Conference:IEEE Transactions on Dependable and Secure Computing
CCF level:CCF A
Categories:网络与信息安全
Year:2025
23
Title:
Blockchain-Assisted Revocable Cross-Domain Authentication for Vehicular Ad-Hoc Networks
基于区块链的可撤销跨域认证方案,适用于车载自组织网络
Authors:****
Ru Li, Key Laboratory of Intelligent Computing and Signal Processing of Ministry of Education, School of Computer Science and Technology, Anhui University, Hefei, China
Jie Cui, Key Laboratory of Intelligent Computing and Signal Processing of Ministry of Education, School of Computer Science and Technology, Anhui University, Hefei, China
Jing Zhang, Key Laboratory of Intelligent Computing and Signal Processing of Ministry of Education, School of Computer Science and Technology, Anhui University, Hefei, China
Lu Wei, Key Laboratory of Intelligent Computing and Signal Processing of Ministry of Education, School of Computer Science and Technology, Anhui University, Hefei, China
Hong Zhong, Key Laboratory of Intelligent Computing and Signal Processing of Ministry of Education, School of Computer Science and Technology, Anhui University, Hefei, China
Debiao He, School of Cyber Science and Engineering, Wuhan University, Wuhan, China
Key words:
Authentication, Blockchains, Security, Privacy, Vehicular Ad Hoc Networks, Real Time Systems, Servers, Public Key, Polynomials, Licenses, VANE Ts, Cross Domain Authentication,
身份验证、区块链、安全、隐私、车载自组织网络、实时系统、服务器、公钥、多项式、许可证、VANET、跨域身份验证
Abstract:****
With the rapid development of vehicular ad-hoc networks (VANETs) and the increasing diversification of user demands, interactions between different management domains have become more frequent. Identity authentication is an effective way to establish cross-domain trust and secure communication. However, the existing cross-domain authentication schemes of VANETs are limited to the same management or authentication technology for each domain and rely on centralized cross-domain identity management. Even distributed management solutions encounter latency sensitivity, security and privacy challenges. To address these challenges, we propose a blockchain-assisted revocable cross-domain authentication scheme for VANETs. The proposed scheme can establish trust between domain entities by deploying different authentication methods and using distributed management to avoid single-point failures. In addition, the scheme can revoke the identity of malicious vehicles by updating the group public key, thereby ensuring the security and privacy of cross-domain Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) communication. This design avoids the additional impacts of blockchain technology constraints on the high mobility and real-time requirements of VANETs. Security analysis and performance evaluation show that our scheme can resist more attacks and has better security than other related schemes while also achieving a better balance between communication and computational cost.
随着车载自组织网络(VANETs)的快速发展和用户需求的日益多样化,不同管理域之间的交互变得更加频繁。身份认证是建立跨域信任和保障安全通信的有效途径。然而,现有的VANETs跨域认证方案仅限于每个域使用相同的管理或认证技术,并且依赖于集中式的跨域身份管理。即使是分布式管理方案也面临着延迟敏感性、安全性和隐私性等挑战。为了解决这些挑战,我们提出了一种基于区块链的可撤销VANETs跨域认证方案。该方案通过部署不同的认证方法并采用分布式管理来建立域实体之间的信任,从而避免单点故障。此外,该方案可以通过更新组公钥来撤销恶意车辆的身份,从而确保跨域车车通信(V2V)和车路通信(V2I)的安全性和隐私性。这种设计避免了区块链技术限制对VANETs高移动性和实时性要求的额外影响。安全分析和性能评估表明,我们的方案能够抵御更多攻击,并且比其他相关方案具有更好的安全性,同时在通信和计算成本之间实现了更好的平衡。
Pdf下载链接:
https://www.computer.org/csdl/journal/tq/2025/05/10919182/251y4rmsL8Q
24
Title:
Redactable Blockchain Supporting Rewriting Authorization Without Trapdoor Exposure
支持可编辑的区块链,允许在不暴露后门的情况下进行重写授权
Authors:****
Wei Wang, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China
Junke Duan, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China
Licheng Wang, School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China
Haipeng Peng, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China
Liehuang Zhu, School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China
Lixiang Li, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing, China
Key words:
Blockchains, Authorization, Encryption, Cryptography, Public Key, Gold, Law, Polynomials, Buildings, Training, Redactable Blockchain, Chameleon Hash, Decentralization, Fine Grained Control
区块链、授权、加密、密码学、公钥、黄金、法律、多项式、建筑、培训、可编辑区块链、变色龙哈希、去中心化、细粒度控制
Abstract:****
Blockchain technology, known for its decentralization and immutability, has been widely applied across various domains. However, this immutability reveals limitations in adapting to rapidly changing legal environments and preventing malicious misuse. To introduce a degree of flexibility, various transaction-level redactable blockchain solutions have been proposed. Yet, current schemes grant modifiers redaction privileges by providing access to the trapdoor, potentially posing risks of malicious dissemination and abuse of the trapdoor. In this article, we first propose an RSA-based threshold chameleon hash (TCH) construction, allowing the distribution of the trapdoor among a group of authorities. Building on TCH, we develop a threshold policy-based chameleon hash (TPCH). Compared to the Policy-Based Chameleon Hash (PCH) proposed by Derler at NDSS'19, our TPCH supports authorization without exposing the trapdoor. Furthermore, leveraging TPCH, we introduce a novel transaction-level redactable blockchain (TPRB). TPRB supports decentralized authorization without trapdoor exposure and fine-grained rewriting control. Finally, through implementation and evaluation, we demonstrate the practicality and efficiency of our TCH and TPCH schemes.
区块链技术以其去中心化和不可篡改性而闻名,并已广泛应用于各个领域。然而,这种不可篡改性也暴露出其在适应快速变化的法律环境和防止恶意滥用方面的局限性。为了引入一定的灵活性,人们提出了各种交易级可编辑区块链解决方案。然而,目前的方案通过提供陷门访问权限来赋予修改者编辑权限,这可能带来恶意传播和滥用陷门的风险。在本文中,我们首先提出了一种基于 RSA 的阈值变色龙哈希 (TCH) 构造,允许在多个权威机构之间分发陷门。基于 TCH,我们开发了一种基于阈值策略的变色龙哈希 (TPCH)。与 Derler 在 NDSS'19 上提出的基于策略的变色龙哈希 (PCH) 相比,我们的 TPCH 无需暴露陷门即可支持授权。此外,我们利用 TPCH 引入了一种新型的交易级可编辑区块链 (TPRB)。TPRB 支持无需暴露陷门的去中心化授权和细粒度的重写控制。最后,通过实现和评估,我们证明了我们的 TCH 和 TPCH 方案的实用性和效率。
Pdf下载链接:
https://www.computer.org/csdl/journal/tq/2025/05/10948349/25BYWkpQkYU
25
Title:
Traceability and Identity Protection in Smart Agricultural IoT System Framework Based on Blockchains
基于区块链的智能农业物联网系统框架中的可追溯性和身份保护
Authors:****
Mingyue Xie, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China
Jun Liu, School of Software Engineering, Chongqing University of Posts and Telecommunications, Chongqing, China
Shuyu Chen, School of Big Data and Software Engineering, Chongqing University, Chongqing, China
Mingwei Lin, College of Computer and Cyber Security, Fujian Normal University, Fuzhou, China
Guangxia Xu, Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, China
Zeshui Xu, Business School, Sichuan University, Chengdu, China
Zheng Chang, School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu, China
Key words:
Blockchains, Encryption, Cryptography, Agriculture Internet Of Things, Security, Protection, Data Privacy, Data Communication, Elliptic Curve Cryptography
区块链、加密、密码学、农业物联网、安全、保护、数据隐私、数据通信、椭圆曲线密码学
Abstract:****
Blockchain-based IoT applications in agriculture have drawn extensive attention in recent years, allowing the implementation of smart agriculture solutions. By transmitting collected relevant data to a control center through the blockchain, corresponding regulation can be realized in agricultural production management systems. However, existing efforts for directly adopting the technique to data transmission are obstructed by several issues. The traceability of agricultural data stored in the blockchain leads to the exposure of the identity of the data collecting devices. And the tracing difficulty of completely invisible data for identity protection also exists in the smart agricultural system. To tackle these limitations, we propose a novel blockchain-based smart agricultural IoT system framework for regulating the agricultural production environment through trusted data. First, the elliptic curve integrated encryption scheme (ECIES) and the group signature scheme are integrated to guarantee the traceability and identity protection of the data and equipment, respectively. Then, to enhance the security of session key transmission in the ECIES scheme, we further design an on-chain-off-chain key agreement protocol (ECIES-OOKA). In addition, we propose a novel group manager selection method based on probabilistic linguistic term sets (PLTSs) for the group signature implementation. Finally, a practical example is provided to demonstrate the group manager selection process and verify the feasibility of the proposed method. The security and performance analysis for the system framework are also presented.
近年来,基于区块链的农业物联网应用受到了广泛关注,为智能农业解决方案的实施提供了可能。通过区块链将收集到的相关数据传输到控制中心,可以在农业生产管理系统中实现相应的调控。然而,目前直接将该技术应用于数据传输的尝试面临诸多挑战。存储在区块链上的农业数据的可追溯性会导致数据采集设备身份的暴露。此外,在智能农业系统中,为了保护身份而对数据进行完全匿名化处理也会带来数据追踪困难的问题。为了解决这些局限性,我们提出了一种新型的基于区块链的智能农业物联网系统框架,旨在通过可信数据对农业生产环境进行调控。首先,我们将椭圆曲线集成加密方案(ECIES)和群签名方案相结合,分别保证数据和设备的可追溯性和身份保护。其次,为了增强ECIES方案中会话密钥传输的安全性,我们进一步设计了一种链上链下密钥协商协议(ECIES-OOKA)。此外,我们提出了一种基于概率语言术语集(PLTS)的群管理器选择方法,用于实现群签名。最后,我们提供了一个实际示例来演示群管理器选择过程,并验证所提方法的有效性。同时,我们还对系统框架的安全性进行了分析。
Pdf下载链接:
https://www.computer.org/csdl/journal/tq/2025/05/10979808/26j8mpKSXmM
26
Title:
TERCT: A Traceable and Editable Ring Confidential Transaction for Blockchain
TERCT:一种可追溯且可编辑的区块链环形保密交易方案
Authors:****
Jiguo Li, College of Computer and Cyber Security, Fujian Normal University, Fuzhou, China
Ninghai Xie, College of Computer and Cyber Security, Fujian Normal University, Fuzhou, China
Yichen Zhang, College of Computer and Cyber Security, Fujian Normal University, Fuzhou, China
Huaqun Wang, College of Computer, Nanjing University of Posts and Telecommunications, Nanjing, China
Key words:
Blockchains, Protocols, Bitcoin, Regulation, Monitoring, Training, Smart Contracts, Regulators, Privacy, Organizations, Redactable Blockchain, Cryptocurrency, Anonymity,
区块链、协议、比特币、监管、监控、培训、智能合约、监管机构、隐私、组织、可编辑区块链、加密货币、匿名性
Abstract:****
Anonymous cryptocurrency, as a distributed application utilizing blockchain technology, aims to enhance the level of anonymity in user transactions, but it may also be used for illegal activities. Existing anonymous transaction protocols lack effective public verification of transaction traceability, which means that malicious users have the ability to avoid being tracked by creating counterfeit incomplete evidence. In addition, there is a conflict between the immutability of blockchain and privacy regulations such as General Data Protection Regulation (GDPR), and revision of on-chain data is urgently needed. In order to solve above issues, we propose a trackable and editable anonymous transaction protocol TERCT, which is used to trace the addresses and transaction amounts of participants in anonymous transactions and enable editability of transaction content. Compared with previous work, TERCT enables the editability of transaction content while maintaining anonymity and publicly verifiable traceability of transactions. This ensures that users not only can edit user-generated transaction content but also cannot fabricate pertinent evidence to evade tracing. We prove the proposed TERCT protocol satisfies unforgeability, balance, anonymity and traceability. We compare its effectiveness with the original RingCT protocol, Wolverine scheme and Trct scheme by experiments. The results show that TERCT has less additional computational overhead.
匿名加密货币作为一种利用区块链技术的分布式应用,旨在提高用户交易的匿名性,但它也可能被用于非法活动。现有的匿名交易协议缺乏有效的交易可追溯性公共验证机制,这意味着恶意用户可以通过伪造不完整的证据来逃避追踪。此外,区块链的不可篡改性与《通用数据保护条例》(GDPR)等隐私法规存在冲突,因此迫切需要对链上数据进行修改。为了解决上述问题,我们提出了一种可追溯且可编辑的匿名交易协议 TERCT,用于追踪匿名交易参与者的地址和交易金额,并允许编辑交易内容。与以往的工作相比,TERCT 在保持匿名性和交易可追溯性公共可验证性的同时,实现了交易内容的可编辑性。这确保用户不仅可以编辑用户生成的交易内容,而且无法伪造相关证据来逃避追踪。我们证明了所提出的 TERCT 协议满足不可伪造性、平衡性、匿名性和可追溯性。我们通过实验将其有效性与原始 RingCT 协议、Wolverine 方案和 Trct 方案进行了比较。结果表明,TERCT 的额外计算开销更少。
Pdf下载链接:
https://www.computer.org/csdl/journal/tq/2025/06/11030806/27sQMqt02L6
27
Title:
Blockchain-Assisted Searchable Integrity Auditing for Large-Scale Similarity Data With Arbitration
基于区块链的大规模相似性数据可搜索完整性审计及仲裁方案
Authors:****
Ying Miao, School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China
Keke Gai, School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China
Yu-an Tan, School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China
Liehuang Zhu, School of Cyberspace Science and Technology, Beijing Institute of Technology, Beijing, China
Weizhi Meng, School of Computing and Communications, Lancaster University, Lancaster, U.K.
Key words:
Data Integrity, Indexes, Costs, Security, Resists, Cloud Computing, Reliability, Data Privacy, Blockchains, Smart Contracts, Blockchain, Integrity Auditing, Searchability, Similarity Data
数据完整性、索引、成本、安全性、抗攻击性、云计算、可靠性、数据隐私、区块链、智能合约、区块链技术、完整性审计、可搜索性、相似性数据
Abstract:****
Data integrity auditing technology serves as an essential tool to ensure the data's integrity with the popularity of remote storage. However, existing data integrity auditing models are unsuitable for a large number of files with interrelationships and heavily depend on a centralized Third-Party Auditor (TPA). To address these issues, in this paper we propose a blockchain-assisted searchable integrity auditing scheme for large-scale similarity data. To broaden the scope of the auditing model and enhance its ability to handle interconnected files, we utilize the keyword to design a search index and a trapdoor to achieve authenticator searchability for the interconnected files. The integrity of the searching result from the cloud side can be guaranteed at the same time. To reduce reliance on centralized TPA and enhance the credibility and transparency of auditing, we integrate blockchain technology along with smart contracts to replace TPA and achieve multitask auditing. We adopt a certificateless cryptosystem to generate the authenticator, while considering the cost reduction. Moreover, an arbitrator is proposed to achieve fairness judge. Theoretical and security analysis demonstrate that the proposed scheme is efficient and secure, making it a promising solution for data auditing in a wide range of applications.
随着远程存储的普及,数据完整性审计技术已成为确保数据完整性的重要工具。然而,现有的数据完整性审计模型不适用于大量相互关联的文件,并且严重依赖于中心化的第三方审计机构(TPA)。为了解决这些问题,本文提出了一种基于区块链的大规模相似数据可搜索完整性审计方案。为了扩展审计模型的适用范围并增强其处理互连文件的能力,我们利用关键字设计了搜索索引和陷门,以实现互连文件的认证器可搜索性。同时,可以保证云端搜索结果的完整性。为了减少对中心化TPA的依赖,提高审计的可信度和透明度,我们将区块链技术与智能合约相结合,取代TPA并实现多任务审计。我们采用无证书密码系统生成认证器,同时考虑降低成本。此外,我们还引入了仲裁者机制来实现公平裁决。理论分析和安全性分析表明,本文提出的方案高效且安全,有望成为广泛应用领域的数据审计解决方案。
Pdf下载链接:
https://www.computer.org/csdl/journal/tq/2025/06/11031225/27uvBmouLQs
28
Title:
DCrowd: Decentralized Mobile Crowdsensing Via Proof of Task Assignment Blockchain
DCrowd:基于任务分配证明区块链的去中心化移动众包系统
Authors:****
Hao Zeng, School of Computer Science, Northwestern Polytechnical University, Xi'an, China
Helei Cui, School of Computer Science, Northwestern Polytechnical University, Xi'an, China
Xiaoli Zhang, University of Science and Technology Beijing, Beijing, China
Bo Zhang, School of Computer Science, Northwestern Polytechnical University, Xi'an, China
Yuefeng Du, City University of Hong Kong, Hong Kong, SAR, China
Bin Guo, School of Computer Science, Northwestern Polytechnical University, Xi'an, China
Zhiwen Yu, Northwestern Polytechnical University, Xi'an, China
Key words:
Smart Contracts, Costs, Synchronization, Crowdsensing, Sensors, Training, Throughput, System Performance, NP Hard Problem, Mobile Computing, Crowdsensing
智能合约、成本、同步、众包感知、传感器、训练、吞吐量、系统性能、NP难问题、移动计算、众包感知
Abstract:****
Recently, blockchain-based decentralized mobile crowdsensing systems have emerged to eliminate traditional centralized trust and to achieve transparent task assignments via smart contracts. It allows workers to select tasks freely, thereby maximizing their benefits. However, prior designs rarely considered the globally optimal task assignment that significantly impacts the efficiency and quality of task performance, like maximizing the task completion ratio and minimizing the total travel distance of workers. So in this paper, we propose DCrowd, a new blockchain-based mobile crowdsensing system, to realize the decentralized, transparent, and globally optimal task assignment. In brief, we first introduce the Proof of Task Assignment consensus mechanism. This allows miners to conduct globally optimal task assignments off-chain, leverages smart contracts to perform lightweight verification for task assignment results on-chain, and stores the globally optimal task assignment in a customized block. Then, we devise the Weight-Prioritized Task Selection strategy and Threshold-based Adaptive Minimum Cost Flow algorithm, to further optimize the system performance and guide miners in competing for minting rights. A thorough theoretical analysis is provided. Extensive experiments on real-world datasets indicate that DCrowd can reduce the broadcast and consensus latency by over 50% and improve the throughput by over 87% compared with existing systems.
近年来,基于区块链的去中心化移动众包系统应运而生,旨在消除传统的中心化信任机制,并通过智能合约实现透明的任务分配。这使得工作者可以自由选择任务,从而最大化自身收益。然而,以往的设计很少考虑全局最优任务分配,而这会显著影响任务执行的效率和质量,例如最大化任务完成率和最小化工作者的总行程距离。因此,本文提出了一种新的基于区块链的移动众包系统------DCrowd,以实现去中心化、透明且全局最优的任务分配。简而言之,我们首先引入了任务分配证明(Proof of Task Assignment)共识机制。该机制允许矿工在链下执行全局最优任务分配,利用智能合约在链上对任务分配结果进行轻量级验证,并将全局最优任务分配结果存储在自定义区块中。然后,我们设计了权重优先任务选择策略和基于阈值的自适应最小成本流算法,以进一步优化系统性能并指导矿工竞争区块生成权。本文提供了详细的理论分析。在真实数据集上的大量实验表明,与现有系统相比,DCrowd可以将广播和共识延迟降低50%以上,并将吞吐量提高87%以上。
Pdf下载链接:
https://www.computer.org/csdl/journal/tq/2025/06/11050926/27PJRITCCJ2
29
Title:
Fog-Blockchain Fusion for Event Evaluation and Trust Management基于雾计算和区块链融合的事件评估和信任管理
Authors:****
Youssef Sellami, UPHF, CNRS, UMR 8201 - LAMIH, Valenciennes, France
Youcef Imine, UPHF, CNRS, UMR 8201 - LAMIH, Valenciennes, France
Antoine Gallais, UPHF, CNRS, UMR 8201 - LAMIH, Valenciennes, France
Key words:
Edge Computing, Blockchains, Computer Architecture, Vectors, Security, Protocols, Internet Of Things, Trust Management, Computational Modeling, Servers, Fog Computing
边缘计算、区块链、计算机体系结构、向量、安全、协议、物联网、信任管理、计算建模、服务器、雾计算
Abstract:****
Trustworthiness is a critical element influencing every entity in fog computing architectures, which raises reliability and security issues for data exchanged between fog nodes and data sources. Malicious entities can introduce incorrect or manipulated information, requiring trust assessment and management. Maintaining trust throughout the fog computing architecture requires robust trust mechanisms, secure communication protocols, constant trust management and evaluation models. The integration of blockchain technology also provides a transparent and traceable environment, enabling the preservation of trust scores and promoting accountability. Indeed, we propose a new way of calculating event trustworthiness by exploiting trust factors such as Dempster-Shafer theory, temporal relevance and distance relevance. As a result, malicious entities can be discovered and trustworthy behavior can be promoted in the fog computing environment. Finally, we prove that our protocol is highly efficient, as demonstrated by extensive simulations and in-depth theoretical analysis that confirmed its security.
信任度是影响雾计算架构中每个实体的关键因素,这会引发雾节点和数据源之间数据交换的可靠性和安全性问题。恶意实体可能会引入错误或被篡改的信息,因此需要进行信任评估和管理。在整个雾计算架构中维护信任需要强大的信任机制、安全的通信协议以及持续的信任管理和评估模型。区块链技术的集成也提供了一个透明且可追溯的环境,有助于维护信任评分并促进问责制。为此,我们提出了一种新的事件信任度计算方法,该方法利用了诸如Dempster-Shafer理论、时间相关性和距离相关性等信任因素。因此,可以在雾计算环境中发现恶意实体并促进可信行为。最后,我们通过大量的仿真和深入的理论分析证明了我们协议的高效性,并证实了其安全性。
Pdf下载链接:
https://www.computer.org/csdl/journal/tq/2025/06/11075540/28eZbAlSKVq