CN115603991A - Improved anonymous identity authentication implementation method based on secret sharing - Google Patents
Improved anonymous identity authentication implementation method based on secret sharing Download PDFInfo
- Publication number
- CN115603991A CN115603991A CN202211221715.0A CN202211221715A CN115603991A CN 115603991 A CN115603991 A CN 115603991A CN 202211221715 A CN202211221715 A CN 202211221715A CN 115603991 A CN115603991 A CN 115603991A
- Authority
- CN
- China
- Prior art keywords
- user
- verifier
- vector
- identity authentication
- sends
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 13
- 239000013598 vector Substances 0.000 claims abstract description 50
- 238000011084 recovery Methods 0.000 claims description 3
- 238000004364 calculation method Methods 0.000 claims description 2
- 230000003993 interaction Effects 0.000 claims description 2
- 230000002452 interceptive effect Effects 0.000 abstract description 3
- 101100496830 Danio rerio coe2 gene Proteins 0.000 description 3
- 101100496827 Xenopus laevis ebf2-a gene Proteins 0.000 description 3
- 239000011159 matrix material Substances 0.000 description 2
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0421—Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an improved anonymous identity authentication implementation method based on secret sharing. On the basis of the existing interactive anonymous identity authentication model and algorithm, the invention redesigns the coding scheme based on secret sharing, randomly and uniformly generates nonrepeated user keys and Verifier auxiliary data by removing a linear space formed by stretching a specific column vector in a Galois field, and meets the requirements of integrity, robustness and anonymity of the anonymous authentication problem. The improved scheme reduces the probability of external attack in the anonymous authentication system on the basis of the original scheme, and improves the system capacity.
Description
Technical Field
The invention relates to the technical field of information theory, in particular to an improved anonymous identity authentication implementation method capable of achieving smaller attacked probability and larger system capacity.
Background
Anonymous identity authentication means that a user enters a system to use resources or services on the premise of not revealing identity, and the problem is widely applied to the fields of wireless body area networks, cloud computing, encryption currency, electronic voting and the like. Most of researches on anonymous identity authentication problems are based on relevant technologies in the field of cryptography such as RSA algorithm and ECC algorithm, and the computational security is realized. The invention concerns the information theory security of the anonymous identity authentication problem based on an interactive information theory anonymous identity authentication model and an achievable algorithm under a single authenticator and limited long key scene proposed by Kazempour et al in 2019, improves the original model, reduces the probability of attack of the inside and the outside and improves the system capacity by redesigning an encoding scheme.
Disclosure of Invention
The technical problem is as follows: the technical problem to be solved by the invention is to design a coding scheme, randomly generate auxiliary data for a Verifier and generate a key for a legal user, and achieve smaller attacked probability and larger system capacity on performance on the basis of meeting the requirements of integrity, robustness, anonymity and the like required by the anonymous identity authentication problem.
The technical scheme is as follows: the technical scheme adopted by the invention is as follows:
(1) And a data distribution stage. This phase CA randomly and uniformly generates a secret S = a over GF (q) 0 And for protecting a 0 Random noise a of 1 ,…,a k-1 Obtaining a vector a = [ a ] 0 ,a 1 ,…,a k-1 ]. The CA then sends a over the secure channel to the Verifier. Next, the CA generates auxiliary data V for the Verifier, generates keys C different from each other for the user, and transmits them to the Verifier and the user, respectively.
(2) And (5) an authentication phase. The interaction process between the Verifier and the user in this stage is as follows. Firstly, a user sends an authentication request to a Verifier, and sends a secret key of the user to a CA. After receiving the authentication request, the Verifier will send S = a 0 Keeps secret and sends the auxiliary information V to the user. User recovery of secrets by means of an auxiliary information V and a secret key CAnd sends it to the Verifier. Verifier testAnd if so, the user passes the identity authentication, otherwise, the user is rejected.
(3) And (5) a checking stage. The CA generates a white list of user keys during the data distribution phase and clears out users not on the list on the fly. If a user maliciously attacks the system, the CA can trace the identity of the user through the key and execute corresponding punishment measures such as forbidding the key.
The method comprises the following steps of generating auxiliary data V for a Verifier in a data distribution stage CA:
first, generating N v A k-dimensional column vector, wherein N v <k. First from k-dimensional space (GF (q)) k Medium removal vector [1,0, \ 8230;, 0] 1×k T A stretched linear space, and randomly and uniformly selecting V from the residual vector 1 . Next, from k-dimensional space (GF (q)) k Medium removal vector [1,0, \ 8230;, 0] 1×k T And V 1 After the linear space is formed, V is randomly and uniformly selected from residual vectors 2 . Continuing to generate according to the stepsThe column vectors are linearly independent of each other.
Second, separately calculatingAnd vector a = [ a = 0 ,a 1 ,…,a k-1 ]Is internally accumulated to obtain And finally, the CA sends the auxiliary data to the VerifierThe length of the transmitted data is l V =N v (k+1)。
The data distribution phase CA generates keys C different from each other for the user as follows:
firstly, generating M k-dimensional column vectors, wherein M is the number of users in the system. Finding all k-dimensional column vectors that simultaneously satisfy the following condition:
wherein, span { v } 1 ,v 2 ,…,v n Represents v 1 ,v 2 ,…,v n A linear space spanned by the vectors. The column vectors apparently satisfying the above conditions totalAnd (4) respectively. The CA randomly, uniformly and non-repeatedly selects M vectors which are respectively U 1 ,U 2 ,…,U M 。
Second, calculate U separately 1 ,U 2 ,…,U M And vector a = [ a = 0 ,a 1 ,…,a k-1 ]Inner product of (2) to obtain a.U 1 ,a·U 2 ,…,a·U M . Finally, CA sends key C = { (U) to user 1 ,a·U 1 ),(U 2 ,a·U 2 ),…,(U M ,a·U M ) }. The transmitted data has a length of l C =M(k+1)。
User recovery of secrets by means of auxiliary information V and a secret key C during an authentication phase(with user i, i ∈ [ M ]]For example) the procedure was as follows:
first, the Verifier first begins with the auxiliary dataAnd sending the information to the user i. The user holds the key C from the CA at the same time i =(U i ,a·U i )。
Second, user i calculates (N) v + 1) dimension row vector V coe To satisfy the following equation:
can prove that V coe Are present and unique.
Third, user i calculatesIf user i is a legitimate user (i.e. holds a key issued by the CA),and (4) passing the authentication.
Has the advantages that: the invention provides an improved anonymous identity authentication implementation scheme based on secret sharing, which redesigns an encoding matrix on the basis of the original scheme, reduces redundancy by randomly generating elements in the matrix, and realizes smaller attacked probability and larger system capacity than the original scheme on the basis of meeting the requirements of integrity, robustness and anonymity of the anonymous identity authentication problem.
Drawings
FIG. 1 is a schematic diagram of an anonymous identity authentication model of an interactive information theory.
Detailed Description
The technical solution of the present invention is described in detail below, but the scope of the present invention is not limited to the embodiment.
The invention provides an improved anonymous identity authentication implementation scheme based on secret sharing.
An example is given below: the first step, data distribution stage: the stage comprises three steps of generating a vector a by a CA, generating auxiliary data V for a Verifier by the CA and generating a key C for a user by the CA, and the detailed description is as follows:
(1) CA generates a vector a. CA first generates a secret S = a uniformly and randomly over GF (7) 0 And (5). And (3) selecting the dimension k =4 of the vector, paying attention to the k value to determine indexes such as system capacity, attack probability and the like of the anonymous identity authentication system, and determining the value of k according to actual requirements in application. Generating to protect a 0 Random noise a of 1 ,a 2 ,a 3 Composition vector a = [5,4,1,6 ]]。
(2) CA generates auxiliary data V for Verifier. First, determine N v =3(N v <k) In that respect From (GF (7)) 4 Vector of middle removal [1,0] T A stretched linear space, and randomly and uniformly selecting V from the residual vector 1 Suppose V 1 =[0,2,0,0] T (ii) a Next, from (GF (7)) 4 Vector of middle removal [1,0] T And V 1 =[0,2,0,0] T A linear space is formed by stretching, and V is randomly and uniformly selected from the residual vector 2 Suppose V 2 =[1,2,3,0] T (ii) a Final slave (GF (7)) 4 Middle removal vector [1,0] T 、V 1 =[0,2,0,0] T And V 2 =[1,2,3,0] T A stretched linear space, and randomly and uniformly selecting V from the residual vector 3 Suppose V 3 =[1,2,3,4] T . The set of column vectors is linearly independent.
CA calculates V separately 1 ,V 2 ,V 3 Inner product with vector a: to obtain a.V 1 =8,a·V 2 =16,a·V 3 =40.CA compares the auxiliary data V = { (V) 1 =[0,2,0,0] T ,8),(V 2 =[1,2,3,0] T ,16),(V 3 =[1,2,3,4] T 40) to the Verifier. The transmitted data has a length of l V =N v (k+1)=15。
(3) The CA generates a key C for the user. For ease of understanding and calculation, it is assumed that there is a common denominator in the system And (4) a user. The CA finds all four-dimensional column vectors that meet the following condition simultaneously:
the CA randomly, uniformly, and non-repeatedly selects two vectors from all the vectors satisfying the above conditions, which are:
U 1 =[1,0,6,4] T ,U 2 =[1,2,0,4] T 。
CA calculates U separately 1 ,U 2 Inner product with vector a to obtain a.U 1 =35,a·U 2 =37.CA sends key C to users 1, 2 in turn 1 =(U 1 =[1,0,6,4] T ,35),C 2 =(U 2 =[1,2,0,4] T ,37). Total length of data transmitted is l C =M(k+1)=10。
Step two, authentication stage: the stage comprises that a Verifier sends auxiliary data to a user and the user calculatesTwo steps, detailed as follows: (take users 1, 2 as examples)
(1) Verifier firstly puts auxiliary data V = { (V) 1 =[0,2,0,0] T ,8),(V 2 =[1,2,3,0] T ,16),(V 3 =[1,2,3,4] T 40) to the user requesting authentication, i.e. user 1, 2.
User 1: calculating a four-dimensional row vector V coe1 So as to satisfy: v coe1 ·[V 1 ,V 2 ,V 3 ,U 1 ]=[1,0,0,0]To obtain V coe1 =[-2,1,1,-1]. User 1 computing And (4) passing the authentication.
And (4) a user 2: calculating a four-dimensional row vector V coe2 So as to satisfy: v coe2 ·[V 1 ,V 2 ,V 3 ,U 2 ]=[1,0,0,0]To obtain V coe2 =[-1,1,-1,1]. User 2 computing And (4) passing the authentication.
The third step, the inspection stage: the CA generates a white list of user keys during the data distribution phase and clears out users not on the list when idle. If a user maliciously attacks the system, the CA can trace the identity of the user through the key and execute corresponding punishment measures such as forbidding the key.
It is worth noting that there must be a valid userTherefore, the legal user is authenticated by the Verifier certainly, and the correctness of the anonymous identity authentication problem is ensured. If an attacker (illegal user) sends an authentication request to the Verifier, he probably cannot recover S = a correctly due to lack of key issued by CA 0 Therefore, the authentication can not be passed, and the robustness of the anonymous identity authentication problem is ensured. In addition, since all legitimate users have calculatedSimilarly, the Verifier can not identify the difference between users, so that the anonymity of the anonymous identity authentication problem is ensured.
Claims (4)
1. An improved anonymous identity authentication implementation method based on secret sharing is characterized by comprising the following steps:
(1) A data distribution stage; this phase CA randomly and uniformly generates a secret S = a over GF (q) 0 And for protecting a 0 Random noise a of 1 ,...,a k-1 Form a k-dimensional vector a = [ a ] 0 ,a 1 ,...,a k-1 ]Then the CA sends a to a Verifier through a secure channel; the CA generates auxiliary data V for the Verifier, generates different keys C for the user and respectively sends the keys C to the Verifier and the user;
(2) An authentication stage; the interaction process between the Verifier and the user in the stage is as follows: firstly, a user sends an authentication request to a Verifier and sends a secret key of the user to a Certificate Authority (CA); after receiving the authentication request, the Verifier sends S = a 0 Keeping secret and sending auxiliary information V to the user; user based on auxiliary information V and passwordKey C recovery secretAnd send it to the Verifier; verifier testIf yes, the user passes the identity authentication, otherwise, the user is rejected;
(3) A checking stage; the CA generates a white list of user keys in a data distribution stage, and clears out users not on the list in a free state; if a user maliciously attacks the system, the CA traces back the identity of the user through the key and executes corresponding punishment measures such as forbidding the key.
2. The method for implementing the improved anonymous identity authentication based on the secret sharing as claimed in claim 1, wherein the step of generating the auxiliary data V for the Verifier by the CA is as follows:
(11) Generating N v A k-dimensional column vector, wherein N v K is less than; first from k-dimensional space (GF (q)) k Removing vector [1, 0., 0] 1×k T A stretched linear space, and randomly and uniformly selecting V from the residual vector 1 (ii) a Next, from k-dimensional space (GF (q)) k Removing vector [1, 0., 0 ] from] 1×k T And V 1 After the linear space is formed by stretching, V is randomly and uniformly selected from the residual vector 2 (ii) a Continuing to generate according to the stepsThe set of column vectors is linearly independent;
3. The improved secret sharing based anonymous identity authentication implementation method of claim 1, wherein the step of the CA generating mutually different keys C for the user is as follows:
(21) Firstly, generating M k-dimensional column vectors, wherein M is the number of users in the system; finding all k-dimensional column vectors that simultaneously satisfy the following condition:
wherein, span { v } 1 ,v 2 ,...,v n Represents v 1 ,v 2 ,...,v n A linear space spanned by the equal vectors; CA never satisfies the above conditionsRandomly, uniformly and non-repeatedly selecting M vectors from the column vectors, wherein the M vectors are respectively U 1 ,U 2 ,...,U M ;
(22) Respectively calculate U 1 ,U 2 ,...,U M And vector a = [ a = 0 ,a 1 ,...,a k-1 ]Inner product of (b) to obtain a. U 1 ,a·U 2 ,...,a·U M (ii) a Finally, CA sends key C = { (U) to user 1 ,a·U 1 ),(U 2 ,a·U 2 ),...,(U M ,a·U M ) }; the length of the transmitted data is l C =M(k+1)。
4. Such asThe improved secret sharing based anonymous identity authentication implementation method of claim 1, wherein the user recovers the secret based on the auxiliary information V and the key CThe method comprises the following specific steps:
(31) The Verifier firstly begins to carry out auxiliary dataSending to user i, i ∈ [ M ]]The user simultaneously holds a key C i =(U i ,a·U i );
(32) User i calculates (N) v + 1) dimension row vector V coe To satisfy the following equation:
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211221715.0A CN115603991A (en) | 2022-10-08 | 2022-10-08 | Improved anonymous identity authentication implementation method based on secret sharing |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211221715.0A CN115603991A (en) | 2022-10-08 | 2022-10-08 | Improved anonymous identity authentication implementation method based on secret sharing |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115603991A true CN115603991A (en) | 2023-01-13 |
Family
ID=84844119
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211221715.0A Pending CN115603991A (en) | 2022-10-08 | 2022-10-08 | Improved anonymous identity authentication implementation method based on secret sharing |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115603991A (en) |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107231230A (en) * | 2017-05-31 | 2017-10-03 | 福州大学 | Cross-domain dynamic anonymity authentication group key management method and system based on illness |
WO2020143246A1 (en) * | 2019-01-07 | 2020-07-16 | 苏宁云计算有限公司 | Method and system for de-anonymization by combining blockchain and secret sharing |
CN112953727A (en) * | 2021-03-02 | 2021-06-11 | 西安电子科技大学 | Internet of things-oriented equipment anonymous identity authentication method and system |
-
2022
- 2022-10-08 CN CN202211221715.0A patent/CN115603991A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107231230A (en) * | 2017-05-31 | 2017-10-03 | 福州大学 | Cross-domain dynamic anonymity authentication group key management method and system based on illness |
WO2020143246A1 (en) * | 2019-01-07 | 2020-07-16 | 苏宁云计算有限公司 | Method and system for de-anonymization by combining blockchain and secret sharing |
CN112953727A (en) * | 2021-03-02 | 2021-06-11 | 西安电子科技大学 | Internet of things-oriented equipment anonymous identity authentication method and system |
Non-Patent Citations (1)
Title |
---|
封化民;孙轶茹;孙莹;: "基于身份认证加密的匿名私钥共享方案", 信息网络安全, no. 11, 10 November 2013 (2013-11-10) * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Barbosa et al. | Certificateless signcryption | |
Karabat et al. | THRIVE: threshold homomorphic encryption based secure and privacy preserving biometric verification system | |
Feng et al. | An efficient protocol with bidirectional verification for storage security in cloud computing | |
Leng et al. | Two-dimensional cancelable biometric scheme | |
WO2017195886A1 (en) | Authentication system, authentication method, and program | |
CN109413078B (en) | Anonymous authentication method based on group signature under standard model | |
EP2247025A1 (en) | Apparatus, method, and program for updating a pair of public and secret key for digital signature | |
CN112417489B (en) | Digital signature generation method and device and server | |
CN113747426B (en) | Data auditing method and system, electronic equipment and storage medium | |
Barman et al. | A novel secure key-exchange protocol using biometrics of the sender and receiver | |
Penn et al. | Customisation of paillier homomorphic encryption for efficient binary biometric feature vector matching | |
Fatahi et al. | High-efficient arbitrated quantum signature scheme based on cluster states | |
US11101989B2 (en) | Trusted ring | |
CN116049897A (en) | Verifiable privacy protection federal learning method based on linear homomorphic hash and signcryption | |
CN115442057A (en) | Randomizable blind signature method and system with strong unlinkability | |
Dai et al. | Pairing-free certificateless aggregate signcryption scheme for vehicular sensor networks | |
Carcia et al. | Blockchain-based system for e-voting using blind signature protocol | |
Islam et al. | Design of a provably secure identity‐based digital multi‐signature scheme using biometrics and fuzzy extractor | |
Al‐Saggaf | Key binding biometrics‐based remote user authentication scheme using smart cards | |
Chi et al. | A privacy-preserving zero-knowledge proof for blockchain | |
CN112953960B (en) | Identity authentication method, device and equipment for block chain access | |
Kumar et al. | An enhanced and provably secure authentication protocol using Chebyshev chaotic maps for multi-server environment | |
Zahednejad et al. | A secure and efficient AKE scheme for IoT devices using PUF and cancellable biometrics | |
CN117454442A (en) | Anonymous security and traceable distributed digital evidence obtaining method and system | |
Vo et al. | A hash-based index method for securing biometric fuzzy vaults |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |