|
|
Accountable attribute-based authentication with fine-grained access control and its application to crowdsourcing |
Peng LI, Junzuo LAI( ), Yongdong WU |
College of Information Science and Technology, Jinan University, Guangzhou 510632, China |
|
|
Abstract We introduce a new notion called accountable attribute-based authentication with fine-grained access control (AccABA), which achieves (i) fine-grained access control that prevents ineligible users from authenticating; (ii) anonymity such that no one can recognize the identity of a user; (iii) public accountability, i.e., as long as a user authenticates two different messages, the corresponding authentications will be easily identified and linked, and anyone can reveal the user’s identity without any help from a trusted third party. Then, we formalize the security requirements in terms of unforgeability, anonymity, linkability and traceability, and give a generic construction to fulfill these requirements. Based on AccABA, we further present the first attribute-based, fair, anonymous and publicly traceable crowdsourcing scheme on blockchain, which is designed to filter qualified workers to participate in tasks, and ensures the fairness of the competition between workers, and finally balances the tension between anonymity and accountability.
|
Keywords
fine-grained access control
anonymous authentication
accountability
fairness
crowdsourcing
blockchain
|
Corresponding Author(s):
Junzuo LAI
|
Just Accepted Date: 26 March 2021
Issue Date: 01 March 2022
|
|
1 |
D Chaum, E Van Heyst. Group signatures. In: Proceedings of Workshop on the Theory and Application of Cryptographic Techniques. 1991, 257– 265
|
2 |
J K Liu, T H Yuen, J Zhou. Forward secure ring signature without random oracles. In: Proceedings of International Conference on Information and Communications Security. 2011, 1– 14
|
3 |
J Li, M H Au, W Susilo, D Xie, K Ren. Attribute-based signature and its applications. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security. 2010, 60– 69
|
4 |
Tan S Y, Groß T. Monipoly—an expressive q-SDH-based anonymous attribute-based credential system. In: Proceedings of the 26th International Conference on the Theory and Application of Cryptology and Information Security. 2020, 498–526
|
5 |
H K Maji, M Prabhakaran. Rosulek M. Attribute-based signatures. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2011, 376– 392
|
6 |
T Nakanishi , T Fujiwara , H Watanabe . A linkable group signature and its application to secret voting. Transactions of Information Processing Society of Japan, 1999, 40( 7): 3085– 3096
|
7 |
X Boyen, T Haines. Forward-secure linkable ring signatures. In: Proceedings of Australasian Conference on Information Security and Privacy. 2018, 245– 264
|
8 |
Bootle J, Cerulli A, Chaidos P, Ghadafi E, Groth J, Petit C. Short accountable ring signatures based on DDH. In: Proceedings of the 20th European Symposium on Research in Computer Security. 2015, 243–265
|
9 |
K Gu , K Wang , L Yang . Traceable attribute-based signature. Journal of Information Security and Applications, 2019, 49 : 102400–
|
10 |
Kaaniche N, Laurent M. Attribute-based signatures for supporting anonymous certification. In: Proceedings of the 21st European Symposium on Research in Computer Security. 2016, 279–300
|
11 |
I Teranishi, J Furukawa, K Sako. K-times anonymous authentication. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security. 2004, 308– 322
|
12 |
Wei V K. Tracing-by-linking group signatures. In: Proceedings of the 8th International Conference on Information Security. 2005, 149–163
|
13 |
M H Au, P P Tsang, W Susilo, Y Mu. Dynamic universal accumulators for DDH groups and their application to attribute-based anonymous credential systems. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2009, 295– 308
|
14 |
C Hébant , D Pointcheval . Traceable attribute-based anonymous credentials. IACR Cryptology ePrint Archive, 2020, 2020 : 657–
|
15 |
Camenisch J, Drijvers M, Lehmann A. Universally composable direct anonymous attestation. In: Proceedings of the 19th IACR International Conference on Practice and Theory in Public-Key Cryptography. 2016, 234–264
|
16 |
D Derler, D Slamanig. Highly-efficient fully-anonymous dynamic group signatures. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security. 2018, 551– 565
|
17 |
Kuchta V, Sahu R A, Saraswat V, Sharma G, Sharma N, Markowitch O. Anonymous yet traceable strong designated verifier signature. In: Proceedings of the 21st International Conference on Information Security. 2018, 403–421
|
18 |
J Y Hwang , L Chen , H S Cho , D Nyang . Short dynamic group signature scheme supporting controllable linkability. IEEE Transactions on Information Forensics and Security, 2015, 10( 6): 1109– 1124
|
19 |
H Zheng , Q Wu , Z Guan , B Qin , S He , J Liu . Achieving liability in anonymous communication: auditing and tracing. Computer Communications, 2019, 145 : 1– 13
|
20 |
Zheng H, Wu Q, Qin B, Zhong L, He S, Liu J. Linkable group signature for auditing anonymous communication. In: Proceedings of the 23rd Australasian Conference on Information Security and Privacy. 2018, 304–321
|
21 |
E Fujisaki. Sub-linear size traceable ring signatures without random oracles. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2011, 393– 415
|
22 |
M H Au , J K Liu , W Susilo , T H Yuen . Secure ID-based linkable and revocable-iff-linked ring signature with constant-size construction. Theoretical Computer Science, 2013, 469 : 1– 14
|
23 |
El Kaafarani A, Chen L, Ghadafi E, Davenport J. Attribute-based signatures with user-controlled linkability. In: Proceedings of the 13th International Conference on Cryptology and Network Security. 2014, 256–269
|
24 |
El Kaafarani A, Ghadafi E. Attribute-based signatures with user-controlled linkability without random oracles. In: Proceedings of the 16th IMA International Conference on Cryptography and Coding. 2017, 161–184
|
25 |
Urquidi M, Khader D, Lancrenon J, Chen L. Attribute-based signatures with controllable linkability. In: Proceedings of the 17th International Conference on Trusted Systems. 2015, 114–129
|
26 |
E Ghadafi. Stronger security notions for decentralized traceable attribute-based signatures and more efficient constructions. In: Proceedings of Cryptographer’s Track at the RSA Conference. 2015, 391– 409
|
27 |
K Bemmann, J Blömer, J Bobolz, H Bröcher, D Diemert, F Eidens, L Eilers, J Haltermann, J Juhnke, B Otour, L Porzenheim, S Pukrop, E Schilling, M Schlichtig, M Stienemeier. Fully-featured anonymous credentials with reputation system. In: Proceedings of the 13th International Conference on Availability, Reliability and Security. 2018, 42
|
28 |
Rivest R L, Shamir A, Tauman Y. How to leak a secret. In: Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security. 2001, 552–565
|
29 |
D Chaum. Blind signatures for untraceable payments. In: Proceedings of Advances in Cryptology. 1983, 199– 203
|
30 |
J Camenisch, A Lysyanskaya. An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Proceedings of International Conference on the Theory and Application of Cryptographic Techniques. 2001, 93– 118
|
31 |
Bellare M, Fuchsbauer G. Policy-based signatures. In: Proceedings of the 17th International Conference on Practice and Theory in Public-Key Cryptography. 2014, 520–537
|
32 |
K Samelin, D Slamanig. Policy-based sanitizable signatures. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2020, 538– 563
|
33 |
Okamoto T, Takashima K. Decentralized attribute-based signatures. In: Proceedings of the 16th International Conference on Practice and Theory in Public-Key Cryptography. 2013, 125–142
|
34 |
Tang F, Li H, Liang B. Attribute-based signatures for circuits from multilinear maps. In: Proceedings of the 17th International Conference on Information Security. 2014, 54–71
|
35 |
Y Sakai , N Attrapadung , G Hanaoka . Practical attribute-based signature schemes for circuits from bilinear map. IET Information Security, 2018, 12( 3): 184– 193
|
36 |
Camenisch J, Drijvers M, Dzurenda P, Hajny J. Fast keyed-verification anonymous credentials on standard smart cards. In: Proceedings of the 34th IFIP TC 11 International Conference on ICT Systems Security and Privacy Protection. 2019, 286–298
|
37 |
Garman C, Green M, Miers I. Decentralized anonymous credentials. In: Proceedings of the 21st Annual Network and Distributed System Security Symposium. 2014, 1–15
|
38 |
Blömer J, Bobolz J. Delegatable attribute-based anonymous credentials from dynamically malleable signatures. In: Proceedings of the 16th International Conference on Applied Cryptography and Network Security. 2018, 221–239
|
39 |
J Blömer, J Bobolz, D Diemert, F Eidens. Updatable anonymous credentials and applications to incentive systems. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 2019, 1671-1685
|
40 |
S Ding, Y Zhao, Y Liu. Efficient traceable attribute-based signature. In: Proceedings of the 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. 2014, 582– 589
|
41 |
S Krenn, K Samelin, C Striecks. Practical group-signatures with privacy-friendly openings. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. 2019, 10
|
42 |
Zhang X, Liu J K, Steinfeld R, Kuchta V, Yu J. Revocable and linkable ring signature. In: Proceedings of the 15th International Conference on Information Security and Cryptology. 2019, 3–27
|
43 |
Au M H, Susilo W, Yiu S M. Event-oriented k-times revocable-iff-linked group signatures. In: Proceedings of the 11th Australasian Conference on Information Security and Privacy. 2006, 223–234
|
44 |
Au M H, Liu J K, Susilo W, Yuen T H. Constant-size id-based linkable and revocable-iff-linked ring signature. In: Proceedings of the 7th International Conference on Cryptology in India. 2006, 364–378
|
45 |
Fujisaki E, Suzuki K. Traceable ring signature. In: Proceedings of the 10th International Conference on Practice and Theory in Public-Key Cryptography. 2007, 181–200
|
46 |
J Bethencourt, A Sahai, B Waters. Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy. 2007, 321– 334
|
47 |
Waters B. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography. 2011, 53–70
|
48 |
Ganesh C, Orlandi C, Tschudi D. Proof-of-stake protocols for privacy-aware blockchains. In: Proceedings of the 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2019, 690–719
|
49 |
Bellare M, Poettering B, Stebila D. Deterring certificate subversion: efficient double-authentication-preventing signatures. In: Proceedings of the 20th IACR International Conference on Practice and Theory in Public-Key Cryptography. 2017, 121–151
|
50 |
S K N Müller , C Tekin , Der Schaar M Van , A Klein . Context-aware hierarchical online learning for performance maximization in mobile crowdsourcing. IEEE/ACM Transactions on Networking, 2018, 26( 3): 1334– 1347
|
51 |
M Li , J Weng , A Yang , W Lu , Y Zhang , L Hou , J N Liu , Y Xiang , R H Deng . CrowdBC: a blockchain-based decentralized framework for crowdsourcing. IEEE Transactions on Parallel and Distributed Systems, 2019, 30( 6): 1251– 1266
|
52 |
Y Lu, Q Tang, G Wang. ZebraLancer: private and anonymous crowdsourcing system atop open blockchain. In: Proceedings of the 38th IEEE International Conference on Distributed Computing Systems. 2018, 853– 865
|
53 |
W Feng , Z Yan . MCS-Chain: decentralized and trustworthy mobile crowdsourcing based on blockchain. Future Generation Computer Systems, 2019, 95 : 649– 666
|
54 |
J Chen , J Chen , K He , R Du . SeCrowd: efficient secure interactive crowdsourcing via permission-based signatures. Future Generation Computer Systems, 2021, 115 : 448– 458
|
55 |
D Yang , G Xue , X Fang , J Tang . Incentive mechanisms for crowdsensing: crowdsourcing with smartphones. IEEE/ACM Transactions on Networking, 2016, 24( 3): 1732– 1744
|
56 |
T Yan, M Marzilli, R Holmes, D Ganesan, M Corner. mCrowd: a platform for mobile crowdsourcing. In: Proceedings of the 7th ACM Conference on Embedded Networked Sensor Systems. 2009, 347– 348
|
57 |
D Zhao , X Y Li , H Ma . Budget-feasible online incentive mechanisms for crowdsourcing tasks truthfully. IEEE/ACM Transactions on Networking, 2016, 24( 2): 647– 661
|
58 |
J Shu , X Liu , X Jia , K Yang , R H Deng . Anonymous privacy-preserving task matching in crowdsourcing. IEEE Internet of Things Journal, 2018, 5( 4): 3068– 3078
|
59 |
M Yang , T Zhu , K Liang , W Zhou , R H Deng . A blockchain-based location privacy-preserving crowdsensing system. Future Generation Computer Systems, 2019, 94 : 408– 418
|
60 |
Y Wu , S Tang , B Zhao , Z Peng . BPTM: blockchain-based privacy-preserving task matching in crowdsourcing. IEEE Access, 2019, 7 : 45605– 45617
|
61 |
Chatzopoulos D, Gujar S, Faltings B, Hui P. Privacy preserving and cost optimal mobile crowdsensing using smart contracts on blockchain. In: Proceedings of the 15th IEEE International Conference on Mobile Ad Hoc and Sensor Systems. 2018, 442–450
|
62 |
K Zhao , S Tang , B Zhao , Y Wu . Dynamic and privacy-preserving reputation management for blockchain-based mobile crowdsensing. IEEE Access, 2019, 7 : 74694– 74710
|
63 |
An B, Xiao M, Liu A, Gao G, Zhao H. Truthful crowdsensed data trading based on reverse auction and blockchain. In: Proceedings of the 24th International Conference on Database Systems for Advanced Applications. 2019, 292–309
|
64 |
Li Q, Cao G. Providing efficient privacy-aware incentives for mobile sensing. In: Proceedings of the 34th IEEE International Conference on Distributed Computing Systems. 2014, 208–217
|
65 |
Rahaman S, Cheng L, Yao D D, Li H, Park J M J. Provably secure anonymous-yet-accountable crowdsensing with scalable sublinear revocation. Proceedings on Privacy Enhancing Technologies, 2017, 2017(4): 384–403
|
66 |
Emura K, Miyaji A, Omote K. Adaptive secure-channel free public-key encryption with keyword search implies timed release encryption. In: Proceedings of the 14th International Conference on Information Security. 2011, 102–118
|
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|