CN110457297B - Editable block chain system and method based on multi-authority attribute encryption - Google Patents

Editable block chain system and method based on multi-authority attribute encryption Download PDF

Info

Publication number
CN110457297B
CN110457297B CN201910620208.6A CN201910620208A CN110457297B CN 110457297 B CN110457297 B CN 110457297B CN 201910620208 A CN201910620208 A CN 201910620208A CN 110457297 B CN110457297 B CN 110457297B
Authority
CN
China
Prior art keywords
transaction
attribute
key
calculating
chameleon hash
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910620208.6A
Other languages
Chinese (zh)
Other versions
CN110457297A (en
Inventor
张宗洋
李彤
胡斌
荣康
刘建伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beihang University
Original Assignee
Beihang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beihang University filed Critical Beihang University
Priority to CN201910620208.6A priority Critical patent/CN110457297B/en
Publication of CN110457297A publication Critical patent/CN110457297A/en
Application granted granted Critical
Publication of CN110457297B publication Critical patent/CN110457297B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/21Design, administration or maintenance of databases
    • G06F16/215Improving data quality; Data cleansing, e.g. de-duplication, removing invalid entries or correcting typographical errors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3827Use of message hashing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Databases & Information Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Quality & Reliability (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an editable block chain system and a method based on multi-authorization center attribute encryption, wherein the system comprises: the identity verification and attribute key distribution module is used for verifying whether the identity of each node meets a preset condition and distributing an attribute key for the user entity; the transaction preprocessing module is used for preprocessing the transaction through a chameleon hash function after the transaction is initiated and before the transaction is brought into the block; and the transaction deletion module is used for updating the transaction content of the transaction, calculating chameleon Hash collision, updating the transaction content to be invalid, and calculating chameleon Hash collision so as to complete deletion and modification of the transaction. According to the system provided by the embodiment of the invention, the block chain can be maintained in time under special conditions, the junk data on the block chain is deleted, the personal information safety and the stable development of the society are ensured, the governing rule on the block chain is established, the application field of the block chain is widened, and the healthy development of the block chain application is facilitated.

Description

Editable block chain system and method based on multi-authority attribute encryption
Technical Field
The invention relates to the technical field of alliance block chains, in particular to an editable block chain system and method based on multi-authority attribute encryption.
Background
At present, the intelligent contract and other technologies based on the block chain technology are fiercely and mature day by day, and attract the attention of a large number of expert scholars at home and abroad. The block chain is a traceable block chain type data structure constructed through transparent and credible rules under a peer-to-peer network environment, realizes and manages a transaction processing mode, and has the typical characteristics of distributed decentralization, forgery prevention, falsification prevention, transparent credibility, high reliability and the like. The non-tampering property of the blockchain data means that the historical transaction data on the blockchain cannot be modified once being confirmed, and the feature guarantees the reliability and integrity of the blockchain data. The method can complete the value transfer and transfer in a decentralized point-to-point network without any trusted authority of a third party.
However, it is the non-tamper-ability that hinders the promotion and application of block chains. Firstly, the non-tamper property brings legal risk, any illegal content embedded into the block chain can never be deleted, and the supervision authorities are brought with trouble in supervision; secondly, the emergence of more and more intelligent contracts means that a program must have a vulnerability, once the deployment cannot be modified any more, the european union committee proposes the protection of 'forgetting right', the most basic requirement of which is that any private information about an individual can be completely deleted from the internet, which means that the non-falsifiable characteristic of a block chain will fundamentally conflict with laws and regulations like 'forgetting right', and needs to be improved.
Disclosure of Invention
The present invention is directed to solving, at least to some extent, one of the technical problems in the related art.
Therefore, an object of the present invention is to provide an editable blockchain system based on multiple rights issuer attribute encryption, which can facilitate timely maintenance of blockchains under special conditions and delete garbage data on blockchains.
Another objective of the present invention is to provide an editable blockchain method based on multiple rights issuer attribute encryption.
To achieve the above object, an embodiment of an aspect of the present invention provides an editable blockchain system based on multiple rights issuer attribute encryption, including: the identity verification and attribute key distribution module is used for verifying whether the identity of each node meets a preset condition and distributing an attribute key for the user entity through the attribute of the multi-authorization center; the transaction preprocessing module is used for preprocessing the transaction through a chameleon hash function after the transaction is initiated and before the transaction is brought into the block; and the transaction deletion module is used for updating the transaction content of the transaction, calculating chameleon Hash collision, updating the transaction content to be invalid, and calculating chameleon Hash collision so as to complete deletion and modification of the transaction.
The editable block chain system based on multi-authorization-center attribute encryption provided by the embodiment of the invention can maintain the block chain in time under special conditions, delete the junk data on the block chain, ensure the personal information safety and the stable development of the society, establish the governing rule on the block chain, widen the application field of the block chain and contribute to the healthy development of the block chain application.
In addition, the editable blockchain system based on multi-rights issuer attribute encryption according to the above embodiment of the present invention may also have the following additional technical features:
further, in an embodiment of the present invention, the method further includes: and the transaction verification module is used for verifying and updating the local block chain data by other users after the deletion is finished.
Further, in one embodiment of the present invention, the transaction verification module is further configured to broadcast the changed transaction content and verify the new transaction content and the transaction modifier, so as to update the locally stored local blockchain data through the network after the verification is passed.
Further, in an embodiment of the present invention, the identity verification and attribute key distribution module is further configured to initialize parameters of each attribute authorization center, generate a public and private key, and control each attribute authorization center to distribute the attribute key to a corresponding user when the user applies for the private key of the relevant attribute from the attribute authorization center.
Optionally, in an embodiment of the present invention, the preset condition may be that the identity of each node is valid.
In order to achieve the above object, another embodiment of the present invention provides an editable blockchain method based on multiple rights issuer attribute encryption, including the following steps: verifying whether the identity of each node meets a preset condition, and distributing an attribute key for a user entity through multiple authorization center attributes; after initiating a transaction and before being brought into a block, preprocessing the transaction through a chameleon hash function; updating the transaction content of the transaction, calculating chameleon Hash collision, updating the transaction content to be invalid, and calculating chameleon Hash collision to finish deleting and modifying the transaction.
The editable block chain method based on multi-authorization-center attribute encryption provided by the embodiment of the invention can maintain the block chain in time under special conditions, delete the junk data on the block chain, ensure the personal information safety and the stable development of the society, establish the governing rule on the block chain, widen the application field of the block chain and contribute to the healthy development of the block chain application.
In addition, the editable blockchain method based on multi-authority attribute encryption according to the above embodiment of the present invention may further have the following additional technical features:
further, in an embodiment of the present invention, the method further includes: after the deletion is finished, other users verify and update the local block chain data.
Further, in an embodiment of the present invention, the authenticating and updating the local blockchain data by other users includes: and broadcasting the changed transaction content, and verifying the new transaction content and the transaction modifier so as to update the locally stored local blockchain data in a whole network after the verification is passed.
Further, in an embodiment of the present invention, the verifying whether the identity of each node meets a preset condition, and distributing an attribute key for the user entity through the multiple rights issuer attribute includes: initializing parameters of each attribute authorization center, generating a public private key, and controlling each attribute authorization center to distribute the attribute keys to corresponding users when the users apply the private keys of the related attributes to the attribute authorization centers.
Optionally, in an embodiment of the present invention, the preset condition may be that the identity of each node is valid.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The foregoing and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a block diagram of an editable blockchain system based on multiple rights issuer attribute encryption according to an embodiment of the invention;
FIG. 2 is a block diagram illustrating an editable blockchain based on multiple rights issuer attribute encryption according to an embodiment of the invention;
FIG. 3 is a flow diagram of authentication and attribute key distribution according to one embodiment of the present invention;
FIG. 4 is a flow diagram of transaction pre-processing according to one embodiment of the invention;
FIG. 5 is a flow diagram of transaction pruning according to one embodiment of the present invention;
FIG. 6 is a flow diagram of transaction verification according to one embodiment of the invention;
FIG. 7 is a flowchart of an editable blockchain method based on multiple rights issuer attribute encryption according to an embodiment of the invention;
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative and intended to be illustrative of the invention and are not to be construed as limiting the invention.
The editable blockchain system and method based on multi-rights issuer attribute encryption according to the embodiment of the present invention will be described with reference to the accompanying drawings, which will first be described.
FIG. 1 is a block diagram of an editable blockchain system based on multiple rights issuer attribute encryption according to an embodiment of the invention
As shown in fig. 1, the multiple-authority attribute encryption-based editable blockchain system 10 includes: an authentication and attribute key distribution module 100, a transaction preprocessing module 200 and a transaction modification module 300.
The identity verification and attribute key distribution module 100 is configured to verify whether the identity of each node meets a preset condition, and distribute an attribute key for a user entity through multiple authorization center attributes.
Optionally, in an embodiment of the present invention, the preset condition may be that the identity of each node is valid.
It can be understood that, as shown in fig. 2, in the authentication and attribute key distribution stage, it is verified whether the identity of each node is valid and valid, and the attribute authority distributes the attribute key for the user entity.
Further, in an embodiment of the present invention, the identity verification and attribute key distribution module 100 is further configured to initialize parameters of each attribute authorization center, generate a public key and a private key, and control each attribute authorization center to distribute an attribute key to a corresponding user when the user applies for a private key of a related attribute from the attribute authorization center.
Specifically, the authentication and attribute key distribution stage includes an authentication process, an attribute authorization center initialization process, a user attribute key application process, and an attribute authorization center key distribution process. The identity verification process, namely CA verifies whether the identity of each node is legal and valid; an attribute authorization center initialization process, namely parameter initialization and public and private key generation of each attribute authorization center; the user applies for the attribute key process, namely the user applies for the private key of the relevant attribute from the attribute authorization center; the attribute authorization center distributes the key, namely, each attribute authorization center distributes the key to the corresponding user.
For example, in the stage of identity verification and attribute key distribution, the stage of identity verification and attribute key distribution includes an identity verification process, an attribute authorization center initialization process, a user attribute key application process, and an attribute authorization center key distribution process. The identity auditing process, namely CA, checks whether the identity of each node in the alliance chain is valid or not; an attribute authorization center initialization process, namely parameter initialization and public and private key generation of each attribute authorization center; the user applies for the attribute key process, namely the user applies for the private key of the relevant attribute from the attribute authorization center; the attribute authorization center distributes the key, namely, each attribute authorization center distributes the key to the corresponding user.
The flow of the identity verification and attribute key distribution stage is as follows:
step 1.CA is responsible for verifying the identity of each node in the federation chain. Only users authenticated by the CA organization can participate in the transaction process on the blockchain, and each user has a Global Identifier (GID) that uniquely identifies itself.
Step 2, a plurality of attribute authorization centers AA1,AA2,…,AAnThe method comprises the following steps of independently managing attributes in an attribute domain, independently executing an initialization process without cooperation, and specifically comprising the following steps:
step 2-1, selecting an order of N ═ p1p2p3Of bilinear group G, where p1、p2、p3All are prime numbers, a bilinear map e on one group G is selected: g → GTAnd group Gp1Is that the generator is p1A subgroup of group G of (a);
step 2-2, for the attribute a in each attribute domainiAttribute authority AAjRandom selection of alphai,yi∈ZNCalculating
Figure GDA0003421460440000041
SKj=(αi,yi) Wherein PK isjIs an encryption key for attribute encryption, SKjIs the master key for attribute key calculation.
Step 3, each user submits own GID and sends the GID to the attribute authorization center AAjApplication Attribute aiThe attribute key of (2).
Step 4.AAjUsing SKjCalculating an attribute a for each entityiIs given by the attribute key Ki,GIDThe method comprises the following specific steps:
step 4-1, selecting a collision-resistant hash function H1:{0,1}*→G;
Step 4-2. for attribute aiCalculating
Figure GDA0003421460440000042
Step 5.AAjWill Ki,GIDAnd a key PK for attribute encryptionjThe encryption is sent to each entity.
The transaction preprocessing module 200 is configured to preprocess a transaction through a chameleon hash function after the transaction is initiated and before the transaction is included in a block.
It will be appreciated that, during the transaction pre-processing phase, the editable transaction is processed using a chameleon hash function. That is, the transaction publisher preprocesses a transaction using a chameleon hash function prior to inclusion in a block after the transaction is initiated.
For example, in the transaction preprocessing stage, the transaction is preprocessed using a chameleon hash function before the transaction is included in the block after the transaction is initiated.
The flow of the transaction preprocessing phase is as follows:
step 1, if a certain user A wants to initiate an editable transaction, A needs to be initialized locally to generate a hash key and a long-term trapdoor key of a chameleon hash function, and the specific steps are as follows:
step 1-1, randomly selecting prime numbers e to satisfy that e is larger than N and N belongs to N as a natural number;
step 1-2, selecting different prime numbers p and q and anti-collision hash function
Figure GDA0003421460440000051
Step 1-3. let hk ═ n, H2) And tk is a hash key used for calculating chameleon hash, and tk is a long-term trapdoor key used for calculating chameleon hash collision.
And 2, the transaction publisher A submits the transaction content to the endorsement node and waits for the endorsement node to verify the transaction.
And 3, after the endorsement node is checked, preprocessing the transaction by the transaction publisher A by using a chameleon hash function, and specifically comprising the following steps:
step 3-1, selecting random number
Figure GDA0003421460440000052
Selecting different prime numbers p 'and q', calculating n '═ p' q 'and n' are mutually prime, and recording (p ', q') as a temporary trap key etd;
step 3-2, calculating chameleon Hash function value H as H for transaction m by using Hash secret key hk2(m)re(modnn′);
Step 3-3. randomly selecting a secret s belonging to ZNAnd a random number y2,...,yl,t2,...,tl∈ZNForm a vector υ (s, y)2,...,yn)∈ZNSum vector ω ═ 0, t2,...,tn)∈ZN
Step 3-4. at ZNIn the random number rxLet λ bex=AxV and ωx=Axω, for each row A of the matrix AxFor etd, ciphertext c:
Figure GDA0003421460440000053
and 4, preprocessing the transaction by using a chameleon hash function, storing the transaction in a (h, c) form, waiting for the sequencing nodes to sequence and pack the transaction into blocks, and broadcasting the blocks to main nodes of other organizations by the sequencing nodes. After receiving the block, the master node performs a series of checks to verify whether the block is valid. And if the verification is valid, updating the data state of the account book.
The transaction deletion module 300 is configured to update the transaction content of the transaction, calculate chameleon hash collision, update the transaction content to be invalid, and calculate chameleon hash collision to complete deletion and modification of the transaction.
It will be appreciated that in the transaction pruning stage, the transaction modifier prunes a transaction. The method comprises a transaction updating process and a transaction deleting process. In the transaction updating process, the authorized party can update the transaction content, and chameleon Hash collision is calculated; and in the transaction deletion process, the authorized party updates the contents of the transaction to be invalid, and calculates chameleon hash collision.
For example, in the transaction pruning stage, the transaction pruning stage includes a transaction update process and a transaction deletion process. In the transaction updating process, the authorized party updates the transaction content and calculates chameleon Hash collision; and in the transaction deletion process, the authorized party updates the contents of the transaction to be invalid, and calculates chameleon hash collision.
As shown in fig. 5, the flow of the transaction pruning stage is as follows:
step 1. if transaction modifier B wants to modify a transaction (B possesses a set of attribute keys K matching the transactioni,GIDB) can apply for a long-term trapdoor key tk to a transaction issuer a, and the specific steps are as follows:
step 1-1.B initiates a request for applying a long-term trapdoor key tk to A;
step 1-2.A uses the access control matrix A same as the transaction preprocessing process to encrypt the attribute of tk and sends the attribute to B;
step 1-3.B use the Attribute Key set Ki,GIDAnd obtaining a long-term trapdoor key tk after decryption.
Step 2, the transaction modifier B uses an attribute key set { K ] for the ciphertext ci,GIDDecrypting to obtain a temporary trapdoor key etd, which comprises the following steps:
step 2-1, calculating the hash value H of the user identifier GID of the user1(GID) if the transaction modifier B owns the set of attribute keys Kρ(x),GIDThe linear combination of all attribute incidence matrix rows in (1,0, …,0), then for each x, transaction modifier B computes:
Figure GDA0003421460440000061
step 2-2. transaction modifier B selects constant cx∈ZNMake sigmaxcxAx(1,0, …,0), and then calculate
Figure GDA0003421460440000062
Get temporary trapdoor key etd ═ c0/e(g1,g1)s
Step 3, for two different types of modification requirements, the following description will be made respectively:
if the transaction modifier B wants to update the transaction content, i.e. update the transaction m to m ', the inverse d of e can be calculated from the temporary trapdoor key etd ═ p ', q ' and the long-term trapdoor key tk ═ p, q, so that the inverse d of e is calculated
Figure GDA0003421460440000063
Thereby calculating the collision r' ═ of the chameleon hash function (xr)e(H2(m′)-1))d(mod nn'). And finishing the transaction content modification.
If the transaction modifier B wants to delete the transaction content (the data field of the update transaction is the terminator), formalized as updating the transaction m to m ", the inverse d of e can be calculated from the temporary trapdoor key etd ═ p ', q' and the long-term trapdoor key tk ═ p, q) so that the inverse d of e is calculated such that
Figure GDA0003421460440000071
Thereby calculating the collision r ″ (xr) of the chameleon hash functione(H2(m″)-1))d(mod nn'). And finishing the transaction content modification.
Further, in an embodiment of the present invention, the system 10 of an embodiment of the present invention further includes: a transaction verification module. The transaction verification module is used for verifying and updating the local block chain data by other users after the deletion is finished.
It can be understood that, in the transaction verification stage, after the transaction deletion is completed, the local blockchain data is verified and updated by other users.
In an embodiment of the present invention, the transaction verification module is further configured to broadcast the changed transaction content, and verify the new transaction content and the transaction modifier, so that after the verification is passed, the locally stored local blockchain data is updated over the whole network.
Specifically, the transaction verification phase comprises an update content broadcasting process, an endorsement node verification process and a whole network update process. Updating the content broadcasting process, namely broadcasting the changed transaction content by an authorized party; the endorsement node verification process is that the endorsement node verifies the new transaction content and the transaction modifier; and after the verification is passed in the whole network updating process, the whole network updates the locally stored block chain data.
For example, the transaction verification phase includes an update content broadcast process, an endorsement node verification process, and a network wide update process. Updating the content broadcasting process, namely broadcasting the changed transaction content by an authorized party; the endorsement node verification process is that the endorsement node verifies new transaction contents and transaction modifiers; and after the verification is passed in the whole network updating process, the whole network updates the locally stored block chain data.
As shown in fig. 6, the flow of the transaction verification phase is as follows:
and step 1, the transaction modifier B sends (m ', r', h) or (m ', r', h) to the endorsement node after signing by using a private key of the transaction modifier B.
And 2, verifying the identity of the transaction modifier and new transaction contents by the endorsement node, and specifically comprising the following steps:
and 2-1, verifying the signature of the transaction modifier by the endorsement node, if the signature passes the verification, executing the following steps, otherwise, not executing the modification.
Step 2-2. endorsement node verification H2(m′)re(mod nn') or H2(m″)re(mod nn') is equal to h, if the verification passes, the following steps are performed, otherwise the endorsement node does not perform the modification.
And 3, the endorsement node broadcasts the new transaction content (m ', h) or (m', h), and updates the transaction content m stored locally to be m 'or m' through the whole network until the transaction content is verified.
In summary, according to the editable blockchain system based on multi-authorization-center attribute encryption of the embodiment of the invention, through the identity verification and attribute key distribution stage, the transaction preprocessing stage, the transaction modification stage and the transaction verification stage, the editable purpose is realized for the alliance chain, which is beneficial to timely maintaining the blockchain under special conditions, deleting the garbage data on the blockchain, ensuring the personal information safety and the stable development of the society, establishing the governing rules on the blockchain, improving the risk resistance of the blockchain, and avoiding the system from splitting; widening the application field of the block chain and being beneficial to the healthy development of the block chain application.
Next, an editable blockchain method based on multi-rights issuer attribute encryption according to an embodiment of the present invention is described with reference to the drawings.
Fig. 7 is a flowchart of an editable blockchain method based on multiple rights issuer attribute encryption according to an embodiment of the invention.
As shown in fig. 7, fig. 7 is a flowchart of an editable blockchain method based on multiple rights issuer attribute encryption according to an embodiment of the present invention, including the following steps:
step S701: and verifying whether the identity of each node meets a preset condition, and distributing an attribute key for the user entity through the multi-authorization center attribute.
Optionally, in an embodiment of the present invention, the preset condition may be that the identity of each node is valid.
Further, in an embodiment of the present invention, verifying whether the identity of each node satisfies a preset condition, and distributing an attribute key for a user entity through a multi-authority attribute includes: initializing parameters of each attribute authorization center, generating a public private key, and controlling each attribute authorization center to distribute an attribute key to a corresponding user when the user applies a private key of a relevant attribute to the attribute authorization center.
Step S702: after the transaction is initiated and before the transaction is brought into the block, the transaction is preprocessed through a chameleon hash function.
Step S703: updating the transaction content of the transaction, calculating chameleon Hash collision, updating the transaction content to be invalid, and calculating chameleon Hash collision to finish deleting and modifying the transaction.
In addition, in one embodiment of the present invention, the method further includes: after the deletion is finished, other users verify and update the local block chain data.
Further, in an embodiment of the present invention, the verifying and updating the local blockchain data by other users includes: and broadcasting the changed transaction content, and verifying the new transaction content and the transaction modifier so as to update the locally stored local blockchain data in a whole network after the verification is passed.
It should be noted that the above explanation of the embodiment of the editable blockchain system based on attribute encryption of multiple authorization centers is also applicable to the editable blockchain method based on attribute encryption of multiple authorization centers of the embodiment, and is not repeated herein.
In summary, according to the editable blockchain method based on multi-authorization-center attribute encryption of the embodiment of the invention, through the identity verification and attribute key distribution stage, the transaction preprocessing stage, the transaction modification stage and the transaction verification stage, the editable purpose is realized for the alliance chain, which is beneficial to timely maintaining the blockchain under special conditions, deleting the garbage data on the blockchain, ensuring the personal information safety and the stable development of the society, establishing the governing rules on the blockchain, improving the risk resistance of the blockchain, and avoiding the system splitting; widening the application field of the block chain and being beneficial to the healthy development of the block chain application.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or N embodiments or examples. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction.
Furthermore, the terms "first", "second" and "first" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include at least one such feature. In the description of the present invention, "N" means at least two, e.g., two, three, etc., unless specifically limited otherwise.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more N executable instructions for implementing steps of a custom logic function or process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of implementing the embodiments of the present invention.
The logic and/or steps represented in the flowcharts or otherwise described herein, e.g., an ordered listing of executable instructions that can be considered to implement logical functions, can be embodied in any computer-readable medium for use by or in connection with an instruction execution system, apparatus, or device, such as a computer-based system, processor-containing system, or other system that can fetch the instructions from the instruction execution system, apparatus, or device and execute the instructions. For the purposes of this description, a "computer-readable medium" can be any means that can contain, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. More specific examples (a non-exhaustive list) of the computer-readable medium would include the following: an electrical connection (electronic device) having one or N wires, a portable computer diskette (magnetic device), a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber device, and a portable compact disc read-only memory (CDROM). Additionally, the computer-readable medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.
It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the N steps or methods may be implemented in software or firmware stored in a memory and executed by a suitable instruction execution system. If implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc. Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made to the above embodiments by those of ordinary skill in the art within the scope of the present invention.

Claims (10)

1. An editable blockchain system based on multiple rights issuer attribute encryption, comprising:
the identity verification and attribute key distribution module is used for verifying whether the identity of each node meets a preset condition and distributing an attribute key for the user entity through the attribute of the multi-authorization center;
the transaction preprocessing module is used for preprocessing the transaction through a chameleon hash function after the transaction is initiated and before the transaction is brought into the block; and
the transaction deletion module is used for updating the transaction content of the transaction, calculating chameleon Hash collision, updating the transaction content to be invalid, and calculating chameleon Hash collision so as to complete deletion and modification of the transaction;
the transaction preprocessing module is used for executing the following steps:
randomly selecting a prime number e to satisfy e > N and N belongs to N as a natural number;
selecting different prime numbers p and q and anti-collision hash function
Figure FDA0003302331970000011
Let hk be (n, H)2) And tk is a hash key used for calculating chameleon hash, and tk is a long-term trapdoor key used for calculating chameleon hash collision;
the transaction publisher submits the transaction content proposal to the endorsement node and waits for the endorsement node to verify the transaction;
after the endorsement node is checked, selecting a random number
Figure FDA0003302331970000012
Selecting different prime numbers p 'and q', calculating n '═ p' q 'and n' are mutually prime, and recording (p ', q') as a temporary trap key etd;
calculating chameleon hash function value H ═ H for transaction m by using hash key hk2(m)re(modnn′);
Randomly selecting a secret s ∈ ZNAnd a random number y2,…,yl,t2,…,tl∈ZNForm a vector υ (s, y)2,…,yn)∈ZNSum vector ω ═ 0, t2,…,tn)∈ZN
At ZNIn the random number rxLet λ bex=AxV and ωx=Axω, for each row A of the matrix AxFor etd, ciphertext c:
Figure FDA0003302331970000013
and (3) preprocessing the transaction by the chameleon hash function, storing the transaction in a (h, c) form, waiting for sequencing and packaging the sequencing nodes into blocks, broadcasting the blocks to main nodes of other organizations by the sequencing nodes, and updating the data state of the account book if the main nodes verify that the blocks are valid.
2. The system of claim 1, further comprising:
and the transaction verification module is used for verifying and updating the local block chain data by other users after the deletion is finished.
3. The system of claim 2, wherein the transaction verification module is further configured to broadcast the changed transaction content and verify new transaction content and transaction modifiers to update the locally stored local blockchain data over the network after verification is passed.
4. The system according to claim 1, wherein the authentication and attribute key distribution module is further configured to initialize parameters of each attribute authority, generate a public and private key, and control each attribute authority to distribute the attribute key to a corresponding user when the user applies for the private key of the relevant attribute from the attribute authority.
5. The system according to any of claims 1-4, wherein the predetermined condition is that the identity of each node is valid.
6. An editable block chain method based on multi-authority attribute encryption is characterized by comprising the following steps:
verifying whether the identity of each node meets a preset condition, and distributing an attribute key for a user entity through multiple authorization center attributes;
after initiating a transaction and before being brought into a block, preprocessing the transaction through a chameleon hash function; and
updating the transaction content of the transaction, calculating chameleon Hash collision, updating the transaction content to be invalid, and calculating chameleon Hash collision to finish deleting and modifying the transaction;
the transaction is preprocessed by a chameleon hash function for executing the following steps:
randomly selecting a prime number e to satisfy e > N and N belongs to N as a natural number;
selecting different prime numbers p and q and anti-collision hash function
Figure FDA0003302331970000021
Let hk be (n, H)2) And tk is a hash key used for calculating chameleon hash, and tk is a long-term trapdoor key used for calculating chameleon hash collision;
the transaction publisher submits the transaction content proposal to the endorsement node and waits for the endorsement node to verify the transaction;
after the endorsement node is checked, selecting a random number
Figure FDA0003302331970000022
Selecting different prime numbers p 'and q', calculating n '═ p' q 'and n are mutually prime, recording (p', q)') temporary trapdoor key etd;
calculating chameleon hash function value H ═ H for transaction m by using hash key hk2(m)re(modnn′);
Randomly selecting a secret s ∈ ZNAnd a random number y2,…,yl,t2,…,tl∈ZNForm a vector υ (s, y)2,…,yn)∈ZNSum vector ω ═ 0, t2,…,tn)∈ZN
At ZNIn the random number rxLet λ bex=AxV and ωx=Axω, for each row A of the matrix AxFor etd, ciphertext c:
Figure FDA0003302331970000023
and (3) preprocessing the transaction by the chameleon hash function, storing the transaction in a (h, c) form, waiting for sequencing and packaging the sequencing nodes into blocks, broadcasting the blocks to main nodes of other organizations by the sequencing nodes, and updating the data state of the account book if the main nodes verify that the blocks are valid.
7. The method of claim 6, further comprising:
after the deletion is finished, other users verify and update the local block chain data.
8. The method of claim 7, wherein the authenticating and updating local blockchain data for other users comprises:
and broadcasting the changed transaction content, and verifying the new transaction content and the transaction modifier so as to update the locally stored local blockchain data in a whole network after the verification is passed.
9. The method according to claim 6, wherein the verifying whether the identity of each node satisfies a preset condition and distributing the attribute key for the user entity through the multiple rights issuer attribute comprises:
initializing parameters of each attribute authorization center, generating a public private key, and controlling each attribute authorization center to distribute the attribute keys to corresponding users when the users apply the private keys of the related attributes to the attribute authorization centers.
10. The method according to any of claims 6-9, wherein the predetermined condition is that the identity of each node is valid.
CN201910620208.6A 2019-07-10 2019-07-10 Editable block chain system and method based on multi-authority attribute encryption Active CN110457297B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910620208.6A CN110457297B (en) 2019-07-10 2019-07-10 Editable block chain system and method based on multi-authority attribute encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910620208.6A CN110457297B (en) 2019-07-10 2019-07-10 Editable block chain system and method based on multi-authority attribute encryption

Publications (2)

Publication Number Publication Date
CN110457297A CN110457297A (en) 2019-11-15
CN110457297B true CN110457297B (en) 2022-02-15

Family

ID=68482643

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910620208.6A Active CN110457297B (en) 2019-07-10 2019-07-10 Editable block chain system and method based on multi-authority attribute encryption

Country Status (1)

Country Link
CN (1) CN110457297B (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111460497B (en) * 2020-03-30 2023-04-07 中南大学 Editable block chain system
CN111526009B (en) * 2020-04-09 2021-06-15 西南交通大学 Forward security editable block chain construction method suitable for alliance chain
CN111339209B (en) * 2020-05-19 2020-08-28 鹏城实验室 Information management method and information management system based on block chain
CN112272092B (en) * 2020-08-30 2021-07-27 河南大学 Data editing method applied to block chain
CN112468302B (en) * 2020-10-23 2024-05-24 湖南天河国云科技有限公司 Editable blockchain based on verifiable multiparty secret sharing
CN112070501B (en) * 2020-11-10 2021-03-02 支付宝(杭州)信息技术有限公司 Block chain transaction initiating and verifying method and system
CN112380584B (en) * 2021-01-13 2021-04-16 北京笔新互联网科技有限公司 Block chain data updating method and device, electronic equipment and storage medium
CN113378213B (en) * 2021-04-20 2022-06-21 华南农业大学 Block chain safety deleting method capable of recording and tracing
CN113268542A (en) * 2021-05-10 2021-08-17 西安交通大学 Block chain rewriting method and system based on multi-party authorization
CN115374450A (en) * 2021-05-18 2022-11-22 华为技术有限公司 Method and apparatus for editing blockchains
CN113536389B (en) * 2021-06-15 2022-05-20 复旦大学 Fine-grained controllable decentralized editable block chain construction method and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104601605A (en) * 2015-02-28 2015-05-06 北方工业大学 Efficient privacy protection auditing scheme based on chameleon hash function in cloud storage
CN108830602A (en) * 2018-06-27 2018-11-16 电子科技大学 A kind of license chain construction and management-control method based on chameleon hash function
CN109559124A (en) * 2018-12-17 2019-04-02 重庆大学 A kind of cloud data safety sharing method based on block chain

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10326753B2 (en) * 2016-06-23 2019-06-18 International Business Machines Corporation Authentication via revocable signatures

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104601605A (en) * 2015-02-28 2015-05-06 北方工业大学 Efficient privacy protection auditing scheme based on chameleon hash function in cloud storage
CN108830602A (en) * 2018-06-27 2018-11-16 电子科技大学 A kind of license chain construction and management-control method based on chameleon hash function
CN109559124A (en) * 2018-12-17 2019-04-02 重庆大学 A kind of cloud data safety sharing method based on block chain

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
《可更改区块链技术研究》;李佩丽等;《密码学报》;20181015;全文 *

Also Published As

Publication number Publication date
CN110457297A (en) 2019-11-15

Similar Documents

Publication Publication Date Title
CN110457297B (en) Editable block chain system and method based on multi-authority attribute encryption
CN112019591B (en) Cloud data sharing method based on block chain
CN111371561B (en) Alliance block chain data access control method based on CP-ABE algorithm
CN112532588B (en) Policy hidden type data access control method based on block chain
CN110489422B (en) Automatic block chain repairing method
CN113536389B (en) Fine-grained controllable decentralized editable block chain construction method and system
CN111130757A (en) Multi-cloud CP-ABE access control method based on block chain
CN108876381A (en) Method for secure transactions based on intelligent contract
CN115296838B (en) Block chain-based data sharing method, system and storage medium
CN107332858A (en) Cloud date storage method
CN107465681A (en) Cloud computing big data method for secret protection
CN115065679B (en) Electronic health record sharing model, method, system and medium based on blockchain
CN114979211A (en) Internet of things data fine-grained safety sharing method based on alliance chain
CN112565264B (en) Cloud storage data integrity detection method based on block chain
CN112749417A (en) Electronic academic certificate data protection and sharing system based on block chain
US6704867B1 (en) Method for publishing certification information representative of selectable subsets of rights and apparatus and portable data storage media used to practice said method
CN114244838A (en) Encryption method and system, decryption method, device and equipment for block chain data
CN116204923A (en) Data management and data query methods and devices
CN115643098A (en) Cloud data sharing system and auditing system based on certificateless encryption
CN116318663A (en) Multi-strategy safe ciphertext data sharing method based on privacy protection
CN110011963A (en) The information processing method with the more authorization CP-ABE effectively cancelled based on OBDD
CN108664814A (en) A kind of group data integrity verification method based on agency
CN108763944A (en) Multicenter large attribute Domain Properties base encryption method can be revoked safely in calculating in mist
CN115250205B (en) Data sharing method and system based on alliance chain, electronic device and storage medium
CN116975815A (en) Express mail information protection system based on block chain network

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant