A practical solution to clone problem in anonymous information system

Cloning users identity is always a thorny problem for an information system, especially for an anonymous system. With the development of big data applications, clone behaviors sometimes even become attacks on these systems. But until now, there has been no very satisfactory anti-clone scheme in the anonymous system. After analyzing the problems in existing anti-clone schemes, without any assumptions about physical security, we provide a practical solution to the clone problem in anonymous authentication system. In our scheme, the authentication is not only related to user's private key, but also related to user's current state, which is constantly updated by the system. Therefore, the authentication trajectories of user and clone will inevitably overlap, and it results in information leakage so as to indentify clone behaviors and revoke clone user's credential. Meanwhile, we prove that honest users are truly anonymous and their login behaviors are unlinkable with complete security proofs. According to the analysis of the system function and the system efficiency, our scheme is much more efficient and has the best anti-clone properties comparing with the existing schemes. (C) 2019 Elsevier Inc. All rights reserved.