Efficient and Adaptive Procurement Protocol with Purchasing Privacy

Peng Jiang*, Fuchun Guo*, Willy Susilo, Man Ho Au, Xinyi Huang, Joseph K. Liu

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

Abstract

A procurement protocol is a protocol for a buyer to purchase digital goods at their prices from a vendor. A procurement protocol with privacy preservation can be achieved by priced oblivious transfer (POT). POT allows the buyer to obliviously procure items one by one. An adaptive POT protocol only consumes $O(1)$O(1) communication cost in each transaction, where all items are committed and encrypted before transactions. However, we found that the state-of-the-art adaptive POT protocol proposed by Rial et al. is less practical and does not meet real-world needs. It has to restrict to the one-buyer setting where all items are encrypted associated with one buyer's public key. For multiple buyers, the vendor must respectively encrypt all the same items for each buyer. Besides, it has to employ computationally expensive primitives such as zero-knowledge proof which imply inefficient computation operations. It is therefore unscalable and unsuitable in large-scale applications. In this paper, we propose an efficient adaptive priced oblivious transfer protocol to address the aforementioned problems. The proposed adaptive POT is built on top of a new cryptographic primitive, namely, adaptive set membership encryption (ASME). In our proposed protocol, all items are encrypted without the use of buyers' public keys and hence they can be used for universal buyers. Our protocol significantly reduces the transaction cost compared to existing schemes. For example, the communication in each transaction costs only 6 group elements compared to at least 141 group elements in Rial et al.'s protocol. The implementation shows that our protocol is efficient in terms of bandwidth and computational cost.

Original languageEnglish
Article number8325521
Pages (from-to)683-694
Number of pages12
JournalIEEE Transactions on Services Computing
Volume14
Issue number3
DOIs
Publication statusPublished - 1 May 2021
Externally publishedYes

Keywords

  • Purchasing privacy
  • access control
  • priced oblivious transfer

Fingerprint

Dive into the research topics of 'Efficient and Adaptive Procurement Protocol with Purchasing Privacy'. Together they form a unique fingerprint.

Cite this