Research And Implementation Of Anonymous Credential System Based On Aggregation Signature

The rapid development of network and communication technology has brought tremendous changes to the way people work and live. With more and more people use the network in their life, electronic identitycredentials (eID) arise at the historic moment. But, the raise of privacy-preserving identity management amplifies the need for a balance between strong security and privacy protection. Moreover, anonymous credentials have been a key point. In addition to the basic anonymous, attributes proof also play an important role in the anonymous credential system. Service providers (SP) satisfytheneedsof the eligible customers by verifying the credentials during attribute proofs protecting the sensitive information of users. However, it is different with traditional authentication technology, which just needs the necessary information about the user. Users can get the services from the SP, unrevealing other information and protecting the user’s information. So preventing malicious SP sells the user’s information to other entities, connects users’ history records and tracks users’ behaviors such as dangerous by using anonymous credentials.In order to establish a safe and effective anonymous identity authentication system based on modifying BLS short signature scheme and BGLS group signature scheme. And realizing its logical relationships that may be used in the application of attribute proofs. The work of this thesis is mainly has the following several aspects:(1) Research and extend BLS short signature scheme to get BLS+signature scheme, which issused to construct an anonymous credential system, and proof BLS+ signature is secure against existential forgery under adaptive chosen-message; (2)In order to aggregating credentials of one user, researching and extending BGLS aggregation signature scheme to get BGLS+signature scheme, moreover, we proof that BGLS+is existentially unforgeability under adaptive chosen-message and known message as well as aggregate chosen-key model; (3) Propose an AND relation proof protocol about multi-attributes by aggregating signatures, then we can get that the number of exponentiations and pairings is constant no matter how mang attributes needed to be proved; (4)Propose a OR relation proof protocol about multi-attributes, then we can get that the number of exponentiations is only relative to the number of attributes needed to be proved and the number of pairing is constant no mater how mang attributes needed to be proved.This thesis has carried on the detailed processing illustration and algorithm descriptions, and it includes the necessary theoretical proof using to illustrate the correctness of algorithm. The experiment executed on the messages verifies the performance of the credential.