CN110910139A - Trusted hardware based on block chain and high-performance decentralized anonymous encryption algorithm - Google Patents
Trusted hardware based on block chain and high-performance decentralized anonymous encryption algorithm Download PDFInfo
- Publication number
- CN110910139A CN110910139A CN201911228331.XA CN201911228331A CN110910139A CN 110910139 A CN110910139 A CN 110910139A CN 201911228331 A CN201911228331 A CN 201911228331A CN 110910139 A CN110910139 A CN 110910139A
- Authority
- CN
- China
- Prior art keywords
- block
- value
- parameter
- trc
- algorithm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the field of block chain algorithms, and discloses trusted hardware based on a block chain and a high-performance decentralized anonymous encryption algorithm, wherein an intelligent ore digging chip is arranged in the hardware, and an anonymous encryption algorithm is embedded in the intelligent ore digging chip, so that a user can be used as a U disk; when a reading interface of the USB3.0 is inserted, an encryption algorithm is executed, and equipment confirmation is carried out through a chip; if the confirmation is successful, the hardware becomes a block node in a public network block chain, and election calculation is carried out after the existing block data is synchronously completed; the intelligent ore-digging chips are successfully elected as ore working hours and have the power of packing blocks; the intelligent mining chip and the encryption algorithm adopt a consensus mechanism to ensure the protection of the identities of the incumbent miner and the next miner, so that the miners are anonymous in the whole block chain network. The hardware and the algorithm of the invention can solve the problems of computing power energy consumption, network attack on network computing power unevenness, block-out energy consumption and credible nodes.
Description
Technical Field
The invention relates to the field of block chain algorithms, in particular to a trusted hardware based on a block chain and a high-performance decentralized anonymous encryption algorithm.
Background
In the development of the blockchain in the years, the first time is the large leadership digital currencies such as Bizhou, Ether Fang, Laite, etc., but all of them have many similar technologies and commonalities.
1. The algorithm is mainly based on POW (ProofStake) as a consensus algorithm, the Ethermen adopts POS (ProofStake) and POW (ProofStake) mixed consensus algorithm, and the EOS adopts DPoS (Delegated ProofStake) as a consensus algorithm.
2. Network communication: mainly takes a P2P network as a bottom layer, Ethern develops own network protocol on the basis of the bottom layer, and Kademlia is used for realizing the network protocol.
3. The account category is as follows: the bitcoin and the Laite coin use UTXO as the bottom layer technology support, the Ethermen use an account model, and each user can have a common transaction account and a contract account.
4. And (3) encryption algorithm: all the algorithms are based on elliptic curve algorithms, and the encryption algorithms realized by all the co-chains are different, for example, the ether house uses a Keccak256 hash algorithm and a Secp256k1 elliptic curve algorithm.
The common recognition algorithm using POW in the existing block chain is accompanied with Sybil attack and 51% computational power, the two problems can seriously affect the network security of the block chain, and then the problems of low block generation efficiency, complex account model, data storage and the like are caused. Common mechanisms widely used in the industry at present are PoW (ProofWork) algorithm, (including its extended algorithms PoS algorithm and DPoS algorithm), PBFT (practical ByzantineFaultTolerance) algorithm, Paxos algorithm and Raft algorithm. The drawback of the PoW algorithm is that it requires the participation of the entire network, wasting a lot of computing power and electricity. The disadvantage of the PoS algorithm is that the consensus mechanism is the same as PoW, but slightly improved. The DPoS algorithm selects agents, and the compliance supervision, performance, resources and fault tolerance of the agents are similar to those of PoS. The Paxos algorithm is based on a consensus mechanism of election leaders, does not allow malicious nodes in the election process, and does not have fault tolerance. The PBFT algorithm is similar to the Paxos algorithm, using permission voting, minority-compliant majority, allowing byzantine fault tolerance, 33%. The Raft algorithm is simplified by the Paxos algorithm, based on an alliance chain, the block height of a common node which is not referred to a node is selected, the common node keeps accounts continuously, the fault tolerance is poor, the dynamic joining and exiting of the node cannot be realized, and the chain supports the dynamic joining of the node by a variant Raft algorithm.
Disclosure of Invention
In view of the above, the present invention is directed to overcoming the drawbacks of the prior art, and providing a trusted hardware based on block chains and a high-performance de-centering anonymous encryption algorithm, which uses an intelligent mining chip and corresponding algorithm to avoid unauthorized operations and ensure that all computations, memories, storage and communications are properly monitored and protected.
An algorithm of high-performance decentralized anonymous encryption based on a block chain, wherein the anonymous encryption algorithm comprises an encryption process, a secret key generation process and a signature verification process,
the encryption process comprises the following steps:
(1) the method transmits a parameter private key f, a public key h and core data c;
(2) f * c, generating encrypted data m by using a private key, and solving a derivative value m';
(3) calculating a differential value t ═ c-m;
(4) HASH is carried out to generate an encrypted basic root tseed;
(5) the instantiation micro-integral values m and tseed are assigned as mmask;
(6) defining the parameter m ═ m '+ mmask again, wherein m' is the derivative value of m in the step 5, and then carrying out derivation;
(7) respectively carrying out HASH on m and h to obtain a secondarily encrypted radicle rseed;
(8) instantiating an integral value m, rseed;
(9) calling a zkSNARK function to perform zero knowledge encryption, verifying the differential value obtained before, the derivative value m, the rest and the HASH value tseed, and returning parameters msg and mlen;
(10) if the derivative function p · r * h is satisfied, t, where p is 6 bits before the current timestamp value, r is the calculation root of rseed, h is a public key, and t is the current timestamp value;
(11) the program outputs a HASH value msg after the return data is encrypted and a HASH value mlen of block header information;
the key generation process comprises the following steps:
(1) methods are described for N, p, q, d and bk;
(2) selecting a random seed as d, carrying out HASH calculation, and returning a parameter as f;
(3) if the verified parameter f is unique in result and no HASH collision occurs, the next step is carried out, otherwise, the step 2 is returned until the safe parameter f is calculated;
(4) calling a function method in zkSNARK, judging whether the calculation result is reversible or not according to that the NORMF (f) is more than or equal to B kappa, and returning to the step 2 if the calculation result does not meet the condition;
(5) selecting the random seed as d again, carrying out HASH calculation by using an improved elliptic curve algorithm, and returning the parameter as g;
(6) if the verified parameter g is unique, and no HASH collision occurs, the next step is carried out, otherwise, the step 4 is returned until the safe parameter g is calculated;
(7) calling zkSNARK function, judging whether the calculation result is reversible or not according to the condition that NORMF (f) is more than or equal to B kappa, returning to the step 4 when the condition is not met, and determining that g is a public key at the moment;
(8) calculating h as g/(pf) modq again, and taking the calculation result h as a private key;
(9) the program returns the generated public key g, the generated private key h and the parameter value f;
the signature verification process comprises the following steps:
(1) calling a signature checking method to input a parameter public key h, a signature b and other parameter information mu, p, q and Bt, and calling an expected HASH value, sigma and N returned by a zkSNARK function;
(2) HASH calculation is carried out on the parameter (mu | h), and the calculation result is recorded as (up, vp);
(3) signing the parameter P and attaching a return value U of the last step up;
(4) if the absolute value of the program U is still larger than p2 sigma 2N after being squared, continuing to execute, otherwise, ending the operation, and returning a result of failed signature verification, wherein p2 sigma 2N is the lowest safety value of HASH calculation conflict;
(5) calculating the public key g and a return value U with a parameter q, and defining a return result as V;
(6) if V is not equal to the return value calculated by vp and the parameter P, or the absolute value of V tends to infinity, and always satisfies that the value is greater than q/2-Bt, the signature verification is successful;
(7) the program output returns whether the signature was verified successfully.
Further, in the anonymous encryption algorithm, an encryption and decryption process is based on a lattice-based encryption mechanism and polynomial multiplication is used.
The method comprises the steps that trusted hardware based on a block chain is internally provided with an intelligent ore digging chip, the anonymous encryption algorithm is embedded into the intelligent ore digging chip, and a user can use the hardware as a U disk;
when the hardware is inserted into a reading interface of a USB3.0, an anonymous encryption algorithm is executed, a privacy account address is generated, the address is completely anonymous to users, partial data can be pushed into a supervision chain while the address is generated, the transaction can be supervised, and meanwhile hardware confirmation is carried out through an intelligent mining chip;
if the intelligent ore digging chip is successfully confirmed, the intelligent ore digging chip becomes a block node in a public network block chain, and election calculation is carried out after the existing block data are synchronously completed;
the intelligent ore-digging chip successfully elects the ore-digging working hours and has the power of packing blocks;
the intelligent mining chip and the encryption algorithm adopt a consensus mechanism to ensure the protection of the identities of the incumbent miner and the next miner, so that the miners are anonymous in the whole block chain network.
Further, the block node is a TRC node, and the consensus algorithm process is as follows:
(1) assume that there are N TRC nodes in the chain;
(2) a first round of miner packaging affairs, generating a block and anonymously broadcasting the block;
(3) the other TRC nodes verify the block based on a zero-knowledge proof algorithm and then confirm the block under the condition that the other TRC nodes do not reach which network node the block comes from;
(4) after obtaining 2/3 confirmations from other TRC nodes, miners broadcast a request to generate true random numbers RRN, and the full network node begins to race for next miners;
(5) each TRC node generates a true random number RRN and broadcasts the true random number RRN after receiving a request of the true random number RRN;
(6) within time T, the mineworker receives M (M ≦ N) true random numbers RRN from the M TRC nodes and performs authentication on all received true random numbers RRN. If the true random number RRN from the TRC node fails in the intelligent mining chip verification process, deleting the true random number RRN, broadcasting the corresponding TRC node to the network, and adding the TRC node to a blacklist, wherein the network node in the blacklist only can use the function of a common node;
(7) the miners successfully verify, a seed S1 is obtained as an input in a verified random function RNV, and an output value is recorded as X1;
(8) the miner broadcasts a seed S1, and other TRC nodes calculate the output thereof and record as X2, X3 and X4 … Xm (m is less than or equal to m);
(9) only one output Xi (i is more than or equal to 2 and less than or equal to m) of the TRC node meets a specific condition, then the output Xi is designated as a miner in the next period by an incumbent miner, and in order to guarantee privacy, the identity of the next miner and the incumbent miner cannot be revealed to other people;
(10) the new miners are elected to have the block-out power, and the process of negotiation returns to the step 2.
Further, the elected new miner makes a block, and broadcasts the block to each network node after the block is locally backed up by using a P2P network.
Further, when the nodes of the whole network broadcast two thirds, the block information increment of the block is asynchronously and synchronously transmitted to the supervision chain by using the Go language protocol technology, so that the supervision chain can check the whole transaction of each block, if a suspicious address is transacted, the suspicious address can be frozen, the frozen address cannot be transmitted for transaction, the frozen account address can initiate complaint, and the supervision committee can recover to a normal account address by a party.
Further, a core module on the intelligent mining chip is a true random number generator, the true random number generated by the true random number generator and a hardware coding feature code of a credible platform verify the identity of the true random number, the miner can participate in the election after the authentication is successful, and the failure is only a common block network node.
The invention has the beneficial effects that: the block chain-based trusted hardware and high-performance decentralized anonymous encryption algorithm disclosed by the invention is enabled to become a block node in a public network block chain by setting the hardware TRC embedded with the anonymous encryption algorithm, and election calculation is carried out after the existing block data is synchronously completed, so that the node elected as a miner has a block right, the waste of the whole network computing power resource is avoided, the problems of computing power safety and computing power energy consumption can be better solved, and the block-out efficiency is improved; the method of the anonymous encryption algorithm is improved, a credible platform is developed by combining hardware, a brand-new consensus technology is used, an intelligent chip ensures that extra computing power energy consumption is avoided, the block output rate is improved, meanwhile, two-degree research and development are carried out on the basis of zksnacks, and a novel zero-knowledge proof algorithm technology is used; a privacy account mechanism is additionally added, while an account is generated, a transaction user is completely private, a complete account model can be provided by checking the transaction account information of two parties through a government-level account, and block data verification can be performed only on the government account and other accounts to prevent hidden network transaction.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.
FIG. 1 is a process flow diagram of the present invention;
FIG. 2 is a flow chart of the present invention for encrypting pseudo code;
FIG. 3 is a flowchart of the key generation pseudo-code of the present invention;
FIG. 4 is a flow diagram of signature verification pseudo-code of the present invention;
FIG. 5 is a reference diagram of various blockchain data according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all the embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present application, presented in the accompanying drawings, is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present application without making any creative effort, shall fall within the protection scope of the present application.
The block chain based trusted hardware and the high performance de-centering anonymous encryption algorithm in this embodiment,
an intelligent ore digging chip is arranged in the hardware, an anonymous encryption algorithm is embedded in the intelligent ore digging chip, and a user can use the intelligent ore digging chip as a U disk;
when a reading interface of the USB3.0 is inserted, an anonymous encryption algorithm is executed, a privacy account address is generated, the address is completely anonymous to users, partial data can be pushed to a supervision chain during generation, the transaction can be supervised, and equipment confirmation is carried out through a chip;
if the confirmation is successful, the hardware becomes a block node in a public network block chain, and election calculation is carried out after the existing block data is synchronously completed;
the hardware is the intelligent ore mining chip, successfully elects the ore mining chip as the ore mining working hour and has the power of packing blocks;
the intelligent mining chip and the anonymous encryption algorithm adopt a consensus mechanism to ensure the protection of the identities of an incumbent miner and a next miner, so that the miners are anonymous in the whole block chain network.
By adopting the intelligent mining chip, the node elected as a miner has block right, and the waste of the whole network computing power resource is avoided, so that the problems of computing power energy consumption, network computing power unevenness suffering from network attack, block energy consumption, credible node and user transaction can be supervised, the TPS2000 can be reached by using the latest PORR consensus technology through the local node building test, and the service application of most scenes can be met.
The chain employs a series of protocols and algorithms involving zero-knowledge proof and homomorphic cryptography, providing a basis for privacy protection of the user's account, address, transaction details, and other personal or sensitive information.
The advent of quantum computers has presented challenges to the RSA and ECC (two important asymmetric encryption algorithms) based cryptographic mechanisms that are currently widely used in public block chains. The quantum computer can solve the problem of prime number decomposition (RSA base) and the problem of discrete logarithm (ECC base) in a short time by using the Shor algorithm. Thus, the ability of quantum computers to perform parallel computing may lead to the breakdown of other encryption mechanisms that are currently widely used in the public blockchain industry. These potential threats are no longer theoretical but become realistic after a few years.
The chain adopts a lattice-based cryptographic mechanism to solve the possible challenges of quantum computers, and is used as a long-term safety solution for public block chains. Based on current research, lattice cryptography is considered the most reliable algorithm against quantum computers because it lacks a fast solution to the Shortest Vector Problem (SVP) or the most recent vector problem (CVP).
To enhance defense against threats from cyber attacks, trojans, viruses, or malicious users, the chain utilizes a trusted platform module chip (blue-valley core) and corresponding software to avoid unauthorized operations and ensure that all computing, memory, storage, and communications are properly monitored and protected. In summary, all transactions and contracts in the chain are more reliable and secure. The algorithm model is safely upgraded on the basis of ensuring the hardware safety, two-degree research and development are carried out on the basis of zkSNARK, a novel zero-knowledge proof technology is customized, and the problem of the classic scenes of Alice and Bob in cryptography is solved, wherein the following examples are as follows
A acts as a verifier and picks up a wallet that B acts as a prover and wants to prove to a. To comply with zero knowledge proofs, the following proof requirements are satisfied:
a cannot let B see the wallet at this time, let him see what is in the wallet.
B must provide enough accurate and error-free information to prove that the wallet is self.
B may now provide:
color, size, brand, etc. of the wallet.
What is there in the wallet? Such as how much money? What credentials? What is the credential information?
And A carries out verification after B answers, and if B is all right, B is confirmed to be the wallet owner. The means of this information verification is zero knowledge proof. B proves that the wallet is self without providing it directly to a, nor can it be provided, since the wallet is in the verifier a. The entity's wallet represents information that is useful to the person. The method is characterized in that the CPU is consumed for proving who belongs to the algorithm, and meanwhile, the performance of the algorithm is proved by optimizing part of core zero knowledge in zkSNARK, so that instructions are reordered during CPU calculation, the simplest and optimal calculation logic can be achieved as far as possible in a large-amount calculation scene, and the 1KTPS can be achieved through preliminary tests.
The encryption process, the key generation process and the signature verification process which are researched and developed for two degrees based on zkSNARK are as follows:
referring to fig. 2, in the present embodiment, an encryption flow in the anonymous encryption algorithm of the present invention is disclosed:
(1) the method transmits a parameter private key f, a public key h and core data c;
(2) f * c, generating encrypted data m by using a private key, and solving a derivative value m';
(3) calculating a differential value t ═ c-m;
(4) HASH is carried out to generate an encrypted basic root tseed;
(5) the instantiated micro integral values m and tseed are assigned as mmask;
(6) defining the parameter m ═ m '+ mmask again, wherein m' is the derivative value of m in the step 5, and then carrying out derivation;
(7) respectively carrying out HASH on m and h to obtain a secondarily encrypted radicle rseed;
(8) instantiating an integral value m, rseed;
(9) calling a zkSNARK function to perform zero knowledge encryption, verifying the differential value obtained before, the derivative value m, the rest and the HASH value tseed, and returning parameters msg and mlen;
(10) if the derivative function p · r * h is satisfied, t, where p is 6 bits before the current timestamp value, r is the calculation root of rseed, h is a public key, and t is the current timestamp value;
(11) the program outputs a HASH value msg after the return data is encrypted, and a HASH value mlen of the block header information.
Referring to fig. 3, in the embodiment, a key generation process of the anonymous encryption algorithm of the present invention is disclosed:
(1) methods are described for N, p, q, d and bk;
(2) selecting a random seed as d, carrying out HASH calculation, and returning a parameter as f;
(3) if the verified parameter f is unique in result and no HASH collision occurs, the next step is carried out, otherwise, the step 2 is returned until the safe parameter f is calculated;
(4) calling a function method in zkSNARK, judging whether the calculation result is reversible or not according to that the NORMF (f) is more than or equal to B kappa, and returning to the step 2 if the calculation result does not meet the condition;
(5) selecting the random seed as d again, carrying out HASH calculation by using an improved elliptic curve algorithm, and returning the parameter as g;
(6) if the verified parameter g is unique, and no HASH collision occurs, the next step is carried out, otherwise, the step 4 is returned until the safe parameter g is calculated;
(7) calling zkSNARK function, judging whether the calculation result is reversible or not according to the condition that NORMF (f) is more than or equal to B kappa, returning to the step 4 when the condition is not met, and determining that g is a public key at the moment;
(8) calculating h as g/(pf) modq again, and taking the calculation result h as a private key;
(9) the program returns the generated public key g, private key h, and parameter value f.
Referring to fig. 4, in the present embodiment, a signature verification process of the anonymous encryption algorithm of the present invention is disclosed:
(1) calling a signature checking method to input a parameter public key h, a signature b and other parameter information mu, p, q and Bt, and calling an expected HASH value, sigma and N returned by a zkSNARK function;
(2) HASH calculation is carried out on the parameter (mu | h), and the calculation result is recorded as (up, vp);
(3) signing the parameter P and attaching a return value U of the last step up;
(4) if the absolute value of the program U is still larger than p2 sigma 2N after being squared, continuing to execute, otherwise, ending the operation, and returning a result of failed signature verification, wherein p2 sigma 2N is the lowest safety value of HASH calculation conflict;
(5) calculating the public key g and a return value U with a parameter q, and defining a return result as V;
(6) if V is not equal to the return value calculated by vp and the parameter P, or the absolute value of V tends to infinity, and always satisfies that the value is greater than q/2-Bt, the signature verification is successful;
(7) the program output returns whether the signature was verified successfully.
Consensus mechanism innovation in combination with hardware:
the hardware with the built-in intelligent mining chip is TRC (Truerandomchip), a trusted platform is developed based on the hardware, and a common recognition mechanism of the hardware is called true randomness proof (PORR-Reallyr and omprofo) so as to realize dispersion, performance and safety at the same time.
Wherein the hardware and the trusted platform are algorithmically agreed to:
(1) the true random numbers generated by the TRC nodes ensure fairness, security, irreversibility, and unpredictability.
(2) The trusted platform can reliably remotely verify the identity of the TRC (a form based on hardware encoding) when a user inserts into the hardware device of the TRC node and prevent attempts to tamper with the hardware.
(3) The identities of the incumbent and next miners are well protected and are anonymous throughout the blockchain network.
In this example, the definition is as follows:
(1) TRC (hardware device implemented by PORR consensus algorithm) name of special consensus hardware
(2) TRC node-a node running on this blockchain network, a network node with built-in (TRC) hardware devices (the aforementioned user inserts a hardware device of USB 3.0) may participate in mining by initiating transactions, synchronizing blocks, performing authentication calculations and elections, or being elected as a service.
(3) And (3) common nodes: is a node that operates without a TRC; the method can be started by compiling a source code to locally deploy, but has a plurality of limitations in functions, and currently, the method supports a synchronous block and executes simplified verification and cannot initiate transaction type operation to a block chain network.
(4) And the miners, namely the nodes running on the TRC, are responsible for packing the transaction, generating the block, verifying the identity of the previous miners and designating the miners in the next packing block.
(5) RRN (RealgamdNumbers true random number) is generated by a core module RRNG (Realgamdunmbergeneration true random number generator) in the TRC.
(6) And (3) verifying the TRC identity, namely, when a user uses the hardware equipment to prepare to intervene a block chain network, the user inserts an intelligent chip into a USB3.0 interface, the TRC identity is verified through a special hardware coding feature code of the intelligent mining chip, the identity authentication can start to participate in the election of miners after the identity authentication is successful, and the failure is only a common block network node.
In this embodiment, the consensus process of the consensus mechanism is as follows:
during the formal start of the chain, a created block profile is specified and created blocks are generated, and then the next miners are specified for the tenure. The following agreement will be reached, and the consensus algorithm flow is as follows:
(1) assume that there are N TRC nodes in the chain;
(2) a first round of miner packaging affairs, generating a block and anonymously broadcasting the block;
(3) other TRC nodes verify the block based on a zero knowledge proof algorithm and then validate the block without going directly to the network node from which the block came;
(4) after obtaining 2/3 confirmations from other TRC nodes, miners broadcast a request to generate true random numbers RRN, and the full node begins to race for the next round of miners;
(5) each TRC node generates a true random number RRN and broadcasts the true random number RRN after receiving a request of the true random number RRN;
(6) within time T, the mineworker receives M (M ≦ N) true random numbers RRN from the M TRC nodes and performs authentication on all received true random numbers RRN. If the true random number RRN from the TRC node fails in the intelligent mining chip verification process, deleting the true random number RRN, broadcasting the corresponding TRC node to the network, and adding the TRC node to a blacklist, wherein the nodes in the blacklist only can use the functions of common nodes;
(7) the miners successfully verify, a seed S1 is obtained as an input in a verified random function RNV, and an output value is recorded as X1;
(8) the miner broadcasts a seed S1, and other TRC nodes calculate the output thereof and record as X2, X3 and X4 … Xm (m is less than or equal to m);
(9) only one output Xi (i is more than or equal to 2 and less than or equal to m) of the TRC node meets a specific condition, then the output Xi is designated as a miner in the next period by an incumbent miner, and in order to guarantee privacy, the identity of the next miner and the incumbent miner cannot be revealed to other people;
(10) the new miners are elected to have the block-out power, and the process of negotiation returns to the step 2.
Referring to fig. 1, the currently elected miners make blocks and broadcast the blocks to various network nodes using a P2P network after making local backups.
When two thirds of the information is broadcasted by the nodes of the whole network, the block information increment of the block is asynchronously and synchronously transmitted to the supervision chain by using the Go language protocol technology, so that the supervision chain can check the whole transaction of each block, if a suspicious address is transacted, the suspicious address can be frozen, the frozen address cannot be transmitted for transaction, the frozen account address can initiate complaint, and the supervision committee can recover to a normal account address by the way.
The invention uses the latest PORR consensus technology, can reach more than TPS2000 through the local node building test, and can meet the business application of most scenes.
Finally, the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made to the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention, and all of them should be covered in the claims of the present invention.
Claims (7)
1. The algorithm for high-performance decentralized anonymous encryption based on the block chain is characterized in that: the anonymous encryption algorithm comprises an encryption flow, a secret key generation flow and a signature verification flow,
the encryption process comprises the following steps:
(1) the method transmits a parameter private key f, a public key h and core data c;
(2) f * c, generating encrypted data m by using a private key, and solving a derivative value m';
(3) calculating a differential value t ═ c-m;
(4) HASH is carried out to generate an encrypted basic root tseed;
(5) the instantiation micro-integral values m and tseed are assigned as mmask;
(6) defining the parameter m ═ m '+ mmask again, wherein m' is the derivative value of m in the step 5, and then carrying out derivation;
(7) respectively carrying out HASH on m and h to obtain a secondarily encrypted radicle rseed;
(8) instantiating an integral value m, rseed;
(9) calling a zkSNARK function to perform zero knowledge encryption, verifying the differential value obtained before, the derivative value m, rseed and the HASH value tseed, and returning the parameters msg and mlen;
(10) if the derivative function p · r * h is satisfied, t, where p is 6 bits before the current timestamp value, r is the calculation root of rseed, h is a public key, and t is the current timestamp value;
(11) the program outputs a HASH value msg after the return data is encrypted and a HASH value mlen of block header information;
the key generation process comprises the following steps:
(1) methods are described for N, p, q, d and bk;
(2) selecting a random seed as d, carrying out HASH calculation, and returning a parameter as f;
(3) if the verified parameter f is unique in result and no HASH collision occurs, the next step is carried out, otherwise, the step 2 is returned until the safe parameter f is calculated;
(4) calling a function method in zkSNARK, judging whether the calculation result is reversible or not according to that the NORMF (f) is more than or equal to B kappa, and returning to the step 2 if the calculation result does not meet the condition;
(5) selecting the random seed as d again, carrying out HASH calculation by using an improved elliptic curve algorithm, and returning the parameter as g;
(6) if the verified parameter g is unique, and no HASH collision occurs, the next step is carried out, otherwise, the step 4 is returned until the safe parameter g is calculated;
(7) calling zkSNARK function, judging whether the calculation result is reversible or not according to the condition that NORMF (f) is more than or equal to B kappa, returning to the step 4 when the condition is not met, and determining that g is a public key at the moment;
(8) calculating h as g/(pf) mod q again, and taking the calculation result h as a private key;
(9) the program returns the generated public key g, the generated private key h and the parameter value f;
the signature verification process comprises the following steps:
(1) calling a signature checking method to input a parameter public key h, a signature b and other parameter information mu, p, q and Bt, and calling an expected HASH value, sigma and N returned by a zkSNARK function;
(2) HASH calculation is carried out on the parameter (mu | h), and the calculation result is recorded as (up, vp);
(3) signing the parameter p and attaching a return value U of the last step up;
(4) if the absolute value of the program U is still larger than p2 sigma 2N after being squared, continuing to execute, otherwise, ending the operation, and returning a result of failed signature verification, wherein p2 sigma 2N is the lowest safety value of HASH calculation conflict;
(5) calculating the public key g and a return value U with a parameter q, and defining a return result as V;
(6) if V is not equal to the return value calculated by vp and the parameter P, or the absolute value of V tends to infinity, and always satisfies that the value is greater than q/2-Bt, the signature verification is successful;
(7) the program output returns whether the signature was verified successfully.
2. The algorithm for blockchain-based high performance decentralized anonymous encryption according to claim 1, characterized in that: the encryption and decryption processes in the anonymous encryption algorithm are based on a lattice-based cryptographic mechanism and use polynomial multiplication.
3. Trusted hardware based on blockchains, characterized by:
an intelligent ore digging chip is arranged in the hardware, the anonymous encryption algorithm is embedded in the intelligent ore digging chip, and a user can use the hardware as a U disk;
when the hardware is inserted into a reading interface of a USB3.0, an anonymous encryption algorithm is executed, a privacy account address is generated, the address is completely anonymous to users, partial data can be pushed into a supervision chain while the address is generated, the transaction can be supervised, and meanwhile hardware confirmation is carried out through an intelligent mining chip;
if the intelligent core digging chip is successfully confirmed, the intelligent core digging chip becomes a block node in a public network block chain, and miners perform election calculation after the existing block data are synchronously completed;
the intelligent ore-digging chip successfully elects the ore-digging working hours and has the power of packing blocks;
the intelligent mining chip and the encryption algorithm adopt a consensus mechanism to ensure the protection of the identities of the incumbent miner and the next miner, so that the miners are anonymous in the whole block chain network.
4. The blockchain-based trusted hardware according to claim 3, wherein:
the block node is a TRC node, and the consensus mechanism algorithm flow is as follows:
(1) assume that there are N TRC nodes in the chain;
(2) a first round of miner packaging affairs, generating a block and anonymously broadcasting the block;
(3) the other TRC nodes verify the block based on a zero-knowledge proof algorithm under the condition of not knowing which network node the block comes from, and then confirm the block;
(4) after obtaining 2/3 confirmations from other TRC nodes, miners broadcast a request to generate true random numbers RRN, and the full network node begins to race for next miners;
(5) each TRC node generates a true random number RRN and broadcasts the true random number RRN after receiving a request of the true random number RRN;
(6) within time T, the mineworker receives M (M ≦ N) true random numbers RRN from the M TRC nodes and performs authentication on all received true random numbers RRN. If the true random number RRN from the TRC node fails in the intelligent mining chip verification process, deleting the true random number RRN, broadcasting the corresponding TRC node to the network, and adding the TRC node to a blacklist, wherein the nodes in the blacklist only can use the functions of common nodes;
(7) the miners are successfully verified, a seed S1 from a random function RNV passing the verification is used as an input, and the output value is marked as X1;
(8) the miner broadcasts a seed S1, and other TRC nodes calculate the output thereof and record as X2, X3 and X4 … Xm (m is less than or equal to m);
(9) only one output Xi (i is more than or equal to 2 and less than or equal to m) of the TRC node meets a specific condition, then the output Xi is designated as a miner in the next period by an incumbent miner, and in order to guarantee privacy, the identity of the next miner and the incumbent miner cannot be revealed to other people;
(10) the new miners are elected to have the block-out power, and the process of negotiation returns to the step 2.
5. The blockchain-based trusted hardware according to claim 4, wherein: the elected new miner makes a block and broadcasts the block to each network node using the P2P network after making a local backup.
6. The blockchain-based trusted hardware according to claim 5, wherein: when two thirds of the information is broadcasted by the nodes of the whole network, the block information increment of the block is asynchronously and synchronously transmitted to the supervision chain by using the Go language protocol technology, so that the supervision chain can check the whole transaction of each block, if a suspicious address is transacted, the suspicious address can be frozen, the frozen address cannot be transmitted for transaction, the frozen account address can initiate complaint, and the supervision committee can recover to a normal account address by the way.
7. The blockchain-based trusted hardware according to claim 3, wherein: the core module on the intelligent core digging chip is a true random number generator, the true random number generated by the true random number generator and the hardware coding feature code of the credible platform verify the identity of the true random number, the authentication can start to participate in the election of miners after success, and the failure is only a common block network node.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911228331.XA CN110910139B (en) | 2019-12-04 | 2019-12-04 | Trusted hardware and high-performance decentralized anonymous encryption method based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911228331.XA CN110910139B (en) | 2019-12-04 | 2019-12-04 | Trusted hardware and high-performance decentralized anonymous encryption method based on block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110910139A true CN110910139A (en) | 2020-03-24 |
| CN110910139B CN110910139B (en) | 2022-06-28 |
Family
ID=69822168
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911228331.XA Active CN110910139B (en) | 2019-12-04 | 2019-12-04 | Trusted hardware and high-performance decentralized anonymous encryption method based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110910139B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111586068A (en) * | 2020-05-14 | 2020-08-25 | 上海简苏网络科技有限公司 | Method and system for solving DPOS consensus node rights and interests potential safety hazard |
| CN111858768A (en) * | 2020-07-27 | 2020-10-30 | 苏州区盟链数字科技有限公司 | Device for optimizing block chain trusted node and consensus algorithm |
| CN112988414A (en) * | 2021-02-07 | 2021-06-18 | 杭州复杂美科技有限公司 | Block chain transaction batch broadcasting method, computer equipment and storage medium |
| CN114362963A (en) * | 2022-01-07 | 2022-04-15 | 南京市中西医结合医院 | Principal node election algorithm of alliance chain under disease control scene based on calculation power certification |
| CN117879787A (en) * | 2024-03-12 | 2024-04-12 | 贵州大学 | Safe transmission method and system for mine data based on block chain |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107251481A (en) * | 2014-11-14 | 2017-10-13 | 英特尔公司 | Credible platform module certification and proof are carried out using Anonymity Key system |
| CN107545414A (en) * | 2017-07-17 | 2018-01-05 | 招商银行股份有限公司 | Anonymous deal method, apparatus and computer-readable recording medium |
| US20180076957A1 (en) * | 2016-09-13 | 2018-03-15 | Hiroshi Watanabe | Network without Abuse of a Private Key |
| CN110062923A (en) * | 2016-10-17 | 2019-07-26 | Arm有限公司 | Mine is dug using the block chain of trusted node |
-
2019
- 2019-12-04 CN CN201911228331.XA patent/CN110910139B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107251481A (en) * | 2014-11-14 | 2017-10-13 | 英特尔公司 | Credible platform module certification and proof are carried out using Anonymity Key system |
| US20180076957A1 (en) * | 2016-09-13 | 2018-03-15 | Hiroshi Watanabe | Network without Abuse of a Private Key |
| CN110062923A (en) * | 2016-10-17 | 2019-07-26 | Arm有限公司 | Mine is dug using the block chain of trusted node |
| CN107545414A (en) * | 2017-07-17 | 2018-01-05 | 招商银行股份有限公司 | Anonymous deal method, apparatus and computer-readable recording medium |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111586068A (en) * | 2020-05-14 | 2020-08-25 | 上海简苏网络科技有限公司 | Method and system for solving DPOS consensus node rights and interests potential safety hazard |
| CN111586068B (en) * | 2020-05-14 | 2021-05-04 | 上海简苏网络科技有限公司 | Method and system for solving DPOS consensus node rights and interests potential safety hazard |
| CN111858768A (en) * | 2020-07-27 | 2020-10-30 | 苏州区盟链数字科技有限公司 | Device for optimizing block chain trusted node and consensus algorithm |
| CN111858768B (en) * | 2020-07-27 | 2023-06-16 | 苏州区盟链数字科技有限公司 | Device for optimizing block chain trusted node and consensus algorithm |
| CN112988414A (en) * | 2021-02-07 | 2021-06-18 | 杭州复杂美科技有限公司 | Block chain transaction batch broadcasting method, computer equipment and storage medium |
| CN114362963A (en) * | 2022-01-07 | 2022-04-15 | 南京市中西医结合医院 | Principal node election algorithm of alliance chain under disease control scene based on calculation power certification |
| CN117879787A (en) * | 2024-03-12 | 2024-04-12 | 贵州大学 | Safe transmission method and system for mine data based on block chain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110910139B (en) | 2022-06-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110910139B (en) | Trusted hardware and high-performance decentralized anonymous encryption method based on block chain | |
| Bera et al. | Designing blockchain-based access control protocol in IoT-enabled smart-grid system | |
| JP7289298B2 (en) | Computer-implemented system and method for authorizing blockchain transactions using low-entropy passwords | |
| CN109325331B (en) | Big data acquisition transaction system based on block chain and trusted computing platform | |
| US11641283B2 (en) | Computer implemented method and system for transferring access to a digital asset | |
| US11438144B2 (en) | Computer-implemented systems and methods for performing computational tasks across a group operating in a trust-less or dealer-free manner | |
| EP3985916A1 (en) | Secure dynamic threshold signature scheme employing trusted hardware | |
| CN106357701B (en) | The integrity verification method of data in cloud storage | |
| CN103259650B (en) | A kind of rationality many secret sharings method to honest participant's justice | |
| US9571274B2 (en) | Key agreement protocol | |
| CN113301022B (en) | Internet of things equipment identity security authentication method based on block chain and fog calculation | |
| CN104270249A (en) | Signcryption method from certificateless environment to identity environment | |
| CN109861828A (en) | A kind of node access and node authentication method based on edge calculations | |
| CN104301108A (en) | Signcryption method based from identity environment to certificateless environment | |
| Ayub et al. | Secure consumer-centric demand response management in resilient smart grid as industry 5.0 application with blockchain-based authentication | |
| Qi et al. | Blockchain-Based Light-Weighted Provable Data Possession for Low Performance Devices. | |
| Li et al. | A noninteractive multireplica provable data possession scheme based on smart contract | |
| Alam | A novel authentication scheme for group based communication for IoT oriented infrastructure in smart cities | |
| Xiang et al. | Scalable attestation protocol resilient to physical attacks for IoT environments | |
| CN110443616B (en) | Byzantine fault-tolerant consensus method based on random threshold signature mechanism | |
| CN113362065A (en) | Online signature transaction implementation method based on distributed private key | |
| Benrebbouh et al. | Enhancing Security and Authentication in IoT-based Energy Internet using Post-Quantum Blockchain | |
| CN111971677A (en) | Tamper-resistant data encoding for mobile devices | |
| CN113055392B (en) | Block chain-based unified identity authentication method | |
| CN115664714B (en) | Anonymous selection committee method, system and medium based on TEE (terminal equipment) on blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |