CN114726535B - Privacy protection anti-fake automobile supply chain method based on blockchain - Google Patents

Privacy protection anti-fake automobile supply chain method based on blockchain Download PDF

Info

Publication number
CN114726535B
CN114726535B CN202210327691.0A CN202210327691A CN114726535B CN 114726535 B CN114726535 B CN 114726535B CN 202210327691 A CN202210327691 A CN 202210327691A CN 114726535 B CN114726535 B CN 114726535B
Authority
CN
China
Prior art keywords
information
product
ownership
automobile part
automobile
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210327691.0A
Other languages
Chinese (zh)
Other versions
CN114726535A (en
Inventor
祝烈煌
张璨
徐畅
李荣荣
丁瑶玲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Technology BIT
Original Assignee
Beijing Institute of Technology BIT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Technology BIT filed Critical Beijing Institute of Technology BIT
Priority to CN202210327691.0A priority Critical patent/CN114726535B/en
Publication of CN114726535A publication Critical patent/CN114726535A/en
Application granted granted Critical
Publication of CN114726535B publication Critical patent/CN114726535B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3255Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/30Computing systems specially adapted for manufacturing

Abstract

The application relates to a privacy protection anti-counterfeiting automobile supply chain method based on a blockchain, and belongs to the technical fields of blockchain privacy protection and intelligent Internet of vehicles. The method utilizes the hash chain and group signature technology to protect the identity privacy of merchants participating in the supply chain, and meanwhile, the blockchain technology is used for effectively preventing the unreliability of the traditional center server, so that the disclosure of product information can be verified, and the purpose of product anti-counterfeiting is achieved. Compared with the traditional anti-counterfeiting supply chain, the application utilizes the blockchain technology to store the information and the transaction information of the automobile parts such as ownership certification, ownership transfer process and the like, and can realize the anti-counterfeiting supply chain of the automobile parts without centralization and falsification. Compared with the traditional anti-counterfeiting supply chain based on the block chain, the application protects privacy information such as business relations among suppliers in the automobile supply chain by utilizing cryptographic technologies such as hash chains and group signature, and the group signature technology can ensure that the privacy information is traced by a trusted organization when any dispute occurs.

Description

Privacy protection anti-fake automobile supply chain method based on blockchain
Technical Field
The application relates to a privacy protection anti-counterfeiting automobile supply chain method, in particular to a privacy protection anti-counterfeiting automobile supply chain method based on a blockchain, and belongs to the technical fields of blockchain privacy protection and intelligent Internet of vehicles.
Background
In the current globalization background, more and more nationwide enterprises establish supply chains of automobile parts to realize efficient supply of the automobile parts. However, the problem of counterfeit car parts is becoming more serious. The counterfeited automobile parts easily cause traffic accidents, and seriously threaten the life and property safety of automobile drivers and pedestrians.
In recent years, radio frequency identification technology (RFID, radio Frequency Identification) has been used in security technology, which uses a NFC (Near Field Communication) tag called product electronic code (EPC, electronic Product Code) to identify a product having a unique identifier (Product Identifier). In such a scenario, the user scans the unique identifier of the product and then compares it with the unique identifier of the product stored in the database, if it is consistent, then the product is considered to be genuine, otherwise it is false. However, this type of solution presents a certain security risk. First, the identifier of the product may be copy-forged. Second, conventional centralized servers are vulnerable to adversary attacks, and stored data may be corrupted or tampered with.
The blockchain technology has the characteristics of no centralization, no tampering, transparent data disclosure and the like, any person or organization cannot control the whole blockchain network by controlling one or a plurality of nodes, and once the data is stored on the blockchain, the data cannot be modified or deleted. Therefore, the above problems can be effectively solved by applying the blockchain technology in the automobile supply chain. In the existing anti-counterfeiting automobile supply chain implementation scheme, automobile part information (such as automobile part manufacturers, production dates, PID (proportion integration differentiation) and the like) and automobile part transaction information (such as logistics information, ownership transfer information and the like) are stored on a blockchain. If there is an inconsistency between the received information and the information stored on the blockchain, the purchaser may consider the automobile part as a counterfeit product.
However, the existing scheme has a problem of disclosure of private information. Because of the transparency of the blockchain, each user can obtain data on the blockchain, resulting in leakage of sensitive information. Sales, profits, buyers, sellers, etc. of a certain product belong to some business secrets that need to be kept secret, and leakage of these business secrets also causes economic loss to merchants in the car supply chain.
Disclosure of Invention
Aiming at the defects and shortcomings existing in the prior art, the application creatively provides a privacy protection anti-counterfeiting automobile supply chain method based on a block chain, which aims to solve the technical problem that the traditional anti-counterfeiting automobile supply chain method based on the block chain cannot simultaneously meet the data disclosure verifiable and privacy protected. The method utilizes the hash chain and group signature technology to protect the identity privacy of merchants participating in the supply chain, and meanwhile, the blockchain technology is used for effectively preventing the unreliability of the traditional center server, so that the disclosure of product information can be verified, and the purpose of product anti-counterfeiting is achieved.
First, the following will be described as related matters related to the present application:
trusted institutions: the task is identity registration and product tracking. Any entity (including automobile parts manufacturers, automobile parts agencies, and automobile parts retailers) needs to register with the trusted authority using the actual identity information. Under the general condition, the trusted mechanism is in an off-line state, and when the automobile parts are in a problem, the trusted mechanism can trace the logistics information of the automobile parts.
Block chain network: a decentralised network has the characteristics of being transparent, non-tamperable and the like. The data on a blockchain network is made up of a large number of blockchain transactions. In the application, the product information of the produced automobile parts is stored on the block chain as non-tamperable evidence, and all automobile parts manufacturers, automobile parts agents and automobile parts retailers can issue transaction information on the block chain, wherein the transaction information comprises the automobile parts information, ownership transfer information and ownership proof information. Meanwhile, as the data on the blockchain is public and transparent, all people can call the intelligent contract to check the related information.
Automobile parts manufacturers: the production of tires, batteries, engines, etc. and each product has a unique product identifier PID, any entity can invoke the RFID reader to obtain the identifier PID of the automobile component. Meanwhile, after the automobile parts are produced, the automobile parts manufacturer needs to issue the information of the automobile parts on the blockchain. The product may be sold to automotive parts agencies and automotive parts retailers, and after the automotive parts are sold, ownership transfer information needs to be published onto the blockchain.
Automobile parts agent: the automobile parts manufacturer sells the generated automobile parts to an automobile parts agency, and then the automobile parts agency sells the generated automobile parts to an automobile parts retailer. After receiving the automobile parts sold by the automobile parts manufacturer, the automobile parts agency needs to search the ownership transfer information of the automobile parts from the block chain, verify whether the ownership of the automobile parts is correct, accept the automobile parts and generate new ownership transfer information and ownership verification if the ownership verification is passed, otherwise refusing to accept.
Automobile parts retailers: the automobile parts can be purchased from an automobile parts agency or sold to a user who needs to purchase. When purchasing automobile parts, it is necessary to detect ownership information of the automobile parts to prevent the occurrence of counterfeit automobile parts. When vending automobile parts, it is necessary to provide a product ownership certificate of the retailer.
The user: the user purchases the automobile parts through the automobile parts retailer, when the automobile parts are purchased, whether the automobile parts are counterfeit products or not needs to be verified, if the products have no problem, the user pays to purchase the automobile parts, and after the user purchases the automobile parts, the ownership status of the automobile parts is updated to be purchased.
The application is realized by adopting the following technical scheme.
A privacy protection anti-counterfeiting automobile supply chain method based on a block chain comprises the following steps:
step 1: and initializing a system.
The trusted authority registers each entity and generates common parameters, which are finally sent to each entity over a secure channel. The trusted authority deploys the intelligent contract portions required for the entire scheme onto the blockchain through standard blockchain deployment tools. After the system is initialized, the trusted authority will remain offline unless a dispute occurs.
Specifically, step 1 includes the steps of:
step 1.1: a trusted authority is provided with a set of entity information for registration, including the real world real identity of the entity and the type of entity that the entity belongs to among the auto parts manufacturer, auto parts agent, and auto parts retailer. The trusted authority initializes a set of registration information for storing the generated registration information.
Step 1.2: the trusted authority firstly generates a master key, and then generates a group public key, a master private key and a private key corresponding to each entity in the set required by the group signature by utilizing a key generation algorithm in the group signature scheme.
Step 1.3: for each entity information within the set of user information, the trusted authority generates corresponding registration information.
Specifically, a corresponding entity ID is first generated by means of the master key and the entity information, and then a new key K is generated. And finally, forming the generated entity ID, the new secret key K, the identity information of the entity and the private key corresponding to the entity in the group signature into the registration information of the entity. And storing the registration information generated by all the entities in the entity information set in the registration information set.
Step 1.4: the trusted authority publishes the group public key generated in the step 1.2 as a public parameter to the blockchain, and the registration information set generated in the step 1.3 and the main private key generated in the step 1.2 are saved by the trusted authority for product tracing. Meanwhile, the automobile part manufacturer, the automobile part agency and the automobile part retailer all need to generate corresponding blockchain addresses and send the addresses to the trusted institutions.
Step 2: and (5) registering products.
After the automobile part manufacturer produces a batch of automobile parts with unique identifiers, an intelligent contract is called to register the automobile parts, and the information set of the automobile parts is published on a block chain.
Specifically, step 2 includes the steps of:
step 2.1: and storing identifiers of the produced batch of automobile parts in an automobile part information set, and initializing an ownership proof set and a product information set.
Step 2.2: for each automobile part identifier in the automobile part information set, generating an ownership certificate by using the key K and the entity ID generated when the automobile part manufacturer registers in the step 1, and calculating a hash value of the ownership certificate.
Step 2.3: and (2) signing the ownership certificate hash value calculated in the step (2.2) by using the public key of the group generated in the step (1) and the private key of the manufacturer of the automobile parts by using a signature algorithm in a group signature scheme. As shown in fig. 2.
Step 2.4: the vehicle part identifier, the hash value of the ownership certificate, the entity ID of the vehicle part manufacturer, the flag bit indicating whether the vehicle part is sold or not, and the signature generated by the group signature technique are combined and stored in the product information set. Ultimately, the manufacturer stores the product information sets on the blockchain. The vehicle component identifier, the proof of ownership are stored in a set of proof of ownership, and the set of proof of ownership is returned to the vehicle component manufacturer.
Step 3: ownership transfer.
When a seller (automobile parts manufacturer or automobile parts agency) prepares to sell a batch of automobile parts to a buyer (another automobile parts agency or automobile parts retailer), a smart contract is invoked to transfer ownership of the automobile parts to the corresponding retailer or agency. In the process, the hash chain is used for identity authentication between two entities, and meanwhile, ownership information of the automobile parts is required to be encrypted and stored so as to realize safe, reliable and privacy-protected ownership transfer.
Specifically, step 3 includes the steps of:
step 3.1: before ownership transfer is performed between the buyer and the seller, the two parties negotiate to obtain a hash chain and a sharing state. Wherein the hash chain is a set of a plurality of hashes, linked by a hash function. Specifically, the previous bit hash value in the hash chain is derived from the hash of the subsequent bit hash value, while the initial hash value is derived from the negotiation under the chain. The shared state includes a counter c and a hash value beta on the hash chain corresponding to the counter position c
Step 3.2: the seller first needs to find the c+1th hash value, denoted as β, on the pre-generated hash chain from step 3.1 c+1 Encrypting the hash value and the ownership proving information of the automobile part generated in the step 2, storing the encrypted information on a blockchain in a blockchain transaction mode, wherein the corresponding transaction identifier is T id
Step 3.3: the seller entity continues to negotiate a hash value beta within the shared state between the two entities c Transaction identifier T storing encryption information in step 3.2 id C+1th hash value β on hash chain c+1 And encrypting the three to obtain a transaction retrieval token, and sending the token to the buyer.
Step 3.4: the seller will update the shared status and increment the counter shared with the buyer in step 3.1 by one. The state information of the seller at this time becomes counters c+1 and beta c+1
Step 4: ownership verification.
When the retailer, agent or user purchases the automobile parts, it checks whether the corresponding automobile parts are actually intended to be purchased, verifies ownership information, sales, etc., and when all checks are passed, accepts the automobile parts, otherwise the product is rejected as a counterfeit.
And 3.3, verifying whether the ownership information of the automobile part is correct or not, whether the information such as the identifier and the signature of the automobile part is transferred by the corresponding seller or not, and updating the ownership information of the automobile part and storing the updated information on a block chain if the information is checked successfully.
For the user as the buyer, only the ownership information of the vehicle product and the information such as the vehicle identifier are verified to be correct, and if the verification is successful, the automobile part is proved to be genuine. When the user successfully purchases the automobile part, the sales status of the automobile part is updated, and the updated information is stored in the blockchain.
Specifically, step 4 includes the steps of:
for the automobile part agent and the automobile part retailer, the following modes are adopted:
step 4.1: the buyer uses the state information shared with the seller in the step 3.1 to sell the steam to the buyerTransaction retrieval token obtained at the seller of the vehicle component, decrypting the token to obtain a transaction identifier T in ciphertext form id And the hash value beta of the next bit of the counter on the hash chain used as a one-time session key c+1
Step 4.2: and carrying out hash on the hash value of the disposable session key, comparing the hash content with the hash content in the sharing state, if the comparison is successful, indicating that the identity authentication of the two parties is successful, otherwise, failing the authentication, and refusing to execute the operation after the authentication is carried out.
Step 4.3: after successful verification in step 4.2, the transaction identifier T stored on the blockchain is obtained id Decrypting the ciphertext information stored on the corresponding transaction to obtain a set containing ownership information of the automobile parts, and searching corresponding product information from the blockchain by calling the intelligent contract. And comparing whether the hash value of the ownership certificate in the received ownership information set is the same as the hash value in the corresponding product information stored on the blockchain, whether the state of the automobile part is an unsold state or not, and finally checking whether the signature content is correct or not for each automobile part information. When the information is checked successfully, the automobile part is a genuine product, and step 4.4 is executed, otherwise the product is regarded as a fake product, and the buyer refuses to accept the product.
Step 4.4: the buyer performs the same operation as in step 2.2, i.e. generates a new ownership certificate and a hash value of the ownership certificate using the buyer's own identity ID and the key K. The same operation as in step 2.3 is then performed, i.e. the signature information is generated using the group public key and the private key owned by the buyer itself.
Step 4.5: and updating the product information stored on the block chain of each received automobile part, wherein the product information comprises the hash value of the ownership proving information of the automobile part and the signature information of the automobile part.
For the user, the following manner is adopted:
step 4-1: the retailer of the automobile part gives a product ownership information set of the corresponding automobile part, checks product information of the corresponding automobile part according to the product identifier contained in the product ownership information set, calculates whether the hash value of the ownership certificate is consistent with the information stored in the blockchain, checks whether the state of the automobile part is sold, and executes step 4-2 if the information is consistent and the automobile part is still in a non-sold state, otherwise, the product is regarded as a fake product, and the buyer refuses to accept the product.
Step 4-2: the public group key is used to check whether the signature information is correct, and if so, the next step is continued, otherwise the product will be regarded as a counterfeit product, and the buyer will refuse to accept the product.
Step 4-3: and when the inspection of the step 4-1 and the step 4-2 is passed, the automobile part is proved to be a genuine product. After the user purchases the product, the user will invoke the smart contract to change the sales status of the automobile parts, at which point the status of the automobile parts will become sold.
Advantageous effects
Compared with the prior art, the application has the following advantages:
1. the application realizes centerless. Compared with the traditional anti-counterfeiting supply chain, the anti-counterfeiting supply chain for the automobile parts can be realized without centralization and without tampering by utilizing the blockchain technology to store the information of the automobile parts such as ownership evidence, ownership transfer process and the like and the transaction information.
2. The application realizes privacy protection. Compared with the traditional anti-counterfeiting supply chain based on the block chain, the application protects privacy information such as business relations among suppliers in the automobile supply chain by utilizing cryptographic technologies such as hash chains and group signature, and the group signature technology can ensure that the privacy information is traced by a trusted organization when any dispute occurs.
Drawings
FIG. 1 is a schematic representation of the process of the present application.
FIG. 2 is an illustration of automobile parts information stored on a blockchain.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application. It will be apparent that the described embodiments are only some, but not all, embodiments of the application. For example, in an embodiment of the present application, it is possible that the automobile parts agent may be handed to the next automobile parts agent and then to the automobile parts retailer.
Examples
In this case, the automobile parts manufacturer produces a batch of automobile parts with unique identifiers, then gives ownership of the automobile parts to the automobile parts agency, then gives the automobile parts agency to the automobile parts retailer, and finally the automobile parts retailer sells the automobile parts to the user.
As shown in fig. 1, a privacy protection anti-counterfeiting automobile supply chain method based on a blockchain comprises the following steps:
step 1: and initializing a system.
Step 1.1: providing a entity information set U= { U to be registered for a trusted authority TA 1 ,...,u m And a security parameter λ (λ=256), wherein the set of entity information contains m entities that need to be registered.
For any entity U in the entity information set U i The information used for registration comprises the identity id of entity i in the real world i And entity type i The entity type is denoted as type i = { manufacturer, agent, retailer }, where manufacturer stands for automobile parts manufacturer, agent stands for automobile parts agent, retailer stands for automobile parts retailer. The trusted authority initializes a set R for storing registration information that is generated later.
Step 1.2: the trusted authority first generates a master key K M Then, a key generation algorithm gs.keygen in the group signature scheme GS is executed to generate a group public key gpk, a master private key gsk required for group signature, and m private keys { sk for group signature generated for each registered entity 1 ,…,sk m }。
Step 1.3: for each entity information within the entity information set U, the trusted authority generates corresponding registration information. For the ith entity, the entity ID is calculated first i =F(K M ,u i ) WhereinF is a safe pseudo-random function, inputs a character string with 256 bits and a character string with any bits, and outputs a character string with 256 bits. Here, K M U, the master key generated for step 1.2 i The entity information is the entity information set in step 1.1. Then, the trusted authority generates a key K corresponding to the entity i i . Finally, the trusted authority TA generates registration information r for entity i i =(ID i ,u i ,sk i ,K i ) Wherein sk is i The private key corresponding to entity i in the m private keys for group signature generated for the trusted authority in step 1.2.
Step 1.4: finally, the trusted authority publicly publishes the group public key gpk as a public parameter onto the blockchain network. And a set r= { R with m entity registration information 1 ,…,r m The } and the master private key gsk are stored by a trusted authority for product tracing. Meanwhile, the automobile parts manufacturer, the automobile parts agent and the automobile parts retailer all need to generate corresponding blockchain addresses and send the addresses to the trusted authorities.
Step 2: automobile parts manufacturers register automobile parts.
Step 2.1: after the entity registration, the automobile part manufacturer is set to produce n automobile parts, wherein each automobile part i corresponds to a unique identifier PID i The corresponding product identifier set is p= { PID 1 ,...,PID n }。
Step 2.2: the automobile parts manufacturer invokes the smart contract to initialize the two empty sets PI and PO.
For each automobile part PID in the product identifier set P generated in step 2.1 i First, the ownership certificate p is calculated i =F(K,ID||PID i ) Where F is a pseudo-random function defined in step 1.3, |is a string concatenation operation, K is a key of the manufacturer of the automobile part in step 1.3, ID is an entity ID of the manufacturer of the automobile part in step 1.3, and a hash value h of the ownership certificate is calculated i =H(p i ) Where H represents the SHA256 hash function.
The manufacturer then signs the hash value of the vehicle product ownership certificate using a group signature technique i = GS.Sign(gpk,sk,h i ) The GS is a safe group signature scheme, GS.Sign is a group signature function, and is input as a group public key, a user private key for signature and signature content, and output as a corresponding digital signature.
Finally, the manufacturer sets the corresponding product information (PID i ,h i ,ID,false,σ i ) To aggregate PI and add (PID i ,p i ) Added to the aggregate PO, where ID is the vehicle part manufacturer identity information, false represents that the vehicle part has not yet been sold to any user. In step 6, if the automobile parts are sold to the user, the corresponding false state is changed to true.
Step 2.3: the manufacturer invokes the smart contract to store the set PI into the blockchain and returns the set PO to the auto parts vendor.
Step 3: the automobile parts manufacturer performs ownership transfer.
Step 3.1: automobile parts manufacturer ID a Transfer of ownership of a successfully registered automotive part to an automotive part agent ID b Firstly, two parties need to negotiate a hash chain in advanceAnd a shared state S c =(c,β c ). Wherein hash chain->The generation rule of (2) is as follows: h is a p Is a character string with 256 bits of length and is composed of ID a And ID b Obtained by prior negotiation, when i=1, 2, …, p-1, h i = H(h i+1 ) Where H is a SHA256 hash function. Shared state S c In (c) is a counter and beta c =h c For the corresponding hash chain->And the c-th hash value.
Step 3.2: automobile parts manufacturer ID a From a hash chainObtain the c+1th hash h c+1 And set beta c+1 =h c+1 For beta c+1 And the registered set PO of the batch of automobile parts generated in the step 2.2 is encrypted and the secret key beta is used c+1 Encrypted ciphertext information aes. Enc (β c+1 PO) is stored on the blockchain in the form of a transaction, the corresponding transaction identifier is T id . Where AES is a secure symmetric encryption algorithm and AES.
Step 3.3: automobile parts manufacturer ID a Using secret key beta c+1 For the transaction identifier T obtained in step 3.2 id And will be associated with the ID at the next time b Key encryption used in transfer of ownership of product of (a) to generate a query tokenWhere aes.enc is the symmetric encryption function defined in step 3.2, || is the string concatenation operation. Thereafter, the generated token ∈ ->Sent to vehicle agent ID b
Step 3.4: automobile parts agent ID a Updating shared state S c+1 =(c+1,β c+1 )。
Step 4: the automobile parts agent performs ownership verification.
Step 4.1: set automobile parts agent ID b With automobile parts manufacturer ID a The shared state information is S c =(c,β c ). When receiving the ID a Transmitted token t=aes.enc (β c ,T id ||β c+1 ) After that, the agent first decrypts T by using its own key dec =AES.Dec(β c T) to obtain the transaction identifier T id And a one-time key beta c+1 . Where AES. Dec is a symmetric decryption function of the AES encryption scheme.
Step 4.2: first, H (. Beta.) is determined c+1 ) And beta c If they are equal, the authentication fails if they are not equal. If successful, searching for the identifier stored in the blockchain as T id Extracting data stored in the transaction, decrypting the data to obtain po=aes. Dec (β c+1 Data), where PO represents a collection of product ownership information for each automotive part, each entry in the collection containing a product identifier PID for a particular automotive part i And corresponding product ownership proving information p i According to the product identifier of the automobile part of the PO, corresponding automobile part information can be searched from the blockchain, and the information forms a product information set PI.
Step 4.3: after obtaining the ownership information set PO and the product information set PI of the automobile parts, the ownership information PO of any product in the PO is obtained i =(PID i ,p i ) The corresponding product information in the PI is PI i = (PID i ,h i ,ID,false,σ i ) Wherein PID i For product identifier, h i For a hash value of a product ownership certificate, the ID is the product manufacturer's ID, and false represents that the product is not sold to any user. The agent first calculates H' =h (p i ) And combine it with PI i Internal hash h i If the comparison is made and the sales status is false, a group signature verification algorithm gs.verify (gpk, σ, h) is executed to continue verifying if the signature is correct. If the output of the gs.verify algorithm is true, the verification is successful, the product is considered as genuine, step 4.4 is executed, if the output is false, the verification is failed, and the product is considered as counterfeit.
Step 4.4: generating a new ownership proof p 'for a motor vehicle component regarded as authentic' i = F(K b ,ID b ||PID i ) Where F is the pseudo-random function defined in step 1.3, || is the string concatenation operation. The hash value H ' =h (p ' is then calculated ' i ) Signature sigma i =GS.Sign(gpk,sk,h i ) Wherein gs.sign is the signature function of step 2.2. Thereafter, the agent will newly generate (PID i ,p′ i ) Adding to the set PO 'and calling the intelligent contract to update the automobile part information with the identifier being PID, wherein the hash of the product ownership certificate is updated to be h' i Signature update to sigma i
Step 4.5: automobile parts agent ID b Updating shared state S c+1 =(c+1,β c+1 )。
Step 5: the automobile parts agency hands the automobile parts to the automobile parts retailer.
In this stage, the automobile part agent performs step 3 to transfer ownership of the automobile part, and the automobile part retailer performs step 4 to verify ownership.
Step 6: the automobile parts retailer sells the automobile parts to the user.
Step 6.1: the automobile part retailers sell automobile parts to users and sell automobile parts information sets PO required to be sold to the users i =(PID i ,p i ) To the user, wherein PID i P is the unique identifier of the product i Proving information for ownership of the product.
Step 6.2: the user based on PID i Calling intelligent contract to search corresponding product information PI i = (PID i ,h i ,ID,false,σ i )。
First, H' =h (p i ) And combine it with PI i H in i Comparison is made if h' =h i And the corresponding vending status is false, i.e. the product is not sold to other users, the signature continues to be verified whether the signature is correct, and if the verification is passed, the automobile part is regarded as a genuine product.
Step 6.3: after the user purchases the automobile part, the user invokes the intelligent contract to update the product PID i The sales status is updated to true, i.e., the product has been sold.
The foregoing description of specific embodiments has been presented for the purpose of illustrating the principles and embodiments of the present application. However, it should be understood by those skilled in the art that the present application is not limited to the above-mentioned preferred embodiments, and any person who has the benefit of the present application may obtain other products in various forms, however, any changes in shape or structure of the products may be made, and all the products having the same or similar technical solutions as the present application fall within the scope of the present application.

Claims (4)

1. The privacy protection anti-counterfeiting automobile supply chain method based on the blockchain is characterized by comprising the following steps of:
step 1: initializing a system;
the trusted authorities register each entity and generate common parameters, and finally send them to each entity through a secure channel; the trusted organization deploys the intelligent contract part required by the whole scheme to the blockchain through a standard blockchain deployment tool; after the system is initialized, the trusted authority will remain offline unless disputes occur;
step 1.1: providing a set of entity information to the trusted authority for registration, wherein the entity information includes real world real identities of the entities and entity types in the auto parts manufacturer, auto parts agent and auto parts retailer; the trusted authority initializes a registration information set for storing the generated registration information;
step 1.2: the trusted authority firstly generates a master key, and then generates a group public key, a master private key and a private key corresponding to each entity in the set required by the group signature by utilizing a key generation algorithm in the group signature scheme;
step 1.3: for each entity information in the user information set, the trusted authority generates corresponding registration information;
firstly, generating a corresponding entity ID by means of a master key and entity information, and then generating a new key K; finally, the generated entity ID, a new secret key K, identity information of the entity and a private key corresponding to the entity in the group signature are formed into registration information of the entity; storing registration information generated by all entities in the entity information set in the registration information set;
step 1.4: the trusted authority publishes the group public key generated in the step 1.2 as a public parameter to a blockchain, and the registration information set generated in the step 1.3 and the main private key generated in the step 1.2 are saved by the trusted authority for product tracing; meanwhile, the automobile part manufacturer, the automobile part agency and the automobile part retailer all need to generate corresponding block chain addresses and send the addresses to a trusted institution;
step 2: registering a product;
after an automobile part manufacturer produces a batch of automobile part products containing unique identifiers, calling an intelligent contract to register the automobile part products, and publishing the information set of the automobile part products on a blockchain;
step 3: ownership transfer;
when a seller prepares to sell a batch of automobile part products to a buyer, invoking an intelligent contract to transfer ownership of the automobile part products to a corresponding retailer or agent; in the process, the hash chain is used for identity authentication between two entities, and meanwhile, ownership information of the automobile part product is required to be encrypted and stored so as to realize the transfer of ownership of safety, reliability and privacy protection;
step 4: ownership verification;
checking whether the corresponding automobile part product is the automobile part product really intended to be purchased or not when the automobile part retailer, the automobile part agent or the user purchases the automobile part product, verifying ownership information and sales of the corresponding automobile part product, and accepting the automobile part product when all checks pass, otherwise, rejecting the product as a fake product;
for the automobile part agent and the automobile part retailer as buyers, verifying whether the ownership information of the automobile part is correct or not and whether the ownership information of the automobile part is transferred by the corresponding seller or not by using the token transmitted by the seller in the step 3, and the identifier and signature information of the automobile part product are correct, if the checking is successful, updating the ownership information of the automobile part product, and storing the updated information on a block chain;
for the user as the buyer, only verifying whether the ownership information and the vehicle identifier information of the vehicle product are correct, and if the verification is successful, indicating that the vehicle part product is a genuine product; when the user successfully purchases the automobile part product, the sales state of the automobile part product is updated, and the updated information is stored in the blockchain.
2. The blockchain-based privacy protection anti-counterfeiting automobile supply chain method as in claim 1, wherein step 2 comprises the steps of:
step 2.1: storing identifiers of the produced batch of automobile parts in an automobile part information set, and initializing an ownership proof set and a product information set;
step 2.2: for each automobile part identifier in the automobile part information set, generating ownership certificate by using the secret key K and the entity ID generated when the automobile part manufacturer registers in the step 1, and calculating the hash value of the ownership certificate;
step 2.3: for the ownership certificate hash value calculated in the step 2.2, signing the ownership certificate hash value by using the group public key generated in the step 1 and the private key of the automobile part manufacturer by using a signature algorithm in a group signature scheme;
step 2.4: combining an automobile part identifier, a hash value of ownership certificate, an entity ID of an automobile part manufacturer, a flag bit indicating whether the automobile part is sold or not, and a signature generated by using a group signature technology, and storing the combined parts in a product information set; finally, the manufacturer stores the set of product information on the blockchain; the vehicle component identifier, the proof of ownership are stored in a set of proof of ownership, and the set of proof of ownership is returned to the vehicle component manufacturer.
3. The blockchain-based privacy preserving anti-counterfeiting automobile supply chain method of claim 2, wherein step 3 comprises the steps of:
step 3.1: before ownership transfer is carried out between a buyer and a seller, negotiating by the two parties to obtain a hash chain and a sharing state; the hash chain is a set of a plurality of hashes and is linked through a hash function; specifically, the previous bit hash value in the hash chain comes from the hash of the next bit hash value, while the initial hash value comes from the negotiation under the chain; the shared state includes a counter c and a hash value beta on the hash chain corresponding to the counter position c
Step 3.2: the seller first needs to find the c+1th hash value, denoted as β, on the pre-generated hash chain from step 3.1 c+1 Encrypting the hash value and the generated ownership proving information of the automobile part, storing the encrypted information on a blockchain in a blockchain transaction mode, wherein the corresponding transaction identifier is T id
Step 3.3: the seller entity continues to negotiate a hash value beta within the shared state between the two entities c Transaction identifier T storing encryption information in step 3.2 id C+1th hash value β on hash chain c+1 Encrypting the three to obtain a transaction retrieval token, and sending the token to the buyer;
step 3.4: the seller updates the sharing state and increases the counter shared with the buyer in the step 3.1 by one; the state information of the seller at this time becomes counters c+1 and beta c+1
4. The blockchain-based privacy preserving anti-counterfeiting automobile supply chain method of claim 1, wherein step 4 comprises the steps of:
for the automobile part agent and the automobile part retailer, the following modes are adopted:
step 4.1: the buyer uses the shared state information with the seller to search the transaction retrieval token obtained by the seller selling the automobile parts, and decrypts the token to obtain the transaction identifier T in the cryptogram form id And hash chain used as one-time session keyHash value beta of the next bit of the counter of (a) c+1
Step 4.2: hash the hash value of the disposable session key, compare the hash content with hash content of the shared state, if the comparison is successful, prove that both sides identity authentication is successful, otherwise, authentication fails, refusing to carry out the operation after execution;
step 4.3: after successful verification in step 4.2, the transaction identifier T stored on the blockchain is obtained id Decrypting the ciphertext information stored on the corresponding transaction to obtain a set containing ownership information of the automobile parts, and searching corresponding product information from the blockchain by calling the intelligent contract; comparing whether the hash value of the ownership certificate in the received ownership information set is the same as the hash value in the corresponding product information stored on the blockchain, whether the state of the automobile part is an unsold state or not, and finally checking whether the signature content is correct or not; after the information is checked successfully, the automobile part is a genuine product, step 4.4 is executed, otherwise, the product is regarded as a fake product, and the buyer refuses to accept the product;
step 4.4: generating a new ownership certificate and a hash value of the ownership certificate by using the identity ID of the buyer and the secret key K; then generating signature information by using the group public key and the private key owned by the buyer;
step 4.5: updating product information stored on a block chain of each received automobile part, wherein the product information comprises hash values of ownership proving information of the automobile part and signature information of the automobile part;
for the user, the following manner is adopted:
step 4-1: the retailer of the automobile parts gives a product ownership information set of the corresponding automobile parts, checks product information of the corresponding automobile parts according to the product identifiers contained in the product ownership information set, calculates whether the hash value of the ownership certificate is consistent with the information stored in the blockchain, checks whether the state of the automobile parts is sold or not, and executes step 4-2 if the information is consistent and the automobile parts are still in a non-sold state, otherwise, the product is regarded as a fake product, and the buyer refuses to accept the product;
step 4-2: checking whether the signature information is correct by using the group public key, if so, continuing to the next step, otherwise, the product is regarded as a fake product, and the buyer refuses to accept the product;
step 4-3: when the inspection of the step 4-1 and the step 4-2 is passed, the automobile part is proved to be a genuine product; after the user purchases the product, the user will invoke the smart contract to change the sales status of the automobile parts, at which point the status of the automobile parts will become sold.
CN202210327691.0A 2022-03-30 2022-03-30 Privacy protection anti-fake automobile supply chain method based on blockchain Active CN114726535B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210327691.0A CN114726535B (en) 2022-03-30 2022-03-30 Privacy protection anti-fake automobile supply chain method based on blockchain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210327691.0A CN114726535B (en) 2022-03-30 2022-03-30 Privacy protection anti-fake automobile supply chain method based on blockchain

Publications (2)

Publication Number Publication Date
CN114726535A CN114726535A (en) 2022-07-08
CN114726535B true CN114726535B (en) 2023-10-20

Family

ID=82238972

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210327691.0A Active CN114726535B (en) 2022-03-30 2022-03-30 Privacy protection anti-fake automobile supply chain method based on blockchain

Country Status (1)

Country Link
CN (1) CN114726535B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116628757B (en) * 2023-07-20 2023-10-13 东方空间技术(山东)有限公司 Spacecraft supply chain management method, equipment and storage medium based on block chain

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107292629A (en) * 2017-05-12 2017-10-24 深圳蜂链科技有限公司 Anti-counterfeit tracking verification method based on block chain and the device using this method
CN112070567A (en) * 2019-06-11 2020-12-11 青岛海链数字科技有限公司 Quality control system based on block chain and control method thereof
CN113657914A (en) * 2021-08-26 2021-11-16 卓尔智联(武汉)研究院有限公司 Commodity tracing method based on block chain, computer device and storage medium
CN114143080A (en) * 2021-11-30 2022-03-04 兰州理工大学 Block chain data privacy protection and sharing method based on zero knowledge proof

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3104869B1 (en) * 2019-12-16 2024-01-26 Bull Sas Secure, decentralized, automated and multi-actor platform for object identity management through the use of blockchain technology.

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107292629A (en) * 2017-05-12 2017-10-24 深圳蜂链科技有限公司 Anti-counterfeit tracking verification method based on block chain and the device using this method
CN112070567A (en) * 2019-06-11 2020-12-11 青岛海链数字科技有限公司 Quality control system based on block chain and control method thereof
CN113657914A (en) * 2021-08-26 2021-11-16 卓尔智联(武汉)研究院有限公司 Commodity tracing method based on block chain, computer device and storage medium
CN114143080A (en) * 2021-11-30 2022-03-04 兰州理工大学 Block chain data privacy protection and sharing method based on zero knowledge proof

Also Published As

Publication number Publication date
CN114726535A (en) 2022-07-08

Similar Documents

Publication Publication Date Title
US20240005304A1 (en) Computer-implemented methods and systems for validating tokens for blockchain-based cryptocurrencies
Islam et al. Enabling ic traceability via blockchain pegged to embedded puf
CN105373955B (en) Digital asset processing method and device based on multiple signatures
CN107660293B (en) Distributed management method and system for electronic voucher for property right (EDT)
CN108764877B (en) Digital asset right-confirming trading method based on block chain technology
EP2810402B1 (en) A method and database system for secure storage and communication of information
CN114155095B (en) Digital artwork authentication and transaction system and authentication and transaction method
CN111989707B (en) Managing user rights for blockchain-based customs clearance services
AU2018101669A4 (en) A method for checking and/ or updating information relating to assets
JP2016512675A (en) Secure trading system and method
CN101009014A (en) Secure anti-counterfeiting method and system thereof
JP2004506245A (en) Linking the device's public key with information during manufacture
WO2018128539A1 (en) A method for checking and/or updating information relating to assets
CN101937528A (en) Systems and methods for implementing supply chain visibility policies
CN111936995A (en) Distributed storage of customs clearance data
CN111989663A (en) Intelligent contract pool based on block chain
Boehm et al. Holistic tracking of products on the blockchain using NFC and verified users
CN111868725A (en) Processing import customs clearance data based on block chain
Malik et al. PrivChain: Provenance and privacy preservation in blockchain enabled supply chains
CN114930330A (en) User management of customs clearance service platform based on block chain
CN111936994A (en) Block chain based document registration for customs clearance
CN114726535B (en) Privacy protection anti-fake automobile supply chain method based on blockchain
CN112801785A (en) Fair data transaction method and device based on block chain intelligent contract
Zhang et al. Appb: Anti-counterfeiting and privacy-preserving blockchain-based vehicle supply chains
JPH09305666A (en) Electronic settling method and its system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant