A Privacy-Preserving Enforced Bill Collection System using Smart Contracts

Tomoki Fujitani, K. Emura, Kazumasa Omote
{"title":"A Privacy-Preserving Enforced Bill Collection System using Smart Contracts","authors":"Tomoki Fujitani, K. Emura, Kazumasa Omote","doi":"10.1109/AsiaJCIS53848.2021.00018","DOIUrl":null,"url":null,"abstract":"Maintaining a balance between anonymity and traceability is a fundamental issue in privacy-preserving systems. Isshiki et al. proposed an identity management system based on group signatures in which a service provider anonymously determines whether or not users of the service are legitimate members, and only a bill collector can identify users for the purposes of sending them invoices. It is particularly worth noting that, under the Isshiki system, the service provider is not required to manage personal information such as user lists, which allows the system to outperform other in terms of preserving user privacy and managing personal information leakage risk. It is also noteworthy that the Isshiki system only considers cases in which the bill collector identifies users who have used the service and that, in fact, identified users who ignore invoices can use the service for free. In this paper, we extended the Isshiki system by adding a smart contract-enabled enforcement bill collection functionality. Under this functionality, deposits made by users who do not pay a service fee are automatically transferred to the bill collector. Because of their centralized structure, group signatures are not suitable to blockchain systems, therefore, the proposed system employs accountable ring signatures as building blocks. The privacy-preserving enforced bill collection system is implemented using the accountable ring signature scheme developed by Bootle et al. and Ethereum smart contracts. To reduce the gas costs associated with running smart contracts, the smart contract is not run unless the user ignores an invoice, and basic procedures are run via an off-chain channel. To avoid the use of heavy cryptographic algorithms in carrying out the accountable ring signature scheme for running smart contracts, we employed standard elliptic curve digital signature algorithm (ECDSA) signatures without especially changing the state to be verified in smart contracts.","PeriodicalId":134911,"journal":{"name":"2021 16th Asia Joint Conference on Information Security (AsiaJCIS)","volume":"256 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 16th Asia Joint Conference on Information Security (AsiaJCIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AsiaJCIS53848.2021.00018","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 6

Abstract

Maintaining a balance between anonymity and traceability is a fundamental issue in privacy-preserving systems. Isshiki et al. proposed an identity management system based on group signatures in which a service provider anonymously determines whether or not users of the service are legitimate members, and only a bill collector can identify users for the purposes of sending them invoices. It is particularly worth noting that, under the Isshiki system, the service provider is not required to manage personal information such as user lists, which allows the system to outperform other in terms of preserving user privacy and managing personal information leakage risk. It is also noteworthy that the Isshiki system only considers cases in which the bill collector identifies users who have used the service and that, in fact, identified users who ignore invoices can use the service for free. In this paper, we extended the Isshiki system by adding a smart contract-enabled enforcement bill collection functionality. Under this functionality, deposits made by users who do not pay a service fee are automatically transferred to the bill collector. Because of their centralized structure, group signatures are not suitable to blockchain systems, therefore, the proposed system employs accountable ring signatures as building blocks. The privacy-preserving enforced bill collection system is implemented using the accountable ring signature scheme developed by Bootle et al. and Ethereum smart contracts. To reduce the gas costs associated with running smart contracts, the smart contract is not run unless the user ignores an invoice, and basic procedures are run via an off-chain channel. To avoid the use of heavy cryptographic algorithms in carrying out the accountable ring signature scheme for running smart contracts, we employed standard elliptic curve digital signature algorithm (ECDSA) signatures without especially changing the state to be verified in smart contracts.
使用智能合约的隐私保护强制账单收集系统
在匿名性和可追溯性之间保持平衡是隐私保护系统中的一个基本问题。Isshiki等人提出了一种基于组签名的身份管理系统,该系统由服务提供者匿名确定服务的用户是否为合法成员,只有账单收集者才能识别用户,以便向其发送发票。特别值得注意的是,在Isshiki系统下,服务提供商不需要管理用户列表等个人信息,这使得该系统在保护用户隐私和管理个人信息泄露风险方面优于其他系统。同样值得注意的是,Isshiki系统只考虑以下情况:收费员识别出使用过该服务的用户,而事实上,识别出的忽略发票的用户可以免费使用该服务。在本文中,我们通过添加支持智能合约的强制账单收集功能扩展了Isshiki系统。在此功能下,不支付服务费的用户的存款将自动转到账单催收人。由于群签名的中心化结构,不适合区块链系统,因此本系统采用可问责环签名作为构建块。保护隐私的强制账单收集系统使用Bootle等人开发的可问责环签名方案和以太坊智能合约来实现。为了减少与运行智能合约相关的gas成本,除非用户忽略发票,否则智能合约不会运行,并且基本程序通过链下渠道运行。为了避免在执行负责任的环签名方案时使用繁重的加密算法来运行智能合约,我们采用了标准的椭圆曲线数字签名算法(ECDSA)签名,而不会特别改变智能合约中要验证的状态。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信