CN113656826A - Anonymous identity management and verification method supporting dynamic change of user attributes - Google Patents

Anonymous identity management and verification method supporting dynamic change of user attributes Download PDF

Info

Publication number
CN113656826A
CN113656826A CN202010396755.3A CN202010396755A CN113656826A CN 113656826 A CN113656826 A CN 113656826A CN 202010396755 A CN202010396755 A CN 202010396755A CN 113656826 A CN113656826 A CN 113656826A
Authority
CN
China
Prior art keywords
attribute
user
key
signature
access information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010396755.3A
Other languages
Chinese (zh)
Inventor
苏倩倩
章睿
薛锐
孙优
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Information Engineering of CAS
Original Assignee
Institute of Information Engineering of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Information Engineering of CAS filed Critical Institute of Information Engineering of CAS
Priority to CN202010396755.3A priority Critical patent/CN113656826A/en
Publication of CN113656826A publication Critical patent/CN113656826A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an anonymous identity management and verification method supporting dynamic change of user attributes, which belongs to the field of block chains and mainly comprises four steps of system initialization, generation of attribute signature keys in updating, generation of signatures and verification of the signatures. The method can effectively solve the problems in the prior art, not only can realize the management and verification of the user identity under the condition of not revealing the user identity, but also is not dependent on a central trust mechanism in the process, so the method is well suitable for a distributed scene.

Description

Anonymous identity management and verification method supporting dynamic change of user attributes
Technical Field
The invention relates to an anonymous identity management and verification method supporting dynamic change of user attributes, and belongs to the field of block chains.
Background
Block chain technology has become a technological focus of research in recent years. The blockchain refers to a technical scheme for collectively maintaining a reliable database in a decentralized and distrust-free mode. According to the technical scheme, any plurality of nodes participating in the system calculate and record all data in information communication in the system in a period of time to one data block (block) through a cryptographic algorithm, and generate fingerprints of the data block for linking (chain) the next data block and checking, and all participating nodes of the system jointly determine whether the record is true or not.
The four main properties of a blockchain are:
(1) decentralization (Decentralized). The whole network has no centralized hardware or management mechanism, the rights and obligations between any nodes are equal, and the damage or loss of any node does not affect the operation of the whole system.
(2) Distrust (Trustless). The data exchange between each node participating in the whole system is carried out without mutual trust, the operation rule of the whole system is public and transparent, and all data contents are also public.
(3) Collective maintenance (Collectively Maintain). The data blocks in the system are commonly maintained by all nodes with maintenance functions in the whole system, and the nodes with maintenance functions can participate by anyone.
(4) Reliable Database (Reliable Database). The whole system can make each participating node obtain a copy of the complete database in a distributed database mode. Unless more than 51% of the nodes in the whole system can be controlled simultaneously, the modification of the database on a single node is ineffective, and the data content on other nodes cannot be influenced. The more nodes and the more computing power that participate in the system, the higher the security of the data in the system.
Another 2 features will be extended from the above four features:
(1) open Source (Open Source): since the operating rules of the entire system must be publicly transparent, the entire system must be open source to the program.
(2) Privacy protection (Anonymity): since nodes and nodes do not need to trust each other, and therefore identities do not need to be disclosed between the nodes, the privacy of each participating node in the system is protected.
The block chains are currently divided into three categories: private chain, public chain, federation chain.
Public chains are the earliest blockchains and are also the most widely used blockchains at present. Refers to a fully decentralized, mechanism-independent blockchain, such as a bitcoin blockchain. Any individual or group in the world can send a transaction and the transaction can be validated against the blockchain, and anyone can participate in their consensus process. Participants in the consensus process maintain the security of the database through cryptographic techniques and built-in economic incentives. Public chains have the characteristics of being completely open, uncontrolled and secure by means of encryption techniques.
Private chain refers to a block chain where there is some centralized control. The block chain general ledger technology is only used for accounting, the block chain general ledger technology can be a company, and can also be an individual, the block chain can solely share the writing authority of the block chain, and the block chain is not greatly different from other distributed storage schemes. The participated nodes are only users, and the access and the use of the data have strict authority management. A federation chain may also be considered to belong to the private chain category because of some centralized control. Because the private chain is completely what the user says, the data in the private chain has no unchangeable characteristic, and the private chain has no great guarantee for a third party. Typically used as an internal audit.
The alliance chain is formed by a group internally designating a plurality of preselected nodes as the bookkeeper, the generation of each block is jointly determined by all the preselected nodes, and other access nodes can participate in the transaction without asking about the billing process. The nodes participating in the block chain are selected in advance, and good network connection is probably formed among the nodes. Other non-workload proof consensus algorithms may be used on such blockchains, for example, a blockchain is established between 100 financial institutions, which requires more than 67 institutional consents to agree to achieve consensus. The alliance chain can achieve good connection among the nodes, can maintain operation with little cost, provides rapid transaction processing and low transaction cost, has good expansibility, but the expansibility is reduced along with the increase of the nodes. The data can ensure certain privacy, and the application range of the blockchain is limited.
As blockchain technology evolves, more and more projects are deployed on blockchains. But the privacy protection problem of the blockchain cannot be ignored. Taking an electronic transaction block chain as an example, in an electronic transaction system, a third-party platform is not needed to be used as an intermediary between users, and the transaction between the users can be directly carried out, so that the situation that information of buyers and sellers is asymmetric is improved. In such a scenario, a more common example is to give the user a corresponding reputation value through the user's behavior, which represents the user's honesty. Generally, both buyers and sellers want to conduct transactions with users with high reputation, and the information of the transactions is stored on the blockchain, and has non-tampering and permanence. But also inevitably poses a privacy threat due to the publicly accessible nature of the data on the blockchain. First, at the network layer, there may be cases where data is tampered with during transmission of such transaction information. Secondly, in the transaction layer, the threats of transaction information leakage and user identity privacy leakage also exist in the processes of generating, verifying, storing and using transactions. Also at the application level, privacy risks are faced as well, even when using such transaction data. Therefore, in practical applications, not only privacy protection of transaction data on the links but also user identity privacy needs to be considered, that is, an anonymous identity management and authentication method is needed.
One of the solutions to the problem of transaction data being used is to perform access control of the identity of the user accessing the data. However, the existing identity management system mostly depends on a central organization such as PKI and CA, and thus is difficult to be applied to a distributed block chain scenario. Aiming at the problem of user identity privacy, most of the current methods are pseudo-anonymous methods, but the problem of identity linkage still exists through prevention of mathematical analysis. Aiming at the problem that a user independently selects a trading party by virtue of a credit value, no researcher conducts research at present.
In view of the above, in conjunction with cryptographic techniques, abstracting a reputation value as an attribute can help solve the above problems with attribute-based signatures. In the signature scheme based on the attribute, the identity of the user is described through the attribute, so that on one hand, the leakage of the real identity of the user is avoided, on the other hand, the verification of the attribute signature can help to realize an access control function, and help only the user meeting the corresponding condition to have the capability of accessing data. However, the current research on the attribute-based signature scheme cannot be directly applied because the function is not perfect and is lack of distributed or variable attribute functions, so that the problem to be solved is to realize anonymous identity management and verification by improving the attribute-based signature to have the distributed and variable attribute functions.
In view of the actual scenario used, the required signature control scheme needs to meet the following requirements:
(1) effectiveness. The identity management and verification of the user can be realized through the management and verification of the attributes.
(2) Anonymity. During the signature verification process, any third party cannot obtain the true identity of the user from the message and the signature of the message.
(3) It is not forgeable. Any user member cannot forge a false reputation value and generate a valid signature.
In addition, considering that the attribute of the user is dynamically changed in the practical application process, how to efficiently respond to the dynamic change of the attribute of the user is an important problem to be solved urgently. The system supports not only a distributed system architecture, but also the distribution of the key without depending on a single authority, and also supports the dynamic change of the attribute. Therefore, how to achieve efficient decentralized key distribution and updating of dynamic attributes is a considerable problem. There is currently no existing method or system to solve the above-mentioned problems in the federation chain, and further research is needed.
The blockchain relates to the access structure and linear key sharing scheme, and is briefly described as follows:
the access structure is a logical structure describing the access policy, the original idea of which was derived from a threshold key sharing scheme. The access structure enables access control to data by differentiating between participant sets, i.e. defining authorized sets that can reconstruct keys and unauthorized sets that cannot reconstruct keys. The specific definition is as follows:
access Structure (Access Structure)) is set to { P }1,P2,...,PnDenotes the n participant sets, and Γ denotes some subset under the participant set. If Γ is a monotonic access structure, Γ satisfies: for all subsets A, B, if A ∈ Γ, and
Figure BDA0002487869880000031
then B e Γ can be derived. And if D is equal to gamma, D is an authorized set, otherwise, the D is an unauthorized set.
Linear Secret Sharing Scheme (LSSS)) on a participant set P, a Secret Sharing Scheme II is called Z if the following conditions are metpLinear secret sharing scheme over (representing groups on prime p):
1. secret shares per entity constitute ZpOne vector of (a).
2. For the secret sharing scheme Π, there is a generator matrix Ml×nFor each row i of the matrix M1, 2.. l, the mapping ρ: {1, 2.. l,. l } → P maps it into the participant set P. Let vector quantity
Figure BDA0002487869880000041
Wherein s ∈ ZpIs a shared secret key, r2,r3,...,rnIs a random parameter used to hide s,
Figure BDA0002487869880000042
is a vector of l secret shares. Then it is determined that,
Figure BDA0002487869880000043
representing the allocation to participants ρiIs given.
Disclosure of Invention
The invention aims to provide an anonymous identity management and verification method supporting dynamic change of user attributes, which can effectively solve the problems in the prior art, can support dynamic change of the attributes, well adapt to a distributed scene, and can perfectly realize identity management and verification.
In order to solve the technical problems, the invention adopts the following technical scheme:
an anonymous identity management and verification method supporting dynamic change of user attributes is used for a block chain network system, and the system comprises users, attribute mechanisms and a block chain service provider; the attribute mechanism is responsible for maintaining an attribute set, generating an attribute key and a public key, and generating an attribute signature key for a user, different mechanisms are responsible for different attributes, one or more corresponding attributes are given to the user, and the management and verification of the user identity are realized through the management and verification of the attributes; the blockchain service provider provides an open platform for transactions between users, all transaction information is stored on the blockchain, and the method comprises the following steps:
s1, system initialization: initializing system parameters to generate global parameters of the system, initializing an attribute mechanism according to the global parameters to generate an attribute key of each attribute;
s2, generation and updating of an attribute key: the user applies for the attribute key from the corresponding attribute mechanism, the attribute mechanism responsible for the corresponding attribute distributes the attribute key for the user, and not only the user identity but also the time node are considered in the process of generating the attribute key so as to deal with the subsequent key updating process;
s3, signature generation: a user generates access information M, signs the access information M by using an attribute key, and then broadcasts and sends the access information M and the signature;
s4, signature verification: the other users verify the access information M and the signature and if the verification is passed, the request is processed.
Further, the step of initializing system parameters comprises:
(1) a security parameter k is given, a bilinear pair generation algorithm is operated to obtain bilinear group parameters, and the bilinear group parameters comprise p, G and GT,e,g1Where p is the order of the group G, G1Are the generator of the group G, e is the mapping e G1×G1→GT
(2) Generating three hash functions H according to bilinear group parameters0:{0,1}*→Zp,H1:{0,1}*→G,h:{0,1}*→G;
(3) Obtaining global parameters by the bilinear group parameters and the hash function: GP ═ G (G, G)T,e,p,g1,H0,H1,h)
Further, the step of initializing the attribute mechanism includes:
(1) according to the global parameter GP, each attribute mechanism selects two random numbers as an attribute private key alpha for each responsible attribute, y belongs to Zp
(2) The attribute authority calculates a corresponding attribute public key for each attribute: apk(1)=e(g1,g1)α,apk(2)=g1 y(ii) a Wherein the attribute private key of the attribute i is aski={αi,yiThe attribute public key is:
Figure BDA0002487869880000051
further, the step of distributing the attribute key for the user by the attribute authority responsible for the corresponding attribute comprises:
(1) the attribute mechanism receives an attribute key request of an attribute i of a user GID, acquires the current time t, and generates an attribute key related to the attribute i at the time t for the user:
Figure BDA0002487869880000052
(2) attribute key requested by user by attribute mechanism
Figure BDA0002487869880000053
And sent to the user GID.
Further, the current time t is obtained by the following method: and acquiring the time stamp time of the last confirmed block in the current block chain as the current time.
Further, defining an access policyIs a matrix A, which is used by the user, global parameter GP, identity information GID, attribute key
Figure BDA0002487869880000054
And access the information M for signature.
Further, the step of signing the access information M by the user comprises:
(1) random number s ∈ Z selected by user at randompVector of
Figure BDA0002487869880000055
And a vector
Figure BDA0002487869880000056
Let s be equal to ZpArranged as a vector
Figure BDA0002487869880000057
The first element of (1), and vector
Figure BDA0002487869880000058
Is set to 0;
(2) let vxRepresents Ax·v,wxRepresents AxW, wherein AxRepresents the x-th row of matrix A;
(3) the users being each row A of the matrix AxA random number r is selectedx∈ZpThen, the following calculation is performed:
σ0=e(g1,g1)sh(M)
Figure BDA0002487869880000059
Figure BDA00024878698800000510
(4) the signature generated for the access information M is σ ═ (σ)01,x2,x)。
Further, the step of verifying the access information M and the signature comprises:
(1) for a matrix A formed by access policies, a set of c is calculatedxSatisfies the equation: sigma cxAx=(1,0,...,0);
(2) Using a hash function H, hashing the message to obtain H (M), acquiring the timestamp of the latest block, and calculating H0(t);
(3) The following calculations were performed:
Figure BDA00024878698800000511
(4) if the equation is true, then the verification passes, otherwise, the verification fails.
Compared with the prior art, the invention has the following advantages:
(1) the invention relates to an anonymous identity management and verification method supporting dynamic change of user attributes. The method uses the signature technology based on the attribute to grant the corresponding attribute and the attribute key of the legal user. Anonymous management of user identity is achieved through management of attributes. The user can generate a signature for authentication in the interaction process, and the identity authentication is successful if the signature is verified. This means that the verification of the user identity can be done by verification of the attribute signature. The signature technology based on the attributes describes the user identity through the attributes, so that the privacy of the user identity can be protected. The attribute key granted to the user embeds the identity and time node of the user, so that collusion attack and key updating and abuse problems can be prevented.
(2) The authentication process of the invention can be independent of a single authority and can be suitable for a distributed environment of a block chain. Although an attribute mechanism is introduced during system initialization, the attribute mechanism does not participate in the signature verification process, and the signature verification process only needs to acquire a corresponding public key of the attribute mechanism, and does not need to interact with the attribute mechanism.
(3) The invention supports direct identity authentication between users and can realize identity management. Through the verification of the attribute signature, the user can verify the identity of the opposite user without depending on a central mechanism, thereby realizing the management and verification of the identity.
(4) Compared with the prior signature method, the signature method needs less calculation amount, meanwhile, the method does not need to interact with a third party in the authentication process, avoids information delay caused by interaction, and accordingly accelerates the authentication processing speed.
Drawings
Fig. 1 is a block chain network system.
Fig. 2 is a flow diagram of an anonymous identity management and authentication method supporting dynamic changes in user attributes.
Fig. 3 is a schematic diagram of a generation process of a time node.
Detailed Description
In order to make the technical solution of the present invention more comprehensible, embodiments accompanied with figures are described in detail below.
The embodiment provides a distributed anonymous authentication method supporting traceability, which is applicable to a federation chain and is applied to a blockchain network system, as shown in fig. 1, where the system includes a user, an attribute authority, and a blockchain service provider. The attribute mechanism is responsible for maintaining the attribute set, generating an attribute key and a public key, and generating an attribute signature key for the user. Different agencies are responsible for different attributes. The user is given corresponding attributes, which may be one or more. The user identity management and verification are realized through the management and verification of the attributes. The blockchain service provider provides an open platform for transactions between users. All transaction information is stored on the blockchain; as shown in fig. 2, the method specifically includes the following steps:
s1, system initialization: system initialization includes initialization of system parameters and initialization of attribute mechanisms.
In step S1, the public parameter and the corresponding secret parameter are generated by:
the generation process of the system parameters is as follows:
(1) a security parameter k is given, a bilinear pair generation algorithm is operated to obtain bilinear group parameters, and the bilinear group parameters comprise p, G and GT,e,g1Where p is the order of the group G, G1Are the generator of the group G, e is the mapping e G1×G1→GT
(2) Three hash functions H0:{0,1}*→Zp,H1:{0,1}*→G,h:{0,1}*→G。
(3) The global parameters are: GP ═ G (G, G)T,e,p,g1,H0,H1,h)。
The parameter generation process of the attribute mechanism is as follows:
(1) given a global parameter GP, each attribute authority selects two random numbers as an attribute private key alpha for each attribute in charge, y belongs to Zp
(2) The attribute authority calculates a corresponding attribute public key for each attribute: apk(1)=e(g1,g1)α,apk(2)=g1 y
Attribute private key of Attribute i is aski={αi,yiThe attribute public key is:
Figure BDA0002487869880000071
s2, generation and updating of an attribute key: the user applies for the attribute key from the corresponding attribute authority. The attribute authority responsible for the respective attributes distributes the keys for the users. Not only the user identity but also the time node is considered in the process of generating the attribute key to cope with the following key updating process.
In step S2, the generation and update steps of the attribute signature key are performed as follows:
(1) the attribute mechanism receives an attribute key request of an attribute i of a user GID, acquires the current time t, and generates an attribute key related to the attribute i at the time t for the user:
Figure BDA0002487869880000072
(2) the generation process of the time t is as follows: the timestamp time of the last confirmed block in the current block chain is taken as the current time, as shown in fig. 3.
(4) Attribute key requested by user by attribute mechanism
Figure BDA0002487869880000073
And sent to the user GID.
S3, signature generation: the user generates access information M and signs the access information M using the attribute key. The user will send the access information M as well as the signature broadcast.
In step S3, the signature generation is performed by:
(1) defining the access policy as a matrix A, and using the matrix, global parameter GP, identity information GID and attribute signature key by the user
Figure BDA0002487869880000074
And accessing the information M to generate the signature.
(2) Random number s ∈ Z selected by user at randompVector of
Figure BDA0002487869880000075
And a vector
Figure BDA0002487869880000076
Let s be equal to ZpArranged as a vector
Figure BDA0002487869880000077
The first element of (1), and vector
Figure BDA0002487869880000078
Is set to 0.
(3) Let vxRepresents Ax·v,wxRepresents AxW, wherein AxRepresenting the x-th row of matrix a.
(4) The users being each row A of the matrix AxA random number r is selectedx∈ZpThen proceed withThe following calculations:
σ0=e(g1,g1)sh(M)
Figure BDA0002487869880000081
Figure BDA0002487869880000082
(5) the signature generated for the access information M is σ ═ (σ)01,x2,x)。
S4, signature verification: the access information M and the signature are verified and if the verification is passed, the request is processed.
In step S4, signature verification is performed by:
(1) for a matrix A formed by the access policy, the verifier calculates a set of cxSatisfies the equation: sigma cxAx=(1,0,...,0)。
(2) The verifier uses a hash function H to hash the message to obtain H (M), obtains the timestamp of the latest block, and calculates H0(t)。
(3) The verifier performs the following calculations:
Figure BDA0002487869880000083
(4) if the equation is true, then the verification passes, otherwise, the verification fails.
The above embodiments are only intended to illustrate the technical solution of the present invention, but not to limit it, and a person skilled in the art can modify the technical solution of the present invention or substitute it with an equivalent, and the protection scope of the present invention is subject to the claims.

Claims (10)

1. An anonymous identity management and authentication method supporting dynamic changes of user attributes, which is used for a blockchain network system, wherein the system comprises users, attribute organizations and blockchain service providers, and the method is characterized by comprising the following steps:
initializing system parameters, generating a global parameter GP of the system, initializing an attribute mechanism according to the global parameter GP, and generating an attribute key of each attribute;
the user applies for the attribute key from the corresponding attribute mechanism, and the attribute mechanism responsible for the corresponding attribute distributes the attribute key for the user;
the user generates access information M, signs the access information M by using the attribute key, and sends the access information M and the signature broadcast;
the other users verify the access information M and the signature and if the verification is passed, the request is processed.
2. The method of claim 1, wherein the step of initializing system parameters comprises:
obtaining bilinear group parameters through a bilinear pair generation algorithm according to a safety parameter, wherein the parameters comprise p, G and GT,e,g1Wherein p is the order of group G, being a prime number; g1Is a generator of group G; e is the mapping e G1×G1→GT
Hash function H is generated according to bilinear group parameters0,H1,h;
Obtaining global parameter GP ═ G, G from bilinear group parameters and hash functionT,e,p,g1,H0,H1,h)。
3. The method of claim 2, wherein the hash function is generated by: h0:{0,1}*→Zp,ZpIs a group on p, H1:{0,1}*→G,h:{0,1}*→G。
4. The method of claim 1, wherein the step of initializing an attribute mechanism comprises:
according to the global parameter GP, each attribute mechanism selects two random numbers as an attribute private key for each responsible attribute;
the attribute authority computes a corresponding attribute public key for each attribute.
5. The method of claim 1, wherein the attribute authority responsible for the corresponding attribute distributes the attribute key for the user by: and the attribute mechanism receives an attribute key request of corresponding attributes of the user, acquires the current time t, generates an attribute key about the attributes at the time t for the user, and sends the attribute key to the user.
6. The method of claim 5, wherein the current time t is obtained by: and acquiring the time stamp time of the last confirmed block in the current block chain as the current time.
7. Method according to claim 3, characterized in that the user signs according to the matrix A formed by the access policy, the global parameter GP, the identity information GID, the attribute key and the access information M.
8. The method of claim 7, wherein the user signs the access information M by:
random number s ∈ Z selected by user at randompVector of
Figure FDA0002487869870000011
And a vector
Figure FDA0002487869870000012
Let s be equal to ZpArranged as a vector
Figure FDA0002487869870000013
The first element of (1), and vector
Figure FDA0002487869870000014
Is set to 0;
let vxRepresents Ax·v,wxRepresents AxW, wherein AxRepresents the x-th row of matrix A;
the users being each row A of the matrix AxA random number r is selectedx∈ZpThen, the following calculation is performed:
Figure FDA0002487869870000021
generating signature σ ═ of access information M (σ ═01,x2,x)。
9. The method of claim 8, wherein the step of verifying the access information M and the signature comprises:
for a matrix A formed by access policies, a set of c is calculatedx
Using a hash function H, hashing the message to obtain H (M), acquiring the timestamp of the latest block, and calculating H0(t);
The following calculations were performed:
Figure FDA0002487869870000022
if the equation is true, then the verification passes, otherwise, the verification fails.
10. The method of claim 9, wherein c isxSatisfies the equation: sigma cxAx=(1,0,...,0)。
CN202010396755.3A 2020-05-12 2020-05-12 Anonymous identity management and verification method supporting dynamic change of user attributes Pending CN113656826A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010396755.3A CN113656826A (en) 2020-05-12 2020-05-12 Anonymous identity management and verification method supporting dynamic change of user attributes

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010396755.3A CN113656826A (en) 2020-05-12 2020-05-12 Anonymous identity management and verification method supporting dynamic change of user attributes

Publications (1)

Publication Number Publication Date
CN113656826A true CN113656826A (en) 2021-11-16

Family

ID=78476797

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010396755.3A Pending CN113656826A (en) 2020-05-12 2020-05-12 Anonymous identity management and verification method supporting dynamic change of user attributes

Country Status (1)

Country Link
CN (1) CN113656826A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114338026A (en) * 2021-12-17 2022-04-12 复旦大学 Anonymous information feedback system based on attribute signature and block chain
WO2023115850A1 (en) * 2021-12-23 2023-06-29 中电科大数据研究院有限公司 Consortium blockchain consensus identity authentication method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114338026A (en) * 2021-12-17 2022-04-12 复旦大学 Anonymous information feedback system based on attribute signature and block chain
WO2023115850A1 (en) * 2021-12-23 2023-06-29 中电科大数据研究院有限公司 Consortium blockchain consensus identity authentication method

Similar Documents

Publication Publication Date Title
Li et al. A blockchain privacy protection scheme based on ring signature
US20210258164A1 (en) Methods and systems for universal storage and access to user-owned credentials for trans-institutional digital authentication
Kaaniche et al. A blockchain-based data usage auditing architecture with enhanced privacy and availability
CN110149304B (en) Efficient anonymous authentication method and system suitable for alliance chain and supporting identity traceability
CN109617692B (en) Anonymous login method and system based on block chain
CN107181765A (en) Network digital identity identifying method based on block chain technology
Petrlic et al. Privacy-preserving reputation management
CN116432207B (en) Power data authority hierarchical management method based on blockchain
CN113656826A (en) Anonymous identity management and verification method supporting dynamic change of user attributes
CN114866289B (en) Privacy credit data security protection method based on alliance chain
CN112733179A (en) Lightweight non-interactive privacy protection data aggregation method
US20230208640A1 (en) Selective audit process for privacy-preserving blockchain
CN117999566A (en) Privacy preserving state references
Kalapaaking et al. Smart Policy Control for Securing Federated Learning Management System
CN113673893A (en) Retired power battery management method and system
US20210035249A1 (en) Systems/protocol for creating an interconnected web of strong identities
Biswas et al. Secure login: a blockchain based web application for identity access management system
WO2024015386A1 (en) System and method for decentralized confirmation of entries in a directed acyclic graph
CN112287040A (en) Rights and interests combination method and device based on block chain
CN114844653B (en) Credible federal learning method based on alliance chain
CN116805078A (en) Logistics information platform data intelligent management system and method based on big data
CN114124392B (en) Data controlled circulation method, system, device and medium supporting access control
CN116089968A (en) Scientific data sharing method and system based on blockchain technology
Hou et al. Collusion-resistant dynamic privacy-preserving attribute-access control scheme based on blockchain
CN115941221A (en) Access control method based on block chain in mobile edge cloud cooperation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination