TPAAS: Trustworthy privacy-preserving anonymous authentication scheme for online trading environment

Arun Sekar Rajasekaran; Azees Maria; Jaime Lloret; Suresh Dannana

doi:10.1371/journal.pone.0307738

Abstract

In recent years with the improvement of information communication technology (ICT) and wireless communication, Online Trading Environment (OTE) has become a popular E-commerce platform to connect sellers and buyers in an efficient way. As, OTE’s are increasing in a wider range, the authentication and verification of entities in OTE network becomes a challenging task. Although, some authentication schemes exist in OTE’s, they have flaws such as account creation delays, authentication delays, communication cost and user privacy. In this work, a trustworthy and secure anonymous authentication scheme is proposed to prevent malicious users to enter into the OTE network. In addition, our proposed scheme provides conditional privacy to users until they maintain a genuine relationship with other entities without compromising. If any dispute occurs, then the system will revoke the access of that particular entity. Moreover, the security and performance analysis in this work concludes that our scheme ensures a secure interface to provide sustainable trading experience to users by taking less computation cost and communication delay when compared to other existing authentication schemes.

Citation: Rajasekaran AS, Maria A, Lloret J, Dannana S (2024) TPAAS: Trustworthy privacy-preserving anonymous authentication scheme for online trading environment. PLoS ONE 19(11): e0307738. https://doi.org/10.1371/journal.pone.0307738

Editor: Zhiquan Liu, Jinan University, CHINA

Received: June 4, 2024; Accepted: July 10, 2024; Published: November 18, 2024

Copyright: © 2024 Rajasekaran et al. This is an open access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.

Data Availability: There are no restrictions on the availability of data. The required minimal anonymized data set necessary to replicate our study findings are found at https://github.com/rarunsekar007/azeesm.

Funding: This work was financially supported by VIT University. "The funders had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript."

Competing interests: The authors have declared that no competing interests exist.

1. Introduction

With the advancement of the internet, many activities are now carried out via online. Moreover, trading of goods and services are performed through online in a single click. The Online Trading Environment (OTE)’s are growing at a faster rate and analytics estimated that these OTE’s provides 40% of the global online retail market during 2020. OTE allows companies to internationalize its business and it also allows the consumers to easily find their necessary products by making deals with sellers through online after verifying their identities at respective E-commerce platform [1]. Progressively buyers (B_i) are given with more preference to make purchase using OTE by skipping the excursion to the store. By using OTE, buyer is no longer confined to buy the products which are available in one country or in one town or in one store, but he/she can access the OTE system from anywhere at any time [2]. As internet has no boundaries, any user can access goods and services from any part of the globe.

OTE has emerged as a convincing and accepted business standard by using which sellers and buyers can communicate each other to participate in the buying and selling process. Today most of the companies are incorporating the E-commerce concept at some level of their businesses [3]. In addition, there are some retail stores who expand their market through OTE having both virtual store and a physical store. So, these OTE’s become a convenient platform for sellers to increase their profits and it became a popular way of purchasing goods for the buyers. The only requirement for buyer is PC with internet access.

Although, OTE is offering lot of ease and convenience of shopping, there are some disadvantages like lack of anonymity and trust among users [4]. In the exiting OTE, a seller can create an account by giving his fake credentials [5]. Moreover, there is no physical interaction between sellers and buyers, so buyers cannot see the product physically before purchasing it. Therefore, it may cause consumers to obtain faulty goods [6, 7]. In addition, some malicious users can enter the network using authorized user details to commit fraud (impersonation attack).

Hence, the essential security requirement of OTE is data integrity. In OTE, the online trading platform (OTP) which is a trusted component / entity in the OTE network which preserves the data securely [8] and monitor the behavior of mediators (M_i) and users (U_i) in a proper way.

In OTE, entities communicate through the wireless medium [9]. Therefore, it is essential to ensure fundamental security requirements, such as availability, integrity, confidentiality, user authentication, and privacy in e-commerce [10, 11]. Hence, to ensure a trustworthy anonymous authentication with minimum complexity and simple privacy revoking process, a secure, efficient and trustworthy anonymous authentication with conditional privacy preserving scheme for OTE is proposed to contribute sustainable trading [12]. The OTE is developed to address the following essential security requirements: 1) The OTP offers conditional privacy to the mediators and users [13]. 2) Mediators and users can generate anonymous certificates individually without storing them in the database to preserve their privacy [14]. 3) If any misbehavior of any entity occurs, the OTP can track the identity and revoke the access of malicious user by revealing its true identity [15].

The main contribution of our proposed system to deal with the above-mentioned challenges in OTE are,

To develop an anonymous authentication scheme for both U_i and M_i which has less computational complexity to minimize the computational delay.
To provide data integrity at the minimum certificate and signature verification cost.
To minimize the communication cost between the user and mediator.
To provide conditional user privacy to revoke the access of any misbehaving U_i or M_i in OTE system.

The rest of this article is summarized as follows. Related works are discussed in section 2. In section 3, system overview is demonstrated. The proposed OTE system is explained in section 4. In section 5 and 6, the security and performance analysis of the proposed OTE are described. Finally, section 7 concludes this work.

2. Related work

The majority of research in the field of online security and privacy has focused on authentication to ensure security. Although, there exist some authentication techniques which prevents malicious users to enter into network, they consume a lot of computation delay and in these techniques, there is possibility of user’s true identity can be disclosed. Azad, M. A. et al. [16] proposed a decentralized reputation system to provide the privacy for the consumer’s feedback values. These feedback values are given by consumer about a particular retailer whom he met on the online market place for the purpose of buying a product. Here, the authors used decentralized zero-knowledge proof primitives and homographic cryptographic methods while creating the privacy preserving system known as “PrivBox”. Moreover, there will be no trusted third party to provide the privacy for the consumers and to enable retailers and consumers to authenticate each other. In addition, the authors used encrypted exchange of feedback values and zero-knowledge proof of knowledge to provide well- formedness of encrypted values. Though this system provides privacy, it is not open distributed and not possible to verify the correctness of the feedback values in future. While giving feedback a malicious or compromised consumer may give false feedback about a retailer and which leads to decrement in the score of that particular retailer. Moreover, there is no particular software tool which allows retailers to see their scores frequently.

Hampiholi et al. [17] proposed a cryptographic webshopping scheme to provide privacy for the sensitive information of both buyers and sellers, where this scheme is based on attribute credentials where attributes represent pieces of data. Here, the purchasers reveal only the required information at each stage of shopping so that the bank that processes the payment don’t know the information of product, buyer’s shipping address and account details. The work suffers from unlinkability, since an adversary may inject false information at the stage of transaction. For instance, an adversary may modify the shipping address after the payment has been done by the actual buyer. Moreover, this system needs different layers of interfaces while doing transactions and computation cost also increases.

Niu, C. et al. [18] proposed an efficient, privacy-preserving and verifiable online auction scheme where they used novel protocol and Paillier homomorphic encryption for providing privacy and for verifiability of transactions. Though it provides low computation and communication costs with less storage overheads, it doesn’t perform any authentication process so that malicious user also can enter into network and can damage the auction procedure. There is no dynamic pricing scheme, so advertisers who lost in auction cannot win in next rounds thereby decreasing their probability to win in auction.

Helsloot et al. [19] proposed an online behavioral advertising scheme which provides privacy for the user’s data. Moreover, the authors used homographic encryption with a machine learning method to process user’s data in encrypted form thereby providing privacy. Though it provides privacy preserving online behavioral advertising protocol, there is less safety to user’s data because it may go into the hands of malicious user. As there are no authentication procedures, an intruder can enter into the network and give advertisements which disturbs the user.

Ranganthan et al. [20] designed a decentralised marketplace application using truffle development framework to achieve privacy for user’s data, to decrease sudden blocking of user’s account in online market places and to allow a particular user to both sell and buy the products. Here, the application will function in ethereum network, where the user’s data are taken by the interface and given to the ethereum network. Though, it has less transaction runtime, there is no mediators in the network and the seller/buyer can’t find their required product and the user’s real identity may be revealed to adversaries because of lack of anonymity.

Jiang et al. [21] proposed a privacy preserving business protocol using private smart contract in the negotiation phase. This system allows sellers and buyers to make deals without revealing their real credentials like name, address and phone number. Moreover, the authors used a zero-knowledge proof to guarantee the legitimacy of the user. Though this system achieves both proof of ownership and privacy protection, it takes more time and computation cost as the transactions are stored in blocks. Moreover, there is no authentication procedures and malicious users can enter into the network.

Scaria et al. [22] proposed an E-commerce application to perform transactions where they provide more security for user’s account by using three factor authentication i.e., the authors performed three types of authentications to login into user’s account. They are combination of using one time password, using noisy password and performing biometric or palm-vein scan. Though, this approach provides a lot of security to user’s account and it is not possible for an attacker to perform impersonation attack because he can’t compromise biometric authentication. But the drawback of this work is, all users need to have fingerprint devices and it may take lot of time to login into the user’s account as the user have to pass three steps of authentication.

Kumar et al. [23] proposed a blockchain based framework named “Prodchain” by using lattice based cryptographic processes to minimize the tracing complexity of e-commerce products for the users. This scheme is beneficial for users to trace their desired product in e-commerce cite providing the financial and social sustainability but there is no security to the privacy of the users. Moreover, there is no authentication and registration of sellers, users may get fake information about the products shown in the e-commerce site.

Dou et al. [24] suggested multi microgrids which are important in smart grid operations. In this work, multigrid acts as both buyer and supplier for trading of energy. However, the authentication mechanism of multigrid is not addressed in this work. Liu et al. [25] suggested a multiparty computation mechanism for securely transferring the shared data. Further, the Paillier encryption method is suggested in this work for sharing of data. However, conditional tracking mechanism is not addressed in this work. Ullah et al. [26] introduced the concept of sharing their energy with neighbour’s, i.e., producer and consumers. As a result, they can maximize their energy use without the need for a traditional mediator in the transaction. However, the privacy and authentication of the users are not preserved in this work.

Z. Liu et al. [27] proposes a novel privacy-preserving trust management (PPTM) scheme specifically designed for emergency message dissemination in space air ground integrated vehicular networks (SAGIVNs), aiming to address the need for both precise trust management and strong privacy preservation with minimal communication overhead. The work highlights the importance of balancing trust management and privacy preservation in vehicular networks, as both are critical for ensuring the reliability and security of information being shared, especially during emergencies. In order to resolve the contradiction between privacy preservation and trustworthiness in SAGIVNs, three cutting-edge methods are reviewed by Z. Liu et al. [28] that analyzes the competing criteria of each. Furthermore, the authors suggest a novel approach that can offer quick decision-making, a method for reputation feedback, traceability, and resistance to Sybil attacks.

Though, the above papers are related to online trading, there is no efficient conditional tracking mechanism for the users/ mediator. Moreover, conditional privacy is achieved in this work. Further, dummy identity is used in this work to preserve the anonymity of the end users. In-addition, due to the minimum certificate and signature verification cost, the work achieves better efficiency.

3. System overview

In this part, the system model, the OTE attack models, and the bilinear pairing preliminaries are described.

3.1 System model

The system model for the proposed privacy-preserving authentication scheme is demonstrated in Fig 1. It consists of three main entities namely online trading platform (OTP), mediators (M_i), and users (U_i).

Download:

Fig 1. System model of online trading environment.

https://doi.org/10.1371/journal.pone.0307738.g001

Online Trading platform (OTP): The heart of OTE is OTP. In OTE, OTP is known as the trusted party, and it is very difficult for an attacker to compromise OTP and it is fully trusted. The U_i and M_i have to register at OTP before they started communicating each other. In the proposed scheme, there will be number of OTP’s and for each OTP there will be a branch in each geographical area for the purpose of offline registration of users and mediators. In Fig 1, the operation of single OTP is demonstrated. Moreover, the OTP issues all required initial security parameters to all mediators and users at the time of offline registration process. After receiving the demand details from OTE users, OTP will send this information to M_i in a secure manner.
Mediators (M_i): Initially, the M_i should register under one specific OTP based on their interest. M_i is an intermediate between the seller and buyer (U_i).The M_i is connected to OTP and U_i in a wireless manner. In this scheme M_i is known to be a semi trusted party. If they disclose any internal data to any attacker or the particular M_i is found to be compromised, then the OTP will track the original identity of that M_i and revoke its access within a short time. The M_i will receive demand information of users from OTP and based on the existing information it provides the information to the users.
User (U_i): The U_i can communicate with other entities in OTE by deploying an online trading device (OTD) in their devices. To perform secure and convenient trading, the OTDs are deployed to exchange information with OTP and M_i by using secret keys which are reserved in it for secure and anonymous communication. A user (U_i) can be a seller (S_i) or a buyer (B_i). Moreover, if he wants to sell any particular goods to others or to buy any goods from others, then he will send his demand information to the OTP.

3.2 Security attack model in OTE

In our proposed OTE platform, there are two types of attackers i.e., internal and external attackers. The internal attackers are compromised M_i and U_i in the OTE network. In addition, the internal attacker contains OTE secret keys as they are the part of the proposed system. The proposed scheme is mainly concentrated on an external attacker. External attackers are known to be the powerful attackers than internal attackers. Because, the external attacker can perform masquerade attack to enter into OTE by acting as an authorized user such as M_i or U_i. Different possible circumstances of the attack in OTE are discussed below.

Fake message attack: An attacker may send fake information to other entities in OTE to perform any specific task. For example, an attacker can send a false message to another OTE user as a M_i by stating that he has a perfect deal for sale even though he didn’t have any sale.
Impersonation attack: An attacker can detect the true identity of a U_i or M_i successfully and attacker can use it to enter into OTE as an authorized user.
M_i replication attack: M_i is assumed to be semi trusted component in OTE, so it is not provided with more protection against any attack. So, the attacker will try to compromise M_i. If any M_i is compromised, the attacker can launch any mischievous attack by entering into OTE.
Identity revealing attack: This particular attack is mainly concentrated on user’s privacy. By using this attack, an attacker can collect personal or sensitive information from OTE users illegally.
Certificate and key duplication attack: An adversary may use the duplicate certificate and keys of other entities as a proof of authentication to confuse OTP.
Forgery attack: An attacker can forge the signature or certificate of the particular information and he can use them for his personal use in the OTE network.

3.3 Bilinear pairing

Let G_x, G_y and G_z denotes the multiplicative cyclic groups of order p, here p is a large prime number. Assume g_x is the generator of G_x, g_y is the generator of G_y, and let φ be an isomorphism from G_y to G_x such that φ(g_y) = g_x. e: G_x X G_y→G_z is a bilinear map and below are the bilinear pairing properties.

Bilinear: for all and .
Non-degeneracy: e(g_x, g_y) ≠ 1G_z
Computability: There exists an efficient algorithm to compute the bilinear map e: G_x×G_y→G_z.

4. Proposed TPAAS scheme

In this section, the OTE system’s initialization, user authentication, and mediator authentication processes are explained. Initially, user and mediator should register in the OTP’s official website with their credentials i.e., the user/mediator will send a message to OTP with their certificate and signature through offline mode. Then the OTP will anonymously authenticate the user/mediator in an anonymous manner. Once the authentication is successfully completed, the OTP allows the user/mediator to access the resources on the OTP’s website. If a user wishes to sell or buy a product, he must send his demand/sale information to OTP. The OTP will send this demand information to the authenticated mediators in the user’s area. After receiving the demand information from OTP, each mediator will use the information already possessed by them to offer best deal for the user.

For instance, if a user wants to buy a product, the information is fed into the OTP, and the OTP convey the same message to the mediator. The mediators will look for a seller who wants to sell a similar product. If no such sellers are available, the mediator stores the product’s demand information. Moreover, the mediator will use this demand information in the future if he receives any information about the sale of the same specific product from any seller. When the demand information is satisfied, the mediator will send a message to the user (buyer) who requested that specific product. This process is carried out by all network mediators to the required user. After receiving all the messages from the mediators, user will choose one best deal from one of the mediators. In addition, the user will authenticate that specific mediator in an anonymous manner to ensure the message’s integrity. When the user successfully completes the mediator authentication, the user acknowledges the purchase/sale of the product. Similarly, the mediator check for the authenticity of the user. Thus, a mutual anonymous authentication takes place between the user and mediator in a secured manner. Any receiver entity in OTE will authenticate and check the legitimacy and integrity of any message before accepting that message from any sender entity. Here, the verification of integrity and legitimacy of any message is done by using bilinear pairing method.

The Fig 2, flowchart shows the complete flow of exchange of information between the buyer and OTP through mediator. Similarly, Fig 3 flowchart shows the complete flow of exchange of information between the seller and OTP through mediator. The explanation for Fig 2 flowchart is as follows. Initially, both the seller/ buyer and mediator should register in OTP using their required credentials and security parameters are issued to them. Further, the buyer demand information is stored in OTP. This demand information is informed to the nearby mediators in an online way. The mediators perform the required seller’s search. Once, the required seller is identified, the information of the seller is conveyed to the buyer by the corresponding mediator. Now, the buyer has all the information of the sellers from different mediators. The buyer decides the best deal among the different sellers. Once the best deal is chosen, the corresponding mediator from which the best deal chosen is identified by the buyer. Thereafter, mutual anonymous authentication takes place between the corresponding buyer and the mediator. If, the mutual anonymous authentication fails, once again the buyer chooses another best deal from another mediator and the process repeats. On the other hand, if authentication is satisfied, then the corresponding mediator deal is accepted and the process completes. The same procedure is to be followed for Fig 3 flowchart.

Download:

Fig 2. Flowchart for complete flow of information between the Buyer and the OTP through mediator.

https://doi.org/10.1371/journal.pone.0307738.g002

Download:

Fig 3. Flowchart for complete flow of information between the seller and the OTP through mediator.

https://doi.org/10.1371/journal.pone.0307738.g003

4.1 System initialization

The OTP issues system parameters by using bilinear parameters (G_x, G_y, G_z, p, e) as follows. Initially, the OTP selects the random numbers as the master secret keys and computes . Then OTP selects the secure cryptographic hash function Finally, the OTP issues the OTE parameters and broadcast in the open network platform as . Table 1 shows the notations used.

Download:

Table 1. Notations used in the proposed work.

https://doi.org/10.1371/journal.pone.0307738.t001

4.2 User (U_i) authentication

In this proposed scheme, the anonymous U_i authentication process consists of user registration, required keys generation, generation of anonymous certificate, generation of signature, verification of both certificate and signature and conditional tracking. Fig 4 shows the user authentication scheme for proposed scheme.

Download:

Fig 4. User authentication phase of proposed scheme.

https://doi.org/10.1371/journal.pone.0307738.g004

User registration: To access the OTP resources, the user should register at OTP in advance in an offline manner. While registration, the user (U_i) have to submit the necessary information like credit card details, bank account details, user name, address, username, mail ID, phone number, etc., to the OTP. Once the registration process is successfully completed, the user becomes an OTP user/entity.
Key Generation: After user registration, the OTP will generate necessary secret keys for the user (U_i) by using key generation scheme. Initially, the OTP generates the user’s (U_i) original identity (URI_i) and also dummy identity (UDI_i). To generate dummy identity UDI_i the OTP uses two random numbers n_i, and then computes . Then the OTP maps the original identity with dummy identity by using the tracking list. Moreover, the OTP creates dummy identities to all users to check the legitimacy and integrity of the source of information without revealing the actual identity of user to the outside world. Even if the malicious entity finds this dummy identity, they cannot track the original identity of the user. Then the OTP selects a random number v_i such that and computes and for tracking the identity of user U_i. Further, OTP will place the values in the tracking list and issues the consumer key (Ck) to user as and this Ck will be kept securely in OTD, where and . Once the registration and key distribution process is completed, the user U_i can access all the resources of OTP’s official website for selling/buying process with the help of its secret keys which are issued by OTP.
Anonymous certificate Generation: The user U_i will perform the following steps to generate the required anonymous certificates.

Step1: Initially the user will choose random number as short time temporary private key and computes the short time public key .

Step2: Then the OTE user will generate the anonymous one-time certificate cert_j by using their short time public keys N_j as follows:

Initially, the user selects randomly and calculates α, α₁, α₂, α₃, β, β₁, β₂, β₃

Where, (1) (2) (3) (4) (5) (6) (7) (8)

After computing α, α₁, α₂, α₃, β, β₁, β₂, β₃, the user will calculate the acceptor key and then compute the values of c₁, c₂, c₃ as below (9) (10) (11)

Finally, the user will generate the anonymous certificate as . If user wants to register in other OTP, then the user will send an anonymous message to new OTP as Message = (SM∥sig∥cert_j∥N_j). From the received message, the new OTP will extract the values of UDI_i, D_i, J_i, K_i. Moreover, it will compute H_i = UDI_i×J_i, I_i = D_i×K_i and check whether H_i = R₁ and I_i = S₁. If they are equal, then new OTP accepts the user as an authorized user.

Signature Generation: User will generate the short time signature as to maintain the integrity of the message. Then the user broadcasts the message to other entities as Message = (SM∥sig∥cert_j∥N_j) by appending original message, certificate, signature and short time public key. Initially, the user will send this message to OTP while logging in the OTP’s website. The user will place his user name in place of SM and the OTP will authenticate the user and verify the integrity of the message. Once the verification is completed, the OTP will allow the user to access all the resources on the OTP’s website i.e., User (U_i) authentication by the OTP. Similarly, when the user responds to the mediator product request, user will send this Message to mediator for the purpose of authentication. Thus, the mediator will authenticate the user i.e., User (U_i) authentication by the Mediator (M_i). In the above mentioned two cases, the receiver (either the OTP or the mediator) will authenticate the user by using U_i’s certificate (Cer_j) and signature (Sig_j) by using the verification process.
Verification process: After receiving the Message = (SM∥sig∥cert_j∥N_j) from user, the receiver (either the OTP or the mediator) will perform below steps to authenticate the user.

Step 1: To check the authenticity of the source message, the receiver will calculate parameters. Where, (12) (13) (14) (15) (16)

Step 2: By using above parameters receiver computes and it verifies whether Ak = Ak′. If it holds, the receiver will accept the user’s message otherwise it will be discarded. Moreover, the receiver will also check the dummy identity of user by calculating H_i and I_i.

Step 3: After the completion of acceptor key verification, the receiver will now check the integrity of the message as below.

(17)

If it holds, then the receiver will accept the message otherwise the Message will be rejected.

Conditional Tracking: If any conflict occurs or any user is compromised, then the OTP can easily detect the real identity of that user by using tracking parameters and . The OTP will calculate the to get and with the help of the .

Once and is calculated, the OTP will map these parameters to original identity of user by using the tracking list. Moreover, the OTP will revoke the privacy of the user and will remove the compromised U_i from OTE to avoid further damage.

4.3 Mediator (M_i) authentication

Once the offline registration is successfully completed, the mediator will log into the official website of OTP by sending a message with his signature and certificate to OTP. Then, the OTP will authenticate the mediator by using the mediator’s certificate and signature to grant him access to the website resources, i.e., Mediator authentication by OTP. After receiving the product demand information of user from OTP, the mediator will notify the user about the product’s sale. Here, the user must authenticate the mediator in order to avoid receiving messages from a fake mediator or malicious entity, i.e., Mediator authentication by user. For these authentication purposes, the mediator will generate its certificate and signature. The process like mediator registration, key generation, certificate and signature generation, verification and conditional tracking are explained below. Fig 5 shows the mediator authentication phase of the proposed scheme.

Download:

Fig 5. Mediator authentication phase of the proposed scheme.

https://doi.org/10.1371/journal.pone.0307738.g005

Mediator Registration: While offline registration, the mediator is required to submit his full name, address, experience in the e commerce field, username etc., to the OTP.
Key Generation: The OTP chooses to calculate A_i, B_i, P_i, where and . Then, the OTP generates Mediator real identity (MRI_i) and Mediator dummy identity (MDI_i). Moreover, the OTP keeps the in its tracking list, where . In addition, OTP sends a mediator key to every mediator, where .
Certificate Generation: The Mediator (M_i) chooses random numbers

to compute γ, γ₁, γ₂, γ₃, δ₁, δ₂, δ₃,where

(18)

(19)

(20)

(21)

(22)

(23)

(24)

Using the above values, M_i will calculate mediator acceptor key as and l₁, l₂, l₃, l₄, l₅.

Where, (25) (26) (27) (28) (29)

Then mediator generates as its anonymous certificate. Since, the certificate is not having any information about the real identity of the mediator, it is impossible for any adversary to reveal the privacy of the mediator.

Signature Generation: Now the mediator M_i will generate its signature to maintain the integrity of information as follows.

Step 1: The mediator selects random number as short-time private key and calculates the short time public key as .

Step 2: Now M_i calculates the signature as by using values of private keys w_j, here NDI is nearby deal information that is sent by the mediator to the user. Then, the mediator broadcasts the message to the user by using signature as .

Verification: After receiving the receivers (OTP or User) should authenticate the mediator as follows. The receiver first computes below values.

(30)

(31)

(32)

Based on these parameters, the mediator calculates the acceptor key as where, W_i = MDI_i×E_i, X_i = F_i×B_i and Q_i = P_i×E_i and checks whether . If it holds, the receiver accepts the mediator as authorized mediator otherwise it will reject the message of the mediator.

Once the certificate is verified, the receiver will now verifies the integrity of the NDI by checking the following equation.

(33)

If it satisfies, then the receiver (OTP or User) will accepts the otherwise it will be rejected.

Conditional Tracking: If there is any conflict or any mediator is compromised, then the OTP will track the real identity of that specific mediator in a short time to revoke its privacy. By using certificate , the OTP will compute the values of and . Once these values are computed, the OTP will map them to the real identity MRI_i of mediator by using the tracking list. The OTP calculates to find and .

Now, calculating these values, the OTP can easily find the real identity of the mediator. Moreover, the OTP will withdraw the privacy of the particular mediator and remove it from the OTE system to avoid further damage.

5. Security analysis

The source authentication, message integrity, identity privacy preserving and conditional privacy preserving of our proposed anonymous authentication scheme in OTE system are explained and analyzed in this section. In our proposed scheme, the signature ‘sig’ and certificate ‘cert_j’ are required parameters to provide protection against various types of attacks such as impersonate, masquerade, inject, and key replication attacks. In our scheme, it is impossible for an external attacker (EA) to calculate a valid certificate and signature using the certificate and signature of another authorised entity, because the consumer key (Ck) or mediator key (Mk) of the entity that is given by OTP in offline is kept securely in OTD by the authenticated user or mediator. Hence, it is impossible for an intruder to perform key replication attacks and to send fake messages in the OTE system. Moreover, in order to perform an impersonation attack, the intruder must crack the short time private key of the specific user and also find the Ck or Mk of the user or mediator given by OTP in an offline manner. So, it is impossible to get effected by the impersonation attack. In addition, the EA cannot compromise the registration step which is done in the offline mode at the OTP. Hence, our OTE system is completely secure against impersonation attacks. OTE system’s defense procedure against various attacks and threats is explained below.

5.1 Defense against impersonation attack

To execute an impersonation attack by pretending to be an authorized user or an authorized mediator, the intruder have to find the secret parameter of the authorized user or mediator i.e., the value of C_i and D_i of the user and A_i and B_i of the mediator. In order to find values of C_i and D_i, attacker must find the values of α₂ and α₃ in the user’s certificate . In addition, to find the values of A_i and B_i, attacker must find the values of γ₂ and γ₃ in the mediator’s certificate . The values of α₂ and α₃ are computed as and . Here, ‘u’ value is selected randomly by the user U_i hence the α₂ and α₃ values are also random. However, the calculation of α₂ and α₃ values involves Elliptic Curve Discrete Logarithm problem (ECDLP). So, there is computational complexity in finding the values of C_i and D_i, where ‘∅’ represents the number of users. Moreover, there is a complexity of O(2^m−1) in finding the value of ‘u’ from set of ‘m’ short time random keys. Similarly, in the case of pretending to be a mediator and to find the values of A_i and B_i, the values of γ₂ and γ₃ are computed as γ₂ = A_i. and . Here, the values of f₁, f₂ and f₃ are selected randomly by the mediator M_i hence the γ₂ and γ₃ values are also random and they computed based on ECDLP with complexity of , where ‘Δ’ represents the number of mediators. Moreover, there is a complexity of O(2^x−1) in finding the values of ‘f₁, f₂ and f₃’ from set of ‘x’ short time random keys. Therefore, it is impossible for an EA to find the values of C_i, D_i, A_i, B_i, u, f₁, f₂ and f₃ to compromise the certificate authentication step and to perform impersonation attack (either by pretending to be an authorized user or mediator) in a stipulated time. Hence, our authentication scheme in OTE system can withstand against the impersonation attack.

5.2 Defense against bogus message attack

An external attacker ‘EA’ has to find the values of UDI_i, J_i, D_i, K_i to send bogus message to OTE user. Here, H_i = UDI_i×J_i = R₁ and I_i = D_i×K_i = S₁. Moreover, the values and are generated for each user directly during the initial offline registration by OTP. It is not possible for an EA to find the values of n_i, d_i, r and s from UDI_i, J_i, D_i and K_i because of ECDLP. Since, n_i and d_i values are randomly selected by OTP and the values r, s are master keys which are known only to OTP. To find the values of or s, there is a complexity of where ‘Θ’ represents number of users registered in the OTP. To find the values of n_i or d_i there is a complexity of O[2^Θ−1]. Therefore, the total complexity of finding the values of n_i, d_i, r and s to compute UDI_i×J_i = R₁ and D_i×K_i = S₁ are and . So, it is difficult to perform bogus message attack. Therefore, our authentication scheme in OTE system can withstand against bogus message attack.

5.3 Defense against message modification attack

In our proposed scheme, every user U_i broadcast his message as "Message = (SM∥sig∥cert_j∥N_j)". External attackers attempt to inject modifications into this message, such as changing the content of the broadcasted message before it reaches the receiver, while it is transmitting over wireless medium. But in our scheme, to preserve message integrity, user’s signature is generated on a message ‘SM’ as where ‘k_j’ is the user’s short time private key. Since its value is only known to the user, no other entity can generate the same signature. So, EA needs to find the short time private key to forge the signature. However, the value of ‘k_j’ changes periodically, so even if EA finds the value of short time private key, the ‘EA’ cannot follow the subsequent communication related to U_i. Similarly, mediator M_i signature on the message ‘NDI’ is given by . Since, the value of ‘w_j’ is short time private key which is known only to particular mediator, no other entity can forge it’s signature. Moreover, the users and mediator certificates are generated by using Ck and Mk values which are given to them securely in an offline manner. So, without knowing the values of Ck, Mk and short time private keys, EA cannot forge the anonymous certificates and signatures.

5.4 Conditional privacy preserving

In our proposed scheme, each user and mediator will have an anonymous certificate and signature to hide their real identity. But, if any dispute happens or the user/mediator is compromised, then the OTP can trace the original identity of the user or mediator from its anonymous certificate. If the user is compromised, then the OTP calculates to get the values of and from the tracking list. Similarly, if the mediator is compromised, then the OTP calculates to get the value of and from the tracking list. Once if and are traced by the OTP, then the fake user will be revoked from the network. Similarly, if and are traced by the OTP,then the fake mediator will be revoked from the OTE.

5.5 Defense against the non repudiation attack

In the proposed scheme, the user (buyer/seller) cannot repudiate after receiving the information from the mediator or sending the demand request to the OTP. During receiving the information from the mediator, the authenticity of the user is checked by the mediator using anonymous certificate and signature verification. So, repudiation of the user is not acceptable. Moreover, while sending the demand request to OTP by the user, the request can be accepted only, if the user is authenticated. Since, the user gives his credentials and registered in offline to the OTP. Once after sending the demand request, the user cannot repudiate.

5.6. Anonymity and privacy preservation

In our scheme, users and mediators attach a valid signature and certificate to their messages, so it is computationally hard to trace the actual identity of the user or mediator who signed the message. Moreover, the certificate and signature are computed using dummy identity and short time private keys which are changed periodically. As a result, the EA will get zero knowledge about the signer of that message and even if these dummy identities are revealed, they will give zero knowledge about the real identity of the user or mediator. Thus, in our proposed scheme, the anonymity and privacy of the user and mediator are preserved.

5.7. Unlinkability

Certificate and signature are generated using temporary private keys. These are short life keys and randomly changeable in a short span of time. So, during information exchange, these short life temporary private keys are used for certificate and signature generation. So, once the information is successfully exchanged and the certificate and signature are validated, the validity of these private keys are expired and a new randomly generated key is to be used for next transaction. So, there is a complete unlinkability during the information exchange.

5.8 Defense against man in the middle attack

In a man-in-the-middle attack, the EA attempt to modify the messages sent between the user and the mediator. But in our scheme, every OTE entity (user/mediator) should first login into the OTP’s official website. Only after successful registration, they can access the resources in OTP’s website. Therefore, when the user and mediator log into the website, OTP will authenticate them using their anonymous certificate and signature, which are computed using the consumer key (Ck) and mediator key (Mk). But these Ck and Mk are issued by OTP to the user and mediator during their initial offline registration. So, it is difficult for an intruder to find Ck and Mk and compute these anonymous certificate and signature. As a result, intruder cannot enter into the OTE network without getting authenticated by OTP. So, the intruder cannot change the information being transferred between the user to mediator or vice versa. Even-though, if the intruder enter into the network, he cannot change the content of the message, since every entity will attach a valid signature to its message which is calculated by using short time private keys. So, if an intruder wish to modify the content, he needs to compute a valid signature by using short time private keys which are only known to the legitimate users. So, our proposed scheme can withstand against the man in the middle attack.

5.9 Defense against the Sybil attack

In this attack, EA use multiple identities and send the same message to OTE users to make them believe that the message is true as it is coming from different entities. But in our scheme, if EA wants to send a single fake message, he has to find the values of r, n_i and d_i, where dummy identity is calculated by . But, the ‘r’ value is a private key which is only known to OTP and the values of n_i and d_i are also chosen by OTP randomly. So, it is impossible for an EA to create multiple identities without knowing r, n_i and d_i values. So, in our proposed scheme EA cannot send any fake messages to other users by creating multiple identities. Therefore, our scheme can withstand against the Sybil attack.

6. Formal security analysis

Formal security is performed using Burrows, Abadi, and Needham (BAN) logic. To ensure mutual authentication between the U_i and OTP, the following goals are defined.

(34)

(35)

(36)

(37)

The following idealization is performed for message transformation as follows.

(38)

(39)

(40)

(41)

The security assumptions are made based on the mutual authentication: (42) (43) (44) (45) (46) (47) (48) (49)

The mutual anonymous authentication between U_i and OTP with the help of the rules mentioned in [29] and based on above assumptions.

From M₁ (50) (51) (52)

Moreover, (53)

From M₂ (54) derives (55) from S5, since and based on A₃.

(56) (57) from S6 and S7. Using A₄ and S8; 58

From M₃ (59) (60) (61) based on A₅. From S11 and S12; (62) (63)

From M₄ (64) (65) (66)

From S16 and S17; (67) (68) (69)

Based on S14 and S20, the above desired goals are achieved. The same procedure is repeated for mediator authentication.

7. Performance analysis

This section analyses the proposed system’s performance and compares it to other existing systems in terms of computational complexity and communication complexity.

7.1 Computational complexity

The computational cost is the amount of time required to verify the certificate and signature. The computational cost of our proposed scheme is compared with different existing schemes such as J. Shao et al. [30], Xue et al. [31], Lin et al. [32], and Oh et al. [33]. Several operations such as pairing operation, hash function, one point multiplication and exponential functions are involved during the calculation of computation cost. The time required for performing the pairing operation, hash function, multiplication operation and exponential function are represented as T_p, T_h, T_m and T_ex. In order to perform the computational cost, the proposed scheme is implemented using Ubuntu 22.04, AMD Ryzen 7, 5800U with Radeon Graphics, 1.9 GHz processor, with 16 GB RAM with Cygwin 1.7.35–15 software platform with gcc version 4.9.2 [34]. The bilinear pairing operation has the value of 25.342ms. Similarly, the value for hashing operation is 0.2632ms, one point addition is 0.0031ms, one point multiplication operation is 0.0217ms, and exponential operation is 23.242ms respectively. The results are calculated for 1000 simulations and finally the average of the results are considered for validation. Here ‘ms’ represents milliseconds. Table 2 shows the computational cost for different schemes. Fig 6 shows the graphical representation of verification time for different schemes based on the received message. The Fig 6 clearly includes the proposed scheme consumes minimum computational time, when compared to the relevant existing schemes.

Download:

Fig 6. Computational cost for certificate and signature verification.

https://doi.org/10.1371/journal.pone.0307738.g006

Download:

Table 2. Computational cost of various schemes.

https://doi.org/10.1371/journal.pone.0307738.t002

7.2 Communication cost

Communication cost is the number of bits required for the transformation of information between the end users. Table 3 shows the number of messages used for information exchange and communication cost for various schemes. In our proposed scheme, the number of bits assumed for the message used by the user and mediator is SM = NDI = 160 bits, the signature bits of the U_i and M_i is = 160 bits, the certificate bits of the U_i and M_i is = 160 bits, U_i and M_i uses the public keys as N_j = D_i = 320 bits [35]. Moreover, in our proposed scheme, two messages are used for the authentication of U_i and M_i and the transformation of messages takes place. The entire messages (information) of user and mediator are represented as Message = (SM∥sig∥cert_j∥N_j) and . Both the information consumes Message = (160+160+160+320)=800 bits and = (160+160+160+320)=800 bits. So, totally 1600 bits are used as the communication cost for communication in our proposed scheme.

Download:

Table 3. Communication cost of various schemes.

https://doi.org/10.1371/journal.pone.0307738.t003

Fig 7 shows the communication cost of various schemes for single user. J. Shao et al. [30] requires three messages for the communication and it consumes 2912 bits. Similarly, Xue et al. [31] requires four messages for the communication and it consumes 2080 bits. Though, Lin et al. [32] and Oh et al. [33] schemes require only one and two messages for the communication, but the cost incurred are 2240 bits and 1760 bits. But in our proposed scheme, though two messages are involved for the transformation of information, the communication cost required is only 1600 bits.

Download:

Fig 7. Communication cost of various schemes for single user.

https://doi.org/10.1371/journal.pone.0307738.g007

Similarly, for the n number of users, the communication overhead is represented in the Fig 8. Here, the number of user are kept in the range from n=5, 10,15,20 and 25 respectively. Based on the incremental in the number of user, the communication overhead is computed. Moreover, the Fig 8 clearly indicates, as the number of users increases, the communication cost of our suggested work decreases drastically, thus increasing the efficiency of our system. Thus, when compared to the existing schemes, our proposed scheme proved to be noteworthy in terms of communication cost.

Download:

Fig 8. Communication cost of various schemes for ‘n’ users.

https://doi.org/10.1371/journal.pone.0307738.g008

7.3 Mediator serving capability

Let ℳ be the number of authenticated users who required service from the authenticated mediators. Moreover, ℘ be the probability that the mediator offers service to the authenticated user. ℤ be the total computational time required for verification of signature and certificate. Mediator serving capability is represented by , where ℤ = 4T_a+9T_ex+2T_m+T_h.

Fig 9 portrays the graphical representation of mediator serving capability. The graph is plotted between the number of users, total computational cost and the mediator serving capability. From the Fig 9, it is clear as the number of users increases, the computational cost also increases but the service providing capability of the mediator decreases.

Download:

Fig 9. Mediator serving capability.

https://doi.org/10.1371/journal.pone.0307738.g009

8. Conclusion

In this work, a trustworthy privacy preserving anonymous authentication scheme is for OTE is proposed, allowing both users and mediators to communicate in a secure way. In the proposed TPAAS, user authenticates the mediator in an anonymous way before receiving the message SM from the mediator. Similarly, the mediator authenticates the user before receiving the reply from user about the deal. Apart from traditional Online Trading Platforms, our proposed TPAAS provides high level of security, anonymity, privacy to the users and mediators because OTE entities use dummy identities, short time keys and signatures to communicate with other entities. Moreover, this scheme allows users to trade with lot of trust by providing conditional privacy and security to them, thereby providing privacy for the genuine users and revoking the privacy of compromised users/mediators. In addition, our proposed scheme is resistant to different kinds of attacks such as Impersonation attack, bogus message attack, message modification attack, Non repudiation attack, Man in the middle attack and Sybil attack. In terms of communication and computation costs, the security and performance analysis revealed that our proposed TPAAS outperforms other traditional schemes. Hence, our scheme satisfies the recent privacy and trust concerns in online trading.

Future work that leads to the incorporation of artificial intelligence that could be used to provide suggestions for the users based on their past shopping experience. Moreover, in the future, auction system for ad exchanges can be included, thereby generating more revenue for the users. In addition, Augmented Reality/ Virtual Reality (AR/VR) technology can be included to allow the users to visualize the products in a comfortable way, allowing them to choose the products that are best suited to them.

The supporting file “S1 Data” refers for the caption as shown in Fig 7: Computational cost for Certificate and signature verification.

Supporting information

S1 File.

https://doi.org/10.1371/journal.pone.0307738.s001

(DOCX)

S1 Data.

https://doi.org/10.1371/journal.pone.0307738.s002

(XLSX)

References

1. Ajerame M. (2017). Impact of inter-organizational collaboration on logistics information systems adoption case of Moroccan agribusiness companies. 2017 International Colloquium on Logistics and Supply Chain Management (LOGISTIQUA).
- View Article
- Google Scholar
2. Lu T., Zhang B. and Ren K., "PrivData Network: A Privacy-Preserving On-Chain Data Factory and Trading Market," in IEEE Transactions on Dependable and Secure Computing, vol. 21, no. 3, pp. 1424–1436, May-June 2024,
- View Article
- Google Scholar
3. Prabakaran D, and Shyamala , (2022). Multi-Factor Authentication for Secured Financial Transactions in Cloud Environment. Cmc-computers Materials & Continua,
- View Article
- Google Scholar
4. Subramani J., Maria A., Neelakandan R. B., & Rajasekaran A. S. (2021). Efficient anonymous authentication scheme for automatic dependent surveillance‐broadcast system with batch verification. IET Communications, 15(9), 1187–1197.
- View Article
- Google Scholar
5. Arun Sekar R., Maria A., Al-Turjman F., Altrjman C., & Most da, L. “ABRIS: Anonymous blockchain based revocable and Integrity Preservation Scheme for vehicle to Grid Network”. Energy Reports, 8, 9331–9343. 2022 https://doi.org/10.1016/j.egyr.2022.07.064.
- View Article
- Google Scholar
6. Subramani J., Muneeswaran D., Maria A., Arunachalam M., & Neelagandan R. B. (2021). EPPAS: Energy‐efficient privacy‐preserving and physically secure mutual authentication scheme for secure communication in smart grid systems. International Journal of Communication Systems, 34(8).
- View Article
- Google Scholar
7. Iqbal A., Arun Sekar R., Nikhil G. S., & Azees M. “A Secure and Decentralized Blockchain Based EV Energy Trading Model Using Smart Contract in V2G Network”. IEEE Access, 9, 75761–75777, 2021.
- View Article
- Google Scholar
8. Ghiasi H., Brojeny M. F., &Gholamian M. R.(2017). A reputation system for e-marketplaces based on pairwise comparison. Knowledge and Information Systems, 56(3), 613–636.
- View Article
- Google Scholar
9. Azees M, Arun Sekar, R., Fadi Al-Turjman, Chadi Altrjman, and Leonardo Mostarda. "BAIV: An Efficient Blockchain-Based Anonymous Authentication and Integrity Preservation Scheme for Secure Communication in VANETs", Electronics, 11, no. 3: 488, 2022. https://doi.org/10.3390/electronics11030488.
- View Article
- Google Scholar
10. Luo N., Wang Y., Zhang M., Niu T., &Tu J. (2020). Integrating community and e-commerce to build a trusted online second-hand platform: Based on the perspective of social capital. Technological Forecasting and Social Change, 153, 119913.
- View Article
- Google Scholar
11. Ranzini G., Etter M., &Vermeulen I.(2020). My home on the platform: Exploring the physical privacy concerns of home-sharing providers. International Journal of Hospitality Management, 86, 102433.
- View Article
- Google Scholar
12. Subramani J., Maria A., Arun Sekar R. “Efficient anonymous authentication scheme for automatic dependent surveillance‐broadcast system with batch verification”. IET Communications, 15(9), 1187–1197. 2021.
- View Article
- Google Scholar
13. Arasan A., Sadaiyandi R., Al-Turjman F., Rajasekaran A. S., & Karuppuswamy K. S. (2021). Computationally efficient and secure anonymous authentication scheme for cloud users. Personal and Ubiquitous Computing.
- View Article
- Google Scholar
14. Hunecke M., Richter N., & Heppner H. (2021). Autonomy Loss, Privacy Invasion and Data Misuse as Psychological Barriers to Peer-to-Peer Collaborative Car Use.
- View Article
- Google Scholar
15. Priyadharsini A Rajasekaran M. Azees , “An efficient key agreement and anonymous privacy preserving scheme for vehicular ad-hoc networks with handover authentication”, Concurrency and Computation: Experience and Practice. Dec 2023, https://doi.org/10.1002/cpe.7979.
- View Article
- Google Scholar
16. Azad, M. A., Bag, S., &Hao, F. (2018). PrivBox: Verifiable decentralized reputation system for online marketplaces. Future Generation Computer Systems, 89, 44-57. https://doi.org/10.1016/j.future.2018.05.069.
17. Hampiholi B., & Alpar G. (2017). Privacy-Preserving Webshopping with Attributes. 2017 IEEE Symposium on Privacy-Aware Computing (PAC).
- View Article
- Google Scholar
18. Niu C., Zhou M., Zheng Z., Wu F., & Chen G. (2017). ERA: Towards privacy preservation and verifiability for online ad exchanges. Journal of Network and Computer Applications, 98, 1–10.
- View Article
- Google Scholar
19. Helsloot L. J., Tillem G., & Erkin Z. (2017). AHEad: Privacy-preserving online behavioural advertising using homomorphic encryption. 2017 IEEE Workshop on Information Forensics and Security (WIFS).
- View Article
- Google Scholar
20. Ranganthan V. P., Dantu R., Paul A., Mears P., & Morozov K. (2018). A Decentralized Marketplace Application on the Ethereum Blockchain. 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC).
- View Article
- Google Scholar
21. Jiang Y., Wang C., Wang Y., & Gao L. (2019). A Privacy-Preserving E-Commerce System Based on the Blockchain Technology. 2019 IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE).
- View Article
- Google Scholar
22. Scaria B. A., & Megalingam R. K. (2018). Enhanced E-Commerce Application Security Using Three-Factor Authentication. 2018 Second International Conference on Intelligent Computing and Control Systems (ICICCS).
- View Article
- Google Scholar
23. Kumar G., Saha R., Buchanan W. J., Geetha G., Thomas R., Rai M. K., et al. (2020). Decentralized accessibility of e-commerce products through blockchain technology. Sustainable Cities and Society, 62, 102361.
- View Article
- Google Scholar
24. An D., Yang Q., Li D. and Wu Z., "Distributed Online Incentive Scheme for Energy Trading in Multi-Microgrid Systems," in IEEE Transactions on Automation Science and Engineering, vol. 21, no. 1, pp. 951–964, Jan. 2024,
- View Article
- Google Scholar
25. Liu J., Long Q., R. -P. Liu, W. Liu, X. Cui and Y. Hou, "Privacy-Preserving Peer-to-Peer Energy Trading via Hybrid Secure Computations," in IEEE Transactions on Smart Grid, vol. 15, no. 2, pp. 1951–1964, March 2024,
- View Article
- Google Scholar
26. Ullah M. H. and J. -D. Park, "Peer-to-Peer Energy Trading in Transactive Markets Considering Physical Network Constraints," in IEEE Transactions on Smart Grid, vol. 12, no. 4, pp. 3390–3403, July 2021,
- View Article
- Google Scholar
27. Liu Z. et al., "PPTM: A Privacy-Preserving Trust Management Scheme for Emergency Message Dissemination in Space–Air–Ground-Integrated Vehicular Networks," in IEEE Internet of Things Journal, vol. 9, no. 8, pp. 5943–5956, 15 April15, 2022,
- View Article
- Google Scholar
28. Liu Z. et al., "Establishing Trustworthy and Privacy-Preserving SAGIVNs in 6G: Architectures, Requirements, and Solutions," in IEEE Network, vol. 38, no. 2, pp. 141–147, March 2024,
- View Article
- Google Scholar
29. Kumar V., Kumar R., Kumar V., Kumari A., and Kumari S., “Ravcc: robust authentication protocol for RFID based vehicular cloud computing,”J. Netw. Intell, vol. 7, no. 3, pp. 526–543, 2022.
- View Article
- Google Scholar
30. Shao J., Lin X., Lu R., and Zuo C., “A threshold anonymous authentication protocol for VANETs,” IEEE Trans. Veh. Technol., vol. 65, no. 3, pp. 1711–1720, Mar. 2016.
- View Article
- Google Scholar
31. Xue L., ‘‘DSAS: A secure data sharing and authorized searchable framework for e-healthcare system,’’ IEEE Access, vol. 10, pp. 30779–30791, 2022,
- View Article
- Google Scholar
32. Lin G., Wang H., Wan J., Zhang L., and Huang J., ‘‘A blockchain-based fine-grained data sharing scheme for e-healthcare system,’’ J. Syst. Archit., vol. 132, Nov. 2022, Art. no. 102731,
- View Article
- Google Scholar
33. Oh J., Kim M., Park Y. and Park Y., "A Secure Content Trading for Cross-Platform in the Metaverse With Blockchain and Searchable Encryption," in IEEE Access, vol. 11, pp. 120680–120693, 2023,
- View Article
- Google Scholar
34. Cygwin: Linux Environment Emulator for Windows. [Online]. Available: http://www.cygwin.com/.
35. Zeng Xianjiao, Xu Guangquan, Zheng Xi, Xiang Yang, and Zhou Wanlei, “E-AUA: An Efficient Anonymous User Authentication Protocol for Mobile IoT”, IEEE Access, vol. 6, no. 2, pp. 1506–1519, April 2019.
- View Article
- Google Scholar

[ref1] 1. Ajerame M. (2017). Impact of inter-organizational collaboration on logistics information systems adoption case of Moroccan agribusiness companies. 2017 International Colloquium on Logistics and Supply Chain Management (LOGISTIQUA).
View Article
Google Scholar

[2] View Article

[3] Google Scholar

[ref2] 2. Lu T., Zhang B. and Ren K., "PrivData Network: A Privacy-Preserving On-Chain Data Factory and Trading Market," in IEEE Transactions on Dependable and Secure Computing, vol. 21, no. 3, pp. 1424–1436, May-June 2024,
View Article
Google Scholar

[5] View Article

[6] Google Scholar

[ref3] 3. Prabakaran D, and Shyamala , (2022). Multi-Factor Authentication for Secured Financial Transactions in Cloud Environment. Cmc-computers Materials & Continua,
View Article
Google Scholar

[8] View Article

[9] Google Scholar

[ref4] 4. Subramani J., Maria A., Neelakandan R. B., & Rajasekaran A. S. (2021). Efficient anonymous authentication scheme for automatic dependent surveillance‐broadcast system with batch verification. IET Communications, 15(9), 1187–1197.
View Article
Google Scholar

[11] View Article

[12] Google Scholar

[ref5] 5. Arun Sekar R., Maria A., Al-Turjman F., Altrjman C., & Most da, L. “ABRIS: Anonymous blockchain based revocable and Integrity Preservation Scheme for vehicle to Grid Network”. Energy Reports, 8, 9331–9343. 2022 https://doi.org/10.1016/j.egyr.2022.07.064.
View Article
Google Scholar

[14] View Article

[15] Google Scholar

[ref6] 6. Subramani J., Muneeswaran D., Maria A., Arunachalam M., & Neelagandan R. B. (2021). EPPAS: Energy‐efficient privacy‐preserving and physically secure mutual authentication scheme for secure communication in smart grid systems. International Journal of Communication Systems, 34(8).
View Article
Google Scholar

[17] View Article

[18] Google Scholar

[ref7] 7. Iqbal A., Arun Sekar R., Nikhil G. S., & Azees M. “A Secure and Decentralized Blockchain Based EV Energy Trading Model Using Smart Contract in V2G Network”. IEEE Access, 9, 75761–75777, 2021.
View Article
Google Scholar

[20] View Article

[21] Google Scholar

[ref8] 8. Ghiasi H., Brojeny M. F., &Gholamian M. R.(2017). A reputation system for e-marketplaces based on pairwise comparison. Knowledge and Information Systems, 56(3), 613–636.
View Article
Google Scholar

[23] View Article

[24] Google Scholar

[ref9] 9. Azees M, Arun Sekar, R., Fadi Al-Turjman, Chadi Altrjman, and Leonardo Mostarda. "BAIV: An Efficient Blockchain-Based Anonymous Authentication and Integrity Preservation Scheme for Secure Communication in VANETs", Electronics, 11, no. 3: 488, 2022. https://doi.org/10.3390/electronics11030488.
View Article
Google Scholar

[26] View Article

[27] Google Scholar

[ref10] 10. Luo N., Wang Y., Zhang M., Niu T., &Tu J. (2020). Integrating community and e-commerce to build a trusted online second-hand platform: Based on the perspective of social capital. Technological Forecasting and Social Change, 153, 119913.
View Article
Google Scholar

[29] View Article

[30] Google Scholar

[ref11] 11. Ranzini G., Etter M., &Vermeulen I.(2020). My home on the platform: Exploring the physical privacy concerns of home-sharing providers. International Journal of Hospitality Management, 86, 102433.
View Article
Google Scholar

[32] View Article

[33] Google Scholar

[ref12] 12. Subramani J., Maria A., Arun Sekar R. “Efficient anonymous authentication scheme for automatic dependent surveillance‐broadcast system with batch verification”. IET Communications, 15(9), 1187–1197. 2021.
View Article
Google Scholar

[35] View Article

[36] Google Scholar

[ref13] 13. Arasan A., Sadaiyandi R., Al-Turjman F., Rajasekaran A. S., & Karuppuswamy K. S. (2021). Computationally efficient and secure anonymous authentication scheme for cloud users. Personal and Ubiquitous Computing.
View Article
Google Scholar

[38] View Article

[39] Google Scholar

[ref14] 14. Hunecke M., Richter N., & Heppner H. (2021). Autonomy Loss, Privacy Invasion and Data Misuse as Psychological Barriers to Peer-to-Peer Collaborative Car Use.
View Article
Google Scholar

[41] View Article

[42] Google Scholar

[ref15] 15. Priyadharsini A Rajasekaran M. Azees , “An efficient key agreement and anonymous privacy preserving scheme for vehicular ad-hoc networks with handover authentication”, Concurrency and Computation: Experience and Practice. Dec 2023, https://doi.org/10.1002/cpe.7979.
View Article
Google Scholar

[44] View Article

[45] Google Scholar

[ref16] 16. Azad, M. A., Bag, S., &Hao, F. (2018). PrivBox: Verifiable decentralized reputation system for online marketplaces. Future Generation Computer Systems, 89, 44-57. https://doi.org/10.1016/j.future.2018.05.069.

[ref17] 17. Hampiholi B., & Alpar G. (2017). Privacy-Preserving Webshopping with Attributes. 2017 IEEE Symposium on Privacy-Aware Computing (PAC).
View Article
Google Scholar

[48] View Article

[49] Google Scholar

[ref18] 18. Niu C., Zhou M., Zheng Z., Wu F., & Chen G. (2017). ERA: Towards privacy preservation and verifiability for online ad exchanges. Journal of Network and Computer Applications, 98, 1–10.
View Article
Google Scholar

[51] View Article

[52] Google Scholar

[ref19] 19. Helsloot L. J., Tillem G., & Erkin Z. (2017). AHEad: Privacy-preserving online behavioural advertising using homomorphic encryption. 2017 IEEE Workshop on Information Forensics and Security (WIFS).
View Article
Google Scholar

[54] View Article

[55] Google Scholar

[ref20] 20. Ranganthan V. P., Dantu R., Paul A., Mears P., & Morozov K. (2018). A Decentralized Marketplace Application on the Ethereum Blockchain. 2018 IEEE 4th International Conference on Collaboration and Internet Computing (CIC).
View Article
Google Scholar

[57] View Article

[58] Google Scholar

[ref21] 21. Jiang Y., Wang C., Wang Y., & Gao L. (2019). A Privacy-Preserving E-Commerce System Based on the Blockchain Technology. 2019 IEEE International Workshop on Blockchain Oriented Software Engineering (IWBOSE).
View Article
Google Scholar

[60] View Article

[61] Google Scholar

[ref22] 22. Scaria B. A., & Megalingam R. K. (2018). Enhanced E-Commerce Application Security Using Three-Factor Authentication. 2018 Second International Conference on Intelligent Computing and Control Systems (ICICCS).
View Article
Google Scholar

[63] View Article

[64] Google Scholar

[ref23] 23. Kumar G., Saha R., Buchanan W. J., Geetha G., Thomas R., Rai M. K., et al. (2020). Decentralized accessibility of e-commerce products through blockchain technology. Sustainable Cities and Society, 62, 102361.
View Article
Google Scholar

[66] View Article

[67] Google Scholar

[ref24] 24. An D., Yang Q., Li D. and Wu Z., "Distributed Online Incentive Scheme for Energy Trading in Multi-Microgrid Systems," in IEEE Transactions on Automation Science and Engineering, vol. 21, no. 1, pp. 951–964, Jan. 2024,
View Article
Google Scholar

[69] View Article

[70] Google Scholar

[ref25] 25. Liu J., Long Q., R. -P. Liu, W. Liu, X. Cui and Y. Hou, "Privacy-Preserving Peer-to-Peer Energy Trading via Hybrid Secure Computations," in IEEE Transactions on Smart Grid, vol. 15, no. 2, pp. 1951–1964, March 2024,
View Article
Google Scholar

[72] View Article

[73] Google Scholar

[ref26] 26. Ullah M. H. and J. -D. Park, "Peer-to-Peer Energy Trading in Transactive Markets Considering Physical Network Constraints," in IEEE Transactions on Smart Grid, vol. 12, no. 4, pp. 3390–3403, July 2021,
View Article
Google Scholar

[75] View Article

[76] Google Scholar

[ref27] 27. Liu Z. et al., "PPTM: A Privacy-Preserving Trust Management Scheme for Emergency Message Dissemination in Space–Air–Ground-Integrated Vehicular Networks," in IEEE Internet of Things Journal, vol. 9, no. 8, pp. 5943–5956, 15 April15, 2022,
View Article
Google Scholar

[78] View Article

[79] Google Scholar

[ref28] 28. Liu Z. et al., "Establishing Trustworthy and Privacy-Preserving SAGIVNs in 6G: Architectures, Requirements, and Solutions," in IEEE Network, vol. 38, no. 2, pp. 141–147, March 2024,
View Article
Google Scholar

[81] View Article

[82] Google Scholar

[ref29] 29. Kumar V., Kumar R., Kumar V., Kumari A., and Kumari S., “Ravcc: robust authentication protocol for RFID based vehicular cloud computing,”J. Netw. Intell, vol. 7, no. 3, pp. 526–543, 2022.
View Article
Google Scholar

[84] View Article

[85] Google Scholar

[ref30] 30. Shao J., Lin X., Lu R., and Zuo C., “A threshold anonymous authentication protocol for VANETs,” IEEE Trans. Veh. Technol., vol. 65, no. 3, pp. 1711–1720, Mar. 2016.
View Article
Google Scholar

[87] View Article

[88] Google Scholar

[ref31] 31. Xue L., ‘‘DSAS: A secure data sharing and authorized searchable framework for e-healthcare system,’’ IEEE Access, vol. 10, pp. 30779–30791, 2022,
View Article
Google Scholar

[90] View Article

[91] Google Scholar

[ref32] 32. Lin G., Wang H., Wan J., Zhang L., and Huang J., ‘‘A blockchain-based fine-grained data sharing scheme for e-healthcare system,’’ J. Syst. Archit., vol. 132, Nov. 2022, Art. no. 102731,
View Article
Google Scholar

[93] View Article

[94] Google Scholar

[ref33] 33. Oh J., Kim M., Park Y. and Park Y., "A Secure Content Trading for Cross-Platform in the Metaverse With Blockchain and Searchable Encryption," in IEEE Access, vol. 11, pp. 120680–120693, 2023,
View Article
Google Scholar

[96] View Article

[97] Google Scholar

[ref34] 34. Cygwin: Linux Environment Emulator for Windows. [Online]. Available: http://www.cygwin.com/.

[ref35] 35. Zeng Xianjiao, Xu Guangquan, Zheng Xi, Xiang Yang, and Zhou Wanlei, “E-AUA: An Efficient Anonymous User Authentication Protocol for Mobile IoT”, IEEE Access, vol. 6, no. 2, pp. 1506–1519, April 2019.
View Article
Google Scholar

[100] View Article

[101] Google Scholar

Figures

Abstract

1. Introduction

2. Related work

3. System overview

3.1 System model

3.2 Security attack model in OTE

3.3 Bilinear pairing

4. Proposed TPAAS scheme

4.1 System initialization

4.2 User (Ui) authentication

4.3 Mediator (Mi) authentication

5. Security analysis

5.1 Defense against impersonation attack

5.2 Defense against bogus message attack

5.3 Defense against message modification attack

5.4 Conditional privacy preserving

5.5 Defense against the non repudiation attack

5.6. Anonymity and privacy preservation

5.7. Unlinkability

5.8 Defense against man in the middle attack

5.9 Defense against the Sybil attack

6. Formal security analysis

7. Performance analysis

7.1 Computational complexity

7.2 Communication cost

7.3 Mediator serving capability

8. Conclusion

Supporting information

S1 File.

S1 Data.

References

4.2 User (U_i) authentication

4.3 Mediator (M_i) authentication