Research And Implementation Of Anonymous Electronic Survey System Based On Non-Interactive Zero Knowledge

Electronic survey is a new research method which takes Internet as the medium and collects the relevant survey data through the form of online survey questionnaire.Compared with the traditional survey method,the electronic survey has the characteristics of high efficiency,low cost,strong interaction and high reliability.Electronic survey has become a hot research topic of scholars at present.With the increasing complexity of the network,electronic survey system is also facing more security threats.Due to concerning about the privacy data being compromised,users are not willing to participate in the electronic survey or fill in the answers which don’t match their real intentions in electronic surveys,which have affected the promotion and application of electronic survey system.Therefore,security has become an important factor to be considered when designing an electronic survey system.Based on the research and analysis of the existing electronic survey system,this paper studies the security problems which may exist in the system.In order to guarantee the security of system,this paper uses the non-interactive zero knowledge proof protocol.In order to solve the problem that protocol executing in a concurrent environment may exist the man in the middle attack,this paper studies the non-malleability of protocol in depth.And based on the research of non-interactive zero knowledge proof protocol,this paper proposes a concurrent simulation-extractable non-interactive zero knowledge(CSE-NIZK)proof protocol.The protocol is secure when executing in concurrent environment and can resist the man in the middle attack.This protocol can be used to prove the knowledge and does not reveal any additional information.Security analysis shows that the protocol has the security features such as witness indistinguishability and zero knowledge.On the basis of this protocol,this paper constructs an anonymous electronic survey scheme based on CSE-NIZK.The scheme has the characteristics of self-organization,non-interactive,anti-replay,and high efficiency.The scheme uses the CSE-NIZK protocol and the Boneh-Boyen signature scheme to verify the user’s identity in non-interactive manner,which guarantees the authenticity of the scheme.The scheme also uses the Pedersen commitment scheme and the Dodis-Yampolskiy pseudo random function to hide the user’s identity and the related information,which guarantees the anonymity of the scheme.Security analysis shows that the scheme has security features such as malicious users attack resistance and anonymity.Finally,an anonymous electronic survey system based on CSE-NIZK is designed and implemented.The system contains three entities:web server,survey server and user client.The system function mainly includes:user registration,initiating a survey,completing a survey,qualification audit,and statistics.This paper also verifies the function of the system and the result shows that the system can accomplish all the functions correctly and guarantee the anonymity and authenticity of the system effectively.