Research And Implementation Of Anonymous Credentials Scheme For Multi-Issuers

With the increasing development of the big data era,privacy protection has become one of the most important issues that our modern digital society needs to face.When interacting with online service providers,users need to provide the required identity information for authentication.Nevertheless,malicious service providers can excessively collect users’ personal information,correlate users’ identities with their behavioral data,and target users with big data,leading to the leakage of users’ private information.The proposed anonymous authentication technology solves the privacy leakage problem of traditional identity authentication,i.e.,users can provide anonymous credentials issued by the corresponding issuer to prove their eligibility to access services without disclosing their personal information,under the necessity of the service scenario.However,currently existing anonymous credential schemes suffer from the following two problems:(1)Proving the possession of attributes from different issuers requires independent credentials to be shown,namely,the computational complexity of presenting credential is ();(2)The computational complexity of updating the credential token based on the user revocation list is (9)),where 9)denote the number of valid user.To address the above two issues,this thesis proposes an anonymous credentials scheme for multiple issuers,with the following specific work:(1)A formal definition of the anonymous credential scheme and the corresponding security model are given;(2)Cryptographic tools such as bilinear pairing,hardness assumptions,and PS signatures are used to construct our scheme,including parameter generation phase,credential issuance phase,and credential verification phase;(3)In order to prevent users from illegitimate behavior in the authentication process,a revocation mechanism for revoking user identity is given utilizing the complete subtree method;(4)In terms of security,the formalization proves that our scheme maintains existential unforgeability against chosen-message attacks,traceability,and anonymity;with regard to performance,the algorithmic complexity of the credential presentation is reduced from ()to (1),and the computational complexity of updating the credential token from (9))level to (log 9))level;(5)To address the security and privacy problems of the authentication protocol in C-ITS,it designs and constructs an anonymous authentication protocol for C-ITS with the above presented anonymous credential scheme.Finally,this thesis uses the JPBC cryptography library to perform a system simulation of the proposed authentication protocol and implement the algorithms in five phases,including system initialization,registration,joining,authentication,and tracing and revoking.By testing the performance of the algorithms in different phases,the experimental results demonstrate that this scheme is of practical application significance.