Abstract
We introduce a new notion called accountable attribute-based authentication with fine-grained access control (AccABA), which achieves (i) fine-grained access control that prevents ineligible users from authenticating; (ii) anonymity such that no one can recognize the identity of a user; (iii) public accountability, i.e., as long as a user authenticates two different messages, the corresponding authentications will be easily identified and linked, and anyone can reveal the user’s identity without any help from a trusted third party. Then, we formalize the security requirements in terms of unforgeability, anonymity, linkability and traceability, and give a generic construction to fulfill these requirements. Based on AccABA, we further present the first attribute-based, fair, anonymous and publicly traceable crowdsourcing scheme on blockchain, which is designed to filter qualified workers to participate in tasks, and ensures the fairness of the competition between workers, and finally balances the tension between anonymity and accountability.
Similar content being viewed by others
References
Chaum D, Van Heyst E. Group signatures. In: Proceedings of Workshop on the Theory and Application of Cryptographic Techniques. 1991, 257–265
Liu J K, Yuen T H, Zhou J. Forward secure ring signature without random oracles. In: Proceedings of International Conference on Information and Communications Security. 2011, 1–14
Li J, Au M H, Susilo W, Xie D, Ren K. Attribute-based signature and its applications. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security. 2010, 60–69
Tan S Y, Groß T. Monipoly—an expressive q-SDH-based anonymous attribute-based credential system. In: Proceedings of the 26th International Conference on the Theory and Application of Cryptology and Information Security. 2020, 498–526
Maji H K, Prabhakaran M. Rosulek M. Attribute-based signatures. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2011, 376–392
Nakanishi T, Fujiwara T, Watanabe H. A linkable group signature and its application to secret voting. Transactions of Information Processing Society of Japan, 1999, 40(7): 3085–3096
Boyen X, Haines T. Forward-secure linkable ring signatures. In: Proceedings of Australasian Conference on Information Security and Privacy. 2018, 245–264
Bootle J, Cerulli A, Chaidos P, Ghadafi E, Groth J, Petit C. Short accountable ring signatures based on DDH. In: Proceedings of the 20th European Symposium on Research in Computer Security. 2015, 243–265
Gu K, Wang K, Yang L. Traceable attribute-based signature. Journal of Information Security and Applications, 2019, 49: 102400
Kaaniche N, Laurent M. Attribute-based signatures for supporting anonymous certification. In: Proceedings of the 21st European Symposium on Research in Computer Security. 2016, 279–300
Teranishi I, Furukawa J, Sako K. K-times anonymous authentication. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security. 2004, 308–322
Wei V K. Tracing-by-linking group signatures. In: Proceedings of the 8th International Conference on Information Security. 2005, 149–163
Au M H, Tsang P P, Susilo W, Mu Y. Dynamic universal accumulators for DDH groups and their application to attribute-based anonymous credential systems. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2009, 295–308
Hébant C, Pointcheval D. Traceable attribute-based anonymous credentials. IACR Cryptology ePrint Archive, 2020, 2020: 657
Camenisch J, Drijvers M, Lehmann A. Universally composable direct anonymous attestation. In: Proceedings of the 19th IACR International Conference on Practice and Theory in Public-Key Cryptography. 2016, 234–264
Derler D, Slamanig D. Highly-efficient fully-anonymous dynamic group signatures. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security. 2018, 551–565
Kuchta V, Sahu R A, Saraswat V, Sharma G, Sharma N, Markowitch O. Anonymous yet traceable strong designated verifier signature. In: Proceedings of the 21st International Conference on Information Security. 2018, 403–421
Hwang J Y, Chen L, Cho H S, Nyang D. Short dynamic group signature scheme supporting controllable linkability. IEEE Transactions on Information Forensics and Security, 2015, 10(6): 1109–1124
Zheng H, Wu Q, Guan Z, Qin B, He S, Liu J. Achieving liability in anonymous communication: auditing and tracing. Computer Communications, 2019, 145: 1–13
Zheng H, Wu Q, Qin B, Zhong L, He S, Liu J. Linkable group signature for auditing anonymous communication. In: Proceedings of the 23rd Australasian Conference on Information Security and Privacy. 2018, 304–321
Fujisaki E. Sub-linear size traceable ring signatures without random oracles. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2011, 393–415
Au M H, Liu J K, Susilo W, Yuen T H. Secure ID-based linkable and revocable-iff-linked ring signature with constant-size construction. Theoretical Computer Science, 2013, 469: 1–14
El Kaafarani A, Chen L, Ghadafi E, Davenport J. Attribute-based signatures with user-controlled linkability. In: Proceedings of the 13th International Conference on Cryptology and Network Security. 2014, 256–269
El Kaafarani A, Ghadafi E. Attribute-based signatures with user-controlled linkability without random oracles. In: Proceedings of the 16th IMA International Conference on Cryptography and Coding. 2017, 161–184
Urquidi M, Khader D, Lancrenon J, Chen L. Attribute-based signatures with controllable linkability. In: Proceedings of the 17th International Conference on Trusted Systems. 2015, 114–129
Ghadafi E. Stronger security notions for decentralized traceable attribute-based signatures and more efficient constructions. In: Proceedings of Cryptographer’s Track at the RSA Conference. 2015, 391–409
Bemmann K, Blömer J, Bobolz J, Bröcher H, Diemert D, Eidens F, Eilers L, Haltermann J, Juhnke J, Otour B, Porzenheim L, Pukrop S, Schilling E, Schlichtig M, Stienemeier M. Fully-featured anonymous credentials with reputation system. In: Proceedings of the 13th International Conference on Availability, Reliability and Security. 2018, 42
Rivest R L, Shamir A, Tauman Y. How to leak a secret. In: Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security. 2001, 552–565
Chaum D. Blind signatures for untraceable payments. In: Proceedings of Advances in Cryptology. 1983, 199–203
Camenisch J, Lysyanskaya A. An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Proceedings of International Conference on the Theory and Application of Cryptographic Techniques. 2001, 93–118
Bellare M, Fuchsbauer G. Policy-based signatures. In: Proceedings of the 17th International Conference on Practice and Theory in Public-Key Cryptography. 2014, 520–537
Samelin K, Slamanig D. Policy-based sanitizable signatures. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2020, 538–563
Okamoto T, Takashima K. Decentralized attribute-based signatures. In: Proceedings of the 16th International Conference on Practice and Theory in Public-Key Cryptography. 2013, 125–142
Tang F, Li H, Liang B. Attribute-based signatures for circuits from multilinear maps. In: Proceedings of the 17th International Conference on Information Security. 2014, 54–71
Sakai Y, Attrapadung N, Hanaoka G. Practical attribute-based signature schemes for circuits from bilinear map. IET Information Security, 2018, 12(3): 184–193
Camenisch J, Drijvers M, Dzurenda P, Hajny J. Fast keyed-verification anonymous credentials on standard smart cards. In: Proceedings of the 34th IFIP TC 11 International Conference on ICT Systems Security and Privacy Protection. 2019, 286–298
Garman C, Green M, Miers I. Decentralized anonymous credentials. In: Proceedings of the 21st Annual Network and Distributed System Security Symposium. 2014, 1–15
Blömer J, Bobolz J. Delegatable attribute-based anonymous credentials from dynamically malleable signatures. In: Proceedings of the 16th International Conference on Applied Cryptography and Network Security. 2018, 221–239
Blömer J, Bobolz J, Diemert D, Eidens F. Updatable anonymous credentials and applications to incentive systems. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 2019, 1671–1685
Ding S, Zhao Y, Liu Y. Efficient traceable attribute-based signature. In: Proceedings of the 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. 2014, 582–589
Krenn S, Samelin K, Striecks C. Practical group-signatures with privacy-friendly openings. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. 2019, 10
Zhang X, Liu J K, Steinfeld R, Kuchta V, Yu J. Revocable and linkable ring signature. In: Proceedings of the 15th International Conference on Information Security and Cryptology. 2019, 3–27
Au M H, Susilo W, Yiu S M. Event-oriented k-times revocable-ifflinked group signatures. In: Proceedings of the 11th Australasian Conference on Information Security and Privacy. 2006, 223–234
Au M H, Liu J K, Susilo W, Yuen T H. Constant-size id-based linkable and revocable-iff-linked ring signature. In: Proceedings of the 7th International Conference on Cryptology in India. 2006, 364–378
Fujisaki E, Suzuki K. Traceable ring signature. In: Proceedings of the 10th International Conference on Practice and Theory in Public-Key Cryptography. 2007, 181–200
Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy. 2007, 321–334
Waters B. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography. 2011, 53–70
Ganesh C, Orlandi C, Tschudi D. Proof-of-stake protocols for privacy-aware blockchains. In: Proceedings of the 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2019, 690–719
Bellare M, Poettering B, Stebila D. Deterring certificate subversion: efficient double-authentication-preventing signatures. In: Proceedings of the 20th IACR International Conference on Practice and Theory in Public-Key Cryptography. 2017, 121–151
Müller S K N, Tekin C, Van Der Schaar M, Klein A. Context-aware hierarchical online learning for performance maximization in mobile crowdsourcing. IEEE/ACM Transactions on Networking, 2018, 26(3): 1334–1347
Li M, Weng J, Yang A, Lu W, Zhang Y, Hou L, Liu J N, Xiang Y, Deng R H. CrowdBC: a blockchain-based decentralized framework for crowdsourcing. IEEE Transactions on Parallel and Distributed Systems, 2019, 30(6): 1251–1266
Lu Y, Tang Q, Wang G. ZebraLancer: private and anonymous crowdsourcing system atop open blockchain. In: Proceedings of the 38th IEEE International Conference on Distributed Computing Systems. 2018, 853–865
Feng W, Yan Z. MCS-Chain: decentralized and trustworthy mobile crowdsourcing based on blockchain. Future Generation Computer Systems, 2019, 95: 649–666
Chen J, Chen J, He K, Du R. SeCrowd: efficient secure interactive crowdsourcing via permission-based signatures. Future Generation Computer Systems, 2021, 115: 448–458
Yang D, Xue G, Fang X, Tang J. Incentive mechanisms for crowdsensing: crowdsourcing with smartphones. IEEE/ACM Transactions on Networking, 2016, 24(3): 1732–1744
Yan T, Marzilli M, Holmes R, Ganesan D, Corner M. mCrowd: a platform for mobile crowdsourcing. In: Proceedings of the 7th ACM Conference on Embedded Networked Sensor Systems. 2009, 347–348
Zhao D, Li X Y, Ma H. Budget-feasible online incentive mechanisms for crowdsourcing tasks truthfully. IEEE/ACM Transactions on Networking, 2016, 24(2): 647–661
Shu J, Liu X, Jia X, Yang K, Deng R H. Anonymous privacy-preserving task matching in crowdsourcing. IEEE Internet of Things Journal, 2018, 5(4): 3068–3078
Yang M, Zhu T, Liang K, Zhou W, Deng R H. A blockchain-based location privacy-preserving crowdsensing system. Future Generation Computer Systems, 2019, 94: 408–418
Wu Y, Tang S, Zhao B, Peng Z. BPTM: blockchain-based privacy-preserving task matching in crowdsourcing. IEEE Access, 2019, 7: 45605–45617
Chatzopoulos D, Gujar S, Faltings B, Hui P. Privacy preserving and cost optimal mobile crowdsensing using smart contracts on blockchain. In: Proceedings of the 15th IEEE International Conference on Mobile Ad Hoc and Sensor Systems. 2018, 442–450
Zhao K, Tang S, Zhao B, Wu Y. Dynamic and privacy-preserving reputation management for blockchain-based mobile crowdsensing. IEEE Access, 2019, 7: 74694–74710
An B, Xiao M, Liu A, Gao G, Zhao H. Truthful crowdsensed data trading based on reverse auction and blockchain. In: Proceedings of the 24th International Conference on Database Systems for Advanced Applications. 2019, 292–309
Li Q, Cao G. Providing efficient privacy-aware incentives for mobile sensing. In: Proceedings of the 34th IEEE International Conference on Distributed Computing Systems. 2014, 208–217
Rahaman S, Cheng L, Yao D D, Li H, Park J M J. Provably secure anonymous-yet-accountable crowdsensing with scalable sublinear revocation. Proceedings on Privacy Enhancing Technologies, 2017, 2017(4): 384–403
Emura K, Miyaji A, Omote K. Adaptive secure-channel free public-key encryption with keyword search implies timed release encryption. In: Proceedings of the 14th International Conference on Information Security. 2011, 102–118
Acknowledgements
This work was supported by the National Natural Science Foundation of China (Grant Nos. U2001205, 61922036, 61932011), Guangdong Basic and Applied Basic Research Foundation (Grant Nos. 2019B030302008, 2019B1515120010), Science and Technology Project of Guangzhou City (Grant No. 201707010320), TESTBED2 (Grant No. H2020-MSCA-RISE-2019), and National Key Research and Development Program of China (Grant No. 2019YFE0123600).
Author information
Authors and Affiliations
Corresponding author
Additional information
Peng LI is currently working toward the PhD degree in information security with the College of Information Science and Technology, Jinan University, China. His research interests include public key cryptography, information security and blockchain.
Junzuo LAI received the PhD degree in computer science and technology from the Shanghai Jiao Tong University, China in 2010. From August 2008 to April 2013, he was a research fellow in Singapore Management University, Singapore. Currently, he is a professor in the College of Information Science and Technology, Jinan University, China. His research interests include cryptography, information security and blockchain.
Yongdong WU received the BEng and MS degrees from Beihang University, the PhD degree from Institute of Automation, Chinese Academy of Science, China, and Master for Management of Technology from National University of Singapore, Singapore. He is currently a full professor of Jinan University, China. He is the principle investigator of an NSFC key project. His research interests include blockchain, cyber-physical system security, IoT security and information security. He has published more than 100 papers, and 7 patents. His research results and proposals were incorporated in the ISO/IEC JPEG 2000 security standard 15444-8 in 2007. He was the PC co-chair of ISPEC2015 and Inscrypt2020. He received the Best Paper Award of IFIP Conference on Communications and Multimedia Security (CMS) 2012.
Electronic supplementary material
Rights and permissions
About this article
Cite this article
Li, P., Lai, J. & Wu, Y. Accountable attribute-based authentication with fine-grained access control and its application to crowdsourcing. Front. Comput. Sci. 17, 171802 (2023). https://doi.org/10.1007/s11704-021-0593-4
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s11704-021-0593-4