DkvSSO: Delegatable Keyed-Verification Credentials for Efficient Anonymous Single Sign-On

IF 6.3 1区计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS

IEEE Transactions on Information Forensics and Security Pub Date : 2025-03-26 DOI:10.1109/TIFS.2025.3555196

Wenyi Xue;Yang Yang;Minming Huang;Yingjiu Li;Hwee Hwa Pang;Robert H. Deng

引用次数: 0

Abstract

Anonymous single sign-on (ASSO) is an anonymous multi-service authentication method for end users. However, existing ASSO schemes suffer from heavy ticket requesting and verifying overheads, limiting their applications in large-scale settings. To address this problem, we propose a novel concept called keyed-verification anonymous credentials with disposable delegation (KVAC-DD) in the multi-verifier setting. Next, we extend KVAC-DD to build an efficient ASSO system, dubbed DkvSSO. The construction of DkvSSO can be instantiated in efficient prime-order groups, avoiding costly operations required in previous ASSO systems. We formally prove the security of our proposed constructions. Extensive experiments show that DkvSSO is significantly more efficient than existing ASSO schemes, making it suitable to be deployed in large-scale settings.

查看原文本刊更多论文

DkvSSO：高效匿名单点登录的可委派密钥验证凭据

匿名单点登录（Anonymous single sign-on, aso）是一种针对终端用户的匿名多业务认证方式。然而，现有的aso方案存在大量的票请求和验证开销，限制了它们在大规模环境中的应用。为了解决这个问题，我们提出了一个新的概念，即在多验证者设置中具有一次性授权的密钥验证匿名凭证（KVAC-DD）。接下来，我们扩展KVAC-DD以构建一个高效的aso系统，称为DkvSSO。DkvSSO的构造可以在高效的素序群中实例化，避免了以前的aso系统所需要的昂贵操作。我们正式证明了我们所建议的结构的安全性。大量实验表明，DkvSSO比现有的aso方案效率更高，适合大规模部署。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Information Forensics and Security 工程技术-工程：电子与电气

CiteScore

14.40

自引率

7.40%

发文量

234

审稿时长

6.5 months

期刊介绍： The IEEE Transactions on Information Forensics and Security covers the sciences, technologies, and applications relating to information forensics, information security, biometrics, surveillance and systems applications that incorporate these features