CN107483198B - A kind of block catenary system supervised and method - Google Patents

A kind of block catenary system supervised and method Download PDF

Info

Publication number
CN107483198B
CN107483198B CN201710873134.8A CN201710873134A CN107483198B CN 107483198 B CN107483198 B CN 107483198B CN 201710873134 A CN201710873134 A CN 201710873134A CN 107483198 B CN107483198 B CN 107483198B
Authority
CN
China
Prior art keywords
node
block chain
key
information
registration
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710873134.8A
Other languages
Chinese (zh)
Other versions
CN107483198A (en
Inventor
张锐
肖禹亭
马晖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Information Engineering of CAS
Original Assignee
Institute of Information Engineering of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Information Engineering of CAS filed Critical Institute of Information Engineering of CAS
Priority to CN201710873134.8A priority Critical patent/CN107483198B/en
Publication of CN107483198A publication Critical patent/CN107483198A/en
Application granted granted Critical
Publication of CN107483198B publication Critical patent/CN107483198B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Computer And Data Communications (AREA)

Abstract

The block catenary system and method that can be supervised the present invention relates to one kind, it include: authentication center (CA), authentication is carried out to ordinary node, generates the registration information about the node, and openly waits the registration for being written into and completing node in block chain to block chain network;Key Distribution Center (KDC) formulates regulatory rule, defines the complete property set of supervision department, distributes key according to the specific object of supervision department for it;Supervision department obtains key, monitoring block chain network transaction from KDC, once there is abnormal account, then utilizes the true identity of the Node registry acquisition of information node in the key decryption block chain of oneself;Ordinary node is interacted with CA, addition block chain operation after carrying out authentication, completing registration.The present invention constructs a kind of block chain that can be supervised using cryptological techniques such as ABE, signatures, allows different supervision departments to be supervised according to the difference of function to the data of block catenary system, thus takes precautions against the generation of illegal activities etc..

Description

A kind of block catenary system supervised and method
Technical field
The invention belongs to computer application technologies, and in particular to the block catenary system and method that one kind can supervise are permitted Perhaps different supervision centers supervises the behavior of block catenary system user according to the difference of function.
Background technique
Block chain originates from bit coin, and essence is a kind of distributed storage technology, has decentralization, anonymity, can chase after It the properties such as traces back, can not distort.Using block chain technology, a set of new trust can be established in the case where non-stop layer trust authority System.Therefore, the scenes such as financial service, shared economy, medical treatment & health, social management can be applied to.However in traditional block In chain, the account information and transaction content of all users is all disclosed.Even if any user can read these open numbers According to, but block chain is that the assumed name system for guaranteeing that anonymity uses can but bring great threat to social stability.For example, its nothing Method resists the illegal activities such as money laundering.Many different accounts can be generated in one real user, and between these accounts constantly Carry out fund transfer, becomes difficult anti money washing.In order to take precautions against such criminal offence, the present invention discloses a kind of block that can be supervised Catenary system and method.
Encryption attribute scheme (ABE) is a kind of encryption technology that can be realized fine granularity nonreciprocal access control mechanisms.In In ABE, the condition that user is capable of successful decryption is that one group of attribute set can satisfy access control policy, and according to function difference Be classified as two major classes: the encryption attribute scheme (KP-ABE) of Ciphertext policy, wherein key is associated with access control policy, close Text is associated with the attribute set of user;The encryption attribute scheme (CP-ABE) of Ciphertext policy, with KP-ABE on the contrary, key and use The attribute set at family is related, and ciphertext is associated with access strategy.For both encryption attribute schemes, only when attribute set is full When sufficient access control policy, user can be decrypted correctly.The main application scenarios of KP-ABE are paid for television system, and CP-ABE is mainly used in the information sharing system with access control, such as electronic medical record system.The present invention using CP-ABE come Realize the supervision to system user behavior.In order to improve encryption efficiency, using KEM/DEM Hybrid Encryption.I.e. by the side CP-AB-KEM Case encrypted session key, then use session key as private key encryption data of DEM itself.Consistent with ABE scheme is only to have The user of respective attributes can just decrypt the session key that KEM obtains encapsulation, and the part session key decryption DEM is recycled to obtain number According to.
It is currently known a Chinese patent CN 106503994A (block chain private data access control based on encryption attribute Method processed) it also uses attribute encryption technology block catenary system is improved.The invention proposes a kind of based on encryption attribute Block chain private data access control method, mainly solve traditional technology only hide the true identity of user in block chain Name protection, not to transaction privacy information encrypt and caused by privacy leakage problem.Implementation step are as follows: (1) system Initialization;(2) user's registration obtains attribute information;(3) authoritative center is according to customer attribute information dispatch user private key;(4) it hands over Yi Fang encryption transaction private data is simultaneously uploaded to block chain;(5) bookkeeper verifies Transaction Information and executes transaction;(6) Authorization supervision center checks transaction ciphertext using authorization private key decryption.The invention also allows to authorize it can be seen from above-mentioned steps 6 Transaction ciphertext is checked in supervision center decryption, plays the role of certain supervision, but there is a problem of one it is serious: All Activity data Exist with ciphertext form, can make the supervision of supervision center that will become extremely complex, especially supervision center is possibly can not It notes abnormalities behavior in time and makes corresponding processing.Once the no longer effective property of supervision, hits criminal offence Dynamics will weaken significantly.In addition, the invention is to be distinguished with attribute to user, but be of virtually the user of same alike result simultaneously It is non-only one, can not know exactly which be who generate a transaction, i.e., can not criminal offence occur when confirm it True identity is supervised very difficult.
Summary of the invention
Technology of the invention solves the problems, such as: overcome the deficiencies of the prior art and provide a kind of block catenary system that can be supervised and Method, using cryptological techniques such as ABE, signatures, construct it is a kind of can real-time monitoring block chain, allow different supervision department's roots The data of block catenary system are supervised according to the difference of function, thus take precautions against the generation of illegal activities etc..
The following technical solution is employed by the present invention: the block catenary system that can supervise of one kind, comprising: authentication center (CA), close Key Distribution Center (KDC), supervision department and ordinary node;
1, authentication center (CA) possesses the private key for generating signature: carrying out authentication to ordinary node, obtains its true body Part information and the account information (such as public key or wallet address) run for block chain;By true identity information according to given Regulatory rule ABE algorithm for encryption, generate corresponding ciphertext;It generates about node account information and the label of ABE encrypted cipher text Name;Encapsulating node account information, ABE encrypted cipher text, signature becomes the registration information of the node;Registration information is published to block In chain network, waits by existing node verification and block chain is written to complete Node registry.
2, Key Distribution Center (KDC), definition describe the complete attribute set of each supervision department's function, generate ABE algorithm Common parameter and can for supervision department distribute key main private key;Formulate the supervision department what attribute is regulatory rule-have Gatekeeper pipe has the node of what identity;Common parameter and regulatory rule are sent at CA.Judge the category that supervision department meets Property collection, and be that it generates corresponding private key using main private key.
3, supervision department obtains the private key of oneself from KDC.The trading activity of block chain network is monitored, if note abnormalities A large amount of or a large sum of transaction is generated in account, such as short time, then searches for the registration information in block chain about the account, is verified The validity of signature, decryption ABE encrypted cipher text obtain the true identity information of the account.
4, ordinary node, by with CA interact complete registration after participate in block chain operation.
The block chain method that one kind of the present invention can supervise realizes that steps are as follows:
1, system is established: CA generates signature public private key pair, and discloses the public key of oneself;KDC definition describes each supervision department The complete attribute set of function generates the common parameter of ABE algorithm and can distribute the main private key of key for supervision department, formulates Common parameter and regulatory rule are sent at CA by regulatory rule.
2, distribute administrative key: when there is new supervision department to be added, KDC first determines whether its property set met, then Corresponding key is generated for it using the main private key of oneself, the key is finally sent to the supervision department in a secured manner.
3, block chain is run: being participated in jointly by ordinary node.Identical with traditional block chain is that block chain is still to have The wound generation block of special construction then by a series of there is mutually isostructural block to form with cryptographic Hash link, save as the beginning It can mutually transfer accounts between point, and accounting nodes be generated by common recognition mechanism, new block is written, and the block has recorded one The All Activity data occurred in the section time;Unlike, the present invention in data structure by increasing user's registration information table Monitoring function is realized, being contained mainly in a period of time interior all new node registration informations generated, (specific producing method is shown in 4, Node registry), which can be packaged into new block and final entry is on block chain.Therefore, by searching for block chain, Transaction data can be not only inquired, registration information can also be inquired.
4, it Node registry: when there is new node to wish that the operation of block chain is added, is interacted with CA complete identity first Certification, and provide oneself will be run in block chain used in account information, such as public key or wallet address.CA is utilized and this The identity information obtained after node interaction, the regulatory rule judgement provided in conjunction with KDC have the supervision department of what attribute The true identity information of the node can be obtained at the following a certain moment, and be obtained according to this judgement using the ABE algorithm for encryption information Ciphertext after must encrypting;Then it is generated using the signature private key of oneself about node account information and ABE encrypted cipher text Signature, and encapsulate the registration information of node account information, ABE encrypted cipher text, signature as the node;Finally by registration information public affairs Cloth is into block chain network.All registered nodes can verify the validity of signature therein after receiving registration information, and All new transaction data and registration information generated in a period of time are generated into new area by certain data structure encapsulation Block.After registration information is written into block chain, then new node registration is completed.Later, which can then be normally added area The operation of block chain.
5, supervise trading activity: supervision department monitors the trading activity of block chain network by the method for oneself, once there is account The note in block chain about the node is then searched for there are a large amount of or a large sum of transaction is generated in abnormal behaviour, such as short time in family Volume information verifies the validity wherein signed and decrypts the true identity that ABE encrypted cipher text obtains the node.
The advantages of the present invention over the prior art are that:
1, compared with traditional block chain, invention increases monitoring functions, solve existing block catenary system without supervision function The shortcomings that energy.Using the existing password technology of existing ABE, signature, only block chain data structure and node access are modified in part Rule can reach the purpose of supervision customer transaction behavior.To realize that the supervision behaviors such as anti money washing provide basis.
2, compared with existing patent, the present invention only encrypts user real identification, and the entity of permission can not decrypt note Its true identity of volume acquisition of information, on the one hand protects the anonymity of ordinary user, another aspect supervision department passes through monitoring net Transaction lockable exception account in network, once the account that notes abnormalities can be by search block chain to obtain its true body Part, accomplish real-time monitoring.
Detailed description of the invention
Fig. 1 is present system composition block diagram;
Fig. 2 is data structure diagram, i.e. the concrete mode figure of block chain storage;
Fig. 3 is new node register flow path figure, that is, authentication and open registration information detail flowchart;
Fig. 4 is supervision flow figure.
Specific embodiment
The following describes the present invention in detail with reference to the accompanying drawings and embodiments.
As shown in Figure 1, this system all participation entities divide according to the part of function it is as follows:
1, authentication center (CA) carries out authentication to ordinary node, generates the registration information about the node, and openly To block chain network, the registration for being written into and completing node in block chain is waited;
2, Key Distribution Center (KDC) formulates regulatory rule, the complete property set of supervision department is defined, according to supervision department Specific object be its distribute key;
3, supervision department, obtains key from KDC, and monitoring block chain network transaction then utilizes once there is abnormal account The true identity of Node registry acquisition of information node in the key decryption block chain of oneself;
4, ordinary node is interacted with CA, addition block chain operation after carrying out authentication, completing registration.
Further, a block chain backup can be locally stored in all ordinary nodes, supervision department, and same in real time Walk the new data in block chain network.
Based on the above entity, present system realizes following functions:
1, system is established
CA generates the public private key pair of signature, and discloses the public key of oneself;The system that KDC runs CP-AB-KEM scheme first Initialization algorithm, generates the open parameter PK and main private key MSK of oneself, and definition describes the complete property set of each supervision department's function U is closed, formulation regulatory rule describes the node that there is the department of what attribute can supervise what identity, and selection is suitable symmetrically to be added Close algorithm (AES) is used as DEM algorithm, and discloses oneself open parameter, complete attribute set, regulatory rule and the DEM of selection Algorithm;It generating block chain and creates generation block, preselected node is chosen in the configuration (being no different with traditional block chain) including completing block chain, Completion registration is interacted by them and with CA, generates preselected node registration table.
Specifically, the system initialization algorithm of CP-AB-KEM scheme are as follows: non-right according to default rule selection one first Bilinear map D=(the G of title1,G2,GT, e, p), wherein G1,G2,GTIt is three different groups, p is these order of a group numbers, is taken as Prime number, e are asymmetrical bilinear map e:G1×G2→GT, can be regarded as a function, input G respectively1In a member Element and G2In an element, that is, exportable GTIn element.The attribute description U of system is by finite field Zp(in integer item The residual class ring of mould p) in element constitute, i.e., by the attribute Z in all real worldspIn an element represent, and One attribute uniquely corresponds to such element, and all corresponding relationships are also recorded in attribute description U.Then algorithm is random Choose group G1In generation member g, h, u, v, w, randomly select crowd G2In generation member z, choose finite field ZpIn arbitrary random number α generates G using above-mentioned asymmetrical bilinear map eTOn element e (g, z), finally e (g, z) is done using random number α Module exponent operation obtains e (g, z)α.By the D of all above-mentioned selections or generation, g, h, u, v, w, z, e (g, z)αAs open parameter PK is denoted as PK=(D, g, h, u, v, w, z, e (g, z)α), and it is sent to all users;Simultaneously by PK, α is as main private key MSK, is denoted as MSK=(PK, α), is safely saved by KDC.
2, distribute administrative key
When there is new supervision department to be added, KDC first determines whether its attribute set met Wherein A1,A2,...,AkBelong to finite field Zp, represent the supervision department and possess k attribute in total, attribute set S is above-mentioned complete The a subset of full attribute set U;Then KDC is generated using the key of the main private key MSK operation CP-AB-KEM scheme of oneself and is calculated Method generates corresponding key SK for it, and key is finally sent to the supervision department in a secured manner.
Specifically, the key schedule of CPA-AB-KEM scheme are as follows: the main private key MSK and user for inputting KDC meet Attribute setFrom finite field ZpIn randomly select k+1 value r, r1,r2,...,rk, use first Main private key cc does module exponent operation to generation member g and obtains gα, module exponent operation is done to generation member w with random number r and obtains wr, to above-mentioned Two parts do multiplication and obtain part of key K0=gαwr;Then it is done module exponent operation with random number r to obtain part close to being generated member z Key K1=zr, it is similar with the above process for i=1,2 ..., k, calculate separately part of keyAnd part of key(wherein-r indicates r in finite field ZpIn additive inverse), finally by S, K0,K1,{Ki,2,Ki,3, i= 1,2 ..., k is safely saved together as the private key SK of user by user oneself, and is denoted by SK=(S, K0,K1, {Ki,2,Ki,3), i=1,2 ..., k.
3, block chain is run
It is participated in jointly by ordinary node.Identical with traditional block chain is that block chain is still with the wound with special construction Generation block then by a series of there is mutually isostructural block to form with cryptographic Hash link as the beginning, can phase between node It mutually transfers accounts, and accounting nodes is generated by common recognition mechanism, new block is written, and the block has recorded and occurs whithin a period of time All Activity data;Unlike, the present invention realizes supervision function by increasing user's registration information table in data structure Can, being contained mainly in a period of time interior all new node registration informations generated, (specific producing method is shown in that 4, new node is infused Volume), which can be packaged into new block and final entry is on block chain.It therefore, not only can be with by searching for block chain Transaction data is inquired, registration information can also be inquired.Specific data structure is as shown in Figure 2: block chain is that had by a series of The block of chronological order is linked in the way of cryptographic Hash to be formed, to create generation block as the beginning.Creating generation block includes to match Confidence breath and preselected node registration table, configuration information include the configuration information of all about block chain, as at the beginning of common recognition mechanism, POW Beginning difficulty etc., preselected node registration table include the registration information that may participate in the node of operation at the beginning of block catenary system is established, Its structure is consistent with the user's registration table in other blocks.In addition to creating generation block, each block includes block sequence number, block Head, block size, block Hash, user's registration table and data set.User's registration table includes all new nodes whithin a period of time The information of registration, each registration information by node public key PK, the ABE encrypted cipher text of true identity information (by Head, The part AB-KEM and DEM tri- forms, and wherein Head marks in the ciphertext length of AB-KEM and DEM respectively so that guarantee can be just Really decryption), CA connects composition to the signature of preceding two parts information with the private key of oneself.Data set includes all in a period of time Data (orderly).Block head records father's block Hash, timestamp, Merkle root.Wherein, Merkel root be by all data by The value of the root node of the structure composition of Merkle tree.It is rapidly tested using Merkle tree construction without downloading all data Demonstrate,proving the block, there are some specific data.
4, new node is registered
Detailed process is as shown in Figure 3.When there is new node to wish that the operation of block chain is added, registration is initiated to CA first and is asked It asks;Then authentication is carried out to new node by CA, obtains its true identity information;New node provides oneself to CA will be Account information used in the operation of block chain, the present invention is using public key as example, so node needs to generate public key PKnode, and Send it to CA;CA generates corresponding access structure (M, ρ) according to the real information of the KDC regulatory rule sent and node, The ciphertext about session key key is generated using the Encryption Algorithm of the open parameter PK operation CP-AB-KEM received from KDC CT, and use session key key as the true identity information of the private key encryption new node of aes algorithm, and private with the signature of oneself Key generates the signature about PK and encapsulation ciphertext, forms registration information;Then CA needs open registration information existing to block chain Network in;All registered nodes can verify the validity of signature therein after receiving registration information, and when by one section All new transaction data and registration information of interior generation generate new block by certain data structure encapsulation;Work as registration After information is written into block chain, then new node registration is completed, and by CA notice new node, it succeeds in registration.Later, the node The operation of block chain can be then normally added.
Specifically, the Encryption Algorithm of CP-AB-KEM are as follows: input common parameter PK, linear privacy sharing access structure (M, ρ), wherein M be a l row n column matrix, ρ be one mapping, an attribute is mapped as by any a line in matrix M.It is first First, at random from finite field ZpMiddle selection random number s and y2,...,yn, column vector is set(T is to seek row vector (s,y2,...,yn) transposition), calculate shared column vector about random number s It indicates matrix M And vectorIt is multiplied, then from finite field ZpMiddle selection random number t1,t2,...,tk, session key key=e (g, z)αs(αs Indicate that α is multiplied with s), calculating section ciphertext C0=zsPart ciphertext is calculated separately for j=1,2 ..., l And part ciphertext(attribute of the jth row mapping of ρ (j) representing matrix M ,-tjIndicate random number tjLimited Domain ZpIn additive inverse), calculating section ciphertextSetting ciphertext is CT=((M, ρ), C0,{Cj,1,Cj,2,Cj,3), Wherein j=1,2 ..., l.
5, user behavior is supervised
Detailed process is as shown in Figure 4.Supervision department monitors the trading activity of block chain network by the method for oneself, once have There are a large amount of or a large sum of transaction (a large amount of many transactions of finger, and a large sum of are generated in abnormal behaviour, such as short time for account Refer to the with large amount of a transaction), then search for the registration information in block chain about the node.When searching out registration information, First verify that the validity wherein signed, be verified after just according to the Head of ABE encrypted cipher text mark distinguish wherein KEM with The part DEM, the part decipherment algorithm decryption KEM for then running CP-AB-KEM obtain session key key, and with the session key Key as AES decrypts the true identity that the part DEM therein obtains the node.This example is not related to specific monitoring party Method, supervision department can determine that behavior is abnormal account according to the method and rule of oneself, this example, which only provides, once to be sentenced It is set to the method how abnormal account obtains its true identity.
Specifically, CP-AB-KEM decipherment algorithm are as follows: input and access structure (M, ρ) corresponding ciphertext CT and and property set It closesCorresponding key SK=(S, K0,K1,{Ki,2,Ki,3), i=1,2 ..., k.If property set Conjunction is unsatisfactory for access strategy, and algorithm terminates.Otherwise, in the attribute set that all row vectors of matrix M map, selection and attribute The intersection of set S is I={ i: ρ (i) ∈ S }, calculates in I every i row matrix row to MiCoefficient ωiIt is set to meet following equalitiesWherein MiIt is the i-th row of matrix M, ωi·MiIndicate coefficient ωiNumber multiplies row matrix vector Mi, then Calculate encapsulation keyWherein j is attribute ρ (i) Index in S indicates GTIn multiplication, long horizontal line indicates group GTIn division, top is dividend, and lower section is divisor.Its Middle divisorExpression first calculates separately all elements i in set ICalculated result is all multiplied again;And eachIt is then to calculate separately out e first with above-mentioned asymmetrical bilinear map e (Ci,1,K1), e (Ci,2,Kj,2), e (Kj,3,Ci,3), a G is obtained after then it is all multipliedTIn element, finally utilize ωiModule exponent operation is done to the element to obtainFinally, output encapsulation key Key=e (g, z)αs
Above embodiments are provided just for the sake of the description purpose of the present invention, and are not intended to limit the scope of the invention.This The range of invention is defined by the following claims.It does not depart from spirit and principles of the present invention and the various equivalent replacements made and repairs Change, should all cover within the scope of the present invention.

Claims (2)

1. the block catenary system that one kind can supervise, it is characterised in that: including authentication center (CA), Key Distribution Center (KDC), prison Pipe portion door and ordinary node;
Authentication center CA, possess generate signature private key, to ordinary node carry out authentication, obtain its true identity information and Account information for the operation of block chain;By true identity information according to given regulatory rule ABE algorithm for encryption, generate Corresponding ciphertext;It generates about node account information and the signature of ABE encrypted cipher text;Encapsulation node account information, ABE encryption are close Text, signature become the registration information of the node;Registration information is published in block chain network, is waited by existing node verification simultaneously Block chain is written to complete Node registry;
Key Distribution Center KDC, definition describe the complete attribute set of each supervision department's function, generate the public ginseng of ABE algorithm Number and the main private key that key can be distributed for supervision department;Formulating regulatory rule is supervision department's supervision tool with what attribute There is the node of what identity;Common parameter and regulatory rule are sent at CA, judge the property set that supervision department meets, and benefit It is that supervision department generates corresponding private key with main private key;
Supervision department obtains the private key of oneself from KDC, monitors the trading activity in block chain network, if noting abnormalities account, If generating a large amount of or a large sum of transaction in a short time, searches in block chain network and believe about the registration of the exception account Breath, verifies the validity of signature, and decryption ABE encrypted cipher text obtains the true identity information of the exception account;
Ordinary node, by with CA interact complete registration after participate in block chain operation.
2. the block chain method that one kind can supervise, it is characterised in that: realize that steps are as follows:
(1) system is established: authentication center CA generates signature public private key pair, and discloses the public key of oneself;Key Distribution Center KDC is fixed Justice describes the complete attribute set of each supervision department's function, generates the common parameter of ABE algorithm and can distribute for supervision department The main private key of key formulates regulatory rule, common parameter and regulatory rule is sent at authentication center CA;
(2) distribute administrative key: when there is new supervision department to be added, Key Distribution Center KDC first determines whether its category met Property collection, be then that it generates corresponding key using the main private key of oneself, the key be finally sent to this in a secured manner Supervision department;
(3) block chain is run: being participated in jointly by ordinary node, New Transaction is generated between node, it then follows common recognition mechanism generates new district Block links all blocks according to certain data structure and forms block chain;
(4) Node registry: when there is new node to wish that the operation of block chain is added, completion is interacted with authentication center CA first Authentication, and providing oneself will the account information used in the operation of block chain;Authentication center CA is utilized to be handed over the node The identity information obtained after mutually, the regulatory rule judgement provided in conjunction with Key Distribution Center KDC have the supervision of what attribute Department just can obtain the true identity information of the node at the following a certain moment, and be somebody's turn to do according to this judgement using ABE algorithm for encryption Ciphertext after information acquisition encryption;Then it is generated using the signature private key of oneself and is encrypted about node account information and ABE The signature of ciphertext, and encapsulate the registration information of node account information, ABE encrypted cipher text, signature as the node;It finally will registration For information announcement into block chain network, all registered nodes can verify having for signature therein after receiving registration information Effect property, and all new transaction data and registration information generated in a period of time are generated by certain data structure encapsulation New block, after registration information is written into block chain, then new node registration is completed, and later, which then can be normal The operation of block chain is added;
(5) supervise trading activity: supervision department monitors the trading activity of block chain network by the method for oneself, once there is account to deposit In abnormal behaviour, then the registration information in block chain network about the abnormal nodes is searched for, verifies the validity wherein signed simultaneously Decryption ABE encrypted cipher text obtains the true identity of the abnormal nodes.
CN201710873134.8A 2017-09-25 2017-09-25 A kind of block catenary system supervised and method Active CN107483198B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710873134.8A CN107483198B (en) 2017-09-25 2017-09-25 A kind of block catenary system supervised and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710873134.8A CN107483198B (en) 2017-09-25 2017-09-25 A kind of block catenary system supervised and method

Publications (2)

Publication Number Publication Date
CN107483198A CN107483198A (en) 2017-12-15
CN107483198B true CN107483198B (en) 2019-11-12

Family

ID=60585958

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710873134.8A Active CN107483198B (en) 2017-09-25 2017-09-25 A kind of block catenary system supervised and method

Country Status (1)

Country Link
CN (1) CN107483198B (en)

Families Citing this family (76)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109981547B (en) * 2017-12-28 2022-06-07 航天信息股份有限公司 Logistics transmission method and device based on block chain
CN110071898B (en) * 2018-01-22 2021-06-04 本无链科技(深圳)有限公司 Method for removing center to detect node validity
GB201803706D0 (en) * 2018-03-08 2018-04-25 Nchain Holdings Ltd Computer-implemented system and method
CN108615144A (en) * 2018-04-11 2018-10-02 北京奇虎科技有限公司 Identity information processing method, device and the computing device of block chain node
CN109146678B (en) * 2018-04-18 2022-07-05 北京天德科技有限公司 Cross-border supervision reporting system based on traditional block chain
CN108876363B (en) * 2018-04-18 2022-02-11 北京天德科技有限公司 Cross-border supervision report system based on double-chain architecture block chain
CN108520464B (en) * 2018-04-18 2022-05-10 北京天德科技有限公司 Real-time automatic supervision reporting system based on traditional block chain
CN108460598B (en) * 2018-04-18 2022-05-10 北京天德科技有限公司 Real-time automatic supervision reporting system based on double-chain architecture block chain
CN110417775B (en) * 2018-04-27 2021-03-26 腾讯科技(深圳)有限公司 Virtual article transaction method and device based on block chain and server
CN108647523B (en) * 2018-04-28 2020-01-17 华南理工大学 Block chain-based electronic certification system and certificate storage and file recovery method
CN108898475B (en) * 2018-05-08 2021-04-06 众安信息技术服务有限公司 Attribute encryption-based alliance block chain credit implementation method and system
CN108712409B (en) * 2018-05-09 2021-05-25 广西创轩科技有限公司 Electronic bill transaction system based on private block chain
CN110475249B (en) * 2018-05-10 2021-08-20 华为技术有限公司 Authentication method, related equipment and system
CN111898148B (en) * 2018-05-11 2024-08-20 创新先进技术有限公司 Information supervision method and device based on blockchain
CN108933778A (en) * 2018-05-23 2018-12-04 广州西麦科技股份有限公司 Product trading monitoring method, device and storage medium based on system for cloud computing
WO2019227337A1 (en) * 2018-05-30 2019-12-05 重庆小雨点小额贷款有限公司 Security management method based on block chain, related device, and storage medium
CN108989022B (en) * 2018-06-08 2021-11-09 中国科学院计算技术研究所 Intelligent object shared key establishment method and system based on block chain
CN109064324A (en) * 2018-06-15 2018-12-21 重庆金融资产交易所有限责任公司 Method of commerce, electronic device and readable storage medium storing program for executing based on alliance's chain
CN108964903B (en) * 2018-07-12 2021-12-14 腾讯科技(深圳)有限公司 Password storage method and device
CN108900528B (en) * 2018-07-24 2021-08-31 中国联合网络通信集团有限公司 Block chain real-name authentication method, device, equipment and storage medium
CN109190384B (en) * 2018-07-26 2022-02-22 百色学院 Multi-center block chain fusing protection system and method
CN109274481B (en) * 2018-08-01 2020-03-27 中国科学院数据与通信保护研究教育中心 Data traceable method of block chain
CN110827029A (en) * 2018-08-09 2020-02-21 普华云创科技(北京)有限公司 User management method, system and computer readable storage medium based on block chain
CN109241016B (en) * 2018-08-14 2020-07-07 阿里巴巴集团控股有限公司 Multi-party security calculation method and device and electronic equipment
CN109005186B (en) * 2018-08-20 2020-12-11 杭州复杂美科技有限公司 Method, system, equipment and storage medium for isolating user identity information
CN109194487A (en) * 2018-09-13 2019-01-11 全链通有限公司 Construction method and system are traded or communicated to my real name based on block chain
CN109242467B (en) * 2018-09-17 2021-01-01 金蝶软件(中国)有限公司 Block chain-based networking method and device, computer equipment and storage medium
CN109361738A (en) * 2018-09-25 2019-02-19 安徽灵图壹智能科技有限公司 A kind of identity authorization system and method based on block chain network
US11263630B2 (en) * 2018-10-12 2022-03-01 Blackberry Limited Method and system for single purpose public keys for public ledgers
CN109447742A (en) * 2018-10-16 2019-03-08 广东工业大学 A kind of order processing method and relevant apparatus
CN111106930B (en) * 2018-10-25 2023-03-14 北京国盾量子信息技术有限公司 Block chain network construction method and device and block chain network system
CN109949882A (en) * 2018-11-15 2019-06-28 陕西医链区块链集团有限公司 Medical block chain data storage system
CN111192044A (en) * 2018-11-15 2020-05-22 富邦金融控股股份有限公司 Block chain network system with supervision mechanism and implementation method thereof
CN109558742B (en) * 2018-11-16 2021-05-18 海南新软软件有限公司 Information validity detection method and device based on block chain
CN109472601A (en) * 2018-11-21 2019-03-15 北京蓝石环球区块链科技有限公司 The block chain framework of privacy transaction can be supervised
CN109784918A (en) * 2018-12-15 2019-05-21 深圳壹账通智能科技有限公司 Information measure of supervision, device, equipment and storage medium based on block chain
CN109697670B (en) * 2018-12-29 2021-06-04 杭州趣链科技有限公司 Public link information shielding method without influence on credibility
CN109741482B (en) * 2019-01-08 2022-01-25 京东方科技集团股份有限公司 Information sharing method and device
CN109714173B (en) * 2019-01-25 2020-09-29 北京邮电大学 Block chain-based Internet of things authentication method and device
CN110611647A (en) * 2019-03-06 2019-12-24 张超 Node joining method and device on block chain system
CN109981675B (en) * 2019-04-04 2021-10-26 西安电子科技大学 Identity information protection method for digital identity authentication and attribute encryption
CN109993659A (en) * 2019-04-17 2019-07-09 上海沄界信息科技有限公司 A kind of internet trading system, method and apparatus
CN110289951B (en) * 2019-06-03 2022-09-13 杭州电子科技大学 Shared content supervision method based on threshold key sharing and block chain
CN110288480B (en) * 2019-06-28 2023-06-09 深圳前海微众银行股份有限公司 Private transaction method and device for blockchain
CN112152982B (en) * 2019-06-28 2022-01-07 华为技术有限公司 Processing method, device and medium of block chain information
CN110503560A (en) * 2019-09-27 2019-11-26 深圳市网心科技有限公司 Data trade method, data trade apparatus and system based on block chain
CN110570313A (en) * 2019-09-27 2019-12-13 深圳市网心科技有限公司 data transaction method, data transaction device and system based on block chain
CN110809000B (en) * 2019-11-12 2022-02-18 中钞信用卡产业发展有限公司杭州区块链技术研究院 Service interaction method, device, equipment and storage medium based on block chain network
CN111010280B (en) * 2019-12-09 2021-07-30 中山大学 Group signature-based construction method for monitorable block chain
CN112131615B (en) * 2020-02-10 2021-04-13 北京天德科技有限公司 Data storage mechanism supporting supervision
CN111277412B (en) * 2020-02-18 2023-03-24 暨南大学 Data security sharing system and method based on block chain key distribution
CN111355578B (en) * 2020-03-16 2023-04-11 麦希科技(北京)有限公司 Public key encryption and decryption method and system with double monitoring parties
CN111586010B (en) * 2020-04-29 2022-04-01 中国联合网络通信集团有限公司 Key distribution method and device
CN111598701B (en) * 2020-05-22 2023-09-19 深圳市迅雷网络技术有限公司 Information monitoring method, system, equipment and storage medium
CN111797427B (en) * 2020-06-04 2024-07-30 中国科学院信息工程研究所 Blockchain user identity supervision method and system giving consideration to privacy protection
CN111709053B (en) * 2020-06-11 2024-04-05 中国工商银行股份有限公司 Operation method and operation device based on loose coupling transaction network
CN111859444B (en) * 2020-06-12 2022-03-01 中国科学院信息工程研究所 Block chain data supervision method and system based on attribute encryption
CN111797164A (en) * 2020-06-24 2020-10-20 北京荷月科技有限公司 Cross-chain transaction supervision method and system based on block chain
CN112085502B (en) * 2020-09-09 2023-10-13 江苏大学 Lightweight block chain supervision method and system based on edge calculation
CN112115199A (en) * 2020-09-16 2020-12-22 安徽长泰信息安全服务有限公司 Data management system based on block chain technology
CN112364387B (en) * 2020-10-23 2024-04-02 华南理工大学 Identity authentication method and device based on blockchain network, medium and equipment
CN112532584B (en) * 2020-10-30 2022-08-19 重庆恢恢信息技术有限公司 Construction site information security encryption working method according to block chain network
CN112511309B (en) * 2020-11-19 2022-07-08 从法信息科技有限公司 Method and device for directionally sharing supervision-oriented information on block chain and electronic equipment
CN112565412B (en) * 2020-12-03 2022-11-04 重庆新致金服信息技术有限公司 Data transaction method, system and equipment based on block chain
CN112596957A (en) * 2020-12-29 2021-04-02 东软集团股份有限公司 Method and device for block chain, storage medium and electronic equipment
CN112765650B (en) * 2021-01-05 2023-11-10 西安电子科技大学 Attribute-based searchable encrypted blockchain medical data sharing method
CN113206744B (en) * 2021-04-29 2024-04-02 杭州趣链科技有限公司 Cross-chain transaction supervision method, device, equipment and storage medium
CN113507511B (en) * 2021-06-25 2022-08-19 中标慧安信息技术股份有限公司 Internet of things data interaction trace-keeping method and system based on block chain
CN113538042B (en) * 2021-06-30 2023-09-22 杭州电子科技大学 Block chain-based online advertisement click fraud monitoring and preventing method
CN113570373B (en) * 2021-09-23 2022-02-11 北京理工大学 Responsibility pursuing transaction method and system based on block chain
CN114329610B (en) * 2021-12-29 2024-08-27 浙江吉利控股集团有限公司 Block chain privacy identity protection method, device, storage medium and system
CN114663234A (en) * 2022-03-25 2022-06-24 广东启链科技有限公司 System and method for supervising abnormal transactions on block chain
CN114884702A (en) * 2022-04-19 2022-08-09 海南大学 Identity registration method, identity authentication method and identity management system
CN115118751B (en) * 2022-07-15 2024-04-19 广东浪潮智慧计算技术有限公司 Blockchain-based supervision system, method, equipment and medium
CN116720839B (en) * 2023-08-07 2023-10-17 成都创一博通科技有限公司 Financial information management method based on blockchain technology and supervision system thereof
CN117540432B (en) * 2024-01-05 2024-03-19 河北数港科技有限公司 Data privacy protection method and system for Internet

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017027900A1 (en) * 2015-08-14 2017-02-23 Identitii Pty Ltd A computer implemented method for processing a financial transaction and a system therefor

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106503994B (en) * 2016-11-02 2020-07-28 西安电子科技大学 Block chain private data access control method based on attribute encryption
CN107171806B (en) * 2017-05-18 2020-04-10 北京航空航天大学 Mobile terminal network key negotiation method based on block chain
CN107301521A (en) * 2017-06-26 2017-10-27 深圳前海华深安信物联技术有限公司 Strengthen the method for warehouse receipt transaction security in a kind of warehouse receipt system based on block chain

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017027900A1 (en) * 2015-08-14 2017-02-23 Identitii Pty Ltd A computer implemented method for processing a financial transaction and a system therefor

Also Published As

Publication number Publication date
CN107483198A (en) 2017-12-15

Similar Documents

Publication Publication Date Title
CN107483198B (en) A kind of block catenary system supervised and method
Garman et al. Accountable privacy for decentralized anonymous payments
Sun Privacy protection and data security in cloud computing: a survey, challenges, and solutions
Zhu et al. TBAC: Transaction-based access control on blockchain for resource sharing with cryptographically decentralized authorization
CN107864139A (en) A kind of cryptography attribute base access control method and system based on dynamic rules
CN109417478A (en) Multilink cryptologic block chain
CA2808369C (en) System for protecting an encrypted information unit
CN109559117A (en) Block chain contract method for secret protection and system based on the encryption of attribute base
CN110474893A (en) A kind of isomery is across the close state data safety sharing method of trust domain and system
CN111008836A (en) Privacy safe transfer payment method, device and system based on monitorable block chain and storage medium
CN108881314A (en) Mist calculates the method and system for realizing secret protection under environment based on CP-ABE ciphertext access control
CN103401839B (en) A kind of many authorization center encryption method based on attribute protection
US20080267394A1 (en) Identity-Based Key Generating Methods and Devices
CN110011781A (en) A kind of homomorphic cryptography method encrypting and support zero-knowledge proof for transaction amount
Yuan et al. Blockchain with accountable CP-ABE: How to effectively protect the electronic documents
John et al. Provably secure data sharing approach for personal health records in cloud storage using session password, data access key, and circular interpolation
Wang et al. A regulation scheme based on the ciphertext-policy hierarchical attribute-based encryption in bitcoin system
CN114866289B (en) Privacy credit data security protection method based on alliance chain
CN115964751A (en) Data security storage and access control method based on attribute classification and grading
Gajmal et al. Blockchain-based access control and data sharing mechanism in cloud decentralized storage system
CN113938281B (en) Quantum security identity issuing system, issuing method and using method
Wu et al. The survey on the development of secure multi-party computing in the blockchain
Gou et al. A novel quantum E-payment protocol based on blockchain
Luo et al. Accountable data sharing scheme based on blockchain and SGX
Shen et al. BMSE: Blockchain-based multi-keyword searchable encryption for electronic medical records

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant