基于离散对数的VES改进及在公平交换协议中的应用

网络上常会有这样的需求,证实者(Prover)需要向验证者(Verifier)证实自己知道信息m,但又不能把m暴露给Verifier。可验证加密方案(VES,verifiableencryptionscheme)就是一种满足这样要求的特殊公钥加密方案。该方案中的Prover通过生成一个证据Cert,使Verifier通过验证就可以确定Prover是否拥有。文献犤1犦～犤3犦都提出了一些有效的VES方案,但是它们都潜在地假设Prover是诚实可信任的,这对冒名Prover攻击是脆弱的。文章提出了基于离散对数VES方案的一个改进方法,克服了这个缺点。新方案在生成Cert时多使用一个公开信息Y,是由可信任第三方(TTP)的一个公钥加密m得到的密文。这样,由于生成Cert同时需要m和Y,它们的不一致就会导致验证的失败,因而改进VES可以避免冒名Prover攻击。作为VES的一个应用,还提出了基于VES的公平交换协议,该协议与普通的公平交换协议相比具有形式简单,易于实现,不需要TTP直接参与等优点。

The Betterment and Application in Fair Exchange of VES Based on Discrete Logarithm

In some case,Prover must prove to Verifier that he knows the message m without disclosing the m to the Verifier.VES(verifiable encryption scheme )is a special public -key system satisfying this request.In this scheme ,the Prover needs to construct a certificate Cert.And the Verifier may judge whether the Prover knows the message m by verifying the Cert.In the reference of the paper,some efficient VES schemes are proposed,but all of them are potentially based on the hypothesis that the Prover is truthful.So it is weak for attack of personating the Prover.In the paper,a betterment is added to the VES based on discrete logarithm to get rid of the disadvantage.In the new scheme ,the Prover extra need an open Y message to construct Cert,and the Y is a ciphertext of m.Because the construction of Cert need m and Y,and their consistent makes the successful verification.So the new VES can avoid the attack of personating the Prover.As a application of VES,a new fair exchange protocol based on VES is proposed in this paper.Comparing with the accustomed fair exchange protocol,the implementation of the new one is easy,and need not the TTP directly.