CN115510504A - Data sharing method, system, device and medium based on ring signature and commitment - Google Patents

Data sharing method, system, device and medium based on ring signature and commitment Download PDF

Info

Publication number
CN115510504A
CN115510504A CN202211286413.1A CN202211286413A CN115510504A CN 115510504 A CN115510504 A CN 115510504A CN 202211286413 A CN202211286413 A CN 202211286413A CN 115510504 A CN115510504 A CN 115510504A
Authority
CN
China
Prior art keywords
target data
data
signature
ring
update
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211286413.1A
Other languages
Chinese (zh)
Other versions
CN115510504B (en
Inventor
雷虹
陈邦道
张永欣
王庆豪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Oxford Hainan Blockchain Research Institute Co ltd
Original Assignee
Oxford Hainan Blockchain Research Institute Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oxford Hainan Blockchain Research Institute Co ltd filed Critical Oxford Hainan Blockchain Research Institute Co ltd
Priority to CN202211286413.1A priority Critical patent/CN115510504B/en
Publication of CN115510504A publication Critical patent/CN115510504A/en
Application granted granted Critical
Publication of CN115510504B publication Critical patent/CN115510504B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3827Use of message hashing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Abstract

The application discloses a data sharing method, a system, equipment and a medium based on ring signatures and commitments, which are applied to a data user and used for sending a data acquisition request to a data sharing platform; receiving a target data object and a first certificate returned by the data sharing platform; based on an address access block chain intelligent contract in a target data object, acquiring a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set; if the identification, the traceable ring signature and the version number in the target data object are correspondingly consistent with the verification identification, the verification traceable ring signature and the verification version number, verifying the validity of the traceable ring signature in the target data object based on the signature random number, the ring public key set and the target data; if the traceable ring signature in the target data object is legal, verifying the validity of the first certificate based on the check vector commitment and the target data; if the first certificate is legal, storing the target data; not only can protect privacy, but also can ensure supervision.

Description

Data sharing method, system, device and medium based on ring signature and commitment
Technical Field
The present application relates to the field of data sharing technologies, and in particular, to a method, system, device, and medium for data sharing based on ring signatures and commitments.
Background
With the continuous development of information technology, information exchange among different industries, different enterprises and different departments is gradually increased, and the development of computer network technology, such as 5G technology, provides guarantee for information transmission. In order to further mine the potential value of data, different industries, enterprises and departments can fully integrate and utilize the existing data resources, reduce the repeated labor of data collection, data acquisition and the like, reduce the cost, improve the efficiency, and take place by data sharing technology.
However, in this process, some issues such as privacy protection and supervision issues are also exposed to be solved. In the existing data sharing scheme, the data sharing platform is used as an intermediate role between the data provider and the data user, the identity privacy of both parties is grasped, and an Access Control List (ACL) is used for performing Access Control on the data provider and the data user, so that the privacy of the data provider and the data user is violated. Some schemes adopt strong privacy protection technology to ensure that the data sharing platform can not learn the privacy of both sides, but evade supervision, provide criminals with crime places and are not beneficial to normal and safe development of data sharing. Therefore, it is important to design a data sharing scheme that can not only protect privacy, but also ensure supervision.
In summary, how to implement a data sharing method capable of protecting privacy and ensuring supervision is a problem to be urgently solved by those skilled in the art.
Disclosure of Invention
The application aims to provide a data sharing method based on ring signatures and commitments, which can solve the technical problem of realizing the data sharing method capable of protecting privacy and ensuring supervision to a certain extent. The application also provides a data sharing system, equipment and a computer readable storage medium based on the ring signature and the commitment.
In order to achieve the above purpose, the present application provides the following technical solutions:
a data sharing method based on ring signature and commitment is applied to data users and comprises the following steps:
sending a data acquisition request to a data sharing platform;
receiving a target data object and a first certificate returned by the data sharing platform, wherein the target data object comprises an object head and an object body, the object head comprises an identifier, an address, a traceable ring signature, a version number and a transaction identifier, the object body comprises the target data, the first certificate comprises a certificate generated by the data sharing platform for the target data based on auxiliary information corresponding to the target data, and the auxiliary information comprises information generated for the target data based on a vector commitment public parameter;
based on the address access block chain intelligent contract in the target data object, acquiring a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set, wherein the check vector commitment comprises a commitment generated for the target data based on the vector commitment public parameter, and the ring public key set comprises ring public keys of all data providers of the target data;
if the identifier, the traceable ring signature and the version number in the target data object are all correspondingly consistent with the check identifier, the check traceable ring signature and the check version number, verifying the validity of the traceable ring signature in the target data object based on the signature random number, the ring public key set and the target data;
if the traceable ring signature in the target data object is legal, verifying the validity of the first certificate based on the check vector commitment and the target data;
and if the first certificate is legal, storing the target data.
Preferably, the sending the data obtaining request to the data sharing platform includes:
and sending the data acquisition request to the data sharing platform, wherein the data acquisition request comprises a request for acquiring the target data generated based on the data description on the data sharing platform.
A data sharing method based on ring signature and commitment is applied to a target data provider and comprises the following steps:
acquiring target data to be shared;
generating an identifier and a version number of the target data and a signature random number corresponding to the target data;
generating a traceable ring signature of the target data based on a ring private key of the target data provider, the signature random number and a ring public key set, wherein the ring public key set comprises ring public keys of the target data provider and all other data providers;
generating a vector commitment and auxiliary information for the target data based on a vector commitment public parameter;
saving the identification, the traceable ring signature, the version number, the signature nonce, the vector commitment and the ring public key set based on a block chain intelligent contract;
acquiring an address and a transaction identifier of the block chain intelligent contract;
constructing an object head based on the identification, the address, the traceable ring signature, the version number and the transaction identification, constructing an object body based on the target data, and forming the object head and the object body into a target data object;
the target data object and the auxiliary information are saved to a data sharing platform, so that a data user sends a data obtaining request to the data sharing platform, receives a target data object and a first certificate returned by the data sharing platform, accesses the block chain intelligent contract based on the address in the target data object to obtain a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set, if the identifier, the traceable ring signature and the version number in the target data object are correspondingly consistent with the check identifier, the check traceable ring signature and the check version number, the traceable ring signature in the target data object is verified based on the signature random number, the ring public key set and the target data, and the target data is saved after the first certificate is verified to be legal based on the check vector and the target data, wherein the first certificate comprises a certificate generated by the data sharing platform for the target data based on the auxiliary information.
Preferably, the saving the target data object and the auxiliary information to a data sharing platform includes:
generating a second proof for the target data based on the auxiliary information;
and sending the target data object, the vector commitment, the signature random number, the ring public key set, the auxiliary information and the second certification to the data sharing platform, so that the data sharing platform saves the target data object and the auxiliary information after verifying that the traceable ring signature in the target data object is legal based on the signature random number, the ring public key set and the target data in the target data object and verifying that the second certification is legal based on the vector commitment and the target data.
Preferably, the saving the identifier, the traceable ring signature, the version number, the signature nonce, the vector commitment, and the ring public key set based on the block chain intelligent contract includes:
acquiring all signature values generated by the target data provider and all other data providers, wherein the signature values generated by the data provider comprise signatures generated for the target data, the identifier, the traceable ring signature, the signature random number, the version number and the vector commitment based on a private key of the data provider, and the data provider comprises the target data provider and the other data providers;
constructing a transaction based on the identification, the traceable ring signature, the version number, the signature nonce, the vector commitment, the ring public key set, a public key set, all the signature values, the public key set including public keys of the target data provider and all the other data providers;
and sending the transaction to the block chain intelligent contract so as to establish a state channel after the block chain intelligent contract verifies that all the signature values are legal, and storing the identifier, the traceable ring signature, the version number, the signature random number, the vector commitment, the ring public key set and the public key set.
Preferably, after the storing the target data object and the auxiliary information to the data sharing platform, the method further includes:
acquiring target updating data obtained after the target data is updated;
generating an update version number and an update signature random number of the target update data;
generating an update traceable ring signature for the target update data based on the ring private key, the update signature nonce, and the ring public key set of the target data provider;
generating update vector commitments and update information based on the vector commitments, the target data and the target update data;
transmitting the target update data, the update traceable ring signature, the update version number, the update signature nonce, and the update vector commitment to all of the other data providers;
if all the other data providers verify that the updated traceable ring signature is legal, judging whether write-write conflict exists between the other data providers;
if the write-write conflict does not exist, updating the status channel on a blockchain based on the identification, the update traceable ring signature, the update version number, the update signature nonce, and the update vector commitment.
Preferably, after determining whether there is a write-write conflict with the other data provider, the method further includes:
if the write-write conflict exists between the target data provider and the other data providers, generating a conflict random number of the target data provider, and signing the target updating data and the conflict random number of the target data provider based on a private key of the target data provider to obtain a conflict signature;
receiving the conflict random numbers and the conflict signatures of the other data providers having the write-write conflict;
verifying whether the conflicting signatures of the other data providers having the write-write conflict are legitimate based on the conflicting random numbers of the other data providers having the write-write conflict;
if the collision random numbers are legal, calculating hash values of all the collision random numbers, and calculating a distance value between each hash value and each collision random number;
determining the data provider corresponding to the smallest distance value as an update executor, instructing the update executor to update the status channel on the blockchain based on the identification, the update traceable ring signature, the update version number, the update signature nonce, and the update vector commitment;
and returning to execute the steps of judging whether write-write conflict exists between the data supplier and other data suppliers or not and the subsequent steps.
Preferably, before updating the status channel on the blockchain based on the identifier, the update traceable ring signature, the update version number, the update signature nonce, and the update vector commitment, the method further includes:
calculating to obtain an updating judgment value based on the updating mark and the file priority of the target data and calculating to obtain an updating threshold value based on the updating interval of the target data through an operation formula;
if the update decision value is smaller than the update threshold value, maintaining the under-link state;
if the update decision value is greater than or equal to the update threshold value, then executing the step of updating the status channel on the block chain based on the identifier, the update traceable ring signature, the update version number, the update signature nonce, and the update vector commitment;
the operation formula comprises:
Figure BDA0003900114970000051
T=LoT*α;
wherein DUV represents the update determination value; data i Representing the ith data block in the target data; n represents a total data amount of the target data; AF i The update flag representing ith data in the target data, wherein data i When there is an update, AF i =1,data i When not updated, AF i =0;Pr i Representing the file priority of the ith data in the target data; t represents the update threshold value; loT represents the update interval; alpha represents a preset scale factor.
Preferably, the updating the status channel on a block chain based on the identifier, the update traceable ring signature, the update version number, the update signature nonce, and the update vector commitment includes:
constructing an update transaction based on the identification, the update traceable ring signature, the update version number, the update signature nonce, and the update vector commitment;
signing the update transaction based on a private key of the target data provider to obtain an update signature;
transmitting the update transaction and the update signature to the blockchain intelligent contract, such that the blockchain intelligent contract saves the identifier, the update traceable ring signature, the update version number, the update signature nonce, the update vector commitment, the public key set, and the ring public key set after verifying that the update signature is legitimate based on the public key set.
Preferably, after the storing the target data object and the auxiliary information to the data sharing platform, the method further includes:
acquiring the signature random number and the traceable ring signature of the data to be traced;
generating a tracing signature of the data to be traced based on a ring private key of the target data provider, the signature random number and the ring public key set;
and judging whether the traceable signature is consistent with the traceable ring signature or not, and if so, outputting the ring public key of the target data provider.
Preferably, after the target data to be shared is obtained, the method further includes:
and generating a data description of the target data and storing the data description to the data sharing platform.
A data sharing method based on ring signature and commitment is applied to a data sharing platform and comprises the following steps:
receiving a data acquisition request sent by a data user;
determining a target data object corresponding to the data acquisition request, wherein the target data object comprises an object head and an object body, the object head comprises an identifier, an address, a traceable ring signature, a version number and a transaction identifier, and the object body comprises the target data;
generating a first proof for the target data based on auxiliary information corresponding to the target data, the auxiliary information including information generated for the target data based on a vector commitment public parameter;
sending the target data object and the first certificate to the data user, so that the data user obtains a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set based on the address access block chain intelligent contract in the target data object, if the identifier, the traceable ring signature and the version number in the target data object are correspondingly consistent with the check identifier, the check traceable ring signature and the check version number, verifying that the traceable ring signature in the target data object is legal based on the signature random number, the ring public key set and the target data, and saving the target data after verifying that the first certificate is legal based on the check vector commitment and the target data; wherein the check vector commitment comprises a commitment generated for the target data based on the vector commitment public parameter, and the ring public key set comprises ring public keys of all data providers of the target data.
A data sharing system based on ring signature and commitment, applied to data users, comprises:
the first sending module is used for sending a data acquisition request to the data sharing platform;
a first receiving module, configured to receive a target data object and a first certificate that are returned by the data sharing platform, where the target data object includes an object header and an object body, the object header includes an identifier, an address, a traceable ring signature, a version number, and a transaction identifier, the object body includes the target data, the first certificate includes a certificate that is generated for the target data by the data sharing platform based on auxiliary information corresponding to the target data, and the auxiliary information includes information that is generated for the target data based on a vector commitment public parameter;
a first obtaining module, configured to obtain, based on the address access block chain intelligent contract in the target data object, a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment, and a ring public key set, where the check vector commitment includes a commitment generated for the target data based on the vector commitment public parameter, and the ring public key set includes ring public keys of all data providers of the target data;
a first verification module, configured to verify validity of the traceable ring signature in the target data object based on the signature random number, the ring public key set, and the target data if the identifier, the traceable ring signature, and the version number in the target data object are all correspondingly consistent with the verification identifier, the verification traceable ring signature, and the verification version number; if the traceable ring signature in the target data object is legal, verifying the validity of the first certificate based on the check vector commitment and the target data; and if the first certificate is legal, storing the target data.
A ring signature and commitment based data sharing device, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the data sharing method based on ring signatures and commitments as described in any one of the above when said computer program is executed.
A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the ring signature and commitment based data sharing method as defined in any one of the above.
The application provides a data sharing method based on ring signatures and commitments, which is applied to data users and used for sending data acquisition requests to a data sharing platform; receiving a target data object and a first certificate returned by a data sharing platform, wherein the target data object comprises an object head and an object body, the object head comprises an identifier, an address, a traceable ring signature, a version number and a transaction identifier, the object body comprises target data, the first certificate comprises a certificate generated by the data sharing platform for the target data based on auxiliary information corresponding to the target data, and the auxiliary information comprises information generated for the target data based on a vector commitment public parameter; accessing a block chain intelligent contract based on an address in a target data object, and acquiring a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set, wherein the check vector commitment comprises a commitment generated for the target data based on a vector commitment public parameter, and the ring public key set comprises ring public keys of all data providers of the target data; if the identification, the traceable ring signature and the version number in the target data object are correspondingly consistent with the verification identification, the verification traceable ring signature and the verification version number, verifying the validity of the traceable ring signature in the target data object based on the signature random number, the ring public key set and the target data; if the traceable ring signature in the target data object is legal, verifying the validity of the first certificate based on the check vector commitment and the target data; and if the first certificate is legal, storing the target data. In the application, the data sharing platform returns the target data object and the first certificate to the data user based on the data acquisition request, and the data user can acquire the required target data without involving the privacy of the data user after verifying the target data object based on the check identifier, the check traceable ring signature, the check version number, the signature random number, the check vector commitment and the ring public key set stored in the block chain intelligent contract, and can subsequently supervise the target data based on the traceable ring signature. The data sharing system, the device and the computer readable storage medium based on the ring signature and the commitment solve the corresponding technical problems.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a first flowchart of a data sharing method based on ring signature and commitment according to an embodiment of the present application;
fig. 2 is a schematic view of a scenario of a data sharing scheme based on ring signatures and commitments according to an embodiment of the present application;
fig. 3 is a second flowchart of a data sharing method based on ring signature and commitment according to an embodiment of the present application;
fig. 4 is a third flowchart of a data sharing method based on ring signature and commitment according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a data sharing system based on ring signatures and commitments according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a data sharing device based on ring signatures and commitments according to an embodiment of the present application;
fig. 7 is another schematic structural diagram of a data sharing device based on ring signature and commitment according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described clearly and completely with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only some embodiments of the present application, and not all embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present application without making any creative effort belong to the protection scope of the present application.
To facilitate understanding of the data sharing scheme provided herein, the corresponding techniques referred to herein are now explained:
the block chain technology is a technical scheme which is independent of a third party and carries out storage, verification, transmission and communication of network data through self distributed nodes, and has the characteristics of decentralization, openness and transparency and no tampering. Which may be considered a "world computer" with limited computing power, can solve the trust problem of a participant by automatically executing an intelligent contract.
The intelligent contract technology of the block chain is a computer protocol running in the block chain, is a computer program stored and running in the block chain, and can automatically run in a block chain network.
The state-channel technique is a blockchain extensibility technique that transfers any type of stateful operation performed on a blockchain from the chain to the chain down without requiring any additional trust. In particular, multiple blockchain users may send a special transaction to the blockchain to create a status channel and set the initialization status. The initial state of the state channel is then transformed under the chain. Finally, when the final state is reached or all users agree to close behavior, the state channel user can send a special transaction to the blockchain to close the state channel and anchor the final state in the blockchain.
The traceable ring signature technology is a special ring signature technology. The ring signature allows a signer to represent a signature set (a plurality of users) to sign, and simultaneously ensures the anonymity of the identity of the signer, and the signer does not need the cooperation of other members in the set during signing, even can not know by other members, and can realize the signing only by using the private key of the signer and the public keys of other members. Verifying the signature is different in that only the signature from the group members can be verified, but a particular member cannot be distinguished. The traceable ring signature technique implements a traceable (Trace) function in addition to the function of a ring signature. This functionality can reveal the identity of the signer without revealing the identity of the rest of the user.
Data integrity auditing technology is a technology that verifies the integrity of data storage. Verifying data storage integrity is checking whether data stored in a physical storage medium is corrupted by tampering, loss, etc. Data integrity verification techniques require a user to generate a data tag using the user's private key when storing raw data. When verifying the integrity of the data, the data integrity is judged whether to be damaged or not by carrying out the cryptographic operation on the data label and the original data.
The vector commitment technology is a basic primitive in cryptography, and plays an important role in security protocols such as voting, authentication, zero-knowledge proof and the like. Commitments have two important attributes: hiding the attribute, requiring that no message should be revealed by commitment; binding properties, requiring that each commitment and each message maintain a one-to-one correspondence. The vector commitment further satisfies the location binding property, in the ordered message set, the position of the committed message in the set can be proved, and the vector commitment is concise, that is, the size of the commitment must be independent of the message length.
Referring to fig. 1 and fig. 2, fig. 1 is a first flowchart illustrating a data sharing method based on ring signature and commitment according to an embodiment of the present disclosure, fig. 2 is a schematic view illustrating a scenario of a data sharing scheme based on ring signature and commitment according to an embodiment of the present disclosure, in fig. 2, a data user and a data provider may be a client, a server, and the like; the data sharing platform is a platform for providing data sharing service for data users and data providers, and can be provided with a verification module, an auditing module, a visualization module and a reporting module, wherein the verification module is used for verifying the signature of shared data, the auditing module generates a certificate for the shared data, the visualization module provides the visualization platform for each user, the reporting module is used for ensuring that the shared data does not have problems, once illegal data occur in the platform, the data sharing platform immediately deletes the file and reports the file to the corresponding data provider, and a bottom Storage component of the data sharing platform is flexible and can be a mixed model composed of a cloud center and a Decentralized Storage Network (DSN) and the like; the blockchain may consist of nodes from around the world or independent but untrusted entities that maintain a tamper-resistant evidence-perpetuating platform through consensus algorithms, such as workload certification algorithms, equity certification algorithms, utility byzantine algorithms, etc., and the blockchain may run intelligent contracts to support status channels.
The data sharing method based on the ring signature and the commitment, provided by the embodiment of the application, is applied to a target data provider and comprises the following steps:
step S101: and acquiring target data to be shared.
In practical application, a target data provider may obtain target data to be shared first, and the type of the target data may be determined according to actual needs, for example, the target data may be image data, audio/video data, text data, and the like, which is not specifically limited herein. And it should be noted that the target data provider refers to a provider of all data providers of the target data, which performs the corresponding method of the present application, and may be any data provider of all data providers of the target data.
Step S102: and generating the identifier and the version number of the target data and a signature random number corresponding to the target data.
In practical application, after acquiring target data to be shared, a target data provider does not directly store the target data to a data sharing platform for sharing, but needs to generate an identifier and a version number of the target data and a signature random number corresponding to the target data, for example, the identifier of the target data is generated based on a hash algorithm such as SHA-256 algorithm, so as to distinguish different target data by means of the identifier and the version number of the target data, and a traceable ring signature of the target data is generated by means of the signature random number.
Step S103: and generating a traceable ring signature of the target data based on a ring private key, a signature random number and a ring public key set of the target data provider, wherein the ring public key set comprises ring public keys of the target data provider and all other data providers.
In practical applications, after the target data provider generates the identifier, the version number, and the signature random number corresponding to the target data, the target data provider may generate a traceable ring signature of the target data based on a ring private key, a signature random number, and a ring public key set of the target data provider, where the ring public key set includes ring public keys of the target data provider and all other data providers. For ease of understanding, assume that the data provider of the target data has p 1 ,p 2 ,...p n N in total, the signature random number is issue, and the target data provider is p i The ring private key of the target data is rsk i The ring public key set is (rpk) 1 ,rpk 2 ,...,rpk n ) Then the target data provider may be based on rsk i 、issue、(rpk 1 ,rpk 2 ,...,rpk n ) A traceable ring signature RingSig is generated for the target data.
It should be noted that the traceable ring signature in the present application can be used for tracing a data provider of target data subsequently, so as to implement supervision on the data provider.
Step S104: vector commitment and assistance information is generated for the target data based on the vector commitment public parameters.
In practical applications, after the target data provider generates the traceable ring signature of the target data based on the ring private key, the signature random number, and the ring public key set of the target data provider, the target data provider may generate the vector commitment and the auxiliary information for the target data based on the vector commitment public parameter.
In a specific application scenario, the target data provider can split the data into q data blocks, i.e. make data = { m = { m = 1 ,m 2 ,...,m q Using the vector promise public parameter as data m 1 ,m 2 ,...,m q Generates vector commitment C and side information aux, etc.
It should be noted that, in a specific application scenario, each data provider may generate its traceable ring signature parameter by using a preset security parameter k, which includes a ring public and private key pair (rpk) j ,rsk j ) (ii) a The security parameter k and the vector number q may be utilized to generate a vector commitment public parameter pp, etc., which is not specifically limited herein.
Step S105: and storing the identifier, the traceable ring signature, the version number, the signature random number, the vector commitment and the ring public key set based on the intelligent contract of the block chain.
In practical applications, after the target data provider generates the vector commitment and the auxiliary information for the target data based on the vector commitment public parameter, the target data provider may store the identifier, the traceable ring signature, the version number, the signature random number, the vector commitment, and the ring public key set based on the blockchain intelligent contract, so that a subsequent data user can verify the authenticity of the received target data object based on the information stored in the blockchain intelligent contract.
Step S106: and acquiring the address and the transaction identifier of the intelligent contract of the block chain.
In practical applications, after creating a state channel transaction based on the identifier, the traceable ring signature, the version number, the signature random number, the vector commitment and the ring public key set and submitting the created state channel transaction to the blockchain, the target data provider can obtain an address and a transaction identifier of the blockchain intelligent contract, so as to guide a data user to read the blockchain intelligent contract based on the address in the following.
Step S107: and constructing an object head based on the identification, the address, the traceable ring signature, the version number and the transaction identification, constructing an object body based on the target data, and forming the object head and the object body into a target data object.
In practical application, after obtaining the address and the transaction identifier of the block chain intelligent contract, the target data provider may construct an object head based on the identifier, the address, the traceable ring signature, the version number and the transaction identifier, construct an object body based on the target data, and compose the object head and the object body into a target data object, so as to perform integrity verification and validity verification on the target data based on the target data object subsequently.
Step S108: and storing the target data object and the auxiliary information to the data sharing platform.
In practical applications, after the target data provider constructs an object header based on the identifier, the address, the traceable ring signature, the version number, and the transaction identifier, constructs an object body based on the target data, and composes the object header and the object body into a target data object, the target data object and the auxiliary information may be stored in the data sharing platform, so that the data sharing platform shares the target data with the data user based on the target data object and the auxiliary information.
In a specific application scenario, in order to facilitate a data user and the like to quickly query target data in a data sharing platform, a target data provider can also generate data description of the target data and store the data description to the data sharing platform after acquiring the target data to be shared.
The data sharing method based on the ring signature and the commitment is applied to a target data provider and used for obtaining target data to be shared; generating an identifier and a version number of target data and a signature random number corresponding to the target data; generating a traceable ring signature of the target data based on a ring private key, a signature random number and a ring public key set of a target data provider, wherein the ring public key set comprises ring public keys of the target data provider and all other data providers; generating vector commitments and auxiliary information for the target data based on the vector commitment public parameters; saving an identifier, a traceable ring signature, a version number, a signature random number, a vector commitment and a ring public key set based on the block chain intelligent contract; acquiring an address and a transaction identifier of a block chain intelligent contract; constructing an object head based on the identification, the address, the traceable ring signature, the version number and the transaction identification, constructing an object body based on the target data, and forming the object head and the object body into a target data object; and storing the target data object and the auxiliary information to the data sharing platform. In the application, a target data provider constructs an object head based on an identifier, an address, a traceable ring signature, a version number and a transaction identifier, constructs an object body based on target data, constructs the object head and the object body into a target data object, saves the target data object and auxiliary information to a data sharing platform, and saves the identifier, the traceable ring signature, the version number, a signature random number, a vector commitment and a ring public key set to a block chain intelligent contract, so that a data user can obtain real target data based on the identifier, the traceable ring signature, the version number, the signature random number, the vector commitment and the ring public key set under the condition of not exposing self privacy, and can trace the data provider of the target data based on the traceable ring signature subsequently.
Referring to fig. 3, fig. 3 is a second flowchart of a data sharing method based on ring signature and commitment according to an embodiment of the present application.
The data sharing method based on the ring signature and the commitment provided by the embodiment of the application is applied to a target data provider and comprises the following steps:
step S201: and acquiring target data to be shared.
Step S202: and generating the identifier and the version number of the target data and a signature random number corresponding to the target data.
Step S203: and generating a traceable ring signature of the target data based on a ring private key, a signature random number and a ring public key set of the target data provider, wherein the ring public key set comprises ring public keys of the target data provider and all other data providers.
Step S204: vector commitment and auxiliary information is generated for the target data based on the vector commitment public parameters.
Step S205: the method comprises the steps of saving identification, traceable ring signatures, version numbers, signature random numbers, vector commitments and ring public key sets based on a block chain intelligent contract.
In practical application, in order to improve the intelligent contract sharing of the target data provider to the block chainThe method has the advantages that the efficiency of data sharing is achieved, and in order to solve the problems of linear overhead and online assumption existing when a data provider uses a state channel technology, a target data provider stores an identification ID, a traceable ring signature RingSig, a version number VC, a signature random number issue, a vector commitment C and a ring public key set (rpk) based on a block chain intelligent contract 1 ,rpk 2 ,...,rpk n ) In the process of (3), all signature values Sig generated by the target data provider and all other data providers can be acquired j J =1,2, \ 8230, n, wherein the signature value generated by the data provider comprises signatures generated for the target data, the identification, the traceable ring signature, the signature nonce, the version number and the vector commitment based on the private key of the data provider, the data provider comprises the target data provider and other data providers; based on identification, traceable ring signature, version number, signature random number, vector commitment, ring public key set and public key set (pk) 1 ,pk 2 ,...,pk n ) All signature values construct transaction TX = { ID, ringSig, VC, issue, C, pk = { (ID, ringSig, VC, issue, C, pk) } 1 ,pk 2 ,...,pk n ,rpk 1 ,rpk 2 ,...,rpk n ,Sig 1 ,Sig 2 ,...Sig n A public key set comprises public keys of a target data provider and all other data providers; sending the transaction to a blockchain intelligent contract; correspondingly, after verifying that all signature values are legal, the intelligent block chain contract establishes a state channel, stores the identifier, the traceable ring signature, the version number, the signature random number, the vector commitment, the ring public key set and the public key set, and can terminate the data sharing process if any signature value is illegal.
Step S206: and acquiring the address and the transaction identifier of the intelligent contract of the block chain.
Step S207: and constructing an object head based on the identification, the address, the traceable ring signature, the version number and the transaction identification, constructing an object body based on the target data, and forming the object head and the object body into a target data object.
Step S208: a second proof is generated for the target data based on the auxiliary information.
Step S209: and sending the target data object, the vector commitment, the signature random number, the ring public key set, the auxiliary information and the second certification to a data sharing platform, so that the data sharing platform saves the target data object and the auxiliary information after verifying the traceable ring signature in the target data object based on the signature random number, the ring public key set and the target data in the target data object and verifying the second certification to be legal based on the vector commitment and the target data.
In practical application, in the process of storing the target data object and the auxiliary information to the data sharing platform, the target data user may generate a second proof for the target data based on the auxiliary information in order to accurately store the target data object and the auxiliary information to the data sharing platform; sending the target data object, the vector commitment, the signature random number, the ring public key set, the auxiliary information and the second certificate to a data sharing platform; correspondingly, the data sharing platform verifies the validity of the traceable ring signature in the target data object based on the signature random number, the ring public key set and the target data in the target data object, if the traceable ring signature in the target data object is legal, the traceable ring signature verifies whether the second certificate is legal or not based on the vector commitment and the target data, if the second certificate is legal, the target data object and the auxiliary information are stored, and in the process, if the traceable ring signature in the target data comparison is illegal or the second certificate is illegal, the data sharing method can be terminated, and the like.
In practical applications, after the target data provider saves the target data object and the auxiliary information to the data sharing platform, when the target data needs to be updated, the following steps S21 to S27 may be performed:
s21: and acquiring target updating data' obtained after the target updating data is updated.
S22: the update version number VC ' = VC +1 and the update signature random number issue ' of the target update data ' are generated.
S23: target data provider based ring private key rsk i Update signature random number issue' and ring public key set (rpk) 1 ,rpk 2 ,...,rpk n ) An update traceable ring signature RingSig' of the target update data is generated.
S24: and generating an updating vector commitment C 'and updating information U based on the vector commitment C, the target data and the target updating data'.
Specifically, when data = { m = { [ m ] 1 ,m 2 ,...,m q When it is, the target data provider can use the auxiliary information to generate a proof P for the jth data block j When only the target data = { m = 1 ,m 2 ,...,m q When part of the data in the } is updated, for example, update m j Is m j ', the target data provider can vector commitment C, data m j Data m j ', the data sequence number j generates an update vector commitment C' and update information U; and thereafter can utilize the proof P j Data m j Data m j ' update information U generates new certificate P j ' etc. to take advantage of the data m j ', update vector commitment C', new proof P j ' data m is shared on data sharing platform and blockchain intelligent contracts j Is updated to m j '。
S25: the target update data, the update traceable ring signature, the update version number, the update signature random number, and the update vector commitment { data ', ringSig', VC ', issue', C } are transmitted to all other data providers.
S26: if all other data providers verify that the update traceable ring signature is legal, whether write-write conflict exists with other data providers is judged.
S27: if there is no write-write conflict, the state channel is updated on the blockchain based on the identification, the update traceable ring signature, the update version number, the update signature random number, and the update vector commitment.
In practical applications, when a plurality of data providers all need to update target data, in order to avoid update conflicts, after the target data provider determines whether write-write conflicts exist between the target data provider and other data providers, the following steps S31 to 36 may be further performed:
s31: if there is a write-write collision with another data provider, a collision random number CR is generated i And based on the private key sk of the target data provider i Signature target update data i Self-collision random number CR i Get a conflictSignature signle i =Sign(data i ,CR i ,sk i )。
S32: receiving the collision random numbers and the collision signatures of other data providers with write-write collision.
Specifically, assume that there are m data providers, p respectively, with write-write conflicts 1 ,p 2 ,...,p i ,...p m Then each data provider generates its own conflicting random number CR j Private key sk based on itself j Signature target update data j Self-collision random number CR j Obtaining the signature of conflict j =Sign(data j ,CR j ,sk j )。
S33: and verifying whether the collision signatures of the other data providers with the write-write collision are legal or not based on the collision random numbers of the other data providers with the write-write collision.
S34, if the random number is legal, calculating the Hash value HV = Hash (CR) of all the collision random numbers 1 ||CR 2 ||...||CR m ) Calculating the distance value dis between the hash value and each of the conflicting random numbers j =|HV-CR j |,j∈[1,m]。
S35: and determining the data provider corresponding to the minimum distance value as an update executor, and indicating the update executor to update the state channel on the block chain based on the identifier, the update traceable ring signature, the update version number, the update signature random number and the update vector commitment.
Specifically, (dis, j) = min (dis) is calculated 1 ,dis 2 ,...,dis m ) The data provider corresponding to the output j is the update executor.
S36: and returning to execute the steps of judging whether the write-write conflict exists between the data supplier and other data suppliers or not and the later steps until the write-write conflict does not exist.
In practical application, in order to avoid frequent update of a state channel on a block chain intelligent contract by a target data provider, before the target data provider updates the state channel on the block chain based on an identifier, an update traceable ring signature, an update version number, an update signature random number and an update vector commitment, an update judgment value can be obtained through calculation based on an update mark and a file priority of target data through an operation formula, and an update threshold value is obtained through calculation based on an update interval of the target data; if the update decision value is smaller than the update threshold value, the under-link state is maintained; if the update judgment value is larger than or equal to the update threshold value, executing a step of updating a state channel on the block chain based on the identifier, the update traceable ring signature, the update version number, the update signature random number and the update vector commitment;
the operation formula comprises:
Figure BDA0003900114970000171
T=LoT*α;
wherein DUV represents an update determination value; data i Representing the ith data block in the target data; n represents a total data amount of the target data; AF i An update flag indicating the ith data in the target data, wherein data i When there is an update, AF i =1,data i When not updated, AF i =0;Pr i Representing the file priority of the ith data in the target data; t represents an update threshold value; loT denotes the update interval; and alpha represents a preset proportionality coefficient.
In practical application, in the process of updating a state channel on a block chain based on the identifier, the update traceable ring signature, the update version number, the update signature random number and the update vector commitment, a target data provider can construct an update transaction TX = { ID, ringSig ', VC', issue ', C' } based on the identifier, the update traceable ring signature, the update version number, the update signature random number and the update vector commitment; signing the update transaction based on the private key ski of the target data provider to obtain an update signature Sign i (TX); transmitting the update transaction and the update signature to a blockchain intelligent contract, the blockchain intelligent contract based on a public key set (pk) 1 ,pk 2 ,...,pk m ) After the update signature is verified to be legal, the identifier is saved, the traceable ring signature is updated, the version number is updated, the random number of the update signature, the commitment of the update vector, the public key set and the ring are updatedAnd in the process, if the update signature is not verified to be legal, the data sharing process can be terminated.
In practical application, when the status channel needs to be closed, all data providers p can be used j All utilize their own private key sk j Is the final target data ', an identification ID, a final traceable ring signature RingSig', a final random number issue ", final version number VC", final vector commitment C "generate signature Sig j '; and collecting the identification ID, the final traceable ring signature RingSig ', the final random number issue', the final version number VC ', the final vector commitment C' and all the signatures Sig by any data provider j ' construct transaction TX = { ID, ringSig ', VC ', issue ', C ', sig 1 ',Sig 2 ',...Sig n ' } to close the status channel; accordingly, the blockchain intelligent contract validates all Sigs 1 ',Sig 2 ',...Sig n ', if all Sigs 1 ',Sig 2 ',...Sig n If the ' sameness ' is valid, the { ID, ringSig ', VC ', issue ', C ', pk ' is permanently stored 1 ,pk 2 ,...,pk n ,rpk 1 ,rpk 2 ,...,rpk n }, if Sig 1 ',Sig 2 ',...Sig n ' if any of the signatures is illegal, the data sharing process may be terminated.
In practical application, when the data sharing platform reports that a data object has a problem to a data provider, the data sharing platform may delete a related object, and send the object to the data provider, and the data provider tracks a malicious user by using a data sharing-oriented controllable anonymous method, taking a target data provider as an example, after storing a target data object and auxiliary information to the data sharing platform, the target data provider may obtain a signature random number issue and a traceable ring signature sign of data to be traced, for example, obtain the signature random number and the traceable ring signature to be traced from a block chain intelligent contract according to an address in the object header sent by the data sharing platform; target data provider based ring private key rsk i Signature random number issue and ring public key set (rpk) 1 ,rpk 2 ,...,rpk n ) Generating to be tracedTracing signature sign of data i '; and judging whether the traceable signature is consistent with the traceable ring signature, if so, indicating that the target data provider is the traceable data provider, and outputting the ring public key of the target data provider. It will be appreciated that when all data providers perform the controlled anonymity method, malicious data providers can be traced.
Referring to fig. 4, fig. 4 is a third flowchart of a data sharing method based on ring signature and commitment according to an embodiment of the present application.
The data sharing method based on the ring signature and the commitment provided by the embodiment of the application is applied to a data user and comprises the following steps:
step S301: and sending a data acquisition request to the data sharing platform.
In practical applications, a data user may first send a data acquisition request to the data sharing platform to acquire the required target data by the data acquisition request.
In a specific application scenario, the data description of the target data may be stored in the data sharing platform, so that a data user may determine the required target data based on the data description and send a corresponding data acquisition request, that is, in the process of sending the data acquisition request to the data sharing platform, the data acquisition request may be sent to the data sharing platform, and the data acquisition request includes a request for acquiring the target data generated based on the data description on the data sharing platform.
Step S302: receiving a target data object and a first certificate returned by the data sharing platform, wherein the target data object comprises an object head and an object body, the object head comprises an identifier, an address, a traceable ring signature, a version number and a transaction identifier, the object body comprises target data, the first certificate comprises a certificate generated by the data sharing platform for the target data based on auxiliary information corresponding to the target data, and the auxiliary information comprises information generated for the target data based on a vector commitment public parameter.
In practical application, after the data user sends the data acquisition request to the data sharing platform, the data sharing platform may determine a target data object corresponding to the data acquisition request, generate a first certificate for a target based on auxiliary information corresponding to the target data, where the auxiliary information includes information generated for the target data based on the vector commitment public parameter, and finally return the target data object and the first certificate to the data user, and accordingly, the data user needs to receive the target data object and the first certificate returned by the data sharing platform.
It should be noted that, the target data object in the present application is generated by a data provider of the target data, and may include an object header and an object body, where the object header includes an identifier, an address, a traceable ring signature, a version number, and a transaction identifier, and the object body includes the target data, where the identifier is used to distinguish different target data; the address is used for representing a block chain state channel intelligent contract address corresponding to target data to be shared, and through the address, a data provider, a data user and a data sharing platform can access state channel parameters on the block chain; the traceable ring signature is used for tracing a data provider subsequently; the version number is used for representing the version number of the target data, and can be determined by the updating times of the target data, for example, the value of the version number is increased by one every time the target data is updated; the transaction identifier is used for representing an identifier of a transaction submitted to the blockchain when the data provider updates the corresponding data and status channels; the target data may be original data, or may be data obtained by encrypting the original data, for example, by using an AES symmetric encryption algorithm, an SM4 symmetric encryption algorithm, or the like.
Step S303: and accessing the intelligent contract of the block chain based on the address in the target data object, and acquiring a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set, wherein the check vector commitment comprises a commitment generated for the target data based on a vector commitment public parameter, and the ring public key set comprises ring public keys of all data providers of the target data.
In practical application, after receiving a target data object and a first certificate, a data user may access a block chain intelligent contract based on an address in the target data object to obtain a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set, where the check vector commitment includes a commitment generated for the target data based on a vector commitment public parameter, and the ring public key set includes ring public keys of all data providers of the target data, where the check identifier, the check traceable ring signature, the check version number, the signature random number, the check vector commitment and the ring public key set stored in the block chain intelligent contract are corresponding real information of the target data generated by the data providers of the target data, and thus, the data user may verify whether the received target data is correct based on corresponding information stored in the block chain intelligent contract to determine whether to obtain the required target data.
Step S304: and if the identification, the traceable ring signature and the version number in the target data object are correspondingly consistent with the check identification, the check traceable ring signature and the check version number, verifying the validity of the traceable ring signature in the target data object based on the signature random number, the ring public key set and the target data.
In practical application, after a data user accesses a block chain intelligent contract based on an address in a target data object, acquires a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set, the consistency of the target data can be verified, namely whether the identifier in the target data object is consistent with the check identifier, whether the traceable ring signature in the target data object is consistent with the check traceable ring signature, and whether the version number in the target data object is consistent with the check version number can be verified; if there is an inconsistency, it may be determined that the received target data is not the original target data, the data sharing process may be terminated, and so on.
Step S305: if the traceable ring signature in the target data object is legal, verifying the validity of the first proof based on the check vector commitment and the target data.
In practical application, after verifying the validity of the traceable ring signature in the target data object based on the signature random number, the ring public key set and the target data, the data user may terminate the data sharing process if the traceable ring signature in the target data object is illegal, and verify the validity of the first certificate based on the check vector commitment and the target data if the traceable ring signature in the target data object is legal.
Step S306: and if the first certificate is legal, storing the target data.
In practical application, a data user can store target data after verifying that a first certificate is legal based on a commitment of a check vector and the target data, and the target data stored by the data user is the target data shared by a data provider, namely, the application can ensure that the data user obtains real target data by means of identification, traceable ring signature, version number and the first certificate in a target data object; accordingly, if the first proof is verified to be illegal based on the check vector commitment and the target data, the data sharing process can be terminated, and the like.
For detailed description of corresponding steps in the data sharing method based on ring signature and commitment provided in the embodiment of the present application, reference may be made to the above embodiments, and details are not repeated here.
The application provides a data sharing method based on ring signatures and commitments, which is applied to data users and used for sending data acquisition requests to a data sharing platform; receiving a target data object and a first certificate returned by a data sharing platform, wherein the target data object comprises an object head and an object body, the object head comprises an identifier, an address, a traceable ring signature, a version number and a transaction identifier, the object body comprises target data, the first certificate comprises a certificate generated by the data sharing platform for the target data based on auxiliary information corresponding to the target data, and the auxiliary information comprises information generated for the target data based on a vector commitment public parameter; based on an address access block chain intelligent contract in a target data object, acquiring a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set, wherein the check vector commitment comprises a commitment generated for the target data based on a vector commitment public parameter, and the ring public key set comprises ring public keys of all data providers of the target data; if the identification, the traceable ring signature and the version number in the target data object are correspondingly consistent with the check identification, the traceable ring signature and the check version number, verifying the validity of the traceable ring signature in the target data object based on the signature random number, the ring public key set and the target data; if the traceable ring signature in the target data object is legal, verifying the validity of the first certificate based on the check vector commitment and the target data; and if the first certificate is legal, storing the target data. In the application, the data sharing platform returns the target data object and the first certificate to the data user based on the data acquisition request, and the data user can acquire the required target data without involving the privacy of the data user after verifying the target data object based on the check identifier, the check traceable ring signature, the check version number, the signature random number, the check vector commitment and the ring public key set stored in the block chain intelligent contract, and can subsequently supervise the target data based on the traceable ring signature.
The data sharing method based on the ring signature and the commitment, provided by the embodiment of the application, is applied to a data sharing platform, and can comprise the following steps:
receiving a data acquisition request sent by a data user;
determining a target data object corresponding to the data acquisition request, wherein the target data object comprises an object head and an object body, the object head comprises an identifier, an address, a traceable ring signature, a version number and a transaction identifier, and the object body comprises target data;
generating a first certificate for the target data based on auxiliary information corresponding to the target data, wherein the auxiliary information comprises information generated for the target data based on the vector commitment public parameter;
sending the target data object and the first certificate to a data user so that the data user can obtain a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set based on an address access block chain intelligent contract in the target data object, if the identifier, the traceable ring signature and the version number in the target data object are all correspondingly consistent with the check identifier, the check traceable ring signature and the check version number, verifying that the traceable ring signature in the target data object is legal based on the signature random number, the ring public key set and the target data, and saving the target data after verifying that the first certificate is legal based on the check vector commitment and the target data; the verification vector commitment comprises a commitment generated for the target data based on the vector commitment public parameters, and the ring public key set comprises ring public keys of all data providers of the target data.
For detailed description of corresponding steps in the data sharing method based on ring signature and commitment provided in the embodiment of the present application, reference may be made to the above embodiments, and details are not repeated here.
Referring to fig. 5, fig. 5 is a schematic structural diagram of a data sharing system based on ring signatures and commitments according to an embodiment of the present disclosure.
The data sharing system based on ring signature and commitment provided by the embodiment of the application is applied to a data user and comprises:
a first sending module 101, configured to send a data acquisition request to a data sharing platform;
the first receiving module 102 is configured to receive a target data object and a first certificate returned by the data sharing platform, where the target data object includes an object header and an object body, the object header includes an identifier, an address, a traceable ring signature, a version number, and a transaction identifier, the object body includes target data, the first certificate includes a certificate generated by the data sharing platform for the target data based on auxiliary information corresponding to the target data, and the auxiliary information includes information generated for the target data based on a vector commitment public parameter;
the first obtaining module 103 is configured to obtain, based on an address access block chain intelligent contract in the target data object, a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set, where the check vector commitment includes a commitment generated for the target data based on a vector commitment public parameter, and the ring public key set includes ring public keys of all data providers of the target data;
a first verification module 104, configured to verify validity of the traceable ring signature in the target data object based on the signature random number, the ring public key set, and the target data if the identifier, the traceable ring signature, and the version number in the target data object are all correspondingly consistent with the verification identifier, the verification traceable ring signature, and the verification version number; if the traceable ring signature in the target data object is legal, verifying the validity of the first certificate based on the check vector commitment and the target data; and if the first certificate is legal, storing the target data.
The data sharing method based on the ring signature and the commitment provided by the embodiment of the application is applied to a target data provider and comprises the following steps:
the second acquisition module is used for acquiring target data to be shared;
the first generation module is used for generating the identification and the version number of the target data and the signature random number corresponding to the target data;
the second generation module is used for generating a traceable ring signature of the target data based on a ring private key, a signature random number and a ring public key set of a target data provider, wherein the ring public key set comprises ring public keys of the target data provider and all other data providers;
a third generating module for generating a vector commitment and auxiliary information for the target data based on the vector commitment public parameter;
the first storage module is used for storing the identification, the traceable ring signature, the version number, the signature random number, the vector commitment and the ring public key set based on the block chain intelligent contract;
the third acquisition module is used for acquiring the address and the transaction identifier of the block chain intelligent contract;
the first construction module is used for constructing an object head based on the identification, the address, the traceable ring signature, the version number and the transaction identification, constructing an object body based on the target data, and forming the object head and the object body into a target data object;
and the second saving module is used for saving the target data object and the auxiliary information to the data sharing platform so that a data user sends a data acquisition request to the data sharing platform, receives the target data object and the first certificate returned by the data sharing platform, acquires a check identifier based on an address access block chain intelligent contract in the target data object, checks the traceable ring signature, the check version number, the signature random number, the check vector commitment and the ring public key set, verifies that the traceable ring signature in the target data object is legal based on the signature random number, the ring public key set and the target data if the identifier, the traceable ring signature and the version number in the target data object are all correspondingly consistent with the check identifier, the check traceable ring signature and the check version number, and saves the target data after verifying that the first certificate is legal based on the check vector commitment and the target data, wherein the first certificate comprises a certificate generated by the data sharing platform for the target data based on the auxiliary information.
The data sharing method based on the ring signature and the commitment provided by the embodiment of the application is applied to a data sharing platform and can comprise the following steps:
the second receiving module is used for receiving a data acquisition request sent by a data user;
the first determining module is used for determining a target data object corresponding to the data acquisition request, wherein the target data object comprises an object head and an object body, the object head comprises an identifier, an address, a traceable ring signature, a version number and a transaction identifier, and the object body comprises target data;
the fourth generation module is used for generating a first certificate for the target data based on auxiliary information corresponding to the target data, wherein the auxiliary information comprises information generated for the target data based on the vector commitment public parameter;
the second sending module is used for sending the target data object and the first certificate to a data user so that the data user can obtain a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set based on an address access block chain intelligent contract in the target data object, if the identifier, the traceable ring signature and the version number in the target data object are correspondingly consistent with the check identifier, the check traceable ring signature and the check version number, the traceable ring signature in the target data object is verified to be legal based on the signature random number, the ring public key set and the target data, and the target data is saved after the first certificate is verified to be legal based on the check vector commitment and the target data; the verification vector commitment comprises a commitment generated for the target data based on the vector commitment public parameters, and the ring public key set comprises ring public keys of all data providers of the target data.
For detailed description of corresponding modules in the data sharing system based on ring signatures and commitments provided in the embodiments of the present application, reference may be made to the above embodiments, and details are not repeated here.
The application also provides a data sharing device and a computer readable storage medium based on the ring signature and the commitment, which have the corresponding effects of the data sharing method based on the ring signature and the commitment provided by the embodiment of the application. Referring to fig. 6, fig. 6 is a schematic structural diagram of a data sharing device based on ring signatures and commitments according to an embodiment of the present application.
The data sharing device based on the ring signature and the commitment provided by the embodiment of the application comprises a memory 201 and a processor 202, wherein the memory 201 stores a computer program, and the processor 202 implements the steps of the data sharing method based on the ring signature and the commitment when executing the computer program as described in any one of the embodiments.
Referring to fig. 7, another data sharing device based on ring signatures and commitments provided in an embodiment of the present application may further include: an input port 203 connected to the processor 202, for transmitting an externally input command to the processor 202; a display unit 204 connected to the processor 202, for displaying the processing result of the processor 202 to the outside; and a communication module 205 connected to the processor 202 for enabling communication of the data sharing device with the outside world based on the ring signature and the commitment. The display unit 204 may be a display panel, a laser scanning display, or the like; the communication method adopted by the communication module 205 includes, but is not limited to, mobile high definition link technology (HML), universal Serial Bus (USB), high Definition Multimedia Interface (HDMI), and wireless connection: wireless fidelity technology (WiFi), bluetooth communication technology, bluetooth low energy communication technology, ieee802.11s based communication technology.
A computer-readable storage medium is provided in this application, and a computer program is stored in the computer-readable storage medium, and when executed by a processor, the computer program implements the steps of the data sharing method based on ring signature and commitment as described in any one of the above embodiments.
The computer-readable storage media to which the present application relates include Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage media known in the art.
For a description of relevant parts in the data sharing system, the data sharing device and the computer-readable storage medium based on the ring signature and the commitment provided in the embodiment of the present application, reference is made to detailed descriptions of corresponding parts in the data sharing method based on the ring signature and the commitment provided in the embodiment of the present application, and details are not repeated here. In addition, parts of the above technical solutions provided in the embodiments of the present application, which are consistent with the implementation principles of corresponding technical solutions in the prior art, are not described in detail so as to avoid redundant description.
It is further noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present application. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the application. Thus, the present application is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (15)

1. A data sharing method based on ring signature and commitment is applied to a data user and comprises the following steps:
sending a data acquisition request to a data sharing platform;
receiving a target data object and a first certificate returned by the data sharing platform, wherein the target data object comprises an object head and an object body, the object head comprises an identifier, an address, a traceable ring signature, a version number and a transaction identifier, the object body comprises the target data, the first certificate comprises a certificate generated by the data sharing platform for the target data based on auxiliary information corresponding to the target data, and the auxiliary information comprises information generated for the target data based on a vector commitment public parameter;
based on the address access block chain intelligent contract in the target data object, acquiring a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set, wherein the check vector commitment comprises a commitment generated for the target data based on the vector commitment public parameter, and the ring public key set comprises ring public keys of all data providers of the target data;
if the identifier, the traceable ring signature and the version number in the target data object are correspondingly consistent with the check identifier, the check traceable ring signature and the check version number, verifying the validity of the traceable ring signature in the target data object based on the signature random number, the ring public key set and the target data;
if the traceable ring signature in the target data object is legal, verifying the validity of the first certificate based on the check vector commitment and the target data;
and if the first certificate is legal, storing the target data.
2. The method of claim 1, wherein sending the data acquisition request to a data sharing platform comprises:
and sending the data acquisition request to the data sharing platform, wherein the data acquisition request comprises a request for acquiring the target data generated based on the data description on the data sharing platform.
3. A data sharing method based on ring signature and commitment is applied to a target data provider and comprises the following steps:
acquiring target data to be shared;
generating an identifier and a version number of the target data and a signature random number corresponding to the target data;
generating a traceable ring signature of the target data based on a ring private key of the target data provider, the signature random number and a ring public key set, wherein the ring public key set comprises ring public keys of the target data provider and all other data providers;
generating vector commitments and auxiliary information for the target data based on vector commitment public parameters;
saving the identification, the traceable ring signature, the version number, the signature nonce, the vector commitment, the ring public key set based on a blockchain smart contract;
acquiring an address and a transaction identifier of the block chain intelligent contract;
constructing an object head based on the identification, the address, the traceable ring signature, the version number and the transaction identification, constructing an object body based on the target data, and forming the object head and the object body into a target data object;
the target data object and the auxiliary information are saved to a data sharing platform, so that a data user sends a data obtaining request to the data sharing platform, receives a target data object and a first certificate returned by the data sharing platform, accesses the block chain intelligent contract based on the address in the target data object to obtain a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set, if the identifier, the traceable ring signature and the version number in the target data object are correspondingly consistent with the check identifier, the check traceable ring signature and the check version number, the traceable ring signature in the target data object is verified based on the signature random number, the ring public key set and the target data, and the target data is saved after the first certificate is verified to be legal based on the check vector and the target data, wherein the first certificate comprises a certificate generated by the data sharing platform for the target data based on the auxiliary information.
4. The method of claim 3, wherein saving the target data object and the auxiliary information to a data sharing platform comprises:
generating a second proof for the target data based on the auxiliary information;
and sending the target data object, the vector commitment, the signature random number, the ring public key set, the auxiliary information and the second certification to the data sharing platform, so that the data sharing platform saves the target data object and the auxiliary information after verifying that the traceable ring signature in the target data object is legal based on the signature random number, the ring public key set and the target data in the target data object and verifying that the second certification is legal based on the vector commitment and the target data.
5. The method of claim 4, wherein saving the identification, the traceable ring signature, the version number, the signature nonce, the vector commitment, the ring public key set based on a block chain intelligent contract comprises:
acquiring all signature values generated by the target data provider and all other data providers, wherein the signature values generated by the data provider comprise signatures generated for the target data, the identifier, the traceable ring signature, the signature random number, the version number and the vector commitment based on a private key of the data provider, and the data provider comprises the target data provider and the other data providers;
constructing a transaction based on the identification, the traceable ring signature, the version number, the signature nonce, the vector commitment, the ring public key set, a public key set, all the signature values, the public key set including public keys of the target data provider and all the other data providers;
and sending the transaction to the block chain intelligent contract so as to establish a state channel after the block chain intelligent contract verifies that all the signature values are legal, and storing the identifier, the traceable ring signature, the version number, the signature random number, the vector commitment, the ring public key set and the public key set.
6. The method of claim 5, wherein after saving the target data object and the auxiliary information to a data sharing platform, further comprising:
acquiring target updating data obtained after the target data is updated;
generating an update version number and an update signature random number of the target update data;
generating an update traceable ring signature for the target update data based on the ring private key, the update signature nonce, and the ring public key set of the target data provider;
generating update vector commitments and update information based on the vector commitments, the target data and the target update data;
transmitting the target update data, the update traceable ring signature, the update version number, the update signature nonce, and the update vector commitment to all of the other data providers;
if all the other data providers verify that the update traceable ring signature is legal, judging whether write-write conflict exists between the other data providers;
if the write-write conflict does not exist, updating the status channel on a blockchain based on the identification, the update traceable ring signature, the update version number, the update signature nonce, and the update vector commitment.
7. The method of claim 6, wherein after determining whether a write-write conflict exists with the other data provider, further comprising:
if the write-write conflict exists between the target data provider and the other data providers, generating a conflict random number per se, and signing the target new data and the conflict random number per se on the basis of a private key of the target data provider to obtain a conflict signature;
receiving the collision random numbers and the collision signatures of the other data providers having the write-write collision;
verifying whether the conflicting signatures of the other data providers having the write-write conflict are legitimate based on the conflicting random numbers of the other data providers having the write-write conflict;
if the collision random numbers are legal, calculating hash values of all the collision random numbers, and calculating a distance value between each hash value and each collision random number;
determining the data provider corresponding to the smallest distance value as an update executor, instructing the update executor to update the status channel on the blockchain based on the identification, the update traceable ring signature, the update version number, the update signature nonce, and the update vector commitment;
and returning to execute the steps of judging whether write-write conflict exists between the data supplier and other data suppliers or not and the subsequent steps.
8. The method of claim 7, wherein prior to updating the status channel over a blockchain based on the identification, the update traceable ring signature, the update version number, the update signature nonce, and the update vector commitment, further comprising:
calculating to obtain an updating judgment value based on the updating mark and the file priority of the target data and calculating to obtain an updating threshold value based on the updating interval of the target data through an operation formula;
if the update decision value is smaller than the update threshold value, maintaining the under-link state;
if the update decision value is greater than or equal to the update threshold value, then executing the step of updating the status channel on the block chain based on the identifier, the update traceable ring signature, the update version number, the update signature nonce, and the update vector commitment;
the operation formula comprises:
Figure FDA0003900114960000041
T=LoT*α;
wherein DUV represents the update determination value; data i Representing the ith data block in the target data; n represents a total data amount of the target data; AF i The update flag representing the ith data in the target data, wherein data i When there is an update, AF i =1,data i When not updated, AF i =0;Pr i Representing the file priority of the ith data in the target data; t represents the update threshold value; loT represents the update interval; and alpha represents a preset proportionality coefficient.
9. The method according to any of claims 6 to 8, wherein said updating said status channel over a blockchain based on said identification, said update traceable ring signature, said update version number, said update signature nonce, and said update vector commitment comprises:
constructing an update transaction based on the identification, the update traceable ring signature, the update version number, the update signature nonce, and the update vector commitment;
signing the update transaction based on a private key of the target data provider to obtain an update signature;
transmitting the update transaction and the update signature to the blockchain intelligent contract, such that the blockchain intelligent contract saves the identifier, the update traceable ring signature, the update version number, the update signature nonce, the update vector commitment, the public key set, and the ring public key set after verifying that the update signature is legitimate based on the public key set.
10. The method of claim 9, wherein after saving the target data object and the auxiliary information to the data sharing platform, further comprising:
acquiring the signature random number and the traceable ring signature of the data to be traced;
generating a tracing signature of the data to be traced based on a ring private key of the target data provider, the signature random number and the ring public key set;
and judging whether the traceable signature is consistent with the traceable ring signature or not, and if so, outputting the ring public key of the target data provider.
11. The method of claim 3, wherein after obtaining the target data to be shared, further comprising:
and generating a data description of the target data and storing the data description to the data sharing platform.
12. A data sharing method based on ring signature and commitment is applied to a data sharing platform and comprises the following steps:
receiving a data acquisition request sent by a data user;
determining a target data object corresponding to the data acquisition request, wherein the target data object comprises an object head and an object body, the object head comprises an identifier, an address, a traceable ring signature, a version number and a transaction identifier, and the object body comprises the target data;
generating a first proof for the target data based on auxiliary information corresponding to the target data, the auxiliary information including information generated for the target data based on vector commitment public parameters;
sending the target data object and the first certificate to the data user, so that the data user obtains a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment and a ring public key set based on the address access block chain intelligent contract in the target data object, if the identifier, the traceable ring signature and the version number in the target data object are correspondingly consistent with the check identifier, the check traceable ring signature and the check version number, verifying that the traceable ring signature in the target data object is legal based on the signature random number, the ring public key set and the target data, and saving the target data after verifying that the first certificate is legal based on the check vector commitment and the target data; wherein the check vector commitment comprises a commitment generated for the target data based on the vector commitment public parameter, and the ring public key set comprises ring public keys of all data providers of the target data.
13. A data sharing system based on ring signature and commitment, applied to a data user, comprising:
the first sending module is used for sending a data acquisition request to the data sharing platform;
a first receiving module, configured to receive a target data object and a first certificate returned by the data sharing platform, where the target data object includes an object header and an object body, the object header includes an identifier, an address, a traceable ring signature, a version number, and a transaction identifier, the object body includes the target data, the first certificate includes a certificate generated by the data sharing platform for the target data based on auxiliary information corresponding to the target data, and the auxiliary information includes information generated for the target data based on a vector commitment public parameter;
a first obtaining module, configured to obtain, based on the address access blockchain intelligent contract in the target data object, a check identifier, a check traceable ring signature, a check version number, a signature random number, a check vector commitment, and a ring public key set, where the check vector commitment includes a commitment generated for the target data based on the vector commitment public parameter, and the ring public key set includes ring public keys of all data providers of the target data;
a first verification module, configured to verify validity of the traceable ring signature in the target data object based on the signature random number, the ring public key set, and the target data if the identifier, the traceable ring signature, and the version number in the target data object are all correspondingly consistent with the verification identifier, the verification traceable ring signature, and the verification version number; if the traceable ring signature in the target data object is legal, verifying the validity of the first certificate based on the check vector commitment and the target data; and if the first certificate is legal, storing the target data.
14. A data sharing device based on ring signatures and commitments, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the ring signature and commitment based data sharing method as claimed in any one of claims 1 to 12 when executing said computer program.
15. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the ring signature and commitment based data sharing method as defined in any one of claims 1 to 12.
CN202211286413.1A 2022-10-20 2022-10-20 Data sharing method, system, equipment and medium based on ring signature and promise Active CN115510504B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211286413.1A CN115510504B (en) 2022-10-20 2022-10-20 Data sharing method, system, equipment and medium based on ring signature and promise

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211286413.1A CN115510504B (en) 2022-10-20 2022-10-20 Data sharing method, system, equipment and medium based on ring signature and promise

Publications (2)

Publication Number Publication Date
CN115510504A true CN115510504A (en) 2022-12-23
CN115510504B CN115510504B (en) 2023-06-16

Family

ID=84510283

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211286413.1A Active CN115510504B (en) 2022-10-20 2022-10-20 Data sharing method, system, equipment and medium based on ring signature and promise

Country Status (1)

Country Link
CN (1) CN115510504B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190273620A1 (en) * 2017-07-18 2019-09-05 Zhongan Information Technology Service Co., Ltd. Data sharing method and data sharing system
CN111709058A (en) * 2020-06-09 2020-09-25 陕西师范大学 Data integrity verification method based on identity and ring signature
CN111881481A (en) * 2020-08-05 2020-11-03 杭州翔毅科技有限公司 Block chain-based medical data processing method, device, equipment and storage medium
CN111950032A (en) * 2020-09-01 2020-11-17 宁波富万信息科技有限公司 Block chain-based data storage method, terminal device and storage medium
CN112132578A (en) * 2020-09-16 2020-12-25 建信金融科技有限责任公司 Efficient transaction processing method, tracking method and device based on block chain
CN112256800A (en) * 2020-12-21 2021-01-22 支付宝(杭州)信息技术有限公司 Vector commitment-based alliance link data processing method, device and equipment
CN112365252A (en) * 2020-07-31 2021-02-12 深圳市网心科技有限公司 Account model-based privacy transaction method and device and related equipment
CN113411384A (en) * 2021-06-10 2021-09-17 华中科技大学 System and method for privacy protection in data security sharing process of Internet of things

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190273620A1 (en) * 2017-07-18 2019-09-05 Zhongan Information Technology Service Co., Ltd. Data sharing method and data sharing system
CN111709058A (en) * 2020-06-09 2020-09-25 陕西师范大学 Data integrity verification method based on identity and ring signature
CN112365252A (en) * 2020-07-31 2021-02-12 深圳市网心科技有限公司 Account model-based privacy transaction method and device and related equipment
CN111881481A (en) * 2020-08-05 2020-11-03 杭州翔毅科技有限公司 Block chain-based medical data processing method, device, equipment and storage medium
CN111950032A (en) * 2020-09-01 2020-11-17 宁波富万信息科技有限公司 Block chain-based data storage method, terminal device and storage medium
CN112132578A (en) * 2020-09-16 2020-12-25 建信金融科技有限责任公司 Efficient transaction processing method, tracking method and device based on block chain
CN112256800A (en) * 2020-12-21 2021-01-22 支付宝(杭州)信息技术有限公司 Vector commitment-based alliance link data processing method, device and equipment
CN113411384A (en) * 2021-06-10 2021-09-17 华中科技大学 System and method for privacy protection in data security sharing process of Internet of things

Also Published As

Publication number Publication date
CN115510504B (en) 2023-06-16

Similar Documents

Publication Publication Date Title
EP4120114A1 (en) Data processing method and apparatus, smart device and storage medium
CN109829326B (en) Cross-domain authentication and fair audit de-duplication cloud storage system based on block chain
De Oliveira et al. Towards a blockchain-based secure electronic medical record for healthcare applications
Chattaraj et al. Block-CLAP: Blockchain-assisted certificateless key agreement protocol for internet of vehicles in smart transportation
CN110288480B (en) Private transaction method and device for blockchain
CN102594558B (en) Anonymous digital certificate system and verification method of trustable computing environment
CN110958111B (en) Block chain-based identity authentication mechanism of electric power mobile terminal
CN109104284B (en) Block chain anonymous transmission method based on ring signature
Wu et al. A provably secure authentication and key exchange protocol in vehicular ad hoc networks
CN109687965A (en) The real name identification method of subscriber identity information in a kind of protection network
Milne et al. Cyber-physical trust systems driven by blockchain
Shen et al. Blockchain for transparent data management toward 6G
CN110944301A (en) Intelligent cell equipment monitoring system based on block chain and key management method
CN114760071B (en) Zero-knowledge proof based cross-domain digital certificate management method, system and medium
CN111614680A (en) CP-ABE-based traceable cloud storage access control method and system
CN109981287A (en) A kind of code signature method and its storage medium
CN102638345A (en) DAA (Data Access Arrangement) authentication method and system based on elliptical curve divergence logarithm intractability assumption
CN115345618B (en) Block chain transaction verification method and system based on mixed quantum digital signature
CN115174091A (en) Homomorphic encryption privacy protection method for distributed digital identity
CN113328854B (en) Service processing method and system based on block chain
Chen et al. BCGS: Blockchain-assisted privacy-preserving cross-domain authentication for VANETs
Subramani et al. Blockchain-based physically secure and privacy-aware anonymous authentication scheme for fog-based VANETs
US11943210B2 (en) System and method for distributed, keyless electronic transactions with authentication
Liu et al. A blockchain-based cross-domain authentication management system for IoT devices
CN112733179A (en) Lightweight non-interactive privacy protection data aggregation method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant