CN112651742A - Supervision-capable distributed confidential transaction system and method - Google Patents

Supervision-capable distributed confidential transaction system and method Download PDF

Info

Publication number
CN112651742A
CN112651742A CN202011465650.5A CN202011465650A CN112651742A CN 112651742 A CN112651742 A CN 112651742A CN 202011465650 A CN202011465650 A CN 202011465650A CN 112651742 A CN112651742 A CN 112651742A
Authority
CN
China
Prior art keywords
transaction
account
private key
public
confidential
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202011465650.5A
Other languages
Chinese (zh)
Other versions
CN112651742B (en
Inventor
陈宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong University
Original Assignee
Shandong University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong University filed Critical Shandong University
Priority to CN202011465650.5A priority Critical patent/CN112651742B/en
Publication of CN112651742A publication Critical patent/CN112651742A/en
Application granted granted Critical
Publication of CN112651742B publication Critical patent/CN112651742B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/405Establishing or using transaction specific rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3821Electronic credentials
    • G06Q20/38215Use of certificates or encrypted proofs of transaction rights
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/389Keeping log of transactions for guaranteeing non-repudiation of a transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Technology Law (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a supervised distributed confidential transaction method and a supervised distributed confidential transaction system.A supervisor generates public parameters by using a system generation algorithm of non-interactive zero knowledge certification, generates a public and private key pair by using an integrated encryption signature method, and takes a private key as a global supervision private key; a party participating in the transaction generates a registration request, and sends a public and private key pair, a secret balance and account public information to a supervisor for registration; the supervisor monitors the transaction of the party participating in the transaction and confirms whether the transaction amount and the account balance of the transaction initiator are in a reasonable interval or not; if the confirmation result is passed, the confidential transaction is carried out between the participating transaction parties, the confidential transaction records passing the validity verification are linked, and each participating transaction party updates the account state of the party. The invention can provide confidentiality protection for users and simultaneously allows a supervisor to implement efficient penetration type global supervision.

Description

Supervision-capable distributed confidential transaction system and method
Technical Field
The invention belongs to the technical field of information monitoring, and particularly relates to a monitorable distributed confidential transaction system and a monitorable distributed confidential transaction method.
Background
The statements in this section merely provide background information related to the present disclosure and may not necessarily constitute prior art.
In recent years, a distributed transaction system based on a block chain has received unprecedented attention, and two major problems to be solved are privacy protection and supervision audit respectively. The distributed confidential transaction system protects the transaction amount by using a public key encryption technology, and a supervisor can not effectively supervise confidential transactions while confidentiality protection is provided.
According to the inventor, the current common solution requires a user to host a decryption private key to a supervisor, but the scheme has some disadvantages that firstly, the supervision depends on the active cooperation of the user, the supervisor cannot implement penetration supervision, and the usability is not ideal; secondly, the supervisor needs to manage a large-scale decryption private key database, so that the overall supervision efficiency is low; thirdly, the supervisor implements supervision by mastering the private key of the user, and hidden danger that the safety of the transaction system is damaged due to corruption exists.
Disclosure of Invention
The invention provides a supervised distributed confidential transaction system and a supervised distributed confidential transaction method, which can provide confidentiality protection for users and allow a supervisor to implement efficient penetrating global supervision.
According to some embodiments, the invention adopts the following technical scheme:
a supervised distributed secret transaction method, performed from a supervisor, comprising the steps of:
generating public parameters by using a system generation algorithm of non-interactive zero-knowledge proof;
generating a public and private key pair by using an integrated encryption signature method, and taking a private key as a global supervision private key;
receiving a registration request of a party participating in transaction, and acquiring a public and private key pair, a secret balance and account public information of the party participating in transaction;
monitoring the transaction of the transaction party, and confirming whether the transaction amount and the account balance of the transaction initiator are in a reasonable interval, or receiving a confirmation result whether the transaction amount and the account balance of the transaction initiator are in the reasonable interval;
if the confirmation result is passed, the confidential transaction is output, the confidential transaction record passing the validity verification is linked, the account state of each party participating in the transaction is updated, and otherwise, the confidential transaction is abandoned.
A supervised distributed confidential transaction method, performed from a participating transaction party, comprising the steps of:
sending a registration request, and sending a public and private key pair, a secret state balance and account public information of the user;
receiving the public parameters, generating or receiving a transaction request, and confirming whether the transaction amount and the balance of a transaction initiator are in a reasonable interval or receiving a confirmation result whether the transaction amount and the balance of an account of the transaction initiator are in a reasonable interval;
and if the confirmation result passes, performing the confidential transaction, updating the self account state according to the confidential transaction record verified by the legality, and otherwise giving up the confidential transaction.
A supervised distributed confidential transaction method comprising the steps of:
the supervisor utilizes a system generation algorithm of non-interactive zero knowledge proof to generate public parameters, utilizes an integrated encryption signature method to generate a public and private key pair, and takes a private key as a global supervision private key;
a party participating in the transaction generates a registration request, and sends a public and private key pair, a secret balance and account public information to a supervisor for registration;
the supervisor monitors the transaction of the party participating in the transaction, and confirms whether the transaction amount and the account balance of the transaction initiator are in a reasonable interval or not, or receives the confirmation result whether the transaction amount and the account balance of the transaction initiator are in the reasonable interval or not;
if the confirmation result is passed, confidential transaction is carried out between the parties involved in the transaction, the confidential transaction records passing the validity verification are linked, and each party involved in the transaction updates the account state of the party, otherwise, the transaction is abandoned.
As an alternative embodiment, the specific process of generating a registration request and sending the public and private key pair, the secret balance and the account public information by the transaction participating party includes: generating a public and private key pair (pk, sk) by using a key generation algorithm of a cryptographic signature scheme;
encrypting the initial balance m to generate a secret balance B;
the account public information comprises (pk, B, sn), wherein sn is a serial number and is used for preventing replay attack, pk is used as an account address, and the private information comprises an initial balance m and a private key sk.
As an alternative embodiment, the specific process of performing a confidential transaction includes: encrypting the account amount v by using a public key pk _ s of a transaction initiator, a public key pk _ r of a transaction receiver and a supervisor pk _ a respectively to generate corresponding ciphertexts C _ s, C _ r and C _ a, and generating a cipher text consistency certificate pi _ equal by using a non-interactive zero knowledge certification system;
generating interval range certificates pi _ right and pi _ solution by using a non-interactive zero knowledge system, and respectively verifying that the transfer amount v and the balance m-v of the roll-out account are in a reasonable interval;
setting the current serial number of the roll-out account as sn, setting the memo information of the confidential transaction as (pk _ s, pk _ r, pk _ a, C _ s, C _ r, C _ a, pi _ equal, pi _ right, pi _ solution), signing (sn, memo) by using a roll-out account private key sk _ s to obtain sigma, and outputting the confidential transaction ctx as (sn, memo, sigma).
As an alternative embodiment, the specific process of confirming whether the transaction amount and the account balance of the transaction initiator are within a reasonable interval includes: and determining whether the transaction amount is less than or equal to the account balance of the transaction initiator, if so, determining that the transaction amount is in a reasonable interval, otherwise, determining that the transaction amount is not in the reasonable interval.
As an alternative embodiment, the specific process of verifying the validity of the confidential transaction includes:
(a) verifying whether the serial number sn is a fresh serial number of the transferred account, if so, entering the next step, otherwise, determining that the serial number sn is illegal;
(b) verifying whether the signature sigma is a legal signature of a transferred account private key pair (sn, memo), if so, entering the next step, otherwise, determining that the signature sigma is illegal;
(c) and verifying whether the zero knowledge proof is correct, and if so, determining that the knowledge proof is legal, otherwise, determining that the knowledge proof is illegal.
As an alternative embodiment, the specific process of updating the account status of each party participating in the transaction includes:
the transaction initiator increases the serial number and updates the secret balance from B _ s to B _ s-C _ s by utilizing the homomorphism of the encryption component;
and the transaction receiver updates the secret balance B _ r to B _ r + C _ r by utilizing the homomorphism of the encryption component.
As an alternative embodiment, the supervisor implements penetration supervision on each transaction using the global supervision private key.
A supervised distributed confidential transaction system comprising:
the system comprises a supervisor device and a monitoring device, wherein the supervisor device is configured to generate public parameters by using a system generation algorithm of non-interactive zero-knowledge proof, generate a public and private key pair by using an integrated encryption signature method, and take a private key as a global supervision private key; monitoring the transaction of a party participating in the transaction, confirming whether the transaction amount and the account balance of a transaction initiator are in a reasonable interval, if so, outputting the confidential transaction, and linking the confidential transaction record passing the validity verification;
and the transaction participating party terminal equipment is configured to generate a registration request, send the public and private key pair, the secret balance and the account public information to the supervisor equipment, perform registration, execute confidential transaction and update the account state of the transaction participating party terminal equipment according to the confidential transaction record which passes the validity verification.
A supervised distributed confidential transaction system comprising:
the system comprises a supervisor device and a monitoring device, wherein the supervisor device is configured to generate public parameters by using a system generation algorithm of non-interactive zero-knowledge proof, generate a public and private key pair by using an integrated encryption signature method, and take a private key as a global supervision private key; monitoring the transaction of the party participating in the transaction, receiving the result of the rationality confirmation, if the result is rational, outputting the confidential transaction, and linking the confidential transaction record passing the validity verification;
the verifying party is communicated with the monitoring party equipment and the transaction participating party terminal equipment and is configured to confirm whether the transaction amount and the account balance of the transaction initiating party are in a reasonable interval or not, and send a confirmation result to verify whether the confidential transaction is legal or not;
and the transaction participating party terminal equipment is configured to generate a registration request, send the public and private key pair, the secret balance and the account public information to the supervisor equipment, perform registration, execute confidential transaction and update the account state of the transaction participating party terminal equipment according to the confidential transaction record which passes the validity verification.
Compared with the prior art, the invention has the beneficial effects that:
according to the invention, the penetration type supervision is realized while the privacy is protected, and the supervised party has no perception, so that the use experience of the user is improved;
the supervision party of the invention can complete supervision only by supervising the private key without maintaining a large-scale database, thereby improving the supervision efficiency and ensuring the timeliness and effectiveness of the transaction;
the supervisor of the invention only executes supervision, which can not destroy the authentification of the distributed transaction system, thus improving the transaction security, and meanwhile, the transaction content of the invention is triple encrypted, thus improving the transaction security to a certain extent.
The invention has wide applicability, and is particularly suitable for the block chain system needing to deploy a strong supervision mechanism so as to ensure that the block chain application can be managed and controlled.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, are included to provide a further understanding of the invention, and are incorporated in and constitute a part of this specification, illustrate exemplary embodiments of the invention and together with the description serve to explain the invention and not to limit the invention.
FIG. 1 is a schematic diagram of information interaction between parties of a transaction according to a third embodiment;
fig. 2 is a schematic diagram of a transaction data structure according to the third embodiment.
The specific implementation mode is as follows:
the invention is further described with reference to the following figures and examples.
It is to be understood that the following detailed description is exemplary and is intended to provide further explanation of the invention as claimed. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the invention. As used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, and it should be understood that when the terms "comprises" and/or "comprising" are used in this specification, they specify the presence of stated features, steps, operations, devices, components, and/or combinations thereof, unless the context clearly indicates otherwise.
The first embodiment is as follows:
a supervised distributed secret transaction method, performed from a supervisor, comprising the steps of:
generating public parameters by using a system generation algorithm of non-interactive zero-knowledge proof;
generating a public and private key pair by using an integrated encryption signature method, and taking a private key as a global supervision private key;
receiving a registration request of a party participating in transaction, and acquiring a public and private key pair, a secret balance and account public information of the party participating in transaction;
monitoring the transaction of the transaction party, and confirming whether the transaction amount and the account balance of the transaction initiator are in a reasonable interval, or receiving a confirmation result whether the transaction amount and the account balance of the transaction initiator are in the reasonable interval;
if the confirmation result is passed, the confidential transaction is output, the confidential transaction record passing the validity verification is linked, the account state of each party participating in the transaction is updated, and otherwise, the confidential transaction is abandoned.
In the implementation process of this embodiment, the process of generating the system parameters by the administrator includes:
(1) respectively operating a system generation algorithm integrating the encryption signature scheme and the non-interactive zero-knowledge proof to generate corresponding public parameters pp _ ise and pp _ nizk;
(2) running a key generation algorithm of the integrated encryption signature scheme to generate a public and private key pair (pk _ a, sk _ a);
(3) the publication pp ═ (pp _ ise, pp _ nizk, pk _ a) as a system public parameter, and sk _ a is held secretly as a global supervision private key.
In the whole process, the supervisor holds sk _ a to implement penetration supervision on any transaction ctx.
Example two:
a supervised distributed confidential transaction method, performed from a participating transaction party, comprising the steps of:
sending a registration request, and sending a public and private key pair, a secret state balance and account public information of the user;
receiving the public parameters, generating or receiving a transaction request, and confirming whether the transaction amount and the balance of a transaction initiator are in a reasonable interval or receiving a confirmation result whether the transaction amount and the balance of an account of the transaction initiator are in a reasonable interval;
and if the confirmation result passes, performing the confidential transaction, updating the self account state according to the confidential transaction record verified by the legality, and otherwise giving up the confidential transaction.
Example three:
a supervised distributed secret transaction method, as illustrated in fig. 1, comprising the steps of:
(1) and carrying out system generation.
The system is designed based on an integrated cryptographic signature scheme (where the cryptographic components support additive homomorphism) and a non-interactive zero-knowledge proof protocol.
Specifically, the supervisor performs the following operations:
(1-1) respectively operating a system generation algorithm integrating the encryption signature scheme and the non-interactive zero-knowledge proof to generate corresponding public parameters pp _ ise and pp _ nizk;
(1-2) running a key generation algorithm of the integrated encryption signature scheme to generate a public and private key pair (pk _ a, sk _ a);
(1-3) publish pp ═ (pp _ ise, pp _ nizk, pk _ a) as system public parameters, and secretly hold sk _ a as a global supervision private key.
(2) And (4) registering an account.
The transaction participant entity user completes account registration according to the following steps:
(2-1) running a key generation algorithm of the integrated encryption signature scheme to generate a public and private key pair (pk, sk);
(2-2) encrypting the initial balance m to generate a secret balance B ═ Enc (pk, m);
(2-3) the account public information comprises (pk, B, sn), wherein sn is a serial number used for preventing replay attack, pk is used as an account address, and the private information comprises sk and m.
(2-4) check balance Reveal: the account owner holds the sk running algorithm Dec (sk, c) to view account balances.
(3) The transfer is performed.
This is illustrated by way of example in the case where a transaction initiator account pk _ s transfers v currencies to a transaction recipient account pk _ r. Of course, in other embodiments, the transaction content is not limited to the above.
(3-1) respectively encrypting v by using public keys pk _ s, pk _ r and pk _ a to generate ciphertexts C _ s, C _ r and C _ a, and generating a cipher text consistency certificate pi _ equal by using a non-interactive zero knowledge certificate system;
(3-2) generating interval range certificates pi _ right and pi _ solution by using a non-interactive zero knowledge system, and respectively verifying that the transfer amount v and the balance m-v of the transferred account are in a reasonable interval;
(3-3) let the current serial number of the roll-out account be sn, the memo information of the confidential transaction be (pk _ s, pk _ r, pk _ a, C _ s, C _ r, C _ a, pi _ equal, pi _ right, pi _ solution), as shown in fig. 2, sign (sn, memo) by using the roll-out account private key sk _ s to obtain sigma, and output the confidential transaction ctx ═ sn, memo.
(4) And (5) verifying.
In different embodiments, the main body of the step may be a public verification party, or a supervision party or a transaction participant. Specifically, whether the confidential transaction ctx is legal is verified according to the following steps:
(4-1) verifying whether the serial number sn is a fresh serial number of the roll-out account;
(4-1) verifying whether the signature sigma is a legal signature of the roll-out account private key pair (sn, memo);
(4-1) verifying whether the zero knowledge proof is correct.
If the above tests are passed, the confidential transaction ctx is recorded on the chain, otherwise, ctx is discarded.
(5) And (4) updating the information.
After ctx records uplink, the two parties of the transaction update the account status according to the following steps:
(5-1) the transaction initiator increments the sequence number and updates the B _ s to the B _ s-C _ s by utilizing the homomorphism of the encryption component;
(5-2) the transaction receiver updates B _ r to B _ r + C _ r by using the homomorphism of the encryption component
Of course, during the above transaction, the supervisor holds sk _ a to perform penetration supervision on any ctx, i.e. to run the decryption algorithm Dec (sk _ a, C _ a).
Example four:
a supervised distributed confidential transaction system comprising:
the system comprises a supervisor device and a monitoring device, wherein the supervisor device is configured to generate public parameters by using a system generation algorithm of non-interactive zero-knowledge proof, generate a public and private key pair by using an integrated encryption signature method, and take a private key as a global supervision private key; monitoring the transaction of a party participating in the transaction, confirming whether the transaction amount and the account balance of a transaction initiator are in a reasonable interval, if so, outputting the confidential transaction, and linking the confidential transaction record passing the validity verification;
and the transaction participating party terminal equipment is configured to generate a registration request, send the public and private key pair, the secret balance and the account public information to the supervisor equipment, perform registration, execute confidential transaction and update the account state of the transaction participating party terminal equipment according to the confidential transaction record which passes the validity verification.
Of course, the supervisor device may be an existing device such as a server and a processor, and the transaction-participating terminal device may be a computer, a processor, and a mobile terminal (e.g., a mobile phone, an ipad, etc.), which are not described herein again.
Example five:
a supervised distributed confidential transaction system comprising:
the system comprises a supervisor device and a monitoring device, wherein the supervisor device is configured to generate public parameters by using a system generation algorithm of non-interactive zero-knowledge proof, generate a public and private key pair by using an integrated encryption signature method, and take a private key as a global supervision private key; monitoring the transaction of the party participating in the transaction, receiving the result of the rationality confirmation, if the result is rational, outputting the confidential transaction, and linking the confidential transaction record passing the validity verification;
the verifying party is communicated with the monitoring party equipment and the transaction participating party terminal equipment and is configured to confirm whether the transaction amount and the account balance of the transaction initiating party are in a reasonable interval or not and send a confirmation result;
and the transaction participating party terminal equipment is configured to generate a registration request, send the public and private key pair, the secret balance and the account public information to the supervisor equipment, perform registration, execute confidential transaction and update the account state of the transaction participating party terminal equipment according to the confidential transaction record which passes the validity verification.
Of course, the supervisor device may be an existing device such as a server and a processor, and the transaction-participating terminal device may be a computer, a processor, and a mobile terminal (e.g., a mobile phone, an ipad, etc.), which are not described herein again. The verifier can be a device or a node.
Example six:
a computer readable storage medium having stored therein a plurality of instructions adapted to be loaded by a processor of a terminal device and to perform the steps of a supervised distributed secret transaction method as provided in example one, example two or example three.
Example seven:
a terminal device comprising a processor and a computer readable storage medium, the processor being configured to implement instructions; the computer readable storage medium is used for storing a plurality of instructions adapted to be loaded by the processor and to perform the steps of a supervised distributed secret transaction method as provided in example one, example two or example three.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Although the embodiments of the present invention have been described with reference to the accompanying drawings, it is not intended to limit the scope of the present invention, and it should be understood by those skilled in the art that various modifications and variations can be made without inventive efforts by those skilled in the art based on the technical solution of the present invention.

Claims (10)

1. A supervised distributed confidential transaction method is characterized in that: the method comprises the following steps:
generating public parameters by using a system generation algorithm of non-interactive zero-knowledge proof;
generating a public and private key pair by using an integrated encryption signature method, and taking a private key as a global supervision private key;
receiving a registration request of a party participating in transaction, and acquiring a public and private key pair, a secret balance and account public information of the party participating in transaction;
monitoring the transaction of the transaction party, and confirming whether the transaction amount and the account balance of the transaction initiator are in a reasonable interval, or receiving a confirmation result whether the transaction amount and the account balance of the transaction initiator are in the reasonable interval;
if the confirmation result is passed, the confidential transaction is output, the confidential transaction record passing the validity verification is linked, the account state of each party participating in the transaction is updated, and otherwise, the confidential transaction is abandoned.
2. A supervised distributed confidential transaction method is characterized in that: the method comprises the following steps:
sending a registration request, and sending a public and private key pair, a secret state balance and account public information of the user;
receiving the public parameters, generating or receiving a transaction request, and confirming whether the transaction amount and the balance of a transaction initiator are in a reasonable interval or receiving a confirmation result whether the transaction amount and the balance of an account of the transaction initiator are in a reasonable interval;
and if the confirmation result passes, performing the confidential transaction, updating the self account state according to the confidential transaction record verified by the legality, and otherwise giving up the confidential transaction.
3. A supervised distributed confidential transaction method is characterized in that: the method comprises the following steps:
the supervisor utilizes a system generation algorithm of non-interactive zero knowledge proof to generate public parameters, utilizes an integrated encryption signature method to generate a public and private key pair, and takes a private key as a global supervision private key;
a party participating in the transaction generates a registration request, and sends a public and private key pair, a secret balance and account public information to a supervisor for registration;
the supervisor monitors the transaction of the party participating in the transaction, and confirms whether the transaction amount and the account balance of the transaction initiator are in a reasonable interval or not, or receives the confirmation result whether the transaction amount and the account balance of the transaction initiator are in the reasonable interval or not;
if the confirmation result is passed, confidential transaction is carried out between the parties involved in the transaction, the confidential transaction records passing the validity verification are linked, and each party involved in the transaction updates the account state of the party, otherwise, the transaction is abandoned.
4. A supervised distributed secret transaction method as recited in claim 1, 2 or 3, wherein: the specific process of the party participating in the transaction to generate a registration request and send the public and private key pair, the secret balance and the account public information comprises the following steps: generating a public and private key pair (pk, sk) by using a key generation algorithm of a cryptographic signature scheme;
encrypting the initial balance m to generate a secret balance B;
the account public information comprises (pk, B, sn), wherein sn is a serial number and is used for preventing replay attack, pk is used as an account address, and the private information comprises an initial balance m and a private key sk.
5. A supervised distributed secret transaction method as recited in claim 1, 2 or 3, wherein: the specific process of carrying out confidential transactions includes: encrypting the account amount v by using a public key pk _ s of a transaction initiator, a public key pk _ r of a transaction receiver and a supervisor pk _ a respectively to generate corresponding ciphertexts C _ s, C _ r and C _ a, and generating a cipher text consistency certificate pi _ equal by using a non-interactive zero knowledge certification system;
generating interval range certificates pi _ right and pi _ solution by using a non-interactive zero knowledge system, and respectively verifying that the transfer amount v and the balance m-v of the roll-out account are in a reasonable interval;
setting the current serial number of the roll-out account as sn, setting the memo information of the confidential transaction as (pk _ s, pk _ r, pk _ a, C _ s, C _ r, C _ a, pi _ equal, pi _ right, pi _ solution), signing (sn, memo) by using a roll-out account private key sk _ s to obtain sigma, and outputting the confidential transaction ctx as (sn, memo, sigma).
6. A supervised distributed secret transaction method as recited in claim 1, 2 or 3, wherein: the specific process for confirming whether the transaction amount and the account balance of the transaction initiator are within a reasonable interval comprises the following steps: determining whether the amount of the transaction amount is less than or equal to the balance of the account of the transaction initiator, if so, determining that the transaction amount is in a reasonable interval, otherwise, determining that the transaction amount is not in the reasonable interval;
or, the supervisor implements the penetration supervision on each transaction by utilizing the global supervision private key.
7. A supervised distributed secret transaction method as recited in claim 1, 2 or 3, wherein: the specific process for verifying the validity of the confidential transaction comprises the following steps:
(a) verifying whether the serial number sn is a fresh serial number of the transferred account, if so, entering the next step, otherwise, determining that the serial number sn is illegal;
(b) verifying whether the signature sigma is a legal signature of a transferred account private key pair (sn, memo), if so, entering the next step, otherwise, determining that the signature sigma is illegal;
(c) and verifying whether the zero knowledge proof is correct, and if so, determining that the knowledge proof is legal, otherwise, determining that the knowledge proof is illegal.
8. A supervised distributed secret transaction method as recited in claim 1, 2 or 3, wherein: the specific process of updating the account state of each party participating in the transaction comprises the following steps:
the transaction initiator increases the serial number and updates the secret balance from B _ s to B _ s-C _ s by utilizing the homomorphism of the encryption component;
and the transaction receiver updates the secret balance B _ r to B _ r + C _ r by utilizing the homomorphism of the encryption component.
9. A supervised distributed confidential transaction system, characterized by: the method comprises the following steps:
the system comprises a supervisor device and a monitoring device, wherein the supervisor device is configured to generate public parameters by using a system generation algorithm of non-interactive zero-knowledge proof, generate a public and private key pair by using an integrated encryption signature method, and take a private key as a global supervision private key; monitoring the transaction of a party participating in the transaction, confirming whether the transaction amount and the account balance of a transaction initiator are in a reasonable interval, if so, outputting the confidential transaction, and linking the confidential transaction record passing the validity verification;
and the transaction participating party terminal equipment is configured to generate a registration request, send the public and private key pair, the secret balance and the account public information to the supervisor equipment, perform registration, execute confidential transaction and update the account state of the transaction participating party terminal equipment according to the confidential transaction record which passes the validity verification.
10. A supervised distributed confidential transaction system, characterized by: the method comprises the following steps:
the system comprises a supervisor device and a monitoring device, wherein the supervisor device is configured to generate public parameters by using a system generation algorithm of non-interactive zero-knowledge proof, generate a public and private key pair by using an integrated encryption signature method, and take a private key as a global supervision private key; monitoring the transaction of the party participating in the transaction, receiving the result of the rationality confirmation, if the result is rational, outputting the confidential transaction, and linking the confidential transaction record passing the validity verification;
the verifying party is communicated with the monitoring party equipment and the transaction participating party terminal equipment and is configured to confirm whether the transaction amount and the account balance of the transaction initiating party are in a reasonable interval or not, and send a confirmation result to verify whether the confidential transaction is legal or not;
and the transaction participating party terminal equipment is configured to generate a registration request, send the public and private key pair, the secret balance and the account public information to the supervisor equipment, perform registration, execute confidential transaction and update the account state of the transaction participating party terminal equipment according to the confidential transaction record which passes the validity verification.
CN202011465650.5A 2020-12-14 2020-12-14 Monitorable distributed confidential transaction system and method Active CN112651742B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011465650.5A CN112651742B (en) 2020-12-14 2020-12-14 Monitorable distributed confidential transaction system and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011465650.5A CN112651742B (en) 2020-12-14 2020-12-14 Monitorable distributed confidential transaction system and method

Publications (2)

Publication Number Publication Date
CN112651742A true CN112651742A (en) 2021-04-13
CN112651742B CN112651742B (en) 2022-11-25

Family

ID=75353843

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011465650.5A Active CN112651742B (en) 2020-12-14 2020-12-14 Monitorable distributed confidential transaction system and method

Country Status (1)

Country Link
CN (1) CN112651742B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113162765A (en) * 2021-04-21 2021-07-23 山东大学 Trustable public key encryption system and method based on non-interactive key agreement
CN113271209A (en) * 2021-04-21 2021-08-17 山东大学 Trustable public key encryption system and method based on non-interactive zero-knowledge proof
CN115204875A (en) * 2022-07-13 2022-10-18 上海优方信息科技服务股份有限公司 Method and device for controlling fund security of stored value card

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109840771A (en) * 2019-04-01 2019-06-04 西安电子科技大学 A kind of block chain intimacy protection system and its method based on homomorphic cryptography
CN109903027A (en) * 2018-12-14 2019-06-18 阿里巴巴集团控股有限公司 Event-handling method and device, electronic equipment based on block chain
CN110288480A (en) * 2019-06-28 2019-09-27 深圳前海微众银行股份有限公司 A kind of Private transaction method and device of block chain
CN111064734A (en) * 2019-12-25 2020-04-24 中国科学院信息工程研究所 Block chain system user identity anonymity and traceable method, corresponding storage medium and electronic device
US20200322128A1 (en) * 2019-04-05 2020-10-08 International Business Machines Corporation Zero-knowledge proof for blockchain endorsement

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109903027A (en) * 2018-12-14 2019-06-18 阿里巴巴集团控股有限公司 Event-handling method and device, electronic equipment based on block chain
CN109840771A (en) * 2019-04-01 2019-06-04 西安电子科技大学 A kind of block chain intimacy protection system and its method based on homomorphic cryptography
US20200322128A1 (en) * 2019-04-05 2020-10-08 International Business Machines Corporation Zero-knowledge proof for blockchain endorsement
CN110288480A (en) * 2019-06-28 2019-09-27 深圳前海微众银行股份有限公司 A kind of Private transaction method and device of block chain
CN111064734A (en) * 2019-12-25 2020-04-24 中国科学院信息工程研究所 Block chain system user identity anonymity and traceable method, corresponding storage medium and electronic device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
HAIBIN ZHENG,ETC.: "An organization-friendly blockchain system", 《COMPUTERS & SECURITY》 *
王兰兰: "基于非交互式零知识证明的匿名签名方案的研究", 《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113162765A (en) * 2021-04-21 2021-07-23 山东大学 Trustable public key encryption system and method based on non-interactive key agreement
CN113271209A (en) * 2021-04-21 2021-08-17 山东大学 Trustable public key encryption system and method based on non-interactive zero-knowledge proof
CN115204875A (en) * 2022-07-13 2022-10-18 上海优方信息科技服务股份有限公司 Method and device for controlling fund security of stored value card
CN115204875B (en) * 2022-07-13 2023-10-24 江骞 Stored value card fund safety control method and device

Also Published As

Publication number Publication date
CN112651742B (en) 2022-11-25

Similar Documents

Publication Publication Date Title
JP6990690B2 (en) Methods and systems implemented by blockchain
CN112651742B (en) Monitorable distributed confidential transaction system and method
CN111130757A (en) Multi-cloud CP-ABE access control method based on block chain
CN109412798A (en) Private key generation, data interactive method and its system of block chain
JP6882705B2 (en) Key exchange system and key exchange method
CN103118027A (en) Transport layer security (TLS) channel constructing method based on cryptographic algorithm
CN110932850B (en) Communication encryption method and system
CN109478214A (en) Device and method for certificate registration
CN111429138A (en) Block link point data safety interaction method and first interaction node
CN110289951A (en) A kind of shared content monitoring method based on Threshold key sharing and block chain
CN115345618B (en) Block chain transaction verification method and system based on mixed quantum digital signature
CN105553667A (en) Dynamic password generating method
CN114697040A (en) Electronic signature method and system based on symmetric key
CN114357492A (en) Medical data privacy fusion method and device based on block chain
CN114666032A (en) Block chain transaction data privacy protection method based on homomorphic encryption
CN102907041B (en) A kind of data-sharing systems, data distribution systems and data guard method
Shin et al. A Survey of Public Provable Data Possession Schemes with Batch Verification in Cloud Storage.
JP2002529778A (en) Incorporating shared randomness into distributed encryption
CN110012024A (en) A kind of data sharing method, system, equipment and computer readable storage medium
CN114697038A (en) Quantum attack resistant electronic signature method and system
CN111865568B (en) Data transmission oriented certificate storing method, transmission method and system
CN113691376A (en) Key management method and device
CN109218016B (en) Data transmission method and device, server, computer equipment and storage medium
Ming et al. On the Security of Three Public Auditing Schemes in Cloud Computing.
CN116028965B (en) Data protection method, server and storage medium in distributed LVC training environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant