基于属性访问策略的批量零知识身份认证方案

隐私保护技术主要有属性基加密、同态加密、多方安全计算等，针对属性基加密的访问控制中双线性映射耗时问题、同态加密难以非公开地验证明文计算的结果问题以及多方安全计算需要可信第三方等问题，提出了一种基于属性访问策略的批量零知识身份认证方案。该方案是基于Aurora 协议提出的，具有良好的抗量子攻击计算潜力；所提方案引入合成证明者，其作用是将各个用户生成的证明合成一个证明以减轻证明者和验证者计算开销，且设计了找出未通过认证用户的查找算法。最后对所提方案进行了安全分析、可行性分析并与其他方案进行了对比分析。经过分析该方案中验证者的时间可维持在O（n）。

Batch zero-knowledge identity authentication scheme based on attribute access strategy

Privacy protection technologies mainly include attribute-based encryption, homomorphic encryption, multi-party security computing, etc. Among them, in the access control of attribute-based encryption, bilinear mapping is time-consuming, homomorphic encryption is difficult to verify the results of plaintext computation in a non-public way, and multi-party security computation requires a trusted third party. To solve these problems, this paper proposed a batch zero-knowledge identity authentication scheme based on attribute access strategy. This scheme was based on the Aurora protocol and had good computing potential against quantum attacks. The proposed scheme introduced a synthetic prover, which synthesized the proof generated by each user to a proof, to reduce the computational cost of the prover and the verifier, and designed a search algorithm to find out unauthenticated users. Finally, this paper carried out safety analysis, feasibility analysis, and comparative analysis with other schemes. After analysis, the verification time of this scheme can be maintained in O(n) .