AATM : An Anonymous Authentication Protocol for Time Span of Membership with Self-blindness and Accountability

Lyu, Qiuyun and Liang, Xiwen and Cheng, Shaopeng and Li, Fu and Ren, Yizhi and Xu, Chengli and Meng, Weizhi and Ma, Duohe (2025) AATM : An Anonymous Authentication Protocol for Time Span of Membership with Self-blindness and Accountability. IEEE Internet of Things Journal, 12 (14). pp. 27671-27685. ISSN 2327-4662

[thumbnail of aatm-v2]
Text (aatm-v2)
aatm-v2.pdf - Accepted Version
Available under License Creative Commons Attribution.

Download (3MB)

Abstract

Internet of Things (IoT) devices using subscription services (e.g. connected vehicles accessing entertainment programs) often purchase membership credentials from service providers with limited usage counts or validity periods, we call them pay-per-use or time span of membership services. However, users’ access records, usage preferences, and habits are collected by network adversarys or membership providers for creating users’ profiles, targeted advertising, and even for being sold maliciously. To deal with these problems, lots of anonymous authentication protocols are proposed to provide users with pseudonyms to conceal their real identities. Although these protocols effectively prevent network adversarys from compromising users’ privacy, membership service providers can still gather users’ behavioral privacy via their membership credentials. Therefore, several scholars proposed k-times anonymous authentication protocols and self-blind credentials to enhance users’ privacy protection, but the k-times anonymous authentication protocols are only for pay-per-use membership services and the schemes of self-blind credentials are lack of regulating malicious users. To address these issues, this article proposes an anonymous authentication protocol for time span of membership (AATM) with self-blindness and accountability. Specifically, we utilize Structure Preserving Signatures on Equivalence Classes (SPS-EQ) and Signatures with Flexible Public Key (SFPK) to build accountable, self-blinding credentials that ensure that every time a user visits a member, he or she can create a brand new identity on their own, which not only prevents users from being linked by service providers, but also supports conditional fair regulation. Security and performance analyses show that AATM is better than the state-of-the-art schemes in terms of security and privacy-preserving capabilities, and its computation cost also meets the practical application requirements.

Item Type:
Journal Article
Journal or Publication Title:
IEEE Internet of Things Journal
Uncontrolled Keywords:
Research Output Funding/no_not_funded
Subjects:
?? no - not fundedsignal processinginformation systemsinformation systems and managementcomputer science applicationshardware and architecturecomputer networks and communications ??
ID Code:
232826
Deposited By:
Deposited On:
08 Oct 2025 10:55
Refereed?:
Yes
Published?:
Published
Last Modified:
08 Oct 2025 22:30