Research And Implementation Of Accumulator-Based Revocable Anonymous Credential System

The development of Internet application made online service applied widely,such as e-payment,e-health,e-government.The common point of all these service is that users have to be authenticated by the service provider.During the authentication,the user need to provide the information of himself.The information may contains user's privacy.To prevent evil provider from collecting users'privacy or profiling the user by link different authentication,there need to be a technology to protect users' privacy when they are being authenticated.That is,users don't need to provide extra information of themselves,just need to give the corresponding credential to get access to the service resource.An anonymous credential system is a credential system based on anonymous authentication.In this system,users show credentials by proving the attributes according to the policies of the verifier.In the traditional anonymous credential,when the attributes grow too fast,the time of proving these will became extremely long.So,raising the credential showing efficiency is a hot spot of research.Besides,to prevent invalid credentials from reusing,anonymous credential system has to provide revocation of the credentials.But,the traditional revocation strategy is whitelist style.Revoking user's credentials can leak user's personal information,so there should be an anonymous credential revocation strategy.The current systems are lacking of this character,thus this is an important problem that need to be solved.To design a secure and efficient anonymous credential system,we base on elliptic curve cryptography with CKS accumulator to make the BLS+ signature scheme and BGLS+ signature scheme revocable,which makes use's privacy can be protected during the credential revocation.Then,base on these two schemes we design the credentials issuance protocol,attributes AND relation proof protocol and credentials revocation protocol.In the attributes AND relation proof protocol,we use BGLS+signature scheme to aggregate several signatures to make those can be verified in constant time.We also adapt Java to implement these protocols and prepare our system's attributes AND relation proof protocol with two classical systems'.We prove that we solve the linear time complexity problem.Making the original proof time from linear time complexity to constant time complexity.Besides,we also compare the parameters,length and signatures' length.From this comparison,we can figure that our system can use less space to save these parameters and signatures.