CN114726535A - Privacy protection anti-counterfeiting automobile supply chain method based on block chain - Google Patents

Privacy protection anti-counterfeiting automobile supply chain method based on block chain Download PDF

Info

Publication number
CN114726535A
CN114726535A CN202210327691.0A CN202210327691A CN114726535A CN 114726535 A CN114726535 A CN 114726535A CN 202210327691 A CN202210327691 A CN 202210327691A CN 114726535 A CN114726535 A CN 114726535A
Authority
CN
China
Prior art keywords
information
automobile
ownership
automobile part
product
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210327691.0A
Other languages
Chinese (zh)
Other versions
CN114726535B (en
Inventor
祝烈煌
张璨
徐畅
李荣荣
丁瑶玲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Technology BIT
Original Assignee
Beijing Institute of Technology BIT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Technology BIT filed Critical Beijing Institute of Technology BIT
Priority to CN202210327691.0A priority Critical patent/CN114726535B/en
Publication of CN114726535A publication Critical patent/CN114726535A/en
Application granted granted Critical
Publication of CN114726535B publication Critical patent/CN114726535B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3255Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/30Computing systems specially adapted for manufacturing

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention relates to a privacy protection anti-counterfeiting automobile supply chain method based on a block chain, and belongs to the technical field of block chain privacy protection and intelligent car networking. The method utilizes the Hash chain and the group signature technology to protect the identity privacy problem of merchants participating in the supply chain, simultaneously uses the block chain technology to effectively deal with the unreliability of the traditional central server, realizes the public and verifiable product information, and achieves the aim of product anti-counterfeiting. Compared with the traditional anti-counterfeiting supply chain, the anti-counterfeiting supply chain for the automobile parts can store automobile part information and transaction information such as ownership certification and ownership transfer process by using the block chain technology, and can realize the anti-counterfeiting supply chain for the automobile parts without centralization and tampering. Compared with the traditional anti-counterfeiting supply chain based on the block chain, the anti-counterfeiting supply chain based on the block chain utilizes the cryptography technologies such as the hash chain and the group signature, protects the privacy information such as the business relationship among suppliers in the automobile supply chain, and the group signature technology can ensure that the anti-counterfeiting supply chain is traced by a trusted authority when any dispute occurs.

Description

Privacy protection anti-counterfeiting automobile supply chain method based on block chain
Technical Field
The invention relates to a privacy protection anti-counterfeiting automobile supply chain method, in particular to a privacy protection anti-counterfeiting automobile supply chain method based on a block chain, and belongs to the technical field of block chain privacy protection and intelligent car networking.
Background
In the current global context, more and more enterprises across countries have established supply chains of automobile parts to achieve efficient supply of automobile parts. However, the problem of counterfeit of automobile parts is becoming more serious. Counterfeit automobile parts easily cause traffic accidents, and seriously threaten the life and property safety of drivers and pedestrians.
In recent years, Radio Frequency Identification (RFID) technology has been used in anti-counterfeiting technology, which uses an nfc (near Field communication) tag called Electronic Product Code (EPC) to identify products with unique identifiers (Product Identifier). In such schemes, the user scans the unique identifier of the product and compares it with the unique identifier stored in the database, and if they are consistent, the product is considered to be genuine, otherwise it is considered to be false. However, this type of solution presents a certain safety risk. First, the identifier of the product may be copy-forged. Second, conventional centralized servers are vulnerable to hostile attacks and the stored data may be corrupted or tampered with.
The blockchain technology has the characteristics of decentralization, non-tampering, data disclosure transparency and the like, anyone or a mechanism cannot control the whole blockchain network by controlling one or a plurality of nodes, and data cannot be modified or deleted once stored on the blockchain. Therefore, the block chain technology is applied to the automobile supply chain, and the problems can be effectively solved. In the existing anti-counterfeiting automobile supply chain implementation scheme, automobile part information (such as automobile part manufacturers, production dates, PID (proportion integration differentiation) and automobile part transaction information (such as logistics information, ownership transfer information and the like) are stored in a block chain. If the received information is inconsistent with the information stored on the blockchain, the purchaser may consider the automobile part as a counterfeit product.
However, the existing scheme has the problem of leakage of private information. Due to the transparency of the blockchain, each user can obtain data on the blockchain, resulting in leakage of sensitive information. The sales volume, profit, buyer, seller, etc. of a certain product belong to some business secrets that need to be kept secret, and the leakage of the business secrets also causes economic losses to the business in the automobile supply chain.
Disclosure of Invention
The invention aims to creatively provide a privacy protection anti-counterfeiting automobile supply chain method based on a block chain, aiming at solving the technical problem that the traditional anti-counterfeiting automobile supply chain method based on the block chain cannot simultaneously meet the requirements of data disclosure and privacy protection. The method utilizes the Hash chain and the group signature technology to protect the identity privacy problem of merchants participating in the supply chain, simultaneously uses the block chain technology to effectively deal with the unreliability of the traditional central server, realizes the public and verifiable product information, and achieves the aim of product anti-counterfeiting.
First, the following is a description of the relevant contents related to the present invention:
the trusted authority: the task of which is identity registration and product tracking. Any entity (including automobile part manufacturers, automobile part dealers, and automobile part retailers) needs to register with the authentic identity information at a trusted authority. Generally, the trusted authority is in an off-line state, and when the automobile parts have problems, the trusted authority can trace the source of the logistics information.
Block chain network: a decentralized network has the characteristics of openness, transparency, no tampering and the like. Data on a blockchain network consists of a large number of blockchain transactions. In the invention, the product information of the produced automobile parts is stored on the blockchain as the evidence of non-tampering, and all automobile part manufacturers, automobile part dealers and automobile part retailers can issue transaction information on the blockchain, wherein the transaction information comprises automobile part information, ownership transfer information and ownership certification information. Meanwhile, as the data on the blockchain is public and transparent, all people can call the intelligent contracts to view related information.
Automobile parts manufacturers: automobile parts such as tires, batteries, engines and the like are produced, each product has a unique product identifier PID, and any entity can call an RFID reader to acquire the identifier PID of the automobile part. Meanwhile, after the automobile parts are produced by the automobile parts manufacturer, the automobile parts information needs to be released on the block chain. The product may be sold to automobile parts dealers and automobile parts retailers, after which ownership transfer information needs to be published to the blockchain.
Auto parts dealership: the automobile parts manufacturer sells the generated automobile parts to an automobile parts agent, and the automobile parts agent sells the automobile parts to an automobile parts retailer. After receiving the automobile parts sold by the automobile part manufacturer, the automobile part agent needs to search ownership transfer information of the automobile parts from the blockchain, verify whether the ownership certification of the automobile parts is correct or not, accept the automobile parts and generate new ownership transfer information and ownership certification if the verification is passed, and reject the acceptance if the verification is not passed.
Automobile parts retailer: the automobile parts can be purchased from automobile parts dealerships or sold to users who need to purchase the automobile parts. When purchasing an automobile part, it is necessary to detect ownership information of the automobile part to prevent the occurrence of counterfeit automobile parts. When selling automobile parts, it is necessary to provide proof of ownership of the product by the retailer.
The user: the user purchases the automobile parts through the automobile part retailer, and needs to verify whether the automobile parts are counterfeit products when purchasing, and if there is no problem with the products, the user pays for purchasing the automobile parts, and after the user purchases the automobile parts, the ownership status of the automobile parts is updated to be purchased.
The invention is realized by adopting the following technical scheme.
A privacy protection anti-counterfeiting automobile supply chain method based on a block chain comprises the following steps:
step 1: and (5) initializing the system.
The trusted authority registers each entity and generates common parameters, which are finally sent to each entity over a secure channel. The trusted authority deploys the intelligent contract part required by the whole scheme to the blockchain through a standard blockchain deployment tool. After the system is initialized, the trusted authority will remain in the offline state unless disputes occur.
Specifically, step 1 comprises the steps of:
step 1.1: a set of entity information is provided to the trusted authority for registration, including a real-world identity of the entity and a type of entity belonging to the automobile parts manufacturer, the automobile parts agent, and the automobile parts retailer. The trusted authority initializes a set of registration information for storing the generated registration information.
Step 1.2: the trusted authority first generates a master key, and then generates a group public key and a master private key required by the group signature and a private key corresponding to each entity in the set by using a key generation algorithm in the group signature scheme.
Step 1.3: for each entity information in the user information set, the trusted authority generates corresponding registration information.
Specifically, a corresponding entity ID is first generated by means of the master key and the entity information, and then a new key K is generated. And finally, the generated entity ID, the new key K, the identity information of the entity and the private key corresponding to the entity in the group signature form registration information of the entity. And storing the registration information generated by all entities in the entity information set in the registration information set.
Step 1.4: and (3) the trusted authority issues the group public key generated in the step 1.2 as a public parameter to a block chain, and the registration information set generated in the step 1.3 and the main private key generated in the step 1.2 are stored by the trusted authority for product tracing. Meanwhile, automobile part manufacturers, automobile part dealers and automobile part retailers all need to generate corresponding blockchain addresses and send the addresses to trusted authorities.
Step 2: and (5) product registration.
After an automobile part manufacturer produces a batch of automobile parts containing unique identifiers, intelligent contracts are called to register the automobile parts, and information sets of the automobile parts are published on a block chain.
Specifically, step 2 comprises the steps of:
step 2.1: and storing the identifiers of the produced batch of automobile parts in the automobile part information set, and initializing the ownership certification set and the product information set.
Step 2.2: for each automobile part identifier in the automobile part information set, the ownership certificate is generated by using the key K generated when the automobile part manufacturer registers in the step 1 and the entity ID, and the hash value of the ownership certificate is calculated.
Step 2.3: and (3) signing the ownership certificate hash value calculated in the step 2.2 by using the group public key generated in the step 1 and the private key of the automobile part manufacturer by using a signature algorithm in a group signature scheme. As shown in fig. 2.
Step 2.4: and combining the automobile part identifier, the hash value of the ownership certificate, the entity ID of the automobile part manufacturer, a flag bit for indicating whether the automobile part is sold or not and a signature generated by using a group signature technology, and storing the combined result in a product information set. Finally, the manufacturer stores the product information set on the blockchain. The vehicle component identifier, the proof of ownership are stored in a proof of ownership set, and the proof of ownership set is returned to the vehicle component manufacturer.
And step 3: and (4) transfer of ownership.
When a seller (an automobile part manufacturer or an automobile part agent) prepares to sell a batch of automobile parts to a buyer (another automobile part agent or an automobile part retailer), an intelligent contract is invoked to transfer ownership of the automobile part to the corresponding retailer or agent. In the process, identity authentication between two entities is carried out by using a hash chain, and ownership information of the automobile parts must be stored in an encrypted manner so as to realize safe and reliable ownership transfer with privacy protection.
Specifically, step 3 includes the steps of:
step 3.1: before ownership transfer between the buyer and seller, both negotiate a hash chain and a sharing state. The hash chain is a set of a plurality of hashes and is linked through a hash function. Specifically, the previous hash value in the hash chain comes from the hash of the next hash value, while the initial hash value comes from the negotiation under the chain. The shared state contains a counter c and a hash value beta on the hash chain corresponding to the counter positionc
Step 3.2: the seller first needs to find the c +1 th hash value, which is recorded as beta, from the hash chain generated in step 3.1 in advancec+1Then encrypting the hash value and the ownership certification information of the automobile part generated in the step 2, and storing the encrypted information on a blockchain in the form of blockchain transaction, wherein the corresponding transaction identifier is Tid
Step 3.3: the seller entity proceeds to the hash value β within the shared state negotiated between the two entitiescStep 3.2, storing transaction identifier T of encrypted informationidAnd the c +1 th hash value β on the hash chainc+1The three are encrypted to obtain a transaction retrieval token, and the token is sent to the buyer.
Step 3.4: the seller will update the shared status and increment the counter shared with the buyer in step 3.1 by one. At this time, the status information of the seller becomes the counters c +1 and βc+1
And 4, step 4: and (4) ownership verification.
When an automobile part retailer, an automobile part agent or a user purchases an automobile part, whether the corresponding automobile part is really the automobile part which wants to be purchased is checked, ownership information, whether the automobile part is sold or not and the like are verified, when all checks are passed, the automobile part is accepted, otherwise, the automobile part is rejected as fake goods.
For the automobile part agent and the automobile part retailer which are buyers, the token transmitted by the seller in step 3.3 is used to verify whether the ownership information of the automobile part is correct, whether the automobile part is transferred by the corresponding seller, and whether the information such as the identifier and the signature of the automobile part is correct, if the check is successful, the ownership information of the automobile part is updated, and the updated information is stored in the block chain.
For the user as the buyer, only the ownership information, the vehicle identifier and other information of the vehicle product need to be verified whether to be correct, and if the verification is successful, the automobile part is indicated to be a genuine product. When the user successfully purchases the automobile part, the sales state of the automobile part is updated, and the updated information is stored in the blockchain.
Specifically, step 4 includes the steps of:
for automobile part dealers and automobile part retailers, the following is used:
step 4.1: the buyer uses the status information shared with the seller in step 3.1 to retrieve a transaction token from the seller selling the automobile component, decrypts the transaction token to obtain the transaction identifier T in the form of ciphertextidAnd a hash value β of the next bit of the counter on the hash chain used as a one-time session keyc+1
Step 4.2: and hashing the hash value of the disposable session key, comparing the hash content with the hash content in the shared state, if the comparison is successful, indicating that the identity authentication of the two parties is successful, otherwise, if the authentication is failed, refusing to execute the subsequent operation.
Step 4.3: after successful verification at step 4.2, the transaction identifier T stored on the blockchain is retrievedidAnd decrypting the ciphertext information stored in the corresponding transaction to obtain a set containing ownership information of the automobile parts, and searching corresponding product information from the block chain by calling an intelligent contract. And for each piece of automobile part information, comparing whether the hash value of the ownership certificate in the received ownership information set is the same as the hash value in the corresponding product information stored on the block chain and whether the state of the automobile part is in an unsold state, and finally checking whether the signature content is correct. When the temperature is higher than the set temperatureAfter the information is checked successfully, the automobile part is indicated to be a genuine product, and the step 4.4 is executed, otherwise, the product is regarded as a fake product, and the buyer refuses to accept the product.
Step 4.4: the buyer performs the same operation as in step 2.2, i.e. generates a new proof of ownership and a hash of the proof of ownership using the buyer's own identity ID and the secret key K. The same operation as in step 2.3 is then performed, i.e. the generation of signature information using the group public key and the buyer's own private key.
Step 4.5: and updating the product information stored on the block chain of each received automobile part, wherein the product information comprises the hash value of the ownership certification information of the automobile part and the signature information of the automobile part.
For the user, the following method is adopted:
step 4-1: the automobile part retailer gives a product ownership information set of the corresponding automobile part, checks the product information of the corresponding automobile part according to the product identifier contained in the product ownership information set, calculates whether the hash value of the ownership certificate is consistent with the information stored in the block chain, checks whether the state of the automobile part is sold, and executes the step 4-2 if the information is consistent and the automobile part is still in a non-sold state, otherwise, the product is regarded as a fake product and the buyer refuses to accept the product.
Step 4-2: checking whether the signature information is correct using the group public key, and if so, proceeding to the next step, otherwise the product will be considered a counterfeit product and the buyer will refuse to accept the product.
Step 4-3: and when the checks of the step 4-1 and the step 4-2 are passed, the automobile part is proved to be a genuine product. After the user purchases the product, the user invokes the intelligent contract to change the sales state of the automobile parts, and the state of the automobile parts is changed into the sold state.
Advantageous effects
Compared with the prior art, the invention has the following advantages:
1. the invention realizes no centralization. Compared with the traditional anti-counterfeiting supply chain, the block chain technology is used for storing automobile part information and transaction information such as ownership certification and ownership transfer processes, and the like, so that the automobile part anti-counterfeiting supply chain which is not centralized and can not be tampered can be realized.
2. The invention realizes privacy protection. Compared with the traditional anti-counterfeiting supply chain based on the block chain, the anti-counterfeiting supply chain based on the block chain utilizes the cryptography technologies such as the hash chain and the group signature, protects the privacy information such as the business relationship among suppliers in the automobile supply chain, and the group signature technology can ensure that the anti-counterfeiting supply chain is traced by a trusted authority when any dispute occurs.
Drawings
FIG. 1 is a schematic diagram of the process of the present invention.
FIG. 2 is an illustration of vehicle component information stored on a blockchain.
Detailed Description
The technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. It should be apparent that the described embodiments are only some of the embodiments of the present invention, and not all of the embodiments. For example, embodiments of the present invention may involve an automobile parts agent being handed to a next level automobile parts agent and then to an automobile parts retailer.
Examples
In this case, the automobile parts manufacturer produces a batch of automobile parts having unique identifiers, and then gives ownership of the automobile parts to the automobile parts agent, and then the automobile parts agent gives ownership to the automobile parts retailer, and finally the automobile parts retailer sells the automobile parts to the user.
As shown in fig. 1, a privacy protection anti-counterfeit automobile supply chain method based on a block chain includes the following steps:
step 1: and (5) initializing the system.
Step 1.1: providing a trusted authority TA with a set of entity information U ═ U { U } that needs to be registered1,...,umAnd a security parameter λ (λ ═ 256), where the entity information set contains m entities that need to be registered.
For any entity U in entity information set UiWhich isThe information for registration comprises the identity id of entity i in the real worldiAnd entity typeiEntity type is represented as typeiThe manufacturer of the automobile parts, agent of the automobile parts, and retailer of the automobile parts. The trusted authority initializes a set R for storing later generated registration information.
Step 1.2: the trusted authority first generates a master key KMThe group public key gpk, the master private key gsk, and the m private keys { sk for group signature generated for each registration entity, which are needed for the key generation algorithm GS. keygen to generate the group signature, are then executed in the group signature scheme GS1,…,skm}。
Step 1.3: for each entity information in the entity information set U, the trusted authority generates corresponding registration information. For the ith entity, the entity ID is first calculatedi=F(KM,ui) Wherein F is a safe pseudo-random function, a character string with the length of 256 bits and a character string with the length of any bit are input, and a character string with the length of 256 bits is output. Here, KMMaster key, u, generated for step 1.2iThe entity information of the entity information set in step 1.1. Then, the trusted authority generates a key K corresponding to the entity ii. Finally, the trusted authority TA generates registration information r for the entity ii=(IDi,ui,ski,Ki) Wherein sk isiAnd generating a private key corresponding to the entity i in the m private keys for group signature generated by the trusted authority in the step 1.2.
Step 1.4: and finally, the trusted authority publishes the group public key gpk as a public parameter to the block chain network in a public way. And a set R ═ R with m entity registration information1,…,rmThe master private key gsk and the master private key gsk are saved by a trusted authority for product tracing. Meanwhile, automobile part manufacturers, automobile part dealers and automobile part retailers need to generate corresponding blockchain addresses and send the addresses to trusted authorities.
Step 2: the automobile parts manufacturer registers the automobile parts.
Step 2.1: after the physical registration, let the automobile parts manufacturer produce n automobile parts, wherein each automobile part i corresponds to a unique identifier PIDiThe corresponding product identifier set is P ═ { PID1,...,PIDn}。
Step 2.2: the auto parts manufacturer invokes an intelligent contract to initialize the two empty sets PI and PO.
For each automobile part PID in the product identifier set P generated in step 2.1iFirst, the proof of ownership p is calculatedi=F(K,ID||PIDi) Where F is the pseudo-random function defined in step 1.3, | | is the string splicing operation, | K is the secret key of the automobile part manufacturer in step 1.3, ID is the entity ID of the automobile part manufacturer in step 1.3, and a hash value h of the proof of ownership is calculatedi=H(pi) Where H represents the SHA256 hash function.
The manufacturer then signs the hash value of the proof of ownership of the vehicle product σ using group signature techniquesi= GS.Sign(gpk,sk,hi) And GS is a safe group signature scheme, GS.Sign is a group signature function, a group public key, a user private key for signature and signature content are input, and a corresponding digital signature is output.
Finally, the manufacturer will correspond to the Product Information (PID)i,hi,ID,false,σi) Adding to the set PI and adding (PID)i,pi) Added to the set PO, where ID is the manufacturer identity information of the automobile part and false represents that the automobile part has not been sold to any user. In step 6, if the automobile part is sold to the user, the corresponding false state will be changed to true.
Step 2.3: the manufacturer calls an intelligent contract to store the set PI into the blockchain and returns the set PO to the auto parts supplier.
And step 3: the automobile parts manufacturer performs ownership transfer.
Step 3.1: automobile parts manufacturer IDaWill already be filled withTransfer of successful ownership of automobile parts to automobile parts agent IDbFirst, two parties need to negotiate a hash chain in advance
Figure BDA0003572140990000101
And a shared state Sc=(c,βc). Wherein the hash chain
Figure BDA0003572140990000105
The generation rule of (2) is as follows: h ispIs a character string with length of 256 bits, and is composed of IDaAnd IDbThrough prior negotiation, h is obtained when i is 1,2, … and p-1i= H(hi+1) Where H is a SHA256 hash function. Shared state ScC in (1) is a counter, and β isc=hcFor corresponding hash chains
Figure BDA0003572140990000102
The c-th hash value of (c).
Step 3.2: automobile parts manufacturer IDaFrom hash chain
Figure BDA0003572140990000106
Get the c +1 th Hash hc+1And is provided with betac+1=hc+1To beta, pairc+1And encrypting the registered set PO of the batch of automobile parts generated in the step 2.2 by using the key betac+1Encrypted ciphertext information AESc+1PO) is stored in transaction form on the blockchain, the corresponding transaction identifier being Tid. AES is a secure symmetric encryption algorithm, and AES.
Step 3.3: automobile parts manufacturer IDaUsing a secret key betac+1For the transaction identifier T obtained in step 3.2idAnd to be next associated with the IDbGenerating a query token by encrypting a key used in the product ownership transfer
Figure BDA0003572140990000103
Wherein AES3.2, and | l is a character string splicing operation. Then, the generated token
Figure BDA0003572140990000104
Send to vehicle agent IDb
Step 3.4: auto parts agent IDaUpdating the shared State Sc+1=(c+1,βc+1)。
And 4, step 4: and the automobile part agent performs ownership verification.
Step 4.1: setting auto parts agent IDbWith the manufacturer ID of the automobile partsaThe state information shared between is Sc=(c,βc). When receiving IDaEnc (β) is an aesc,Tid||βc+1) Then, the agent first decrypts T by using its own keydec=AES.Dec(βcT), obtaining a transaction identifier TidAnd a one-time key betac+1. Dec is a symmetric decryption function of the AES encryption scheme.
Step 4.2: first, H (. beta.) is judgedc+1) And betacAnd if not, the authentication fails. If successful, the identifier stored in the block chain is searched for as TidThe data stored in the transaction is extracted and decrypted to obtain PO ═ aesc+1Data) where PO represents a collection of product ownership information for each automotive part, each entry in the collection containing a product identifier PID for an automotive partiAnd corresponding product ownership certification information piAccording to the automobile part product identifier of the PO, corresponding automobile part information can be searched from the block chain, and the information forms a product information set PI.
Step 4.3: after acquiring the ownership information set PO and the product information set PI of the automobile parts, acquiring any product ownership information PO in the POi=(PIDi,pi) The corresponding product information in the PI is PIi= (PIDi,hi,ID,false,σi) In whichPIDiIs a product identifier, hiID is the product manufacturer's ID, which is a hash value of the proof of ownership of the product, and false represents that the product is not sold to any user. The agent first calculates H ═ H (p)i) And is reacted with PIiHash of inner hiAnd comparing, if the two are the same and the selling state is false, executing a group signature verification algorithm GS.verify (gpk, sigma, h), and continuously verifying whether the signature is correct. And if the output of the GS.verify algorithm is true, the verification is successful, the product is regarded as a genuine product, the step 4.4 is executed, and if the output of the GS.verify algorithm is false, the verification fails, and the product is regarded as a counterfeit product.
Step 4.4: generating a new proof of ownership p 'for automotive parts deemed genuine'i= F(Kb,IDb||PIDi) Wherein F is the pseudo-random function defined in step 1.3, and | | is the string splicing operation. Then, the hash value H '═ H (p'i) And a signature σi=GS.Sign(gpk,sk,hi) Wherein gs.sign is the signature function of step 2.2. Thereafter, the agent will newly generate (PID)i,p′i) Add to set PO 'and invoke the Smart contract update identifier PID auto parts information, where the Hash update of the product ownership certificate is h'iSignature is updated to σi
Step 4.5: auto parts agent IDbUpdating the shared State Sc+1=(c+1,βc+1)。
And 5: the auto parts agent hands the vehicle parts to the auto parts retailer.
In this stage, the automobile part dealership performs the step 3 of transferring the ownership of the automobile part, and the automobile part retailer performs the step 4 of verifying the ownership.
Step 6: the automobile parts retailer sells the automobile parts to the customer.
Step 6.1: automobile part retailers sell automobile parts to users, and automobile part information sets PO needing to be sold to usersi=(PIDi,pi) Is sent to a user, wherein PIDiIs a unique identifier of a product, piProof of ownership information for the product.
Step 6.2: user by PIDiCalling intelligent contract and searching corresponding product information PIi= (PIDi,hi,ID,false,σi)。
First, H ═ H (p) is calculated from the proof of ownership of the automobile parts in the PIi) And is reacted with PIiInner hiMaking a comparison if h' ═ hiAnd if the corresponding selling state is false, namely the product is not sold to other users, continuously verifying whether the signature is correct or not, and if the verification is passed completely, the automobile part is regarded as a genuine product.
Step 6.3: after the user purchases the automobile parts, the user calls the intelligent contract and updates the product PIDiThe sales status is updated to true, i.e., the product has been sold.
The foregoing description of the specific embodiments has been presented for purposes of illustration and description. However, it should be understood by those skilled in the art that the present invention is not limited to the above preferred embodiments, and that various other forms of the product can be obtained by anyone who has the benefit of the present invention, and any changes in the shape or structure thereof, which have the same or similar technical solutions as those of the present invention, fall within the protection scope of the present invention.

Claims (5)

1. A privacy protection anti-counterfeiting automobile supply chain method based on a block chain is characterized by comprising the following steps:
step 1: initializing a system;
the trusted authority registers each entity and generates public parameters, and finally, the public parameters are sent to each entity through a secure channel; the trusted authority deploys the intelligent contract part required by the whole scheme to the block chain through a standard block chain deployment tool; after the system is initialized, the trusted authority keeps an offline state unless disputes occur;
step 2: product registration;
after an automobile part manufacturer produces a batch of automobile parts containing unique identifiers, calling an intelligent contract to register the automobile parts, and publishing information sets of the automobile parts on a block chain;
and step 3: transfer of ownership;
when a seller prepares to sell a batch of automobile parts to a buyer, calling an intelligent contract to transfer ownership of the automobile parts to a corresponding retailer or agent; in the process, identity authentication between two entities is carried out by using a hash chain, and ownership information of the automobile parts must be encrypted and stored to realize safe and reliable ownership transfer with privacy protection;
and 4, step 4: verifying ownership;
when an automobile part retailer, an automobile part agent or a user purchases an automobile part, whether the corresponding automobile part is really the automobile part which wants to be purchased is checked, ownership information, whether the automobile part is sold and the like are verified, when all the checks are passed, the automobile part is accepted, otherwise, the automobile part is rejected as fake goods;
for the automobile part agent and the automobile part retailer which are taken as buyers, verifying whether the ownership information of the automobile part is correct and is transferred by the corresponding seller and the information such as the identifier, the signature and the like of the automobile part is correct by using the token transmitted by the seller in the step 3.3, updating the ownership information of the automobile part if the checking is successful, and storing the updated information on the block chain;
for a user serving as a buyer, only the ownership information, the vehicle identifier and other information of the vehicle product need to be verified to be correct, and if the verification is successful, the automobile part is a genuine product; when the user successfully purchases the automobile part, the sales state of the automobile part is updated, and the updated information is stored in the blockchain.
2. The block chain based privacy protection anti-counterfeiting automobile supply chain method according to claim 1, wherein the step 1 comprises the following steps:
step 1.1: providing a set of entity information to the trusted authority for registration, wherein the set of entity information includes a real-world identity of the entity and a type of entity belonging to the automobile parts manufacturer, the automobile parts agent, and the automobile parts retailer; the trusted authority initializes a registration information set for storing the generated registration information;
step 1.2: the trusted authority firstly generates a master key, and then generates a group public key and a master private key required by group signature and a private key corresponding to each entity in a set by using a key generation algorithm in a group signature scheme;
step 1.3: for each entity information in the user information set, the trusted authority generates corresponding registration information;
specifically, a corresponding entity ID is generated by means of a master key and entity information, and then a new key K is generated; finally, the generated entity ID, the new key K, the identity information of the entity and the private key corresponding to the entity in the group signature form registration information of the entity; storing the registration information generated by all entities in the entity information set in a registration information set;
step 1.4: the trusted authority issues the group public key generated in the step 1.2 as a public parameter to a block chain, and the registration information set generated in the step 1.3 and the main private key generated in the step 1.2 are stored by the trusted authority for product tracing; meanwhile, automobile part manufacturers, automobile part dealers and automobile part retailers all need to generate corresponding blockchain addresses and send the addresses to trusted authorities.
3. The block chain based privacy protection anti-counterfeiting automobile supply chain method according to claim 1, wherein the step 2 comprises the following steps:
step 2.1: storing the identifiers of the produced automobile parts in an automobile part information set, and initializing an ownership certification set and a product information set;
step 2.2: for each automobile part identifier in the automobile part information set, generating an ownership certificate by using the key K and the entity ID generated when the automobile part manufacturer is registered in the step 1, and calculating a hash value of the ownership certificate;
step 2.3: for the ownership certificate hash value calculated in the step 2.2, signing the ownership certificate hash value by using the group public key generated in the step 1 and the private key of the automobile part manufacturer by using a signature algorithm in a group signature scheme;
step 2.4: combining the identifier of the automobile part, the hash value of the ownership certificate, the entity ID of the manufacturer of the automobile part, a flag bit indicating whether the automobile part is sold or not and a signature generated by using a group signature technology, and storing the combined identifier and the hash value in a product information set; finally, the manufacturer stores the product information set on the blockchain; the vehicle component identifier, the proof of ownership are stored in a proof of ownership set, and the proof of ownership set is returned to the vehicle component manufacturer.
4. The block chain based privacy protection anti-counterfeiting automobile supply chain method according to claim 1, wherein the step 3 comprises the following steps:
step 3.1: before ownership transfer is carried out between a buyer and a seller, the buyer and the seller negotiate to obtain a hash chain and a sharing state; the hash chain is a set of a plurality of hashes and is linked through a hash function; specifically, the previous hash value in the hash chain comes from the hash of the next hash value, and the initial hash value comes from the negotiation under the chain; the shared state contains a counter c and a hash value beta on the hash chain corresponding to the counter positionc
Step 3.2: the seller first needs to find the (c + 1) th hash value, denoted as β, from the pre-generated hash chain in step 3.1c+1Then encrypting the hash value and the ownership certification information of the automobile part generated in the step 2, and storing the encrypted information on a blockchain in the form of blockchain transaction, wherein the corresponding transaction identifier is Tid
Step 3.3: seller entity relayTo hash value beta in shared state negotiated between two entitiescStep 3.2 transaction identifier T of the stored encrypted informationidAnd the c +1 th hash value β on the hash chainc+1The three are encrypted to obtain a transaction retrieval token, and the token is sent to the buyer;
step 3.4: the seller will update the shared status and increment the counter shared with the buyer in step 3.1 by one; at this time, the status information of the seller becomes the counters c +1 and βc+1
5. The block chain based privacy protection anti-counterfeiting automobile supply chain method according to claim 1, wherein the step 4 comprises the following steps:
for automobile part dealers and automobile part retailers, the following is used:
step 4.1: the buyer uses the status information shared with the seller in step 3.1 to retrieve a transaction token from the seller selling the automobile component, decrypts the transaction token to obtain the transaction identifier T in the form of ciphertextidAnd a hash value β of the next bit of the counter on the hash chain used as the one-time session keyc+1
Step 4.2: performing hash on the hash value of the one-time session key, comparing the hash content with the hash content in the shared state, if the comparison is successful, indicating that the identity authentication of the two parties is successful, otherwise, failing to authenticate, and refusing to execute the subsequent operation;
step 4.3: after successful verification at step 4.2, the transaction identifier T stored on the blockchain is retrievedidDecrypting the ciphertext information stored in the corresponding transaction to obtain a set containing ownership information of the automobile parts, and searching corresponding product information from the block chain by calling an intelligent contract; for each piece of automobile part information, comparing whether the hash value of the ownership certificate in the received ownership information set is the same as the hash value in the corresponding product information stored on the block chain and whether the state of the automobile part is in an unsold state, and finally checking whether the signature content is correct; when the information is all checkedIf the result is successful, the automobile part is indicated to be a genuine product, step 4.4 is executed, otherwise the product is regarded as a fake product, and the buyer refuses to accept the product;
step 4.4: the buyer performs the same operation as in step 2.2, i.e. generates a new proof of ownership and a hash value of the proof of ownership using the buyer's own identity ID and the secret key K; then the same operation as in step 2.3 is performed, i.e. the signature information is generated using the group public key and the buyer's own private key;
step 4.5: updating product information stored on a block chain of each received automobile part, wherein the product information comprises a hash value of ownership certification information of the automobile part and signature information of the automobile part;
for the user, the following method is adopted:
step 4-1: giving a product ownership information set of the corresponding automobile parts by the automobile part retailer, checking the product information of the corresponding automobile parts according to the product identifiers contained in the product ownership information set, calculating whether the hash value of the ownership certificate is consistent with the information stored in the block chain or not, checking whether the state of the automobile parts is sold or not, if the information is consistent and the automobile parts are not sold, executing the step 4-2, otherwise, considering the product as a counterfeit product, and refusing to accept the product by a buyer;
step 4-2: checking whether the signature information is correct by using the group public key, if so, continuing the next step, otherwise, the product is regarded as a fake product, and the buyer refuses to accept the product;
step 4-3: when the checks in the step 4-1 and the step 4-2 are passed, the automobile part is proved to be a genuine product; after the user purchases the product, the user invokes the intelligent contract to change the sales state of the automobile parts, and the state of the automobile parts is changed into the sold state.
CN202210327691.0A 2022-03-30 2022-03-30 Privacy protection anti-fake automobile supply chain method based on blockchain Active CN114726535B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210327691.0A CN114726535B (en) 2022-03-30 2022-03-30 Privacy protection anti-fake automobile supply chain method based on blockchain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210327691.0A CN114726535B (en) 2022-03-30 2022-03-30 Privacy protection anti-fake automobile supply chain method based on blockchain

Publications (2)

Publication Number Publication Date
CN114726535A true CN114726535A (en) 2022-07-08
CN114726535B CN114726535B (en) 2023-10-20

Family

ID=82238972

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210327691.0A Active CN114726535B (en) 2022-03-30 2022-03-30 Privacy protection anti-fake automobile supply chain method based on blockchain

Country Status (1)

Country Link
CN (1) CN114726535B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116628757A (en) * 2023-07-20 2023-08-22 东方空间技术(山东)有限公司 Spacecraft supply chain management method, equipment and storage medium based on block chain

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107292629A (en) * 2017-05-12 2017-10-24 深圳蜂链科技有限公司 Anti-counterfeit tracking verification method based on block chain and the device using this method
CN112070567A (en) * 2019-06-11 2020-12-11 青岛海链数字科技有限公司 Quality control system based on block chain and control method thereof
US20210184845A1 (en) * 2019-12-16 2021-06-17 Bull Sas Secure, decentralized, automated platform and multi-actors for object identity management through the use of a block chain technology
CN113657914A (en) * 2021-08-26 2021-11-16 卓尔智联(武汉)研究院有限公司 Commodity tracing method based on block chain, computer device and storage medium
CN114143080A (en) * 2021-11-30 2022-03-04 兰州理工大学 Block chain data privacy protection and sharing method based on zero knowledge proof

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107292629A (en) * 2017-05-12 2017-10-24 深圳蜂链科技有限公司 Anti-counterfeit tracking verification method based on block chain and the device using this method
CN112070567A (en) * 2019-06-11 2020-12-11 青岛海链数字科技有限公司 Quality control system based on block chain and control method thereof
US20210184845A1 (en) * 2019-12-16 2021-06-17 Bull Sas Secure, decentralized, automated platform and multi-actors for object identity management through the use of a block chain technology
CN113657914A (en) * 2021-08-26 2021-11-16 卓尔智联(武汉)研究院有限公司 Commodity tracing method based on block chain, computer device and storage medium
CN114143080A (en) * 2021-11-30 2022-03-04 兰州理工大学 Block chain data privacy protection and sharing method based on zero knowledge proof

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116628757A (en) * 2023-07-20 2023-08-22 东方空间技术(山东)有限公司 Spacecraft supply chain management method, equipment and storage medium based on block chain
CN116628757B (en) * 2023-07-20 2023-10-13 东方空间技术(山东)有限公司 Spacecraft supply chain management method, equipment and storage medium based on block chain

Also Published As

Publication number Publication date
CN114726535B (en) 2023-10-20

Similar Documents

Publication Publication Date Title
US8108309B2 (en) Protecting a manufactured item from counterfeiting
US20170331896A1 (en) Methods and systems for processing assets
EP2810402B1 (en) A method and database system for secure storage and communication of information
CN108764877B (en) Digital asset right-confirming trading method based on block chain technology
WO2017194976A1 (en) Methods and systems for processing assets
US20160098730A1 (en) System and Method for Block-Chain Verification of Goods
US20060129825A1 (en) Unified trust model providing secure identification, authentication and validation of physical products and entities, and processing, storage and exchange of information
CN101009014A (en) Secure anti-counterfeiting method and system thereof
CN114155095B (en) Digital artwork authentication and transaction system and authentication and transaction method
AU2018101669A4 (en) A method for checking and/ or updating information relating to assets
WO2018128539A1 (en) A method for checking and/or updating information relating to assets
JP2004506245A (en) Linking the device's public key with information during manufacture
Boehm et al. Holistic tracking of products on the blockchain using NFC and verified users
CN110868295A (en) Anti-quantum computing alliance chain system based on secret sharing and communication method
CN114726535B (en) Privacy protection anti-fake automobile supply chain method based on blockchain
CN116057554A (en) Method for managing transaction data sets, participant unit, transaction register and payment system
CN112070567A (en) Quality control system based on block chain and control method thereof
CN115310978A (en) Transaction method and device for digital assets
CN110474763B (en) Chain-based identity protection method
CN111277407B (en) Anti-quantum computing alliance chain voting system and method based on secret sharing
CN112926972B (en) Information processing method based on block chain, block chain system and terminal
WO2019107000A1 (en) Information processing device, information processing system, information processing method and program
Jain et al. Plasma chain and blockchain security model
JP7477937B1 (en) Appraisal and certification system and appraisal and certification method
KR102347272B1 (en) Method for Authenticating Ownership of Products

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant