CN115550026B - Multi-supervision method, system and storage medium based on blockchain transaction - Google Patents

Multi-supervision method, system and storage medium based on blockchain transaction Download PDF

Info

Publication number
CN115550026B
CN115550026B CN202211177023.0A CN202211177023A CN115550026B CN 115550026 B CN115550026 B CN 115550026B CN 202211177023 A CN202211177023 A CN 202211177023A CN 115550026 B CN115550026 B CN 115550026B
Authority
CN
China
Prior art keywords
supervision
key
financial institution
blockchain transaction
direct
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211177023.0A
Other languages
Chinese (zh)
Other versions
CN115550026A (en
Inventor
王楠
刘浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CCB Finetech Co Ltd
Original Assignee
CCB Finetech Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CCB Finetech Co Ltd filed Critical CCB Finetech Co Ltd
Priority to CN202211177023.0A priority Critical patent/CN115550026B/en
Publication of CN115550026A publication Critical patent/CN115550026A/en
Application granted granted Critical
Publication of CN115550026B publication Critical patent/CN115550026B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Health & Medical Sciences (AREA)
  • Business, Economics & Management (AREA)
  • Bioethics (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • General Physics & Mathematics (AREA)
  • Finance (AREA)
  • Accounting & Taxation (AREA)
  • Software Systems (AREA)
  • Technology Law (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Computing Systems (AREA)
  • Medical Informatics (AREA)
  • Databases & Information Systems (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The application relates to the technical field of financial supervision and provides a blockchain transaction-based multiple supervision method, a blockchain transaction-based multiple supervision system and a storage medium. The method comprises the following steps: the financial institution encrypts the user transaction according to the self supervision key to construct a blockchain transaction; any one of the plurality of supervision authorities acquires the supervision key of the next-level supervision authorities step by step until acquiring the supervision key of the direct supervision authorities, and calculates to obtain the supervision key of the financial institution; and any supervision organization calculates a key of the blockchain transaction according to the supervision key of the financial institution, and decrypts the blockchain transaction through the key so as to supervise the blockchain transaction. By adopting the method, any level of supervision authorities can decrypt the content of the blockchain transaction by obtaining the supervision key of the financial institutions, thereby realizing multiparty multiple supervision on the financial institutions and protecting the privacy of user transactions.

Description

Multi-supervision method, system and storage medium based on blockchain transaction
Technical Field
The present application relates to the technical field of financial supervision, and in particular, to a blockchain transaction-based multiple supervision method, a blockchain transaction-based multiple supervision system, a computer readable storage medium, and a computer program product.
Background
Blockchain technology provides a convenient tool for financial activities, intelligent contracts in the blockchain can be used as a trusted third party to manage digital assets, relatively complex financial policies or financial activities can be realized, and human errors are avoided. Typically, blockchain data is visible within the scope of the consensus node, so the blockchain itself is publicly transparent. Blockchain technology presents challenges to compliance of financial activities or privacy of users.
Financial institutions are often subject to multiple party supervision, possibly with simultaneous supervision of a certain financial institution as required by the business. Often, the authorities are hierarchical in structure, and a high-level authority is to be able to supervise a financial institution supervised by a low-level authority.
In blockchain transactions, after the privacy protection technology with higher intensity is applied, a back door is reserved for a supervision organization while privacy protection is performed, so that the supervision organization can see addresses of a sender and a receiver of the transaction and the amount of the transaction, and the realization is difficult. The current solution mainly protects the amount of money through homomorphic encryption algorithm, proves the compliance of the transaction through zero knowledge proof technology, and realizes supervision through methods such as key escrow and the like. The scheme adopting the zero knowledge proof technology only supports post evidence obtaining at present and cannot be used for actively finding the problems in financial activities, and the solution does not have a refinement scheme aiming at multiple supervision and cannot meet the multiple supervision demands of multiple parties. How to realize multiparty multiple supervision (supervision of multiple supervision authorities of different levels on the same financial institution) under the condition of protecting user privacy, and the utilization of blockchain technology for compliance of the financial institution under supervision is a problem to be solved at present.
Disclosure of Invention
In order to solve the technical defects, the application provides a multi-supervision method and system based on blockchain transaction.
The first aspect of the present application provides a multi-supervision method based on blockchain transactions, comprising:
the financial institution serving as the blockchain node encrypts the user transaction according to the supervision key of the financial institution to construct a blockchain transaction;
any one of the plurality of authorities acquires the supervision key of the next level of authorities step by step until the supervision key of the direct supervision authority of the financial institution is acquired, and the supervision key of the financial institution is obtained according to the supervision key calculation of the direct supervision authority; at least one highest authority and at least one direct authority of the plurality of authorities;
and any supervision organization calculates a key of the blockchain transaction according to the supervision key of the financial institution, and decrypts the blockchain transaction through the key so as to supervise the blockchain transaction.
In an embodiment of the present application, prior to the financial institution constructing the blockchain transaction, the method further includes:
generating a supervision key of the highest supervision institution, and generating a supervision key of the next-level supervision institution according to the supervision key of the highest supervision institution; a supervision key for the financial institution is generated.
In an embodiment of the present application, the generating a supervision key of a financial institution includes:
generating a supervision key of the financial institution according to the supervision key of the direct supervision institution when the financial institution has only one direct supervision institution;
in the case of a financial institution having a plurality of direct authorities, the authority keys of the financial institution are randomly generated, and the authority keys of the financial institution and the authority keys of the direct authorities constitute a bystander insoluble function family.
In an embodiment of the present application, the encrypting, by the financial institution as the blockchain node, the user transaction according to the supervision key of the financial institution includes: the financial institution generates parameters or keys required for blockchain transaction privacy protection according to the supervision key of the financial institution; encrypting the user transaction according to the parameter or the key.
In an embodiment of the present application, the financial institution generates parameters or keys required for blockchain transaction privacy protection according to a supervision key of the financial institution, including:
generating a random large integer by taking a supervision key of a financial institution as a random number seed, determining prime numbers by taking the random large integer as a prime number searching starting point, and calculating parameters required by blockchain transaction by utilizing the prime numbers;
and taking the supervision key of the financial institution as a random number seed, and adopting a pseudo-random number generation function to generate a key required for protecting the privacy of the blockchain transaction.
In an embodiment of the present application, the constructing a blockchain transaction includes:
if the financial institution has multiple direct authorities, when the financial institution constructs the blockchain transaction, the description of the function h is included in the blockchain transaction, the function h is sampled from a collateral insoluble function family consisting of the supervision key of the financial institution and the supervision key of the direct authority, and the function h is collected
Figure GDA0004264740300000031
The mapping value on is K Fi
Wherein PRF represents a pseudo random number generating function, F i Representing a financial institution, N j1 、N jk Representing a direct regulatory agency,
Figure GDA0004264740300000032
representing the supervision key of the direct supervision authority, ID Fi Represent financial institutions, K Fi Representing the administrative key of the financial institution.
In this embodiment of the present application, the calculating, according to the supervision key of the direct supervision authority, the supervision key of the financial institution includes: if the financial institution has a plurality of direct supervision institutions, the supervision keys of the direct supervision institutions are substituted into the function h described in the blockchain transaction, and the supervision keys of the financial institution are obtained through calculation.
In an embodiment of the present application, any of the authorities calculates a key for blockchain transactions from a supervision key of a financial institution, including: the supervision key of the financial institution is used as a random number seed to generate a random large integer, the random large integer is used as a starting point of prime number searching to determine prime numbers, and the key of the blockchain transaction is obtained through calculation according to the prime numbers.
A second aspect of the present application provides a blockchain transaction based multi-custody system comprising:
the financial institution is used as a blockchain node and used for encrypting the user transaction according to the supervision key of the financial institution to construct a blockchain transaction; and
a plurality of regulatory authorities;
at least one highest authority and at least one direct authority of the plurality of authorities;
any of a plurality of regulatory authorities are used to:
acquiring the supervision key of the next-stage supervision mechanism step by step until the supervision key of the direct supervision mechanism is acquired;
obtaining the supervision key of the financial institution according to the supervision key calculation of the direct supervision institution;
and calculating a key of the blockchain transaction according to the supervision key of the financial institution, and decrypting the blockchain transaction through the key to supervise the blockchain transaction.
In an embodiment of the present application, prior to a financial institution constructing a blockchain transaction:
the highest supervision agency generates a supervision key of the highest supervision agency, and a pseudo-random number generation function is utilized to generate a supervision key of the next supervision agency according to the supervision key of the highest supervision agency;
in the case where the financial institution has only one direct regulatory agency, the direct regulatory agency generates a regulatory key of the financial institution according to the regulatory key of the direct regulatory agency;
in the case of a financial institution having a plurality of direct authorities, the financial institution randomly generates the authority keys for the financial institution, and the authority keys for the financial institution and the direct authorities constitute a family of bystander insoluble functions.
In an embodiment of the present application, the encrypting the user transaction according to the supervision key of the financial institution includes: the financial institution generates a random large integer by taking a supervision key of the financial institution as a random number seed, determines prime numbers by taking the random large integer as a prime number searching starting point, and calculates parameters required by block chain transaction privacy protection by utilizing the prime numbers; taking a supervision key of a financial institution as a random number seed, and adopting a pseudo-random number generation function to generate a key required by blockchain transaction privacy protection; encrypting the user transaction according to the parameter or the key.
In the embodiment of the application, any supervision authority in a plurality of supervision authorities generates a random large integer according to a supervision key of a financial institution as a random number seed, determines prime numbers by taking the random large integer as a starting point of prime number searching, and calculates a key of a blockchain transaction according to the prime numbers.
A third aspect of the present application provides a machine-readable storage medium having stored therein computer instructions which, when executed by a processor, are configured to implement the blockchain-based transaction multi-custody method provided in the first aspect above.
A fourth aspect of the present application provides a computer program product comprising a computer program which, when executed by a processor, implements the blockchain transaction based multi-custody method provided in the first aspect above.
According to the multi-supervision method and system based on blockchain transactions, supervision paths are found to supervise financial institutions based on hierarchical structures of supervision institutions. Any supervision organization in all supervision organizations acquires the supervision key of the subordinate supervision organization step by step from the hierarchical structure, so that the supervision key of the financial institution is obtained, the content of each blockchain transaction of the manager is decrypted through the supervision key of the financial institution, thereby realizing supervision of the financial institution, meeting the multi-party multiple supervision requirements and protecting the user transaction privacy.
Additional features and advantages of embodiments of the present application will be set forth in the detailed description that follows.
Drawings
The accompanying drawings are included to provide a further understanding of embodiments of the present application and are incorporated in and constitute a part of this specification, illustrate embodiments of the present application and together with the description serve to explain, without limitation, the embodiments of the present application. In the drawings:
FIG. 1 is a flow chart of a multi-policing method based on blockchain transactions provided in embodiments of the present application;
FIG. 2 is a flow chart of generating blockchain smart contract-related key parameters in an embodiment of the present application;
FIG. 3 is a flow chart of a financial institution constructing a blockchain transaction in accordance with an embodiment of the present application;
FIG. 4 is a flow chart of a supervisor decrypting a blockchain transaction in an embodiment of the present application;
FIG. 5 is a schematic diagram of a hierarchy of a regulatory body in an example one of the present application;
FIG. 6 is a schematic diagram of a hierarchy of a regulatory body in example two of the present application;
fig. 7 is a block chain transaction based architecture diagram of a multi-supervisory system according to an embodiment of the present application.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of the embodiments of the present application more clear, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it should be understood that the specific implementations described herein are only for illustrating and explaining the embodiments of the present application, and are not intended to limit the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present application based on the embodiments herein.
Term interpretation:
a family of bystander insoluble functions: sibling intractable function families, abbreviated as SIFF, the concept of the paralytic family of functions is presented in the paper Sibling intractable function families and their applications published by Yuliang Zheng et al, the society of subclose (Asian cryptology society) in 1991.
Fig. 1 is a flowchart of a multi-policing method based on blockchain transactions in accordance with an embodiment of the present application. As shown in fig. 1, in one embodiment of the present application, a multi-supervision method based on blockchain transactions is provided, which includes the following steps:
step 102, the financial institution serving as the blockchain node encrypts the user transaction according to the supervision key of the financial institution to construct a blockchain transaction;
step 104, any one of the plurality of authorities acquires the supervision key of the next level of supervision authorities step by step until the supervision key of the direct supervision authority of the financial institution is acquired, and the supervision key of the financial institution is obtained according to the supervision key calculation of the direct supervision authority; at least one highest authority and at least one direct authority of the plurality of authorities;
and 106, any supervision organization calculates a key of the blockchain transaction according to the supervision key of the financial institution, and decrypts the blockchain transaction through the key so as to supervise the blockchain transaction.
According to the multi-supervision method based on blockchain transactions, a supervision path is found to supervise a financial institution based on a hierarchical structure of the supervision institution. Any of all the authorities acquires the supervision key of the subordinate authorities step by step from the hierarchical structure, thereby acquiring the supervision key of the financial institution.
Because the key required by the user privacy protection algorithm is calculated according to the supervision key, the supervision mechanism can recalculate the key of the user privacy protection algorithm, thereby decrypting the ciphertext in the blockchain transaction constructed by the financial institution in the blockchain and the ciphertext in the intelligent contract deployed by the financial institution, and realizing the whole process supervision of the transaction.
When the financial institutions are supervised by the supervision authorities of the hierarchical structure, by adopting the multi-supervision method based on blockchain transactions, any level of supervision authorities can decrypt the content of each blockchain transaction of the manager by obtaining the supervision key of the financial institutions, so that supervision of the financial institutions is realized, multi-party multi-supervision requirements are met, and the user transaction privacy is protected.
It should be understood that, although the steps in the flowchart of fig. 1 are shown in sequence as indicated by the arrows, the steps are not necessarily performed in sequence as indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in fig. 1 may include multiple sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, nor do the order in which the sub-steps or stages are performed necessarily performed in sequence, but may be performed alternately or alternately with at least a portion of other steps or sub-steps of other steps.
In one embodiment, prior to step 102 described above, a policing key of the highest policing authority is generated, a policing key of a next level of policing authorities is generated from the policing key of the highest policing authority, and a policing key of the financial institution is generated. Generating a supervision key of the financial institution according to the supervision key of the direct supervision institution when the financial institution has only one direct supervision institution; in the case of a financial institution having a plurality of direct authorities, the authority keys of the financial institution are randomly generated, and the authority keys of the financial institution and the authority keys of the direct authorities constitute a bystander insoluble function family SIFF. Multiple parties of regulatory authorities and financial institutions can be considered as a partial sequence set, wherein the relationships are hierarchical or regulatory relationships, and then a SIFF key distribution method is adopted on the partial sequence set to generate a regulatory key for each institution.
In one embodiment, in step 102, the financial institution generates parameters or keys required for blockchain transaction privacy protection based on the administrative keys of the financial institution, and encrypts the user transaction based on the generated parameters or keys. Specifically, a supervision key of a financial institution is used as a random number seed to generate a random large integer, the random large integer is used as a starting point of prime number searching to determine prime numbers (prime numbers), and parameters required by the privacy protection of the blockchain transaction are calculated by using the prime numbers; the supervision key of the financial institution is used as a random number seed, and a pseudo-random number generation function is adopted to generate a key required by the blockchain transaction. In step 106, the supervision key of the financial institution is used as a random number seed to generate a random large integer, the random large integer is used as a starting point of prime number searching to determine prime numbers, and the key of the blockchain transaction can be calculated according to the determined prime numbers.
In one embodiment, if the financial institution has multiple direct authorities, the multiple direct authorities are denoted as { N }, step 102 j1 ,…,N jk }. In constructing a blockchain transaction by a financial institution, a description is included in the blockchain transaction of a function h sampled from a family of collateral insoluble functions consisting of a supervision key of the financial institution and a supervision key of a direct supervision institution, the function h being collected
Figure GDA0004264740300000081
The mapping value on is K Fi The method comprises the steps of carrying out a first treatment on the surface of the Wherein PRF represents a pseudo random number generating function, F i Representing a financial institution, N j1 ,...,N jk Representing a direct regulatory agency,
Figure GDA0004264740300000082
representing the supervision key of the direct supervision authority, ID Fi Represent financial institutions, K Fi Representing the administrative key of the financial institution. In step 104, if the financial institution has multiple direct authorities, the authority keys of the direct authorities
Figure GDA0004264740300000083
Substituting the function h described in the blockchain transaction to calculate the supervision key K of the financial institution Fi
The following describes the technical solution of the embodiments of the present application in detail, from the dimension of the financial institution constructing blockchain transactions and the regulatory institution decrypting blockchain transactions.
As shown in fig. 2, the highest level authorities initialize their own keys, randomly generate their own keys, and then each high level authority generates a key for its next level authority using a pseudo-random number generation function PRF based on the initialized keys until a direct authority key of the financial institution is generated as the direct authority's key. Next, judging whether the financial institution is commonly supervised by a plurality of supervising institutions; if the financial institution has only one direct supervision institution, the direct supervision institution uses the pseudo random number generation function PRF to generate a supervision key k of the financial institution and distributes the supervision key k to the financial institution; if the financial institution has a plurality of direct supervision institutions, the financial institution randomly generates a supervision key k, and the supervision key k of the financial institution and the supervision keys of the direct supervision institutions form a bystander insoluble function. Next, the financial institution uses the policing key k to generate a key or parameter required by the user privacy protection algorithm. Specifically, when a user privacy protection algorithm needs to generate a random large prime number, a supervision key k is used as a random number seed, the random large integer is generated as a prime number searching starting point, and a prime number meeting the condition is searched by adopting a determined algorithm; when the user privacy protection algorithm needs a symmetric encryption key, the supervision key k is used as a random number seed, and a pseudo random number generation function PRF is adopted to generate the symmetric encryption key. And the financial institution deploys intelligent contracts on the blockchain transaction according to the obtained prime numbers and the symmetric encryption keys to encrypt the blockchain transaction.
As shown in FIG. 3, a user submits a user transaction to a financial institution, which performs compliance checking and then takes privacy preserving control measures to construct a blockchain transaction. In the process of constructing the blockchain transaction, the symmetrical encryption key is used for encrypting the user transaction by adopting a symmetrical encryption algorithm, and if a financial institution is supervised by a plurality of direct supervision institutions, a function h is sampled from a collateral insoluble function family to join the blockchain transaction. The financial institution submits the constructed blockchain transaction to a blockchain node that processes the blockchain transaction according to the intelligent contract. The financial institution may also process blockchain transactions as blockchain nodes.
As shown in fig. 4, in the process of monitoring, a certain monitoring agency acquires blockchain data, and for the case that only one direct monitoring agency exists, the monitoring agency directly calculates and obtains the monitoring key of the financial institution by using the pseudo random number generating function PRF; for the case that the financial institution has a plurality of direct authorities, the authorities substitute the supervision keys of the direct authorities into the function h described in the blockchain transaction, and calculate the supervision keys of the financial institution according to the function h in the blockchain transaction. The supervising authority decrypts the blockchain transaction data and ciphertext in the smart contract account according to the supervising key of the financial institution, thereby enforcing the supervising policy.
The following describes the technical solution of the present application in detail by listing typical examples.
In the following example, the privacy protection algorithm employs a lightweight "Cramer-Shoup" algorithm and an initial IV random AES-CBC algorithm. The lightweight "Cramer-Shoup" algorithm is recorded in the paper "A Simple Public-Key Cryptosystem with aDouble Trapdoor Decryption Mechanism and Its Applications" published by Emmanuel Breson et al, 2003, subcompaction. The digital signature algorithm and digital certificate are required for submitting user transaction, and standard X.509 certificate and ECDSA digital signature algorithm can be adopted. The secure channel between the user and the financial institution is implemented using the secure transport layer protocol (TLS). The blockchain adopts an Ethernet private chain. The blockchain node is comprised of financial institutions. The user effects changes to the assets in the blockchain by submitting user transactions to the registered financial institution. The security parameter k=256 of the bystander insoluble function family (SIFF). The pseudo-random number generation function employs a SHA256 hash function.
Example one
Example one hierarchy of authorities as shown in FIG. 5, financial institution F 1 Is S 1 ={N 1 ,N 2 ,...,N 6 ,N 7 ,N 9 }, wherein the highest level of regulatory authorities is N 1 And N 7 Financial institution F 1 Is { N } 6 ,N 9 }. Set up financial institution F 1 Is U 1 User u 1 ,u 2 ∈U 1
S 1 And then each high-level supervision authority generates a supervision key for the next-level supervision authority by using a pseudo-random number generation function. N (N) 1 And N 7 Randomly selecting own supervision key as each
Figure GDA0004264740300000101
Financial institution F 1 Other regulatory agency keys of (2) are
Figure GDA0004264740300000102
Figure GDA0004264740300000103
Financial institution F 1 There are 2 direct authorities with { N 6 ,N 9 Then the financial institution randomly generates a supervision key +.>
Figure GDA0004264740300000104
Financial institution F 1 Is a supervision key of (a)
Figure GDA0004264740300000105
As a random number seed for the financial institution to further generate the key required by the user privacy protection algorithm,so that all regulatory authorities S 1 Can be managed by a supervision key +.>
Figure GDA0004264740300000106
A key for use by the user privacy protection algorithm is calculated.
In this example, a lightweight "Cramer-Shoup" algorithm is used, so that a random large prime number p and q needs to be calculated. With financial institution F 1 Is a supervision key of (a)
Figure GDA0004264740300000107
And generating random large integers as starting points of prime number searching for random number seeds, and then adopting a determined algorithm to search prime numbers meeting the conditions. Financial institution F 1 Will K F1 As a seed for the random function in the Python random library, a next_prime function generated by substituting a random integer into the Python gym2 library searches for a large prime number p, q such that p=2p '+1, q=2q' +1, where p ', q' are all large prime numbers. Thereafter, n=pq is calculated, a random number ρ is selected, wherein +.>
Figure GDA0004264740300000111
Calculate g= - ρ 2N mod N 2 So that the order of g is λ (N) =2p 'q'. Setting financial institution F 1 Is (lambda (N), N) and the primary public key is (g, N).
The AES-CBC symmetric encryption scheme is employed in this example, and thus the key of the symmetric encryption algorithm needs to be calculated. With financial institution F 1 Is governed by a supervision key K F1 For random number seed, pseudo-random number generation function generation is adopted
Figure GDA0004264740300000112
In addition, financial institution F 1 Deploying the intelligent contract CoinContract to the blockchain to obtain the intelligent contract address Addr F1 . The intelligent contract CoinContract includes the following data structures and functions:
Figure GDA0004264740300000113
wherein balance1 and balance2 store ciphertext amounts under the user account.
The user submits user transaction to the financial institution, the financial institution performs compliance checking, then takes privacy protection control measures, and then generates blockchain transaction, wherein the blockchain transaction comprises the user transaction encrypted by adopting a symmetric encryption algorithm. User u 1 Generating a user transaction, submitting the user transaction to a financial institution F via a secure channel 1 . The user transaction comprises information such as transaction type, amount, receiver and the like, wherein the amount is ciphertext information. Financial institution F 1 And decrypting the user transaction by using a main private key in a lightweight 'Cramer-Shoup' algorithm to perform compliance checking. Then adding an interference transaction, masking address information of a user transaction, generating a blockchain transaction, wherein the blockchain transaction contains ciphertext information of the user transaction or the interference transaction, and encrypting by adopting an initial IV random AES-CBC algorithm.
At financial institution F 1 In constructing blockchain transactions, there are two direct authorities of the financial institution, namely { N } 6 ,N 9 Sampling a function h from the family of paralogous insoluble functions so that the function is in the set
Figure GDA0004264740300000121
The mapping value on is +.>
Figure GDA0004264740300000122
Financial institution F 1 The description of the function h is included in the blockchain transaction. Wherein the process of sampling a function h from the family of bystander insoluble functions is as follows:
financial institution F 1 Calculation of
Figure GDA0004264740300000123
Figure GDA0004264740300000124
Selecting a large prime number p of 512 bits s 2 random numbers u of 256 bits are selected 1 And u 2 In the domain F (p s ) The following system of equations is solved:
Figure GDA0004264740300000125
obtaining a sampled h-function (a 0 ,a 1 )。
For financial institution F 1 Intelligent contracts submitted to transactions and financial institution deployments in blockchain with a regulatory organization of { N 6 ,N 9 }. Let us assume that regulatory agency N 6 For representative, regulatory agency N 6 Calculation of
Figure GDA0004264740300000126
And substitutes it into the function h described in blockchain transaction, calculates the supervision key +.>
Figure GDA0004264740300000127
Then according to step 3, calculating large prime numbers p and q to obtain financial institution F 1 Is used for the primary private key (lambda (N), N) and for calculating the symmetric encryption key +.>
Figure GDA0004264740300000128
Therefore, the content of the blockchain transaction and the content of the ciphertext in the intelligent contract can be decrypted, and the supervision strategy can be implemented.
Example two
The hierarchy of the regulatory bodies in example two is shown in FIG. 6, financial institution F 2 Is S 2 ={N 1 ,N 3 }, wherein the highest level of regulatory authorities is N 1 Financial institution F 2 Is { N } 3 }。
Example two differs from example one in that the financial institution F 2 With only one direct supervision, financial institution F 2 The supervision key is composed of a direct supervision authority N 3 And (5) distribution. N (N) 3 Calculation of
Figure GDA0004264740300000129
And distributed to financial institutions F 2 . In addition, in constructing blockchain transactions, a financial machineThe function h sampled in the family of paralytic functions is not included in the blockchain transaction. Upon decrypting a blockchain transaction, regulatory agency N 3 Direct computing financial institution F 2 Is->
Figure GDA00042647403000001210
Obtain financial institution F 2 Large primes p, q and symmetric encryption key sk.
It should be noted that, depending on the privacy protection algorithm adopted by the financial institution, the encryption key and the random parameter generated by the financial institution are different, and may need different decryption keys. For example, the financial institution employs an identity-based homomorphic encryption algorithm, and the administrative key of the financial institution may be used to generate the random matrix, so that the financial institution may calculate the decryption key from the administrative key of the financial institution via the master private key generated by the trapdoor generation algorithm. Thus, the present application is not limited to the privacy preserving method employed by the financial institution, but merely requires that the financial institution can recover its decryption key by the regulatory agency when implementing various privacy preserving measures.
Aiming at the problems that the multi-party multiple supervision requirement cannot be met and the technical scheme based on the zero knowledge proof only supports the post supervision in the prior art, the embodiment of the application adopts the bystander insoluble function SIFF key distribution method, ensures that the financial institution is supervised by a supervision institution under a hierarchical structure, allows the financial institution to adopt a privacy protection algorithm to protect the privacy of a user, and can enable the supervision institution to supervise the transaction of the user by setting the supervision key of the financial institution as a random number seed when the privacy protection algorithm generates the private key.
Fig. 7 is a block chain transaction based architecture diagram of a multi-supervisory system according to an embodiment of the present application. As shown in FIG. 7, in one embodiment a blockchain transaction-based multi-custody system is provided, including a financial institution F 1 And a plurality of regulatory authorities N 1 、N 2 、N 3 、N 4 、N 5 、N 6 、N 7 、N 8 、N 9 Wherein N is 1 、N 7 Is the highest level of supervisionPipe mechanism N 6 、N 9 For financial institutions F 1 Is a direct regulatory agency of (c). Financial institution F 1 As a blockchain node, according to financial institution F 1 The user transaction is encrypted with the administrative key of (a) to construct a blockchain transaction. Any one of the plurality of authorities can acquire the supervision key of the next level of authorities step by step until the supervision key of the direct supervision authority is acquired; obtaining the supervision key of the financial institution according to the supervision key calculation of the direct supervision institution; and calculating a key of the blockchain transaction according to the supervision key of the financial institution, and decrypting the blockchain transaction through the key to supervise the blockchain transaction.
In one embodiment, at financial institution F 1 Prior to constructing a blockchain transaction, highest authority N 1 And N 7 And generating a self supervision key, and generating the supervision key of the next supervision organization according to the self supervision key by utilizing the pseudo-random number generation function. In the case where the financial institution has only one direct authority, the direct authority generates the financial institution's supervision key from the direct authority's supervision key. In FIG. 7, financial institution F 1 There are two direct authorities N 6 、N 9 Financial institution F 1 And randomly generating own supervision keys, wherein the supervision keys of the financial institutions and the supervision keys of the direct supervision institutions form a bystander insoluble function family.
In one embodiment, the financial institution generates a random large integer using a supervision key of the financial institution as a random number seed, determines a prime number using the random large integer as a starting point of prime number search, and calculates parameters required for the blockchain transaction using the prime number; and taking the supervision key of the financial institution as a random number seed, generating a key required by the blockchain transaction by adopting a pseudo-random number generation function, and encrypting the user transaction according to the calculated parameter or key.
In one embodiment, any of the plurality of authorities may generate a random large integer from the supervision key of the financial institution as a random number seed, determine a prime number from the random large integer as a starting point for prime number search, and calculate a key for the blockchain transaction from the determined prime number.
The details of the blockchain transaction-based multi-custody system of the present embodiment may be understood with reference to the blockchain transaction-based multi-custody method described in example one above. The blockchain transaction-based multi-supervision system of the present embodiment has the same advantages as the blockchain transaction-based multi-supervision method described above with respect to the prior art.
The embodiment of the application also provides a computer readable storage medium, wherein the computer readable storage medium stores computer instructions, and when the computer instructions run on a computer, the computer is caused to execute the technical scheme of the multi-supervision method based on blockchain transaction in the embodiment. Computer-readable storage media include both non-transitory and non-transitory, removable and non-removable media, and information storage may be implemented by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device.
The embodiment of the application also provides a computer program product, which comprises a computer program stored in a computer readable storage medium, wherein at least one processor can read the computer program from the computer readable storage medium, and the technical scheme of the multi-supervision method based on blockchain transaction in the embodiment can be realized when the at least one processor executes the computer program.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing is merely exemplary of the present application and is not intended to limit the present application. Various modifications and changes may be made to the present application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc. which are within the spirit and principles of the present application are intended to be included within the scope of the claims of the present application.

Claims (12)

1. A blockchain transaction-based multi-policing method, comprising:
the financial institution serving as the blockchain node encrypts the user transaction according to the supervision key of the financial institution to construct a blockchain transaction;
any one of the plurality of authorities acquires the supervision key of the next level of authorities step by step until the supervision key of the direct supervision authority of the financial institution is acquired, and the supervision key of the financial institution is obtained according to the supervision key calculation of the direct supervision authority; at least one highest authority and at least one direct authority of the plurality of authorities;
any supervision organization calculates a key of the blockchain transaction according to the supervision key of the financial institution, decrypts the blockchain transaction through the key so as to supervise the blockchain transaction;
wherein the constructing a blockchain transaction includes: if the financial institution has multiple direct authorities, when the financial institution constructs the blockchain transaction, the description of the function h is included in the blockchain transaction, the function h is sampled from a collateral insoluble function family consisting of the supervision key of the financial institution and the supervision key of the direct authority, and the function h is collected
Figure FDA0004264740290000011
The mapping value on is K Fi Wherein PRF represents a pseudo random number generating function, F i Representing a financial institution, N j1 、N jk Representing a direct regulatory agency, +.>
Figure FDA0004264740290000012
Representing the supervision key of the direct supervision authority, ID Fi Represent financial institutions, K Fi Representing the administrative key of the financial institution.
2. The blockchain transaction-based multi-custody method of claim 1, wherein prior to the financial institution constructing the blockchain transaction, the method further comprises:
generating a supervision key of the highest supervision institution, and generating a supervision key of the next-level supervision institution according to the supervision key of the highest supervision institution;
a supervision key for the financial institution is generated.
3. The blockchain transaction-based multi-custody method of claim 2, wherein the generating custody keys of a financial institution includes:
generating a supervision key of the financial institution according to the supervision key of the direct supervision institution when the financial institution has only one direct supervision institution;
in the case of a financial institution having a plurality of direct authorities, the authority keys of the financial institution are randomly generated, and the authority keys of the financial institution and the authority keys of the direct authorities constitute a bystander insoluble function family.
4. The blockchain transaction-based multi-policing method of claim 3, wherein the financial institution acting as a blockchain node encrypts the user transaction according to a policing key of the financial institution, comprising:
the financial institution generates parameters or keys required for blockchain transaction privacy protection according to the supervision key of the financial institution;
encrypting the user transaction according to the parameter or the key.
5. The blockchain transaction-based multi-administration method of claim 4, wherein the financial institution generates parameters or keys required for blockchain transaction privacy protection from an administration key of the financial institution, comprising:
generating a random large integer by taking a supervision key of a financial institution as a random number seed, determining prime numbers by taking the random large integer as a prime number searching starting point, and calculating parameters required by blockchain transaction by utilizing the prime numbers;
and taking the supervision key of the financial institution as a random number seed, and adopting a pseudo-random number generation function to generate a key required for protecting the privacy of the blockchain transaction.
6. The blockchain transaction-based multi-custody method of claim 3, wherein the calculating the custody key of the financial institution from the custody key of the direct custody institution includes:
if the financial institution has a plurality of direct supervision institutions, the supervision keys of the direct supervision institutions are substituted into the function h described in the blockchain transaction, and the supervision keys of the financial institution are obtained through calculation.
7. The blockchain transaction-based multi-administration method of claim 5, wherein any administration calculates a blockchain transaction key from an administration key of a financial institution, comprising:
the supervision key of the financial institution is used as a random number seed to generate a random large integer, the random large integer is used as a starting point of prime number searching to determine prime numbers, and the key of the blockchain transaction is obtained through calculation according to the prime numbers.
8. A blockchain transaction based multiple supervision system, comprising:
the financial institution is used as a blockchain node and used for encrypting the user transaction according to the supervision key of the financial institution to construct a blockchain transaction; and
a plurality of regulatory authorities;
at least one highest authority and at least one direct authority of the plurality of authorities;
any of a plurality of regulatory authorities are used to:
acquiring the supervision key of the next-stage supervision mechanism step by step until the supervision key of the direct supervision mechanism is acquired;
obtaining the supervision key of the financial institution according to the supervision key calculation of the direct supervision institution;
obtaining a key of the blockchain transaction according to the supervision key calculation of the financial institution, decrypting the blockchain transaction through the key so as to supervise the blockchain transaction;
wherein, if the financial institution has a plurality of direct authorities, when the financial institution constructs the blockchain transaction, the description of the function h is included in the blockchain transaction, the function h is sampled from a collateral insoluble function family formed by the supervision key of the financial institution and the supervision key of the direct authorities, and the function h is collected
Figure FDA0004264740290000031
The mapping value on is K Fi Wherein PRF represents a pseudo random number generating function, F i Representing a financial institution, N j1 、N jk Representing a direct regulatory agency, +.>
Figure FDA0004264740290000032
Representing the supervision key of the direct supervision authority, ID Fi Represent financial institutions, K Fi Representing the administrative key of the financial institution.
9. The blockchain transaction-based multi-custody system of claim 8, wherein prior to the financial institution constructing the blockchain transaction:
the highest supervision agency generates a supervision key of the highest supervision agency, and a pseudo-random number generation function is utilized to generate a supervision key of the next supervision agency according to the supervision key of the highest supervision agency;
in the case where the financial institution has only one direct regulatory agency, the direct regulatory agency generates a regulatory key of the financial institution according to the regulatory key of the direct regulatory agency;
in the case of a financial institution having a plurality of direct authorities, the financial institution randomly generates the authority keys for the financial institution, and the authority keys for the financial institution and the direct authorities constitute a family of bystander insoluble functions.
10. The blockchain transaction-based multi-custody system of claim 9, wherein the encrypting the user transaction according to the custody key of the financial institution includes:
the financial institution generates a random large integer by taking a supervision key of the financial institution as a random number seed, determines prime numbers by taking the random large integer as a prime number searching starting point, and calculates parameters required by block chain transaction privacy protection by utilizing the prime numbers;
taking a supervision key of a financial institution as a random number seed, and adopting a pseudo-random number generation function to generate a key required by blockchain transaction privacy protection;
encrypting the user transaction according to the parameter or the key.
11. The blockchain transaction-based multi-policing system of claim 10, wherein any of the plurality of policing authorities generates a random large integer from a policing key of the financial institution as a random number seed, determines a prime number from which to calculate a key for the blockchain transaction using the random large integer as a starting point for prime number search.
12. A computer readable storage medium having stored therein computer instructions which when executed by a processor are for implementing a blockchain transaction based multi-custody method as in any of claims 1 to 7.
CN202211177023.0A 2022-09-26 2022-09-26 Multi-supervision method, system and storage medium based on blockchain transaction Active CN115550026B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211177023.0A CN115550026B (en) 2022-09-26 2022-09-26 Multi-supervision method, system and storage medium based on blockchain transaction

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211177023.0A CN115550026B (en) 2022-09-26 2022-09-26 Multi-supervision method, system and storage medium based on blockchain transaction

Publications (2)

Publication Number Publication Date
CN115550026A CN115550026A (en) 2022-12-30
CN115550026B true CN115550026B (en) 2023-07-04

Family

ID=84730147

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211177023.0A Active CN115550026B (en) 2022-09-26 2022-09-26 Multi-supervision method, system and storage medium based on blockchain transaction

Country Status (1)

Country Link
CN (1) CN115550026B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021011282A1 (en) * 2019-07-12 2021-01-21 Mord Benjamin Allan Custodial integrity for virtual digital assets and related technologies

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106777923A (en) * 2016-11-30 2017-05-31 谭小刚 Information for hospital supervising platform and monitoring and managing method
CN110365475B (en) * 2019-06-21 2021-12-10 深圳壹账通智能科技有限公司 Block chain two-stage supervision method, device, equipment and storage medium
AU2020341824A1 (en) * 2019-09-06 2022-03-24 Bosonic, Inc. System and method of providing a blockchain-based recordation process
CN112751675B (en) * 2019-10-30 2022-09-02 深圳市迅雷网络技术有限公司 Information monitoring method, system, equipment and storage medium based on block chain
CN111327597B (en) * 2020-01-21 2022-02-11 暨南大学 Digital evidence obtaining method based on block chain privacy protection and fine-grained access control
CN111461712B (en) * 2020-03-17 2023-08-22 江苏华能智慧能源供应链科技有限公司 Transaction privacy protection and hierarchical supervision in blockchain supply chain financial scenarios
CN112132577B (en) * 2020-09-16 2021-10-08 建信金融科技有限责任公司 Multi-supervision transaction processing method and device based on block chain
CN112507363A (en) * 2020-12-15 2021-03-16 平安科技(深圳)有限公司 Data supervision method, device and equipment based on block chain and storage medium

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021011282A1 (en) * 2019-07-12 2021-01-21 Mord Benjamin Allan Custodial integrity for virtual digital assets and related technologies

Also Published As

Publication number Publication date
CN115550026A (en) 2022-12-30

Similar Documents

Publication Publication Date Title
JP5562687B2 (en) Securing communications sent by a first user to a second user
Yang et al. Secure data access control with fair accountability in smart grid data sharing: An edge blockchain approach
Alowolodu et al. Elliptic curve cryptography for securing cloud computing applications
JP6363032B2 (en) Key change direction control system and key change direction control method
CN105027180A (en) Secure-computation system, computing device, secure-computation method, and program
US20210099290A1 (en) Ciphertext based quorum cryptosystem
Kroll et al. Secure protocols for accountable warrant execution
TWI597960B (en) Key splitting
CN112737764A (en) Lightweight multi-user multi-data all-homomorphic data encryption packaging method
CN116668072A (en) Data security sharing method and system based on multi-authority attribute base encryption
CN114650137A (en) Decryption outsourcing method and system supporting strategy hiding based on block chain
CN115001730A (en) Role attribute-based access control system and method in distributed scene
Hoang et al. A multi-server oblivious dynamic searchable encryption framework
Anwarbasha et al. An efficient and secure protocol for checking remote data integrity in multi-cloud environment
CN115550026B (en) Multi-supervision method, system and storage medium based on blockchain transaction
CN116248289A (en) Industrial Internet identification analysis access control method based on ciphertext attribute encryption
Arkin et al. Ciphertext-Policy Attribute Based Encryption with Selectively-Hidden Access Policy.
Su et al. Online/offline attribute-based encryption with keyword search against keyword guessing attack
Tan et al. Distributed secret sharing scheme based on personalized spherical coordinates space
Tang et al. PRV 2 chain: storage of tree-structured provenance records in blockchain with linkage privacy
Zhang et al. Threshold broadcast encryption with keyword search
GB2573309A (en) Ciphertext based quorum cryptosystem
CN113193966B (en) Service data management method and device
Lerman et al. Key Management as a Service.
Li et al. Role and time-based access control with efficient revocation for cloud storage

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant