CN110113173B - Method for generating multi-input and verifiable pseudo random number - Google Patents

Method for generating multi-input and verifiable pseudo random number Download PDF

Info

Publication number
CN110113173B
CN110113173B CN201910421115.0A CN201910421115A CN110113173B CN 110113173 B CN110113173 B CN 110113173B CN 201910421115 A CN201910421115 A CN 201910421115A CN 110113173 B CN110113173 B CN 110113173B
Authority
CN
China
Prior art keywords
verifier
private key
verifiers
information
sub
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910421115.0A
Other languages
Chinese (zh)
Other versions
CN110113173A (en
Inventor
罗谊
姚远
陈琼
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Chain Lang Information Technology Co ltd
Original Assignee
Shanghai Chain Lang Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Chain Lang Information Technology Co ltd filed Critical Shanghai Chain Lang Information Technology Co ltd
Priority to CN201910421115.0A priority Critical patent/CN110113173B/en
Publication of CN110113173A publication Critical patent/CN110113173A/en
Application granted granted Critical
Publication of CN110113173B publication Critical patent/CN110113173B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/582Pseudo-random number generators
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The invention relates to a method for generating a multi-input and verifiable pseudo-random number, which comprises the following steps: the verifier selects a random number as a main private key; generating and distributing a sub-private key based on a threshold scheme and a main private key; signing any message by using a verifier sub-private key to obtain first signature information and broadcasting; respectively signing the message information by using a self-verifier master private key to form seed information and broadcasting the seed information; receiving first signature information and seed information broadcast by other verifiers and verifying the first signature information and the seed information; when the verification result is false or the seed information cannot be obtained, other verifiers collect the first signature information distributed by the dishonest verifier, and recover the seed information of the dishonest verifier based on a threshold scheme; seed information of all verifiers is collected and a signature is synthesized as a pseudo-random number of the current round. The invention helps the verifier to publish the signature when the verifier is judged to be dishonest, thereby avoiding the verifiability of the random number from being damaged and avoiding the last block-out person from doing bad work.

Description

Method for generating multi-input and verifiable pseudo random number
Technical Field
The invention relates to the technical field of block chains, in particular to a method for generating a multi-input and verifiable pseudo-random number.
Background
A blockchain is a globally shared transactional database, meaning that everyone participating in the network can read the records therein. If one wants to modify the contents of this database, one needs to create a transaction and get confirmation of all other people. The word transaction means that the modification to be made can only be fully implemented or not at all.
The random number is generated by a centralized server, but the centralized server cannot prove that the centralized server really uses a pseudo-random number method, but selects a favorable random number for an individual. After the block chain appears, there are many other methods to make the random number verifiable, and one of the existing methods is: the method has the defect that the nodes can choose not to disclose the secret of the current round, so that the influence on the random number is beneficial to individuals, and the industry is also called the last ' block-out people's repugnance '.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, provides a multi-input and verifiable pseudo-random number generation method, and solves the problem that the nodes do not distribute the current round of secrets to influence the random number in the conventional random number generation method, namely the' last block output is prohibited.
The technical scheme for realizing the purpose is as follows:
the invention provides a method for generating a multi-input and verifiable pseudo-random number, which comprises the following steps:
setting a plurality of verifiers, wherein each verifier selects a random number as a main private key of the verifier;
each verifier generates a verifier sub-private key based on a threshold scheme and the verifier main private key of the verifier and distributes the verifier sub-private key to other verifiers;
each verifier signs an arbitrary message by using the sub-private keys of other verifiers so as to obtain first signature information and broadcasts the first signature information;
each verifier signs message information by using a master private key of the verifier, and the obtained signature information is used as seed information and is broadcasted;
each verifier receives and verifies the first signature information and the seed information broadcast by other verifiers;
when the verification result is false or the seed information cannot be obtained, the fact that the verifier corresponding to the seed information is dishonest is indicated, other verifiers collect first signature information corresponding to the verifier sub-private key distributed by the dishonest verifier, and the seed information of the dishonest verifier is recovered based on a threshold scheme; and
seed information of all verifiers is collected and a signature is synthesized as a pseudo-random number of the current round.
According to the pseudo-random number generation method provided by the invention, when the verifier is judged to be dishonest, the first signature information corresponding to the verifier sub-private key distributed by the verifier and the threshold scheme are utilized to recover the seed information, namely, the verifier publishes the signature, so that the verifiability of the random number is prevented from being damaged. The invention solves the problem that the nodes in the existing method do not publish the current round of secrets to influence the random number, and avoids the harm of the last person who goes out of the block.
The multi-input and verifiable pseudo random number generation method is further improved in that after each verifier generates the verifier sub-private key and distributes the verifier sub-private key to other verifiers, the method also comprises the following steps of:
after receiving the sub-private key of the verifier, other verifiers calculate a corresponding sub-public key of the verifier and publish the sub-public key of the verifier, the arbitrary message and the first signature information;
and the verifier issuing the verifier sub private key judges the integrity of other verifiers by using the verifier sub public key, the optional message and the first signature information, and cancels the qualification of the verifier if the verifier is judged to be not integrity.
The multi-input and verifiable pseudo random number generation method of the invention is further improved in that the method also comprises the step of judging whether the verifier issuing the verifier sub-private key is honest:
each verifier calculates a corresponding verifier master public key according to a verifier master private key of each verifier, signs any message by using the verifier master private key to form second signature information, and publishes the verifier master public key, any message and the second signature information;
and recovering the signature information of the verifier corresponding to the sub private key of the verifier by using a plurality of copies of the first signature information based on a threshold scheme, judging whether the recovered signature information is consistent with the second signature information, if so, judging that the result is honest, and if not, judging that the result is dishonest and canceling the qualification of the verifier.
The multi-input and verifiable pseudo random number generation method of the present invention is further improved by comprising:
and when each verifier receives the verifier main public key, the optional message and the second signature information, verifying authenticity, recording the verifier main public key if the verification result is true, and judging that the verifier is not honest if the verification result is false.
The generation method of the multi-input and verifiable pseudo random number is further improved in that a verifier who issues a son private key of the verifier proves whether the verifier is honesty or not, and if the verifier does not prove the honesty of the verifier within a set time, the verifier is proved to be dishonest and the qualification of the verifier is cancelled.
The generation method of the multi-input and verifiable pseudo random number is further improved in that the method also comprises the following steps of verifying the pseudo random number in the current round:
