BA2P : Bidirectional and Anonymous Auction Protocol with Dispute-Freeness

Electronic auction is a popular platform to sell goods, task assignment, and resources’ allocation due to reductions of transaction costs and has attracted a huge number of potential buyers. However, it is challenging to address the disputes between the buyer and the auctioneer. The main reason is, on the one hand, solving such problem leverages to the broad domain of research aspects, such as economic theory, engineering, and cryptography, and, on the other hand, it is difficult to arbitrate in a decentralized and anonymous setting. In this work, we consider a more general framework to solve the potential disputes by enforcing bidirectional confirmation and public verification. Hence, the bidding procedure is clear to inspect and potential disputes can be erased. To achieve this goal, we propose policy-driven chameleon hash and revised linkable-and-redactable ring signature as building blocks. We used these two tools to build a bidirectional and anonymous auction protocol called BA 2 P. In our BA 2 P protocol, the bidders can competitively and anonymously place their bids to outbid others. At the end of the auction protocol, everyone can verify the validity of the bidding proof and decide the winner. Thus, dispute-freeness feature is achieved. The analysis suggests that our proposal is provably secure and practically efficient, and it trades some efficiencies with dispute-freeness feature.

Non-interactive zero-knowledge proof scheme from RLWE-based key exchange

Lattice-based non-interactive zero-knowledge proof has been widely used in one-way communication and can be effectively applied to resist quantum attacks. However, lattice-based non-interactive zero-knowledge proof schemes have long faced and paid more attention to some efficiency issues, such as proof size and verification time. In this paper, we propose the non-interactive zero-knowledge proof schemes from RLWE-based key exchange by making use of the Hash function and public-key encryption. We then show how to apply the proposed schemes to achieve the fixed proof size and rapid public verification. Compared with previous approaches, our schemes can realize better effectiveness in proof size and verification time. In addition, the proposed schemes are secure from completeness, soundness, and zero-knowledge.

Publicly Verifiable Outsourcing Computation for QR Decomposition Based on Blockchain

In the Big Data Era, outsourcing computation has become increasingly significant as it supplies computation resources for clients with limited resources. However, there are still many security challenges such as payment fairness, privacy protection, and verification. In this paper, we propose a secure publicly verifiable outsourcing computation scheme for the large-scale matrix QR decomposition. In the proposed scheme, client can pay for outsourcing services through blockchain-based payment system which achieves the payment fairness. Moreover, to protect privacy, both permutation matrix and block diagonal matrix are applied in encryption process. Meanwhile, to achieve the public verification, the computational complexity is reduced by using the matrix digest technology. It is worth mentioning that our scheme is provable and secure under the co-CDH assumption.

Aggregation-Based Tag Deduplication for Cloud Storage with Resistance against Side Channel Attack

Tag deduplication is an emerging technique to eliminate redundancy in cloud storage, which works by signing integrity tags with a content-associated key instead of user-associated secret key. To achieve public auditability in this scenario, the linkage between cloud users and their integrity tags is firstly re-established in current solutions, which provides a potential side channel to malicious third-party auditor to steal the existence privacy of a certain target file. Such kind of attack, which is also possible among classic public auditing schemes, still cannot be well resisted and is now becoming a big obstacle in using this technique. In this paper, we propose a secure aggregation-based tag deduplication scheme (ATDS), which takes the lead to consider resistance against side channel attack during the process of public verification. To deal with this problem, we define a user-associated integrity tag based on the defined content-associated polynomial and devise a Lagrangian interpolation-based aggregation strategy to achieve tag deduplication. With the help of this technique, content-associated public key is able to be utilized instead of a user-associated one to achieve auditing. Once the verification is passed, the TPA is just only able to make sure that the verified data are correctly corresponding to at least a group of users in cloud storage, rather than determining specific owners. The security analysis and experiment results show that the proposed scheme is able to resist side channel attack and is more efficient compared with the state of the art.