一种去中心化的隐私保护匿名问卷方案

doi:10.19678/j.issn.1000-3428.0059256

计算机工程 ›› 2021, Vol. 47 ›› Issue (6): 123-131. doi: 10.19678/j.issn.1000-3428.0059256

一种去中心化的隐私保护匿名问卷方案

王元庆^1,2, 刘百祥^1,2

1. 复旦大学计算机科学技术学院上海市智能信息处理重点实验室, 上海 200433;
2. 上海市区块链工程技术研究中心复旦-众安区块链与信息安全联合实验室, 上海 200433

收稿日期:2020-08-13 修回日期:2020-10-14 发布日期:2020-11-03
作者简介:王元庆(1995-),男,硕士研究生,主研方向为零知识证明、密码学;刘百祥,博士。

A Decentralized Scheme for Privacy-Preserving Anonymous Surveying

WANG Yuanqing^1,2, LIU Baixiang^1,2

1. Shanghai Key Laboratory of Intelligent Information Processing, School of Computer Science, Fudan University, Shanghai 200433, China;
2. Fudan-Zhongan Joint Laboratory of Blockchain and Information Security, Shanghai Engineering Research Center of Blockchain, Shanghai 200433, China

Received:2020-08-13 Revised:2020-10-14 Published:2020-11-03
Contact: 国家自然科学基金（61672166，U19A2066）；国家重点研发计划（2019YFB2101703）。 E-mail:18210240271@fudan.edu.cn

摘要/Abstract

摘要： 针对传统匿名问卷系统不能抵抗合谋攻击及公布数据时无法保护用户隐私的问题，提出一种新的隐私保护匿名问卷方案。引入少数合谋的问卷工作节点集群，利用门限签名技术为用户进行注册，并以门限签名为问卷生成用户列表，从而抵抗合谋攻击，同时将用户回应进行同态加密上传至公开防篡改平台抵抗数据抵赖，采用差分隐私技术并借助安全多方计算技术输出隐私保护的问卷归总结果。在此基础上，将问卷过程融入零知识证明技术，保证密文的健壮性及方案的正确性。性能分析结果表明，该方案的安全模型满足匿名性、验证性、机密性及隐私保护性，与ANONIZE、Prio等方案相比，在合谋攻击抵抗、隐私保护方面更有优势，且在时间和存储开销上符合实际应用需求。

关键词: 匿名问卷系统, 差分隐私, 门限签名, 零知识证明, 安全多方计算, 同态加密

Abstract: The existing anonymous survey systems usually fail to resist collusion attacks or protect user privacy when publishing data.To address the problem, this paper proposes a new privacy-preserving anonymous survey scheme.The scheme introduces a work node cluster based on minority collusion for surveying, and employs the threshold signature technology to register users.The threshold signatures are also used to generate a user list for surveying to resist collusion attacks.At the same time, the user response is homomorphically encrypted and uploaded to the public tamper-proof platform to resist data denial.By using the differential privacy technology and the secure multi-party computing technology, the privacy-preserving summarized results of the survey are obtained.On this basis, the zero-knowledge proof technology is used for surveying to ensure the robustness of the ciphertext and the correctness of the scheme.Performance analysis results show that the security model of this scheme satisfies anonymity, verification, confidentiality and privacy protection.Compared with ANONIZE, Prio and other schemes, it has more advantages in collusion attack resistance and privacy protection, meeting the actual application requirements in time and storage overhead.

Key words: anonymous surveying system, differential privacy, threshold signature, zero-knowledge proof, secure multiparty computation, homomorphic encryption

中图分类号:

TP309

王元庆, 刘百祥. 一种去中心化的隐私保护匿名问卷方案[J]. 计算机工程, 2021, 47(6): 123-131.

WANG Yuanqing, LIU Baixiang. A Decentralized Scheme for Privacy-Preserving Anonymous Surveying[J]. Computer Engineering, 2021, 47(6): 123-131.

http://www.ecice06.com/CN/Y2021/V47/I6/123

图/表 4

参考文献

[1] LIU Xiangyu,WANG Bin,YANG Xiaochun.Survey on privacy preserving techniques for publishing social network data[J].Journal of Software,2014,25(3):576-590.(in Chinese)刘向宇,王斌,杨晓春.社会网络数据发布隐私保护技术综述[J].软件学报,2014,25(3):576-590.
[2] BLASIUS J,THIESSEN V.Should we trust survey data? Assessing response simplification and data fabrication[J].Social Science Research,2015,52(7):479-493.
[3] FINN A,RANCHHOD V.Genuine fakes:the prevalence and implications of data fabrication in a large South African survey[J].The World Bank Economic Review,2017,31(1):129-157.
[4] LIU Lu,LI Yuxi,ZHOU Fucai.Anonymous survey system based on NIZK[J].Chinese Journal of Network and Information Security,2016,2(12):39-46.(in Chinese)柳璐,李宇溪,周福才.基于非交互零知识证明的匿名电子调查系统[J].网络与信息安全学报,2016,2(12):39-46.
[5] HOHENBERGER S,MYERS S,PASS R.ANONIZE:a large-scale anonymous survey system[C]//Proceedings of IEEE Conference on Security and Privacy.San Jose,USA:IEEE Press,2014:375-389.
[6] NARAYANAN A,SHMATIKOV V.Robust de-anonymiza-tion of large sparse datasets[C]//Proceedings of IEEE Conference on Security and Privacy.Washington D.C.,USA:IEEE Press,2008:111-125.
[7] DANEZIS G,FOURNET C,KOHLWEISS M,et al.Smart meter aggregation via secret-sharing[C]//Proceedings of the 1st ACM Workshop on Smart Energy Grid Security.New York,USA:ACM Press,2013:75-80.
[8] CORRIGAN-GIBBS H,BONEH D.PRIO:private,robust,and scalable computation of aggregate statistics[C]//Proceedings of the 14th USENIX Conference on Networked Systems Design and Implementation.Boston,USA:USENIX,2017:259-282.
[9] EIGNER F,KATE A,MAFFEI M,et al.Differentially private data aggregation with optimal utility[C]//Proceedings of the 30th Annual Computer Security Applications Conference.Washington D.C.,USA:IEEE Press,2014:316-325.
[10] CHAN T H,SHI E,SONG D.Privacy-preserving stream aggregation with fault tolerance[C]//Proceedings of the 16th International Conference on Financial Cryptography and Data Security.Berlin,Germany:Springer,2012:200-214.
[11] JAWUREK M,KERSCHBAUM F.Fault-tolerant privacy-preserving statistics[C]//Proceedings of International Conference on Privacy Enhancing Technologies.Berlin,Germany:Springer,2012:221-238.
[12] ELGAMAL T.A public key cryptosystem and a signature scheme based on discrete logarithms[J].IEEE Transactions on Information Theory,1985,31(4):469-472.
[13] KOBLITZ N.Elliptic curve cryptosystems[J].Mathematics of Computation,1987,48(177):203-209.
[14] SHAMIR A.How to share a secret[J].Communications of the ACM,1979,22(11):612-613.
[15] PEDERSEN T P.A threshold cryptosystem without a trusted party[C]//Proceedings of Workshop on the Theory and Application of Cryptographic Techniques.Berlin,Germany:Springer,1991:522-526.
[16] ANDROULAKI E.Privacy-preserving auditable token payments in a permissioned blockchain system[EB/OL].[2020-07-10].https://eprint.iacr.org/2019/1058.pdf.
[17] POINTCHEVAL D,SANDERS O.Reassessing security of randomizable signatures[C]//Proceedings of Cryptographers' Track at the RSA Conference.Berlin,Germany:Springer,2018:319-338.
[18] XIONG Ping,ZHU Tianqing,WANG Xiaofeng.A survey on differential privacy and applications[J].Chinese Journal of Computers,2014,37(1):101-122.(in Chinese)熊平,朱天清,王晓峰.差分隐私保护及其应用[J].计算机学报,2014,37(1):101-122.
[19] DAMGÅRD I,PASTRO V,SMART N,et al.Multiparty computation from somewhat homomorphic encryption[C]//Proceedings of Advances in Cryptology-CRYPTOʼ12.Berlin,Germany:Springer,2012:643-662.
[20] FIAT A,SHAMIR A.How to prove yourself:practical solutions to identification and signature problems[C]//Proceedings of Conference on the Theory and Application of Cryptographic Techniques.Berlin,Germany:Springer,1986:186-194.
[21] BUTERIN V.A next-generation smart contract and decentralized application platform[EB/OL].[2020-07-10].http://coss.io/documents/white-papers/ethereum.pdf.
[22] EIGNER F,MAFFEI M.Differential privacy by typing in security protocols[C]//Proceedings of the 26th Computer Security Foundations Conference.Washington D.C.,USA:IEEE Press,2013:272-286.
[23] DODIS Y,YAMPOLSKIY A.A verifiable random function with short proofs and keys[C]//Proceedings of International Workshop on Public Key Cryptography.Berlin,Germany:Springer,2005:416-431.

选择文件类型/文献管理软件名称

选择包含的内容

一种去中心化的隐私保护匿名问卷方案

A Decentralized Scheme for Privacy-Preserving Anonymous Surveying

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

[1]	何建江, 陈玉玲. 基于DLIN加密的可监管联盟链隐私保护方案[J]. 计算机工程, 2023, 49(6): 170-179.
[2]	杨越佳, 华蓓, 钟志威, 高咪. 基于同态加密的隐私保护逻辑回归协同计算[J]. 计算机工程, 2023, 49(4): 23-31.
[3]	郑云涛, 叶家炜. 基于茫然传输协议的FATE联邦迁移学习方案[J]. 计算机工程, 2023, 49(2): 24-30.
[4]	吴茂强, 黄旭民, 康嘉文, 余荣. 面向车路协同推断的差分隐私保护研究[J]. 计算机工程, 2022, 48(7): 29-35.
[5]	金媛媛, 倪志伟, 朱旭辉, 陈恒恒, 陈千. 基于本地差分隐私的空间数据自适应划分算法[J]. 计算机工程, 2022, 48(5): 136-144.
[6]	张晓均, 张经伟, 黄超, 唐伟. 可验证的云存储医疗加密数据统计分析方案[J]. 计算机工程, 2021, 47(6): 32-37,43.
[7]	李秋贤, 周全兴, 王振龙, 丁红发, 潘齐欣. 基于隐私保护的可证明安全委托计算协议[J]. 计算机工程, 2021, 47(5): 131-137.
[8]	张静, 何铮, 葛炳辉, 汤永利, 叶青. 一种高效的百万富翁问题协议及其应用[J]. 计算机工程, 2021, 47(2): 168-175.
[9]	陈丽燕, 芮廷先, 吕光金. 基于区块链智能合约的个人征信隐私保护方案[J]. 计算机工程, 2020, 46(7): 30-35.
[10]	李杨, 陈子彬, 谢光强. 一种基于ExtraTrees的差分隐私保护算法[J]. 计算机工程, 2020, 46(2): 134-140.
[11]	李远航, 陈先来, 刘莉, 安莹, 李忠民. 面向差分隐私保护的随机森林算法[J]. 计算机工程, 2020, 46(1): 93-101.
[12]	刘文超, 潘峰, 杨晓元, 周潭平, 涂广升. 基于cuFHE的同态比较运算器[J]. 计算机工程, 2019, 45(9): 143-146,152.
[13]	王丹,龙士工. 权重社交网络隐私保护中的差分隐私算法[J]. 计算机工程, 2019, 45(4): 114-118.
[14]	郝志峰,王日宇,蔡瑞初,温雯. 基于贝叶斯网络与语义树的隐私数据发布方法[J]. 计算机工程, 2019, 45(4): 124-129.
[15]	王彩芬,赵冰,刘超,成玉丹,许钦百. 基于整数多项式环的多对一全同态加密算法[J]. 计算机工程, 2019, 45(4): 130-135.

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

一种去中心化的隐私保护匿名问卷方案

A Decentralized Scheme for Privacy-Preserving Anonymous Surveying

RichHTML

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 4

参考文献

相关文章 15

编辑推荐

Metrics

本文评价