synthesizing the verifier master public keys of all verifiers providing the seed information to obtain a system global public key;
and checking whether the message information, the seed information and the system global public key are matched, if so, outputting to be valid, and if not, outputting to be invalid.
The multi-input and verifiable pseudo random number generation method of the present invention is further improved by comprising:
and generating message information of the next round based on the hash algorithm and the pseudo-random number of the current round.
The multi-input and verifiable pseudo random number generation method of the invention is further improved in that before the seed information of all verifiers is subjected to composite signature, the method further comprises the following steps:
and verifying whether the seed information is true, if true, continuing, and if false, restoring the seed information again based on a threshold scheme.
The invention further improves the method for generating a multi-input and verifiable pseudo random number, which also comprises the step of adding a new verifier:
providing a new verifier, wherein the new verifier selects a random number as a verifier main private key, calculates a corresponding verifier main public key according to the verifier main private key, signs an arbitrary message by using the verifier main private key to form new signature information, and publishes the verifier main public key, the arbitrary message and the new signature information;
and other verifiers receive the verifier main public key, the optional message and the new signature information, perform authenticity verification, record the verifier main public key and add the verifier main public key into the system global public key if the verification result is true, and judge that the verifier is not honest and does not add the new verifier if the verification result is false.
The multi-input and verifiable pseudo random number generation method of the present invention is further improved by comprising:
after the verification result of the new verifier is true, generating a verifier sub-private key based on a threshold scheme and the verifier main private key of the new verifier and distributing the verifier sub-private key to other verifiers;
the new verifier also receives the private keys of the verifiers distributed by other verifiers;
each verifier determines whether the other verifiers are honest based on distributing the verifier's child private key.
Drawings
FIG. 1 is a flow chart of a method of generating a multiple-input and verifiable pseudorandom number in accordance with the present invention.
FIG. 2 is a schematic diagram of the structure of a verifier distributing a verifier sub-private key to other verifiers in a multi-input verifiable pseudo-random number generator of the present invention.
Detailed Description
The invention is further described with reference to the following figures and specific examples.
Referring to fig. 1, the invention provides a method for generating a multi-input and verifiable pseudo random number, wherein a plurality of verifiers provide seed information (namely signature information), the seed information is utilized to synthesize the pseudo random number of the current round, each verifier shares the information with other verifiers through a threshold sharing scheme, if a certain verifier refuses to provide the seed information, the verifier is judged to be dishonest, and other verifiers recover the seed information of the dishonest verifier by using a threshold recovery scheme, so that the last person who goes out of a block is prevented from doing badness. The method for generating a multi-input and verifiable pseudo random number according to the present invention will be described with reference to the drawings.
Referring to FIG. 1, a flow chart of a method of generating a multiple-input and verifiable pseudorandom number of the present invention is shown. The method for generating a multi-input verifiable pseudo random number according to the present invention will be described with reference to fig. 1.
As shown in FIG. 1, the method for generating a multiple-input and verifiable pseudorandom number of the present invention comprises the steps of:
step S11 is executed, a plurality of verifiers are set, and each verifier selects a random number as a main private key of the verifier; then, step S12 is executed;
step S12 is executed, each verifier generates verifier sub-private keys based on the threshold scheme and the verifier main private key and distributes the verifier sub-private keys to other verifiers; then, step S13 is executed;
step S13 is executed, each verifier signs an arbitrary message by using the verifier sub private key to obtain first signature information and broadcasts the first signature information; then, step S14 is executed;
step S14 is executed, each verifier uses the own verifier master private key to sign a message information respectively, and then the obtained signature information is used as seed information and broadcast; then, step S15 is executed;
step S15 is executed, each verifier receives the first signature information and the seed information broadcast by other verifiers and verifies the first signature information and the seed information; then, step S16 is executed;
step S16 is executed, when the verification result is false or the seed information can not be obtained, the verification person corresponding to the seed information is shown to be dishonest, other verification persons collect first signature information corresponding to the verification person sub private key distributed by the dishonest verification person, and the seed information of the dishonest verification person is recovered based on a threshold scheme; then, step S17 is executed;
step S17 is performed to collect seed information of all verifiers and synthesize signatures as the pseudo random number of the current round.
The setting of the plurality of verifiers in step S11 includes: the system is initially set, parameters (t, n) and n nodes provide random number seeds, namely n nodes serve as verifiers, and any node which is larger than t and is larger than n/2 is honest, so that the verifiability of the random number is guaranteed. The n nodes are determined to have random number seed providing authority through election means or other means, and disqualified if the verifier is determined to be dishonest. The n nodes are n verifiers.
Then each verifier WiSelecting a random number
Figure GDA0003305235130000051
As the principal private key of the verifier, WiIs the ith verifier, SiIs the primary private key of the ith verifier,
Figure GDA0003305235130000052
is a set of positive integers of order p.
The method for generating pseudo random numbers of the present invention further comprises verifying authenticity of each verifier: each verifier calculates a corresponding verifier master public key according to the verifier master private key of each verifier, signs any message by using the verifier master private key to form second signature information, and publishes the verifier master public key, any message and the second signature information; and when each verifier receives the verifier main public key, any message and the second signature information, verifying authenticity, recording the verifier main public key if the verification result is true, and judging that the verifier is not honest if the verification result is false. Specifically, each verifier WiAccording to the master private key SiCalculating the master public key Pi,PiIs the master public key of the ith verifier,
Figure GDA0003305235130000053
calculating signature Sig of main private key to any message miAnd publish Pi,m,Sigi. m being an arbitrary message, SigiIs the second signature information. Each verifier publishes Pi,m,SigiAnd then all other verifiers can receive the data. Each verifier verifying the P published by the other verifiersi,m,SigiWhen it passes verification Pi,m,SigiAnd judging whether the data is realized by a DH tuple, if so, judging that the result is honesty, and if not, judging that the result is not honesty. The qualification of the verifier is cancelled upon determining that the verifier is dishonest.
The first signature information generated in step S13 is used to determine whether each verifier is honest, and the specific steps include: after receiving the sub-private key of the verifier, other verifiers calculate the corresponding sub-public key of the verifier, sign an arbitrary message by using the sub-private key of the verifier to obtain first signature information, and publish the sub-public key of the verifier, the arbitrary message and the first signature information; the verifier who issues the sub private key of the verifier carries out honesty judgment on other verifiers by using the sub public key of the verifier, any message and the first signature information, and if the verifier is judged to be dishonest, the qualification of the verifier is cancelled. Specifically, each verifier WiRandomly selecting according to threshold parameter (t, n)
Figure GDA0003305235130000061
As a binomial
Figure GDA0003305235130000062
And setting the coefficients of
Figure GDA0003305235130000063
Selecting n random numbers
Figure GDA0003305235130000064
Respectively calculate
Figure GDA0003305235130000065
And form a pair
Figure GDA0003305235130000066
Figure GDA0003305235130000067
The sub-private keys shared to the jth verifier for the ith verifier will form a pair
Figure GDA0003305235130000068
And respectively sending the data to other verifiers by using a safe channel. As shown in fig. 2, to verify the person W0To illustrate by way of example, verifier W0To the verifier W1Transmitting random numbers
Figure GDA0003305235130000069
And verifying the private key of the person
Figure GDA00033052351300000610
Verifier W0To the verifier W2Transmitting random numbers
Figure GDA00033052351300000611
And verifying the private key of the person
Figure GDA00033052351300000612
Verifier W0To the verifier WjTransmitting random numbers
Figure GDA00033052351300000613
And verifying the private key of the person
Figure GDA00033052351300000614
Other verifiers receiving the distribution
Figure GDA00033052351300000615
Then storing, calculating corresponding verifying person sub public key
Figure GDA00033052351300000616
Computing
Figure GDA00033052351300000617
Signature on arbitrary message m
Figure GDA00033052351300000618
And publish
Figure GDA00033052351300000619
Figure GDA00033052351300000620
Is composed of
Figure GDA00033052351300000621
The corresponding public key. Issue a publicationThe verifier of the private key of the verifier knows each
Figure GDA00033052351300000622
It can inspect
Figure GDA00033052351300000623
And
Figure GDA00033052351300000624
whether the verification is corresponding to the verification result is judged to judge whether other verifiers are honesty or not, and if a certain verifier is dishonest, dishonest verification is initiated:
Figure GDA00033052351300000625
Withe dishonest criterion was: does not comprise
Figure GDA00033052351300000626
Time Sig is SigiOr comprise
Figure GDA00033052351300000627
Time sig! Sigh ═ Sigi. Therein
Figure GDA00033052351300000628
Representing a verifier WiAfter distributing the sub-private key, other verifiers use the signature of the sub-private key
Figure GDA00033052351300000629
And corresponding child private key ID
Figure GDA00033052351300000630
The expanded expression of (a) is:
Figure GDA00033052351300000631
before each verifier provides seed information, the integrity of each verifier is judged, and the qualification of the verifier is cancelled when the verifier is judged to be not honest, namely, the verifier does not need to provide seed information subsequently.
The method for generating pseudo random number of the present invention further comprises judging the issuing verifierVerifying integrity of a private key by a person: and recovering the signature information of the verifier correspondingly issuing the sub-private key of the verifier through a plurality of pieces of first signature information based on a threshold scheme, judging whether the recovered signature information is consistent with the second signature information, if so, judging that the result is honest, and if not, judging that the result is dishonest and canceling the qualification of the verifier. Preferably, the verifier who issues the sub private key of the verifier proves whether the verifier is honest or not, and if the verifier does not prove the honest of the verifier within a set time, the verifier is proved to be dishonest and the qualification of the verifier is cancelled. Specifically, the verifier who issued the verifier's child private key proves himself honest by the following method,
Figure GDA00033052351300000632
where j is {0,1,2 …, t }, and Sig is determined to be Sig ═ Sigi(ii) a Let k go from 1 to n-t-1, cycle verify
Figure GDA00033052351300000633
Where j is {0,1,2 …, t-1, t + k }, and Sig is determined to be Sig ═ Sigi(ii) a If the above determinations are all true, it proves itself to be honest.
The steps are preparation work of the system, and dishonest verifiers are excluded before the random numbers are generated, so that preparation is made for the subsequent generation of the random numbers.
Step S14 is a process for generating random number seeds for verifiers, specifically, for each verifier WiUsing its own verifier master private key SiFor message information M, respectivelyr-1Signing to obtain signature (Sig)i)rBroadcast as seed information, (Sig)i)rIs the seed information.
The step S15 and the step S16 are also used to verify the seed information to determine whether the verifier is honest, but it is not important to determine that the verifier is dishonest, and since the verifier already provides the seed information for generating the random number, the step S16 recovers the seed information provided by the dishonest verifier to prevent the random number verifiability from being damaged. In particular, each verifier WiReceiving seed information(Sigi)rThereafter, the signature is verified
Figure GDA0003305235130000071
If the result is true, the verifier is proved to be honest, and the operation can be continued, and if the result is false, the verifier is proved to be dishonest, and a dishonest processing program is entered for the verifier. Each verifier WiRespectively collecting first signature information corresponding to the sub-private keys of the verifiers distributed to other verifiers and recovering the signatures based on the collected first signatures corresponding to the sub-private keys of the verifiers to obtain seed information, (Sig)i)r=Recover(|Sigi|). The recovered signature is used as seed information broadcast by the dishonest verifier.
The method for generating a pseudo random number according to the present invention, before performing a composite signature on seed information of all verifiers, further includes: and verifying whether the seed information is true, if true, continuing, and if false, restoring the seed information again based on a threshold scheme. Specifically, the result of the recovery is verified again, and the signature bool is verified as verify ((Sig)i)r,Mr-1,Pi) And if true, continue.
Step S16 collects all seed information (Sig)i)rAnd a composite signature Sig. Sign | (Sig)i)rL, where l (Sig)i)rL is all verifiers WiCorresponding SiFor message information Mr-1Signature of (1 { (Sig)1)r,(Sig2)r…(Sign)rThe set of (c).
Further, still include: and generating message information of the next round based on the hash algorithm and the pseudo-random number of the current round. Message information M of next roundrHash (sig). And performing a next round of generation of pseudo random numbers, which can be achieved by performing steps S14 through S17, wherein the message information for forming the seed information is Mr
The pseudo random number generation method of the present invention further includes: entering the verifier master public key of all verifiers providing seed informationAnd synthesizing to obtain a system global public key, checking whether the message information, the pseudo-random number and the system global public key are matched, if so, outputting to be valid, and if not, outputting to be invalid. The verifier master public key is a system global public key P synthesized by the block chain. This step enables any individual to check the signature Sig, message information Mr-1And the public key P, and also determines the verifiability of the random number. After the integrity of the verifier is proved by the blockchain, the main public keys of the verifiers, namely the verifiers providing the seed information, of the qualified verifiers are collected together, and the collected main public keys of the verifiers are combined into a global public key P of the system by the blockchain, wherein the P is P1+P2+…+PiAnd recorded on the blockchain.
The method of generating pseudo random numbers of the present invention further comprises the step of adding a new verifier:
providing a new verifier, wherein the new verifier selects a random number as a verifier main private key, calculates a corresponding verifier main public key according to the verifier main private key, signs an arbitrary message by using the verifier main private key to form new signature information, and publishes the verifier main public key, the arbitrary message and the new signature information;
and other verifiers receive the main public key of the verifier, any message and new signature information, carry out authenticity verification, record the main public key of the verifier if the verification result is true, and judge that the verifier is not honest without adding the new verifier if the verification result is false.
Further, still include:
after the verification result of the new verifier is true, generating a verifier sub-private key based on a threshold scheme and the verifier main private key of the new verifier and distributing the verifier sub-private key to other verifiers;
the new verifier also receives the private keys of the verifiers distributed by other verifiers;
each verifier determines whether the other verifiers are honest based on distributing the verifier's child private key.
I.e., the newly added verifier performs the steps before the step of generating a random number S14 to verify the honesty thereof.
The unpredictability of the signature determines that it has sufficient randomness as a seed of the pseudo-random number, but in order to introduce other explicit randomness, other random seeds can be introduced at n-round intervals, and the signature mixture is used as a seed.
While the present invention has been described in detail and with reference to the embodiments thereof as illustrated in the accompanying drawings, it will be apparent to one skilled in the art that various changes and modifications can be made therein. Therefore, certain details of the embodiments are not to be interpreted as limiting, and the scope of the invention is to be determined by the appended claims.

Claims (10)

1. A method of generating a multiple-input and verifiable pseudorandom number comprising the steps of:
setting a plurality of verifiers, wherein each verifier selects a random number as a main private key of the verifier; each verifier generates a verifier sub-private key based on a threshold scheme and the verifier main private key of the verifier and distributes the verifier sub-private key to other verifiers;
each verifier signs an arbitrary message by using a sub-private key distributed by other verifiers so as to obtain first signature information and broadcasts the first signature information;
each verifier signs message information by using a master private key of the verifier, and the obtained signature information is used as seed information and is broadcasted;
each verifier receives and verifies the first signature information and the seed information broadcast by other verifiers;
when the verification result is false or the seed information cannot be obtained, the fact that the verifier corresponding to the seed information is dishonest is indicated, other verifiers collect first signature information corresponding to the verifier sub-private keys distributed by the dishonest verifier, and the seed information of the dishonest verifier is recovered based on a threshold scheme; and
seed information of all verifiers is collected and a signature is synthesized as a pseudo-random number of the current round.
2. The method of claim 1, wherein each verifier generating a verifier sub-private key for distribution to other verifiers, further comprising the step of determining whether the other verifiers are honest:
after receiving the sub-private key of the verifier, other verifiers calculate a corresponding sub-public key of the verifier and publish the sub-public key of the verifier, the arbitrary message and the first signature information;
and the verifier issuing the verifier sub private key judges the integrity of other verifiers by using the verifier sub public key, the optional message and the first signature information, and cancels the qualification of the verifier if the verifier is judged to be not integrity.
3. The method of generating a multi-input and verifiable pseudorandom number as in claim 2 further comprising the step of determining whether the verifier issuing the verifier child private key is honest:
each verifier calculates a corresponding verifier master public key according to a verifier master private key of each verifier, signs any message by using the verifier master private key to form second signature information, and publishes the verifier master public key, any message and the second signature information;
and recovering the signature information of the verifier corresponding to the sub private key of the verifier by using a plurality of copies of the first signature information based on a threshold scheme, judging whether the recovered signature information is consistent with the second signature information, if so, judging that the result is honest, and if not, judging that the result is dishonest and canceling the qualification of the verifier.
4. A method of generating a multiple-input and verifiable pseudorandom number as recited in claim 3, further comprising:
and when each verifier receives the verifier main public key, the optional message and the second signature information, verifying authenticity, recording the verifier main public key if the verification result is true, and judging that the verifier is not honest if the verification result is false.
5. The method of claim 3, wherein the verifier issuing the verifier sub-private key verifies integrity of the verifier, and if the verifier fails to verify integrity within a set time, the verifier is dishonest and disqualified.
6. The method of generating a multiple-input and verifiable pseudorandom number as in claim 1 further comprising verifying the current round of pseudorandom numbers by:
synthesizing the verifier master public keys of all verifiers providing the seed information to obtain a system global public key;
and checking whether the message information, the pseudo random number and the system global public key are matched, if so, outputting to be valid, and if not, outputting to be invalid.
7. The method of generating a multiple-input and verifiable pseudorandom number as set forth in claim 1 further comprising:
and generating message information of the next round based on the hash algorithm and the pseudo-random number of the current round.
8. The method of generating a multiple-input and verifiable pseudorandom number as in claim 1 further comprising, prior to compositely signing seed information for all verifiers:
and verifying whether the seed information is true, if true, continuing, and if false, restoring the seed information again based on a threshold scheme.
9. The method of generating a multiple-input and verifiable pseudorandom number as in claim 1 further comprising the step of adding a new verifier:
providing a new verifier, wherein the new verifier selects a random number as a verifier main private key, calculates a corresponding verifier main public key according to the verifier main private key, signs an arbitrary message by using the verifier main private key to form new signature information, and publishes the verifier main public key, the arbitrary message and the new signature information;
and other verifiers receive the verifier main public key, the optional message and the new signature information to verify the authenticity, record the verifier main public key if the verification result is true, and judge that the verifier is not honest without adding the new verifier if the verification result is false.
10. The method of generating a multiple-input and verifiable pseudorandom number as in claim 9, further comprising:
after the verification result of the new verifier is true, generating a verifier sub-private key based on a threshold scheme and the verifier main private key of the new verifier and distributing the verifier sub-private key to other verifiers;
the new verifier also receives the private keys of the verifiers distributed by other verifiers;
each verifier determines whether the other verifiers are honest based on distributing the verifier's child private key.
CN201910421115.0A 2019-05-20 2019-05-20 Method for generating multi-input and verifiable pseudo random number Active CN110113173B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910421115.0A CN110113173B (en) 2019-05-20 2019-05-20 Method for generating multi-input and verifiable pseudo random number

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910421115.0A CN110113173B (en) 2019-05-20 2019-05-20 Method for generating multi-input and verifiable pseudo random number

Publications (2)

Publication Number Publication Date
CN110113173A CN110113173A (en) 2019-08-09
CN110113173B true CN110113173B (en) 2022-01-21

Family

ID=67491232

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910421115.0A Active CN110113173B (en) 2019-05-20 2019-05-20 Method for generating multi-input and verifiable pseudo random number

Country Status (1)

Country Link
CN (1) CN110113173B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110825349B (en) * 2019-11-14 2023-03-28 深圳市迅雷网络技术有限公司 Random number generation method, block chain node, system and medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106059747A (en) * 2016-08-09 2016-10-26 成都蓝海贝信息技术有限公司 Reusable public key certificate scheme based on public key infrastructure
CN109617679A (en) * 2018-11-29 2019-04-12 哈希未来(北京)科技有限公司 Generate, obtain and provide method, system and the storage medium of random number
CN109660361A (en) * 2019-02-27 2019-04-19 武汉大学 A kind of method that joint generates SM9 digital signature in many ways under symmetrical environment

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7693286B2 (en) * 2004-07-14 2010-04-06 Intel Corporation Method of delivering direct proof private keys in signed groups to devices using a distribution CD
GB0910897D0 (en) * 2009-06-24 2009-08-05 Vierfire Software Ltd Authentication method and system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106059747A (en) * 2016-08-09 2016-10-26 成都蓝海贝信息技术有限公司 Reusable public key certificate scheme based on public key infrastructure
CN109617679A (en) * 2018-11-29 2019-04-12 哈希未来(北京)科技有限公司 Generate, obtain and provide method, system and the storage medium of random number
CN109660361A (en) * 2019-02-27 2019-04-19 武汉大学 A kind of method that joint generates SM9 digital signature in many ways under symmetrical environment

Also Published As

Publication number Publication date
CN110113173A (en) 2019-08-09

Similar Documents

Publication Publication Date Title
CN110351133A (en) Method and device for the host node hand-off process in block catenary system
CN111314067B (en) Block storage method and device, computer equipment and storage medium
CN110289966A (en) Anti-adaptive attack alliance's chain common recognition method based on Byzantine failure tolerance
US20200252211A1 (en) Method for generating secure randomness on blockchain
CN111416708B (en) Block chain Byzantine fault-tolerant consensus method and system
JP4390805B2 (en) Event sequence verification method
CN112540926A (en) Resource allocation fairness federal learning method based on block chain
KR102208411B1 (en) System for auditing data transaction and event in blockchain network and method thereof
CN110011998B (en) Identity-based multi-backup remote data holding verification method
CN109246084A (en) New block generation method, device, electronic equipment and storage medium
CN111694895B (en) Block chain remote data auditing method and system
CN112749968B (en) Service data recording method and device based on block chain
CN109831509A (en) A kind of common recognition algorithm going out block at random for realizing equal weight
CN110113173B (en) Method for generating multi-input and verifiable pseudo random number
CN113032827A (en) Thesis peer review method based on block chain technology
Gennaro Achieving independence efficiently and securely
CN111787034B (en) Block generation method, synchronization method, device, blockchain system and storage medium
US20220278854A1 (en) Unity Protocol Consensus
CN112418433A (en) Model training method, device and equipment
CN116527684A (en) Multi-chain information interaction method based on 1+1+N relay consensus committee
CN109167665B (en) Robot competition rule management system
CN114362958B (en) Intelligent home data security storage auditing method and system based on blockchain
CN113079020B (en) Multi-chain forensics method of alliance chain based on threshold signature decision system
CN115189871A (en) Byzantine fault-tolerant consensus algorithm based on verifiable random function and threshold signature
CN116934239A (en) Flow control data processing method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant