CN111553758B - Method and computer-readable storage medium for verifying data submitted by an auctioneer in an untrusted network environment - Google Patents

Method and computer-readable storage medium for verifying data submitted by an auctioneer in an untrusted network environment Download PDF

Info

Publication number
CN111553758B
CN111553758B CN202010155225.XA CN202010155225A CN111553758B CN 111553758 B CN111553758 B CN 111553758B CN 202010155225 A CN202010155225 A CN 202010155225A CN 111553758 B CN111553758 B CN 111553758B
Authority
CN
China
Prior art keywords
auction
server
random number
challenge
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010155225.XA
Other languages
Chinese (zh)
Other versions
CN111553758A (en
Inventor
杜晓楠
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202010155225.XA priority Critical patent/CN111553758B/en
Publication of CN111553758A publication Critical patent/CN111553758A/en
Application granted granted Critical
Publication of CN111553758B publication Critical patent/CN111553758B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/0601Electronic shopping [e-shopping]
    • G06Q30/0611Request for offers or quotes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/06Buying, selling or leasing transactions
    • G06Q30/08Auctions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes

Abstract

The invention relates to a method for verifying data submitted by an auctioneer in an untrusted network environment, which comprises the following steps: s1, the auction participants perform auction participant signature based on a first random number generated by a server, and the server performs pairwise grouping on the auction participants based on the auction participant signature; s2, the participants in each group challenge each other and generate verification information; and S3, the server selects winners from each group based on the verification information and the challenge result, takes the selected winners as the auction participants of the next round of auction, and returns to the step S1 until the number of the selected winners meets the preset number. The invention also relates to a computer-readable storage medium. The method is used for leading the two parties of the communication which is not trustable to submit the confused numbers before the numbers generated by the other parties are unknown, and then proving to prove that the numbers are generated by the submission, thereby ensuring the fairness and the credibility of the auction process.

Description

Method and computer-readable storage medium for verifying data submitted by an auctioneer in an untrusted network environment
Technical Field
The present invention relates to the field of network cryptography, and more particularly, to a method and computer-readable storage medium for verifying data submitted by an auctioneer in an untrusted network environment.
Background
In the case of scarce resources, many scarce resources cannot be allocated according to the price given by an individual, for example: license plate numbers of a large city with crowded traffic, academic ranks with a large population but scarce educational resources, and the like. There are also many precious resource auctions where the highest prices that can be offered by the bidding parties are consistent and unwilling to offer more prices, and where a winner must be available, a publicly trusted random allocation of resources is required.
The random allocation with credible resource disclosure needs to do the following points: 1. the stochastic algorithm must be deployed publicly; 2. even if the random value generated by the auction player is known by other auction players in advance through a network eavesdropping mode and the like, a real random value cannot be obtained; 3. the random values generated by the bidders must be certified as being generated by the auction.
Since the auction process is usually performed in the internet, the network environment is not trusted. Therefore, in the process of auction, an auction player needs to confuse the generated random numbers and then submit the confused numbers, which leads to the problem of incapability of verification, namely, the auction player cannot prove which number is generated by the auction, so that the fairness of the auction cannot be guaranteed and the credibility of the auction is affected.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a method and a computer-readable storage medium for verifying data submitted by an auction player in an untrusted network environment, which are used to allow untrusted two communicating parties to submit an obfuscated number before the number generated by the other party is unknown, and then provide a proof for proving that the number is generated for this submission, thereby ensuring the fairness and credibility of the auction process.
The technical scheme adopted by the invention for solving the technical problems is as follows: a method of validating data submitted by an auction participant in an untrusted network environment is constructed, comprising:
s1, the auction participants perform auction participant signature based on a first random number generated by a server, and the server performs pairwise grouping on the auction participants based on the auction participant signature;
s2, the participants in each group challenge each other and generate verification information;
and S3, the server selects winners from each group based on the verification information and the challenge result, takes the selected winners as the bidders of the next round of auction and returns to the step S1 until the number of the selected winners meets the preset number.
In the method for verifying data submitted by an auctioneer in an untrusted network environment according to the present invention, the step S1 further includes:
s11, the server generates a first random number and generates a first server signature based on the first random number, and then the first random number and the first server signature are sent to all the auction participants together;
s12, the bidder signs the first server signature in a verification mode to obtain the first random number, generates a first bidder signature based on the first random number, and then returns the first bidder signature to the server;
s13, the server sorts the signatures of the first bidders based on ASC to group the bidders in pairs;
s14, the server generates a public key sequence from the public keys of the auction participants according to the grouping sequence, generates a second random number and generates a second server signature based on the second random number;
and S15, the server sends the public key sequence, the second random number and the second server signature to the auction participants.
In the method for verifying data submitted by an auctioneer in an untrusted network environment according to the present invention, the step S2 further includes:
s21, a first auction player in each group of auction players generates a first auction signature based on the second random number and selects a random range based on a set rule, then generates a first auction player random number in the random range, generates first challenge information based on the first auction player random number and a first auction player private key, generates a first challenge signature based on the first challenge information, and sends the first challenge information and the first challenge signature to the server;
s22, generating a second auction signature by a second auction user in each group of auction users based on the second random number, selecting a random range based on a set rule, generating a second auction user random number in the random range, generating second challenge information based on the second auction user random number and a second auction user private key, generating a second challenge signature based on the second challenge information, and sending the second challenge information and the second challenge signature to the server;
s23, the server requires the first auction player and the second auction player to respectively submit verification information after the time is set;
and S24, the first auction player and the second auction player generate first verification information and second verification information based on a set rule and send the first verification information and the second verification information to the server.
In the method for verifying data submitted by an auction player in an untrusted network environment, in step S21, pederson Commit is used to generate first challenge information based on the first auction player random number and the first auction player private key, and to generate the random range of the second random number based on Borromean signature or bucket Proof.
In the method for verifying data submitted by an auction user in an untrusted network environment, in step S22, a Pederson Commit is used to generate second challenge information based on the second auction user random number and a second auction user private key, and a random range of the second random number is generated based on a Borromean signature or a bull Proof.
In the method for verifying data submitted by an auction user in an untrusted network environment, step S24 further includes:
s241, the first auction player adopts a bull Proof to generate a first range certificate based on the first challenge information, signs the first range certificate and the second random number to generate first verification information and sends the first verification information to the server;
and S242, the second bidder generates a second range certificate based on the second challenge information by using a bull Proof, signs the second range certificate and the second random number to generate second verification information, and sends the second verification information to the server.
In the method for verifying data submitted by an auctioneer in an untrusted network environment according to the present invention, the step S3 further comprises;
s31, judging whether the first auction player and the second auction player are successfully verified or not according to the verification information, if so, executing the step S32, and otherwise, eliminating the auction players which are not successfully verified;
s32, selecting a winner of the auction based on the first challenge information and the second challenge information according to an auction rule;
and S33, the server receives the winners in each group and judges whether the number of the winners meets the preset number, if so, the auction is judged to be finished, otherwise, all the winners are used as the auctioneers of the next round of auction and the step S1 is returned until the number of the winners meets the preset number.
In the method for verifying data submitted by an auction player in an untrusted network environment, in step S32, a winner of the auction is selected according to the range of the first challenge information and the second challenge information.
Another technical solution to solve the technical problem of the present invention is to construct a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the method for verifying data submitted by an auctioneer in an untrusted network environment.
The implementation of the method and the computer-readable storage medium for verifying the submitted data of the auction participants in the untrusted network environment of the present invention is used for the untrusted two communication parties to submit the confused numbers before they do not know the numbers generated by the other parties, and then to provide the proof for proving that the numbers are generated for the submission, thereby ensuring the fairness and the credibility of the auction process.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
FIG. 1 is a schematic flow chart diagram of a first preferred embodiment of a method of the present invention for verifying data submitted by an auctioneer in an untrusted network environment;
FIG. 2 is a schematic diagram of auction rules for a method of verifying data submitted by an auction owner in an untrusted network environment according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The invention relates to a method for verifying data submitted by an auctioneer in an untrusted network environment, which comprises the following steps: s1, the auction participants perform auction participant signature based on a first random number generated by a server, and the server performs pairwise grouping on the auction participants based on the auction participant signature; s2, the participants in each group challenge each other and generate verification information; and S3, the server selects winners from each group based on the verification information and the challenge result, takes the selected winners as the auction participants of the next round of auction, and returns to the step S1 until the number of the selected winners meets the preset number. The invention ensures the fairness and the credibility of the auction process by submitting the confused numbers before the two untrusted communication parties do not know the numbers generated by the other parties and then providing the proof for proving that the numbers are generated by the submission.
FIG. 1 is a schematic flow chart diagram of a first preferred embodiment of the method for verifying data submitted by an auctioneer in an untrusted network environment. As shown in fig. 1, in step S1, the bidders perform bidder signatures based on a first random number generated by a server, and the server groups the bidders two by two based on the bidder signatures. Those skilled in the art will appreciate that the participants and servers can be any networked devices in the internet, preferably processors, computer terminals, etc. In a preferred embodiment of the present invention, the step S1 further comprises: s11, the server generates a first random number and generates a first server signature based on the first random number, and then the first random number and the first server signature are sent to all the auction participants together; s12, the auction bidder signs the first server signature to obtain the first random number, generates a first auction bidder signature based on the first random number, and then returns the first auction bidder signature to the server; s13, the server sorts the signatures of the first bidders based on ASC to group the bidders in pairs; s14, the server generates a public key sequence from the public keys of the auction participants according to the grouping sequence, generates a second random number and generates a second server signature based on the second random number; and S15, the server sends the public key sequence, the second random number and the second server signature to the auction participants.
Preferred embodiments of the present invention are further described below. Preferably, in step S11, there are a plurality (e.g. n, where n is an even number, if n is an uneven number, the server may generate the auction participants by itself to ensure the auction participantsThe number of persons is even) participants participate in the auction, and the public key is recorded as [ P ] 1 ,P 2 ,...,P n ]For fair auction, the server first generates a 32-bit first random number by VRF function and records it as R 0 Signing the first random number R 0 Generating a first server signature S r0 And issuing the first random number and a first server signature [ R ] 0 ,S r0 ]To all the participants. In said step S12, said first random number and a first server signature [ R ] 0 ,S r0 ]Thereafter, the first server is signed S r0 Checking the signature, and then checking the first random number R through a VRF function 0 After the verification is passed, each competitor respectively uses the first random number R 0 Signing, respectively generating first auction party signatures, wherein each first auction party submits an ECDSA signature to a server, namely the server receives the first auction party signature [ S ] 1 ,S 2 ,...S n ]. Then, in step S13, the server signs the first auctioneer [ S ] 1 ,S 2 ,...S n ]ASC sorting according to the order from high to low S 1 ,S 2 ,...S n ]Sorting groups pairwise so we can get n/2 packets after the end of a packet: [ (S) 1 ,S 2 ),(S 3 ,S 4 ),...(S n-1 ,S n )]Then, in step S14, the server generates a public key sequence [ (P) by grouping the public keys of the participants in the order of their grouping (where the order of ECDSA signatures may be chosen) 1 ,P 2 ),(P 3 ,P 4 ),...(P n-1 ,P n )]Then the server regenerates the second random number R 1 And based on said second random number R 1 Generating a second server signature S r1 . Next, in step S15, the server transmits the public key sequence [ (P) 1 ,P 2 ),(P 3 ,P 4 ),...(P n-1 ,P n )]The second random number and the second server signature [ R ] 1 ,S r1 ]And sending the data to the auction participants.
Returning now to fig. 1, in step S2, the participants in each group challenge each other and generate verification information. In a preferred embodiment of the present invention, the step S2 further comprises: s21, a first auction player in each group of auction players generates a first auction signature based on the second random number and selects a random range based on a set rule, then generates a first auction player random number in the random range, generates first challenge information based on the first auction player random number and a first auction player private key, generates a first challenge signature based on the first challenge information, and sends the first challenge information and the first challenge signature to the server; s22, second participants in each group of participants generate second auction signatures based on the second random numbers and select random ranges based on set rules, then second participant random numbers in the random ranges are generated, second challenge information is generated based on the second participant random numbers and second participant private keys, second challenge signatures are generated based on the second challenge information, and the second challenge information and the second challenge signatures are sent to the server; s23, the server requires the first auction player and the second auction player to respectively submit verification information after the time is set; and S24, the first auction player and the second auction player generate first verification information and second verification information based on a set rule and send the first verification information and the second verification information to the server.
FIG. 2 is a schematic diagram of auction rules for a method of verifying data submitted by an auction owner in an untrusted network environment according to the present invention. A preferred embodiment of step S2 is described below with reference to fig. 2. First, noun data referred to in the present preferred embodiment is explained.
The challenge information (Commit) refers to a result generated by an auction user and generated by confusing random numbers in a random range, which can be proved to be in a random range, but if the auction user generating the challenge information does not give the proof, the random range in which the challenge information is located cannot be known.
Random Range (Range) refers to a Range of random numbers, which in a preferred embodiment of the present invention may includeThree random number ranges, respectively [0, 2% 3 -1],[2 3 ,2 4 -1],[2 4 ,2 5 -1]The three ranges are respectively denoted as L 1 ,L 2 ,L 3 Of course, in other preferred embodiments of the present invention, other numbers of random number ranges may be selected, and the specific value of each random number range may also be determined according to practical situations, such as the number of the participants and the selectable number of the winners. The selection can be performed by a person skilled in the art according to actual needs by using known algorithms.
The authentication information (Range Proof) indicates that a random number is certified in a random Range to certify that the number is within a certain random Range, for example: l is a radical of an alcohol 3 [2 4 ,2 5 -1]It can be generated by algorithms such as Borromean signatures, bull Proofs, etc.
Auction rules referring to the embodiment shown in FIG. 2, in the present invention, the auction rules are determined according to the random range of the random numbers generated by the participants, and for two participants [ P 1 ,P 2 ]Suppose that:
auction player P 1 The random range generated is in L 1 Person P in auction 2 The random range generated is in L 2 The winner is the player P 1
Auction player P 1 The random range generated is in L 1 Person P in auction 2 The random range generated is in L 3 The winner is the player P 2
Auction player P 1 The generated random range is L 2 Person P of auction 2 The random range generated is in L 3 The winner is the player P 1
When the auction player [ P ] 1 ,P 2 ]The verification information given by one party can not prove the challenge information generated by the other party in L 1 |L 2 |L 3 If so, the opponent wins;
when the auction player [ P ] 1 ,P 2 ]And if one party cannot submit the challenge information in the auction process, the other party is considered to win.
The server can start a timer T 1 And waiting for the bidder to submit the generated challenge information. Then, after the first auction player in each group of auction players knows the own auction opponent, the second random number is started at R 1 A challenge is initiated to the adversary. Suppose the two competing parties are the first bidder P 1 And a second bidder P 2 . Then, in step S21, the first bidder P 1 Firstly, the second random number R is compared 1 Signature generation first auction signature generation S P1 R 1 Then selecting random ranges, three of which are L respectively 1 |L 2 |L 3 . Then generating a 64 bit first auction random number within the random range
Figure BDA0002402792900000081
And then use the Pederson Commit to base on the private key and the first auction random number
Figure BDA0002402792900000082
Generating a first challenge information note
Figure BDA0002402792900000083
While signing the first challenge information
Figure BDA0002402792900000084
Generating a first challenge signature
Figure BDA0002402792900000085
First person P 1 The bidder submits the first challenge information and the first challenge signature
Figure BDA0002402792900000086
To the server.
Similarly, in step S22, the second bidder P2 first counts the second random number R 1 Performing a second auction signature S of the signer P2 R 1 Then selecting random ranges, three of which are L 1 |L 2 |L 3 . Then generateA 64 bit second bidder random number within the random range
Figure BDA0002402792900000087
And then use the Pederson Commit based on the private key and the second auctioneer random number
Figure BDA0002402792900000088
Generating a second challenge information note
Figure BDA0002402792900000089
While signing the second challenge information
Figure BDA00024027929000000810
Generating a second challenge signature
Figure BDA00024027929000000811
Second person P 1 The bidder submits the second challenge information and the second challenge signature
Figure BDA00024027929000000812
To the server.
In step S23, the server receives the first challenge information
Figure BDA00024027929000000813
And second challenge information
Figure BDA00024027929000000814
Will check the label and wait for the timer T 1 Stopping collecting the challenge information when the challenge information is overtime, informing the auction participants that the challenge information is overtime, requiring the auction participants to submit verification information, proving that the challenge information submitted by the auction participants is legal and placing the verification information on the L 1 |L 2 |L 3 Within one of these ranges.
In the step S24, it further includes: s241, the first bidder generates a first range certificate based on the first challenge information by using a ball Proof, signs the first range certificate and the second random number to generate first verification information and sends the first verification information to the server; and S242, the second bidder generates a second range certificate based on the second challenge information by using a ball Proof, signs the second range certificate and the second random number to generate second verification information, and sends the second verification information to the server.
In a preferred embodiment of the present invention, the first bidder P 1 Using the Bullet Proof based on the first challenge information
Figure BDA00024027929000000815
Generating a first range proof
Figure BDA00024027929000000816
The first range attestation and the second random number are then signed to generate first verification information
Figure BDA00024027929000000817
And submitted to the server. Likewise, a second bidder P 2 Using the Bullet Proof based on the second challenge information
Figure BDA00024027929000000818
Generating a second range proof
Figure BDA00024027929000000819
Then signing the second range attestation and the second random number to generate second verification information
Figure BDA00024027929000000820
And submitting to a server.
Returning to fig. 1, in step S3, the server selects a winner from each group based on the verification information and the challenge result and takes the selected winner as an auction player of the next round of auction and returns to step S1 until the number of selected winners satisfies the preset number. Preferably, in a preferred embodiment of the present invention, the step S3 further comprises; s31, judging whether the first auction player and the second auction player are successfully verified or not according to the verification information, if so, executing the step S32, and otherwise, eliminating the auction players which are not successfully verified; s32, selecting a winner of the auction based on the first challenge information and the second challenge information according to an auction rule; and S33, the server receives the winners in each group and judges whether the number of the winners meets the preset number, if so, the auction is judged to be finished, otherwise, all the winners are used as the auctioneers of the next round of auction and the step S1 is returned until the number of the selected winners meets the preset number.
In a preferred embodiment, the first authentication information is based on the aforementioned
Figure BDA0002402792900000091
And second authentication information
Figure BDA0002402792900000092
Determining the first and second auctioneers (P) 1 ,P 2 ) Whether the verification is successful or not, if so, the random number generated by the auction participants is determined in the random range, and the two auction participants [ P ] are determined 1 ,P 2 ]. That is, as described above, the bidder P 1 The generated random range is L 1 Person P in auction 2 The random range generated is in L 2 If the winner is the auction player P 1 . Auction player P 1 The random range generated is in L 1 Person P in auction 2 The random range generated is in L 3 If the winner is the auction player P 2 . Auction player P 1 The generated random range is L 2 Person P of auction 2 The random range generated is in L 3 The winner is the player P 1 . When the auction player [ P ] 1 ,P 2 ]The verification information given by one party can not prove the challenge information generated by the other party in L 1 |L 2 |L 3 If so, the opponent wins; when the auction player [ P ] 1 ,P 2 ]And if one party cannot submit the challenge information in the auction process, the other party is considered to win. If one or two of the participants are not successfully verified, the unsuccessful participants are directly eliminated. If only one of the participants successfully verifies, the verification is directly successfulThe auctioneer of (2) is used as the winner of the auction. And then, the server receives the winners in each group and judges whether the number of the winners meets the preset number, if so, the auction is judged to be finished, otherwise, all the winners are used as the auctioneers of the next round of auction and the step S1 is returned to carry out the next round of competition until the number of the winners meets the preset number.
In a further preferred embodiment of the present invention, pederson Commit, as follows, may be selected to generate challenge information based on a private key and a random number.
Assuming that the given output value is b in decimal, b is decomposed into a 2-ary value b = b 0 2 0 +b 1 2 1 +b 2 2 2 +,...,+b n 2 n
Randomly generating a set of keys [ a ] 1 ,a 2 ,...a i ,...,a n ]For each b according to the following equation i 2 i Calculating C i
Figure BDA0002402792900000101
Will be each b i 2 i Calculated C i Adding values to obtain a C value and recording the C value into an outPk field:
C=C 0 +C 1 +…+C i ...+C n
after the C value is calculated, for each C i Calculating C i H:C i H=C i -2 i H;
Submitting C as challenge information to the server, and (a) i ,C i ,C i H,b i ) The parameters that are range proofs are used to generate range proofs.
In a further preferred embodiment of the invention, the random range of Borromean signatures to generate random numbers may be chosen as follows.
Subjecting the above step to (a) i ,C i ,C i H,b i ) As input parameters, a Borromean tag is generatedThe name asig. The procedure for generating range attestation is as follows:
first we rename the input parameters, i.e.: x is the number of i =a i
Figure BDA0002402792900000102
index i =b i (ii) a With input parameter (x) i ,C i ,C i H,index i ) After that, the following calculation is started: for each index i Generating a random key a i And
if index i =0; random generation s i′ i' = i +1 mod 2, and calculate L i And s i (ii) a Wherein: l is a radical of an alcohol i =a i G;c i′ =H s (L i );
Figure BDA0002402792900000103
c i =H s (L i′ );s i =a i -c i x i mod l;
If index i =1; random generation of s i And calculating L i And s i′ :L i =a i G;c i′ =H s (L i );
Figure BDA0002402792900000104
c i =H s (L i′ );s i =a i -c i x i mod l; return all L i ,s i ,s i′ And stores these three values in asig; all C i And the last generated asig is submitted to the server as a scope certificate.
The process of verifying the Borromean signature is as follows: verification of output Range requires taking input parameters (C) from the Block chain i Asig) is namely
Figure BDA0002402792900000105
The verification is carried out by the following specific processes:
first, it is based on
Figure BDA0002402792900000106
Deducing
Figure BDA0002402792900000107
Figure BDA0002402792900000108
First calculate c i′ :c i′ =H s (L i ) (ii) a Then calculate L i′ :L i′ =s i′ G+c i′ H (H = P2); then all L are put i′ Calculating LHS value by adding: LHS = ∑ Σ n L i′
Calculation of c i :c i =H s (L i′ ) (ii) a Recalculating R i =s i G+c i H (H = P1); finally all R are put into i RHSRHSS = ∑ sigma is calculated through addition n R i
And judging whether the LHS is equal to the RHS, if so, passing the range verification, and if not, failing the range verification.
Of course, in other preferred embodiments of the present invention, other signature or verification algorithms may be used, or other known algorithms such as Pederson Commit, borromean signature, bulletprofos, etc. may be used. The invention is not limited by the specific algorithm. Those skilled in the art can implement the present invention based on the teachings of the present invention and various algorithms known in the art.
The method and the computer-readable storage medium for verifying data submitted by an auction player in an untrusted network environment are implemented for enabling an untrusted two communication parties to submit confused numbers before the numbers generated by the other party are unknown, and then proving is given to prove that the numbers are generated by the submission, so that the fairness and the credibility of an auction process are ensured.
The invention also relates to a computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the method of verifying data submitted by an auction player in an untrusted network environment.
The method and the computer-readable storage medium for verifying data submitted by an auction player in an untrusted network environment are implemented for enabling an untrusted two communication parties to submit confused numbers before the numbers generated by the other party are unknown, and then proving is given to prove that the numbers are generated by the submission, so that the fairness and the credibility of an auction process are ensured.
Accordingly, the present invention can be realized in hardware, software, or a combination of hardware and software. The present invention can be realized in a centralized fashion in at least one computer system, or in a distributed fashion where different elements are spread across several interconnected computer systems. Any kind of computer system or other apparatus adapted for carrying out the methods of the present invention is suited. A typical combination of hardware and software could be a general purpose computer system with a computer program that, when being loaded and executed, controls the computer system such that it carries out the methods described herein.
The present invention may also be implemented by a computer program product, comprising all the features enabling the implementation of the methods of the invention, when loaded in a computer system. The computer program in this document refers to: any expression, in any programming language, code or notation, of a set of instructions intended to cause a system having an information processing capability to perform a particular function either directly or after either or both of the following: a) Conversion to other languages, codes or symbols; b) Reproduced in a different format.
While the invention has been described with reference to specific embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted without departing from the scope of the invention. In addition, many modifications may be made to adapt a particular situation or material to the teachings of the invention without departing from its scope. Therefore, it is intended that the invention not be limited to the particular embodiment disclosed, but that the invention will include all embodiments falling within the scope of the appended claims.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (9)

1. A method of verifying data submitted by an auction participant in an untrusted network environment, comprising:
s1, carrying out auction player signature by auction players based on a first random number generated by a server, and grouping the auction players into two groups by the server based on the auction player signature;
s2, the participants in each group challenge each other and generate verification information;
and S3, the server selects winners from each group based on the verification information and the challenge result, takes the selected winners as the auction participants of the next round of auction, and returns to the step S1 until the number of the selected winners meets the preset number.
2. The method for verifying data submitted by an auction user in an untrusted network environment according to claim 1, wherein said step S1 further comprises:
s11, the server generates a first random number and generates a first server signature based on the first random number, and then the first random number and the first server signature are sent to all the auction participants together;
s12, the bidder signs the first server signature in a verification mode to obtain the first random number, generates a first bidder signature based on the first random number, and then returns the first bidder signature to the server;
s13, the server sorts the signatures of the first participants based on ASC to group the participants into two groups;
s14, the server generates a public key sequence from the public keys of the auction participants according to the grouping sequence, generates a second random number and generates a second server signature based on the second random number;
and S15, the server sends the public key sequence, the second random number and the second server signature to the auction participants.
3. The method for verifying data submitted by an auction user in an untrusted network environment according to claim 2, wherein said step S2 further comprises:
s21, a first auction player in each group of auction players generates a first auction signature based on the second random number and selects a random range based on a set rule, then generates a first auction player random number in the random range, generates first challenge information based on the first auction player random number and a first auction player private key, generates a first challenge signature based on the first challenge information, and sends the first challenge information and the first challenge signature to the server;
s22, second participants in each group of participants generate second auction signatures based on the second random numbers and select random ranges based on set rules, then second participant random numbers in the random ranges are generated, second challenge information is generated based on the second participant random numbers and second participant private keys, second challenge signatures are generated based on the second challenge information, and the second challenge information and the second challenge signatures are sent to the server;
s23, the server requires the first auction player and the second auction player to respectively submit verification information after the time is set;
and S24, the first auction player and the second auction player generate first verification information and second verification information based on a set rule and send the first verification information and the second verification information to the server.
4. The method for verifying data submitted by an auction party in an untrusted network environment according to claim 3, wherein in said step S21, pederson Commit is used to generate first challenge information based on said first auction random number and a first auction private key and to generate a random range of said second random number based on a Borromean signature or Bullet Proof.
5. The method for verifying bidder submission data in an untrusted network environment of claim 3, wherein in step S22, pederson Commit is used to generate second challenge information based on the second bidder random number and a second bidder private key and to generate a random range for the second random number based on a Borromean signature or Bullet Proof.
6. The method for verifying data submitted by an auction user in an untrusted network environment according to claim 3, wherein said step S24 further comprises:
s241, the first auction player adopts a bull Proof to generate a first range certificate based on the first challenge information, signs the first range certificate and the second random number to generate first verification information and sends the first verification information to the server;
and S242, the second bidder generates a second range certificate based on the second challenge information by using a ball Proof, signs the second range certificate and the second random number to generate second verification information, and sends the second verification information to the server.
7. The method for verifying data submitted by an auction participant in an untrusted environment according to claim 4, wherein said step S3 further comprises;
s31, judging whether the first auction player and the second auction player are successfully verified or not according to the verification information, if so, executing the step S32, and otherwise, eliminating the auction players which are not successfully verified;
s32, selecting a winner of the auction based on the first challenge information and the second challenge information according to an auction rule;
and S33, the server receives the winners in each group and judges whether the number of the winners meets the preset number, if so, the auction is judged to be finished, otherwise, all the winners are used as the auctioneers of the next round of auction and the step S1 is returned until the number of the winners meets the preset number.
8. The method for verifying data submitted by an auction host in an untrusted network environment according to claim 7, wherein in step S32, a winner of the auction is selected according to the range of the first challenge information and the second challenge information.
9. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, carries out a method of verifying a submitter submission data in an untrusted network environment, according to any one of claims 1 to 8.
CN202010155225.XA 2020-03-06 2020-03-06 Method and computer-readable storage medium for verifying data submitted by an auctioneer in an untrusted network environment Active CN111553758B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010155225.XA CN111553758B (en) 2020-03-06 2020-03-06 Method and computer-readable storage medium for verifying data submitted by an auctioneer in an untrusted network environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010155225.XA CN111553758B (en) 2020-03-06 2020-03-06 Method and computer-readable storage medium for verifying data submitted by an auctioneer in an untrusted network environment

Publications (2)

Publication Number Publication Date
CN111553758A CN111553758A (en) 2020-08-18
CN111553758B true CN111553758B (en) 2023-02-10

Family

ID=72007282

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010155225.XA Active CN111553758B (en) 2020-03-06 2020-03-06 Method and computer-readable storage medium for verifying data submitted by an auctioneer in an untrusted network environment

Country Status (1)

Country Link
CN (1) CN111553758B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103248478A (en) * 2013-05-08 2013-08-14 天津大学 Multi-party security agreement based sealed electric auction scheme and verification method
CN105554773A (en) * 2016-01-19 2016-05-04 南京航空航天大学 Actual benefit maximized heterogeneous frequency spectrum bidirectional auction mechanism in cognitive network
CN107241806A (en) * 2017-07-14 2017-10-10 安徽大学 A kind of two-way heterogeneous frequency spectrum distributing method based on auction and secret protection
WO2019035097A1 (en) * 2017-08-18 2019-02-21 The Regents Of The University Of Michigan Centralized framework for small batch manufacturing

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8024274B2 (en) * 2006-05-05 2011-09-20 President And Fellows Of Harvard College Practical secrecy-preserving, verifiably correct and trustworthy auctions
US20080046329A1 (en) * 2006-08-17 2008-02-21 Logan Bryan M Allowing a Bidder to Group Lots in Online Auctions
US8239331B2 (en) * 2009-09-18 2012-08-07 Google Inc. Auction verification

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103248478A (en) * 2013-05-08 2013-08-14 天津大学 Multi-party security agreement based sealed electric auction scheme and verification method
CN105554773A (en) * 2016-01-19 2016-05-04 南京航空航天大学 Actual benefit maximized heterogeneous frequency spectrum bidirectional auction mechanism in cognitive network
CN107241806A (en) * 2017-07-14 2017-10-10 安徽大学 A kind of two-way heterogeneous frequency spectrum distributing method based on auction and secret protection
WO2019035097A1 (en) * 2017-08-18 2019-02-21 The Regents Of The University Of Michigan Centralized framework for small batch manufacturing

Also Published As

Publication number Publication date
CN111553758A (en) 2020-08-18

Similar Documents

Publication Publication Date Title
JP7472338B2 (en) Pseudorandom number generation in blockchain
CN107566124B (en) Hash operation-based consensus establishing method, block chain system and storage medium
CN110198213B (en) System based on secret shared random number consensus algorithm
US9385872B2 (en) Reissue of cryptographic credentials
CN110574058A (en) Computer-implemented system and method for performing transaction blending on blockchains
CN113037462B (en) Fair electronic voting protocol method based on block chain and safe multi-party computation
CN111817855B (en) Electronic voting method and system based on Ether house block chain
CN113360943A (en) Block chain private data protection method and device
CN112000744A (en) Signature method and related equipment
CN112968884A (en) Block chain heterogeneous consensus method and terminal for preventing hacker attack
CN109886810B (en) Crowdsourcing transaction method and system, readable storage medium and terminal
CN114629660B (en) Anonymous trusted voting method, device and related equipment based on blockchain
CN112073173A (en) Illegal signer determination system facing block chain PKI
CN110990790B (en) Data processing method and equipment
CN113783697A (en) Committee-based data broadcast service certification consensus protocol application method
CN114615281B (en) Block chaining and block outputting method based on small-scale committee and PoS protocol confirmation method
Guo et al. Continuous improvement of script-driven verifiable random functions for reducing computing power in blockchain consensus protocols
CN111553758B (en) Method and computer-readable storage medium for verifying data submitted by an auctioneer in an untrusted network environment
CN115865366A (en) Block chain voting method, device, terminal equipment and storage medium
CN114362962A (en) Block chain workload proof generation method
CN112419017A (en) Auction method, auction device, electronic equipment and computer readable storage medium
US20180197362A1 (en) Method for generating winning numbers and apparatus
CN110443713A (en) A kind of method and system promoted for block chain trading efficiency
Xiao et al. Provably secure multi-signature scheme based on the standard SM2 signature scheme
Barbara Proof of all: Verifiable computation in a nutshell

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 40027003

Country of ref document: HK

GR01 Patent grant
GR01 Patent grant