Abstract
Numerous anonymous authentication schemes are designed to provide efficient authentication services while preserving privacy. Such schemes may easily neglect access control and accountability, which are two requirements that play an important role in some particular environments and applications. Prior designs of attribute-based anonymous authentication schemes did not concentrate on providing full anonymity while at the same time holding public traceability. To address this problem, we formally define and present a new primitive called traceable attribute-based anonymous authentication (TABAA) which achieves (i) full anonymity, i.e., both registration and authentication cannot reveal user’s privacy; (ii) reusable credential, i.e., a registered credential can be repeatedly used without being linked; (iii) access control, i.e., only when the user’s attribute satisfies the access policy can the user be involved in authentication; and (iv) public traceability, i.e., anyone, without help from the trusted third party, can trace a misbehaving user who has authenticated two messages corresponding to a common address. Then, we formally define the security requirements of TABAA, including unforgeability, anonymity, and accountability, and give a generic construction satisfying the security requirements. Furthermore, based on TABAA, we propose the first attribute-based, decentralized, fully anonymous, publicly traceable e-voting, which enables voters to engage in a number of different voting activities without repeated registration.
Highlights
Consider a conventional scenario of authentication: when a user wants to access an application service, he should be authenticated by submitting his signature to an application provider; the latter can verify the qualification of the former
Most authentication schemes require users to register a certificate by submitting identity information in plaintext without any Security and Communication Networks protection; in other words, the issuer of a certificate always learns the certificates’ plaintext attributes. ey only ensure the privacy preserving in authentication, so that they cannot achieve full anonymity. us, we investigate how to ensure the privacy in registration process
(3) We apply the proposed traceable attribute-based anonymous authentication (TABAA) to e-voting and design the first decentralized, fully anonymous, publicly traceable e-voting based on blockchain, which fulfills the following: (i) anonymous registration, i.e., a user registers a credential without privacy leakage; (ii) reusable credential, i.e., one can attend different voting activities without multiple registrations; (iii) attribute-based access control, i.e., only the one who satisfies the access policy is allowable to vote; (iv) anonymous authentication, i.e., anyone cannot tell the relation between ballot and voter; and (v) public traceability, i.e., double voting can be detected and will lead to identity exposure
Summary
Consider a conventional scenario of authentication: when a user wants to access an application service, he should be authenticated by submitting his signature to an application provider; the latter can verify the qualification of the former. (1) We introduce a new notion called traceable attributebased anonymous authentication (TABAA) which guarantees enhanced privacy protection such that a user (i) can acquire an attribute-based anonymous credential without revealing the content of his attributes and (ii) can anonymously authenticate messages without revealing his identity This kind of anonymous credential can be used repeatedly without being identified. (3) We apply the proposed TABAA to e-voting and design the first decentralized, fully anonymous, publicly traceable e-voting based on blockchain, which fulfills the following: (i) anonymous registration, i.e., a user registers a credential without privacy leakage; (ii) reusable credential, i.e., one can attend different voting activities without multiple registrations; (iii) attribute-based access control, i.e., only the one who satisfies the access policy is allowable to vote; (iv) anonymous authentication, i.e., anyone cannot tell the relation between ballot and voter; and (v) public traceability, i.e., double voting can be detected and will lead to identity exposure.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
