摘要
针对数据交易方案的密钥泄露、合谋等安全问题,提出原子性可问责的数据交易方案。将数据审计技术与智能合约结合实现自动支付,确保交易过程中数据的完整性以及支付的公平性;采用自认证公钥密码技术设计用户注册过程,确保即使遭受单点故障问题,用户私钥仍然安全;借助会话密钥加密通信,解决了对称密钥分发问题,同时能够高效维护通信安全;构造了可公共审计的问责机制处理用户争议,以抵抗合谋攻击。安全性分析及实验表明本方案不仅能抵抗密钥泄露攻击和合谋攻击,还能够降低通信成本、高效问责。
To address security problems existing in data trading schemes such as the key leakage problem,and the collusion problem,an atomic and accountable data trading scheme is proposed.It uses an automatic payment mechanism that combines data auditing technology and smart contracts to ensure data integrity and fairness payment for the trading process.By using the self-certified public keys to design the user registration process,the user’s private key is still safe even if it suffers from a single point of failure.In the meanwhile,with the help of the session key to encrypt communication,which solves the problem of symmetric key distribution while efficiently maintains communication security.An accountability mechanism is constructed to implement public auditing to handle user disputes,which resists the collusion attacks.The security analysis and simulation results show that the scheme can not only resist the key leakage attacks and the collusion attacks,but also reduce communication costs and perform accountability efficiently.
作者
陈丽莎
李雪莲
高军涛
CHEN Lisha;LI Xuelian;GAO Juntao(School of Mathematics and Statistics, Xidian University, Xi’an 710071, China;School of Telecommunication and Engineering, Xidian University, Xi’an 710071, China)
出处
《系统工程与电子技术》
EI
CSCD
北大核心
2022年第4期1364-1371,共8页
Systems Engineering and Electronics
基金
陕西省重点研发计划(2021ZDLGY06-04)
广西密码学与信息安全重点实验室(GCIS201802)资助课题。
关键词
数据完整性
数据共享
问责制
密钥重建
智能合约
data integrity
data sharing
accountability
key reconstruction
smart contract
