CN109447602A - A kind of mixed coin method of the collaborative distributed digital cash of multicenter that protecting privacy - Google Patents
A kind of mixed coin method of the collaborative distributed digital cash of multicenter that protecting privacy Download PDFInfo
- Publication number
- CN109447602A CN109447602A CN201811203714.7A CN201811203714A CN109447602A CN 109447602 A CN109447602 A CN 109447602A CN 201811203714 A CN201811203714 A CN 201811203714A CN 109447602 A CN109447602 A CN 109447602A
- Authority
- CN
- China
- Prior art keywords
- digital cash
- committee
- hun
- coin
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/42—Confirmation, e.g. check or permission by the legal debtor of payment
Landscapes
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Engineering & Computer Science (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The present invention relates to a kind of collaborative distributed digital cash of multicenter for protecting privacy to mix coin method, belongs to Computer Applied Technology.The method of the present invention includes: that digital cash fund is transferred to Hun Bi committee address by (1) digital cash user;(2) transaction of Hun Bi committee confirmation digital cash user, and value is blinded to digital cash drawing sequence number and is signed;(3) mixed coin committeeman is blinded value signature to digital cash drawing sequence number and goes to blind by digital cash user, and is sent to the Hun Bi committee and taken out fund to the request of final gathering address;(4) the Hun Bi committee checks to take out fund to generate and sign to the request of final gathering address and produce to the transaction of final gathering address.The present invention is using multiple mixed coin center cooperations, effective protection user security and privacy and avoids center single point failure;Without cooperating, effectively reducing cost and improving efficiency between participant, while being effective against Denial of Service attack.
Description
Technical field
The present invention relates to a kind of collaborative distributed digital cash of multicenter for protecting privacy to mix coin method, more particularly to a kind of
The distributed digital currency of multicenter cooperative achievement mixes coin method, belongs to Computer Applied Technology.
Background technique
Middle acute hearing is first digital cash based on block chain in the bit coin of invention in 2008.Hereafter, Lay spy coin, with
The too appearance in mill etc. is further enriched and perfect digital cash ecology.Due to have decentralization, it is transnational, without trust etc.
Feature, digital cash use scope constantly expand, including China with Britain including government start to consider that legal digital cash is set
Meter.
However, most of digital cash haves the defects that privacy of user can not be protected.With the most widely used bit coin
For, although being taken as a kind of anonymous payment means at the beginning of release, the practical secret protection that can be provided extremely has
Limit.Bit coin protects privacy of user using assumed name mechanism, without using true identity when user transfers accounts, therefore only hands over from bit coin
It can not easily learn the identity of user.However, to ensure that the characteristic of decentralization, bit coin must safeguard that a public account book is (logical
Cross the realization of block chain), all bit coin transaction are maintained on block chain.Anyone can access bit coin block chain, attack
The person of hitting can identify the bit coin address for belonging to same user by analysis transaction.Once the true identity of user and certain ratio
Special coin address link, attacker can spy upon user's All Activity behavior.Therefore, in the actual use of such digital cash
In, the All Activity record of user is all open to be inquired.
To solve drawbacks described above, design and deployment digital cash secret protection scheme are most important.A solution is
The identity of fund holder is obscured by mixing coin.Existing mixed coin scheme is broadly divided into two kinds, one is the scheme of decentralization,
Mixed coin process is completed in peer node environment, this mode efficiency is more low, and influences vulnerable to Denial of Service attack;Separately
One is completing mixed coin using mixed coin center, but needing to design complicated agreement ensures that mixed coin center can not steal fund, nothing
Method link input and output.For the defect for solving the mixed coin scheme of tradition, we have invented this method, the major technique being related to includes
Block chain technology, Boneh-Lynn-Shacham (BLS) signature algorithm etc..
Firstly, block chain technology has been applied in all kinds of digital cash since this acute hearing invention bit coin in 2008,
It is substantially a kind of distributed data base.Block chain is made of a series of blocks (block), is included at least in each block
" previous block Hash Value " and " this block data Mei Keer tree root (Merkle root) " two parts.Wherein, previous block hash
Value is considered as being directed toward the pointer of a block, it is ensured that the sequencing of block on block chain, Mei Keer tree root ensure this
The data of block will not be tampered.Block chain can provide anti-tamper account book for distributed system, as long as holding last
The Hash Value of a block, so that it may verify all data on whole block chain.
Secondly, BLS algorithm is that a kind of short signature that Boneh, Lynn and Shacham are proposed on ASIACRYPT 2001 is calculated
Method, under same safety, signature length is only the half of DSA algorithm.On PKC 2003, Boldyreva is proposed
Based on the blind signature scheme of BLS algorithm, signer is given after allowing user to blind message m and is signed, when user takes
After the signature for blinding message, it can be gone to blind, obtain the signature to origination message m, to allow to obtain while not revealing m
To signature.Boneh, Drijvers and Neven were in compact multi-signature (Compact of the proposition based on BLS algorithm in 2018
Multi-Signatures) scheme allows multiple entities to synthesize a single signature to the signature of same message, more for having
The case where a participant, significantly reduces signature total length.
Summary of the invention
The purpose of the present invention is to propose to it is a kind of protect privacy the collaborative distributed digital cash of multicenter mix coin method, with gram
Deficiency of the prior art in terms of efficiency and cost is taken, guarantees that amount of money transfer of the user on block chain can not be supervised by third party
Control can be used for solving the problems, such as user's identity exposure in process of exchange.
The collaborative distributed digital cash of multicenter of protection privacy proposed by the present invention mixes coin method, comprising the following steps:
(1) digital cash fund is transferred to Hun Bi committee address, detailed process is as follows:
(1-1) generates a digital cash drawing sequence number, comprising the following steps:
(1-1-1) the first digital cash user sequentially generates private key sk using digital cash address generating methodend, it is public
Key pkendWith final gathering address addr, and store spare;
Or second digital cash user using digital cash address generating method sequentially generate private key skend, public key pkend
With final gathering address addr, and the final gathering address addr of generation is sent to the first digital cash user;
(1-1-2) calculates digital cash drawing sequence number sn according to the final gathering address addr of above-mentioned steps (1-1),
Sn ← H (addr), wherein H () represents hash algorithm, any input is mapped in p rank cyclic group, g is the generation of cyclic group
Member;
Random number r is chosen from { 1,2 ..., p-1 }, digital cash drawing sequence number is obtained and blinds value
(1-2) generates the transaction that Hun Bi committee address is transferred to from the first digital cash user, comprising the following steps:
(1-2-1) the first digital cash user trades according to existing digital cash and exports, and generates a digital cash and hands over
Easy txin, digital cash transaction txinOutput be address that the Hun Bi committee specifies, and be embedded in above-mentioned steps in this transaction
The digital cash drawing sequence number of (1-2) blinds value
(1-2-2) the first digital cash user is to digital moneytary operations txinSignature, signature is denoted asAnd it will It is sent to digital cash block chain, and will be withCorresponding identification code is denoted as txid;
(1-3) issues the request of the transaction of verifying above-mentioned steps (2) to the Hun Bi committee, and the first digital cash user will It is sent to the Hun Bi committee, waits the confirmation of the Hun Bi committee and signature;
(2) the Hun Bi committee confirms the transaction of above-mentioned first digital cash user, and blind to digital cash drawing sequence number
Change value is signed, comprising the following steps:
(2-1) the Hun Bi committee confirms the transaction of above-mentioned first digital cash user:
Member in the Hun Bi committee receives messageAfterwards, it is obtained from the block chain of Hun Bi committee internal maintenance
Take the list comprising All Activity identification code, and txid judged, if txid not in above-mentioned transaction identification code list,
It willOther all members being forwarded in the Hun Bi committee wait transaction tx corresponding with txidinIn number
It is identified on currency block chain, and carries out step (2-2), if txid is reported in the inside block chain of Hun Bi committee maintenance,
Or the confirmation of digital cash block chain waits time-out, then terminates operation;
(2-2) the Hun Bi committee checks the transaction of above-mentioned first digital cash user:
(2-2-1) mixes coin committeeman and checks txinOutput address, if txinOutput be the Hun Bi committee ground
Location then carries out step (2-2-2), if txinOutput be not the Hun Bi committee address, then terminate operation;
(2-2-2) mixes coin committeeman and checks txinThe output amount of money, if to meet the setting of the Hun Bi committee mixed for the output amount of money
Coin requirement, then carry out step (2-2-3), if the output amount of money is unsatisfactory for the mixed coin requirement of Hun Bi committee setting, terminates operation;
(2-2-3) mixes coin committeeman and checks txinIn embedding data, if txinIt is embedded in and is only embedded inThen into
Row step (2-3), if txinIt is not embedded intoOr be embedded in other data, then terminate operation;
(2-3) mixes coin committeeman and blinds value signature to digital cash drawing sequence number:
Mixed coin committeeman blinds value to digital cash drawing sequence numberIt signs, is signedWherein i
Coin committeeman number is mixed for this, and willTriple be sent to the Hun Bi committee it is every other at
Member;
(2-4) mixes coin committeeman and blinds value signature synthesis to digital cash drawing sequence number:
Mixed coin committeeman receives more than n/2'sWhen, using compact multi-signature method by institute
There is signatureSynthesize single signatureAnd all members list list for receiving signature are recorded, it willThe inside block chain of Hun Bi committee maintenance is charged to, it willIt returns
To the first digital cash user, wherein n is all number of members in the Hun Bi committee;
(3) first digital cash users by mixed coin committeeman to digital cash drawing sequence number blind value signature go it is blind
Change, the first digital cash user or the second digital cash user send to the Hun Bi committee and take out fund to final gathering address
Request, comprising the following steps:
Mixed coin committeeman is blinded value signature to digital cash drawing sequence number by (3-1) the first digital cash user
It blinds:
(3-1-1) the first digital cash user receives what mixed coin committeeman returned
It willIt goes to blind, obtains σ,Wherein, pk be the Hun Bi committee public key, r be step (1-1-2) in from 1,
2 ..., p-1 } choose random number;
(3-1-2) if in above-mentioned steps (1-1-1), the final address addr that collects money is generated by the second digital cash user,
Then (addr, σ) is sent to the second digital cash user by the first digital cash user;
(3-2) the first digital cash user or the second digital cash user send to the Hun Bi committee takes out fund to most
The request of gathering address eventually:
If the final address addr that collects money is generated by the first digital cash user, then the first number in above-mentioned steps (1-1-1)
Word currency user submits (σ, addr) to the Hun Bi committee, and the Hun Bi committee is waited to send final gathering ground for corresponding fund
Location addr;
If the final address addr that collects money is generated by the second digital cash user, then the second number in above-mentioned steps (1-1-1)
After word currency user receives (addr, σ) from the first digital cash user, storage (addr, σ) is spare;When the second digital goods
When coin user needs fund to produce, request (σ, addr) is submitted to the Hun Bi committee, and the Hun Bi committee is waited to send fund
To address addr;
(4) the Hun Bi committee checks that the first digital cash user or the second digital cash user take out fund to final and receives
The request of money address, generation are produced to the transaction of final gathering address, and to producing to the trading signature of final gathering address, are wrapped
Include following steps:
(4-1) the Hun Bi committee, which checks, takes out fund to the request of final gathering address, and generates to produce to final and receive
The transaction of money address:
(4-1-1) mixes coin committeeman and receives (σ, addr), and digital cash is calculated according to addr therein and mentions
Money sequence number sn;
The processed list of sequence numbers l in the block chain of inside that (4-1-2) safeguards the Hun Bi committeesnJudged, if (4-1-3) is then entered step, if sn ∈ lsn, then operation is terminated;
(4-1-3) mixes coin committeeman and carries out signature verification to (σ, addr) is received, if σ isLegitimate signature, then
(4-1-4) is entered step, if σ is notLegitimate signature, then terminate operation;
(4-1-4) mixes coin committeeman and generates the transaction tx produced to final gathering address, and the input for the tx that trades is mixed
The address of the coin committee exports as the address addr that finally collects money, (addr, σ, tx) is sent to the every other of the Hun Bi committee
Member;
(4-2) the Hun Bi committee checks the transaction tx produced to final gathering address:
(4-2-1) mixes (addr, σ, the tx) that coin committeeman sends according to other the mixed coin committeemans received, root
Digital cash drawing sequence number sn is calculated according to addr therein;
The processed list of sequence numbers l in the block chain of inside that (4-2-2) safeguards the Hun Bi committeesnJudged, if (4-2-3) is then entered step, if sn ∈ lsn, then operation is terminated;
(4-2-3) carries out signature verification to (σ, addr) is received, if σ isLegitimate signature, then enter step (4-2-
4), if σ is notLegitimate signature, then terminate operation;
(4-2-4) mixes coin committeeman according to all output informations on digital cash block chain, to (addr, σ, tx)
In transaction tx judged, if transaction tx is legal digital cash transaction, (4-3) is entered step, if transaction tx is not
Legal digital cash transaction, then terminate operation;
(4-3) the Hun Bi committee signs to the transaction tx produced to final gathering address:
(4-3-1) mixes coin committeeman and carries out digital goods to the transaction tx produced to final gathering address being verified
Coin block chain trading signature, obtains σtx,i;
(4-3-2) is by (addr, tx, σtx,i) it is sent to the every other member of the Hun Bi committee;
The transaction tx produced to final gathering address is committed to digital cash block chain by (4-4) the Hun Bi committee:
Any member of (4-4-1) the Hun Bi committee receives n/2 or more σtx,iAfterwards, multi-signature σ is obtainedtx:
σtx={ σtx,i}i∈list’,
Wherein list ' is the mixed coin committeeman list that the mixed coin committeeman receives signature;
(4-4-2) is by (sn, tx, σtx) charge to the inside block chain that the Hun Bi committee safeguards;
(4-4-3), which will sign, to be produced to transaction (tx, the σ of final gathering addresstx) it is sent to digital cash block chain.
The collaborative distributed digital cash of multicenter of protection privacy proposed by the present invention mixes coin method, its advantage is that:
1, the method for the present invention this have fund and be transferred to and produce function with fund anonymity, can be used for realizing that single user's is existing
Currency mixes coin or the anonymous payment of multi-user.Further application block chain technology, realization it can mix the coordinations at coin centers more.
2, in the method for the present invention, without cooperating and interact, reducing the communication of participating user and calculating cost between participant
Without having to worry about single point failure, there are multiple mixed coin centers and mutually alternative, avoid service pause caused by single central fault.
3, the fast response time of the method for the present invention, fund are transferred to the output speed no more than digital cash block chain, reduce
Waiting time.
4, the method for the present invention resists Denial of Service attack, and the participant of malice can not terminate the behaviour of other honest participants
Make, without trusting mixed coin center, mixed coin center is mutually restricted, and a small number of malice centers can not successfully steal user's currency or snooping is handed over
Easy privacy.
Detailed description of the invention
Fig. 1 is that digital cash drawing sequence number blinds value signature phase flow schematic diagram in the method for the present invention.
Fig. 2 is that the transaction that digital cash is produced to final gathering address in the method for the present invention generates and shows with phase flow of signing
It is intended to.
In Fig. 1 and Fig. 2, serial number (2-1) to (2-4), (4-1) to (4-4) represent corresponding step in the method for the present invention, respectively
Step is completed by the Hun Bi committee.
Specific embodiment
The collaborative distributed digital cash of multicenter of protection privacy proposed by the present invention mixes coin method, comprising the following steps:
(1) digital cash fund is transferred to Hun Bi committee address, detailed process is as follows:
(1-1) generates a digital cash drawing sequence number, comprising the following steps:
(1-1-1) the first digital cash user sequentially generates private key sk using digital cash address generating methodend, it is public
Key pkendWith final gathering address addr, and store spare;
Or second digital cash user using digital cash address generating method sequentially generate private key skend, public key pkend
With final gathering address addr, and the final gathering address addr of generation is sent to the first digital cash user;
(1-1-2) calculates digital cash drawing sequence number sn according to the final gathering address addr of above-mentioned steps (1-1),
Sn ← H (addr), wherein H () represents hash algorithm, any input is mapped in p rank cyclic group, g is the generation of cyclic group
Member;
Random number r is chosen from { 1,2 ..., p-1 }, digital cash drawing sequence number is obtained and blinds value
(1-2) generates the transaction that Hun Bi committee address is transferred to from the first digital cash user, comprising the following steps:
(1-2-1) the first digital cash user trades according to existing digital cash and exports, and generates a digital cash and hands over
Easy txin, digital cash transaction txinOutput be address that the Hun Bi committee specifies, and be embedded in above-mentioned steps in this transaction
The digital cash drawing sequence number of (1-2) blinds value
(1-2-2) the first digital cash user is to digital moneytary operations txinSignature, signature is denoted asAnd it will It is sent to digital cash block chain, and will be withCorresponding identification code is denoted as txid;
(1-3) issues the request of the transaction of verifying above-mentioned steps (2) to the Hun Bi committee, and the first digital cash user will It is sent to the Hun Bi committee, waits the confirmation of the Hun Bi committee and signature;
(2) the Hun Bi committee confirms the transaction of above-mentioned first digital cash user, and blind to digital cash drawing sequence number
Change value is signed, and is included the following steps, as shown in Figure 1:
(2-1) the Hun Bi committee confirms the transaction of above-mentioned first digital cash user:
Member in the Hun Bi committee receives messageAfterwards, it is obtained from the block chain of Hun Bi committee internal maintenance
Take the list comprising All Activity identification code, and txid judged, if txid not in above-mentioned transaction identification code list,
It willOther all members being forwarded in the Hun Bi committee wait transaction tx corresponding with txidinIn number
It is identified on currency block chain, and carries out step (2-2), if txid is reported in the inside block chain of Hun Bi committee maintenance,
Or the confirmation of digital cash block chain waits time-out, then terminates operation;
(2-2) the Hun Bi committee checks the transaction of above-mentioned first digital cash user:
(2-2-1) mixes coin committeeman and checks txinOutput address, if txinOutput be the Hun Bi committee ground
Location then carries out step (2-2-2), if txinOutput be not the Hun Bi committee address, then terminate operation;
(2-2-2) mixes coin committeeman and checks txinThe output amount of money, if to meet the setting of the Hun Bi committee mixed for the output amount of money
Coin requirement, then carry out step (2-2-3), if the output amount of money is unsatisfactory for the mixed coin requirement of Hun Bi committee setting, terminates operation;
(2-2-3) mixes coin committeeman and checks txinIn embedding data, if txinIt is embedded in and is only embedded inThen into
Row step (2-3), if txinIt is not embedded intoOr be embedded in other data, then terminate operation;
(2-3) mixes coin committeeman and blinds value signature to digital cash drawing sequence number:
Mixed coin committeeman blinds value to digital cash drawing sequence numberIt signs, is signedWherein i is
The mixed coin committeeman number, and willTriple is sent to the every other member of the Hun Bi committee;
(2-4) mixes coin committeeman and blinds value signature synthesis to digital cash drawing sequence number:
Mixed coin committeeman receives more than n/2'sWhen, using compact multi-signature method by institute
There is signatureSynthesize single signatureAnd all members list list for receiving signature are recorded, it willThe inside block chain of Hun Bi committee maintenance is charged to, it willIt returns
