西安电子科技大学学报 ›› 2023, Vol. 50 ›› Issue (5): 142-155.doi: 10.19665/j.issn1001-2400.20230408

• 网络空间安全 • 上一篇    下一篇

可验证可追溯电子证照共享存证方案

王林冬1,2,3,4(),田有亮1,2,3,4(),杨科迪1,2,3,4(),肖曼1,2(),熊金波1,2,5()   

  1. 1.贵州大学 公共大数据国家重点实验室,贵州 贵阳 550025
    2.贵州大学 计算机科学与技术学院,贵州 贵阳 550025
    3.贵州大学 密码学与数据安全研究所,贵州 贵阳 550025
    4.贵州大学 贵州省密码学与区块链技术特色重点实验室,贵州 贵阳 550025
    5.福建师范大学 计算机与网络空间安全学院,福建 福州 350117
  • 收稿日期:2023-01-16 出版日期:2023-10-20 发布日期:2023-11-21
  • 通讯作者: 田有亮
  • 作者简介:王林冬(1997—),男,贵州大学硕士研究生,E-mail:158338402@qq.com;|杨科迪(1990—),男,贵州大学博士研究生,E-mail:kdyang.gz@gmail.com;|肖 曼(1997—),女,贵州大学硕士研究生,E-mail:1121952597@qq.com;|熊金波(1981—),男,教授,E-mail:jbxiong@fjnu.edu.cn
  • 基金资助:
    国家重点研发计划(2021YFB3101100);国家自然科学基金(62272123);国家自然科学基金(62272102);贵州省高层次创新型人才(黔科合平台人才[2020]6008);贵阳市科技计划(筑科合[2021]1-5);贵阳市科技计划(筑科合[2022]2-4);贵州省科技计划(黔科合平台人才[2020]5017);贵州省科技计划(黔科合支撑[2022]一般065)

Verifiable traceable electronic license sharing deposit scheme

WANG Lindong1,2,3,4(),TIAN Youliang1,2,3,4(),YANG Kedi1,2,3,4(),XIAO Man1,2(),XIONG Jinbo1,2,5()   

  1. 1. State Key Laboratory of Public Big Date,Guizhou University,Guiyang 550025,China
    2. College of Computer Science and Technology,Guizhou University,Guiyang 550025,China
    3. Institute of Cryptography & Data Security,Guizhou University,Guiyang 550025,China
    4. Guizhou Provincial Key Laboratory of Cryptography & Blockchain Technology, Guizhou University,Guiyang 550025,China
    5. College of Computer and Cyber Security,Fujian Normal University,Fuzhou 350117,China
  • Received:2023-01-16 Online:2023-10-20 Published:2023-11-21
  • Contact: Youliang TIAN

摘要:

可验证性及可追溯性是电子证照共享留存面临的重要挑战,传统方法仅通过电子签章技术确保发证方的可验证性,但持证方、存证方的可验证性以及证照泄露的可追溯性却难以得到保证。为此,提出可验证可追溯电子证照共享存证方案。首先,针对电子证照非授权使用问题以及泄露后无法追溯问题,构建电子证照共享存证系统模型;其次,针对传统强鲁棒水印算法中的水印信息丢失问题,基于BCH码改进现有强鲁棒水印算法,从而实现水印信息失真可纠错;最后,为实现发证方、持证方、存证方三方可验证性以及电子证照泄露后的高效可追溯,结合所提鲁棒水印以及可逆信息隐藏技术,构建可验证可追溯电子证照模型,并在此基础上设计电子证照共享存证协议,从而确保证照的真实授权使用以及泄露后的高效可追溯。通过安全性及效率分析表明,该方案能在确保三方可验证的前提下实现证照泄露后的高效可追溯,且具有较好的抗共谋攻击检测能力,同时其执行时间消耗较少,足以满足实际应用的需求。

关键词: 鲁棒水印, 可逆信息隐藏, 电子证照, 可验证, 可追溯

Abstract:

Verifiability and traceability are important challenges to the sharing and retention of electronic licenses.Traditional methods only ensure the verifiability of the issuer through electronic signature technology,but the verifiability of the holder and the depositor and the traceability of the license leakage are difficult to guarantee.Therefore,a verifiable and traceable electronic license sharing deposit scheme is proposed.First,aiming at the problem of unauthorized use of electronic licenses and the inability to trace after leakage,a model of the electronic license sharing and deposit system is constructed.Second,aiming at the problem of watermark information loss in the traditional strong robust watermarking algorithm,the existing strong robust watermarking algorithm is improved based on the BCH code,so as to realize the error correction of watermark information distortion.Finally,in order to realize the verifiability of the issuer,the holder and the depositor as well as the efficient traceability after the leakage of the electronic license,the verifiable and traceable electronic license model is constructed by combining the proposed robust watermark and reversible information hiding technology,on the basis of which the electronic license sharing and deposit protocol is designed to ensure the real authorized use of the license and the efficient traceability after the leakage.The analysis of security and efficiency shows that this scheme can achieve an efficient traceability after license leakage and has a good anti-collusion attack detection ability under the premise of ensuring the verifiability of the three parties,and that its execution time consumption is low enough to meet the needs of practical applications.

Key words: robust watermarking, reversible information hiding, electronic license, verifiable, traceable

中图分类号: 

  • TP309.7