Skip to main content
SpringerLink
Log in

Accountable attribute-based authentication with fine-grained access control and its application to crowdsourcing

  • Research Article
  • Published:
Frontiers of Computer Science Aims and scope Submit manuscript

Abstract

We introduce a new notion called accountable attribute-based authentication with fine-grained access control (AccABA), which achieves (i) fine-grained access control that prevents ineligible users from authenticating; (ii) anonymity such that no one can recognize the identity of a user; (iii) public accountability, i.e., as long as a user authenticates two different messages, the corresponding authentications will be easily identified and linked, and anyone can reveal the user’s identity without any help from a trusted third party. Then, we formalize the security requirements in terms of unforgeability, anonymity, linkability and traceability, and give a generic construction to fulfill these requirements. Based on AccABA, we further present the first attribute-based, fair, anonymous and publicly traceable crowdsourcing scheme on blockchain, which is designed to filter qualified workers to participate in tasks, and ensures the fairness of the competition between workers, and finally balances the tension between anonymity and accountability.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Chaum D, Van Heyst E. Group signatures. In: Proceedings of Workshop on the Theory and Application of Cryptographic Techniques. 1991, 257–265

  2. Liu J K, Yuen T H, Zhou J. Forward secure ring signature without random oracles. In: Proceedings of International Conference on Information and Communications Security. 2011, 1–14

  3. Li J, Au M H, Susilo W, Xie D, Ren K. Attribute-based signature and its applications. In: Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security. 2010, 60–69

  4. Tan S Y, Groß T. Monipoly—an expressive q-SDH-based anonymous attribute-based credential system. In: Proceedings of the 26th International Conference on the Theory and Application of Cryptology and Information Security. 2020, 498–526

  5. Maji H K, Prabhakaran M. Rosulek M. Attribute-based signatures. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2011, 376–392

  6. Nakanishi T, Fujiwara T, Watanabe H. A linkable group signature and its application to secret voting. Transactions of Information Processing Society of Japan, 1999, 40(7): 3085–3096

    MathSciNet  Google Scholar 

  7. Boyen X, Haines T. Forward-secure linkable ring signatures. In: Proceedings of Australasian Conference on Information Security and Privacy. 2018, 245–264

  8. Bootle J, Cerulli A, Chaidos P, Ghadafi E, Groth J, Petit C. Short accountable ring signatures based on DDH. In: Proceedings of the 20th European Symposium on Research in Computer Security. 2015, 243–265

  9. Gu K, Wang K, Yang L. Traceable attribute-based signature. Journal of Information Security and Applications, 2019, 49: 102400

    Article  Google Scholar 

  10. Kaaniche N, Laurent M. Attribute-based signatures for supporting anonymous certification. In: Proceedings of the 21st European Symposium on Research in Computer Security. 2016, 279–300

  11. Teranishi I, Furukawa J, Sako K. K-times anonymous authentication. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security. 2004, 308–322

  12. Wei V K. Tracing-by-linking group signatures. In: Proceedings of the 8th International Conference on Information Security. 2005, 149–163

  13. Au M H, Tsang P P, Susilo W, Mu Y. Dynamic universal accumulators for DDH groups and their application to attribute-based anonymous credential systems. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2009, 295–308

  14. Hébant C, Pointcheval D. Traceable attribute-based anonymous credentials. IACR Cryptology ePrint Archive, 2020, 2020: 657

    Google Scholar 

  15. Camenisch J, Drijvers M, Lehmann A. Universally composable direct anonymous attestation. In: Proceedings of the 19th IACR International Conference on Practice and Theory in Public-Key Cryptography. 2016, 234–264

  16. Derler D, Slamanig D. Highly-efficient fully-anonymous dynamic group signatures. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security. 2018, 551–565

  17. Kuchta V, Sahu R A, Saraswat V, Sharma G, Sharma N, Markowitch O. Anonymous yet traceable strong designated verifier signature. In: Proceedings of the 21st International Conference on Information Security. 2018, 403–421

  18. Hwang J Y, Chen L, Cho H S, Nyang D. Short dynamic group signature scheme supporting controllable linkability. IEEE Transactions on Information Forensics and Security, 2015, 10(6): 1109–1124

    Article  Google Scholar 

  19. Zheng H, Wu Q, Guan Z, Qin B, He S, Liu J. Achieving liability in anonymous communication: auditing and tracing. Computer Communications, 2019, 145: 1–13

    Article  Google Scholar 

  20. Zheng H, Wu Q, Qin B, Zhong L, He S, Liu J. Linkable group signature for auditing anonymous communication. In: Proceedings of the 23rd Australasian Conference on Information Security and Privacy. 2018, 304–321

  21. Fujisaki E. Sub-linear size traceable ring signatures without random oracles. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2011, 393–415

  22. Au M H, Liu J K, Susilo W, Yuen T H. Secure ID-based linkable and revocable-iff-linked ring signature with constant-size construction. Theoretical Computer Science, 2013, 469: 1–14

    Article  MathSciNet  Google Scholar 

  23. El Kaafarani A, Chen L, Ghadafi E, Davenport J. Attribute-based signatures with user-controlled linkability. In: Proceedings of the 13th International Conference on Cryptology and Network Security. 2014, 256–269

  24. El Kaafarani A, Ghadafi E. Attribute-based signatures with user-controlled linkability without random oracles. In: Proceedings of the 16th IMA International Conference on Cryptography and Coding. 2017, 161–184

  25. Urquidi M, Khader D, Lancrenon J, Chen L. Attribute-based signatures with controllable linkability. In: Proceedings of the 17th International Conference on Trusted Systems. 2015, 114–129

  26. Ghadafi E. Stronger security notions for decentralized traceable attribute-based signatures and more efficient constructions. In: Proceedings of Cryptographer’s Track at the RSA Conference. 2015, 391–409

  27. Bemmann K, Blömer J, Bobolz J, Bröcher H, Diemert D, Eidens F, Eilers L, Haltermann J, Juhnke J, Otour B, Porzenheim L, Pukrop S, Schilling E, Schlichtig M, Stienemeier M. Fully-featured anonymous credentials with reputation system. In: Proceedings of the 13th International Conference on Availability, Reliability and Security. 2018, 42

  28. Rivest R L, Shamir A, Tauman Y. How to leak a secret. In: Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security. 2001, 552–565

  29. Chaum D. Blind signatures for untraceable payments. In: Proceedings of Advances in Cryptology. 1983, 199–203

  30. Camenisch J, Lysyanskaya A. An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Proceedings of International Conference on the Theory and Application of Cryptographic Techniques. 2001, 93–118

  31. Bellare M, Fuchsbauer G. Policy-based signatures. In: Proceedings of the 17th International Conference on Practice and Theory in Public-Key Cryptography. 2014, 520–537

  32. Samelin K, Slamanig D. Policy-based sanitizable signatures. In: Proceedings of Cryptographers’ Track at the RSA Conference. 2020, 538–563

  33. Okamoto T, Takashima K. Decentralized attribute-based signatures. In: Proceedings of the 16th International Conference on Practice and Theory in Public-Key Cryptography. 2013, 125–142

  34. Tang F, Li H, Liang B. Attribute-based signatures for circuits from multilinear maps. In: Proceedings of the 17th International Conference on Information Security. 2014, 54–71

  35. Sakai Y, Attrapadung N, Hanaoka G. Practical attribute-based signature schemes for circuits from bilinear map. IET Information Security, 2018, 12(3): 184–193

    Article  Google Scholar 

  36. Camenisch J, Drijvers M, Dzurenda P, Hajny J. Fast keyed-verification anonymous credentials on standard smart cards. In: Proceedings of the 34th IFIP TC 11 International Conference on ICT Systems Security and Privacy Protection. 2019, 286–298

  37. Garman C, Green M, Miers I. Decentralized anonymous credentials. In: Proceedings of the 21st Annual Network and Distributed System Security Symposium. 2014, 1–15

  38. Blömer J, Bobolz J. Delegatable attribute-based anonymous credentials from dynamically malleable signatures. In: Proceedings of the 16th International Conference on Applied Cryptography and Network Security. 2018, 221–239

  39. Blömer J, Bobolz J, Diemert D, Eidens F. Updatable anonymous credentials and applications to incentive systems. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 2019, 1671–1685

  40. Ding S, Zhao Y, Liu Y. Efficient traceable attribute-based signature. In: Proceedings of the 13th IEEE International Conference on Trust, Security and Privacy in Computing and Communications. 2014, 582–589

  41. Krenn S, Samelin K, Striecks C. Practical group-signatures with privacy-friendly openings. In: Proceedings of the 14th International Conference on Availability, Reliability and Security. 2019, 10

  42. Zhang X, Liu J K, Steinfeld R, Kuchta V, Yu J. Revocable and linkable ring signature. In: Proceedings of the 15th International Conference on Information Security and Cryptology. 2019, 3–27

  43. Au M H, Susilo W, Yiu S M. Event-oriented k-times revocable-ifflinked group signatures. In: Proceedings of the 11th Australasian Conference on Information Security and Privacy. 2006, 223–234

  44. Au M H, Liu J K, Susilo W, Yuen T H. Constant-size id-based linkable and revocable-iff-linked ring signature. In: Proceedings of the 7th International Conference on Cryptology in India. 2006, 364–378

  45. Fujisaki E, Suzuki K. Traceable ring signature. In: Proceedings of the 10th International Conference on Practice and Theory in Public-Key Cryptography. 2007, 181–200

  46. Bethencourt J, Sahai A, Waters B. Ciphertext-policy attribute-based encryption. In: Proceedings of IEEE Symposium on Security and Privacy. 2007, 321–334

  47. Waters B. Ciphertext-policy attribute-based encryption: An expressive, efficient, and provably secure realization. In: Proceedings of the 14th International Conference on Practice and Theory in Public Key Cryptography. 2011, 53–70

  48. Ganesh C, Orlandi C, Tschudi D. Proof-of-stake protocols for privacy-aware blockchains. In: Proceedings of the 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2019, 690–719

  49. Bellare M, Poettering B, Stebila D. Deterring certificate subversion: efficient double-authentication-preventing signatures. In: Proceedings of the 20th IACR International Conference on Practice and Theory in Public-Key Cryptography. 2017, 121–151

  50. Müller S K N, Tekin C, Van Der Schaar M, Klein A. Context-aware hierarchical online learning for performance maximization in mobile crowdsourcing. IEEE/ACM Transactions on Networking, 2018, 26(3): 1334–1347

    Article  Google Scholar 

  51. Li M, Weng J, Yang A, Lu W, Zhang Y, Hou L, Liu J N, Xiang Y, Deng R H. CrowdBC: a blockchain-based decentralized framework for crowdsourcing. IEEE Transactions on Parallel and Distributed Systems, 2019, 30(6): 1251–1266

    Article  Google Scholar 

  52. Lu Y, Tang Q, Wang G. ZebraLancer: private and anonymous crowdsourcing system atop open blockchain. In: Proceedings of the 38th IEEE International Conference on Distributed Computing Systems. 2018, 853–865

  53. Feng W, Yan Z. MCS-Chain: decentralized and trustworthy mobile crowdsourcing based on blockchain. Future Generation Computer Systems, 2019, 95: 649–666

    Article  Google Scholar 

  54. Chen J, Chen J, He K, Du R. SeCrowd: efficient secure interactive crowdsourcing via permission-based signatures. Future Generation Computer Systems, 2021, 115: 448–458

    Article  Google Scholar 

  55. Yang D, Xue G, Fang X, Tang J. Incentive mechanisms for crowdsensing: crowdsourcing with smartphones. IEEE/ACM Transactions on Networking, 2016, 24(3): 1732–1744

    Article  Google Scholar 

  56. Yan T, Marzilli M, Holmes R, Ganesan D, Corner M. mCrowd: a platform for mobile crowdsourcing. In: Proceedings of the 7th ACM Conference on Embedded Networked Sensor Systems. 2009, 347–348

  57. Zhao D, Li X Y, Ma H. Budget-feasible online incentive mechanisms for crowdsourcing tasks truthfully. IEEE/ACM Transactions on Networking, 2016, 24(2): 647–661

    Article  Google Scholar 

  58. Shu J, Liu X, Jia X, Yang K, Deng R H. Anonymous privacy-preserving task matching in crowdsourcing. IEEE Internet of Things Journal, 2018, 5(4): 3068–3078

    Article  Google Scholar 

  59. Yang M, Zhu T, Liang K, Zhou W, Deng R H. A blockchain-based location privacy-preserving crowdsensing system. Future Generation Computer Systems, 2019, 94: 408–418

    Article  Google Scholar 

  60. Wu Y, Tang S, Zhao B, Peng Z. BPTM: blockchain-based privacy-preserving task matching in crowdsourcing. IEEE Access, 2019, 7: 45605–45617

    Article  Google Scholar 

  61. Chatzopoulos D, Gujar S, Faltings B, Hui P. Privacy preserving and cost optimal mobile crowdsensing using smart contracts on blockchain. In: Proceedings of the 15th IEEE International Conference on Mobile Ad Hoc and Sensor Systems. 2018, 442–450

  62. Zhao K, Tang S, Zhao B, Wu Y. Dynamic and privacy-preserving reputation management for blockchain-based mobile crowdsensing. IEEE Access, 2019, 7: 74694–74710

    Article  Google Scholar 

  63. An B, Xiao M, Liu A, Gao G, Zhao H. Truthful crowdsensed data trading based on reverse auction and blockchain. In: Proceedings of the 24th International Conference on Database Systems for Advanced Applications. 2019, 292–309

  64. Li Q, Cao G. Providing efficient privacy-aware incentives for mobile sensing. In: Proceedings of the 34th IEEE International Conference on Distributed Computing Systems. 2014, 208–217

  65. Rahaman S, Cheng L, Yao D D, Li H, Park J M J. Provably secure anonymous-yet-accountable crowdsensing with scalable sublinear revocation. Proceedings on Privacy Enhancing Technologies, 2017, 2017(4): 384–403

    Article  Google Scholar 

  66. Emura K, Miyaji A, Omote K. Adaptive secure-channel free public-key encryption with keyword search implies timed release encryption. In: Proceedings of the 14th International Conference on Information Security. 2011, 102–118

Download references

Acknowledgements

This work was supported by the National Natural Science Foundation of China (Grant Nos. U2001205, 61922036, 61932011), Guangdong Basic and Applied Basic Research Foundation (Grant Nos. 2019B030302008, 2019B1515120010), Science and Technology Project of Guangzhou City (Grant No. 201707010320), TESTBED2 (Grant No. H2020-MSCA-RISE-2019), and National Key Research and Development Program of China (Grant No. 2019YFE0123600).

Author information

Authors and Affiliations

  1. College of Information Science and Technology, Jinan University, Guangzhou, 510632, China

    Peng Li, Junzuo Lai & Yongdong Wu

Authors
  1. Peng Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Junzuo Lai
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yongdong Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Junzuo Lai.

Additional information

Peng LI is currently working toward the PhD degree in information security with the College of Information Science and Technology, Jinan University, China. His research interests include public key cryptography, information security and blockchain.

Junzuo LAI received the PhD degree in computer science and technology from the Shanghai Jiao Tong University, China in 2010. From August 2008 to April 2013, he was a research fellow in Singapore Management University, Singapore. Currently, he is a professor in the College of Information Science and Technology, Jinan University, China. His research interests include cryptography, information security and blockchain.

Yongdong WU received the BEng and MS degrees from Beihang University, the PhD degree from Institute of Automation, Chinese Academy of Science, China, and Master for Management of Technology from National University of Singapore, Singapore. He is currently a full professor of Jinan University, China. He is the principle investigator of an NSFC key project. His research interests include blockchain, cyber-physical system security, IoT security and information security. He has published more than 100 papers, and 7 patents. His research results and proposals were incorporated in the ISO/IEC JPEG 2000 security standard 15444-8 in 2007. He was the PC co-chair of ISPEC2015 and Inscrypt2020. He received the Best Paper Award of IFIP Conference on Communications and Multimedia Security (CMS) 2012.

Electronic supplementary material

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Li, P., Lai, J. & Wu, Y. Accountable attribute-based authentication with fine-grained access control and its application to crowdsourcing. Front. Comput. Sci. 17, 171802 (2023). https://doi.org/10.1007/s11704-021-0593-4

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11704-021-0593-4

Keywords

Search

Navigation