4. anonymous agreement provides an attended operation, when being not required to association, user may be selected to execute;It is executable to publish operation 5. user is not desired to visit again service;It include the inspection to expired time and in login and access phase, user can not log in again if if the order time, interval is out of date, guarantee the interests of ISP.
Description
Technical field
The present invention relates to a kind of anonymous booking method, belongs to anonymous authentication, signature technology and order technical field.
Background technique
It is accessed using real name mode to the service of order, although can guarantee practicability, privacy of user can be exposed
Information.Therefore, in recent years, there are anonymous purchase agreements.Anonymous purchase agreements generally comprise three participants: user
(Customer), ordering authorization side (Vendor) and service provider (Supplier);Wherein, user is intended to access order
One side of service;Ordering authorization side provides access mandate;Service provider is the provider for the service of ordering.Anonymous purchase agreements tool
Body implementation process includes two steps: 1) Customer obtains anonymous ordering authorization to Vendor, is equivalent to an anonymous credential;2)
Customer provides legal subscription rights identity to Supplier and accesses Supplier, obtains the service that Supplier is provided.
Herein it is noted that (1) Customer uses different tokens when accessing Supplier every time, this token and acquisition
Anonymous credential it is related;(2) in many actual anonymous purchase agreements, Vendor and Supplier are same sides.
Canard S and Jambert A in 2010 proposes typical anonymous order system being divided into two classes: (I) user can be with
Payment or disposable payment when each access services, so as to access the service until the number fixed;(II) user is paying
Fei Houke optionally accesses ordered service in the period at a fixed time, and anonymity purchase agreements proposed by the present invention belong to the
Two classes.
Generally there are two evaluation indexes for anonymous purchase agreements and its application system: system reliability and user anonymity.Institute
Meaning system reliability is to refer to guarantee that a service provider can obtain costs reimbursement appropriate, guarantees its commercial operation,
It cannot allow anyone that can go to access its resource, the user only having subscribed could access and use, and the same time one
Account cannot be logged in repeatedly, while can accomplish the limitation of term of validity, guarantee the interests of service provider;User anonymity is
Refer to that behavior of the individual privacy for guaranteeing user in the service of ordering is not tracked by service provider, herein, the individual of user is hidden
Mainly the personal preference including user and user are accustomed to personal letter breath.
Existing anonymity purchase agreements research focuses primarily upon solution privacy of user in ordering service process and is leaked to clothes
The problem of business provider.By deep retrieval, such as with anonymous purchase agreements and its biggish several papers of the application system degree of association
Under:
(1) paper: Lee M Z, Dunn A M, Waters B, et al.Anon-pass:Practical anonymous
subscriptions[C]//Security and Privacy(SP),2013IEEE Symposium on.IEEE,2013:
319-333;The anonymous purchase agreements proposed in the paper, the token that can guarantee that user logs in each time is all different, guarantees
User behavior is not associated, and is improved in efficiency larger.However, the scheme of the paper can not but accomplish the limit for effectively ordering the time limit
System, not can guarantee the reliability of system, cause user that can get rid of the limitation for effectively ordering the time limit, to damage service provider
Interests;
(2) paper: Blanton M.Online subscriptions with anonymous access [C] //
Proceedings of the 2008ACM symposium on Information,computer and
communications security.ACM,2008:217-227;The anonymous purchase agreements proposed in the paper, to guarantee to use
Each behavior at family is not tracked, log in every time all generate one it is new without used token, it is therefore desirable to will before make
Used token storage.However, memory space is increasing as token storage is continuously increased, while checking token whether
Also more by use required time, low efficiency is impracticable;
(3) paper: Ramzan Z, Ruhl M.Protocols for anonymous subscription services
[J].Unpublished manuscript,2000,39;Server needs to store all orders having been used in the paper
Board, and each user sends multiple tokens in the interactive Shi Huixiang server that accesses every time and is obscured to guarantee user's
Anonymity.However as being increasing for number of users, server needs the token stored also can be more and more, causes storage empty
Between it is excessive;
(4) paper: Camenisch J, Lysyanskaya A.Signature schemes and anonymous
credentials from bilinear maps[C]//Advances in Cryptology-CRYPTO
2004.Springer Berlin Heidelberg,2004:56-72;Hideing based on CL algorithm is proposed based on bilinear map
Name signature mechanism, provides important references for signature calculation of the invention;
(5) paper: Dodis Y, Yampolskiy A.A verifiable random function with short
proofs and keys[M]//Public Key Cryptography-PKC 2005.Springer Berlin
Heidelberg,2005:416-431;The method that a pseudo-random function (PRF) generates token is provided, is order of the invention
Board calculating provides important references.In addition, Zero Knowledge described in following two document is utilized in the agreement that the present invention is mentioned:
(1)Blum M,Feldman P,Micali S.Non-interactive zero-knowledge and its
applications[C]//Proceedings of the twentieth annual ACM symposium on Theory
of computing.ACM,1988:103-112.
(2)Boudot F.Efficient proofs that a committed number lies in an
interval[C]//Advances in Cryptology—EUROCRYPT 2000.Springer Berlin
Heidelberg,2000:431-444.
Existing anonymous purchase agreements above-mentioned and system all have that operation time is longer, memory space is excessive.
And all have a similar hypothesis: i.e. hypothesis anonymous payment has practicability, because needing to carry out expense when carrying out anonymous order
With payment, in order to guarantee the privacy of user's payment accounts, current programme all uses anonymous payment to carry out, such as bit coin, electronics
The means of payment such as cash.However, these anonymous payment modes are not used as common electronic payment mode by ordinary populace, i.e., do not have
Standby practicability.
Although above-mentioned anonymous order can protect privacy of user in being applied to video order service scenarios, these bases
In the token of cryptography generate and verification mode that there is amount of storage is big, time-consuming, the means of payment is impracticable and does not consider to limit
Work out the defect in purchase time limit, it is necessary to be based on particular video frequency online ordering demand scene, explore anonymous purchase agreements and user is hidden
Private does not steal more effective agreement and system by service provider or the external world.
Summary of the invention
It is an object of the invention to guarantee that user's online activity is not monitored in anonymous purchase agreements, can prevent user simultaneously
Between repeatedly log in, and consider user effectively order the time limit: effective protection privacy of user and service provider's equity can be taken into account;And
It further decreases amount of storage and calculates time-consuming, propose a kind of anonymous booking method.
A kind of anonymous booking method proposed by the invention, core concept is: user is to service provider (abbreviation SP)
After ordering certain type of online service (mainly include e-book, music and film), a kind of anonymity proposed by the present invention is ordered
1) purchase agreement and its system mainly have the feature that using zero-knowledge proof, CL signature and periodic replacement current token
With empty current database;So that the system realization of agreement has the characteristics that low amount of storage and low calculating are time-consuming;2) user can be
Any moment anonymously accesses, and is recorded without having to worry about factum, and in access process, SP can not have been obtained
Any information for closing user real identification, also cannot achieve the association to user access activity;3) at the same time, the present invention is mentioned
Agreement and its system can also prevent user from repeatedly logging in and protecting the equity of SP with the time: the user that system does not allow to cheat carries out
Overdraw is attempted to get rid of the limitation for effectively ordering the time limit.
The present invention is achieved by the following technical solutions.
A kind of anonymous order system that a kind of anonymous booking method of the present invention is relied on includes server end and client;Clothes
Business device end includes parameter setting module, location registration process module, login process module, connection processing module, logs in end cycle again
Module publishes processing module, transmission process module and database;Wherein, type of database be mainly Redis, mysql or
Oracle, it includes current database (Cur database) and lower cycle data library (Next database) again;Client includes registration
Module, link block, publishes module and request and access modules at login module;
A kind of installation process of each module of anonymous order system of the present invention is as follows: the server end is mounted on the service of SP
On device;The client is mounted on the computer of user;
The function of each comprising modules is as follows in a kind of anonymous order system of the present invention:
The function of parameter setting module are as follows: mainly generate the necessary system parameter of server end and agreement need to be implemented it is close
Key information;The function of registration module are as follows: user sends registration request by client and mainly sends and orders the time started and order
Subscription fee is registered and paid to the purchase end time, and receives the order signing messages of server end, generates the anonymity of login
Certificate information;The function of location registration process module are as follows: the registration request and pertinent registration of received server-side user terminal registration module
Information, and verified, generation order signature is sent to client after collecting subscription fee;The function of login module are as follows: user
Anonymous credential information and the generation current login period obtained when being inputted and registered using client, (in the present invention, user only needed
It to be manually entered login in first login, token can be replaced automatically every fixed cycle client later and logged in again, if
It is perform attended operation not needing then to log in again, subsequent to will continue to illustrate) login token, issue logging request, log at
Access service after function, executes request and access modules;The function of login process module are as follows: client is stepped in server reception
It records the logging request of module and log in the verifying of token data, and store token after the validation;The function of link block
Are as follows: user carries out selection operation when not needing relevance when client is in logging state, sends connection request and life
At next token for logging in the period, connection logs in the period next time;Connect the function of processing module are as follows: received server-side client
The connection request at end is simultaneously handled;Log in end cycle module function are as follows: server end a login end cycle it
Afterwards, more new database token storage state, and enter next login period;Publish the function of module are as follows: user end to server
End, which is sent, publishes request and the current token for logging in the period is sent to server end;Publish the function of processing module are as follows: service
Device end receives token for publishing request and its current login period of client, and more new database token status;Request with
The function of access modules are as follows: after client logins successfully, issue service request to server end and receive the clothes of server end
Business information simultaneously accesses;The function of transmission process module are as follows: the service request of received server-side client carries out respective service
Coding transmission is to client;
The connection relationship of the order system all modules, as shown in Figure 1, specifically:
Registration module is connected with location registration process module;Login module and login process module, video request and playing module,
Link block and publish module be connected;It link block and login module and connect processing module and is connected;It publishes module and logs in
Module is connected with processing module is published;Request is connected with access modules with transmission process module;Database module and login process
Module, connect processing module, publish processing module and log in end cycle module be connected.
The realization process of the anonymous booking method is as follows:
Step 1: server end generates system parameter and server public key, private key information by parameter setting module;
Step 2: user's registration, which obtains, orders signing messages, detailed process are as follows:
At the end of step 2.1 user is issued registration request and is inputted the predominantly order time started and ordered by client
Between information, construction one to order the time started and order the end time non-interactive zero-knowledge proof, be sent to clothes
Business device end;
The registration request and zero-knowledge proof of the transmission of step 2.2 received server-side step 2.1 user terminal are simultaneously tested
Card, the order time limit sent according to user terminal, which calculates, needs fee charged, sends charge request to client;
Step 2.3 user is initiated after receiving the charge request of step 2.2, using real name payment accounts to server end
Payment request carries out reimbursement of expense;
After step 2.4 received server-side to the payment request of step 2.3 client, the payment request of client is handled,
It calculates and is generated based on ordering the time started and ordering the signature of end time information after charges success, is i.e. order A.L.S.
Breath, and client is sent this information to, which is exactly legitimate anonymous identity foundation when user being used as to log in;
Step 2.5 user receives the order signing messages of step 2.4 server end transmission, is verified, and save label
Name information, and form with to order the information based on start and end time and log in anonymous credential information, so far user's registration completion;
Step 3: user logs in client, and access corresponding service, specific steps are as follows:
Step 3.1 then jumps to step 6 when exiting the request of access with user orientation server sending;Otherwise when user is to clothes
When business device has access request, user sends logging request by client, and according to the anonymity obtained when registering
Certificate and current login period generate a Proxy Signature and a token disposably accessed, and the Proxy Signature and token are sent out
Give server end;
Wherein, the token is generated using PRF method;
The Proxy Signature and token that step 3.2 received server-side step 3.1 client is sent, and Proxy Signature is tested
Card, checks token, judges that the token whether there is in Cur database, and proceed as follows according to presence or absence:
If 3.2.1 the token is not present, shows that the token is not used by transmission and is proved to be successful information to client, enter
Step 3.3;
If 3.2.2 the token exists, show that the token has been used, then show login failure, returns to failure information to visitor
Family end returns to the access request that step 3.1 waits user next time;
Step 3.3 client after receiving step 3.2 server end to Proxy Signature and the successful information of token authentication,
It reconstructs one and corresponds to the anonymous credential zero-knowledge proof obtained when registration, be sent to server end;
The zero-knowledge proof information to anonymous credential that step 3.4 received server-side step 3.3 client is sent, goes forward side by side
Row verifying, is verified and then token is stored in Cur database, and sends and login successfully information;
Step 3.5 client receiving step 3.4 login successfully information after, so far user logins successfully;It can carry out anonymity
The corresponding service of access, client executing respective request and access modules, interact, client with server end transmission process module
Corresponding service can be obtained;
Service accordingly specifically includes that Video service, electronic music service, electronic chart in the step 3 and step 3.5
Book service, fine definition picture, PPT material and various file types electronic information service;
Step 4: user is attached operation when being in logging state;
Step 4.1, when that need not go relevance, can be attached operation, using current when user is in logging state
It logs in token and connects the token that logs in next time, user sends connection request using client, according to anonymous credential and next
The period is logged in, generates next token for logging in the period, and send jointly to server end with the current token for logging in the period;
Relevance need not be gone to refer to user's video or electronics very long in one duration of viewing described in step 4.1
When books, user need not go relevance under this or similar situation, then the attended operation of step 4 need not replace token and step on again
Record, i.e., token next time is connected within multiple periods to be regenerated, and tested by experiment, and attended operation is faster than register
N times, therefore can be further improved efficiency;
The token in the current login period that step 4.2 received server-side step 4.1 client is sent and next login week
The token of phase carries out validation check, returns to information whether verifying to client;
Server end verifying is current to log in token and login token is successfully believed next time to step 4.3 client receiving
It is similar with step 3.3 after breath, it reconstructs one and corresponds to the anonymous credential zero-knowledge proof obtained when registration, be sent to service
Device end;
The zero-knowledge proof to anonymous credential that step 4.4 received server-side client is sent, and verified, it verifies
By next token deposit database name for logging in the period in Next database after success;
Step 4.5 client receives successful connection information, until next login period need not log in again;
Step 5: server end after a login end cycle, empties the data in Cur database, and by Next
Token data unloading in database enters in Cur database, and jumps to step 3.1 and wait next login period;
Wherein, any one in step 5 logs in the period, if user is in logging state, and is not desired to be further continued for accessing
Service can jump to step 3.1 and publish request by client transmission and send the current token for logging in the period
To server end;
At the same time, user, which according to circumstances can set and adjust at any moment of login, logs in the period, in user head
When secondary login system, user's operation is needed to log in, after login, in one login period of every mistake, user terminal system will be replaced automatically
Token logs in next period, such design can guarantee user when watching a series of short-sighted frequencies or e-book, user's
It logs in token to be replaced in time, multiple behavior is not associated, and guarantees user privacy information, and can accomplish that user itself has no body
Test deviation;
Step 6: user publishes client, log off, the specific steps are as follows:
Step 6.1 received server-side client publishes request and its current token for logging in the period, from Cur data
The token is deleted in library, and publishes successful information to client return;
Step 6.2 client receives server end and publishes successful information, publishes completion;
Signature in step 3 and step 4 of the present invention cannot log in twice simultaneously within a login period, and
It include the inspection to expired time and in login and access phase, user can not if if the order time, interval is expired
It logs in again, guarantees the interests of ISP.
Beneficial effect
A kind of anonymous booking method of the invention has following beneficial to effect relative to existing anonymous purchase agreements and system
Fruit:
(1) system is relatively reliable: this method and one account of system relied on cannot be repeatedly same a login period
Shi Denglu, the log-on message so that user can not overdraw get rid of the limitation for effectively ordering the time limit, ensure that the reliable of system
Property;
(2) ensure that privacy of user, i.e. user anonymity are guaranteed: on the one hand: user's appoints in this agreement and system
What is logged in twice can not be all associated with by server, and make server end that can not obtain user information, and protect privacy of user;
On the other hand: being paid using the real name means of payment, and guarantee real name payment accounts and ordering information onrelevant, guarantee to use
The safety of family privacy information;
(3) method of token is generated using PRF and orders association relative to existing anonymity to time limit verification method is ordered
View is more efficiently and practical;
(4) in this system after each login end cycle, all tokens are emptied, and the token only connected is put into currently
In token list, guarantee the reasonable of memory space, do not increase infinitely, so that system has reasonable memory space.
Detailed description of the invention
Fig. 1 is that middle server end and each module of client are illustrated in a kind of system that anonymous booking method is relied on of the present invention
Figure and its annexation figure;
Fig. 2 is the interaction of registration module and location registration process module in a kind of system that anonymous booking method is relied on of the present invention
Relational graph;
Fig. 3 login module and login process module and is asked in a kind of system that anonymous booking method is relied on of the present invention
Seek the interactive relation figure with access modules and transmission process module;
Fig. 4 is link block and the interaction for connecting processing module in a kind of system that anonymous booking method is relied on of the present invention
Relational graph;
Fig. 5 is to publish module in a kind of system that anonymous booking method is relied on of the present invention and publish the interaction of processing module
Relational graph.
Specific embodiment
A kind of anonymous purchase agreements of the invention and its system, wherein a kind of anonymity order system include server end and
Client, server end are mounted on the server of service provider, and client is mounted on the computer or hand-held mobile whole of user
On end;Wherein, the hand-held mobile terminal mainly includes smart phone, ipad and ipod;Server end is configured with data
Library, parameter setting module, location registration process module, login process module connect processing module, log in end cycle module, publish
Processing module, transmission process module;Client is configured with registration module, login module, and link block publishes module, request with
Access modules.
The server end such as logs in period and its public and private key information firstly the need of a series of system parameters are generated;It
Afterwards if desired user accesses service, needs to be registered using client, executes registration module, client registers module and service
Device end location registration process module interacts, and completes registration process, what process user offer was ordered starts over the time, and pays
Corresponding expense obtains a legal signature from server end, constitutes the anonymous credential for logging in and needing;User just uses later
The anonymous credential is logged in client, is executed login module, is interacted with server end login process module, is stepped on when logging in
Record module can carry out one to signature and blind operation, generate the current token for logging in the period, logged in and executed request and visit
It asks module, starts access service, log in the login that end cycle will carry out next period, replacement token is logged in;This guest who is not a relative
Family end provides a link block, and when not needing association, user may be selected to execute, and attended operation is than in register efficiency
High twice or so, efficiency can be improved in such selectively actuatable;When user is not desired to visit again service, it can execute and publish behaviour
Make, publishes system;Login module and login process module and link block with connect in processing module, include to expired
The inspection of time, user can not log in again if if the order time, interval is expired.
With reference to the accompanying drawings and examples, anonymous purchase agreements of the invention and its system are further illustrated, and illustrates it
Advantage.It should be pointed out that implementation of the invention is not limited by the following examples, the change in any form that the present invention is done
Logical or change will fall into the scope of the present invention.
Embodiment 1
Type of database in the present embodiment stores token using redis;Before implementing registration process, service
Device end needs to be implemented parameter setting module, mainly generates necessary system parameter and its public key and private key, corresponding specification
Step 1 in main body, specific steps are as follows:
Step 1.1 generates security parameter t=80, l=40, s=40;N is generated, n=pq is a big conjunction number, and p and q are
Big prime, | n |=100;It generates<gn> refer to by gnThe multiplicative group of generation;
Step 1.2 is chosenSet X=gx, Y=gy, Set public key and private key:
Spk=(q, G, GT,g,X,Y,Z1,Z2), ssk=(x, y, z1,z2), wherein G is an elliptic curve group, should in the present embodiment 1
Elliptic curve is y2=x3+ 1modp, q are the ranks of the elliptic curve, and g is the generation member of the elliptic curve, GTIt is ellipse at this
A bilinear map group on circular curve, representation are e:G × G → GT, and gT=e (g, g) is bilinear map group
Generation member;
Step 1.3 sets token storage collection, σ=({ }, { }), and initialization is all sky, including two parts: σ .cur and σ
.next, one is the current token for logging in period all users and logging in of storage, and one is to store the user for having used attended operation
The token logged in next time, cur=| σ .cur |, next=| σ .next |;
Step 1.4 sets each time T for logging in the period, and T is set as 1min in the present embodiment, after value setting,
It is fixed for logging in the period;
Step 1.5 sets order date extreme value, minimum value t-∞, it is the positive number of a very little, maximum value t∞, be one very
Big positive number, the setting of date extreme value primarily to login and link block is facilitated to carry out zero-knowledge proof to order date,
Verify its order date validity;
Followed by the process that user is registered by client, detailed process are as follows:
Step (2.1) user is interacted by client executing registration module with the location registration process module of server end, is used
Family selectionOrder starting and end time exps,expeIt calculates Expe=expe-
exps, and exp is sent to server, and execute a zero-knowledge proof with the interaction of server location registration process module:
The zero-knowledge proof of step (2.2) server end verification step (2.1), if success, is transferred to step (2.3), if not
Step (2.1) is successfully skipped to re-register;
The expense that user should pay is calculated according to the exp of user in step (2.3) server end location registration process module,
And it is sent to user terminal;
Step (2.4) user client pays corresponding expense fare using real name payment accounts Account, after paying successfully
Server end location registration process module is generated to d, exps,expeSignature:
Order signing messages;
Step (2.5) server end by this sign s=(a, A1,A2,b,B1,B2, c) and it is sent to client;
Step (2.6) client registers module carries out associated verification:
a≠1,e(a,Z1)=e (g, A1),
e(a,Z2)=e (g, A2), e (a, Y)=e (g, b),
e(A1, Y) and=e (g, B1),e(A2, Y) and=e (g, B2),
After being proved to be successful, user saves access anonymous credential sk=(s, d, exps,expe), that is, it succeeds in registration.
In the present embodiment, user is paid using real name payment accounts, its privacy information will not be still revealed, above-mentioned
In operation, to d, exps,expeVerifying use zero knowledge proof, server end can not obtain these information, therefore real name
Payment accounts can not be associated with the privacy information of user, therefore feasible and practical using real name means of payment;However it is existing its
In his anonymous purchase agreements, anonymous payment means can only be used to be paid, if using real name means of payment meeting association user
Ordering information.
Embodiment 2
The present embodiment is a kind of login process of the anonymous order system relied on based on the present invention, specifically to access video
For service.
Client access Video service viewing video can be logged in after user registration success, user is stepped on by client
It records module to log in, be interacted with server end login process module, specific steps are as follows:
Step (3.1) client uses sk=(s=(a, A1,A2,b,B1,B2,c),d,exps,expe) Proxy Signature is generated,
It chooses At the beginning of t is the current login period;At the same time,
The difference for the time that the present embodiment is carved using current time and the January in 1970 of 0: 0 timesharing on the 1st, and minute is converted to as unit;
Type of Client Log-on Module generatesAnd Yd(t), wherein Yd(t) it is token, is to be generated using PRF method, and send it to
Server end;
Step (3.2) server end login process module judges token Yd(t);Presence or absence simultaneously carries out corresponding operating:
(3.2.1) is if Yd(t) ∈ σ .cur shows that the token has been used, then login failure, returns to failure information to visitor
Family end returns to step (3.1) and waits user's request next time;
(3.2.2) if the token is not present, ifShow that the token is not used by, continue to verify:
(3.2.2.1) login failure if authentication failed returns to step (3.1) and waits user's request next time;
(3.2.2.2) is otherwise proved to be successful, and jumps to step (3.3);
Step (3.3) Type of Client Log-on Module and server end login process module are all calculated as follows respectively:
And execute following zero-knowledge proof:
Wherein r '=1/r2;
Step (3.4) server end is by Yd(t) it is stored in the σ .cur in database, updates σ, so far, user just logs in into
Function;
Step (3.5) client will continue to execute video request and play, and user can access Video service viewing view
Frequently;
In the present embodiment, when generating login token, in addition to using the d in sk, exps,expe, also use current login week
T at the beginning of phase, t is unique at the beginning of any one logs in the period, therefore in any a cycle, one
User can only have a login token, cannot be used for multiple times simultaneously, this ensure that the interests of service provider;In addition, stepping on
The zero-knowledge proof executed when record can be verified to start and end time is ordered, if the order time is expired, user
It will be unable to log in, accomplished that the time limit is effectively ordered in limitation in this way, guaranteed the interests of service provider.
Embodiment 3
Connection procedure of the present embodiment based on a kind of anonymous order system of the invention.
When user is in logging state, attended operation can be performed, attended operation is mainly available to may be selected for user
Operation, when not needing relevance, user can choose the connection of current period and next period, arrive in this way in next period
After coming, user need not log in again;Attended operation is executed by the link block of client, connect processing module with server end
Interaction mainly maintains a variable linkn in client link block to carry out by user, and linkn indicates current
The login period starts the linkn period after connection, and every end a cycle linkn just subtracts 1, and linkn is kept to after 0 expression
It is not connected to, can modify to linkn in any one login period, whether be attached with the period after prompting;
When attended operation, the link block of client uses sk=(s, d, exps,expe) calculate And it is sent to server end, the connection processing of server end
Module is verified, and Y is verifiedd(t) ∈ σ .cur andIf not then connection failure, it is verified then
Continue to operate;Client link block connects processing module with server end and executes following zero-knowledge proof later:
The connection processing module of server end carries out zero knowledge proof, after being proved to be successful, Yd(t+T) it is added to σ .next
In, successful connection;
In the embodiment, attended operation is simpler than register, and execution efficiency is also higher, experiments have shown that attended operation ratio
Fast 2 times of register or so, when relevance need not be gone, if user when watching a time longer video, then can be with
Using attended operation, efficiency can be improved;And to exp used in implementings≤tcur≤expeRange zero-knowledge proof be mesh
It is most efficient in preceding existing scheme, it is ensured that high efficiency.
Embodiment 4
Login end cycle process of the present embodiment based on a kind of anonymous order system of the invention.
After each logs in end cycle, server end, which can execute, logs in end cycle module, to token storage state
It is updated, concrete operations are as follows:
The state of storage token in server update database, σ '=(σ .cur=σ .next, σ .next={ }), also
It is that σ .cur is emptied and the token in σ .next is all put into σ .cur, σ .next is emptied;Final result is exactly σ ' .cur
=σ .next, σ ' .next={ }, while entering next period;
In the present embodiment 4, every a login period, token storage will update once, be stored in only working as data
The preceding token for logging in period login and connection, therefore memory space will not infinitely increase, memory space is reasonable.
The above is presently preferred embodiments of the present invention, and it is public that the present invention should not be limited to embodiment and attached drawing institute
The content opened, it is all not depart from the lower equivalent or modification completed of spirit disclosed in this invention, both fall within the model that the present invention protects
It encloses.
Claims (2)
1. a kind of anonymity booking method, it is characterised in that: a kind of anonymous order system that the method is based on includes server
End and client;Server end include again parameter setting module, location registration process module, login process module, connection processing module,
It logs in end cycle module, publish processing module, transmission process module and database;Wherein, type of database is mainly
Redis, mysql or oracle, it includes current database and lower cycle data library again;Client includes registration module, logs in
Module, link block publish module and request and access modules;
Wherein, current database, i.e. Cur database;Lower cycle data library, i.e. Next database;
The installation process of each module of order system is as follows: the server end is mounted on the server of SP;The visitor
Family end is mounted on the computer of user;The function of each comprising modules is as follows in the order system:
The function of parameter setting module are as follows: mainly generate the key letter that the necessary system parameter of server end and agreement need to be implemented
Breath;The function of registration module are as follows: user sends registration request by client and mainly sends to order the time started and order and ties
Subscription fee is registered and paid to the beam time, and receives the order signing messages of server end, generates the anonymous credential of login
Information;The function of location registration process module are as follows: the registration request and related registration information of received server-side user terminal registration module,
And verified, generation order signature is sent to client after collecting subscription fee;The function of login module are as follows: user uses visitor
The anonymous credential information and generation obtained when the input registration of family end currently logs in the period, and (user only needs manual in first login
Input logs in, and can replace automatically token every fixed cycle client later and log in again, if performing attended operation not
Need to log in again) login token, issue logging request, accessing service after logining successfully, execute request with access mould
Block;The function of login process module are as follows: server receives the logging request to Type of Client Log-on Module and carries out login token number
According to verifying, and store token after the validation;The function of link block are as follows: user when client is in logging state,
It does not need to carry out selection operation when relevance, send connection request and generates next token for logging in the period, connection is next time
Log in the period;Connect the function of processing module are as follows: the connection request of received server-side client is simultaneously handled;Log in the period
The function of ending module are as follows: server end is after a login end cycle, more new database token storage state, and enters
Next login period;Publish the function of module are as follows: client, which is sent, to be published request and will currently log in the period
Token is sent to server end;Publish the function of processing module are as follows: received server-side client publish request and its work as
The preceding token for logging in the period, and more new database token status;The function of request and access modules are as follows: logined successfully in client
Afterwards, service request is issued to server end and receive information on services and the access of server end;The function of transmission process module are as follows:
The service request of received server-side client carries out coding transmission to client to respective service;
The connection relationship of the order system all modules, specifically:
Registration module is connected with location registration process module;Login module and login process module, request and access modules, link block
And it publishes module and is connected;It link block and login module and connect processing module and is connected;It publishes module and login module and steps on
Processing module is connected out;Request is connected with access modules with transmission process module;Database module and login process module are connect
Processing module, publish processing module and log in end cycle module be connected;
The booking method, specific steps are as follows:
Step 1: server end generates system parameter and server public key, private key information by parameter setting module;
Step 2: user's registration, which obtains, orders signing messages;The detailed process of step 2 are as follows:
Step 2.1 user issues registration request by client and inputs and predominantly orders the time started and order the end time
Information, construction one, to ordering the time started and ordering the non-interactive zero-knowledge proof of end time, is sent to server
End;
The registration request and zero-knowledge proof of the transmission of step 2.2 received server-side step 2.1 user terminal are simultaneously verified, root
The order time limit sent according to user terminal, which calculates, needs fee charged, sends charge request to client;
Step 2.3 user initiates to pay after receiving the charge request of step 2.2, using real name payment accounts to server end
Request carries out reimbursement of expense;
After step 2.4 received server-side to the payment request of step 2.3 client, the payment request of client, expense are handled
It collects successfully to calculate afterwards and generate based on ordering the time started and ordering the signature of end time information, is i.e. order signing messages,
And client is sent this information to, which is exactly legitimate anonymous identity foundation when user being used as to log in;
Step 2.5 user receives the order signing messages of step 2.4 server end transmission, is verified, and save A.L.S.
Breath, and form with to order the information based on start and end time and log in anonymous credential information, so far user's registration completion;
Step 3: user logs in client, and access corresponding service;
The specific steps of step 3 are as follows:
Step 3.1 then jumps to step 6 when exiting the request of access with user orientation server sending;Otherwise when with user orientation server
When having access request, user sends logging request by client, and according to the anonymous credential obtained when registering
A Proxy Signature and a token disposably accessed are generated with the current login period, and the Proxy Signature and token are sent to
Server end;
Wherein, the token is generated using PRF method;
The Proxy Signature and token that step 3.2 received server-side step 3.1 client is sent, and Proxy Signature is verified, it is right
Token is checked, judges that the token whether there is in Cur database, and proceed as follows according to presence or absence:
If 3.2.1 the token is not present, shows that the token is not used by transmission and is proved to be successful information to client, enter step
3.3;
If 3.2.2 the token exists, show that the token has been used, then show login failure, returns to failure information to client,
Return to the access request that step 3.1 waits user next time;
Step 3.3 client is receiving step 3.2 server end to Proxy Signature and the successful information of token authentication and then structure
It makes one and corresponds to the anonymous credential zero-knowledge proof obtained when registration, be sent to server end;
The zero-knowledge proof information to anonymous credential that step 3.4 received server-side step 3.3 client is sent, and tested
Card is verified and then token is stored in Cur database, and sends and login successfully information;
Step 3.5 client receiving step 3.4 login successfully information after, so far user logins successfully;It can carry out anonymous access
Corresponding service, client executing respective request and access modules, interact, client with server end transmission process module
Obtain corresponding service;
Step 4: user is attached operation when being in logging state;
The specific steps of step 4 are as follows:
Step 4.1, when that need not go relevance, can be attached operation when user is in logging state, be logged in using current
Token connects the token logged in next time, and user sends connection request using client, according to anonymous credential and next login
Period generates next token for logging in the period, and sends jointly to server end with the current token for logging in the period;
Relevance need not be gone to refer to user's video or e-book very long in one duration of viewing described in step 4.1
When, user need not go relevance under this or similar situation, then the attended operation of step 4 need not replace token and log in again, i.e.,
Token next time is connected within multiple periods to be regenerated, and tested by experiment, N times faster than register of attended operation,
Therefore it can be further improved efficiency;
The token in the current login period that step 4.2 received server-side step 4.1 client is sent and next log in the period
Token carries out validation check, returns to information whether verifying to client;
After each logs in end cycle, server end, which can execute, logs in end cycle module, carries out to token storage state
It updates, concrete operations are as follows:
The state of token, σ '=(σ .cur=σ .next, σ .next={ }), that is, σ are stored in server update database
.cur it empties and the token in σ .next is all put into σ .cur, σ .next is emptied;Final result is exactly σ ' .cur × σ
.next, σ ' .next={ }, while entering next period;
Every a login period, token storage will update once, be stored in data it is only current log in the period log in and
The token of connection;
Step 4.3 client is receiving the current login token of server end verifying and is logging in the successful information of token next time
Afterwards, similar with step 3.3, it reconstructs one and corresponds to the anonymous credential zero-knowledge proof obtained when registration, be sent to server
End;
The zero-knowledge proof to anonymous credential that step 4.4 received server-side client is sent, and verified, it is proved to be successful
It is afterwards in Next database by next token deposit database name for logging in the period;
Step 4.5 client receives successful connection information, until next login period need not log in again;
Step 5: server end after a login end cycle, empties the data in Cur database, and by Next data
Token data unloading in library enters in Cur database, and jumps to step 3;
Wherein, any one of step 5 logs in the period, if user is in logging state, and is not desired to be further continued for access service,
Step 3.1 can be jumped to publish request by client transmission and the current token for logging in the period is sent to service
Device end;
At the same time, user, which according to circumstances can set and adjust at any moment of login, logs in the period, steps on for the first time in user
When recording system, user's operation is needed to log in, after login, in one login period of every mistake, user terminal system will replace token automatically
Log in next period, such design can guarantee user when watching a series of short-sighted frequencies or e-book, the login of user
Token is replaced in time, and multiple behavior is not associated, and guarantees user privacy information, and it is inclined to accomplish that user itself has no experience
Difference;
Step 6: user publishes client, log off, the specific steps of step 6 are as follows:
Step 6.1 received server-side client publishes request and its current token for logging in the period, from Cur database
The token is deleted, and publishes successful information to client return;
Step 6.2 client receives server end and publishes successful information, publishes completion;
Signature in the step three and step 4 cannot log in twice simultaneously within a login period, and log in and
Access phase includes the inspection to expired time, and user can not log in again if if the order time, interval is expired, is guaranteed
The interests of ISP.
2. a kind of anonymous booking method as described in claim 1, it is further characterized in that: phase in the step 3 and step 3.5
The service answered specifically include that Video service, electronic music service, E-book service, fine definition picture, PPT material and
The electronic information service of various file types.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610156487.1A CN105847008B (en) | 2016-03-18 | 2016-03-18 | A kind of anonymity booking method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610156487.1A CN105847008B (en) | 2016-03-18 | 2016-03-18 | A kind of anonymity booking method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105847008A CN105847008A (en) | 2016-08-10 |
CN105847008B true CN105847008B (en) | 2019-03-05 |
Family
ID=56587927
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610156487.1A Active CN105847008B (en) | 2016-03-18 | 2016-03-18 | A kind of anonymity booking method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105847008B (en) |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111612465A (en) * | 2016-10-06 | 2020-09-01 | 李丽萍 | Payment system, collection and payment method, anonymous payment client and server |
CN107040535B (en) * | 2017-04-07 | 2020-07-10 | 网易(杭州)网络有限公司 | Method, device and system for monitoring login of mobile application channel and storage medium |
US11037118B2 (en) * | 2017-04-28 | 2021-06-15 | International Business Machines Corporation | Zero knowledge third party guarantee of service on decentralized computing platform |
CN109388941A (en) * | 2018-10-29 | 2019-02-26 | 苏州友教习亦教育科技有限公司 | Teacher's permission login method and system |
CN109525583B (en) * | 2018-11-26 | 2021-03-12 | 中国科学院数据与通信保护研究教育中心 | False certificate detection method and system for third-party identity management providing service system |
CN111817845B (en) * | 2019-04-11 | 2022-07-22 | 亿度慧达教育科技(北京)有限公司 | Anti-crawler method and computer storage medium |
CN110314270B (en) * | 2019-04-30 | 2022-05-13 | 金脑元(武汉)医学生物科技有限公司 | Insomnia treatment system and insomnia therapeutic instrument based on cloud server |
CN110601936A (en) * | 2019-09-24 | 2019-12-20 | 涂益民 | Digital photo album sharing system based on digital home network |
CN115589333B (en) * | 2022-11-11 | 2023-04-28 | 中电金信软件有限公司 | Access request authentication method, device, system and electronic equipment |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103577736A (en) * | 2013-11-07 | 2014-02-12 | 上海动联信息技术股份有限公司 | Low-power-consumption dynamic token and dynamic password generation method |
-
2016
- 2016-03-18 CN CN201610156487.1A patent/CN105847008B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103577736A (en) * | 2013-11-07 | 2014-02-12 | 上海动联信息技术股份有限公司 | Low-power-consumption dynamic token and dynamic password generation method |
Non-Patent Citations (2)
Title |
---|
"a verifiable random function with short proofs and keys";Dodis Y, Yampolskiy A;《international conference on theory and practice in public key cryptograph》;20051231;摘要 |
"online subscriptions with anonymous access";M Blanton;《ACM symposium information》;20081231;第3、4、5.4部分 |
Also Published As
Publication number | Publication date |
---|---|
CN105847008A (en) | 2016-08-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105847008B (en) | A kind of anonymity booking method | |
Tasca et al. | Taxonomy of blockchain technologies. Principles of identification and classification | |
Ruffing et al. | Liar, liar, coins on fire! Penalizing equivocation by loss of bitcoins | |
Puddu et al. | $\mu $ chain: How to Forget without Hard Forks | |
US10708071B1 (en) | Consensus protocols in distributed computing systems | |
US6385725B1 (en) | System and method for providing commitment security among users in a computer network | |
WO2020015487A1 (en) | Identity verification method, login method, apparatuses, and computer device | |
Au et al. | BLACR: TTP-free blacklistable anonymous credentials with reputation | |
Au et al. | PERM: Practical reputation-based blacklisting without TTPs | |
JP2019053269A (en) | System and method for determining ballot of voter collected by electronic voting | |
Liu et al. | Fork-free hybrid consensus with flexible proof-of-activity | |
Zhang et al. | A treasury system for cryptocurrencies: Enabling better collaborative intelligence | |
Yang et al. | Decentralized blacklistable anonymous credentials with reputation | |
CN110071897B (en) | Block chain system based on mobile terminal | |
CN110537359A (en) | The authentication of Behavior-based control | |
Chen et al. | Trusted audit with untrusted auditors: A decentralized data integrity Crowdauditing approach based on blockchain | |
US11245528B1 (en) | Protocols for decentralized networks | |
Gabay et al. | A privacy framework for charging connected electric vehicles using blockchain and zero knowledge proofs | |
Almashaqbeh | Cachecash: A cryptocurrency-based decentralized content delivery network | |
CN110310192A (en) | Transaction processing method, device, equipment and storage medium based on data analysis | |
Camenisch et al. | Federated identity management | |
US20140101440A1 (en) | Digital arbitration | |
Capodieci | P2P energy exchange agent platform featuring a game theory related learning negotiation algorithm | |
Bhaskar et al. | Verito: A Practical System for Transparency and Accountability in Virtual Economies. | |
Dinh et al. | Scaling up anonymous communication with efficient nanopayment channels |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |