An Electronic Auction Scheme Based on Group Signatures and Partially Blind Signatures

AbstractA new electronic auction scheme is proposed based on group signatures and partially blind signatures. At the same security strengthen, an optimization was done on the processes of electronic auction scheme and the dependence on trusted third party was reduced, moreover, multiple goods is auctioned at the same time, therefore, this scheme suited to large-scale electronic auction. Furthermore, due to application of vickrey auctions, the principle of optimal allocation of goods is easily satisfied

Provably Secure Convertible Undeniable Signatures with Unambiguity

This paper shows some efficient and provably-secure convertible undeniable signature schemes (with both selective conversion and all conversion), in the standard model and discrete logarithm setting. They further satisfy unambiguity, which is traditionally required for anonymous signatures. Briefly, unambiguity means that it is hard to generate a (message, signature) pair which is valid for two {\em different} public-keys. In other words, our schemes can be viewed as anonymous signature schemes as well as convertible undeniable signature schemes. Besides other applications, we show that such schemes are very suitable for anonymous auction

A survey on group signature schemes

Group Signature, extension of digital signature, allows members of a group to sign messages on behalf of the group, such that the resulting signature does not reveal the identity of the signer. Any client can verify the authenticity of the document by using the public key parameters of the group. In case of dispute, only a designated group manager, because of his special property, is able to open signatures, and thus reveal the signer’s identity. Its applications are widespread, especially in e-commerce such as e-cash, e-voting and e-auction. This thesis incorporates the detailed study of various group signature schemes, their cryptographic concepts and the main contributions in this field. We implemented a popular group signature scheme based upon elliptic curve cryptosystems. Moreover, the group signature is dynamic i.e. remains valid, if some members leave the group or some new members join the group. Full traceability feature is also included in the implemented scheme. For enhanced security the the scheme implements distributed roles of the group manager. We also analysed various security features, formal models, challenges and cryptanalysis of some significant contributions in this area

Secure Sealed-Bid Online Auctions Using Discreet Cryptographic Proofs

Abstract This work describes the design and implementation of an auction system using secure multiparty computation techniques. Our aim is to produce a system that is practical under actual field constraints on computation, memory, and communication. The underlying protocol is privacy-preserving, that is, the winning bid is determined without information about the losing bids leaking to either the auctioneer or other bidders. Practical implementation of the protocol is feasible using circuit-based cryptographic proofs along with additively homomorphic bit commitment. Moreover, we propose the development of a Proof Certificate standard. These certificates convey sufficient information to recreate the cryptographic proofs and verify them offline

Group signature Scheme resistant against Colluding Attack

Group signature is an extension of digital signature, which allows a group member to sign anonymously a document on behalf of the group. Any client can verify the authenticity of the document by using the public parameters of the group. The identity of the group member cannot be revealed from the group signature. In case of a legal dispute, an authorized group member can disclose the identity of the group member from the signed document. Group signature can have wide application to corporate world, banks, and e-commerce applications. In this thesis, we designed a group signature protocol based upon hard computational assumptions such as, Discrete Logarithm Problem (DLP), Integer Factorization Problem (IFP), and Computational Diffie Hellmann (CDH) problem. The proposed scheme is proved to be resistant against colluding attack. Moreover, the group signature remains valid, if some members leave the group or some new members join the group. Full traceability feature is confirmed in the proposed scheme. The scheme can have wide applications in real life scenarios such as e-banking, e-voting, and e-commerce applications

Blockchain-Coordinated Frameworks for Scalable and Secure Supply Chain Networks

Supply chains have progressed through time from being limited to a few regional traders to becoming complicated business networks. As a result, supply chain management systems now rely significantly on the digital revolution for the privacy and security of data. Due to key qualities of blockchain, such as transparency, immutability and decentralization, it has recently gained a lot of interest as a way to solve security, privacy and scalability problems in supply chains. However conventional blockchains are not appropriate for supply chain ecosystems because they are computationally costly, have a limited potential to scale and fail to provide trust. Consequently, due to limitations with a lack of trust and coordination, supply chains tend to fail to foster trust among the network’s participants. Assuring data privacy in a supply chain ecosystem is another challenge. If information is being shared with a large number of participants without establishing data privacy, access control risks arise in the network. Protecting data privacy is a concern when sending corporate data, including locations, manufacturing supplies and demand information. The third challenge in supply chain management is scalability, which continues to be a significant barrier to adoption. As the amount of transactions in a supply chain tends to increase along with the number of nodes in a network. So scalability is essential for blockchain adoption in supply chain networks. This thesis seeks to address the challenges of privacy, scalability and trust by providing frameworks for how to effectively combine blockchains with supply chains. This thesis makes four novel contributions. It first develops a blockchain-based framework with Attribute-Based Access Control (ABAC) model to assure data privacy by adopting a distributed framework to enable fine grained, dynamic access control management for supply chain management. To solve the data privacy challenge, AccessChain is developed. This proposed AccessChain model has two types of ledgers in the system: local and global. Local ledgers are used to store business contracts between stakeholders and the ABAC model management, whereas the global ledger is used to record transaction data. AccessChain can enable decentralized, fine-grained and dynamic access control management in SCM when combined with the ABAC model and blockchain technology (BCT). The framework enables a systematic approach that advantages the supply chain, and the experiments yield convincing results. Furthermore, the results of performance monitoring shows that AccessChain’s response time with four local ledgers is acceptable, and therefore it provides significantly greater scalability. Next, a framework for reducing the bullwhip effect (BWE) in SCM is proposed. The framework also focuses on combining data visibility with trust. BWE is first observed in SC and then a blockchain architecture design is used to minimize it. Full sharing of demand data has been shown to help improve the robustness of overall performance in a multiechelon SC environment, especially for BWE mitigation and cumulative cost reduction. It is observed that when it comes to providing access to data, information sharing using a blockchain has some obvious benefits in a supply chain. Furthermore, when data sharing is distributed, parties in the supply chain will have fair access to other parties’ data, even though they are farther downstream. Sharing customer demand is important in a supply chain to enhance decision-making, reduce costs and promote the final end product. This work also explores the ability of BCT as a solution in a distributed ledger approach to create a trust-enhanced environment where trust is established so that stakeholders can share their information effectively. To provide visibility and coordination along with a blockchain consensus process, a new consensus algorithm, namely Reputation-based proof-of cooperation (RPoC), is proposed for blockchain-based SCM, which does not involve validators to solve any mathematical puzzle before storing a new block. The RPoC algorithm is an efficient and scalable consensus algorithm that selects the consensus node dynamically and permits a large number of nodes to participate in the consensus process. The algorithm decreases the workload on individual nodes while increasing consensus performance by allocating the transaction verification process to specific nodes. Through extensive theoretical analyses and experimentation, the suitability of the proposed algorithm is well grounded in terms of scalability and efficiency. The thesis concludes with a blockchain-enabled framework that addresses the issue of preserving privacy and security for an open-bid auction system. This work implements a bid management system in a private BC environment to provide a secure bidding scheme. The novelty of this framework derives from an enhanced approach for integrating BC structures by replacing the original chain structure with a tree structure. Throughout the online world, user privacy is a primary concern, because the electronic environment enables the collection of personal data. Hence a suitable cryptographic protocol for an open-bid auction atop BC is proposed. Here the primary aim is to achieve security and privacy with greater efficiency, which largely depends on the effectiveness of the encryption algorithms used by BC. Essentially this work considers Elliptic Curve Cryptography (ECC) and a dynamic cryptographic accumulator encryption algorithm to enhance security between auctioneer and bidder. The proposed e-bidding scheme and the findings from this study should foster the further growth of BC strategies

Architecture for privacy-preserving brokerage of analytics using Multi Party Computation, Self Sovereign Identity and Blockchain

In our increasingly digitized world, the value of data is clear and proved, and many solutions and businesses have been developed to harness it. In particular, personal data (such as health-related data) is highly valuable, but it is also sensitive and could harm the owners if misused. In this context, data marketplaces could enhance the circulation of data and enable new businesses and solutions. However, in the case of personal data, marketplaces would necessarily have to comply with existing regulations, and they would also need to make users privacy protection a priority. In particular, privacy protection has been only partially accomplished by existing datamarkets, as they themselves can gather information about the individuals connected with the datasets they handle. In this thesis is presented an architecture proposal for KRAKEN, a new datamarket that provides privacy guarantees at every step in the data exchange and analytics pipeline. This is accomplished through the use of multi-party computation, blockchain and self-sovereign identity technologies. In addition to that, the thesis presents also a privacy analysis of the entire system. The analysis indicated that KRAKEN is safe from possible data disclosures to the buyers. On the other hand, some potential threats regarding the disclosure of data to the datamarket itself were identified, although posing a low-priority risk, given their rare chance of occurrence. Moreover the author of this thesis elaborated remarks on the decentralisation of the architecture and possible improvements to increase the security. These improvements are accompanied by the solutions identified in the paper that proposes the adoption of a trust measure for the MPC nodes. The work on the paper and the thesis contributed to the personal growth of the author, specifically improving his knowledge of cryptography by learning new schemes such as group signatures, zero knowledge proof of knowledge and multi-party computation. He improved his skills in writing academic papers and in working in a team of researchers leading a research area