To the first digital cash user, wherein n is all number of members in the Hun Bi committee;
(3) first digital cash users by mixed coin committeeman to digital cash drawing sequence number blind value signature go it is blind
Change, the first digital cash user or the second digital cash user send to the Hun Bi committee and take out fund to final gathering address
Request, comprising the following steps:
Mixed coin committeeman is blinded value signature to digital cash drawing sequence number by (3-1) the first digital cash user
It blinds:
(3-1-1) the first digital cash user receives what mixed coin committeeman returned
It willIt goes to blind, obtains σ,Wherein, pk is the public key of the Hun Bi committee, is anyone a known disclosure
Value, r are the random number chosen in step (1-1-2) from { 1,2 ..., p-1 };
(3-1-2) if in above-mentioned steps (1-1-1), the final address addr that collects money is generated by the second digital cash user,
Then (addr, σ) is sent to the second digital cash user by the first digital cash user;
(3-2) the first digital cash user or the second digital cash user send to the Hun Bi committee takes out fund to most
The request of gathering address eventually:
If the final address addr that collects money is generated by the first digital cash user, then the first number in above-mentioned steps (1-1-1)
Word currency user submits (σ, addr) to the Hun Bi committee, and the Hun Bi committee is waited to send final gathering ground for corresponding fund
Location addr;
If the final address addr that collects money is generated by the second digital cash user, then the second number in above-mentioned steps (1-1-1)
After word currency user receives (addr, σ) from the first digital cash user, storage (addr, σ) is spare;When the second digital goods
When coin user needs fund to produce, request (σ, addr) is submitted to the Hun Bi committee, and the Hun Bi committee is waited to send fund
To address addr;
(4) the Hun Bi committee checks that the first digital cash user or the second digital cash user take out fund to final and receives
The request of money address, generation are produced to the transaction of final gathering address, and to producing to the trading signature of final gathering address, are wrapped
Following steps are included, as shown in Figure 2:
(4-1) the Hun Bi committee, which checks, takes out fund to the request of final gathering address, and generates to produce to final and receive
The transaction of money address:
(4-1-1) mixes coin committeeman and receives (σ, addr), and digital cash is calculated according to addr therein and mentions
Money sequence number sn;
The processed list of sequence numbers l in the block chain of inside that (4-1-2) safeguards the Hun Bi committeesnJudged, if (4-1-3) is then entered step, if sn ∈ lsn, then operation is terminated;
(4-1-3) mixes coin committeeman and carries out signature verification to (σ, addr) is received, if σ isLegitimate signature, then
(4-1-4) is entered step, if σ is notLegitimate signature, then terminate operation;
(4-1-4) mixes coin committeeman and generates the transaction tx produced to final gathering address, and the input for the tx that trades is mixed
The address of the coin committee exports as the address addr that finally collects money, (addr, σ, tx) is sent to the every other of the Hun Bi committee
Member;
(4-2) the Hun Bi committee checks the transaction tx produced to final gathering address:
(4-2-1) mixes (addr, σ, the tx) that coin committeeman sends according to other the mixed coin committeemans received, root
Digital cash drawing sequence number sn is calculated according to addr therein;
The processed list of sequence numbers l in the block chain of inside that (4-2-2) safeguards the Hun Bi committeesnJudged, if (4-2-3) is then entered step, if sn ∈ lsn, then operation is terminated;
(4-2-3) carries out signature verification to (σ, addr) is received, if σ isLegitimate signature, then enter step (4-2-
4), if σ is notLegitimate signature, then terminate operation;
(4-2-4) mixes coin committeeman according to all output informations on digital cash block chain, to (addr, σ, tx)
In transaction tx judged, if transaction tx is legal digital cash transaction, (4-3) is entered step, if transaction tx is not
Legal digital cash transaction, then terminate operation;
(4-3) the Hun Bi committee signs to the transaction tx produced to final gathering address:
(4-3-1) mixes coin committeeman and carries out digital goods to the transaction tx produced to final gathering address being verified
Coin block chain trading signature, obtains σtx,i;
(4-3-2) is by (addr, tx, σtx,i) it is sent to the every other member of the Hun Bi committee;
The transaction tx produced to final gathering address is committed to digital cash block chain by (4-4) the Hun Bi committee:
Any member of (4-4-1) the Hun Bi committee receives n/2 or more σtx,iAfterwards, multi-signature σ is obtainedtx:
σtx={ σtx,i}i∈list’,
Wherein list ' is the mixed coin committeeman list that the mixed coin committeeman receives signature;
(4-4-2) is by (sn, tx, σtx) charge to the inside block chain that the Hun Bi committee safeguards;
(4-4-3), which will sign, to be produced to transaction (tx, the σ of final gathering addresstx) it is sent to digital cash block chain.
Claims (1)
1. a kind of collaborative distributed digital cash of multicenter for protecting privacy mixes coin method, it is characterised in that this method includes following
Step:
(1) digital cash fund is transferred to Hun Bi committee address, detailed process is as follows:
(1-1) generates a digital cash drawing sequence number, comprising the following steps:
(1-1-1) the first digital cash user sequentially generates private key sk using digital cash address generating methodend, public key
pkendWith final gathering address addr, and store spare;
Or second digital cash user using digital cash address generating method sequentially generate private key skend, public key pkendMost
Gathering address addr eventually, and the final gathering address addr of generation is sent to the first digital cash user;
(1-1-2) calculates digital cash drawing sequence number sn, sn ← H according to the final gathering address addr of above-mentioned steps (1-1)
(addr), wherein H () represents hash algorithm, and any input is mapped in p rank cyclic group, and g is the generation member of cyclic group;
Random number r is chosen from { 1,2 ..., p-1 }, digital cash drawing sequence number is obtained and blinds value
(1-2) generates the transaction that Hun Bi committee address is transferred to from the first digital cash user, comprising the following steps:
(1-2-1) the first digital cash user trades according to existing digital cash and exports, and generates a digital moneytary operations
txin, digital cash transaction txinOutput be the Hun Bi committee specify address, and in this transaction be embedded in above-mentioned steps (1-
2) digital cash drawing sequence number blinds value
(1-2-2) the first digital cash user is to digital moneytary operations txinSignature, signature is denoted asAnd it will
It is sent to digital cash block chain, and will be withCorresponding identification code is denoted as txid;
(1-3) issues the request of the transaction of verifying above-mentioned steps (2) to the Hun Bi committee, and the first digital cash user will It is sent to the Hun Bi committee, waits the confirmation of the Hun Bi committee and signature;
(2) the Hun Bi committee confirms the transaction of above-mentioned first digital cash user, and blinds value to digital cash drawing sequence number
It signs, comprising the following steps:
(2-1) the Hun Bi committee confirms the transaction of above-mentioned first digital cash user:
Member in the Hun Bi committee receives messageAfterwards, it obtains and wraps from the block chain of Hun Bi committee internal maintenance
The list of the identification code containing All Activity, and txid is judged, if txid not in above-mentioned transaction identification code list, is incited somebody to actionOther all members being forwarded in the Hun Bi committee wait transaction tx corresponding with txidinIn digital goods
It is identified on coin block chain, and carries out step (2-2), if txid is reported in the inside block chain of Hun Bi committee maintenance, or
The confirmation of digital cash block chain waits time-out, then terminates operation;
(2-2) the Hun Bi committee checks the transaction of above-mentioned first digital cash user:
(2-2-1) mixes coin committeeman and checks txinOutput address, if txinOutput be the Hun Bi committee address, then into
Row step (2-2-2), if txinOutput be not the Hun Bi committee address, then terminate operation;
(2-2-2) mixes coin committeeman and checks txinThe output amount of money, set mixed coin if the output amount of money meets the Hun Bi committee and want
It asks, then carries out step (2-2-3), if the output amount of money is unsatisfactory for the mixed coin requirement of Hun Bi committee setting, terminate operation;
(2-2-3) mixes coin committeeman and checks txinIn embedding data, if txinIt is embedded in and is only embedded inThen walked
Suddenly (2-3), if txinIt is not embedded intoOr be embedded in other data, then terminate operation;
(2-3) mixes coin committeeman and blinds value signature to digital cash drawing sequence number:
Mixed coin committeeman blinds value to digital cash drawing sequence numberIt signs, is signedWherein i is mixed for this
Coin committeeman number, and willTriple is sent to the every other member of the Hun Bi committee;
(2-4) mixes coin committeeman and blinds value signature synthesis to digital cash drawing sequence number:
Mixed coin committeeman receives more than n/2'sWhen, using compact multi-signature method by all label
NameSynthesize single signatureAnd all members list list for receiving signature are recorded, it will
The inside block chain of Hun Bi committee maintenance is charged to, it willThe first digital cash user is returned to,
Wherein n is all number of members in the Hun Bi committee;
Mixed coin committeeman is blinded value signature to digital cash drawing sequence number and goes to blind by (3) first digital cash users,
First digital cash user or the second digital cash user send to the Hun Bi committee takes out fund to final gathering address
Request, comprising the following steps:
(3-1) the first digital cash user by mixed coin committeeman to digital cash drawing sequence number blind value signature go it is blind
Change:
(3-1-1) the first digital cash user receives what mixed coin committeeman returnedIt willIt goes
It blinds, obtains σ,Wherein, pk is the public key of the Hun Bi committee, and r is in step (1-1-2) from { 1,2 ..., p-
1 } random number chosen;
(3-1-2) if in above-mentioned steps (1-1-1), the final address addr that collects money is generated by the second digital cash user, then and the
(addr, σ) is sent to the second digital cash user by one digital cash user;
(3-2) the first digital cash user or the second digital cash user, which send to take out fund to final to the Hun Bi committee, to receive
The request of money address:
If the final address addr that collects money is generated by the first digital cash user, then the first digital goods in above-mentioned steps (1-1-1)
Coin user submits (σ, addr) to the Hun Bi committee, and the Hun Bi committee is waited to send final gathering address for corresponding fund
addr;
If the final address addr that collects money is generated by the second digital cash user, then the second digital goods in above-mentioned steps (1-1-1)
After coin user receives (addr, σ) from the first digital cash user, storage (addr, σ) is spare;When the second digital cash is used
When family needs fund to produce, request (σ, addr) is submitted to the Hun Bi committee, and the Hun Bi committee is waited to be sent to ground for fund
Location addr;
(4) the Hun Bi committee checks that the first digital cash user or the second digital cash user take out fund to final gathering ground
The request of location, generates the transaction produced to final gathering address, and to producing to the trading signature of final gathering address, including with
Lower step:
(4-1) the Hun Bi committee, which checks, takes out fund to the request of final gathering address, and generates and produce to final gathering ground
The transaction of location:
(4-1-1) mixes coin committeeman and receives (σ, addr), and digital cash drawing sequence is calculated according to addr therein
Row number sn;
The processed list of sequence numbers l in the block chain of inside that (4-1-2) safeguards the Hun Bi committeesnJudged, if (4-1-3) is then entered step, if sn ∈ lsn, then operation is terminated;
(4-1-3) mixes coin committeeman and carries out signature verification to (σ, addr) is received, if σ isLegitimate signature, then enter
Step (4-1-4), if σ is notLegitimate signature, then terminate operation;
(4-1-4) mixes coin committeeman and generates the transaction tx produced to final gathering address, and the input for the tx that trades is mixed coin committee
Member can address, export as the address addr that finally collects money, by (addr, σ, tx) be sent to the Hun Bi committee it is every other at
Member;
(4-2) the Hun Bi committee checks the transaction tx produced to final gathering address:
(4-2-1) mixes (addr, σ, the tx) that coin committeeman sends according to other the mixed coin committeemans received, according to it
In addr digital cash drawing sequence number sn is calculated;
The processed list of sequence numbers l in the block chain of inside that (4-2-2) safeguards the Hun Bi committeesnJudged, if (4-2-3) is then entered step, if sn ∈ lsn, then operation is terminated;
(4-2-3) carries out signature verification to (σ, addr) is received, if σ isLegitimate signature, then (4-2-4) is entered step, if σ
It is notLegitimate signature, then terminate operation;
(4-2-4) mixes coin committeeman according to all output informations on digital cash block chain, in (addr, σ, tx)
Transaction tx is judged, if transaction tx is legal digital cash transaction, enters step (4-3), if transaction tx is not legal
Digital cash transaction, then terminate operation;
(4-3) the Hun Bi committee signs to the transaction tx produced to final gathering address:
(4-3-1) mixes coin committeeman and carries out digital cash area to the transaction tx produced to final gathering address being verified
Block chain trading signature, obtains σtx,i;
(4-3-2) is by (addr, tx, σtx,i) it is sent to the every other member of the Hun Bi committee;
The transaction tx produced to final gathering address is committed to digital cash block chain by (4-4) the Hun Bi committee:
Any member of (4-4-1) the Hun Bi committee receives n/2 or more σtx,iAfterwards, multi-signature σ is obtainedtx:
σtx={ σtx,i}i∈list’,
Wherein list ' is the mixed coin committeeman list that the mixed coin committeeman receives signature;
(4-4-2) is by (sn, tx, σtx) charge to the inside block chain that the Hun Bi committee safeguards;
(4-4-3), which will sign, to be produced to transaction (tx, the σ of final gathering addresstx) it is sent to digital cash block chain.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811203714.7A CN109447602B (en) | 2018-10-16 | 2018-10-16 | Multi-center collaborative distributed digital currency mixing method for protecting privacy |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811203714.7A CN109447602B (en) | 2018-10-16 | 2018-10-16 | Multi-center collaborative distributed digital currency mixing method for protecting privacy |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109447602A true CN109447602A (en) | 2019-03-08 |
CN109447602B CN109447602B (en) | 2021-11-02 |
Family
ID=65545660
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811203714.7A Active CN109447602B (en) | 2018-10-16 | 2018-10-16 | Multi-center collaborative distributed digital currency mixing method for protecting privacy |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109447602B (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109961288A (en) * | 2019-03-22 | 2019-07-02 | 北京沃东天骏信息技术有限公司 | Method of commerce and device based on Proxy Signature |
CN110175912A (en) * | 2019-04-08 | 2019-08-27 | 西安西电链融科技有限公司 | Across the chain assets transfer method of block chain, block chain information terminal based on the committee |
CN111698084A (en) * | 2020-06-04 | 2020-09-22 | 电子科技大学 | Block chain-based concealed communication method |
WO2021077762A1 (en) * | 2020-06-02 | 2021-04-29 | 浙江大学 | Coin-mixing service analysis method based on heuristic trading analysis |
WO2021081866A1 (en) * | 2019-10-31 | 2021-05-06 | 深圳市网心科技有限公司 | Transaction method, device, and system based on account model, and storage medium |
CN113450091A (en) * | 2021-06-21 | 2021-09-28 | 北京理工大学 | Alliance chain privacy protection method based on mixer technology |
TWI773161B (en) * | 2021-03-02 | 2022-08-01 | 雲想科技股份有限公司 | Digital signature private key verification method |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160358165A1 (en) * | 2015-06-08 | 2016-12-08 | Blockstream Corporation | Cryptographically concealing amounts transacted on a ledger while preserving a network's ability to verify the transaction |
-
2018
- 2018-10-16 CN CN201811203714.7A patent/CN109447602B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160358165A1 (en) * | 2015-06-08 | 2016-12-08 | Blockstream Corporation | Cryptographically concealing amounts transacted on a ledger while preserving a network's ability to verify the transaction |
Non-Patent Citations (3)
Title |
---|
TIM RUFFING 等: "CoinShuffle: Practical Decentralized Coin Mixing for Bitcoin", 《ESORICS 2014,PART II》 * |
吴进喜 等: "基于区块链的多方隐私保护公平合同签署协议", 《信息安全学报》 * |
张宪等: "区块链隐私技术综述", 《信息安全研究》 * |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109961288A (en) * | 2019-03-22 | 2019-07-02 | 北京沃东天骏信息技术有限公司 | Method of commerce and device based on Proxy Signature |
WO2020192236A1 (en) * | 2019-03-22 | 2020-10-01 | 北京沃东天骏信息技术有限公司 | Blind signature-based transaction method and device |
CN109961288B (en) * | 2019-03-22 | 2022-04-26 | 北京沃东天骏信息技术有限公司 | Transaction method and device based on blind signature |
CN110175912A (en) * | 2019-04-08 | 2019-08-27 | 西安西电链融科技有限公司 | Across the chain assets transfer method of block chain, block chain information terminal based on the committee |
CN110175912B (en) * | 2019-04-08 | 2023-05-05 | 西安链融科技有限公司 | Committee-based blockchain cross-chain asset transfer method and blockchain information terminal |
WO2021081866A1 (en) * | 2019-10-31 | 2021-05-06 | 深圳市网心科技有限公司 | Transaction method, device, and system based on account model, and storage medium |
WO2021077762A1 (en) * | 2020-06-02 | 2021-04-29 | 浙江大学 | Coin-mixing service analysis method based on heuristic trading analysis |
CN111698084A (en) * | 2020-06-04 | 2020-09-22 | 电子科技大学 | Block chain-based concealed communication method |
CN111698084B (en) * | 2020-06-04 | 2021-02-05 | 电子科技大学 | Block chain-based concealed communication method |
TWI773161B (en) * | 2021-03-02 | 2022-08-01 | 雲想科技股份有限公司 | Digital signature private key verification method |
CN113450091A (en) * | 2021-06-21 | 2021-09-28 | 北京理工大学 | Alliance chain privacy protection method based on mixer technology |
CN113450091B (en) * | 2021-06-21 | 2023-06-02 | 北京理工大学 | Alliance chain privacy protection method based on mixer technology |
Also Published As
Publication number | Publication date |
---|---|
CN109447602B (en) | 2021-11-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109447602A (en) | A kind of mixed coin method of the collaborative distributed digital cash of multicenter that protecting privacy | |
CN106911470B (en) | Bit currency transaction privacy enhancement method | |
US20240078541A1 (en) | Computer-implemented system and method for exchange of data | |
CN109377360A (en) | Block chain transaction in assets transfer account method based on Weighted Threshold signature algorithm | |
TWI684100B (en) | Consensus system and method for public distributed ledgers | |
CN110612547A (en) | System and method for information protection | |
CN105959307A (en) | Existence certification and authentication service method and system based on block chain technology | |
CN110912705B (en) | Distributed electronic voting method and system based on block chain | |
CN111191280A (en) | Block chain transaction method based on encrypted data, electronic equipment and storage medium | |
CN113691361A (en) | Alliance chain privacy protection method and system based on homomorphic encryption and zero knowledge proof | |
CN109919614A (en) | A kind of method for protecting intelligent contract privacy using zero-knowledge proof in block chain | |
CN110443608A (en) | Big data justice and method for secure transactions based on block chain | |
CN111738857B (en) | Generation and verification method and device of concealed payment certificate applied to block chain | |
CN113095826A (en) | Covert communication method and system based on block chain multi-signature | |
CN106909852A (en) | Intelligent contract encryption method and device based on triple md5 encryption algorithms | |
CN115238294A (en) | Digital RMB transaction privacy protection method, system and device based on mixed currency protocol | |
CN113645036A (en) | Ether shop transaction privacy protection method based on ring signature and intelligent contract | |
CN112184245A (en) | Cross-block-chain transaction identity confirmation method and device | |
CN110889793A (en) | Block chain-based digital lottery issuing method and block chain link points | |
CN105072092A (en) | Improved first-price sealed auction method with comparable encryption | |
CN112989409A (en) | Block chain privacy protection scheme based on blind mixed currency on lattice | |
CN113939800A (en) | Computer-implemented method and system for pseudo-random data generation | |
Sariboz et al. | FIRST: frontrunning resilient smart contracts | |
CN110414951A (en) | Digital asset based on intelligent contract circulates method, apparatus and system | |
Mufleh | Bitcoin Eclipse Attack-Statistic Analysis on Selfish Mining and Double-Spending Attack |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |