CN103248478A - Multi-party security agreement based sealed electric auction scheme and verification method - Google Patents

Multi-party security agreement based sealed electric auction scheme and verification method Download PDF

Info

Publication number
CN103248478A
CN103248478A CN2013101676375A CN201310167637A CN103248478A CN 103248478 A CN103248478 A CN 103248478A CN 2013101676375 A CN2013101676375 A CN 2013101676375A CN 201310167637 A CN201310167637 A CN 201310167637A CN 103248478 A CN103248478 A CN 103248478A
Authority
CN
China
Prior art keywords
bidder
auction
price
center
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN2013101676375A
Other languages
Chinese (zh)
Inventor
李晓红
李笑如
许光全
孙达志
张程伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianjin University
Original Assignee
Tianjin University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianjin University filed Critical Tianjin University
Priority to CN2013101676375A priority Critical patent/CN103248478A/en
Publication of CN103248478A publication Critical patent/CN103248478A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明涉及多方安全计算、通信安全、电子商务领域,为提供可公开验证的密封式电子拍卖方案,方案满足交易要求的性质,满足交易的安全性和公平性要求,降低交易的复杂性,保证通信安全,为此,本发明采用的技术方案是,基于多方安全协议的密封式电子拍卖方案与验证方法,包括下列步骤:1)拍卖行建立密钥系统;2)标价加密及解密:a)竞拍者Bi用公钥pki-Bi对标价进行加密;b)拍卖中心进行解密过程;3)竞拍者数字签名及验证竞拍者使用的数字签名方案是椭圆曲线签名体制;4)竞拍者进行标价验证本发明主要应用于拍卖通信领域。

Figure 201310167637

The present invention relates to the fields of multi-party secure computing, communication security, and e-commerce. In order to provide a publicly verifiable sealed electronic auction scheme, the scheme meets the nature of the transaction requirements, meets the security and fairness requirements of the transaction, reduces the complexity of the transaction, and ensures Communication security, for this reason, the technical scheme that the present invention adopts is, the sealed type electronic auction scheme and verification method based on the multi-party security protocol, comprising the following steps: 1) the auction house establishes a key system; 2) price encryption and decryption: a) The bidder B i encrypts the price with the public key pk i -B i ; b) The auction center performs the decryption process; 3) The digital signature scheme used by the bidder and the verification bidder is the elliptic curve signature system; 4) The bidder Carrying out price verification The present invention is mainly applied to the field of auction communication.

Figure 201310167637

Description

Sealed electronic auction scheme and verification method based on security protocol in many ways
Technical field
The present invention relates to safe calculating, communication security, e-commerce field in many ways, specifically, relate to sealed electronic auction scheme and verification method based on security protocol in many ways.
Technical background
Electronic auction is an important application of ecommerce, be one by the special spot exchange mode of auction colony's price determination and assigning process.Perfect along with development of internet technology and secrecy system, auction trade turns to based on network electronic pattern from traditional mode gradually.Electronic auction system mainly contains the advantage of two aspects: the one, and well-designed electronic auction agreement can realize the optimum allocation of resource, reach the reasonable resources utilization, the economics characteristics of this characteristics source auction, also it is subjected to the main cause that a large amount of scholars pay close attention to just; The 2nd, electronic auction system can need not the auction scene just can participate in competitive bidding, thereby saves lot of manpower and material resources, minimizes transaction cost, and these characteristics derive from the power that its network system provides.Electronic auction relates to multiple network and information security technology, and these technology not only can be used for electronic auction, also can be used for other e-commerce and e-government, so the security study of electronic auction is also significant to the research of network and information security.
The electronic auction agreement generally is made up of auction participant (bidder, the seller and auction room), arbitration organ and auction protocol.Auction protocol refers to the protocol rule that everybody must observe in auction process, the generation rule of for example employing of auction technique, victor and triumph price, and simultaneously, the electronic auction agreement also is the special case that a kind of pragmatize of security protocol in many ways needs.Arbitration organ be responsible for to solve between the bidder, between bidder and the seller and between they and the auction room because the dispute that a variety of causes produces.The general right and wrong electronization of arbitration organ in electronic auction, it is dependable third party, only after dispute took place, arbitration organ just got involved.In general, the auction main body is made of bidder, auction server, registration center and the seller, as shown in Figure 1.
Traditional single article auction technique mainly contains four kinds: (1) English auction (auction of price increases formula), auction room provides the lowest price of all auction goods earlier, marked price during each the bid is all than the marked price height of last time, and instructing at last, the someone has gone out till the highest price; (2) Dutch Auction (auction of price degression type), auction room provides a marked price earlier, and price is along with time fluctuation is floated downward, up to there being the bidder to be ready to bid; (3) sealed type auction marks after the auction beginning Packed mode is sent, and declares the closing of up to the seller, opens bidding documents, and marked price the soprano win; (4) auction of sealed type divalence is also named in Vikrey auction, and different with the sealed type auction is that concluded price is the second high bidder's price.On the basis in Vikrey auction, during the same article of M unit of auction, if M the person's of outbiding acceptance of the bid, each winning bidder buys a unit, and is unified according to highest price position (M+1) the price payment that goes out among the unsuccessful tenderer, then is that M+1 auctions.Economist Vikrey has proved second price principle support commodity allocation optimization, and has reduced the possibility that the bidder gangs up, and therefore obtains Nobel economics prize in 1996.People such as Wumam have proved that (M+1) valency auction equally satisfies the excitation competition mechanism with the Vikrey auction, and namely bidder's optimal policy is ready the true valency that for it.The present invention is opened bid by auction center, goes for multiple article auction technique.
So-called agreement is exactly that two or more participant finishes the series of steps that a certain specific task is taked.Security protocol is the message exchange protocol based on cryptography, and its objective is provides various security services in network environment.In many ways security protocol is the foundation for security of many distributed systems, and the safe operation of guaranteeing these agreements is very important.In many ways adopted multiple different cryptographic system in the security protocol, its hierarchical structure as shown in Figure 2.Therefrom as can be seen, these agreements are built on the multiple security means, often relate to the agreement on many bases such as secret is shared, encryption, signature, promise, zero-knowledge proof.
The electronic auction agreement of a safety must have the mechanism of fair competition, and in order to prevent manipulations such as bidder and auction room or the seller conspire, the privacy that makes the bidder is in auction process and can access secretly after the auction, must carry out anonymity bid.A sealed electronic auction protocol should satisfy following requirement: (1) fairness, refer to that all bidder status are the same, and there is not a side than its other party more advantageous conditions to be arranged; (2) non-repudiation, the bidder can not deny its bid after submitting a tender; (3) unforgeable, bidder's bid can not be forged; (4) verifiability can openly prove the legitimacy that the winning bidder marks the price: (5) marked price confidentiality, and bidder's marked price must be maintained secrecy; (6) bidder's anonymity, bid participant's identity (comprising winning bidder's identity and unsuccessful tenderer's identity) must be maintained secrecy.Existing electronic auction agreement all needs the participation of auction room basically, exist auction room and bidder scheme like this and close the threat of obtaining interests, the fail safe of the auction system that has reduced, and some auction protocol that do not rely on auction room calculation of complex often, practicality is not strong.
Summary of the invention
For overcoming the deficiencies in the prior art, the present invention aims to provide the sealed electronic auction scheme that can openly verify, scheme satisfies the character of transaction-based requirements, satisfy fail safe and the fairness requirement of transaction, reduce the complexity of transaction, ensure communication safety, for this reason, the technical solution used in the present invention is, based on sealed electronic auction scheme and the verification method of security protocol in many ways, comprises the following steps:
1) auction room sets up cipher key system
Auction room according to elliptic curve cryptosystem choose elliptic curve E (a, b) and E (a, b) the some p (x who has Prime Orders n on p, y p) as the essential information of encryption system, wherein, x pAnd y pThe coordinate anyhow of difference representative point p; And between interval [1, n-1], select a random integers d iAs bidder B iPrivate key, i ∈ [1, n], the sequence number that takes part in auction of expression bidder, B iPKI be pk i-B i=d iP announces bidder's PKI;
2) marked price is encrypted and deciphering
A) bidder B iUse PKI pk i-B iMarked price is encrypted
Bidder B iAt first with oneself original marked price M iBe expressed as a field element m i∈ GF (p) selects a random integers k then between [1, n-1] i, calculation level (x 1, y 1)=k iP and point (x 2, y 2)=k iQ, Q=pk i-B iIf, x 2Reselect random integers k for=0, calculate c=m ix 2, at last with data (x 1, y 1, c) send to auction center, as the marked price data encrypted;
B) auction center is decrypted process and receives bidder B when auction center iMarked price ciphertext (x 1, y 2, c) after, auction center should at first use bidder B iPrivate key d iCalculation level (x 2, y 2)=d i(x 1, y 1), then by calculating m i=cx 2 -1Recover bidder B iOriginal marked price m i
3) bidder's digital signature and checking
The digital signature scheme that the bidder uses is the ellipse curve signature system;
4) bidder's checking of marking the price
The open checking of marking the price to the bidder based on " millionaire " protocol scheme of Parisa Kaghazgaran and Babak Sadeghyan proposition in the auction center, the concrete marked price proof procedure that auction room carries out is as follows:
A) the bidder B of auction center iPKI be pk-B iRespectively to marked price m 1And m 2Be encrypted, Be expressed as and use PKI pk-B iThe encryption function of encrypting obtains encrypted result and is
Figure BDA00003159404800032
B) auction center chooses a random integers R and uses bidder B iPKI for this integer is encrypted, the encrypted result that obtains is E pk - B i ( R ) ;
C) train value down calculates in auction center, and computation purpose is in order to prevent bidder B iLearn marked price m 1And m 2Actual value.
D) auction center is to bidder B iSend E pk - B i ( m 1 + R ) With E pk - B i ( m 2 + R ) ;
E)
Figure BDA00003159404800038
Expression private key d iThe decryption function that is decrypted, bidder B iUse private key d iThe data deciphering that auction center is sent obtains
D d i ( E pk - B i ( m 1 + R ) ) = m 1 + R , D d i ( E pk - B i ( m 2 + R ) ) = m 2 + R ;
Because R is identical random number, just can simply obtain the size of x and y.
5) detailed process of electronic auction scheme:
A) preparatory stage
Auction room's public address system parameter, the elliptic curve of selecting for use is E, basic point is p, the seller registers to auction room, after being verified as validated user, the access authentication identity, the auctioner announces the auction items information that takes part in auction and has issued marked price at BBS2 and is m then, the bidder who participates in registers to auction room, and the legal bidder of auction behavior provides an interim competitive bidding identity B i
Auction room is to bidder B iSend B iParticipate in the PKI pk-B of auction iWith private key d i, undocumented private key d wherein iBe the random integers between [1, n-1], PKI pk i=d i* p, and at BBS1 announcement bidder B iPKI pk i, be used for the mutual certifying signature of bidder and marked price encryption;
B) bidding period
Bidding period is mainly used ECDSA signature system and elliptic curve cryptography system, based on millionaire's agreement, verifies the size of encrypting marked price at the marked price Qualify Phase to the bidder;
If the bidder is B iArticle M there is auction interest, then sends the encryption marked price information signature (r of oneself i, s i) to auction center and announcement, after authentication is passed through, be encrypted the announcement of marked price by auction center, owing to announce among the announcement board BBS1 that bidder B is arranged iPKI, then all participants can be to B iCarry out authentication;
C) the opening of bid stage
When reaching End of Auction during the moment, auction center is decrypted the marked price after encrypting among the announcement board BBS1, obtain all bidders' original marked price, choosing preceding M higher bidder of auction valency is the winning bidder, the marked price of choosing M+1 bidder's transmission is the acceptance of the bid marked price, in announcement board BBS2, announce winning bidder's information and marked price, winning bidder B xWith the private key d of oneself xSend to the x ∈ of auction center [1, n], the sequence number that the expression winning bidder takes part in auction, checking winning bidder identity;
D) open checking marked price
If the suitor is B jDoubt j ∈ [1, n] to oneself not getting the bid, the sequence number that the expression bidder takes part in auction can propose marked price checking application to auction center, utilizes target fairness in " millionaire " protocol verification.B jSelect two to encrypt competitive bidding valency (B at random jExcept), the B of auction center jPKI pk-B jOriginal competitive bidding valency is encrypted, and auction center carries out the encryption with random number chosen of random number according to agreement then, at last the information that obtains is sent to B j, B jJust can compare the size of marked price.
The digital signature scheme that the bidder uses is the ellipse curve signature system, is specially:
A) bidder generates eap-message digest
The Auction ID of supposing the bidder is B i, i ∈ [1, n], the sequence number that the expression bidder takes part in auction, the marked price ciphertext is E i(x 1, y 1, c), encrypted by auction second stage marked price, calculate its hashed value e=H(E with the SHA-1 hash function i(x 1, y 1, c) || B i), H is the Hash hash function, then e is bidder's eap-message digest;
B) bidder carries out digital signature
The bidder uses private key d iCalculate the point (x of elliptic curve i, y i)=d iP, elliptic curve are E, and basic point is p, changes x then iBe decimal integer
Figure BDA00003159404800041
If If r=0, then private key d is redistributed in prompting i, then the bidder calculates s=k i -1(e+d iR) modn is if s=0 then forwards calculating (x to i, y i)=d iP; Last bidder B iThe signature that obtains be integer (r, s);
C) checking of bidder's digital signature
Suppose bidder B iThe digital signature of announcing be (r ', s '), the marked price data after the encryption that auction center receives are E i'.SHA-1 hashed value e'=H (E at first calculates according to bidder ID in auction center i' || B i), if the digital signature parameter r ' that announces, s ' is not in interval [1, n-1], then refusal is signed; Otherwise calculating c=(s'] -1Modn, u 1=e'cmodn and u 2=r'cmodn, (x i, y i)=u 1P+u 2If Q is (x i, y i) be infinite point, then the refusal signature is changed x at last iBe decimal integer
Figure BDA00003159404800043
If r '=v then bidder B iSignature be real, if r ' ≠ v then bidder B iMessage may be distorted or used incorrect signature, perhaps sign from assailant's forgery, the signature be considered to invalid.
The present invention possesses following technique effect:
The present invention is purpose with the various character that satisfy electronic auction, has proposed the sealed type auction scheme that can openly verify.In the hope of the environment of a comparatively fair safety can be provided for the electronic auction industry, strengthen bidder and auctioneer to the trust of electronic auction, convenient user's auction behavior.The beneficial effect of expection comprises:
1) satisfies the requirement of sealed electronic auction protocol.The electronic auction agreement of safety need satisfy fairness, non-repudiation, requirements such as unforgeable, verifiability, marked price confidentiality.The present invention requires the bidder to provide digital signature to carry out authentication when participating in auction and confirming the winning bidder by using the ECDSA Digital Signature Algorithm, has satisfied non-repudiation and unforgeable.Agreement is carried out elliptic curve cryptography in the bidding period to marked price, and use the solution of millionaire's problem in the sort algorithm in many ways, the encryption marked price that can send all bidders under the situation of not revealing marked price is sorted, preceding M+1 position is auction triumph side, has satisfied fairness and marked price confidentiality.
2) satisfy the lower requirement of computation complexity and communication complexity.Suppose that all auctioneers are honest, need carry out 2n subelliptic curve in the auction stage asks multiplication more doubly to finish the vectorial encryption of marking the price, need also need to carry out 2n subelliptic curve in the opening of bid stage asks multiplication more doubly to finish to encrypting the deciphering of marked price vector, so the computation complexity of agreement optimum is Ο (n).Agreement signature verification, auction stage and opening of bid stage all only need one to take turns and communicate by letter, so the communication complexity of agreement is Ο (3).
3) realized preventing the requirement that bidder and auction room or the seller conspire.The invention scheme has the character of open checking, and namely the bidder can openly verify the size that the bidder marks the price mutually behind opening of bid, has avoided auction room and bidder to conspire.
4) satisfy the user can be not online requirement simultaneously.This invention is after the bidder sends to auction room with oneself encryption marked price, draws winning bidder's price and winning bidder's signing messages by auction room's unified calculation, announces acceptance of the bid information at announcement board then.Can carry out open checking if the bidder has a question, whole process does not need the bidder simultaneously online.
Description of drawings
Accompanying drawing 1: auction illustraton of model.
Accompanying drawing 2: security protocol hierarchical chart in many ways.
Accompanying drawing 3: electronic auction scheme illustraton of model.
Accompanying drawing 4: auction scheme activity diagram.
Embodiment
The present invention is directed to the deficiencies in the prior art, by studying security protocol in many ways, utilize relatively agreement of ellipse curve signature physique (ECDSA), elliptic curve cryptosystem and enciphered data, designed a kind of sealed electronic auction protocol scheme safe, that can openly verify.Auction center has served as the function of registration center simultaneously in this scheme, but because agreement has the openly property verified, has limited the right of auction center, has prevented manipulations such as auction center and bidder or the seller conspire.This scheme had both satisfied the actual needs of electronic auction, also well ensured the desired security feature of electronic auction, and can under the situation of not revealing winning bidder and middle marked price, be relatively easy to the bid result is verified, compare with other schemes, less calculating and communication cost are arranged.
As can be known described by preamble, existing electronic auction agreement is difficult to satisfy the requirement of many real trades.Trace it to its cause is that this requires the participation of trusted third party on the one hand, has also increased the agreement complexity of calculation on the other hand because fail safe and the fairness of transaction can not well satisfy.The present invention by utilizing basic agreement, proposes a kind of sealed electronic auction scheme that can openly verify to be calculated as the basis safely in many ways, and scheme satisfies the character of asking of concluding the business and wanting, and reduces the complexity of concluding the business.Main contents comprise:
1) because some auctions need marked price to maintain secrecy, can not announce the actual value of marked price.When auctioning; auction center provides a key that participates in auction right for the bidder; the present invention utilizes bidder's PKI that elliptic curve cryptosystem is carried out in marked price and encrypts; elliptic curve cryptosystem is one of three class public key cryptography physique safely and effectively; can protect bidder's marked price efficiently, realize the confidentiality of marked price.
2) utilize ellipse curve signature physique (ECDSA) that the bidder is carried out authentication.The bidder utilizes the marked price information of private key digital signature oneself, and the signing messages with oneself before carrying out auction is published among the announcement board BBS1, carries out the checking of identity.Prevent that the bidder from denying or forging auction information after opening of bid.
3) existing auction protocol often has characteristics such as computational complexity.Digital signature of the present invention and marked price are all used based on elliptic curve cryptosystem in the encryption stage, and this system is celebrated with efficient, can exchange fail safe with the RSA equality strength for the bit of much less, have reduced the complexity of calculation of agreement.Invention utilizes the isomorphism of elliptic curve cryptosystem when openly verifying, obtain the result who needs with smaller calculation.
4) the existing auction protocol that has an auction room mostly exists the threat that auction room and bidder's scheme are closed.The present invention utilizes the isomorphism of elliptic curve cryptosystem to use relatively agreement of enciphered data, makes the bidder can carry out the open price checking after auction, reduces the danger that auction room and bidder scheme is closed.
The present invention passes through analysis of classical key technology and the system model of security protocol in many ways, binding site with reality is proposed, then with the security requirement of satisfying electronic auction system for setting out substantially, be cutting point with high efficiency and practicality, propose the sealed electronic auction scheme that openly to verify.When the user participated in electronic auction, this programme had been protected bidder's information security on the one hand, and the secret fairness that reaches between the bidder of marked price has also reduced the complexity in the computational process on the other hand.Scheme at first requires the bidder that marked price is encrypted, and uses the ECDSA Digital Signature Algorithm to carry out authentication then, has satisfied requirements such as fail safe, non-repudiation, marked price confidentiality.Announce winning bidder's signature by auction room's deciphering at last, the winning bidder need send to auction room's identity verification to the encrypted random number of oneself, has satisfied fairness, unforgeable.Specifically be described below:
1) auction room sets up cipher key system
Auction room according to elliptic curve cryptosystem choose elliptic curve E (a, b) and E (a, b) the some p (x who has Prime Orders n on p, y p) as the essential information of encryption system, x pAnd y pThe coordinate anyhow of difference representative point P.And between interval [1, n-1], select a random integers d iAs bidder B iPrivate key (i ∈ [1, n], the sequence number that takes part in auction of expression bidder), B then iPKI be pk-B i=d iP announces bidder's PKI.
2) marked price is encrypted and deciphering
A) bidder B iUse PKI pk-B iMarked price is encrypted
Bidder B iAt first with original marked price M iBe expressed as a field element m i∈ GF (P) selects a random integers k then between [1, n-1] i, calculation level (x q, y 1)=k iP and point (x 2, y 2)=k iQ(Q=pk-B i), if x 2Reselect random integers k for=0, calculate c=mx 2, at last with data (x 1, y 1, c) send to auction center, as the marked price data encrypted.
B) auction center is decrypted process
When bidder B receives in auction center iMarked price ciphertext (x 1, y 1, c) after, auction center should at first use bidder B iPrivate key d iCalculation level (x 2, y 2)=d i(x 1, y 1), then by calculating m=cx 2 -1Recover bidder B iOriginal marked price m i
3) bidder's digital signature and checking
The digital signature scheme that the bidder uses is the ellipse curve signature system, and the benefit of doing like this is can use same key right in digital signature and marked price encryption stage.
A) bidder generates eap-message digest
The Auction ID of supposing the bidder is B i, the marked price ciphertext is E i(x 1, y 1, c), calculate its hashed value e=H(E with the SHA-1 hash function i(x 1, y 1, c) || B i), then e is bidder's eap-message digest.
B) bidder carries out digital signature
The bidder uses private key d iCalculate the point (x of elliptic curve i, y i)=d iP changes x then iBe decimal integer
Figure BDA00003159404800061
If
Figure BDA00003159404800062
If r=0, then private key d is redistributed in prompting iThen the bidder calculates s=k i -1(e+d iR) modn is if s=0 then forwards calculating (x to i, y i)=d iP.Last bidder B iThe signature that obtains be integer (r, s).
C) checking of bidder's digital signature
Suppose bidder B iThe digital signature of announcing be (r ', s '), the marked price data after the encryption that auction center receives are E i'.
SHA-1 hashed value e'=H (E at first calculates according to bidder ID in auction center i' || B i), if the digital signature parameter r ' that announces, s ' is not in interval [1, n-1], then refusal is signed; Otherwise calculate c=(s') -1Modn, u 1=e'cmodn and u 2=r'cmodn, (x i, y i)=u 1P+u 2If Q is (x i, y i) be infinite point, then refusal is signed.Change x at last iBe decimal integer
Figure BDA00003159404800072
If r '=v then bidder B iSignature be real, if r ' ≠ v then bidder B iMessage may be distorted or used incorrect signature, perhaps sign from assailant's forgery, the signature be considered to invalid.
4) bidder's checking of marking the price
The open checking of marking the price to the bidder based on " millionaire " protocol scheme of Parisa Kaghazgaran and Babak Sadeghyan proposition in the auction center, because what use was encrypted in marked price in this auction model is elliptic curve cryptosystem, and elliptic curve cryptosystem is the homomorphism cryptographic system, can be encrypted the comparison of data easily.Amount of calculation and the traffic of agreement have been significantly reduced like this.Suppose bidder B iTo marked price m 1And m 2Propose the checking application, then the concrete marked price proof procedure of auction room's execution is as follows:
A) the bidder B of auction center iPKI be pk-B iTo the m that marks the price respectively 1And m 2Be encrypted,
Figure BDA00003159404800073
Be expressed as and use PKI pk-B iThe encryption function of encrypting obtains encrypted result and is
Figure BDA00003159404800074
B) auction center chooses a random integers R and uses bidder B iPKI for this integer is encrypted, the encrypted result that obtains is E pk - B i ( R ) .
C) train value down calculates in auction center, and computation purpose is in order to prevent bidder B iLearn marked price m 1And m 2Actual value.
Figure BDA00003159404800076
Figure BDA00003159404800077
D) auction center is to bidder B iSend E pk - B i ( m 1 + R ) With E pk - B i ( m 2 + R ) .
E) bidder B iUse private key d iThe data deciphering that auction center is sent obtains, Be expressed as and use PKI d iThe decryption function of deciphering
D d i ( E pk - B i ( m 1 + R ) ) = m 1 + R , D d i ( E pk - B i ( m 2 + R ) ) = m 2 + R .
Because R is identical random number, just can simply obtain the size of x and y.
5) detailed process of electronic auction scheme
Fig. 3 has provided the roughly framework of electronic auction scheme, and the detailed step of protocol model is as follows:
A) preparatory stage
Auction room's public address system parameter, the elliptic curve of selecting for use is E, basic point is p, the seller registers to auction room, after being verified as validated user, the access authentication identity, the auctioner announces the auction items information that takes part in auction and has issued marked price at BBS2 and is m then, the bidder who participates in registers to auction room, and the legal bidder of auction behavior provides an interim competitive bidding identity B i
Auction room is to bidder B iSend B iParticipate in the PKI Q of auction iWith private key d i, undocumented private key d wherein iBe the random integers between [1, n-1], PKI pk i=d i* p, and at BBS1 announcement bidder B iPKI pk i, be used for the mutual certifying signature of bidder and marked price encryption.
B) bidding period
Bidding period is mainly used ECDSA signature system and elliptic curve cryptography system, the marked price Qualify Phase based on
Millionaire's agreement is verified the size of encrypting marked price to the bidder.
If the bidder is B iArticle M there is auction interest, then sends the encryption marked price information signature (r of oneself i, s i) to auction center and announcement, after authentication is passed through, be encrypted the announcement of marked price by auction center, owing to announce among the announcement board BBS1 that bidder B is arranged iPKI, then all participants can be to B iCarry out authentication.
C) the opening of bid stage
When reaching End of Auction during the moment, auction center is decrypted the marked price after encrypting among the announcement board BBS1, obtains all bidders' original marked price.Choosing preceding M higher bidder of auction valency is the winning bidder, chooses marked price that M+1 bidder send for acceptance of the bid marked price (be example with the M+1 auction), announces winning bidder's information and marked price in announcement board BBS2.Winning bidder B x(x ∈ [1, n], the sequence number that the expression winning bidder takes part in auction) is with the private key d of oneself xSend to auction center, checking winning bidder identity.
D) open checking marked price
If the suitor is B jOneself is not got the bid doubt, can propose marked price checking application to auction center, utilize target fairness in " millionaire " protocol verification.B jSelect two to encrypt competitive bidding valency (B at random jExcept), the B of auction center jPKI pk-B jOriginal competitive bidding valency is encrypted, and auction center carries out the encryption with random number chosen of random number according to agreement then, at last the information that obtains is sent to B j, B jJust can compare the size of marked price.Owing to can verify mutually between the bidder, strengthen the fairness of auction.
Auction scheme below by the sealed electronic that a M+1 auction model instance is showed openly to verify.Wherein Fig. 4 is auction scheme activity diagram.
1) system's preparatory stage
With 5 bidder (B 1, B 2, B 3, B 4, B 5) 2 M of auction article are as example, wherein the marked price that rises of commodity is m, considers elliptic curve E p(a, b), basic point is G.If auction center distributes to 5 private keys that participate in the bidder and is respectively (d 1, d 2, d 3, d 4, d 5), then PKI is (pk-B 1=d 1G, pk-B 2=d 2G, pk-B 3=d 3G, pk-B 4=d 4G, pk-B 5=d 5G).
Publish data such as table 1 and the table 2 of preparatory stage announcement board BBS1 and BBS2:
Bidder ID Bidder's PKI
B 1 pk-B 1
B 2 pk-B 2
B 3 pk-B 3
B 4 pk-B 4
B 5 pk-B 5
Table 1: preparatory stage BBS1 data
Trade name M
The commodity trigger price m
Table 2: preparatory stage BBS2 data
2) bidding period
Suppose bidder (B 1, B 2, B 3, B 4, B 5) bid price be followed successively by: m 1, m 2, m 3, m 4, m 5, the result after then marked price being encrypted is
E(m 1)=(x 11,y 11,c 1),E(m 2)=(x 12,y 12,c 2),E(m 3)=(x 13,y 13,c 3),
E(m 4)=(x 14,y 14,c 4),E(m 5)=(x 15,y 15,c 5)。
Join the result that the bidder carries out digital signature to the marked price encrypted result then and be S B1=(r 1, s 1), S B2=(r 2, s 2), S B3=(r 3, s 3), S B4=(r 4, s 4), S B5=(r 5, s 5) to auction center, by auction center announce and, the checking of signature, checking is announced marked price after the bidder encrypts by back auction center at announcement board BBS1.
Publish data such as the table 3 of bidding period announcement board BBS1, the publish data of BBS2 is constant.
Bidder ID Bidder's PKI Bidder's signature The bidder encrypts marked price
B 1 pk-B 1 S B1=(r 1,s 1) E(m 1)=(x 11,y 11,c 1)
B 2 pk-B 2 S B2=(r 2,s 2) E(m 2)=(x 12,y 12,c 2)
B 3 pk-B 3 S B3=(r 3,s 3) E(m 3)=(x 13,y 13,c 3)
B 4 pk-B 4 S B4=(r 4,s 4) E(m 4)=(x 14,y 14,c 4)
B 5 pk-B 5 S B5=(r 5,s 5) E(m 5)=(x 15,y 15,c 5)
Table 3: bidding period BBS1 data
3) the opening of bid stage
Auction center obtains the enciphered data E (m that the bidder sends 1), E (m 2), E (m 3), E (m 4), E (m 5) after, use its private key d respectively 1, d 2, d 3, d 4, d 5Enciphered data is decrypted, recovers suitor's original marked price m 1, m 2, m 3, m 4, m 5Auction center selects preceding 2 bidder of marked price (to be assumed to be B then 1And B 4) be the winning bidder, the 3rd marked price (is assumed to be m 3) be tender price.
Publish data such as the table 4 of opening of bid stage announcement board BBS2, the publish data of BBS1 is constant.
Trade name M
The commodity trigger price m
Mark the price in the commodity m 3
Winning bidder ID B 1And B 4
Table 4: opening of bid stage B BS2 data
4) open checking marked price
Suppose bidder B 2The result doubts to opening of bid, and carries out bidder B to auction center's application 1And B 5Marked price checking.
A) auction center chooses B 2PKI pk-B 2
B) auction center is to bat person B 1And B 5Marked price m 1And m 5Use PKI pk-B 2Carry out elliptic curve cryptography, obtain encrypted result E ' (m 1) and E ' (m 5).
C) auction center chooses random integers R, and to R PKI pk-B 2Carry out elliptic curve cryptography, obtain encrypted result E ' (R).
D) calculate
Figure BDA00003159404800101
With
Figure BDA00003159404800102
And result of calculation sent to B 2
E) B 2Utilize the private key d of oneself 2The result that auction center is sended over is decrypted, and obtains m 1+ R and m 5+ R draws marked price m 1>m 5, obtain correct checking result.
5) electronic auction plan-validation
A) fairness: the auction scheme only allows each bidder to send once the encryption marked price of oneself, after the auction time ends, announces acceptance of the bid information by auction room's deciphering.Not existing to send the auctioneer of marked price earlier for winning bidder's situation, all is fair to all this models of participation bidder.
B) non-repudiation, verifiability: the auction scheme requires each bidder private key with oneself when participating in auction that message is carried out digital signature, because bidder's private key is different, have only bidder itself can the ID of oneself be signed, others can not forge, thus send have a non-repudiation.If same bidder denies the marked price of oneself, can confirm with digital signature, so the auction scheme has non-repudiation.
C) marked price confidentiality: the auction scheme uses elliptic curve encryption algorithm that marked price is encrypted, elliptic curve encryption algorithm is based on known elliptic curve E and put p, generate an integer d at random, calculate Q=d * p easily, but given Q calculates the just discrete logarithm problem of relative difficulty of d with p.Elliptic curve encryption algorithm is considered to one of three big secure cryptographic algorithm so far, can not break through in the limited time, so the auction scheme has the marked price confidentiality.
D) bidder's anonymity: in whole auction scheme, unique identity ID that the bidder uses auction center to distribute always submits a tender and takes part in auction.And identity ID has only the bidder to know, the assailant is difficult to obtain, so the auction scheme also has good bidder's anonymity.

Claims (3)

1.一种基于多方安全协议的密封式电子拍卖方案与验证方法,其特征是,包括下列步骤:1. A sealed electronic auction scheme and verification method based on a multi-party security protocol, characterized in that it comprises the following steps: 1)拍卖行建立密钥系统1) The auction house establishes a key system 拍卖行根据椭圆曲线密码体制选取椭圆曲线E(a,b)和E(a,b)上的一个拥有素数阶n的点p)xp,yp)作为加密系统的基本信息,其中,xp和yp分别代表点p的横竖坐标;并在区间[1,n-1]之间选择一个随机整数di作为竞拍者Bi的私钥,i∈[1,n],表示竞拍者参与拍卖的序列号,Bi的公钥为pki-Bi=diP,公布竞拍者公钥;According to the elliptic curve cryptosystem, the auction house selects a point p)x p ,y p ) on the elliptic curve E(a,b) and E(a,b ) with prime order n as the basic information of the encryption system, where x p and y p respectively represent the horizontal and vertical coordinates of point p; and select a random integer d i in the interval [1,n-1] as the private key of bidder B i , i∈[1,n], which means the bidder The serial number participating in the auction, the public key of B i is pk i -B i = d i P, and the public key of the bidder is published; 2)标价加密及解密2) Price encryption and decryption a)竞拍者Bi用公钥pki-Bi对标价进行加密a) The bidder B i encrypts the price with the public key pk i -B i 竞拍者Bi首先将自己的原始标价Mi表示成一个域元素mi∈GF(p),然后在[1,n-1]之间选择一个随机整数ki,计算点(xi,yi)=kip和点(x2,y2)=kiQ,Q=pki-Bi,如果x2=0则重新选择随机整数k,计算c=mix2,最后将数据(x1,y1,c)发送给拍卖中心,作为标价加密后的数据;The bidder B i first expresses his original price M i as a domain element m i ∈ GF(p), and then chooses a random integer k i among [1,n-1], and calculates the point (xi, y i )=k i p and point (x 2 , y 2 )=k i Q, Q=pk i -B i , if x 2 =0, reselect a random integer k, calculate c=m i x 2 , and finally The data (x 1 , y 1 , c) is sent to the auction center as the encrypted data of the price tag; b)拍卖中心进行解密过程b) The auction center conducts the decryption process 当拍卖中心收到竞拍者Bi的标价密文(x1,y1,c)后,拍卖中心应首先使用竞拍者Bi的私钥di计算点(x2,y2)=di(x1,y1),然后通过计算mi=c·x2 -1恢复竞拍者Bi的原始标价miWhen the auction center receives bidder B i 's bidding ciphertext (x 1 , y 1 , c), the auction center should first use bidder B i 's private key d i to calculate point (x 2 , y 2 )=d i (x 1 , y 1 ), and then recover bidder B i 's original price m i by calculating m i =c·x 2 -1 ; 3)竞拍者数字签名及验证3) Bidder's digital signature and verification 竞拍者使用的数字签名方案是椭圆曲线签名体制;The digital signature scheme used by bidders is an elliptic curve signature scheme; 4)竞拍者进行标价验证4) The bidder conducts price verification 竞拍中心基于Parisa Kaghazgaran和Babak Sadeghyan提出的“百万富翁”协议方案向竞拍者进行标价的公开验证,拍卖行执行的具体标价验证过程如下:Based on the "Millionaire" agreement proposed by Parisa Kaghazgaran and Babak Sadeghyan, the bidding center will publicly verify the bidding price to bidders. The specific bidding verification process performed by the auction house is as follows: a)拍卖中心用竞拍者Bi的公钥为pk-Bi分别对标价m1和m2进行加密,
Figure FDA00003159404700011
表示为用公钥pk-Bi加密的加密函数,得到加密结果为 a) The auction center uses the public key of the bidder B i as pk-B i to encrypt the bids m 1 and m 2 respectively,
Figure FDA00003159404700011
Expressed as an encryption function encrypted with the public key pk-B i , the encrypted result is b)拍卖中心选取一个随机整数R并且用竞拍者Bi的公钥为对该整数进行加密,得到的加密结果为 E pk - B i ( R ) ; b) The auction center selects a random integer R and encrypts the integer with the public key of the bidder Bi , and the obtained encryption result is E. pk - B i ( R ) ; c)拍卖中心计算下列值,计算的目的是为了防止竞拍者Bi得知标价m1和m2的真实值。c) The auction center calculates the following values. The purpose of the calculation is to prevent the bidder B i from knowing the real values of the bid prices m 1 and m 2 .
Figure FDA00003159404700014
Figure FDA00003159404700014
Figure FDA00003159404700015
Figure FDA00003159404700015
 d)拍卖中心向竞拍者Bi发送 E pk - B i ( m 1 + R ) E pk - B i ( m 2 + R ) ; d) The auction center sends bidder B i E. pk - B i ( m 1 + R ) and E. pk - B i ( m 2 + R ) ; e)
Figure FDA00003159404700018
表示用私钥di进行解密的解密函数,竞拍者Bi用私钥di对拍卖中心发送的数据解密得到e)
Figure FDA00003159404700018
Indicates the decryption function for decryption with the private key d i , and the bidder B i uses the private key d i to decrypt the data sent by the auction center to obtain DD. dd ii (( EE. pkpk -- BB ii (( mm 11 ++ RR )) )) == mm 11 ++ RR ,, DD. dd ii (( EE. pkpk -- BB ii (( mm 22 ++ RR )) )) == mm 22 ++ RR ;; 由于R是相同的随机数,便可以简单得到x和y的大小。Since R is the same random number, the size of x and y can be simply obtained. 2.根据权利要求1所述的基于多方安全协议的密封式电子拍卖方案与验证方法,其特征是,电子拍卖方案的详细过程是:2. The sealed electronic auction scheme and verification method based on the multi-party security protocol according to claim 1, wherein the detailed process of the electronic auction scheme is: a)准备阶段a) Preparation stage 拍卖行公布系统参数,选用的椭圆曲线为E,基点为p,卖家向拍卖行进行注册,验证为合法用户后,获得认证身份,然后拍卖商在BBS2上公布参与拍卖的拍卖物品信息并发布起标价为m,参与的竞拍者向拍卖行注册,拍卖行为合法竞拍者发放一个临时竞标身份BiThe auction house announces the system parameters, the elliptic curve selected is E, the base point is p, the seller registers with the auction house, and after verifying that he is a legitimate user, he obtains the authentication identity, and then the auctioneer announces the information of the auction items participating in the auction on BBS2 The bidding price is m, and the participating bidders register with the auction house, and the auction house issues a temporary bidding identity B i to legal bidders; 拍卖行向竞拍者Bi发送Bi参与竞拍的公钥pk-Bi和私钥di,其中未公开的私钥di为[1,n-1]之间的随机整数,公钥pki=di×p,并在BBS1公布竞拍者Bi的公钥pki,用于竞拍者相互验证签名和标价加密;The auction house sends to the bidder B i the public key pk-B i and private key d i that Bi participated in the auction, where the undisclosed private key d i is a random integer between [1,n-1], and the public key pk i =d i ×p, and public key pk i of bidder B i is published on BBS1, which is used for bidders to mutually verify signatures and price encryption; b)投标阶段b) Bidding stage 投标阶段主要使用ECDSA签名体制和椭圆曲线加密体制,在标价验证阶段基于百万富翁协议,向竞拍者验证加密标价的大小;The ECDSA signature system and elliptic curve encryption system are mainly used in the bidding stage. In the price verification stage, based on the millionaire agreement, the size of the encrypted price is verified to the bidder; 如果竞拍者Bi对物品M有拍卖兴趣,则发送自己的加密标价消息签名(ri,si)至拍卖中心并公布,身份验证通过后,由拍卖中心进行加密标价的公布,由于公告栏BBS1中公布有竞拍者Bi的公钥,则所有的参与方可以对Bi进行身份验证;If bidder B i is interested in auctioning item M, he will send his own encrypted price message signature (ri , si ) to the auction center and publish it. After the identity verification is passed, the auction center will announce the encrypted price. BBS1 publishes the public key of bidder B i , so all participants can authenticate B i ; c)开标阶段c) Bid opening stage 当达到拍卖结束时刻时,拍卖中心对公告栏BBS1中加密后的标价进行解密,得到所有竞拍者的原始标价,选取竞拍价较高的前M个竞拍者为中标者,选取第M+1个竞拍者发送的标价为中标标价,在公告栏BBS2中公布中标者信息及标价,中标者Bx将自己的私钥dx发送给拍卖中心x∈[1,n],表示中标者参与拍卖的序列号,验证中标者身份;When the end of the auction is reached, the auction center will decrypt the encrypted bid price in the bulletin board BBS1 to obtain the original bid prices of all bidders, select the first M bidders with higher bid prices as the winning bidders, and select the M+1th bidder The bid price sent by the bidder is the winning bid price, and the winning bidder information and bid price are announced on the bulletin board BBS2. The winning bidder B x sends his private key d x to the auction center x∈[1,n], indicating that the winning bidder participates in the auction Serial number to verify the identity of the winning bidder; d)公开验证标价d) Publicly validated bids 如果竞标者Bj对自己未中标表示怀疑j∈[1,n],表示竞拍者参与拍卖的序列号,可以向拍卖中心提出标价验证申请,利用“百万富翁”协议验证中标的公平性。Bj随机选择两个加密竞标价,Bj除外,拍卖中心用Bj的公钥pk-Bj对原始竞标价进行加密,然后拍卖中心按照协议进行随机数的选取和随机数的加密,最后将得到的信息发送给Bj,Bj便可以比较出标价的大小。If the bidder B j doubts that he has not won the bid j∈[1,n], which means the serial number of the bidder participating in the auction, he can submit a bid verification application to the auction center, and use the "Millionaire" protocol to verify the fairness of the winning bid. B j randomly selects two encrypted bidding prices, except for B j , the auction center uses B j 's public key pk-B j to encrypt the original bidding price, and then the auction center selects and encrypts random numbers according to the agreement, and finally Send the obtained information to B j , and B j can compare the bid price. 3.根据权利要求1所述的基于多方安全协议的密封式电子拍卖方案与验证方法,其特征是,竞拍者使用的数字签名方案是椭圆曲线签名体制,具体为:3. The sealed electronic auction scheme and verification method based on a multi-party security protocol according to claim 1, wherein the digital signature scheme used by bidders is an elliptic curve signature system, specifically: a)竞拍者生成消息摘要a) The bidder generates a message digest 假设竞拍者的竞拍ID为Bi,i∈[1,n],表示竞拍者参与拍卖的序列号,标价密文为Ei(x1,y1,c),由拍卖第二阶段标价加密得,用SHA-1散列函数计算其散列值e=H(Ei(x1,y1,c)||Bi),H为哈希散列函数,则e为竞拍者的消息摘要;Assume that the bidder’s bidding ID is Bi , i∈[1,n], which represents the serial number of the bidder participating in the auction, and the bid ciphertext is E i (x 1 ,y 1 ,c), which is encrypted by the bid price in the second stage of the auction So, use the SHA-1 hash function to calculate its hash value e=H(E i (x 1 ,y 1 ,c)||B i ), H is the hash hash function, and e is the bidder’s message Summary; b)竞拍者进行数字签名b) Bidders digitally sign 竞拍者用私钥di计算椭圆曲线的点(xi,yi)=dip,椭圆曲线为E,基点为p,然后转换xi为十进制整数
Figure FDA00003159404700021
Figure FDA00003159404700022
如果r=0,则提示重新分配私钥di,接着竞拍者计算s=ki -1(e+dir)modn,如果s=0,则转到计算(xi,yi)=dip;最后竞拍者B获得的签名为整数(r,s);The bidder uses the private key d i to calculate the point of the elliptic curve (xi , y i ) = d i p, the elliptic curve is E, the base point is p, and then converts xi to a decimal integer
Figure FDA00003159404700021
set up
Figure FDA00003159404700022
If r=0, prompt to redistribute the private key d i , then the bidder calculates s=k i -1 (e+d i r)modn, if s=0, then go to the calculation (xi , y i )= d i p; the signature obtained by the last bidder Bi is an integer (r, s); c)竞拍者数字签名的验证c) Verification of bidder's digital signature 假设竞拍者Bi公布的数字签名为(r’,s‘),拍卖中心收到的加密后的标价数据为Bi‘。拍卖中心首先根据竞拍者ID计算SHA-1散列值e'=H(Ei‘||Bi),如果公布的数字签名参数r’,s‘不在区间[1,n-1]内,则拒绝签名;否则计算c=(s')-1modn,u1=e'cmodn和u2=r'cmodn,(xi,yi)=up+u2Q,如果(xi,yi)是无穷远点,则拒绝签名,最后转换xi为十进制整数
Figure FDA00003159404700031
Figure FDA00003159404700032
如果r’=v则竞拍者Bi的签名是真实的,如果r’≠v则竞拍者Bi的消息可能被篡改或者使用了不正确的签名,或者签名来自攻击者的伪造,签名被认为是无效的。Assume that the digital signature announced by the bidder Bi is (r', s'), and the encrypted price data received by the auction center is Bi ' . The auction center first calculates the SHA-1 hash value e'=H(E i '||B i ) according to the bidder ID, if the published digital signature parameters r', s' are not in the interval [1,n-1], Then reject the signature; otherwise calculate c=(s') -1 modn, u 1 =e'cmodn and u 2 =r'cmodn, ( xi , y i )=u 1 p+u 2 Q, if ( xi ,y i ) is a point at infinity, then reject the signature, and finally convert xi to a decimal integer
Figure FDA00003159404700031
Figure FDA00003159404700032
If r'=v, the signature of the bidder Bi is authentic. If r'≠v, the message of the bidder Bi may have been tampered with or use an incorrect signature, or the signature is forged by the attacker, and the signature is considered it is invalid.
CN2013101676375A 2013-05-08 2013-05-08 Multi-party security agreement based sealed electric auction scheme and verification method Pending CN103248478A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2013101676375A CN103248478A (en) 2013-05-08 2013-05-08 Multi-party security agreement based sealed electric auction scheme and verification method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2013101676375A CN103248478A (en) 2013-05-08 2013-05-08 Multi-party security agreement based sealed electric auction scheme and verification method

Publications (1)

Publication Number Publication Date
CN103248478A true CN103248478A (en) 2013-08-14

Family

ID=48927715

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2013101676375A Pending CN103248478A (en) 2013-05-08 2013-05-08 Multi-party security agreement based sealed electric auction scheme and verification method

Country Status (1)

Country Link
CN (1) CN103248478A (en)

Cited By (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104240092A (en) * 2014-04-18 2014-12-24 天津大学 Multi-party contract signing protocol fairness verification method based on CSP# and LTL
CN105072092A (en) * 2015-07-16 2015-11-18 西安电子科技大学 Improved first-price sealed auction method with comparable encryption
CN107330775A (en) * 2017-07-05 2017-11-07 贵州大学 A kind of first valency sealing method of commerce based on bit coin agreement
CN107392743A (en) * 2017-08-01 2017-11-24 安徽大学 McAfe two-way auction privacy protection method and auction method
CN107707358A (en) * 2017-10-30 2018-02-16 武汉大学 A kind of EC KCDSA digital signature generation method and system
CN108074175A (en) * 2018-01-24 2018-05-25 上海百昌拍卖有限公司 Electronic signature method and device
CN109146652A (en) * 2018-09-06 2019-01-04 王李琰 A kind of online auction system and system based on block chain technology
CN109241016A (en) * 2018-08-14 2019-01-18 阿里巴巴集团控股有限公司 Secure calculation method and device, electronic equipment
CN109359470A (en) * 2018-08-14 2019-02-19 阿里巴巴集团控股有限公司 Secure calculation method and device, electronic equipment
CN109495241A (en) * 2017-09-11 2019-03-19 安徽大学 Post-confirmation method for quantum seal bidding auction
CN109934691A (en) * 2019-02-28 2019-06-25 矩阵元技术(深圳)有限公司 A kind of data processing method of auction, auction client and system
CN110113326A (en) * 2019-04-26 2019-08-09 深圳前海微众银行股份有限公司 A kind of competition arrangement method and device based on block chain
CN110192216A (en) * 2017-01-27 2019-08-30 区块链控股有限公司 Computer-implemented method and system
WO2020047802A1 (en) * 2018-09-06 2020-03-12 王李琰 Online auction method and system based on block chain technology
CN111277406A (en) * 2020-01-08 2020-06-12 中山大学 A method for comparing the advantages of secure two-way vector based on blockchain
CN111553758A (en) * 2020-03-06 2020-08-18 杜晓楠 Method and computer-readable storage medium for verifying data submitted by an auctioneer in an untrusted network environment
CN111612600A (en) * 2020-05-29 2020-09-01 深圳市网心科技有限公司 Blockchain auction method, equipment, storage medium and blockchain system
CN111628991A (en) * 2020-05-25 2020-09-04 安徽大学 General safety calculation method capable of resisting malicious adversaries
CN111754233A (en) * 2020-06-29 2020-10-09 兴唐通信科技有限公司 Electronic payment method and system based on multi-party signature
CN112116414A (en) * 2020-08-18 2020-12-22 重庆第二师范学院 Auction type safe nearest neighbor target base source searching system and method supporting range verification
WO2020258373A1 (en) * 2019-06-24 2020-12-30 暨南大学 Solution to millionaires' problem based on homomorphic encryption
CN112307504A (en) * 2020-11-18 2021-02-02 成都佳华物链云科技有限公司 Secure multi-party computing method and device, electronic equipment and storage medium
CN113112340A (en) * 2021-04-21 2021-07-13 中钞信用卡产业发展有限公司杭州区块链技术研究院 Vikri auction method, device and system based on block chain technology
CN113362147A (en) * 2021-05-17 2021-09-07 杭州师范大学 Traceable electronic auction method based on multiple authorization centers under Internet of things
CN113765666A (en) * 2020-10-20 2021-12-07 北京沃东天骏信息技术有限公司 Information encryption method and device
CN114329617A (en) * 2022-03-14 2022-04-12 浙江大学 Method and device for calculating second price sealed auction closing sum and electronic equipment

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101331706A (en) * 2005-12-13 2008-12-24 皇家飞利浦电子股份有限公司 Secure threshold decryption protocol computation
EP2503730A1 (en) * 2011-03-23 2012-09-26 Research In Motion Limited Binding data to an ECDSA signature component

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101331706A (en) * 2005-12-13 2008-12-24 皇家飞利浦电子股份有限公司 Secure threshold decryption protocol computation
EP2503730A1 (en) * 2011-03-23 2012-09-26 Research In Motion Limited Binding data to an ECDSA signature component

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
PARISA KAGHAZGARAN等: "Secure Two Party Comparison over Encrypted Data", 《2011 WORLD CONGRESS ON INFORMATION AND COMMUNICATION TECHNOLOGIES》 *
陈亮: "安全多方计算在电子拍卖中的应用", 《中国优秀硕士学位论文全文数据库 经济与管理科学辑》 *

Cited By (46)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104240092A (en) * 2014-04-18 2014-12-24 天津大学 Multi-party contract signing protocol fairness verification method based on CSP# and LTL
CN105072092A (en) * 2015-07-16 2015-11-18 西安电子科技大学 Improved first-price sealed auction method with comparable encryption
CN110192216B (en) * 2017-01-27 2023-05-09 区块链控股有限公司 Computer-implemented method and system
CN110192216A (en) * 2017-01-27 2019-08-30 区块链控股有限公司 Computer-implemented method and system
CN107330775A (en) * 2017-07-05 2017-11-07 贵州大学 A kind of first valency sealing method of commerce based on bit coin agreement
CN107392743A (en) * 2017-08-01 2017-11-24 安徽大学 McAfe two-way auction privacy protection method and auction method
CN107392743B (en) * 2017-08-01 2021-04-06 安徽大学 McAfe two-way auction privacy protection method and auction method
CN109495241B (en) * 2017-09-11 2021-07-30 安徽大学 A Post-Confirmation Method for Quantum Sealed Bid Auction
CN109495241A (en) * 2017-09-11 2019-03-19 安徽大学 Post-confirmation method for quantum seal bidding auction
CN107707358A (en) * 2017-10-30 2018-02-16 武汉大学 A kind of EC KCDSA digital signature generation method and system
CN107707358B (en) * 2017-10-30 2019-12-24 武汉大学 A method and system for generating EC-KCDSA digital signature
CN108074175A (en) * 2018-01-24 2018-05-25 上海百昌拍卖有限公司 Electronic signature method and device
CN109359470A (en) * 2018-08-14 2019-02-19 阿里巴巴集团控股有限公司 Secure calculation method and device, electronic equipment
CN109241016A (en) * 2018-08-14 2019-01-18 阿里巴巴集团控股有限公司 Secure calculation method and device, electronic equipment
US11050561B2 (en) 2018-08-14 2021-06-29 Advanced New Technologies Co., Ltd. Multi-party security computing method and apparatus, and electronic device
CN109241016B (en) * 2018-08-14 2020-07-07 阿里巴巴集团控股有限公司 Multi-party security calculation method and device and electronic equipment
US11290267B2 (en) 2018-08-14 2022-03-29 Advanced New Technologies Co., Ltd. Multi-party security computing method and apparatus, and electronic device
CN109359470B (en) * 2018-08-14 2020-09-01 阿里巴巴集团控股有限公司 Multi-party security calculation method and device and electronic equipment
US11206132B2 (en) 2018-08-14 2021-12-21 Advanced New Technologies Co., Ltd. Multiparty secure computing method, device, and electronic device
WO2020047802A1 (en) * 2018-09-06 2020-03-12 王李琰 Online auction method and system based on block chain technology
CN109146652A (en) * 2018-09-06 2019-01-04 王李琰 A kind of online auction system and system based on block chain technology
CN109934691A (en) * 2019-02-28 2019-06-25 矩阵元技术(深圳)有限公司 A kind of data processing method of auction, auction client and system
CN109934691B (en) * 2019-02-28 2023-08-25 矩阵元技术(深圳)有限公司 Auction data processing method, auction client and system
CN110113326A (en) * 2019-04-26 2019-08-09 深圳前海微众银行股份有限公司 A kind of competition arrangement method and device based on block chain
CN110113326B (en) * 2019-04-26 2021-07-06 深圳前海微众银行股份有限公司 A method and device for competitive ranking based on blockchain
WO2020258373A1 (en) * 2019-06-24 2020-12-30 暨南大学 Solution to millionaires' problem based on homomorphic encryption
GB2600038A (en) * 2019-06-24 2022-04-20 Univ Jinan A Method for Solving a Millionaire Problem Based on Homomorphic Encryption
CN111277406A (en) * 2020-01-08 2020-06-12 中山大学 A method for comparing the advantages of secure two-way vector based on blockchain
CN111277406B (en) * 2020-01-08 2021-09-21 中山大学 Block chain-based safe two-direction quantity advantage comparison method
CN111553758A (en) * 2020-03-06 2020-08-18 杜晓楠 Method and computer-readable storage medium for verifying data submitted by an auctioneer in an untrusted network environment
CN111553758B (en) * 2020-03-06 2023-02-10 杜晓楠 Method and computer-readable storage medium for verifying data submitted by an auctioneer in an untrusted network environment
CN111628991A (en) * 2020-05-25 2020-09-04 安徽大学 General safety calculation method capable of resisting malicious adversaries
CN111628991B (en) * 2020-05-25 2021-12-28 安徽大学 General safety calculation method capable of resisting malicious adversaries
CN111612600A (en) * 2020-05-29 2020-09-01 深圳市网心科技有限公司 Blockchain auction method, equipment, storage medium and blockchain system
CN111612600B (en) * 2020-05-29 2023-07-14 深圳市迅雷网络技术有限公司 Block chain auction method, equipment, storage medium and block chain system
CN111754233A (en) * 2020-06-29 2020-10-09 兴唐通信科技有限公司 Electronic payment method and system based on multi-party signature
CN111754233B (en) * 2020-06-29 2023-11-07 兴唐通信科技有限公司 Electronic payment method and system based on multiparty signature
CN112116414A (en) * 2020-08-18 2020-12-22 重庆第二师范学院 Auction type safe nearest neighbor target base source searching system and method supporting range verification
CN113765666A (en) * 2020-10-20 2021-12-07 北京沃东天骏信息技术有限公司 Information encryption method and device
CN112307504A (en) * 2020-11-18 2021-02-02 成都佳华物链云科技有限公司 Secure multi-party computing method and device, electronic equipment and storage medium
CN112307504B (en) * 2020-11-18 2024-02-09 成都佳华物链云科技有限公司 Secure multiparty computing method, device, electronic equipment and storage medium
CN113112340A (en) * 2021-04-21 2021-07-13 中钞信用卡产业发展有限公司杭州区块链技术研究院 Vikri auction method, device and system based on block chain technology
CN113362147B (en) * 2021-05-17 2023-02-10 杭州师范大学 Traceable electronic auction method based on multiple authorization centers under Internet of things
CN113362147A (en) * 2021-05-17 2021-09-07 杭州师范大学 Traceable electronic auction method based on multiple authorization centers under Internet of things
CN114329617A (en) * 2022-03-14 2022-04-12 浙江大学 Method and device for calculating second price sealed auction closing sum and electronic equipment
CN114329617B (en) * 2022-03-14 2022-06-17 浙江大学 Method, device and electronic device for calculating second price sealed auction transaction amount

Similar Documents

Publication Publication Date Title
CN103248478A (en) Multi-party security agreement based sealed electric auction scheme and verification method
Gao et al. An anti-quantum e-voting protocol in blockchain with audit function
CN106301788A (en) A kind of group key management method supporting authenticating user identification
Li et al. Practical electronic auction scheme with strong anonymity and bidding privacy
CN113468570A (en) Private data sharing method based on intelligent contract
Chen et al. New receipt-free voting scheme using double-trapdoor commitment
Xiong et al. Anonymous auction protocol based on time-released encryption atop consortium blockchain
CN106506165B (en) Anonymous sorting method of virtual assets based on homomorphic encryption
CN111612961A (en) An electronic voting method for encrypting voter's ballot information
Tsai et al. An ECC‐based blind signcryption scheme for multiple digital documents
KR100718489B1 (en) Signature process, computer program, apparatus and signature system for the new fair blind signature
Hwang et al. Confidential deniable authentication using promised signcryption
Wu et al. New sealed-bid electronic auction with fairness, security and efficiency
Zuo Cryptanalysis of quantum blind signature scheme
Srinath et al. A new secure protocol for multi-attribute multi-round e-reverse auction using online trusted third party
CN1845164A (en) A fair and secure electronic transaction method that does not require a third party
Lee et al. A secure e-auction scheme based on group signatures
Chang et al. Enhanced anonymous auction protocols with freewheeling bids
Wang et al. Sealed-bid auction scheme based on blockchain and secure multi-party computation
Fan et al. Fairness electronic payment protocol
CN110610361A (en) Blockchain-based enterprise data signature method and device
Juang et al. The design of a secure and fair sealed-bid auction service
Pasupathinathan et al. A fair e-tendering Protocol
Kwak et al. A secure extension of the Kwak–Moon group signcryption scheme
Huang et al. Provable secure generic construction of proxy signature from certificate-based signature

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20130814