CN115603991A - Improved anonymous identity authentication implementation method based on secret sharing - Google Patents

Improved anonymous identity authentication implementation method based on secret sharing Download PDF

Info

Publication number
CN115603991A
CN115603991A CN202211221715.0A CN202211221715A CN115603991A CN 115603991 A CN115603991 A CN 115603991A CN 202211221715 A CN202211221715 A CN 202211221715A CN 115603991 A CN115603991 A CN 115603991A
Authority
CN
China
Prior art keywords
user
verifier
vector
identity authentication
sends
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211221715.0A
Other languages
Chinese (zh)
Inventor
康维
吕文婷
刘楠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Southeast University
Original Assignee
Southeast University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Southeast University filed Critical Southeast University
Priority to CN202211221715.0A priority Critical patent/CN115603991A/en
Publication of CN115603991A publication Critical patent/CN115603991A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an improved anonymous identity authentication implementation method based on secret sharing. On the basis of the existing interactive anonymous identity authentication model and algorithm, the invention redesigns the coding scheme based on secret sharing, randomly and uniformly generates nonrepeated user keys and Verifier auxiliary data by removing a linear space formed by stretching a specific column vector in a Galois field, and meets the requirements of integrity, robustness and anonymity of the anonymous authentication problem. The improved scheme reduces the probability of external attack in the anonymous authentication system on the basis of the original scheme, and improves the system capacity.

Description

Improved anonymous identity authentication implementation method based on secret sharing
Technical Field
The invention relates to the technical field of information theory, in particular to an improved anonymous identity authentication implementation method capable of achieving smaller attacked probability and larger system capacity.
Background
Anonymous identity authentication means that a user enters a system to use resources or services on the premise of not revealing identity, and the problem is widely applied to the fields of wireless body area networks, cloud computing, encryption currency, electronic voting and the like. Most of researches on anonymous identity authentication problems are based on relevant technologies in the field of cryptography such as RSA algorithm and ECC algorithm, and the computational security is realized. The invention concerns the information theory security of the anonymous identity authentication problem based on an interactive information theory anonymous identity authentication model and an achievable algorithm under a single authenticator and limited long key scene proposed by Kazempour et al in 2019, improves the original model, reduces the probability of attack of the inside and the outside and improves the system capacity by redesigning an encoding scheme.
Disclosure of Invention
The technical problem is as follows: the technical problem to be solved by the invention is to design a coding scheme, randomly generate auxiliary data for a Verifier and generate a key for a legal user, and achieve smaller attacked probability and larger system capacity on performance on the basis of meeting the requirements of integrity, robustness, anonymity and the like required by the anonymous identity authentication problem.
The technical scheme is as follows: the technical scheme adopted by the invention is as follows:
(1) And a data distribution stage. This phase CA randomly and uniformly generates a secret S = a over GF (q) 0 And for protecting a 0 Random noise a of 1 ,…,a k-1 Obtaining a vector a = [ a ] 0 ,a 1 ,…,a k-1 ]. The CA then sends a over the secure channel to the Verifier. Next, the CA generates auxiliary data V for the Verifier, generates keys C different from each other for the user, and transmits them to the Verifier and the user, respectively.
(2) And (5) an authentication phase. The interaction process between the Verifier and the user in this stage is as follows. Firstly, a user sends an authentication request to a Verifier, and sends a secret key of the user to a CA. After receiving the authentication request, the Verifier will send S = a 0 Keeps secret and sends the auxiliary information V to the user. User recovery of secrets by means of an auxiliary information V and a secret key C
Figure BDA0003877702370000011
And sends it to the Verifier. Verifier test
Figure BDA0003877702370000012
And if so, the user passes the identity authentication, otherwise, the user is rejected.
(3) And (5) a checking stage. The CA generates a white list of user keys during the data distribution phase and clears out users not on the list on the fly. If a user maliciously attacks the system, the CA can trace the identity of the user through the key and execute corresponding punishment measures such as forbidding the key.
The method comprises the following steps of generating auxiliary data V for a Verifier in a data distribution stage CA:
first, generating N v A k-dimensional column vector, wherein N v <k. First from k-dimensional space (GF (q)) k Medium removal vector [1,0, \ 8230;, 0] 1×k T A stretched linear space, and randomly and uniformly selecting V from the residual vector 1 . Next, from k-dimensional space (GF (q)) k Medium removal vector [1,0, \ 8230;, 0] 1×k T And V 1 After the linear space is formed, V is randomly and uniformly selected from residual vectors 2 . Continuing to generate according to the steps
Figure BDA0003877702370000021
The column vectors are linearly independent of each other.
Second, separately calculating
Figure BDA0003877702370000022
And vector a = [ a = 0 ,a 1 ,…,a k-1 ]Is internally accumulated to obtain
Figure BDA00038777023700000212
Figure BDA0003877702370000023
And finally, the CA sends the auxiliary data to the Verifier
Figure BDA0003877702370000024
The length of the transmitted data is l V =N v (k+1)。
The data distribution phase CA generates keys C different from each other for the user as follows:
firstly, generating M k-dimensional column vectors, wherein M is the number of users in the system. Finding all k-dimensional column vectors that simultaneously satisfy the following condition:
Figure BDA0003877702370000025
wherein, span { v } 1 ,v 2 ,…,v n Represents v 1 ,v 2 ,…,v n A linear space spanned by the vectors. The column vectors apparently satisfying the above conditions total
Figure BDA0003877702370000026
And (4) respectively. The CA randomly, uniformly and non-repeatedly selects M vectors which are respectively U 1 ,U 2 ,…,U M
Second, calculate U separately 1 ,U 2 ,…,U M And vector a = [ a = 0 ,a 1 ,…,a k-1 ]Inner product of (2) to obtain a.U 1 ,a·U 2 ,…,a·U M . Finally, CA sends key C = { (U) to user 1 ,a·U 1 ),(U 2 ,a·U 2 ),…,(U M ,a·U M ) }. The transmitted data has a length of l C =M(k+1)。
User recovery of secrets by means of auxiliary information V and a secret key C during an authentication phase
Figure BDA0003877702370000027
(with user i, i ∈ [ M ]]For example) the procedure was as follows:
first, the Verifier first begins with the auxiliary data
Figure BDA0003877702370000028
And sending the information to the user i. The user holds the key C from the CA at the same time i =(U i ,a·U i )。
Second, user i calculates (N) v + 1) dimension row vector V coe To satisfy the following equation:
Figure BDA0003877702370000029
can prove that V coe Are present and unique.
Third, user i calculates
Figure BDA00038777023700000210
If user i is a legitimate user (i.e. holds a key issued by the CA),
Figure BDA00038777023700000211
and (4) passing the authentication.
Has the advantages that: the invention provides an improved anonymous identity authentication implementation scheme based on secret sharing, which redesigns an encoding matrix on the basis of the original scheme, reduces redundancy by randomly generating elements in the matrix, and realizes smaller attacked probability and larger system capacity than the original scheme on the basis of meeting the requirements of integrity, robustness and anonymity of the anonymous identity authentication problem.
Drawings
FIG. 1 is a schematic diagram of an anonymous identity authentication model of an interactive information theory.
Detailed Description
The technical solution of the present invention is described in detail below, but the scope of the present invention is not limited to the embodiment.
The invention provides an improved anonymous identity authentication implementation scheme based on secret sharing.
An example is given below: the first step, data distribution stage: the stage comprises three steps of generating a vector a by a CA, generating auxiliary data V for a Verifier by the CA and generating a key C for a user by the CA, and the detailed description is as follows:
(1) CA generates a vector a. CA first generates a secret S = a uniformly and randomly over GF (7) 0 And (5). And (3) selecting the dimension k =4 of the vector, paying attention to the k value to determine indexes such as system capacity, attack probability and the like of the anonymous identity authentication system, and determining the value of k according to actual requirements in application. Generating to protect a 0 Random noise a of 1 ,a 2 ,a 3 Composition vector a = [5,4,1,6 ]]。
(2) CA generates auxiliary data V for Verifier. First, determine N v =3(N v <k) In that respect From (GF (7)) 4 Vector of middle removal [1,0] T A stretched linear space, and randomly and uniformly selecting V from the residual vector 1 Suppose V 1 =[0,2,0,0] T (ii) a Next, from (GF (7)) 4 Vector of middle removal [1,0] T And V 1 =[0,2,0,0] T A linear space is formed by stretching, and V is randomly and uniformly selected from the residual vector 2 Suppose V 2 =[1,2,3,0] T (ii) a Final slave (GF (7)) 4 Middle removal vector [1,0] T 、V 1 =[0,2,0,0] T And V 2 =[1,2,3,0] T A stretched linear space, and randomly and uniformly selecting V from the residual vector 3 Suppose V 3 =[1,2,3,4] T . The set of column vectors is linearly independent.
CA calculates V separately 1 ,V 2 ,V 3 Inner product with vector a: to obtain a.V 1 =8,a·V 2 =16,a·V 3 =40.CA compares the auxiliary data V = { (V) 1 =[0,2,0,0] T ,8),(V 2 =[1,2,3,0] T ,16),(V 3 =[1,2,3,4] T 40) to the Verifier. The transmitted data has a length of l V =N v (k+1)=15。
(3) The CA generates a key C for the user. For ease of understanding and calculation, it is assumed that there is a common denominator in the system
Figure BDA0003877702370000031
Figure BDA0003877702370000032
And (4) a user. The CA finds all four-dimensional column vectors that meet the following condition simultaneously:
Figure BDA0003877702370000033
the CA randomly, uniformly, and non-repeatedly selects two vectors from all the vectors satisfying the above conditions, which are:
U 1 =[1,0,6,4] T ,U 2 =[1,2,0,4] T
CA calculates U separately 1 ,U 2 Inner product with vector a to obtain a.U 1 =35,a·U 2 =37.CA sends key C to users 1, 2 in turn 1 =(U 1 =[1,0,6,4] T ,35),C 2 =(U 2 =[1,2,0,4] T ,37). Total length of data transmitted is l C =M(k+1)=10。
Step two, authentication stage: the stage comprises that a Verifier sends auxiliary data to a user and the user calculates
Figure BDA0003877702370000041
Two steps, detailed as follows: (take users 1, 2 as examples)
(1) Verifier firstly puts auxiliary data V = { (V) 1 =[0,2,0,0] T ,8),(V 2 =[1,2,3,0] T ,16),(V 3 =[1,2,3,4] T 40) to the user requesting authentication, i.e. user 1, 2.
(2) User-based key and helper data computation
Figure BDA0003877702370000042
As follows.
User 1: calculating a four-dimensional row vector V coe1 So as to satisfy: v coe1 ·[V 1 ,V 2 ,V 3 ,U 1 ]=[1,0,0,0]To obtain V coe1 =[-2,1,1,-1]. User 1 computing
Figure BDA0003877702370000043
Figure BDA0003877702370000044
And (4) passing the authentication.
And (4) a user 2: calculating a four-dimensional row vector V coe2 So as to satisfy: v coe2 ·[V 1 ,V 2 ,V 3 ,U 2 ]=[1,0,0,0]To obtain V coe2 =[-1,1,-1,1]. User 2 computing
Figure BDA0003877702370000045
Figure BDA0003877702370000046
And (4) passing the authentication.
The third step, the inspection stage: the CA generates a white list of user keys during the data distribution phase and clears out users not on the list when idle. If a user maliciously attacks the system, the CA can trace the identity of the user through the key and execute corresponding punishment measures such as forbidding the key.
It is worth noting that there must be a valid user
Figure BDA0003877702370000047
Therefore, the legal user is authenticated by the Verifier certainly, and the correctness of the anonymous identity authentication problem is ensured. If an attacker (illegal user) sends an authentication request to the Verifier, he probably cannot recover S = a correctly due to lack of key issued by CA 0 Therefore, the authentication can not be passed, and the robustness of the anonymous identity authentication problem is ensured. In addition, since all legitimate users have calculated
Figure BDA0003877702370000048
Similarly, the Verifier can not identify the difference between users, so that the anonymity of the anonymous identity authentication problem is ensured.

Claims (4)

1. An improved anonymous identity authentication implementation method based on secret sharing is characterized by comprising the following steps:
(1) A data distribution stage; this phase CA randomly and uniformly generates a secret S = a over GF (q) 0 And for protecting a 0 Random noise a of 1 ,...,a k-1 Form a k-dimensional vector a = [ a ] 0 ,a 1 ,...,a k-1 ]Then the CA sends a to a Verifier through a secure channel; the CA generates auxiliary data V for the Verifier, generates different keys C for the user and respectively sends the keys C to the Verifier and the user;
(2) An authentication stage; the interaction process between the Verifier and the user in the stage is as follows: firstly, a user sends an authentication request to a Verifier and sends a secret key of the user to a Certificate Authority (CA); after receiving the authentication request, the Verifier sends S = a 0 Keeping secret and sending auxiliary information V to the user; user based on auxiliary information V and passwordKey C recovery secret
Figure FDA0003877702360000011
And send it to the Verifier; verifier test
Figure FDA0003877702360000012
If yes, the user passes the identity authentication, otherwise, the user is rejected;
(3) A checking stage; the CA generates a white list of user keys in a data distribution stage, and clears out users not on the list in a free state; if a user maliciously attacks the system, the CA traces back the identity of the user through the key and executes corresponding punishment measures such as forbidding the key.
2. The method for implementing the improved anonymous identity authentication based on the secret sharing as claimed in claim 1, wherein the step of generating the auxiliary data V for the Verifier by the CA is as follows:
(11) Generating N v A k-dimensional column vector, wherein N v K is less than; first from k-dimensional space (GF (q)) k Removing vector [1, 0., 0] 1×k T A stretched linear space, and randomly and uniformly selecting V from the residual vector 1 (ii) a Next, from k-dimensional space (GF (q)) k Removing vector [1, 0., 0 ] from] 1×k T And V 1 After the linear space is formed by stretching, V is randomly and uniformly selected from the residual vector 2 (ii) a Continuing to generate according to the steps
Figure FDA0003877702360000013
The set of column vectors is linearly independent;
(12) Respectively calculate
Figure FDA0003877702360000018
And vector a = [ a = 0 ,a 1 ,...,a k-1 ]Inner product of (1) to obtain
Figure FDA0003877702360000014
Figure FDA0003877702360000015
And finally, the CA sends the auxiliary data to the Verifier
Figure FDA0003877702360000016
The length of the transmitted data is l V =N v (k+1)。
3. The improved secret sharing based anonymous identity authentication implementation method of claim 1, wherein the step of the CA generating mutually different keys C for the user is as follows:
(21) Firstly, generating M k-dimensional column vectors, wherein M is the number of users in the system; finding all k-dimensional column vectors that simultaneously satisfy the following condition:
Figure FDA0003877702360000017
wherein, span { v } 1 ,v 2 ,...,v n Represents v 1 ,v 2 ,...,v n A linear space spanned by the equal vectors; CA never satisfies the above conditions
Figure FDA0003877702360000021
Randomly, uniformly and non-repeatedly selecting M vectors from the column vectors, wherein the M vectors are respectively U 1 ,U 2 ,...,U M
(22) Respectively calculate U 1 ,U 2 ,...,U M And vector a = [ a = 0 ,a 1 ,...,a k-1 ]Inner product of (b) to obtain a. U 1 ,a·U 2 ,...,a·U M (ii) a Finally, CA sends key C = { (U) to user 1 ,a·U 1 ),(U 2 ,a·U 2 ),...,(U M ,a·U M ) }; the length of the transmitted data is l C =M(k+1)。
4. Such asThe improved secret sharing based anonymous identity authentication implementation method of claim 1, wherein the user recovers the secret based on the auxiliary information V and the key C
Figure FDA0003877702360000022
The method comprises the following specific steps:
(31) The Verifier firstly begins to carry out auxiliary data
Figure FDA0003877702360000023
Sending to user i, i ∈ [ M ]]The user simultaneously holds a key C i =(U i ,a·U i );
(32) User i calculates (N) v + 1) dimension row vector V coe To satisfy the following equation:
Figure FDA0003877702360000024
(33) User i calculation
Figure FDA0003877702360000025
If the user i is a legitimate user,
Figure FDA0003877702360000026
and (6) passing the authentication.
CN202211221715.0A 2022-10-08 2022-10-08 Improved anonymous identity authentication implementation method based on secret sharing Pending CN115603991A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211221715.0A CN115603991A (en) 2022-10-08 2022-10-08 Improved anonymous identity authentication implementation method based on secret sharing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211221715.0A CN115603991A (en) 2022-10-08 2022-10-08 Improved anonymous identity authentication implementation method based on secret sharing

Publications (1)

Publication Number Publication Date
CN115603991A true CN115603991A (en) 2023-01-13

Family

ID=84844119

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211221715.0A Pending CN115603991A (en) 2022-10-08 2022-10-08 Improved anonymous identity authentication implementation method based on secret sharing

Country Status (1)

Country Link
CN (1) CN115603991A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107231230A (en) * 2017-05-31 2017-10-03 福州大学 Cross-domain dynamic anonymity authentication group key management method and system based on illness
WO2020143246A1 (en) * 2019-01-07 2020-07-16 苏宁云计算有限公司 Method and system for de-anonymization by combining blockchain and secret sharing
CN112953727A (en) * 2021-03-02 2021-06-11 西安电子科技大学 Internet of things-oriented equipment anonymous identity authentication method and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107231230A (en) * 2017-05-31 2017-10-03 福州大学 Cross-domain dynamic anonymity authentication group key management method and system based on illness
WO2020143246A1 (en) * 2019-01-07 2020-07-16 苏宁云计算有限公司 Method and system for de-anonymization by combining blockchain and secret sharing
CN112953727A (en) * 2021-03-02 2021-06-11 西安电子科技大学 Internet of things-oriented equipment anonymous identity authentication method and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
封化民;孙轶茹;孙莹;: "基于身份认证加密的匿名私钥共享方案", 信息网络安全, no. 11, 10 November 2013 (2013-11-10) *

Similar Documents

Publication Publication Date Title
Barbosa et al. Certificateless signcryption
Karabat et al. THRIVE: threshold homomorphic encryption based secure and privacy preserving biometric verification system
Feng et al. An efficient protocol with bidirectional verification for storage security in cloud computing
Leng et al. Two-dimensional cancelable biometric scheme
WO2017195886A1 (en) Authentication system, authentication method, and program
CN109413078B (en) Anonymous authentication method based on group signature under standard model
EP2247025A1 (en) Apparatus, method, and program for updating a pair of public and secret key for digital signature
CN112417489B (en) Digital signature generation method and device and server
CN113747426B (en) Data auditing method and system, electronic equipment and storage medium
Barman et al. A novel secure key-exchange protocol using biometrics of the sender and receiver
Penn et al. Customisation of paillier homomorphic encryption for efficient binary biometric feature vector matching
Fatahi et al. High-efficient arbitrated quantum signature scheme based on cluster states
US11101989B2 (en) Trusted ring
CN116049897A (en) Verifiable privacy protection federal learning method based on linear homomorphic hash and signcryption
CN115442057A (en) Randomizable blind signature method and system with strong unlinkability
Dai et al. Pairing-free certificateless aggregate signcryption scheme for vehicular sensor networks
Carcia et al. Blockchain-based system for e-voting using blind signature protocol
Islam et al. Design of a provably secure identity‐based digital multi‐signature scheme using biometrics and fuzzy extractor
Al‐Saggaf Key binding biometrics‐based remote user authentication scheme using smart cards
Chi et al. A privacy-preserving zero-knowledge proof for blockchain
CN112953960B (en) Identity authentication method, device and equipment for block chain access
Kumar et al. An enhanced and provably secure authentication protocol using Chebyshev chaotic maps for multi-server environment
Zahednejad et al. A secure and efficient AKE scheme for IoT devices using PUF and cancellable biometrics
CN117454442A (en) Anonymous security and traceable distributed digital evidence obtaining method and system
Vo et al. A hash-based index method for securing biometric fuzzy vaults

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination