Non-Interactive Zero-Knowledge(NIZK for short) proofs are fascinating and extremely useful in many security protocols. In this paper,a new group signature scheme,decisional linear assumption group signature(DLAGS for ...Non-Interactive Zero-Knowledge(NIZK for short) proofs are fascinating and extremely useful in many security protocols. In this paper,a new group signature scheme,decisional linear assumption group signature(DLAGS for short) with NIZK proofs is proposed which can prove and sign the multiple values rather than individual bits based on DLIN assumption. DLAGS does not need to interact between the verifier and issuer,which can decrease the communication times and storage cost compared with the existing interactive group signature schemes. We prove and sign the blocks of messages instead of limiting the proved message to only one bit(0 or 1) in the conventional non-interactive zero-knowledge proof system,and we also prove that our scheme satisfy the property of anonymity,unlinkability and traceability. Finally,our scheme is compared with the other scheme(Benoitt's scheme) which is also based on the NIZK proofs system and the DLIN assumption,and the results show that our scheme requires fewer members of groups and computational times.展开更多
Since transactions in blockchain are based on public ledger verification,this raises security concerns about privacy protection.And it will cause the accumulation of data on the chain and resulting in the low efficien...Since transactions in blockchain are based on public ledger verification,this raises security concerns about privacy protection.And it will cause the accumulation of data on the chain and resulting in the low efficiency of block verification,when the whole transaction on the chain is verified.In order to improve the efficiency and privacy protection of block data verification,this paper proposes an efficient block verification mechanism with privacy protection based on zeroknowledge proof(ZKP),which not only protects the privacy of users but also improves the speed of data block verification.There is no need to put the whole transaction on the chain when verifying block data.It just needs to generate the ZKP and root hash with the transaction information,then save them to the smart contract for verification.Moreover,the ZKP verification in smart contract is carried out to realize the privacy protection of the transaction and efficient verification of the block.When the data is validated,the buffer accepts the complete transaction,updates the transaction status in the cloud database,and packages up the chain.So,the ZKP strengthens the privacy protection ability of blockchain,and the smart contracts save the time cost of block verification.展开更多
An RFID (Radio-Frequency IDentification) system provides the mechanism to identify tags to readers and then to execute specific RFID-enabled applications. In those applications, secure protocols using lightweight cryp...An RFID (Radio-Frequency IDentification) system provides the mechanism to identify tags to readers and then to execute specific RFID-enabled applications. In those applications, secure protocols using lightweight cryptography need to be developed and the privacy of tags must be ensured. In 2010, Batina et al. proposed a privacy-preserving grouping proof protocol for RFID based on ECC (Elliptic Curve Cryptography) in public-key cryptosystem. In the next year, Lv et al. had shown that Batina et al.’s protocol was insecure against the tracking attack such that the privacy of tags did not be preserved properly. Then they proposed a revised protocol based on Batina et al.’s work. Their revised protocol was claimed to have all security properties and resisted tracking attack. But in this paper, we prove that Lv et al.’s protocol cannot work properly. Then we propose a new version protocol with some nonce to satisfy the functions of Batina et al.’s privacy-preserving grouping proof protocol. Further we try the tracing attack made by Lv et al. on our protocol and prove our protocol can resist this attack to recover the untraceability.展开更多
A zero-knowledge proof or protocol is a cryptographic technique for verifying private data without revealing it in its clear form.In this paper,we evaluate the potential for zero-knowledge distributed ledger technolog...A zero-knowledge proof or protocol is a cryptographic technique for verifying private data without revealing it in its clear form.In this paper,we evaluate the potential for zero-knowledge distributed ledger technology to alleviate asymmetry of information in the asset-backed securitization market.To frame this inquiry,we conducted market data analyses,a review of prior literature,stakeholder interviews with investors,originators and security issuers and collaboration with blockchain engineers and researchers.We introduce a new system which could enable all market participants in the securitization lifecycle(e.g.investors,rating agencies,regulators and security issuers)to interact on a unique decentralized platform while maintaining the privacy of loan-level data,therefore providing the industry with timely analytics and performance data.Our platform is powered by zkLedger(Narula et al.2018),a zero-knowledge protocol developed by the MIT Media Lab and the first system that enables participants of a distributed ledger to run publicly verifiable analytics on masked data.展开更多
In the age of big data,ensuring data privacy while enabling efficient encrypted data retrieval has become a critical challenge.Traditional searchable encryption schemes face difficulties in handling complex semantic q...In the age of big data,ensuring data privacy while enabling efficient encrypted data retrieval has become a critical challenge.Traditional searchable encryption schemes face difficulties in handling complex semantic queries.Additionally,they typically rely on honest but curious cloud servers,which introduces the risk of repudiation.Furthermore,the combined operations of search and verification increase system load,thereby reducing performance.Traditional verification mechanisms,which rely on complex hash constructions,suffer from low verification efficiency.To address these challenges,this paper proposes a blockchain-based contextual semantic-aware ciphertext retrieval scheme with efficient verification.Building on existing single and multi-keyword search methods,the scheme uses vector models to semantically train the dataset,enabling it to retain semantic information and achieve context-aware encrypted retrieval,significantly improving search accuracy.Additionally,a blockchain-based updatable master-slave chain storage model is designed,where the master chain stores encrypted keyword indexes and the slave chain stores verification information generated by zero-knowledge proofs,thus balancing system load while improving search and verification efficiency.Finally,an improved non-interactive zero-knowledge proof mechanism is introduced,reducing the computational complexity of verification and ensuring efficient validation of search results.Experimental results demonstrate that the proposed scheme offers stronger security,balanced overhead,and higher search verification efficiency.展开更多
The rapid evolution of quantum computing poses significant threats to traditional cryptographic schemes,particularly in Decentralized Finance(DeFi)systems that rely on legacy mechanisms like RSA and ECDSA for digital ...The rapid evolution of quantum computing poses significant threats to traditional cryptographic schemes,particularly in Decentralized Finance(DeFi)systems that rely on legacy mechanisms like RSA and ECDSA for digital identity verification.This paper proposes a quantum-resilient,blockchain-based identity verification framework designed to address critical challenges in privacy preservation,scalability,and post-quantum security.The proposed model integrates Post-quantum Cryptography(PQC),specifically lattice-based cryptographic primitives,with Decentralized Identifiers(DIDs)and Zero-knowledge Proofs(ZKPs)to ensure verifiability,anonymity,and resistance to quantum attacks.A dual-layer architecture is introduced,comprising an identity layer for credential generation and validation,and an application layer for DeFi protocol integration.To evaluate its performance,the framework is tested on multiple real-world DeFi platforms using metrics such as verification latency,throughput,attack resistance,energy efficiency,and quantum attack simulation.The results demonstrate that the proposed framework achieves 90%latency reduction and over 35%throughput improvement compared to traditional blockchain identity solutions.It also exhibits a high quantum resistance score(95/100),with successful secure verification under simulated quantum adversaries.The revocation mechanism—implemented using Merkle-tree-based proofs—achieves average response times under 40 ms,and the system maintains secure operations with energy consumption below 9 J per authentication cycle.Additionally,the paper presents a security and cost tradeoff analysis using ZKP schemes such as Bulletproofs and STARKs,revealing superior bits-per-byte efficiency and reduced proof sizes.Real-world adoption scenarios,including integration with six major DeFi protocols,indicate a 25%increase in verified users and a 15%improvement in Total Value Locked(TVL).The proposed solution is projected to remain secure until 2041(basic version)and 2043(advanced version),ensuring long-term sustainability and future-proofing against evolving quantum threats.This work establishes a scalable,privacy-preserving identity model that aligns with emerging post-quantum security standards for decentralized ecosystems.展开更多
The advancement of 6G wireless communication technology has facilitated the integration of Vehicular Ad-hoc Networks(VANETs).However,the messages transmitted over the public channel in the open and dynamic VANETs are ...The advancement of 6G wireless communication technology has facilitated the integration of Vehicular Ad-hoc Networks(VANETs).However,the messages transmitted over the public channel in the open and dynamic VANETs are vulnerable to malicious attacks.Although numerous researchers have proposed authentication schemes to enhance the security of Vehicle-to-Vehicle(V2V)communication,most existing methodologies face two significant challenges:(1)the majority of the schemes are not lightweight enough to support realtime message interaction among vehicles;(2)the sensitive information like identity and position is at risk of being compromised.To tackle these issues,we propose a lightweight dual authentication protocol for V2V communication based on Physical Unclonable Function(PUF).The proposed scheme accomplishes dual authentication between vehicles by the combination of Zero-Knowledge Proof(ZKP)and MASK function.The security analysis proves that our scheme provides both anonymous authentication and information unlinkability.Additionally,the performance analysis demonstrates that the computation overhead of our scheme is approximately reduced 23.4% compared to the state-of-the-art schemes.The practical simulation conducted in a 6G network environment demonstrates the feasibility of 6G-based VANETs and their potential for future advancements.展开更多
Although the existing group signature schemes from lattice have been optimized for efficiency,the signing abilities of eachmember in the group are relatively single.It may not be suitable for complex applications.Insp...Although the existing group signature schemes from lattice have been optimized for efficiency,the signing abilities of eachmember in the group are relatively single.It may not be suitable for complex applications.Inspired by the pioneering work of Bellare and Fuchsbauer,we present a primitive called policy-based group signature.In policy-based group signatures,group members can on behalf of the group to sign documents that meet their own policies,and the generated signatures will not leak the identity and policies of the signer.Moreover,the group administrator is allowed to reveal the identity of signer when a controversy occurs.Through the analysis of application scenarios,we concluded that the policy-based group signature needs to meet two essential security properties:simulatability and traceability.And we construct a scheme of policy-based group signature from lattice through techniques such as commitment,zero-knowledge proof,rejection sampling.The security of our scheme is proved to be reduced to the module short integer solution(MSIS)and module learning with errors(MLWE)hard assumptions.Furthermore,we make a performance comparison between our scheme and three lattice-based group signature schemes.The result shows that our scheme has more advantages in storage overhead and the sizes of key and signature are decreased roughly by 83.13%,46.01%,respectively,compared with other schemes.展开更多
The Internet of Vehicles(IoV)is extensively deployed in outdoor and open environments to effectively address traffic efficiency and safety issues by connecting vehicles to the network.However,due to the open and varia...The Internet of Vehicles(IoV)is extensively deployed in outdoor and open environments to effectively address traffic efficiency and safety issues by connecting vehicles to the network.However,due to the open and variable nature of its network topology,vehicles frequently engage in cross-domain interactions.During such processes,directly uploading sensitive information to roadside units for interaction may expose it to malicious tampering or interception by attackers,thus compromising the security of the cross-domain authentication process.Additionally,IoV imposes high real-time requirements,and existing cross-domain authentication schemes for IoV often encounter efficiency issues.To mitigate these challenges,we propose CAIoV,a blockchain-based efficient cross-domain authentication scheme for IoV.This scheme comprehensively integrates technologies such as zero-knowledge proofs,smart contracts,and Merkle hash tree structures.It divides the cross-domain process into anonymous cross-domain authentication and safe cross-domain authentication phases to ensure efficiency while maintaining a balance between efficiency and security.Finally,we evaluate the performance of CAIoV.Experimental results demonstrate that our proposed scheme reduces computational overhead by approximately 20%,communication overhead by around 10%,and storage overhead by nearly 30%.展开更多
Data is regarded as a valuable asset,and sharing data is a prerequisite for fully exploiting the value of data.However,the current medical data sharing scheme lacks a fair incentive mechanism,and the authenticity of d...Data is regarded as a valuable asset,and sharing data is a prerequisite for fully exploiting the value of data.However,the current medical data sharing scheme lacks a fair incentive mechanism,and the authenticity of data cannot be guaranteed,resulting in low enthusiasm of participants.A fair and trusted medical data trading scheme based on smart contracts is proposed,which aims to encourage participants to be honest and improve their enthusiasm for participation.The scheme uses zero-knowledge range proof for trusted verification,verifies the authenticity of the patient’s data and the specific attributes of the data before the transaction,and realizes privacy protection.At the same time,the game pricing strategy selects the best revenue strategy for all parties involved and realizes the fairness and incentive of the transaction price.The smart contract is used to complete the verification and game bargaining process,and the blockchain is used as a distributed ledger to record the medical data transaction process to prevent data tampering and transaction denial.Finally,by deploying smart contracts on the Ethereum test network and conducting experiments and theoretical calculations,it is proved that the transaction scheme achieves trusted verification and fair bargaining while ensuring privacy protection in a decentralized environment.The experimental results show that the model improves the credibility and fairness of medical data transactions,maximizes social benefits,encourages more patients and medical institutions to participate in the circulation of medical data,and more fully taps the potential value of medical data.展开更多
With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosur...With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosure,tenant privacy disclosure and rental contract disputes frequently occur,and the security,fairness and auditability of the housing leasing transaction cannot be guaranteed.To solve the above problems,a blockchain-based proxy re-encryption scheme with conditional privacy protection and auditability is proposed.The scheme implements fine-grained access control of door lock data based on attribute encryption technology with policy hiding,and uses proxy re-encryption technology to achieve auditable supervision of door lock information transactions.Homomorphic encryption technology and zero-knowledge proof technology are introduced to ensure the confidentiality of housing rent information and the fairness of rent payment.To construct a decentralized housing lease transaction architecture,the scheme realizes the efficient collaboration between the door lock data ciphertext stored under the chain and the key information ciphertext on the chain based on the blockchain and InterPlanetary File System.Finally,the security proof and computing performance analysis of the proposed scheme are carried out.The results show that the scheme can resist the chosen plaintext attack and has low computational cost.展开更多
The dynamic landscape of the Internet of Things(IoT)is set to revolutionize the pace of interaction among entities,ushering in a proliferation of applications characterized by heightened quality and diversity.Among th...The dynamic landscape of the Internet of Things(IoT)is set to revolutionize the pace of interaction among entities,ushering in a proliferation of applications characterized by heightened quality and diversity.Among the pivotal applications within the realm of IoT,as a significant example,the Smart Grid(SG)evolves into intricate networks of energy deployment marked by data integration.This evolution concurrently entails data interchange with other IoT entities.However,there are also several challenges including data-sharing overheads and the intricate establishment of trusted centers in the IoT ecosystem.In this paper,we introduce a hierarchical secure data-sharing platform empowered by cloud-fog integration.Furthermore,we propose a novel non-interactive zero-knowledge proof-based group authentication and key agreement protocol that supports one-to-many sharing sets of IoT data,especially SG data.The security formal verification tool shows that the proposed scheme can achieve mutual authentication and secure data sharing while protecting the privacy of data providers.Compared with previous IoT data sharing schemes,the proposed scheme has advantages in both computational and transmission efficiency,and has more superiority with the increasing volume of shared data or increasing number of participants.展开更多
This paper considers the existence of 3-round zero-knowledge proof systems for NP. Whether there exist 3-round non-black-box zero-knowledge proof systems for NP language is an open problem. By introducing a new intera...This paper considers the existence of 3-round zero-knowledge proof systems for NP. Whether there exist 3-round non-black-box zero-knowledge proof systems for NP language is an open problem. By introducing a new interactive proof model, we construct a 3-round zero-knowledge proof system for graph 3-coloring under standard assumptions. Our protocol is a non-black-box zero-knowledge proof because we adopt a special strategy to prove the zero-knowledge property. Consequently, our construction shows the existence of 3-round non-black-box zero-knowledge proof for all languages in NP under the DDH assumption.展开更多
函数加密是一种新型原语,通过函数密钥解密可以得到关于消息的函数值,而不会泄露消息的其他信息.通用群模型(generic group model,GGM)是一种可以用来分析方案构造安全性的理想化模型.由于目前还没有针对GGM的有效攻击,且能在GGM下证明...函数加密是一种新型原语,通过函数密钥解密可以得到关于消息的函数值,而不会泄露消息的其他信息.通用群模型(generic group model,GGM)是一种可以用来分析方案构造安全性的理想化模型.由于目前还没有针对GGM的有效攻击,且能在GGM下证明安全的方案都比较高效,越来越多的函数加密方案在GGM下证明安全性.2017年,Baltico等人提出了第一个公钥二次函数加密方案,并在GGM下证明了自适应的不可区分安全性.然而,目前无论是在标准假设还是GGM下,没有能达到自适应可模拟安全性的公钥二次函数加密方案.本文根据公钥二次函数加密可模拟安全的定义,证明了Baltico等人提出的方案在GGM下具有更强的自适应可模拟安全性.由于证明过程繁琐,本文借助计算机辅助,设计了在GGM下证明公钥二次函数加密方案具有可模拟安全性的自动证明工具.该工具是第一个针对函数加密方案设计的自动证明工具,且该工具不仅能快速测试在GGM下构造的函数方案是否具有可模拟安全性,还可以作为标准假设下构造安全函数加密方案的初步验证.展开更多
近些年,无线医疗传感器网络(Wireless Medicine Sensor Networks,WMSNs)得到了广泛的应用。WMSNs提高了患者护理质量,但同时也存在许多安全隐患。为了保护患者数据的隐私安全,Yi等人提出了一个基于Paillier密码系统的分布式ElGamal密码...近些年,无线医疗传感器网络(Wireless Medicine Sensor Networks,WMSNs)得到了广泛的应用。WMSNs提高了患者护理质量,但同时也存在许多安全隐患。为了保护患者数据的隐私安全,Yi等人提出了一个基于Paillier密码系统的分布式ElGamal密码系统。然而,Rao分析了他们的方案并展示了一种可行的攻击,该攻击允许攻击者获取密钥。因此,是否可以将具有加法同态性质的密码系统修改为安全的分布式解密系统,以实现更简单的分布式密钥生成和更高效的分布式解密仍然是一个挑战。针对上述挑战,该文提出了一种基于Castagnos和Laguillaumie(CL)加密的改进分布式解密系统,并对未知阶群G上的离散对数关系给出了有效的零知识证明。与其他分布式解密系统相比,基于CL加密的改进分布式系统具有良好的性能、更可靠的设置、更高的安全级别。展开更多
基金supported by the National High-Tech Research and Development Plan of China under Grant Nos.863-317-01- 04-99, 2009AA01Z122 (863)the Natural Science Foundation of Shenyang City of China under Grant No. F10-205-1-12
文摘Non-Interactive Zero-Knowledge(NIZK for short) proofs are fascinating and extremely useful in many security protocols. In this paper,a new group signature scheme,decisional linear assumption group signature(DLAGS for short) with NIZK proofs is proposed which can prove and sign the multiple values rather than individual bits based on DLIN assumption. DLAGS does not need to interact between the verifier and issuer,which can decrease the communication times and storage cost compared with the existing interactive group signature schemes. We prove and sign the blocks of messages instead of limiting the proved message to only one bit(0 or 1) in the conventional non-interactive zero-knowledge proof system,and we also prove that our scheme satisfy the property of anonymity,unlinkability and traceability. Finally,our scheme is compared with the other scheme(Benoitt's scheme) which is also based on the NIZK proofs system and the DLIN assumption,and the results show that our scheme requires fewer members of groups and computational times.
基金This work was supported by China’s National Natural Science Foundation(No.62072249,62072056).Jin Wang and Yongjun Ren received the grant and the URLs to sponsors’websites are https://www.nsfc.gov.cn/.This work was also funded by the Researchers Supporting Project No.(RSP-2021/102)King Saud University,Riyadh,Saudi Arabia.
文摘Since transactions in blockchain are based on public ledger verification,this raises security concerns about privacy protection.And it will cause the accumulation of data on the chain and resulting in the low efficiency of block verification,when the whole transaction on the chain is verified.In order to improve the efficiency and privacy protection of block data verification,this paper proposes an efficient block verification mechanism with privacy protection based on zeroknowledge proof(ZKP),which not only protects the privacy of users but also improves the speed of data block verification.There is no need to put the whole transaction on the chain when verifying block data.It just needs to generate the ZKP and root hash with the transaction information,then save them to the smart contract for verification.Moreover,the ZKP verification in smart contract is carried out to realize the privacy protection of the transaction and efficient verification of the block.When the data is validated,the buffer accepts the complete transaction,updates the transaction status in the cloud database,and packages up the chain.So,the ZKP strengthens the privacy protection ability of blockchain,and the smart contracts save the time cost of block verification.
文摘An RFID (Radio-Frequency IDentification) system provides the mechanism to identify tags to readers and then to execute specific RFID-enabled applications. In those applications, secure protocols using lightweight cryptography need to be developed and the privacy of tags must be ensured. In 2010, Batina et al. proposed a privacy-preserving grouping proof protocol for RFID based on ECC (Elliptic Curve Cryptography) in public-key cryptosystem. In the next year, Lv et al. had shown that Batina et al.’s protocol was insecure against the tracking attack such that the privacy of tags did not be preserved properly. Then they proposed a revised protocol based on Batina et al.’s work. Their revised protocol was claimed to have all security properties and resisted tracking attack. But in this paper, we prove that Lv et al.’s protocol cannot work properly. Then we propose a new version protocol with some nonce to satisfy the functions of Batina et al.’s privacy-preserving grouping proof protocol. Further we try the tracing attack made by Lv et al. on our protocol and prove our protocol can resist this attack to recover the untraceability.
基金We received funding solely from our institution to perform this research.
文摘A zero-knowledge proof or protocol is a cryptographic technique for verifying private data without revealing it in its clear form.In this paper,we evaluate the potential for zero-knowledge distributed ledger technology to alleviate asymmetry of information in the asset-backed securitization market.To frame this inquiry,we conducted market data analyses,a review of prior literature,stakeholder interviews with investors,originators and security issuers and collaboration with blockchain engineers and researchers.We introduce a new system which could enable all market participants in the securitization lifecycle(e.g.investors,rating agencies,regulators and security issuers)to interact on a unique decentralized platform while maintaining the privacy of loan-level data,therefore providing the industry with timely analytics and performance data.Our platform is powered by zkLedger(Narula et al.2018),a zero-knowledge protocol developed by the MIT Media Lab and the first system that enables participants of a distributed ledger to run publicly verifiable analytics on masked data.
基金supported in part by the National Natural Science Foundation of China under Grant 62262073in part by the Yunnan Provincial Ten Thousand People Program for Young Top Talents under Grant YNWR-QNBJ-2019-237in part by the Yunnan Provincial Major Science and Technology Special Program under Grant 202402AD080002.
文摘In the age of big data,ensuring data privacy while enabling efficient encrypted data retrieval has become a critical challenge.Traditional searchable encryption schemes face difficulties in handling complex semantic queries.Additionally,they typically rely on honest but curious cloud servers,which introduces the risk of repudiation.Furthermore,the combined operations of search and verification increase system load,thereby reducing performance.Traditional verification mechanisms,which rely on complex hash constructions,suffer from low verification efficiency.To address these challenges,this paper proposes a blockchain-based contextual semantic-aware ciphertext retrieval scheme with efficient verification.Building on existing single and multi-keyword search methods,the scheme uses vector models to semantically train the dataset,enabling it to retain semantic information and achieve context-aware encrypted retrieval,significantly improving search accuracy.Additionally,a blockchain-based updatable master-slave chain storage model is designed,where the master chain stores encrypted keyword indexes and the slave chain stores verification information generated by zero-knowledge proofs,thus balancing system load while improving search and verification efficiency.Finally,an improved non-interactive zero-knowledge proof mechanism is introduced,reducing the computational complexity of verification and ensuring efficient validation of search results.Experimental results demonstrate that the proposed scheme offers stronger security,balanced overhead,and higher search verification efficiency.
文摘The rapid evolution of quantum computing poses significant threats to traditional cryptographic schemes,particularly in Decentralized Finance(DeFi)systems that rely on legacy mechanisms like RSA and ECDSA for digital identity verification.This paper proposes a quantum-resilient,blockchain-based identity verification framework designed to address critical challenges in privacy preservation,scalability,and post-quantum security.The proposed model integrates Post-quantum Cryptography(PQC),specifically lattice-based cryptographic primitives,with Decentralized Identifiers(DIDs)and Zero-knowledge Proofs(ZKPs)to ensure verifiability,anonymity,and resistance to quantum attacks.A dual-layer architecture is introduced,comprising an identity layer for credential generation and validation,and an application layer for DeFi protocol integration.To evaluate its performance,the framework is tested on multiple real-world DeFi platforms using metrics such as verification latency,throughput,attack resistance,energy efficiency,and quantum attack simulation.The results demonstrate that the proposed framework achieves 90%latency reduction and over 35%throughput improvement compared to traditional blockchain identity solutions.It also exhibits a high quantum resistance score(95/100),with successful secure verification under simulated quantum adversaries.The revocation mechanism—implemented using Merkle-tree-based proofs—achieves average response times under 40 ms,and the system maintains secure operations with energy consumption below 9 J per authentication cycle.Additionally,the paper presents a security and cost tradeoff analysis using ZKP schemes such as Bulletproofs and STARKs,revealing superior bits-per-byte efficiency and reduced proof sizes.Real-world adoption scenarios,including integration with six major DeFi protocols,indicate a 25%increase in verified users and a 15%improvement in Total Value Locked(TVL).The proposed solution is projected to remain secure until 2041(basic version)and 2043(advanced version),ensuring long-term sustainability and future-proofing against evolving quantum threats.This work establishes a scalable,privacy-preserving identity model that aligns with emerging post-quantum security standards for decentralized ecosystems.
文摘The advancement of 6G wireless communication technology has facilitated the integration of Vehicular Ad-hoc Networks(VANETs).However,the messages transmitted over the public channel in the open and dynamic VANETs are vulnerable to malicious attacks.Although numerous researchers have proposed authentication schemes to enhance the security of Vehicle-to-Vehicle(V2V)communication,most existing methodologies face two significant challenges:(1)the majority of the schemes are not lightweight enough to support realtime message interaction among vehicles;(2)the sensitive information like identity and position is at risk of being compromised.To tackle these issues,we propose a lightweight dual authentication protocol for V2V communication based on Physical Unclonable Function(PUF).The proposed scheme accomplishes dual authentication between vehicles by the combination of Zero-Knowledge Proof(ZKP)and MASK function.The security analysis proves that our scheme provides both anonymous authentication and information unlinkability.Additionally,the performance analysis demonstrates that the computation overhead of our scheme is approximately reduced 23.4% compared to the state-of-the-art schemes.The practical simulation conducted in a 6G network environment demonstrates the feasibility of 6G-based VANETs and their potential for future advancements.
基金supported by the National Natural Science Foundation of China(61802117)Support Plan of Scientific and Technological Innovation Team in Universities of Henan Province(20IRTSTHN013)the Youth Backbone Teacher Support Program of Henan Polytechnic University under Grant(2018XQG-10).
文摘Although the existing group signature schemes from lattice have been optimized for efficiency,the signing abilities of eachmember in the group are relatively single.It may not be suitable for complex applications.Inspired by the pioneering work of Bellare and Fuchsbauer,we present a primitive called policy-based group signature.In policy-based group signatures,group members can on behalf of the group to sign documents that meet their own policies,and the generated signatures will not leak the identity and policies of the signer.Moreover,the group administrator is allowed to reveal the identity of signer when a controversy occurs.Through the analysis of application scenarios,we concluded that the policy-based group signature needs to meet two essential security properties:simulatability and traceability.And we construct a scheme of policy-based group signature from lattice through techniques such as commitment,zero-knowledge proof,rejection sampling.The security of our scheme is proved to be reduced to the module short integer solution(MSIS)and module learning with errors(MLWE)hard assumptions.Furthermore,we make a performance comparison between our scheme and three lattice-based group signature schemes.The result shows that our scheme has more advantages in storage overhead and the sizes of key and signature are decreased roughly by 83.13%,46.01%,respectively,compared with other schemes.
基金supported by the National Natural Science Foundation of China(62362013)the Guangxi Natural Science Foundation(2023GXNSFAA026294).
文摘The Internet of Vehicles(IoV)is extensively deployed in outdoor and open environments to effectively address traffic efficiency and safety issues by connecting vehicles to the network.However,due to the open and variable nature of its network topology,vehicles frequently engage in cross-domain interactions.During such processes,directly uploading sensitive information to roadside units for interaction may expose it to malicious tampering or interception by attackers,thus compromising the security of the cross-domain authentication process.Additionally,IoV imposes high real-time requirements,and existing cross-domain authentication schemes for IoV often encounter efficiency issues.To mitigate these challenges,we propose CAIoV,a blockchain-based efficient cross-domain authentication scheme for IoV.This scheme comprehensively integrates technologies such as zero-knowledge proofs,smart contracts,and Merkle hash tree structures.It divides the cross-domain process into anonymous cross-domain authentication and safe cross-domain authentication phases to ensure efficiency while maintaining a balance between efficiency and security.Finally,we evaluate the performance of CAIoV.Experimental results demonstrate that our proposed scheme reduces computational overhead by approximately 20%,communication overhead by around 10%,and storage overhead by nearly 30%.
基金This research was funded by the Natural Science Foundation of Hebei Province(F2021201052)。
文摘Data is regarded as a valuable asset,and sharing data is a prerequisite for fully exploiting the value of data.However,the current medical data sharing scheme lacks a fair incentive mechanism,and the authenticity of data cannot be guaranteed,resulting in low enthusiasm of participants.A fair and trusted medical data trading scheme based on smart contracts is proposed,which aims to encourage participants to be honest and improve their enthusiasm for participation.The scheme uses zero-knowledge range proof for trusted verification,verifies the authenticity of the patient’s data and the specific attributes of the data before the transaction,and realizes privacy protection.At the same time,the game pricing strategy selects the best revenue strategy for all parties involved and realizes the fairness and incentive of the transaction price.The smart contract is used to complete the verification and game bargaining process,and the blockchain is used as a distributed ledger to record the medical data transaction process to prevent data tampering and transaction denial.Finally,by deploying smart contracts on the Ethereum test network and conducting experiments and theoretical calculations,it is proved that the transaction scheme achieves trusted verification and fair bargaining while ensuring privacy protection in a decentralized environment.The experimental results show that the model improves the credibility and fairness of medical data transactions,maximizes social benefits,encourages more patients and medical institutions to participate in the circulation of medical data,and more fully taps the potential value of medical data.
基金supported by National Key Research and Development Project(No.2020YFB1005500)Beijing Natural Science Foundation Project(No.M21034)。
文摘With the development of Internet of Things technology,intelligent door lock devices are widely used in the field of house leasing.In the traditional housing leasing scenario,problems of door lock information disclosure,tenant privacy disclosure and rental contract disputes frequently occur,and the security,fairness and auditability of the housing leasing transaction cannot be guaranteed.To solve the above problems,a blockchain-based proxy re-encryption scheme with conditional privacy protection and auditability is proposed.The scheme implements fine-grained access control of door lock data based on attribute encryption technology with policy hiding,and uses proxy re-encryption technology to achieve auditable supervision of door lock information transactions.Homomorphic encryption technology and zero-knowledge proof technology are introduced to ensure the confidentiality of housing rent information and the fairness of rent payment.To construct a decentralized housing lease transaction architecture,the scheme realizes the efficient collaboration between the door lock data ciphertext stored under the chain and the key information ciphertext on the chain based on the blockchain and InterPlanetary File System.Finally,the security proof and computing performance analysis of the proposed scheme are carried out.The results show that the scheme can resist the chosen plaintext attack and has low computational cost.
基金supported by the National Key R&D Program of China(No.2022YFB3103400)the National Natural Science Foundation of China under Grants 61932015 and 62172317.
文摘The dynamic landscape of the Internet of Things(IoT)is set to revolutionize the pace of interaction among entities,ushering in a proliferation of applications characterized by heightened quality and diversity.Among the pivotal applications within the realm of IoT,as a significant example,the Smart Grid(SG)evolves into intricate networks of energy deployment marked by data integration.This evolution concurrently entails data interchange with other IoT entities.However,there are also several challenges including data-sharing overheads and the intricate establishment of trusted centers in the IoT ecosystem.In this paper,we introduce a hierarchical secure data-sharing platform empowered by cloud-fog integration.Furthermore,we propose a novel non-interactive zero-knowledge proof-based group authentication and key agreement protocol that supports one-to-many sharing sets of IoT data,especially SG data.The security formal verification tool shows that the proposed scheme can achieve mutual authentication and secure data sharing while protecting the privacy of data providers.Compared with previous IoT data sharing schemes,the proposed scheme has advantages in both computational and transmission efficiency,and has more superiority with the increasing volume of shared data or increasing number of participants.
基金Supported by the National Natural Science Foundation of China (Grant Nos. 60573052 and 90304013)
文摘This paper considers the existence of 3-round zero-knowledge proof systems for NP. Whether there exist 3-round non-black-box zero-knowledge proof systems for NP language is an open problem. By introducing a new interactive proof model, we construct a 3-round zero-knowledge proof system for graph 3-coloring under standard assumptions. Our protocol is a non-black-box zero-knowledge proof because we adopt a special strategy to prove the zero-knowledge property. Consequently, our construction shows the existence of 3-round non-black-box zero-knowledge proof for all languages in NP under the DDH assumption.
文摘函数加密是一种新型原语,通过函数密钥解密可以得到关于消息的函数值,而不会泄露消息的其他信息.通用群模型(generic group model,GGM)是一种可以用来分析方案构造安全性的理想化模型.由于目前还没有针对GGM的有效攻击,且能在GGM下证明安全的方案都比较高效,越来越多的函数加密方案在GGM下证明安全性.2017年,Baltico等人提出了第一个公钥二次函数加密方案,并在GGM下证明了自适应的不可区分安全性.然而,目前无论是在标准假设还是GGM下,没有能达到自适应可模拟安全性的公钥二次函数加密方案.本文根据公钥二次函数加密可模拟安全的定义,证明了Baltico等人提出的方案在GGM下具有更强的自适应可模拟安全性.由于证明过程繁琐,本文借助计算机辅助,设计了在GGM下证明公钥二次函数加密方案具有可模拟安全性的自动证明工具.该工具是第一个针对函数加密方案设计的自动证明工具,且该工具不仅能快速测试在GGM下构造的函数方案是否具有可模拟安全性,还可以作为标准假设下构造安全函数加密方案的初步验证.
文摘近些年,无线医疗传感器网络(Wireless Medicine Sensor Networks,WMSNs)得到了广泛的应用。WMSNs提高了患者护理质量,但同时也存在许多安全隐患。为了保护患者数据的隐私安全,Yi等人提出了一个基于Paillier密码系统的分布式ElGamal密码系统。然而,Rao分析了他们的方案并展示了一种可行的攻击,该攻击允许攻击者获取密钥。因此,是否可以将具有加法同态性质的密码系统修改为安全的分布式解密系统,以实现更简单的分布式密钥生成和更高效的分布式解密仍然是一个挑战。针对上述挑战,该文提出了一种基于Castagnos和Laguillaumie(CL)加密的改进分布式解密系统,并对未知阶群G上的离散对数关系给出了有效的零知识证明。与其他分布式解密系统相比,基于CL加密的改进分布式系统具有良好的性能、更可靠的设置、更高的安全级别。
