CN110224837B - Zero-knowledge proof method and terminal based on distributed identity - Google Patents

Zero-knowledge proof method and terminal based on distributed identity Download PDF

Info

Publication number
CN110224837B
CN110224837B CN201910493263.3A CN201910493263A CN110224837B CN 110224837 B CN110224837 B CN 110224837B CN 201910493263 A CN201910493263 A CN 201910493263A CN 110224837 B CN110224837 B CN 110224837B
Authority
CN
China
Prior art keywords
verification
terminal
certification
verifiable statement
trusted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910493263.3A
Other languages
Chinese (zh)
Other versions
CN110224837A (en
Inventor
杨文韬
王虎
陈昌
安士杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xi'an Zhigui Internet Technology Co ltd
Original Assignee
Xi'an Zhigui Internet Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xi'an Zhigui Internet Technology Co ltd filed Critical Xi'an Zhigui Internet Technology Co ltd
Priority to CN201910493263.3A priority Critical patent/CN110224837B/en
Publication of CN110224837A publication Critical patent/CN110224837A/en
Application granted granted Critical
Publication of CN110224837B publication Critical patent/CN110224837B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • H04L9/3221Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Abstract

The embodiment of the invention provides a zero-knowledge proof method and a terminal based on distributed identity identifiers, wherein the method comprises the following steps: the verification terminal sends a verification request to the certification terminal; receiving a verifiable statement, a certification file, a hash value and a signature of the verifiable statement returned by the certification terminal, wherein the hash value and the signature of the verifiable statement are sent to the certification terminal by a trusted third party terminal, and the certification file is generated by the certification terminal according to the verifiable statement and a certification key disclosed by the trusted third party terminal; verifying the hash value and the signature according to a verification public key, wherein the verification public key is acquired from a trusted third party terminal; and if the hash value and the signature of the verifiable statement pass the verification, verifying the certification file according to a verification program, and sending a verification result to the certification terminal, wherein the verification program is generated according to a verification key acquired from a trusted third party terminal. The information verification can be performed on the verifiable declarations corresponding to the distributed identity identifications by using zero-knowledge proof.

Description

Zero-knowledge proof method and terminal based on distributed identity
Technical Field
The invention relates to the technical field of computers, in particular to a zero-knowledge proof method and a terminal based on distributed identity identification.
Background
With the rapid development of information network technology, how to verify identity information in a network is very important for information security.
At present, the blockchain sub-project HyperLegend Fabric realizes a set of zero-knowledge proofs used in a federation chain, and can prove certain specific information of nodes of the federation chain by issuing a generated certificate by a third party.
However, the zero knowledge of the HyperLegend Fabric implementation proves that the zero knowledge is only applicable to the HyperLegend Fabric system and cannot be used outside the system; moreover, the zero-knowledge proof realized by the HyperLegendr Fabric adopts a blind signature mode, so that signed information cannot be determined when a third party issues a certificate, and only the inherent information of the nodes on the federation chain or the information generated on the chain can be verified, thereby having great limitation.
Disclosure of Invention
Aiming at the problems in the prior art, the embodiment of the invention provides a zero-knowledge proof method based on distributed identity identification and a terminal.
The embodiment of the invention provides a zero-knowledge proof method based on distributed identity identification, which comprises the following steps:
the verification terminal sends a verification request to the certification terminal;
receiving a verifiable statement, a certification file, a hash value of the verifiable statement and a signature returned by the certification terminal based on the verification request, wherein the hash value and the signature of the verifiable statement are sent to the certification terminal by a trusted third party terminal, and the certification file is generated by the certification terminal according to the verifiable statement and a certification key disclosed by the trusted third party terminal;
verifying the hash value and the signature of the verifiable statement according to a verification public key, wherein the verification public key is acquired from the trusted third party terminal;
if the hash value and the signature of the verifiable statement pass the verification, verifying the certification file according to a verification program, and sending a verification result to a certification terminal, wherein the verification program is generated according to a verification key acquired from the trusted third party terminal;
the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
The embodiment of the invention provides a zero-knowledge proof method based on distributed identity identification, which comprises the following steps:
the certification terminal receives a verification request sent by the verification terminal;
based on the verification request, sending a verifiable statement, a certification file, a hash value and a signature of the verifiable statement to the verification terminal so that the verification terminal verifies the hash value and the signature of the verifiable statement and the certification file, wherein the hash value and the signature of the verifiable statement are acquired from the trusted third party terminal, and the certification file is generated according to the verifiable statement and the certification key which are disclosed by the trusted third party terminal;
receiving a verification result sent by the verification terminal;
the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
The embodiment of the invention provides a verification terminal, which is characterized by comprising:
the first sending module is used for sending a verification request to the certification terminal;
a first receiving module, configured to receive a verifiable statement, a certification file, a hash value of the verifiable statement, and a signature, which are returned by the certification terminal based on the verification request, where the hash value and the signature of the verifiable statement are sent to the certification terminal by a trusted third party terminal, and the certification file is generated by the certification terminal according to the verifiable statement and a certification key disclosed by the trusted third party terminal;
the first verification module is used for verifying the hash value and the signature of the verifiable statement according to a verification public key, and the verification public key is acquired from the trusted third party terminal;
the second verification module is used for verifying the certification file according to a verification program and sending a verification result to a certification terminal if the hash value and the signature of the verifiable statement pass verification, wherein the verification program is generated according to a verification key acquired from the trusted third party terminal;
the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
An embodiment of the present invention provides a certification terminal, including:
the second receiving module is used for receiving the verification request sent by the verification terminal;
a second sending module, configured to send a verifiable statement, a certification document, a hash value of the verifiable statement, and a signature to the verification terminal based on the verification request, so that the verification terminal verifies the hash value and the signature of the verifiable statement and the certification document, where the hash value and the signature of the verifiable statement are obtained from the trusted third party terminal, and the certification document is generated according to the verifiable statement and the certification key disclosed by the trusted third party terminal;
the third receiving module is used for receiving the verification result sent by the verification terminal;
the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
An embodiment of the present invention provides an electronic device, which includes a memory, a processor, and a computer program stored in the memory and executable on the processor, and when the processor executes the computer program, the steps of the method are implemented as described above.
The zero-knowledge proof method and the terminal based on the distributed identity identifier, provided by the embodiment of the invention, send a verification request to a proof terminal through a verification terminal, receive a verifiable statement, a proof file, a hash value and a signature of the verifiable statement, wherein the hash value and the signature of the verifiable statement are sent to the proof terminal by a trusted third party terminal; the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications, so that information verification can be performed on verifiable statements corresponding to the distributed identity identifications by using zero knowledge certification.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a schematic flowchart of a zero-knowledge proof method based on distributed identity identifiers according to an embodiment of the present invention;
FIG. 2 is a three-way relationship diagram of a verification terminal, a certification terminal, and a trusted third party terminal for zero-knowledge certification utilized by embodiments of the present invention;
fig. 3 is a schematic flowchart of a zero-knowledge proof method based on distributed identity identifiers according to another embodiment of the present invention;
fig. 4 is a schematic structural diagram of an authentication terminal according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an attestation terminal according to an embodiment of the present invention;
fig. 6 is a schematic physical structure diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 shows a schematic flowchart of a zero-knowledge proof method based on distributed identity identifier according to an embodiment of the present invention, and as shown in fig. 1, the zero-knowledge proof method based on distributed identity identifier according to the embodiment includes:
s1, the authentication terminal sends an authentication request to the certification terminal.
It should be noted that the main execution body of the method described in this embodiment is an authentication terminal.
It is understood that the terminal involved in the present embodiment includes: the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with a Distributed Identity (DID), and when the verification terminal, the certification terminal and the trusted third party terminal are communicated, sent information/requests carry the respective Distributed identity.
It can be understood that the distributed id is a verifiable digital id, in the blockchain system, the DID is an address derived from a set of cryptographically generated public-private key pairs, which maps a user's digital id document, the document contains user-defined visible personal information and a verifiable statement to obtain third-party terminal authentication, the whole document is endorsed by the user himself, and is certified as a specific DID, and thus can be used as the user's id.
S2, receiving a Verifiable statement (VC for short) returned by the certification terminal based on the verification request, a certification file, a hash value and a signature of the Verifiable statement, wherein the hash value and the signature of the Verifiable statement are sent to the certification terminal by a trusted third party terminal, and the certification file is generated by the certification terminal according to the Verifiable statement and the certification key disclosed by the trusted third party terminal.
It is understood that reference may be made to the three-party relationship diagram of the verification terminal with zero knowledge proof, the certification terminal and the trusted third party terminal in the embodiment shown in fig. 2, before this step, the trusted third party terminal generates the certification key, the verifiable statement and the hash value and signature of the verifiable statement; the certification terminal obtains a certification key, a verifiable statement, and a hash value and a signature of the verifiable statement from a trusted third party terminal, and generates a certification file according to the verifiable statement and the certification key.
It can be understood that the verifiable statement is the user information signed and endorsed by the third-party terminal, the obtained hash value is signed and endorsed by the third-party terminal by performing hash conversion on the user information field, and many information in daily life can be converted into the verifiable statement, such as identity information of endorsement of a public security bureau, work experience information of endorsement of a company, academic history information of endorsement of a school, credit evaluation information of endorsement of a bank and the like. These verifiable claims can be self-assembled into different identity documents for verification of the user's identity and verification of related information, where the mentioned third party terminals are also identified in the distributed system in the DID manner.
S3, verifying the hash value and the signature of the verifiable statement according to a verification public key, wherein the verification public key is obtained from the trusted third party terminal.
It can be understood that, referring to the three-party relationship diagram of the verification terminal with zero knowledge proof, the proof terminal and the trusted third party terminal in the embodiment shown in fig. 2, before this step, the trusted third party terminal discloses a verification public key, and the verification terminal verifies the hash value and the signature of the verifiable statement according to the verification public key acquired from the trusted third party terminal.
And S4, if the hash value and the signature of the verifiable statement pass the verification, verifying the certification file according to a verification program, and sending a verification result to a certification terminal, wherein the verification program is generated according to a verification key acquired from the trusted third party terminal.
It is understood that, referring to the three-party relationship diagram of the zero-knowledge proof verification terminal, the proof terminal and the trusted third party terminal in the embodiment shown in fig. 2, before this step, the trusted third party terminal generates the verification key; and the verification terminal generates a verification program according to the verification key acquired from the trusted third party terminal, verifies the certification file according to the verification program when the hash value and the signature of the verifiable statement pass verification, and sends a verification result to the certification terminal so as to realize information verification of the verifiable statement corresponding to the distributed identity by using zero knowledge certification.
It can be understood that the zero knowledge proof protocol of the zero knowledge concise non-interactive knowledge proof system zk-SNARKs is a set of zero knowledge proof systems widely used at present, which realizes concise non-interactive zero knowledge proof and theoretically can perform zero knowledge proof on all problems which can be converted into mathematical logic verification. The zero knowledge proof scheme of zk-SNARKs is introduced into the distributed identity, is used for protecting identity information, and can perform zero knowledge proof on all problems expressed by available mathematical logic, so that the method has wide applicability; the zero-knowledge proof is used, the participation of a third-party terminal in the verification can be reduced, the third-party terminal only needs to make the preliminary preparation work, and the subsequent proof process only needs to be completed by the proof terminal and the verification terminal, so that the privacy protection of the distributed identity is realized; the zero-knowledge proof is used as a verifiable statement of the distributed identity, so that the exposed information can be reduced to the minimum when the information or the data is verified, and the privacy protection of the user data and the information is greatly improved.
The zero-knowledge proof method based on the distributed identity identifier provided by the embodiment sends a verification request to a proof terminal through a verification terminal, receives a verifiable statement, a proof file, a hash value and a signature of the verifiable statement returned by the proof terminal, wherein the hash value and the signature of the verifiable statement are sent to the proof terminal by a trusted third party terminal; the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications, so that information verification can be performed on verifiable statements corresponding to the distributed identity identifications by using zero-knowledge certification, exposed information can be reduced to the minimum when information or data is verified, and privacy protection of user data and information is greatly improved.
Further, on the basis of the above embodiment, the "verifying the certification document according to the verification procedure" in the step S4 may include:
according to a verification program, performing information hiding verification on the certification file;
alternatively, the first and second electrodes may be,
and performing information condition verification on the certification file according to a verification program.
Specifically, the performing information hiding verification on the certification document according to a verification program may include:
according to a verification program, performing information hiding verification on the certification file through a verification first formula;
wherein the first formula is:
hash(X+D)==H;
h is a hash value calculated by the binary data after the verifiable statement is converted, and is public credible information; d is information that the certification terminal discloses the verifiable statement that is converted into the binary data in the certification document, and X is privacy information that the certification terminal hides the verifiable statement that is converted into the binary data in the certification document.
For example, assume that a is the trusted third party terminal, the distributed identity of a is DID _ a, B is the certification terminal, the distributed identity of B is DID _ B, C is the verification terminal, and the distributed identity of C is DID _ C. A issues a verifiable statement to B: { "Name": Alice "," Age ": 024", "Sex": Male "," ID ": 123456" }, the following verification can be achieved by performing information hiding verification on the certification file by verifying the first formula according to the verification procedure of the embodiment: and C, verifying the Name of the B as Alice without obtaining other privacy information of the B.
Suppose that the binary data after conversion of the verifiable assertion issued by A to B is: 10110110100010101011, the hash value calculated by the binary data is H, and the arrangement order defined by each field of the binary data when information hiding verification is performed is shown in Table 1 below.
TABLE 1
Figure BDA0002087721820000071
In table 1, V is complete information of verifiable assertion that is converted into binary data; x is the privacy information which is hidden by the certificating terminal in the certificating file and can be verified and declared into binary data, wherein the privacy information is other hidden information obtained after the Name field is set to zero; d is the information that the certification terminal can verify the declaration disclosure converted into binary data in the certification file, and here is the information that the declaration disclosure can be verified after the other fields of the reserved Name field are set to zero. Obviously, V ═ X + D, so the Name of B is verified as Alice, no other information than the Name is exposed, and this can be translated into verifying the first formula.
It can be understood that since H can be verified based on the hash value signature, it is public trusted information; the certification document is equivalent to certifying that X is known to itself and possesses a verifiable statement that satisfies the first formula (i.e., X + D), thereby proving that D is in the verifiable statement sent by the certification terminal and does not expose private information hidden in the verifiable statement.
Therefore, the method can utilize zero-knowledge proof to expose only the information to be verified without exposing other privacy information when verifying the identity information endorsed by the third-party terminal signature, and can realize the proof of information validity and the information hiding verification of the identity information.
Specifically, the performing information hiding verification on the certification document according to a verification program may include:
according to a verification program, performing information condition verification on the certificate through a verification second formula;
wherein the second formula is:
hash(V)==Hand S
h is a hash value calculated by the binary data after the verifiable statement is converted, and is public credible information; v is complete information of verifiable statements converted into binary data, and is privacy information hidden in the certification file by the certification terminal; and S is a condition which is satisfied when the information X' to be verified extracted from V in the certification file by the certification terminal is to be verified.
For example, assume that a is the trusted third party terminal, the distributed identity of a is DID _ a, B is the certification terminal, the distributed identity of B is DID _ B, C is the verification terminal, and the distributed identity of C is DID _ C. A issues a verifiable statement to B: { "Name": Alice "," Age ": 024", "Sex": Male "," ID ": 123456" }, the following verification can be achieved by performing information condition verification on the certification document according to the verification program of the present embodiment by verifying the second formula: c verifies that Age of B is greater than 18 and does not obtain all information of the verifiable claims of B.
Suppose that the binary data after conversion of the verifiable assertion issued by A to B is: 10110110100010101011, the hash value calculated by the binary data is H, and the arrangement order defined by each field of the binary data when performing the information condition verification is shown in the following table 2.
TABLE 2
Figure BDA0002087721820000081
In table 2, V is complete information of verifiable statements converted into binary data, which is the privacy information hidden by the certification terminal in the certification document; s is a condition that the information to be verified X 'extracted from V in the certification document by the certification terminal is to be verified, i.e. S represents X' > D ', where X' is the information to be verified extracted from V in the certification document by the certification terminal, here, Age field information extracted from V, i.e.: "Age": 024 "; d' represents satisfaction condition information to be verified, that is: "Age": 018 "; age of verification B is larger than 18, Age and other information are not exposed, and the Age and other information can be converted into the second formula for verification.
It can be understood that since H can be verified based on the hash value signature, it is public trusted information; the information X 'of the certification terminal, which is to hide the V in the certification file, is Age information extracted from the V, the certification file generated by the certification terminal B is equivalent to prove that the known V meets the Hash value verification and the V contains X', and the X 'meets the condition that the V is larger than D', so that the Age of the B is larger than 18, and the Age and other information are not exposed.
Therefore, the method can utilize zero-knowledge proof to realize that when the identity information signed by the third-party terminal is verified to meet a certain condition, any information in the verifiable statement is not exposed, the proof that the condition is met is realized, and the information condition verification of the identity information can be realized.
The zero knowledge proof method based on the distributed identity provided by the embodiment can utilize the zero knowledge proof to realize information verification of verifiable statements corresponding to the distributed identity, and can realize information condition verification of identity information and information condition verification of identity information; zero knowledge proof can be carried out on all problems expressed by available mathematical logic, and the method has wide applicability and can be expanded into an information hiding scheme in character information; the zero-knowledge proof is used, the participation of a third-party terminal in the verification can be reduced, the third-party terminal only needs to make the preliminary preparation work, and the subsequent proof process only needs to be completed by the proof terminal and the verification terminal, so that the privacy protection of the distributed identity is realized; the zero-knowledge proof is used as a verifiable statement of the distributed identity, so that the exposed information can be reduced to the minimum when the information or the data is verified, and the privacy protection of the user data and the information is greatly improved.
Fig. 3 is a schematic flowchart illustrating a zero-knowledge proof method based on distributed identity according to another embodiment of the present invention, and as shown in fig. 3, the zero-knowledge proof method based on distributed identity according to this embodiment includes:
p1, the certification terminal receives the authentication request sent by the authentication terminal.
It should be noted that the main execution body of the method described in this embodiment is the certification terminal.
It is understood that the terminal involved in the present embodiment includes: the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with a Distributed Identity (DID), and when the verification terminal, the certification terminal and the trusted third party terminal are communicated, sent information/requests carry the respective Distributed identity.
It can be understood that the distributed id is a verifiable digital id, in the blockchain system, the DID is an address derived from a set of cryptographically generated public-private key pairs, which maps a user's digital id document, the document contains user-defined visible personal information and a verifiable statement to obtain third-party terminal authentication, the whole document is endorsed by the user himself, and is certified as a specific DID, and thus can be used as the user's id.
And P2, sending a verifiable statement, a certification file, a hash value and a signature of the verifiable statement to the verification terminal based on the verification request, so that the verification terminal verifies the hash value and the signature of the verifiable statement and the certification file, wherein the hash value and the signature of the verifiable statement are obtained from the trusted third party terminal, and the certification file is generated according to the verifiable statement and the certification key disclosed by the trusted third party terminal.
It can be understood that, referring to the three-party relationship diagram of the verification terminal with zero knowledge proof, the certification terminal and the trusted third party terminal in the embodiment shown in fig. 2, before this step, the trusted third party terminal discloses the verification public key and generates the verification key, the certification key, the verifiable statement and the hash value and signature of the verifiable statement; the method comprises the following steps that the certification terminal obtains a certification key, a verifiable statement and a hash value and a signature of the verifiable statement from a trusted third party terminal, generates a certification file according to the verifiable statement and the certification key, and then sends the verifiable statement, the certification file, the hash value and the signature of the verifiable statement to the verification terminal so that the verification terminal verifies the hash value and the signature of the verifiable statement and the certification file, and comprises the following steps: and the verification terminal verifies the hash value and the signature of the verifiable statement according to the verification public key, and if the hash value and the signature of the verifiable statement pass the verification, the certification file is verified according to a verification program.
And P3, receiving the verification result sent by the verification terminal.
It can be understood that the verification terminal verifies the hash value and the signature of the verifiable statement according to the verification public key, and when the hash value and the signature of the verifiable statement pass verification, after the certification file is verified according to the verification program, the verification result is sent to the certification terminal, so as to realize information verification of the verifiable statement corresponding to the distributed identity by using zero knowledge certification.
It can be understood that the zero knowledge proof protocol of the zero knowledge concise non-interactive knowledge proof system zk-SNARKs is a set of zero knowledge proof systems widely used at present, which realizes concise non-interactive zero knowledge proof and theoretically can perform zero knowledge proof on all problems which can be converted into mathematical logic verification. The zero knowledge proof scheme of zk-SNARKs is introduced into the distributed identity, is used for protecting identity information, and can perform zero knowledge proof on all problems expressed by available mathematical logic, so that the method has wide applicability; the zero-knowledge proof is used, the participation of a third-party terminal in the verification can be reduced, the third-party terminal only needs to make the preliminary preparation work, and the subsequent proof process only needs to be completed by the proof terminal and the verification terminal, so that the privacy protection of the distributed identity is realized; the zero-knowledge proof is used as a verifiable statement of the distributed identity, so that the exposed information can be reduced to the minimum when the information or the data is verified, and the privacy protection of the user data and the information is greatly improved.
In the zero-knowledge proof method based on distributed identity provided in this embodiment, the proof terminal receives the verification request sent by the verification terminal, and sends the verifiable statement, the proof file, the hash value and the signature of the verifiable statement to the verification terminal based on the verification request, so that the verification terminal verifies the hash value and the signature of the verifiable statement and the proof file, where the hash value and the signature of the verifiable statement are obtained from the trusted third party terminal, and the proof file is generated according to the verifiable statement and the proof key disclosed by the trusted third party terminal, and receives the verification result sent by the verification terminal, thereby achieving information verification of the verifiable statement corresponding to the distributed identity by using zero-knowledge proof, and reducing the exposed information to the minimum when verifying information or data, the privacy protection of user data and information is greatly improved.
Fig. 4 shows a schematic structural diagram of an authentication terminal according to an embodiment of the present invention, and as shown in fig. 4, the authentication terminal according to the embodiment includes: a first sending module 41, a first receiving module 42, a first verification module 43 and a second verification module 44; wherein:
the first sending module 41 is configured to send a verification request to the certification terminal;
the first receiving module 42 is configured to receive a verifiable statement, a certification document, a hash value of the verifiable statement, and a signature, which are returned by the certification terminal based on the verification request, where the hash value and the signature of the verifiable statement are sent to the certification terminal by a trusted third party terminal, and the certification document is generated by the certification terminal according to the verifiable statement and the certification key disclosed by the trusted third party terminal;
the first verification module 43 is configured to verify the hash value and the signature of the verifiable statement according to a verification public key, where the verification public key is obtained from the trusted third party terminal;
the second verification module 44 is configured to verify the certification file according to a verification program and send a verification result to the certification terminal if the hash value and the signature of the verifiable statement are verified, where the verification program is generated according to a verification key acquired from the trusted third party terminal;
the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
Specifically, the first sending module 41 sends a verification request to the certification terminal; the first receiving module 42 receives a verifiable statement, a certification file, a hash value of the verifiable statement and a signature returned by the certification terminal based on the verification request, wherein the hash value and the signature of the verifiable statement are sent to the certification terminal by a trusted third party terminal, and the certification file is generated by the certification terminal according to the verifiable statement and the certification key disclosed by the trusted third party terminal; the first verification module 43 verifies the hash value and the signature of the verifiable statement according to a verification public key, wherein the verification public key is obtained from the trusted third party terminal; if the hash value and the signature of the verifiable statement pass the verification, the second verification module 44 verifies the certification file according to a verification program, and sends a verification result to the certification terminal, wherein the verification program is generated according to a verification key acquired from the trusted third party terminal; the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
It is understood that the terminal involved in the present embodiment includes: the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with a Distributed Identity (DID), and when the verification terminal, the certification terminal and the trusted third party terminal are communicated, sent information/requests carry the respective Distributed identity.
It can be understood that the distributed id is a verifiable digital id, in the blockchain system, the DID is an address derived from a set of cryptographically generated public-private key pairs, which maps a user's digital id document, the document contains user-defined visible personal information and a verifiable statement to obtain third-party terminal authentication, the whole document is endorsed by the user himself, and is certified as a specific DID, and thus can be used as the user's id.
It is understood that, referring to the three-party relationship diagram of the verification terminal, the certification terminal and the trusted third party terminal of zero-knowledge certification in the embodiment shown in fig. 2, before executing the first receiving module 42, the trusted third party terminal generates a certification key, a verifiable statement and a hash value and a signature of the verifiable statement; the certification terminal obtains a certification key, a verifiable statement, and a hash value and a signature of the verifiable statement from a trusted third party terminal, and generates a certification file according to the verifiable statement and the certification key.
It can be understood that the verifiable statement is the user information signed and endorsed by the third-party terminal, the obtained hash value is signed and endorsed by the third-party terminal by performing hash conversion on the user information field, and many information in daily life can be converted into the verifiable statement, such as identity information of endorsement of a public security bureau, work experience information of endorsement of a company, academic history information of endorsement of a school, credit evaluation information of endorsement of a bank and the like. These verifiable claims can be self-assembled into different identity documents for verification of the user's identity and verification of related information, where the mentioned third party terminals are also identified in the distributed system in the DID manner.
It can be understood that, referring to the three-party relationship diagram of the verification terminal with zero knowledge proof, the proof terminal and the trusted third party terminal in the embodiment shown in fig. 2, before executing the first verification module 43, the trusted third party terminal discloses a verification public key, and the verification terminal verifies the hash value and the signature of the verifiable statement according to the verification public key obtained from the trusted third party terminal.
It is understood that, referring to the three-party relationship diagram of the zero-knowledge proof verification terminal, the proof terminal and the trusted third party terminal in the embodiment shown in fig. 2, before executing the second verification module 44, the trusted third party terminal generates a verification key; and the verification terminal generates a verification program according to the verification key acquired from the trusted third party terminal, verifies the certification file according to the verification program when the hash value and the signature of the verifiable statement pass verification, and sends a verification result to the certification terminal so as to realize information verification of the verifiable statement corresponding to the distributed identity by using zero knowledge certification.
It can be understood that the zero knowledge proof protocol of the zero knowledge concise non-interactive knowledge proof system zk-SNARKs is a set of zero knowledge proof systems widely used at present, which realizes concise non-interactive zero knowledge proof and theoretically can perform zero knowledge proof on all problems which can be converted into mathematical logic verification. The zero knowledge proof scheme of zk-SNARKs is introduced into the distributed identity, is used for protecting identity information, and can perform zero knowledge proof on all problems expressed by available mathematical logic, so that the method has wide applicability; the zero-knowledge proof is used, the participation of a third-party terminal in the verification can be reduced, the third-party terminal only needs to make the preliminary preparation work, and the subsequent proof process only needs to be completed by the proof terminal and the verification terminal, so that the privacy protection of the distributed identity is realized; the zero-knowledge proof is used as a verifiable statement of the distributed identity, so that the exposed information can be reduced to the minimum when the information or the data is verified, and the privacy protection of the user data and the information is greatly improved.
The verification terminal provided by the embodiment can realize information verification on the verifiable statement corresponding to the distributed identity by using zero-knowledge proof, can reduce the exposed information to the minimum when verifying the information or data, and greatly improves the privacy protection of user data and information.
Further, on the basis of the above embodiment, the "verifying the certification document according to the verification procedure" in the second verification module 44 may include:
according to a verification program, performing information hiding verification on the certification file;
alternatively, the first and second electrodes may be,
and performing information condition verification on the certification file according to a verification program.
Specifically, the performing information hiding verification on the certification document according to a verification program may include:
according to a verification program, performing information hiding verification on the certification file through a verification first formula;
wherein the first formula is:
hash(X+D)==H;
h is a hash value calculated by the binary data after the verifiable statement is converted, and is public credible information; d is information that the certification terminal discloses the verifiable statement that is converted into the binary data in the certification document, and X is privacy information that the certification terminal hides the verifiable statement that is converted into the binary data in the certification document.
For example, assume that a is the trusted third party terminal, the distributed identity of a is DID _ a, B is the certification terminal, the distributed identity of B is DID _ B, C is the verification terminal, and the distributed identity of C is DID _ C. A issues a verifiable statement to B: { "Name": Alice "," Age ": 024", "Sex": Male "," ID ": 123456" }, the following verification can be achieved by performing information hiding verification on the certification file by verifying the first formula according to the verification procedure of the embodiment: and C, verifying the Name of the B as Alice without obtaining other privacy information of the B.
Suppose that the binary data after conversion of the verifiable assertion issued by A to B is: 10110110100010101011, the hash value calculated by the binary data is H, and the arrangement order specified by each field of the binary data when performing information hiding verification can be seen in Table 1 in the embodiment shown in FIG. 1. In table 1, V is complete information of verifiable assertion that is converted into binary data; x is the privacy information which is hidden by the certificating terminal in the certificating file and can be verified and declared into binary data, wherein the privacy information is other hidden information obtained after the Name field is set to zero; d is the information that the certification terminal can verify the declaration disclosure converted into binary data in the certification file, and here is the information that the declaration disclosure can be verified after the other fields of the reserved Name field are set to zero. Obviously, V ═ X + D, so the Name of B is verified as Alice, no other information than the Name is exposed, and this can be translated into verifying the first formula.
It can be understood that since H can be verified based on the hash value signature, it is public trusted information; the certification document is equivalent to certifying that X is known to itself and possesses a verifiable statement that satisfies the first formula (i.e., X + D), thereby proving that D is in the verifiable statement sent by the certification terminal and does not expose private information hidden in the verifiable statement.
Therefore, the verification terminal can utilize zero knowledge to prove that only information needing to be verified is exposed, other privacy information is not exposed, information validity is proved, and information hiding verification of identity information can be achieved.
Specifically, the performing information hiding verification on the certification document according to a verification program may include:
according to a verification program, performing information condition verification on the certificate through a verification second formula;
wherein the second formula is:
hash(V)==Hand S
h is a hash value calculated by the binary data after the verifiable statement is converted, and is public credible information; v is complete information of verifiable statements converted into binary data, and is privacy information hidden in the certification file by the certification terminal; and S is a condition which is satisfied when the information X' to be verified extracted from V in the certification file by the certification terminal is to be verified.
For example, assume that a is the trusted third party terminal, the distributed identity of a is DID _ a, B is the certification terminal, the distributed identity of B is DID _ B, C is the verification terminal, and the distributed identity of C is DID _ C. A issues a verifiable statement to B: { "Name": Alice "," Age ": 024", "Sex": Male "," ID ": 123456" }, the following verification can be achieved by performing information condition verification on the certification document according to the verification program of the present embodiment by verifying the second formula: c verifies that Age of B is greater than 18 and does not obtain all information of the verifiable claims of B.
Suppose that the binary data after conversion of the verifiable assertion issued by A to B is: 10110110100010101011, the hash value calculated by the binary data is H, and the arrangement order specified by each field of the binary data when performing the information condition verification can be seen in Table 2 in the embodiment shown in FIG. 1. In table 2, V is complete information of verifiable statements converted into binary data, which is the privacy information hidden by the certification terminal in the certification document; s is a condition that the information to be verified X 'extracted from V in the certification document by the certification terminal is to be verified, i.e. S represents X' > D ', where X' is the information to be verified extracted from V in the certification document by the certification terminal, here, Age field information extracted from V, i.e.: "Age": 024 "; d' represents satisfaction condition information to be verified, that is: "Age": 018 "; age of verification B is larger than 18, Age and other information are not exposed, and the Age and other information can be converted into the second formula for verification.
It can be understood that since H can be verified based on the hash value signature, it is public trusted information; the information X ' of the certification terminal, which is to hide the V in the certification file, is Age information extracted from the V, S represents the condition that X ' > D ', the certification file generated by the certification terminal B is equivalent to certify that the known V meets the Hash value verification and the V contains X ', and X ' meets the condition that X ' is larger than D ', and thus the Age of B is larger than 18, and the Age and other information are not exposed.
In this way, the verification terminal in this embodiment can utilize the zero-knowledge proof to achieve that when verifying whether the identity information endorsed by the third-party terminal meets a certain condition, any information in the verifiable statement is not exposed, the proof that the condition is met is achieved, and the information condition verification of the identity information is achieved.
The verification terminal provided by the embodiment can utilize the zero-knowledge proof to realize information verification of verifiable statements corresponding to the distributed identity identifiers, and can realize information condition verification of identity information and information condition verification of identity information; zero knowledge proof can be carried out on all problems expressed by available mathematical logic, and the method has wide applicability and can be expanded into an information hiding scheme in character information; the zero-knowledge proof is used, the participation of a third-party terminal in the verification can be reduced, the third-party terminal only needs to make the preliminary preparation work, and the subsequent proof process only needs to be completed by the proof terminal and the verification terminal, so that the privacy protection of the distributed identity is realized; the zero-knowledge proof is used as a verifiable statement of the distributed identity, so that the exposed information can be reduced to the minimum when the information or the data is verified, and the privacy protection of the user data and the information is greatly improved.
The verification terminal provided in the embodiment of the present invention may be configured to execute the technical solution of the method embodiment shown in fig. 1, and the implementation principle and the technical effect are similar, which are not described herein again.
Fig. 5 is a schematic structural diagram of an attestation terminal according to an embodiment of the present invention, and as shown in fig. 5, the attestation terminal according to the embodiment includes: a second receiving module 51, a second transmitting module 52 and a third receiving module 53; wherein:
the second receiving module 51 is configured to receive an authentication request sent by an authentication terminal;
the second sending module 52 is configured to send a verifiable statement, a certification document, a hash value of the verifiable statement and a signature to the verification terminal based on the verification request, so that the verification terminal verifies the hash value and the signature of the verifiable statement and the certification document, where the hash value and the signature of the verifiable statement are obtained from the trusted third party terminal, and the certification document is generated according to the verifiable statement and the certification key disclosed by the trusted third party terminal;
the third receiving module 53 is configured to receive a verification result sent by the verification terminal;
the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
The second receiving module 51 receives an authentication request sent by an authentication terminal; the second sending module 52 sends a verifiable statement, a certification document, a hash value and a signature of the verifiable statement to the verification terminal based on the verification request, so that the verification terminal verifies the hash value and the signature of the verifiable statement and the certification document, the hash value and the signature of the verifiable statement are obtained from the trusted third party terminal, and the certification document is generated according to the verifiable statement and the certification key disclosed by the trusted third party terminal; the third receiving module 53 receives the verification result sent by the verification terminal; the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
It is understood that the terminal involved in the present embodiment includes: the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with a Distributed Identity (DID), and when the verification terminal, the certification terminal and the trusted third party terminal are communicated, sent information/requests carry the respective Distributed identity.
It can be understood that the distributed id is a verifiable digital id, in the blockchain system, the DID is an address derived from a set of cryptographically generated public-private key pairs, which maps a user's digital id document, the document contains user-defined visible personal information and a verifiable statement to obtain third-party terminal authentication, the whole document is endorsed by the user himself, and is certified as a specific DID, and thus can be used as the user's id.
It is understood that, referring to the three-party relationship diagram of the verification terminal with zero knowledge proof, the certification terminal and the trusted third party terminal in the embodiment shown in fig. 2, before executing the second sending module 52, the trusted third party terminal discloses the verification public key and generates the verification key, the certification key, the verifiable statement and the hash value and signature of the verifiable statement; the method comprises the following steps that the certification terminal obtains a certification key, a verifiable statement and a hash value and a signature of the verifiable statement from a trusted third party terminal, generates a certification file according to the verifiable statement and the certification key, and then sends the verifiable statement, the certification file, the hash value and the signature of the verifiable statement to the verification terminal so that the verification terminal verifies the hash value and the signature of the verifiable statement and the certification file, and comprises the following steps: and the verification terminal verifies the hash value and the signature of the verifiable statement according to the verification public key, and if the hash value and the signature of the verifiable statement pass the verification, the certification file is verified according to a verification program.
It can be understood that the verification terminal verifies the hash value and the signature of the verifiable statement according to the verification public key, and when the hash value and the signature of the verifiable statement pass verification, after the certification file is verified according to the verification program, the verification result is sent to the certification terminal, so as to realize information verification of the verifiable statement corresponding to the distributed identity by using zero knowledge certification.
It can be understood that the zero knowledge proof protocol of the zero knowledge concise non-interactive knowledge proof system zk-SNARKs is a set of zero knowledge proof systems widely used at present, which realizes concise non-interactive zero knowledge proof and theoretically can perform zero knowledge proof on all problems which can be converted into mathematical logic verification. The zero knowledge proof scheme of zk-SNARKs is introduced into the distributed identity, is used for protecting identity information, and can perform zero knowledge proof on all problems expressed by available mathematical logic, so that the method has wide applicability; the zero-knowledge proof is used, the participation of a third-party terminal in the verification can be reduced, the third-party terminal only needs to make the preliminary preparation work, and the subsequent proof process only needs to be completed by the proof terminal and the verification terminal, so that the privacy protection of the distributed identity is realized; the zero-knowledge proof is used as a verifiable statement of the distributed identity, so that the exposed information can be reduced to the minimum when the information or the data is verified, and the privacy protection of the user data and the information is greatly improved.
The certification terminal provided by the embodiment can realize information verification on the verifiable statements corresponding to the distributed identity identifications by using zero-knowledge certification, can reduce the exposed information to the minimum when verifying the information or the data, and greatly improves the privacy protection of user data and information.
The certification terminal provided in the embodiment of the present invention may be configured to execute the technical solution of the method embodiment shown in fig. 3, and the implementation principle and the technical effect are similar, which are not described herein again.
Fig. 6 shows a schematic physical structure diagram of an electronic device according to an embodiment of the present invention, as shown in fig. 6, the electronic device may include a memory 602, a processor 601, and a computer program stored in the memory 602 and executable on the processor 601, where the processor 601 implements the steps of the method when executing the program, for example, including: the verification terminal sends a verification request to the certification terminal; receiving a verifiable statement, a certification file, a hash value of the verifiable statement and a signature returned by the certification terminal based on the verification request, wherein the hash value and the signature of the verifiable statement are sent to the certification terminal by a trusted third party terminal, and the certification file is generated by the certification terminal according to the verifiable statement and a certification key disclosed by the trusted third party terminal; verifying the hash value and the signature of the verifiable statement according to a verification public key, wherein the verification public key is acquired from the trusted third party terminal; if the hash value and the signature of the verifiable statement pass the verification, verifying the certification file according to a verification program, and sending a verification result to a certification terminal, wherein the verification program is generated according to a verification key acquired from the trusted third party terminal; the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications; alternatively, it comprises: the certification terminal receives a verification request sent by the verification terminal; based on the verification request, sending a verifiable statement, a certification file, a hash value and a signature of the verifiable statement to the verification terminal so that the verification terminal verifies the hash value and the signature of the verifiable statement and the certification file, wherein the hash value and the signature of the verifiable statement are acquired from the trusted third party terminal, and the certification file is generated according to the verifiable statement and the certification key which are disclosed by the trusted third party terminal; receiving a verification result sent by the verification terminal; the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
An embodiment of the present invention provides a non-transitory computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the steps of the above method, for example, including: the verification terminal sends a verification request to the certification terminal; receiving a verifiable statement, a certification file, a hash value of the verifiable statement and a signature returned by the certification terminal based on the verification request, wherein the hash value and the signature of the verifiable statement are sent to the certification terminal by a trusted third party terminal, and the certification file is generated by the certification terminal according to the verifiable statement and a certification key disclosed by the trusted third party terminal; verifying the hash value and the signature of the verifiable statement according to a verification public key, wherein the verification public key is acquired from the trusted third party terminal; if the hash value and the signature of the verifiable statement pass the verification, verifying the certification file according to a verification program, and sending a verification result to a certification terminal, wherein the verification program is generated according to a verification key acquired from the trusted third party terminal; the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications; alternatively, it comprises: the certification terminal receives a verification request sent by the verification terminal; based on the verification request, sending a verifiable statement, a certification file, a hash value and a signature of the verifiable statement to the verification terminal so that the verification terminal verifies the hash value and the signature of the verifiable statement and the certification file, wherein the hash value and the signature of the verifiable statement are acquired from the trusted third party terminal, and the certification file is generated according to the verifiable statement and the certification key which are disclosed by the trusted third party terminal; receiving a verification result sent by the verification terminal; the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1. A zero-knowledge proof method based on distributed identity identification is characterized by comprising the following steps:
the verification terminal sends a verification request to the certification terminal;
receiving a verifiable statement, a certification file, a hash value of the verifiable statement and a signature returned by the certification terminal based on the verification request, wherein the hash value and the signature of the verifiable statement are sent to the certification terminal by a trusted third party terminal, and the certification file is generated by the certification terminal according to the verifiable statement and a certification key disclosed by the trusted third party terminal;
verifying the hash value and the signature of the verifiable statement according to a verification public key, wherein the verification public key is acquired from the trusted third party terminal;
if the hash value and the signature of the verifiable statement pass the verification, verifying the certification file according to a verification program, and sending a verification result to a certification terminal, wherein the verification program is generated according to a verification key acquired from the trusted third party terminal;
the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
2. The distributed identity identification-based zero-knowledge proof method according to claim 1, wherein the verifying the proof document according to a verification procedure comprises:
according to a verification program, performing information hiding verification on the certification file;
alternatively, the first and second electrodes may be,
and performing information condition verification on the certification file according to a verification program.
3. The distributed identity identification-based zero-knowledge proof method according to claim 2, wherein the performing information hiding verification on the proof document according to a verification procedure comprises:
according to a verification program, performing information hiding verification on the certification file through a verification first formula;
wherein the first formula is:
hash(X+D)==H;
h is a hash value calculated by the binary data after the verifiable statement is converted, and is public credible information; d is information that the certification terminal discloses the verifiable statement that is converted into the binary data in the certification document, and X is privacy information that the certification terminal hides the verifiable statement that is converted into the binary data in the certification document.
4. The distributed identity identification-based zero-knowledge proof method according to claim 2, wherein the performing information condition verification on the proof document according to a verification procedure comprises:
according to a verification program, performing information condition verification on the certificate through a verification second formula;
wherein the second formula is:
hash(V)==H and S
h is a hash value calculated by the binary data after the verifiable statement is converted, and is public credible information; v is complete information of verifiable statements converted into binary data, and is privacy information hidden in the certification file by the certification terminal; and S is a condition which is satisfied when the information X' to be verified extracted from V in the certification file by the certification terminal is to be verified.
5. A zero-knowledge proof method based on distributed identity identification is characterized by comprising the following steps:
the certification terminal receives a verification request sent by the verification terminal;
based on the verification request, sending a verifiable statement, a certification file, a hash value and a signature of the verifiable statement to the verification terminal so that the verification terminal verifies the hash value and the signature of the verifiable statement and the certification file, wherein the hash value and the signature of the verifiable statement are acquired from a trusted third party terminal, and the certification file is generated according to the verifiable statement and a certification key which are disclosed by the trusted third party terminal;
receiving a verification result sent by the verification terminal;
the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
6. The distributed identity based zero-knowledge proof method of claim 5, wherein before the sending of the verifiable assertion, the proof document, the hash value of the verifiable assertion, and the signature to the verification terminal based on the verification request, the method further comprises:
obtaining a verifiable statement, a hash value of the verifiable statement, a signature and a certification key from the trusted third party terminal;
and generating a certification document according to the verifiable statement and the certification key.
7. An authentication terminal, comprising:
the first sending module is used for sending a verification request to the certification terminal;
a first receiving module, configured to receive a verifiable statement, a certification file, a hash value of the verifiable statement, and a signature, which are returned by the certification terminal based on the verification request, where the hash value and the signature of the verifiable statement are sent to the certification terminal by a trusted third party terminal, and the certification file is generated by the certification terminal according to the verifiable statement and a certification key disclosed by the trusted third party terminal;
the first verification module is used for verifying the hash value and the signature of the verifiable statement according to a verification public key, and the verification public key is acquired from the trusted third party terminal;
the second verification module is used for verifying the certification file according to a verification program and sending a verification result to a certification terminal if the hash value and the signature of the verifiable statement pass verification, wherein the verification program is generated according to a verification key acquired from the trusted third party terminal;
the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
8. An attestation terminal, comprising:
the second receiving module is used for receiving the verification request sent by the verification terminal;
a second sending module, configured to send a verifiable statement, a certification document, a hash value of the verifiable statement, and a signature to the verification terminal based on the verification request, so that the verification terminal verifies the hash value and the signature of the verifiable statement and the certification document, where the hash value and the signature of the verifiable statement are obtained from a trusted third party terminal, and the certification document is generated according to the verifiable statement and the certification key disclosed by the trusted third party terminal;
the third receiving module is used for receiving the verification result sent by the verification terminal;
the verification terminal, the certification terminal and the trusted third party terminal are respectively provided with respective distributed identity identifications.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the method according to any of claims 1 to 6 are implemented when the processor executes the program.
10. A non-transitory computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 6.
CN201910493263.3A 2019-06-06 2019-06-06 Zero-knowledge proof method and terminal based on distributed identity Active CN110224837B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910493263.3A CN110224837B (en) 2019-06-06 2019-06-06 Zero-knowledge proof method and terminal based on distributed identity

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910493263.3A CN110224837B (en) 2019-06-06 2019-06-06 Zero-knowledge proof method and terminal based on distributed identity

Publications (2)

Publication Number Publication Date
CN110224837A CN110224837A (en) 2019-09-10
CN110224837B true CN110224837B (en) 2021-11-19

Family

ID=67816111

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910493263.3A Active CN110224837B (en) 2019-06-06 2019-06-06 Zero-knowledge proof method and terminal based on distributed identity

Country Status (1)

Country Link
CN (1) CN110224837B (en)

Families Citing this family (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110768791B (en) * 2019-09-24 2022-11-04 北京八分量信息科技有限公司 Data interaction method, node and equipment with zero knowledge proof
CN110851857B (en) * 2019-10-14 2022-07-01 上海唯链信息科技有限公司 Method and device for realizing identity endorsement on block chain
CN111125731A (en) * 2019-12-11 2020-05-08 支付宝(杭州)信息技术有限公司 Business processing method, device and equipment based on verifiable statement
CN111125741B (en) * 2019-12-31 2022-07-01 广东卓启投资有限责任公司 Zero knowledge verification method based on block chain
SG10202000215RA (en) * 2020-01-09 2020-07-29 Alipay Labs Singapore Pte Ltd Methods and devices for providing decentralized identity verification
CN111245626B (en) * 2020-01-19 2021-05-18 平安科技(深圳)有限公司 Zero knowledge proving method, device and storage medium
CN111770063B (en) * 2020-02-18 2022-09-16 支付宝(杭州)信息技术有限公司 Derivation and verification method, device and equipment for digital identity information
CN111447073B (en) * 2020-03-31 2023-04-18 河北大学 Identity management and authentication system and method based on block chain and zero-knowledge proof
CN111190974B (en) * 2020-04-10 2021-01-26 支付宝(杭州)信息技术有限公司 Method, device and equipment for forwarding and acquiring verifiable statement
CN111600844A (en) * 2020-04-17 2020-08-28 丝链(常州)控股有限公司 Identity distribution and authentication method based on zero-knowledge proof
CN111882743A (en) * 2020-07-23 2020-11-03 浙江永旗区块链科技有限公司 Anonymous voting statistical method and system
CN112612849A (en) 2020-07-24 2021-04-06 支付宝(杭州)信息技术有限公司 Data processing method, device, equipment and medium
CN111818094B (en) 2020-08-28 2021-01-05 支付宝(杭州)信息技术有限公司 Identity registration method, device and equipment
CN111815420B (en) 2020-08-28 2021-07-06 支付宝(杭州)信息技术有限公司 Matching method, device and equipment based on trusted asset data
CN111814172A (en) 2020-08-28 2020-10-23 支付宝(杭州)信息技术有限公司 Method, device and equipment for acquiring data authorization information
CN111741036B (en) 2020-08-28 2020-12-18 支付宝(杭州)信息技术有限公司 Trusted data transmission method, device and equipment
CN111814156B (en) 2020-09-04 2022-04-29 支付宝(杭州)信息技术有限公司 Data acquisition method, device and equipment based on trusted equipment
CN113434849A (en) * 2020-09-04 2021-09-24 支付宝(杭州)信息技术有限公司 Data management method, device and equipment based on trusted hardware
CN111814196B (en) 2020-09-04 2021-01-05 支付宝(杭州)信息技术有限公司 Data processing method, device and equipment
CN111930846B (en) 2020-09-15 2021-02-23 支付宝(杭州)信息技术有限公司 Data processing method, device and equipment
CN111932426B (en) 2020-09-15 2021-01-26 支付宝(杭州)信息技术有限公司 Identity management method, device and equipment based on trusted hardware
CN113255005A (en) 2020-09-15 2021-08-13 支付宝(杭州)信息技术有限公司 Block chain-based data asset transfer method, device and equipment
CN112235114B (en) * 2020-09-25 2023-09-19 西安纸贵互联网科技有限公司 Block chain-based service processing system
CN112380287B (en) * 2020-11-13 2022-06-10 浙江数秦科技有限公司 Distributed credible statement generation method, system, equipment and storage medium
CN112199714B (en) * 2020-12-04 2021-09-07 支付宝(杭州)信息技术有限公司 Privacy protection method and device based on block chain and electronic equipment
CN112636922B (en) * 2020-12-21 2022-05-03 电子科技大学 IOT identity authentication method based on non-interactive zero-knowledge proof
CN112738177B (en) * 2020-12-22 2022-08-05 网易(杭州)网络有限公司 Block chain-based attestation system, method, apparatus, electronic device, and medium
CN112580102A (en) * 2020-12-29 2021-03-30 郑州大学 Multi-dimensional digital identity authentication system based on block chain
CN112732832B (en) * 2021-01-06 2024-02-13 上海泰砥科技有限公司 Block chain supply chain financial supply method and system based on DID and zero knowledge proof
CN113037493B (en) * 2021-02-27 2023-06-20 上海泰砥科技有限公司 DID identity-based blockchain zero knowledge proof anonymous credential verification method and system
CN113221089B (en) * 2021-03-15 2023-11-07 东北大学 Privacy protection attribute authentication system and method based on verifiable statement
CN113221148A (en) * 2021-05-27 2021-08-06 中国人民银行数字货币研究所 Information verification method and device
CN113282956B (en) * 2021-06-03 2022-04-29 网易(杭州)网络有限公司 House purchasing data processing method, device and system and electronic equipment
CN113452704B (en) * 2021-06-28 2022-08-09 湖南天河国云科技有限公司 Distributed identity identification-based credible interconnection method and device for heterogeneous industrial equipment
CN113806809B (en) * 2021-11-17 2022-02-18 北京溪塔科技有限公司 Job seeker information disclosure method and system based on block chain
CN114389810A (en) * 2022-02-25 2022-04-22 蚂蚁区块链科技(上海)有限公司 Certificate generation method and device, electronic device and storage medium
CN114785511A (en) * 2022-02-25 2022-07-22 蚂蚁区块链科技(上海)有限公司 Certificate generation method and device, electronic device and storage medium
CN114900354B (en) * 2022-05-05 2023-08-29 国网山东省电力公司德州供电公司 Distributed identity authentication and management method and system for energy data

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108805582A (en) * 2017-04-28 2018-11-13 国际商业机器公司 Zero Knowledge third party's service in the computing platform of decentralization ensures
CN109245897A (en) * 2018-08-23 2019-01-18 北京邮电大学 A kind of node authentication method and device based on noninteractive zero-knowledge proof

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180365691A1 (en) * 2017-06-15 2018-12-20 KoopaCoin LLC Identity ledger in crypto currency transactions

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108805582A (en) * 2017-04-28 2018-11-13 国际商业机器公司 Zero Knowledge third party's service in the computing platform of decentralization ensures
CN109245897A (en) * 2018-08-23 2019-01-18 北京邮电大学 A kind of node authentication method and device based on noninteractive zero-knowledge proof

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于区块链的分布式可信网络连接架构;刘明达 等;《软件学报》;20190328;全文 *

Also Published As

Publication number Publication date
CN110224837A (en) 2019-09-10

Similar Documents

Publication Publication Date Title
CN110224837B (en) Zero-knowledge proof method and terminal based on distributed identity
CN110225023B (en) Traceable anonymous authentication method and traceable anonymous authentication system
CN108769230B (en) Transaction data storage method, device, server and storage medium
WO2021017338A1 (en) Cross-platform zero knowledge verification method for encrypted data of multiple data providers and related device
EP3966998B1 (en) Hash function attacks
CN112968881B (en) Block chain anonymous voting method, computer device and storage medium
US20130326602A1 (en) Digital Signatures
CN113095827B (en) Anonymous multiple signature method, computer device, and storage medium
CN111835526B (en) Method and system for generating anonymous credential
WO2019174402A1 (en) Group membership issuing method and device for digital group signature
CN112000744A (en) Signature method and related equipment
WO2022161108A1 (en) Anonymous multi-signature method, computer device and storage medium
CN113360943A (en) Block chain private data protection method and device
EP4035304A1 (en) Computer implemented method and system for storing certified data on a blockchain
TW201801491A (en) Public key certificate method can generate updated key pair matching the information security requirements without updating the digital certificate
WO2022193789A1 (en) Anonymous multi-signature method, computer device, and storage medium
CN112332980B (en) Digital certificate signing and verifying method, equipment and storage medium
CN114389822B (en) Block chain based signature generation method, device, equipment and storage medium
CN116318726A (en) Condition traceable ring signature method, system, electronic device and storage medium
US20230006835A1 (en) Cross-blockchain identity and key management
CN113507373B (en) Identity authentication data modeling method, equipment and system based on privacy protection
CN115529141A (en) Traceable ring signature generation method and system for logarithmic signature size
CN113112269B (en) Multiple signature method, computer device, and storage medium
Zhang et al. Verifier-local revocation group signatures with backward unlinkability from lattices
CN110943846A (en) Novel heterogeneous identity federation user reputation value transmission method based on ring signature technology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB03 Change of inventor or designer information

Inventor after: Yang Wentao

Inventor after: Wang Hu

Inventor after: Chen Chang

Inventor after: An Shijie

Inventor before: Li Wei

Inventor before: Wang Hu

Inventor before: Chen Chang

Inventor before: Yang Wentao

CB03 Change of inventor or designer information
GR01 Patent grant
GR01 Patent grant