CN114143080A - Block chain data privacy protection and sharing method based on zero knowledge proof - Google Patents

Block chain data privacy protection and sharing method based on zero knowledge proof Download PDF

Info

Publication number
CN114143080A
CN114143080A CN202111438060.8A CN202111438060A CN114143080A CN 114143080 A CN114143080 A CN 114143080A CN 202111438060 A CN202111438060 A CN 202111438060A CN 114143080 A CN114143080 A CN 114143080A
Authority
CN
China
Prior art keywords
data
cloud service
key
knowledge proof
private
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202111438060.8A
Other languages
Chinese (zh)
Inventor
冯涛
杨璞
方君丽
蒋泳波
张迪
孔繁琪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lanzhou University of Technology
Original Assignee
Lanzhou University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lanzhou University of Technology filed Critical Lanzhou University of Technology
Priority to CN202111438060.8A priority Critical patent/CN114143080A/en
Publication of CN114143080A publication Critical patent/CN114143080A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • H04L9/3221Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2117User registration
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp

Abstract

A data owner generates data into an encrypted ciphertext according to a requirement keyword generated by a cloud service provider and sends the encrypted ciphertext to a trusted cloud server, Hash with a signature is recorded in a block chain, meanwhile, a zero knowledge proof pi generated by private data, and a calculation result R and a Hash value h are sent to an intelligent contract for automatic comparison. Zero-proof-of-knowledge verification informs the data owner to use the public key PK of the cloud service organizationdPerforming a re-encryption algorithm to generate a re-encryption key PKu→dAnd passing it throughThe public key encryption of the cloud service provider is sent to the semi-trusted agent cloud server, and the re-encryption algorithm is executed to obtain the ciphertext
Figure DDA0003382454980000011
Conversion to intermediate ciphertext
Figure DDA0003382454980000012
The intermediate ciphertext is sent to the cloud service provider, using the private key SKdAnd executing a decryption algorithm to obtain required privacy data and verifying the privacy data according to the information on the blockchain. And submitting the transaction of the data sharing information to a verification node through the post intelligent contract, and issuing the transaction on the block chain after verification by using an RBFT consensus algorithm.

Description

Block chain data privacy protection and sharing method based on zero knowledge proof
Technical Field
The invention relates to the technical field of block chain data privacy protection safety.
Background
The block chain is an effective method for solving the problems of transaction verifiability and traceability due to the characteristics of decentralization, non-tamper property, traceability, executable intelligent contracts and the like. Due to the characteristics of the distributed data account book, the method is widely applied to a plurality of scenes such as virtual currency, electronic bidding, industrial Internet of things and the like. In addressing data privacy, blockchains may incorporate a variety of cryptographic means. Such as: and the protection of data privacy and identity privacy on a block chain is realized by combining attribute encryption, homomorphic encryption, searchable encryption and proxy re-encryption.
The proxy re-encryption is a key conversion mechanism for converting a key of a ciphertext into a key which can be decrypted by an authorized person, the proxy re-encryption utilizes the storage capacity of the cloud platform, a data owner can encrypt data by using a symmetric key, the obtained ciphertext is stored in the cloud end, and the obtained ciphertext is uploaded and stored to the cloud end by using a public key of the data owner to encrypt the symmetric key. When the data owner Alice wants to share data with Bob, the data owner Alice generates a re-encryption key according to the decryption key and the encryption key of Bob, and sends the re-encryption key to the cloud. And the cloud server performs re-encryption operation and stores the obtained ciphertext in the cloud. And then Bob downloads the key from the cloud server and decrypts the key by using the private key of the Bob to obtain the symmetric key, and then the symmetric key decrypts the key to obtain the original plaintext. Therefore, the aim of ciphertext sharing is achieved, and the secret key of Alice is not disclosed in the whole process.
Zero-knowledge proof is a cryptographic technique that enables a prover to convince a verifier that some assertion is correct without providing the verifier with any valuable information. Zero knowledge concise non-interactive knowledge proof (zk-SNARKs, zero knowledge summary definitions of knowledge) is one of generating tools of zero knowledge proof, and is applied to Zcah, ZETH and other cryptocurrencies in a platform of block chain transaction for hiding privacy information such as transaction sender and receiver addresses and transaction amount. In data sharing between a cloud service provider and a data owner, the data availability verification between data transactions of two parties can be realized by combining an intelligent contract technology, and effective data information is guaranteed to be provided. .
Disclosure of Invention
The invention aims to provide a block chain data privacy protection and sharing method based on zero knowledge proof.
The invention relates to a block chain data privacy protection and sharing method based on zero knowledge proof, which comprises a data encryption and decryption algorithm, a zero knowledge proof generation algorithm and a zero knowledge proof verification algorithm, and comprises the following steps:
transaction entities participating in the blockchain, including data transaction institutions such as data owners and cloud service providers, need to be registered in the blockchain network. Then, automatically distributing a block chain address of a participating entity by the block chain network, and registering corresponding authority according to different role identities of participating users;
the cloud service provider generates a zero-knowledge proof containing some attribute requirements of zk-SNARKs, calculates the result and records in the intelligent contract of the hash value, and simultaneously issues some keywords of data requirements;
after generating private data, the data owner uploads the encryption to a semi-trusted agent cloud server for storage, attaches a digital signature of the data owner, verifies the transaction by a verification node and records the transaction into a block chain;
the data owner submits a zero knowledge proof to the smart contract. Then the intelligent contract automatically verifies whether the zero-knowledge proof meets the requirements of the cloud service provider;
after the verification is passed, the data owner generates a conversion key by using a public key provided by a cloud service mechanism;
and after receiving the intermediate ciphertext acquired from the proxy cloud server, the cloud service provider decrypts the ciphertext through the private key of the proxy cloud server. The semi-trusted agent cloud server cannot acquire any plaintext related information in the data sharing process. And the cloud service provider decrypts the intermediate ciphertext by using the private key to obtain the private data.
Compared with the prior art, the method has the advantages that:
(1) and the proxy re-encryption technology is adopted to ensure the sharing of data between the cloud service provider and the data owner. Data sharing traceability and verifiable between multiple entities is achieved based on block chain characteristics. .
(2) And a method combining zero-knowledge proof and an intelligent contract is provided, so that a data owner can prove that data meets the requirements of a cloud service mechanism on the premise of not revealing any data privacy. The consistency and the availability of the data in the sharing process are realized, and the benefits of both parties are protected.
(3) Two-stage mechanism is adopted to meet the environmental characteristics of adapting to the industrial Internet of things. The nodes are grouped, and a Raft consensus mechanism with supervision nodes is adopted in the group, so that the fault tolerance is higher. And the leadership committee elected by the Raft consensus mechanism employs the PBFT consensus mechanism. The time delay is reduced, the throughput is improved, and the safety is higher. .
Drawings
Fig. 1 is a block chain data privacy protection and sharing scheme based on zero knowledge proof.
Detailed Description
The invention relates to a block chain data privacy protection and sharing method based on zero knowledge proof, which comprises a data encryption and decryption algorithm, a zero knowledge proof generation algorithm and a zero knowledge proof verification algorithm, and comprises the following steps:
transaction entities participating in the blockchain, including data transaction institutions such as data owners and cloud service providers, need to be registered in the blockchain network. Then, automatically distributing a block chain address of a participating entity by the block chain network, and registering corresponding authority according to different role identities of participating users;
the cloud service provider generates a zero-knowledge proof containing some attribute requirements of zk-SNARKs, calculates the result and records in the intelligent contract of the hash value, and simultaneously issues some keywords of data requirements;
after generating private data, the data owner uploads the encryption to a semi-trusted agent cloud server for storage, attaches a digital signature of the data owner, verifies the transaction by a verification node and records the transaction into a block chain;
the data owner submits a zero knowledge proof to the smart contract. Then the intelligent contract automatically verifies whether the zero-knowledge proof meets the requirements of the cloud service provider;
after the verification is passed, the data owner generates a conversion key by using a public key provided by a cloud service mechanism;
and after receiving the intermediate ciphertext acquired from the proxy cloud server, the cloud service provider decrypts the ciphertext through the private key of the proxy cloud server. The semi-trusted agent cloud server cannot acquire any plaintext related information in the data sharing process. And the cloud service provider decrypts the intermediate ciphertext by using the private key to obtain the private data.
As shown in fig. 1, the method for protecting block chain data privacy based on zero knowledge proof includes the following stages:
firstly, after each entity is registered in a block chain, a private key generation center distributes a common private key pair for a user, a cloud service provider generates a zero knowledge proof pi ' of required data through zk-SNARK, and a calculation result R ' and a hash value h ' are sent to an intelligent contract, and required keywords are recorded and issued in the block chain.
Secondly, the data owner generates an encrypted ciphertext according to the requirement of the cloud service provider and sends the encrypted ciphertext to the semi-trusted cloud server, and records the hash with the signature in the block chain. Meanwhile, the zero knowledge proof pi generated by the private data, the calculation result R and the hash value h are sent to the intelligent contract for automatic comparison.
Then, the zero proof of knowledge verifies and notifies the data owner to use the public key PK of the cloud service organization after passingdPerforming a re-encryption algorithm to generate a re-encryption key PKu→dAnd sends it to the semi-trusted agent cloud server through public key encryption of the cloud service provider. Semi-trusted agent cloud server executes re-encryption algorithm to encrypt ciphertext
Figure BDA0003382454960000031
Conversion to intermediate ciphertext
Figure BDA0003382454960000032
And the later intermediate ciphertext is sent to the cloud service provider.
Finally, the cloud service provider uses the private key SKdAnd executing a decryption algorithm to obtain required privacy data and verifying the privacy data according to the information on the blockchain. And submitting the transaction of the data sharing information to a verification node through the post intelligent contract, and issuing the transaction on the block chain after verification by using an RBFT consensus algorithm. :
the block chain data privacy protection method based on zero knowledge proof includes a network adding stage, a data initialization stage, an intelligent contract issuing stage, an encryption stage, a zero knowledge proof generating stage, a re-encryption stage, a decryption stage and a consensus stage, and specifically includes:
the step (1) of adding the network stage comprises the following steps:
step (1-1) registering; transaction entities participating in the blockchain, including data transaction institutions such as data owners and cloud service providers, need to be registered in the blockchain network;
step (1-2) authority distribution; automatically allocating a block chain address of a participating entity in a block chain network, and registering corresponding authority according to different role identities of participating users;
the data initialization phase flow in the step (2) is as follows:
initializing parameters in the step (2-1); firstly, a PKG selects and inputs a safety parameter lambda, selects a prime number p and generates a multiplication cycle G1And G2Selecting four hash function groups H1,H2,H3,H4In which H is1:{0,1}*→{0,1}k,H2:{0,1}*→G1,H3:G2→{0,1}k,H4:
Figure BDA0003382454960000041
Step (2-2) defining bilinear mapping; system definition bilinear mapping e G1×G2→G2. PKG random selection
Figure BDA0003382454960000042
g,h∈G1Is G1Two different generators. Generating a common parameter and a master key Setup (1)λ) → (PK, MSK), where PK ═ p, G1,G2,e,g,h,H1,H2,H3H4),MSK=(a,b,c);
Calculating parameters in the step (2-3); PKG uses its identification ID provided by the data owneruAnd a public and private key pair KeyGen (MSK, PK, ID) generated by the public and private parameters and the master keyu)→(PKu,SKu) The cloud service provider obtains the key pair in the same way. The data owner private key is randomly selected by the PKG to be t, x, y,
Figure BDA0003382454960000043
calculating the following parameters
Figure BDA0003382454960000044
Figure BDA0003382454960000045
D1=hx D2=hyD3=hz. Wherein (A)1,A2,A3) For recovering the ciphertext, (B)1,B2,B3,D1,D2,D3) For generating a re-encryption key.
Step (3), intelligent contract issuing stage:
the cloud service provider generates a zero knowledge proof pi ' containing some attribute requirements through zk-SNARKs, calculates a result R ', records a hash value h ' in an intelligent contract, and simultaneously issues some keywords of data requirements. Wherein the generation process of the zero-knowledge proof will be described in the following in the perspective of the data owner, and the zero-knowledge proof process of the cloud service organization is similar;
the encryption stage process in the step (4) is as follows:
after the data owner generates private data, the private data is encrypted
Figure BDA0003382454960000046
Its private data D ═<d1,d2,K,dn>Wherein
Figure BDA0003382454960000047
R is randomly selected by the PKG,
Figure BDA0003382454960000048
calculating parameters
Figure BDA0003382454960000049
The procedure of the data recording uplink stage in step (5) is as follows:
the data owner will store the hash value and digital signature of the data record on the blockchain platform and the private data will be stored encrypted on the proxy cloud server. The data owner will submit his private data D ═<d1,d2,L,dn>And attaches its own digital signature σ theretoa=Authsign(SKu,H(<d1,d2,L,dn>)). When the transaction is verified by the verification node, it is recorded into the blockchain.
The procedure of the data recording uplink stage in step (6) is as follows:
when the private data of the data owner meets the keyword requirement provided by the cloud service provider, the data owner attaches the digital signature and the local time information of the data owner to the private data, and submits the private data to zk-SNARKs to generate a zero knowledge proof pi of the data owner. The construction process is as follows:
step (6-1) according to the ID of the data owneruPrivate data D ═<d1,d2,L,dn>And a local time T, generating the auxiliary information delta ═ D, T, IDu);
Step (6-2) selects random number r and side information δ ═ D, T, IDu) After the hash value H (delta, r) is calculated and generated, a digital signature sigma is generated with the private key of the data ownera=Authsign(SKp,H(δ,r));
Step (6-3) data owner configuration circuit C: Fn×Fh→Fl. Circuit C inputs common parameters<PK1,PK2,L,PKn>Private data D ═<d1,d2,L,dn,r>Data owner identification information<IDu,T>Where T and r are a time stamp and a random number, respectively. The output result R and the hash value h verify the authenticity and the availability of the data;
step (6-4) inputting security parameter lambda and calculating key pair (EK) of circuit C in calculation taskC,VKC) In which EKCFor generating zero knowledge proof, VKCTo verify zero knowledge proof;
step (6-5) prove that the algorithm generates the key EK proved by zero knowledgeCThe private data D of the data owner and the calculation result (R, h) in the third step generate a zero knowledge proof pi;
the flow of the zero knowledge proof verification stage in the step (7) is as follows:
the smart contract verifies its signature using the data owner's public key and then verifies the zero knowledge proof using the zk-SNARKs verification key. After the verification is passed, the intelligent contract automatically compares the zero knowledge proof pi of the data owner, the calculation result R, the hash value h and the zero knowledge proof pi ' of the cloud service mechanism, the calculation result R ' and the hash value h ' respectively. And after the verification is finished, if the verification is correct, outputting 1, otherwise, outputting 0.
The process of the re-encryption stage in the step (8) is as follows:
step (8-1) after the verification is passed, the data owner generates a conversion key ReKeyGen (PK, SK) by using a public key provided by a cloud service organizationu,PKd)→RKu→d. PKG random selection parameter k1,
Figure BDA0003382454960000051
Computing a transformation key RKu→d=(rk1,rk2). Wherein, rk1=(k1B3+B1)+(k2B3+B2)*IDu
Figure BDA0003382454960000052
And (8-2) the semi-trusted agent cloud server converts the ciphertext into an intermediate ciphertext which can be decrypted by the cloud service organization after receiving the conversion key encrypted by the public key of the data owner. Proxy cloud server sends intermediate ciphertext to cloud service mechanism
Figure BDA0003382454960000053
Wherein the content of the first and second substances,
Figure BDA0003382454960000054
the decryption stage flow in the step (9) is as follows:
and after receiving the intermediate ciphertext acquired from the proxy cloud server, the cloud service provider decrypts the ciphertext through the private key of the proxy cloud server. The semi-trusted agent cloud server cannot acquire any plaintext related information in the data sharing process. The cloud service provider decrypts the intermediate ciphertext by using the private key to obtain the private data
Figure BDA0003382454960000055
Wherein the content of the first and second substances,
Figure BDA0003382454960000056
(10) the process of the consensus stage comprises the following steps:
the characteristics of PBFT and Raft are combined, and a two-stage mechanism is adopted to meet the environmental characteristics of adapting to the industrial Internet of things. The nodes are grouped, and a Raft consensus mechanism with supervision nodes is adopted in the group, so that the fault tolerance is higher. And the leadership committee elected by the Raft consensus mechanism employs the PBFT consensus mechanism. The time delay is reduced, the throughput is improved, and the safety is higher. The consensus process is as follows;
and (10-1) after receiving the request of the client C, the Main node Main sorts and signs the transaction, and broadcasts the packaged pre-preparation message.
And (10-2) after the secondary node Replica receives more than 2f messages and verifies that the information such as the signature is valid, broadcasting a prepared message with the identity verification message.
And (10-3) after the secondary node Replica receives more than 2f +1 messages, judging whether the preparation stage is finished or not, and entering a Raft consensus stage.
And (10-4) broadcasting the message by the Leader in the step of Raft.
And (10-5) carrying out verification feedback after the follower nodes receive the message.
And (10-6) judging whether the Leader node meets the consensus or not according to the feedback result, and submitting the log.
And (10-7) after the consensus is completed, returning a consensus result to the intelligent contract, and writing the block chain account book.

Claims (2)

1. A block chain data privacy protection and sharing method based on zero knowledge proof comprises a data encryption and decryption algorithm, a zero knowledge proof generation algorithm and a zero knowledge proof verification algorithm, and is characterized by comprising the following steps:
transaction entities participating in the blockchain, including data transaction institutions such as data owners and cloud service providers, need to be registered in the blockchain network. Then, automatically distributing a block chain address of a participating entity by the block chain network, and registering corresponding authority according to different role identities of participating users;
the cloud service provider generates a zero-knowledge proof containing some attribute requirements of zk-SNARKs, calculates the result and records in the intelligent contract of the hash value, and simultaneously issues some keywords of data requirements;
after generating private data, the data owner uploads the encryption to a semi-trusted agent cloud server for storage, attaches a digital signature of the data owner, verifies the transaction by a verification node and records the transaction into a block chain;
the data owner submits a zero knowledge proof to the smart contract. Then the intelligent contract automatically verifies whether the zero-knowledge proof meets the requirements of the cloud service provider;
after the verification is passed, the data owner generates a conversion key by using a public key provided by a cloud service mechanism;
and after receiving the intermediate ciphertext acquired from the proxy cloud server, the cloud service provider decrypts the ciphertext through the private key of the proxy cloud server. The semi-trusted agent cloud server cannot acquire any plaintext related information in the data sharing process. And the cloud service provider decrypts the intermediate ciphertext by using the private key to obtain the private data.
2. The method of claim 1, wherein the method for protecting and sharing blockchain data privacy based on zero knowledge proof comprises:
the stage of adding the network in the step (1) is as follows:
step (1-1) registering; transaction entities participating in the blockchain, including data transaction institutions such as data owners and cloud service providers, need to be registered in the blockchain network;
step (1-2) authority distribution; automatically allocating a block chain address of a participating entity in a block chain network, and registering corresponding authority according to different role identities of participating users;
the data initialization phase flow in the step (2) is as follows:
initializing parameters in the step (2-1); firstly, a PKG selects and inputs a safety parameter lambda, selects a prime number p and generates a multiplication cycle G1And G2Selecting four hash function groups H1,H2,H3,H4In which H is1:{0,1}*→{0,1}k,H2:{0,1}*→G1,H3:G2→{0,1}k,H4:
Figure FDA0003382454950000011
Step (2-2) defining bilinear mapping; system definition bilinear mapping e G1×G2→G2. The PKG randomly selects the location of a, b,
Figure FDA0003382454950000012
g,h∈G1is G1Two different generators of (2); generating a common parameter and a master key Setup (1)λ) → (PK, MSK), wherein PK ═<p,G1,G2,e,g,h,H1,H2,H3H4),MSK=(a,b,c);
Calculating parameters in the step (2-3); PKG uses its identification ID provided by the data owneruAnd a public and private key pair KeyGen (MSK, PK, ID) generated by the public and private parameters and the master keyu)→(PKu,SKu) The cloud service provider obtains the key pair in the same way; the data owner private key is randomly selected by the PKG to be t, x, y,
Figure FDA0003382454950000021
calculating the following parameters
Figure FDA0003382454950000022
Figure FDA0003382454950000023
D1=hxD2=hyD3=hz. Wherein (A)1,A2,A3) For recovering the ciphertext, (B)1,B2,B3,D1,D2,D3) For generating a re-encryption key;
step (3), intelligent contract issuing stage:
the cloud service provider generates a zero knowledge proof pi ' containing some attribute requirements of the zk-SNARKs through the zk-SNARKs, the calculation result R ' and the hash value h ' are recorded in the intelligent contract, and keywords of some data requirements are issued at the same time; wherein the generation process of the zero-knowledge proof will be described in the following in the perspective of the data owner, and the zero-knowledge proof process of the cloud service organization is similar;
the encryption stage process in the step (4) is as follows:
after the data owner generates private data, the private data is encrypted
Figure FDA0003382454950000024
Its private data D ═<d1,d2,K,dn>Wherein
Figure FDA0003382454950000025
R is randomly selected by the PKG,
Figure FDA0003382454950000026
calculating parameters
Figure FDA0003382454950000027
The procedure of the data recording uplink stage in step (5) is as follows:
the data owner stores the hash value and the digital signature of the data record on the block chain platform, and the private data is stored on the proxy cloud server in an encrypted manner; the data owner will submit his private data D ═<d1,d2,L,dnHas a hash value of (1) and attaches its digital signature σ theretoa=Authsign(SKu,H(<d1,d2,L,dn>)). When the transaction is verified by the verification node, recording the transaction into the block chain;
the procedure of the data recording uplink stage in step (6) is as follows:
when the private data of the data owner meets the keyword requirement provided by the cloud service provider, the data owner attaches the digital signature and the local time information of the data owner to the private data, and submits the private data to zk-SNARKs to generate a zero knowledge proof pi of the data owner. The construction process is as follows:
step (6-1) according to the ID of the data owneruPrivate data D ═<d1,d2,L,dnAnd local time T, generating side information δ ═ D, T, IDu);
Step (6-2) selects random number r and side information δ ═ D, T, IDu) Computing the resulting hash value H: (δ, r) is followed by the generation of a digital signature σ from the private key of the data ownera=Authsign(SKp,H(δ,r));
Step (6-3) data owner configuration circuit C: Fn×Fh→Fl. Circuit C inputs common parameters<PK1,PK2,L,PKnPrivate data D ═<d1,d2,L,dnR, data owner identification Information (ID)u,T>Where T and r are a time stamp and a random number, respectively. The output result R and the hash value h verify the authenticity and the availability of the data;
step (6-4) inputting security parameter lambda and calculating key pair (EK) of circuit C in calculation taskC,VKC) In which EKCFor generating zero knowledge proof, VKCTo verify zero knowledge proof;
step (6-5) prove that the algorithm generates the key EK proved by zero knowledgeCThe private data D of the data owner and the calculation result (R, h) in the third step generate a zero knowledge proof pi;
the flow of the zero knowledge proof verification stage in the step (7) is as follows:
the intelligent contract firstly uses the public key of the data owner to verify the signature of the data owner, and then uses the verification key of zk-SNARKs to verify the zero knowledge proof; after the verification is passed, the intelligent contract automatically and respectively compares the zero knowledge proof pi of the data owner, the calculation result R, the hash value h and the zero knowledge proof pi ' of the cloud service mechanism, the calculation result R ' and the hash value h '; after the verification is finished, if the verification is correct, outputting 1, otherwise, outputting 0;
the process of the re-encryption stage in the step (8) is as follows:
step (8-1) after the verification is passed, the data owner generates a conversion key ReKeyGen (PK, SK) by using a public key provided by a cloud service organizationu,PKd)→RKu→d(ii) a PKG random selection parameter k1,
Figure FDA0003382454950000031
Computing a transformation key RKu→d=(rk1,rk2) Wherein, rk1=(k1B3+B1)+(k2B3+B2)*IDu
Figure FDA0003382454950000032
Step (8-2), the semi-trusted agent cloud server receives a conversion key encrypted by the public key of the data owner and converts the ciphertext into an intermediate ciphertext which can be decrypted by a cloud service organization; proxy cloud server sends intermediate ciphertext to cloud service mechanism
Figure FDA0003382454950000033
Wherein the content of the first and second substances,
Figure FDA0003382454950000034
the decryption stage flow in the step (9) is as follows:
after receiving the intermediate ciphertext obtained from the proxy cloud server, the cloud service provider decrypts the ciphertext through a private key of the proxy cloud server; the semi-trusted agent cloud server cannot acquire any plaintext related information in the data sharing process; the cloud service provider decrypts the intermediate ciphertext by using the private key to obtain the private data
Figure FDA0003382454950000035
Wherein the content of the first and second substances,
Figure FDA0003382454950000036
the flow of the consensus stage in the step (10) is as follows:
the characteristics of PBFT and Raft are combined, and a two-stage mechanism is adopted to meet the environmental characteristics of adapting to the industrial Internet of things. The nodes are grouped, and a Raft consensus mechanism with supervision nodes is adopted in the group, so that the fault tolerance is higher; the leadership committee elected by the Raft consensus mechanism adopts the PBFT consensus mechanism; the time delay is reduced, the throughput is improved, and the safety is higher; the consensus process is as follows;
step (10-1), after receiving the request of the client C, the Main node Main sorts and signs the transaction, and broadcasts the packaged pre-preparation message;
step (10-2) after the secondary node Replica receives more than 2f messages and verifies that the information such as the signature is valid, broadcasting a prepared message with an identity verification message;
after the secondary node Replica receives more than 2f +1 messages, judging whether the preparation stage is finished or not, and entering a Raft consensus stage;
the Leader in the step (10-4) Raft broadcasts messages;
step (10-5), the follower nodes carry out verification feedback after receiving the message;
step (10-6), the Leader node Leader judges whether to achieve consensus according to the feedback result, and submits the log;
and (10-7) after the consensus is completed, returning a consensus result to the intelligent contract, and writing the block chain account book.
CN202111438060.8A 2021-11-30 2021-11-30 Block chain data privacy protection and sharing method based on zero knowledge proof Withdrawn CN114143080A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111438060.8A CN114143080A (en) 2021-11-30 2021-11-30 Block chain data privacy protection and sharing method based on zero knowledge proof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111438060.8A CN114143080A (en) 2021-11-30 2021-11-30 Block chain data privacy protection and sharing method based on zero knowledge proof

Publications (1)

Publication Number Publication Date
CN114143080A true CN114143080A (en) 2022-03-04

Family

ID=80389554

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111438060.8A Withdrawn CN114143080A (en) 2021-11-30 2021-11-30 Block chain data privacy protection and sharing method based on zero knowledge proof

Country Status (1)

Country Link
CN (1) CN114143080A (en)

Cited By (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114499900A (en) * 2022-04-18 2022-05-13 杭州费尔斯通科技有限公司 Block chain private data sharing method based on zero knowledge proof
CN114726535A (en) * 2022-03-30 2022-07-08 北京理工大学 Privacy protection anti-counterfeiting automobile supply chain method based on block chain
CN114760067A (en) * 2022-03-30 2022-07-15 西安电子科技大学 Block chain group intelligent perception system privacy security protection method using zero knowledge certification
CN114785516A (en) * 2022-03-31 2022-07-22 浙江数秦科技有限公司 Time-limited encryption and decryption system based on block chain
CN114827212A (en) * 2022-06-27 2022-07-29 浙江省邮电工程建设有限公司 Vehicle communication management method for intelligent traffic
CN114841701A (en) * 2022-07-04 2022-08-02 浙江大学 Digital artwork anti-theft credible transaction method and device based on NFT
CN114866323A (en) * 2022-04-29 2022-08-05 华中科技大学 User-controllable private data authorization sharing system and method
CN114884747A (en) * 2022-06-16 2022-08-09 华北电力大学(保定) Energy transaction data sharing system and method based on cloud chain fusion
CN114938310A (en) * 2022-06-28 2022-08-23 湖南大学 Medicine similarity calculation method based on privacy protection
CN114944954A (en) * 2022-05-23 2022-08-26 天津理工大学 Privacy security data sharing method based on function encryption
CN115314225A (en) * 2022-08-08 2022-11-08 西南石油大学 Electronic medical record sharing and verifiable system based on block chain
CN115348054A (en) * 2022-06-30 2022-11-15 海南大学 Block chain data proxy re-encryption model based on IPFS
CN115378600A (en) * 2022-07-27 2022-11-22 浪潮云信息技术股份公司 Verifiable chameleon Hash verification method based on discrete logarithm
CN115499193A (en) * 2022-09-14 2022-12-20 西南石油大学 Rural tourism passenger privacy protection system and method based on block chain
CN115580431A (en) * 2022-09-01 2023-01-06 广州大学 Private data access control method based on alliance chain intelligent contract
CN115801288A (en) * 2023-01-10 2023-03-14 南方科技大学 Verification method, system and equipment based on block chain and zero knowledge proof
CN115811402A (en) * 2022-11-14 2023-03-17 吉林大学 Privacy protection federal learning-based medical data analysis method and storage medium
CN115865364A (en) * 2022-11-24 2023-03-28 杭州微毅科技有限公司 Block chain transaction security evaluation method and system
CN116684091A (en) * 2023-07-24 2023-09-01 安徽省大数据中心 Relay multi-level data blockchain sharing method and system based on quantum key distribution
CN117034213A (en) * 2023-10-08 2023-11-10 广州市悦智计算机有限公司 Method for encryption protection of NFT (network File transfer) of digital work
CN117319521A (en) * 2023-09-21 2023-12-29 江西省数盾信息技术网络安全研究院有限公司 Data transmission method and system based on privacy computing network
CN117726421A (en) * 2024-02-07 2024-03-19 湖南三湘银行股份有限公司 Rights management method applied to bank

Cited By (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114726535A (en) * 2022-03-30 2022-07-08 北京理工大学 Privacy protection anti-counterfeiting automobile supply chain method based on block chain
CN114760067A (en) * 2022-03-30 2022-07-15 西安电子科技大学 Block chain group intelligent perception system privacy security protection method using zero knowledge certification
CN114760067B (en) * 2022-03-30 2023-09-12 西安电子科技大学 Privacy security protection method for blockchain crowd sensing system by using zero knowledge proof
CN114726535B (en) * 2022-03-30 2023-10-20 北京理工大学 Privacy protection anti-fake automobile supply chain method based on blockchain
CN114785516A (en) * 2022-03-31 2022-07-22 浙江数秦科技有限公司 Time-limited encryption and decryption system based on block chain
CN114785516B (en) * 2022-03-31 2024-04-05 浙江数秦科技有限公司 Time-limited encryption and decryption system based on block chain
CN114499900A (en) * 2022-04-18 2022-05-13 杭州费尔斯通科技有限公司 Block chain private data sharing method based on zero knowledge proof
CN114866323A (en) * 2022-04-29 2022-08-05 华中科技大学 User-controllable private data authorization sharing system and method
CN114944954A (en) * 2022-05-23 2022-08-26 天津理工大学 Privacy security data sharing method based on function encryption
CN114944954B (en) * 2022-05-23 2023-08-25 天津理工大学 Privacy security data sharing method based on function encryption
CN114884747A (en) * 2022-06-16 2022-08-09 华北电力大学(保定) Energy transaction data sharing system and method based on cloud chain fusion
CN114827212B (en) * 2022-06-27 2022-09-16 浙江省邮电工程建设有限公司 Vehicle communication management method for intelligent traffic
CN114827212A (en) * 2022-06-27 2022-07-29 浙江省邮电工程建设有限公司 Vehicle communication management method for intelligent traffic
CN114938310A (en) * 2022-06-28 2022-08-23 湖南大学 Medicine similarity calculation method based on privacy protection
CN115348054A (en) * 2022-06-30 2022-11-15 海南大学 Block chain data proxy re-encryption model based on IPFS
CN114841701A (en) * 2022-07-04 2022-08-02 浙江大学 Digital artwork anti-theft credible transaction method and device based on NFT
CN115378600A (en) * 2022-07-27 2022-11-22 浪潮云信息技术股份公司 Verifiable chameleon Hash verification method based on discrete logarithm
CN115314225A (en) * 2022-08-08 2022-11-08 西南石油大学 Electronic medical record sharing and verifiable system based on block chain
CN115580431A (en) * 2022-09-01 2023-01-06 广州大学 Private data access control method based on alliance chain intelligent contract
CN115499193B (en) * 2022-09-14 2024-02-13 西南石油大学 Country travel passenger privacy protection system and method based on blockchain
CN115499193A (en) * 2022-09-14 2022-12-20 西南石油大学 Rural tourism passenger privacy protection system and method based on block chain
CN115811402A (en) * 2022-11-14 2023-03-17 吉林大学 Privacy protection federal learning-based medical data analysis method and storage medium
CN115811402B (en) * 2022-11-14 2023-05-30 吉林大学 Medical data analysis method based on privacy protection federal learning and storage medium
CN115865364A (en) * 2022-11-24 2023-03-28 杭州微毅科技有限公司 Block chain transaction security evaluation method and system
CN115865364B (en) * 2022-11-24 2023-11-17 杭州微毅科技有限公司 Block chain transaction security assessment method and system
CN115801288B (en) * 2023-01-10 2023-04-18 南方科技大学 Verification method, system and equipment based on block chain and zero knowledge proof
CN115801288A (en) * 2023-01-10 2023-03-14 南方科技大学 Verification method, system and equipment based on block chain and zero knowledge proof
CN116684091A (en) * 2023-07-24 2023-09-01 安徽省大数据中心 Relay multi-level data blockchain sharing method and system based on quantum key distribution
CN116684091B (en) * 2023-07-24 2023-10-31 安徽省大数据中心 Relay multi-level data blockchain sharing method and system based on quantum key distribution
CN117319521A (en) * 2023-09-21 2023-12-29 江西省数盾信息技术网络安全研究院有限公司 Data transmission method and system based on privacy computing network
CN117319521B (en) * 2023-09-21 2024-04-05 江西省数盾信息技术网络安全研究院有限公司 Data transmission method and system based on privacy computing network
CN117034213A (en) * 2023-10-08 2023-11-10 广州市悦智计算机有限公司 Method for encryption protection of NFT (network File transfer) of digital work
CN117726421A (en) * 2024-02-07 2024-03-19 湖南三湘银行股份有限公司 Rights management method applied to bank

Similar Documents

Publication Publication Date Title
CN114143080A (en) Block chain data privacy protection and sharing method based on zero knowledge proof
Zhang et al. Outsourcing service fair payment based on blockchain and its applications in cloud computing
CN113364600B (en) Certificateless public auditing method for integrity of cloud storage data
CN110022217B (en) Advertisement media service data credible storage system based on block chain
US8744077B2 (en) Cryptographic encoding and decoding of secret data
CN111064734B (en) Block chain system user identity anonymity and traceable method, corresponding storage medium and electronic device
CN110971390A (en) Fully homomorphic encryption method for intelligent contract privacy protection
CN109450843B (en) SSL certificate management method and system based on block chain
GB2490407A (en) Joint encryption using base groups, bilinear maps and consistency components
CN109936455A (en) A kind of methods, devices and systems of digital signature
WO2022089237A1 (en) Blockchain-based value verification method and apparatus, computer device and medium
CN114036539A (en) Safety auditable Internet of things data sharing system and method based on block chain
CN114255034A (en) Electronic voting method capable of verifying fairness based on block chain
CN110728576A (en) Decentralized anonymous data transaction method based on zero knowledge proof
Liu et al. Decentralized anonymous authentication with fair billing for space-ground integrated networks
CN111783136A (en) Data protection method, device, equipment and storage medium
CN109902508A (en) A kind of method for authenticating entities and system of the anonymity of voucher label originator
Damgård et al. Stronger security and constructions of multi-designated verifier signatures
CN113554436A (en) User identity anonymization method, tracking method and system for block chain system
CN108809996B (en) Integrity auditing method for duplicate deletion stored data with different popularity
Win et al. A privacy preserving content distribution mechanism for DRM without trusted third parties
Emura et al. Group signatures with message-dependent opening: Formal definitions and constructions
Huynh et al. A reliability guaranteed solution for data storing and sharing
Deng et al. Designated-verifier anonymous credential for identity management in decentralized systems
CN116308355A (en) Block chain-based carbon emission transaction and audit method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20220304