Bidder-anonymous English auction protocol based on revocable ring signature

Privacy has become a factor of increasing importance in auction design. This paper introduces an efficient and spontaneous privacy-preserving English auction protocol based on revocable ring signature. The proposed protocol has three appealing characteristic: first, it offers conditional privacy-preservation: while the auctioneer can verify that a bidder is an authorized participant in the system only the collaboration of auctioneer and registration manager can reveal the true identity of a malicious bidder. Second, it is one-time registration: the bidder can take part in plural auctions in one time registration. Third, it is spontaneous: the bidder can bid without interaction with the auctioneer and other bidders. Finally, it is efficient: it saves the communication round complexity comparing with previously proposed solutions.     

一种可公开验证的基于身份的签密方案

签密作为一个新的密码学构件，能够在一个逻辑步骤内同时完成数字签名和公钥加密，减少了计算和通信开销。利用椭圆曲线的双线性对性质，提出了一种基于身份的签密方案，该方案提供了可由任意第三方认证密文，只有指定的接收者才能解密密文的功能，还满足了签密方案所要求的机密性、不可伪造性和不可否定性，经过分析比较，该方案具有很高的安全性和效率。     

无证书的可公开验证聚合签密方案

聚合签密的研究多以基于身份密码体制下提供机密性与认证性,提高验证的效率为目标,存在对证书管理以及密钥托管问题,因此需要设计新的聚合签密算法,在解决证书管理以及密钥托管问题的同时兼顾机密性与高效性。分析了当前主流的聚合签密算法及其发展,利用Zhang等(ZHANG L, ZHANG F T. A new certificateless aggregate signature scheme. Computer Communications, 2009,32(6)：1079-1085)方案,并考虑上述需求,提出了一种新的无证书的聚合签密方案。方案基于双线性Diffie-Hellman(BDH)和计算性Diffie-Hellman(CDH)问题,证明了方案的机密性和不可伪造性。实验结果表明,所提方案在聚合解签密运算量上与其他方案持平或降低;同时,新的方案还满足了可公开验证性,消除了公钥证书的使用,并且解决了基于身份密码体制中的密钥托管问题。     

前向安全和可公开验证的基于身份的签密方案

签密能够在一个合理的逻辑步骤内同时实现数字签名和加密两项功能,因此可以以一个更高效、更节约的方式保证消息秘密而认证的传输。利用双线性对提出了一个基于身份的签密方案,新方案能同时提供前向安全性和公开验证性,并且在随机预言模型下是可证安全的。     

A secure reverse Vickrey auction scheme with bid privacy

In recent years auctions have become more and more important in the field of multi-agent systems as useful mechanisms for resource allocations, task assignments and electronic commerce. In this paper, we concentrate on the use of the reverse Vickrey auction for task assignment scenarios and propose a novel RVP auction protocol as a method to solve problems to bid privacy in reverse Vickrey auctions. A verifiable technique of encryption key chain is used to find the second lowest bid without revealing the losing bid and unnecessary information. Through analysis, it is verified that our new scheme is robust against cheating bidders.     

Practical electronic auction scheme with strong anonymity and bidding privacy

In 2003, Chang and Chang proposed an efficient and anonymous auction protocol with freewheeling bids. They claimed that their scheme could ensure the bidders’ anonymity and secure confidentiality. Later, Jiang et al. pointed out that their scheme could not withstand the man-in-the-middle attacks; during this time, Jiang et al. proposed an improved scheme based on the scheme by Chang and Chang. In 2006, Chang and Chang proposed an anonymous auction scheme that was much more efficient than the abovementioned schemes. However, all of these three schemes were unable to achieve strong anonymity, bidding privacy, and secret bidding prices for sealed-bids. This article proposes a new scheme to resolve the above problems in which two managers and zero knowledge proof are used. The proposed scheme can be widely applied in any sensitive auction (e.g., auctions of cosmetics, medical services, etc.). Moreover, the proposed scheme also satisfies the following requirements: (1) bidding privacy, (2) strong anonymity, (3) secret bidding prices, (4) unforgeability, (5) verifiability, (6) non-repudiation, (7) traceability, (8) one-time registration and (9) easy revocation.     

可公开验证的属性基数据可恢复性证明方案

数据可恢复性证明方案可以有效解决用户将数据存储在不诚实的服务器上时,需要对数据的完整性进行验证的问题。针对目前存在的大部分方案都是使用的基于身份的密码体制的问题,采用更直观灵活的基于属性的密码体制设计了基于属性的数据可恢复性证明方案。给出了方案的相关定义、安全模型和具体的构造,同时证明了方案的正确性和安全性。     

具有前向安全性的可公开验证的签密方案

已有签密方案大多数不能同时提供可公开验证性和前向安全性.针对此问题,基于求解Z.上离散对数问题的困难性和单向hash函数的不可逆性,给出了一个同时具有前向安全性和可公开验证的签密方案.在该方案中验证不需要接收者的私钥,传输中通过将某一参数隐藏在指数位置,使得到发送者私钥的攻击者不可能得到本次及以前通信者的秘密信息.通过这些方法实现了可公开验证性和前向安全性,弥补了大多数已有签密方案不能同时提供可公开验证性和前向安全性的不足,而且在该方案中认证与消息恢复并未分离,但是在公开验证过程中却无须破坏消息的机密性,这使得本方案具有更高的安全性和更广泛的应用性.     

一个可公开验证且前向安全的签密方案

对一个可公开验证的签密方案进行了改进, 提出一个同时具有公开验证性的和前向安全的签密方案。使攻击者不可能通过发送者私钥得到本次及以前通信者的秘密信息,实现了可公开验证性和前向安全性。     

一个可公开验证和前向安全的签密方案

利用双线性对提出一个满足公开验证性和前向安全的基于身份的签密方案,并且能够将签名的验证和消息的恢复分别独立进行,可以应用于为移动设备过滤垃圾信息等移动电子商务场合。在BDH问题是困难的假设下用随机预言模型给出了安全性证明,经过分析比较,该方案具有很高的安全性和效率。     

基于身份的公开验证签密方案

基于双线性对,提出了一个基于身份的签密方案。在计算Diffie-Hellman(CDH)问题困难的假设下,证明了方案在随机预言模型下能够抵抗自适应性选择消息和身份攻击。方案基于身份,不需要证书,从而简化了密钥管理。此外,所提方案不仅可用于公开验证,在不需要泄露接收者私钥的前提下,可由第三方认证密文确实是对应明文的有效签密值。     

Tight chosen ciphertext attack （CCA）-secure hybrid encryption scheme with full public verifiability

In this paper, we propose a new ＂full public verifiability＂ concept for hybrid public-key encryption schemes. We also present a new hybrid public-key encryption scheme that has this feature, which is based on the decisional bilinear Diffie-Hellman assumption. We have proven that the new hybrid public-key encryption scheme is secure against adaptive chosen ciphertext attack in the standard model. The ＂full public verifiability＂ feature means that the new scheme has a shorter ciphertext and reduces the security requirements of the symmetric encryption scheme. Therefore, our new scheme does not need any message authentication code, even when the one-time symmetric encryption scheme is passive attacks secure. Compared with all existing publickey encryption schemes that are secure to the adaptive chosen ciphertext attack, our new scheme has a shorter ciphertext, efficient tight security reduction, and fewer requirements （if the symmetric encryption scheme can resist passive attacks）.     

An efficient incomparable public key encryption scheme

Public keys are closely related to the identity of recipients in public key encryption setting. In privacy-sensitive applications of public key encryption, it is desirable to hide the relation between the public key and the identity of the recipient. The main functional approach in the privacy enhanced public key encryption scheme is to give anonymity of the public keys of recipients. In this case, all the users in the system are potential recipients of every ciphertext. Waters, Felten, and Sahai proposed an incomparable public key encryption scheme which guarantees the anonymity of recipients against both eavesdroppers and senders. In their scheme, all the recipients must complete the same amount of computations to identify the ciphertexts which direct to them. In this paper, we focus on reducing the number of computations for the recipients while preserving the security level of Waters et al.’s scheme. Our method is to separate the decryption process into two steps, first the recipient determines whether a ciphertext is directed to him or her, and only if the direction is correct, the recipient recovers the corresponding plaintext. This improves the efficiency of the system.     

权限可控的公开验证代理签密方案

对Shin等人的可公开验证签密方案和Jung等人的可公开验证代理签密方案进行了密码学分析,研究了它们的机密性和代理权限问题,发现这两个方案中的公开验证过程都是以泄漏消息的机密性为代价的,同时发现Jung等人的方案没有实现代理权限的管理。在此基础上提出对Shin方案改进的一个权限可控的公开验证性代理签密方案,克服了其公开验证过程中的安全漏洞,并对代理权限进行了全面限制。在基于某些密码学假设的前提下,证明了方案的安全性。     

一种抗不诚实第三方攻击的一次性公钥方案

针对现有典型一次性公钥方案无法抵抗不诚实第三方恶意攻击的问题,提出一种可对第三方行为进行双重约束的一次性公钥改进方案。基于该方案,用户和服务提供方可通过第三方发布的身份索引及私钥生成过程中的公开可验证消息对其诚实性进行判断,从而约束第三方的不诚实行为。同时,采用的索引生成算法在一定程度上提高了对恶意用户的追踪效率。     

Solving multiple scenarios in a combinatorial auction

As part of its social policy, the government of Chile provides more than 1.8 million meals daily to public schoolchildren under the authority of Junta Nacional de Auxilio Escolar y Becas (JUNAEB), the state agency responsible for the program, at an annual cost of 360 million dollars. The service is provided by private firms chosen through an annual public auction. In order to capture economies of scale, a combinatorial auction design is implemented, allowing suppliers to bid on different sets of geographical units within the country. The bid evaluation process must solve multiple scenarios of a difficult combinatorial optimization model. To date, more than 2 billion dollars have been awarded under this methodology. In this paper, we describe the 2006 auction process and report that solution times can be significantly improved if the scenarios are solved in an appropriate order and the optimal solution to one scenario is employed as the initial solution of another. Results reflecting these improvements are given for real instances of the 2006 auction.     

基于区块链的密封式投标拍卖方案

随着互联网技术的飞速发展,传统拍卖正逐渐转变为电子拍卖,其中隐私保护越来越受到关注.针对当前电子投标拍卖系统中出现的问题,如竞买人隐私存在被泄露的风险、第三方拍卖中心的费用昂贵、第三方拍卖中心可能与竞买人勾结等,提出一种基于区块链智能合约技术的密封式投标拍卖方案.该方案充分利用区块链的去中心化、防篡改和可信赖性等特征构...     

一种新的基于ECC的电子拍卖协议

利用椭圆曲线离散对数问题的难解性, 给出了基于椭圆曲线密码体制(elliptic curve cryptosystems)的可验证、安全、高效、密封的M 1价位电子拍卖方案.除了满足所有投标者身份匿名、所有投标者的标价保密、所有未中标者的个人信息不会被泄露等安全要求外,还能抗击恶意投标者对正常拍卖进行的破坏.     

一个利用群签名的电子拍卖协议

利用群签名与可验证的秘密共享方案设计了一个新的密封投标的电子拍卖协议。在该协议中,多个拍卖者共同主持拍卖过程,所有的拍卖者通过可验证的秘密共享方案共享一个密钥,这使得投标者在投标时只需要一次加密,其计算量与拍卖者的数量无关;另外,中标者的身份是由群管理者根据中标者对投标消息的签名来确定的,所以一次注册后,投标者可同时参加多个拍卖活动,而不会泄露自己的身份。     

Efficient anonymous auction protocols with freewheeling bids

The need for electronic auction services has been increasing in recent years. Taking security into account, anonymity of online bidders becomes more important than it used to be. However, bidders cannot bid of his/her free will in existing anonymous auction protocols. For real-time applications, time delays are the significant factor taken into account. As a result, the proposed paper presents a simple and efficient method to ensure that the bidders can bid arbitrarily and anonymously.