CN110880972A - Block chain key management system based on safe multiparty calculation - Google Patents
Block chain key management system based on safe multiparty calculation Download PDFInfo
- Publication number
- CN110880972A CN110880972A CN201911169093.XA CN201911169093A CN110880972A CN 110880972 A CN110880972 A CN 110880972A CN 201911169093 A CN201911169093 A CN 201911169093A CN 110880972 A CN110880972 A CN 110880972A
- Authority
- CN
- China
- Prior art keywords
- key
- information
- layer
- user
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/18—Multiprotocol handlers, e.g. single devices capable of handling multiple protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3255—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Storage Device Security (AREA)
Abstract
The invention belongs to the technical field of block chains, and particularly relates to a block chain key management system based on safe multi-party calculation. The system of the invention adopts a four-layer structure: the data storage layer is responsible for backing up storage key information; the network communication layer is responsible for carrying out data communication with other participants in the safe multiparty computation stage; the password service layer provides encryption service for the API service layer in a plug-in mode; the cryptographic service layer is divided into two modules: integrating an encryption module and an MPC module; the API service layer is used for providing an upper layer interface for a user; the invention provides a safe use and storage mode for the block chain key, and reduces the threshold of using the block chain key by a user and the risk of leakage and loss of the key.
Description
Technical Field
The invention belongs to the technical field of block chains, and particularly relates to a block chain key management system.
Background
At present, there are several ways to use and manage the blockchain key:
(1) local storage is used directly: the user directly stores the key in a local file or a cloud service which can be accessed locally, and directly obtains the key and inputs the key into a cryptographic algorithm when in use; or the user encrypts the key information first and then stores the key information, and decrypts the key information first to obtain the key original text when needed and then further uses the key original text. When the method is used, a complete secret key is required to be available to carry out a signing process, but the environmental security of personal equipment of a user cannot be guaranteed, and the personal equipment is likely to have trojans or viruses due to personal use reasons, or an attacker monitors and acquires information of the secret key through side channel attack in the use process. In the method, once a key is leaked, the ownership of the whole blockchain account is completely exposed to an attacker.
(2) Mnemonic and hierarchical deterministic wallet: when a user generates a blockchain account, the private key and the public key are calculated by using a certain number of words or poems which are relatively well memorized, for example, the private key is generated by a key derivation method (KDF) by using 11 mnemonics, and then the transaction is hash-signed by using the private key. Or a method of using a layered deterministic wallet, deriving a plurality of sub-private keys through private key seeds, generating a private key according to derivation rules when in use, and then signing a transaction by using the private key. The two methods solve the problem that the key is difficult to memorize to a certain extent, but the number of the mnemonic words cannot be too small, too small mnemonic words are easy to crack by violence, and too large mnemonic words are difficult to memorize completely; in the same method using hierarchical certainty, the key is the key seed, and how to manage the key seed safely and conveniently is still a problem to be solved urgently.
(3) Multiple signatures the concept of multiple digital signatures was first published by Okamoto and Itakura et al and a specific algorithm scheme was designed, multiple signatures can distribute the rights of an account over multiple keys, preventing the loss of one key from causing the whole account to run away. An asset operation transaction for an account requires a plurality of relatively independent private keys to sign a message in the clear, and the transaction is validated when the number of signatures is sufficient. Because the direct support of the multiple signature algorithm in the account system of the block chain system requires the change of the architecture design of the whole block chain, the specific implementation of the method is mostly used in an intelligent contract, and the account number of the signature and the required signature quantity threshold value are specified in advance. The security of the multiple signature method depends on the design and implementation of the smart contract and is not flexible because the smart contract is difficult to change once deployed. The multiple signature method can exert the safety under a certain scene, but the lower flexibility is difficult to be widely used.
(4) Centralized hosting service: the key is stored at a relatively trusted centralized authority. When a user needs to decrypt or sign the message, the message original text is sent to the hosting service side, and the service side returns the result to the user after the processing is finished according to the requirements of the user. The scheme has the advantages that users do not need to store the secret key by themselves, even if forgetting the secret key, the secret key can be retrieved through the managed centralized service, and the risk of losing the secret key is avoided. However, the hosting organization is a centralized service, which may be attacked by traditional denial of service and unable to provide service for users, and may also cause service system intrusion due to imperfect service security measures, and even may host internal monitoring and self-theft of a service party or an attacker to obtain a key of a user due to social engineering problems. There is a significant risk of completely escrowing the keys to a centralized authority.
(5) Secure multiparty computation based signatures: the yao-futures wisdom academy in the 80 s proposed a theoretical framework of the secure Multi-Party Computation (Multi-Party Computation) combining gc (garbled circuit) and ot (blivious transfer), described as "the problem of collaborative Computation between a group of mutually untrusted parties under the premise of protecting private information and having no trusted third Party". Under the condition of no trusted third party, all parties do not need to disclose own party information and obtain a result of joint calculation of multi-party data by using a cryptographic method. In the key management, multiple parties respectively hold shares of the private key, the private key shares only hold the private key, and the respective signature shares are integrated by using a GC + OT or homomorphic encryption method during calculation to obtain a final complete signature.
(6) Threshold signatures based on secure multiparty computation: threshold cryptography was continuously proposed in the 90 s, and a threshold signature scheme was considered as an important approach to key management. Lindell and Nof in 2018 proposed the first truly practical full-threshold ECDSA signature protocol, which has the characteristics of relatively fast signature and key distribution, but the threshold DSA signature is inefficient, and multiple rounds of information interaction and zero-knowledge proof are required in both key distribution and signature stages, and further research and development are awaited.
Combining the above description of the progress of key management, there are three problems with blockchain key management:
1. the key rights are not sufficiently distributed: when a full key is stored directly, there is a potential risk that the entire full key will be compromised directly, which could result in loss of ownership of the account. This problem is encountered both with the direct use of local storage and with the centralized hosted service;
2. the key cannot be refreshed: the key in the multi-signature and the current published signature method based on safe multi-party calculation cannot be refreshed conveniently after being generated, under the condition, an attacker can crack and obtain each key share by one attack, and finally all the shares can be obtained to completely control the assets of the block chain account;
3. poor usability: the user still needs to memorize complicated mnemonic words or key character strings, and the experience is poor for the terminal user, which is an important reason for hindering the large-scale development of the block chain.
Disclosure of Invention
The invention aims to provide a block chain key management system based on safe multi-party calculation, which has good safety and strong usability.
The invention designs and realizes a key management scheme by using a safe multi-party computing algorithm, can prevent the asset information of the whole account from being stolen due to single-point leakage of the key, supports the key refreshing function, enables an attacker to successfully control the block chain account by obtaining a plurality of private key shares through attack at the same time, and can refresh the private key shares in time when a certain party is attacked so as to ensure that the previous private key shares are invalid. The main private key does not appear in the whole life cycle of the key management scheme, each party only needs to use the private key share of the party to calculate during signature, the results of each party are integrated after calculation, and powerful key protection can be provided without the process of recovering the private key. And then the user can send the transaction to participate in the blockchain system by using a simpler password by using the integrated encryption technology, so that the usability of the blockchain is improved, and a safe and easy-to-use scheme is provided for the blockchain key.
The block chain key management system based on safe multi-party calculation adopts a four-layer structure, uses decoupling and plug-in architecture design and uses a plurality of communication protocols to transmit information among all parties to provide key management service for users, and provides a safe and easy-to-use key management tool for block chain account users and block chain application. The four-layer structure is as follows: a data storage layer, a network communication layer, a password service layer, and an API service layer, as shown in FIG. 1. Wherein:
and the data storage layer is responsible for backing up storage key information. After the key shares obtained by the user in the key generation stage and the key refreshing stage are encrypted by the integrated encryption module, the corresponding ciphertext information can be stored in a data storage database according to the account ID and the key kid, the data storage database can be a relational database or a non-relational database, and the database stores two types of different data: encryption algorithm information of different security levels, an encryption algorithm of an encryption key and encrypted ciphertext information.
When the system is established as a key escrow service, a large amount of user data, account and key information exist, indexes are established in the database, and the data query speed is accelerated under the condition of large data volume. The specific configuration and use mode of the database depend on user design, and the safety and disaster tolerance of the database can be enhanced on the basis of the design.
The data storage layer is also adapted with a cache mechanism, and data with high use frequency is cached in the memory by using a Least Recently Used (LRU) algorithm, so that the performance of signature and key refreshing is accelerated. If the system is used on a light client, such as a mobile device mobile phone, a sensor facility and other places where database building is inconvenient, the system provides a file storage function, because the amount of information required to be stored by the devices is not too much, each encrypted information can be stored in a file and can be directly read from the file when required.
And the network communication layer is responsible for carrying out data communication with other participants in the safe multiparty computation stage. In order to adapt to communication protocols used in different service scenes, the system uniformly encapsulates network protocols such as RPC, TLS, HTTPS/HTTP and the like on a TCP protocol. The user may set a desired protocol through a configuration file when initializing the key management service. Meanwhile, in order to adapt to the coding formats of different system platforms, a uniform data format is used for data transmission. Each protocol encapsulates a unified interface as in fig. 2:
due to network transmission, packet loss or network connection disconnection may occur. In order to improve the success rate of safe multiparty computation, highly available measures are added in a network communication layer, when the network connection is disconnected, the network communication layer is automatically reconnected, when the message is not received on the network connection for a long time, the request is sent again, and if the request fails after three times, an upper layer user is informed, and the user needs to check the service states of other participants.
The password service layer provides encryption service for the API service layer in a plug-in mode. The cryptographic service layer is divided into two modules: and integrating an encryption module and an MPC module. The integrated encryption module comprises all used KDFs, Hash algorithms, symmetric encryption algorithms and the like to provide guarantee for the backup key shares. During encryption and decryption, the security strength of the user password is judged according to the security strength configuration selected by the user, a sufficient amount of user identity information is received, prompt information is returned when the security strengths are not matched, and then the corresponding KDF algorithm and the encryption algorithm are selected to encrypt and store key share information; the MPC module is a core module supporting multi-party computing ECDSA, contains algorithms of key generation, signature and key refreshing, and is a core algorithm part of a key management system. The user needs to use a distributed key generation algorithm to create the blockchain account, the existing blockchain account needs to use a distributed signature algorithm to initiate a transaction, and a distributed key refreshing interface needs to be called to update the key share in an emergency to protect the blockchain account. The operation of the MPC module depends on the network communication module, and the MPC participants can receive the relevant certification information and the interaction information within the specified time only by ensuring the normal network communication, thereby ensuring the correct execution of the MPC algorithm.
The plug-in architecture facilitates a user to add an autonomous cryptographic module, and the user can use an autonomous algorithm when encrypting a key as long as the user realizes a defined interface, for example, the user can use a TEE environment to store key information, so that the user has a more flexible use mode. The design of an open framework facilitates the adaptation of existing key protection modules in the legacy industry, such as hsm (hardwaresecuritymodules) and various hardware facilities.
The API service layer is an upper layer interface provided for users, and the users can directly use the API service layer. Including interfaces for initialization configuration, key generation, signature, key refresh, and password modification. After instantiating the key management system, the user can directly call the interface in the service flow. As shown in fig. 3.
When a specific blockchain service is applied, the key management system of the present invention may be used as a part of an application system, as shown in fig. 4, the application system directly interacts with the key management system, the application system sends information to be signed or decrypted to the key management system, and the key management system returns the information after completing the operation. The user can participate in the block chain system safely and conveniently based on the scheme of the invention, and the use threshold of the block chain is reduced.
The invention designs and realizes a safe and easy-to-use key management system by using a cryptographic algorithm of safe multi-party calculation. Aiming at the problems of the existing key management method, the invention provides a safe use mode and a storage mode for the block chain key, and reduces the threshold of using the block chain key by a user and the risk of leakage and loss of the key.
Drawings
Fig. 1 is a key management system architecture diagram.
Fig. 2 illustrates a network communication interface.
Fig. 3 API interface description.
Fig. 4 block chain application architecture diagram.
Detailed Description
As one embodiment, the invention designs a key management system (Blockchain-KMS) based on secure multi-party computing by using Golang language. The key management system can be embedded into application codes in an SDK or Library manner, is a basic general key management Library, and can also be used as an independent application to provide key use and storage management for users, such as establishing a managed service and providing APP use of a mobile terminal for the users.
In the data storage layer, the data storage database used is a relational database MySQL. Table 1 describes details of data stored in the database.
Table ID | Description of the invention | Remark information |
CryptoInfo | Encryption algorithm information table | Storing encryption algorithm information of corresponding security level |
KeyInfo | Key backup table | Storing all encrypted key information |
Table 1 database tables.
The CryptoInfo data table is responsible for storing encryption algorithm information of a corresponding security level. Table 2 details each field in the data table.
Element name | Name of field | Type and length | Must fill in | Main key | Description of the related Art |
Strength of safety | Level | INT | Is that | Is that | Safety intensity rating |
Encryption algorithm | Enc | char(64) | Is that | Whether or not | Encryption algorithm to be used |
Encryption mode | Mode | char(32) | Whether or not | Whether or not | Encryption mode used in encryption |
Password complexity | Complex | INT | Is that | Whether or not | Complexity of password |
Amount of identity information | Number | INT | Is that | Whether or not | Number of user ID information required for encryption and decryption |
Table 2 CryptoInfo table design.
KeyInfo is responsible for storing all encrypted key information. Table 3 details each field in the data table.
Element name | Name of field | Type and length | Must fill in | Main key | Description of the related Art |
ID | ID | char(64) | Is that | Is that | ID of encrypted information, consisting of account number and corresponding kid |
Strength of safety | Level | INT | Is that | Whether or not | Security strength for use in encrypting information |
Data of | Data | char(512) | Is that | Whether or not | Ciphertext data |
Table 3 KeyInfo table design.
In the network communication layer, in order to adapt to the coding formats of different system platforms, Google's efficient compression coding format Protocol Buffers are uniformly used for data transmission. And simultaneously supports network protocols such as RPC, TLS, HTTPS/HTTP and the like on the TCP link.
In the cryptographic service layer, the interface of the cryptographic service module is specified:
the detailed design of Encrypt (kernel, params interface { }) (error, string) is shown in tables 4 and 5. The hexadecimal character string of the original text of the key share to be encrypted is input, and parameters required to be used in encryption, such as security strength, encryption algorithm and encryption mode, password, identity information and the like, are input. And outputting two values after encryption is finished, normally outputting a cipher text of the key, wherein error is null, if an encryption error occurs, the cipher text is null, and the error is error information.
Input device
Table 4 Encrypt interface input information.
Output of
Table 5 Encrypt interface output information.
The detailed design of Decrypt (encrypt data string, params interface { }) (error, string) is shown in tables 6 and 7. Inputting cipher text information to be decrypted and parameters required to be used in decryption, such as security strength, encryption algorithm and encryption mode, password, identity information and the like. And outputting two values after encryption is finished, normally outputting the original text of the key, wherein error is null, if decryption errors occur, the ciphertext is null, and the error is error information, such as 'decryption password strength mismatch'.
Input device
Table 6 the Decrypt interface inputs information.
Output of
Table 7 Encrypt interface output information.
The detailed design of Store (key ID string, data string) is shown in tables 8 and 9. Key ciphertext information to be stored and a keyID of the information are input. And outputting two values after the storage is finished, wherein the value is true under a normal condition, error is null, if a storage error occurs, false is output, and the error is error information, such as 'storage error'.
Input device
Table 8 Store interface input information.
Output of
Type (B) | Examples of such applications are |
bool | True |
Error | Null | "memory error" |
Table 9Store interface output information.
The detailed design of getdata (keyid string) is shown in tables 10 and 11. The keyID of the information to be acquired is input. Outputting two values after the query acquisition is completed, normally outputting a cipher text character string of the key, wherein error is null, if a query error occurs, the cipher text is null, and the error is error information, if the key ID is not found;
input device
Parameter(s) | Type (B) | Whether or not it is necessary to | Examples of such applications are |
keyID | ID character string | Is that | “Alice_1” |
Table 5.10Store interface input information.
Output of
Table 11 Store interface outputs information.
When the system logic is designed, the recovery process is regarded as a part of a signature algorithm or a decryption algorithm, the key is only temporarily stored after recovery every time, and the temporary storage is released after the signature or decryption is finished every time, so that potential safety hazards caused by long-term storage are avoided.
In the API service layer, the interface specification of the API service module:
the detailed design of the init (config) error is shown in tables 12 and 13. Inputting configuration parameters of the key management system during initialization. After initialization is finished, the error is empty under normal conditions, and if encryption errors occur, the error is output as error information, such as 'configingvalid'. The Init interface must be invoked to initialize the configuration information before invoking the key management service. Definition of structure of Config: the first half part defines an elliptic curve to be used and inputs legal elliptic curve parameters; the second half illustrates the security parameters of the zero knowledge proof of knowledge algorithm at the KeyGen stage.
Input device
Parameter(s) | Type (B) | Whether or not it is necessary to | Examples of such applications are |
config | Config | Is that | Configuration information |
Table 12 the Init interface inputs information.
Output of
Type (B) | Examples of such applications are |
Error | Null|“configinvalid” |
Table 13 Init interface outputs information.
The detailed design of KeyGen (number, keyID string, params interface { }) (string, error) is shown in Table 14 and Table 15. The key ID and the number of participants to be generated, and the parameters of the storage key to be encrypted are input. And after the KeyGen is finished, normally, the error is empty, the main public key character string is returned, and if an error occurs, the error is output as error information, such as 'network error'. When a new account is to be created on the blockchain, one or more pieces of public key information are needed, the KeyGen is an interface for creating new public and private key information, and after the main public key information is acquired, account registration or direct transaction sending can be performed on the blockchain.
Input device
Parameter(s) | Type (B) | Whether or not it is necessary to | Examples of such applications are |
number | Int | Whether or not | Default is 1 |
keyID | ID character string | Is that | “Alice_1” |
Params | Parameters necessary for encryption | According to the implementation | 1, "AES", "GCM", "123456", "mailbox" |
Table 14 KeyGen interface input information.
Output of
Table 15 KeyGen interface input information.
The detailed design of Sign (messaging string, keyID string, params interface { }) (string, error) is shown in tables 16 and 17. The information message to be signed is entered, the key ID used, and the parameters to decrypt the stored key. And returning a signature value (R | | | S) and a null error under a normal condition after the signature is finished, and outputting the error as error information if an error occurs, such as 'invalid key'. After the public and private key information is generated, the public and private key information can be used by other participants for interaction to sign the transaction, and the transaction is sent to the blockchain system after a signature value is obtained.
Input device
Parameter(s) | Type (B) | Whether or not it is necessary to | Examples of such applications are |
message | String | Is that | “hello” |
keyID | ID character string | Is that | “Alice_1” |
Params | Parameters necessary for encryption | According to the implementation | 1, "AES", "GCM", "123456", "mailbox" |
Table 16 Sign interface inputs information.
Output of
Table 5.17 Sign interface input information.
Refresh () (key ID string, params interface { }) error, the interface only performs local key refreshing, and a participant calling the interface notifies a brother node on a key generation binary tree of the participant through a network layer to perform a key refreshing process. The detailed design is shown in tables 18 and 19. The key ID to be refreshed is entered, and the parameters of the stored key are decrypted. And returning error to be null under the normal condition after the key refreshing is finished, and outputting error information if an error occurs, such as 'mpcerror'. When a user perceives that the own key share is possibly leaked, a Refresh call is initiated in the first time, and local key refreshing is carried out on the key and participants of nodes which are brother nodes on the key generation binary tree.
Input device
Parameter(s) | Type (B) | Whether or not it is necessary to | Examples of such applications are |
keyID | ID character string | Is that | “Alice_1” |
Params | Parameters necessary for encryption | According to the implementation | 1, "AES", "GCM", "123456", "mailbox" |
Table 18 Refresh interface input information.
Output of
Type (B) | Examples of such applications are |
Error | Null|“mpcerror” |
Table 19 refreshinterface input information.
RefreshAll () (keyID string, params interface { }) error performs global key refreshing, and the participant calling the interface notifies all other participants of performing key refreshing through a network layer. The input and output are in accordance with tables 16 and 17 of the Refresh interface. Global refreshing of keys is initiated in special cases, such as when most keys have been compromised, it is critical to initiate global key replacement and enforce security of each key share.
Detailed design of UpdatePassionword (keyID string, old params interface { }, newParams interface { }) error is shown in Table 14 and Table 15. The key ID of the password to be changed and the parameters for decrypting the stored key and the new encryption key are input. After the UpdatePassionword is completed, the error is normally empty, and if an error occurs, the error is output as error information, such as 'passswallowdinalid'. Updating password is a means of daily safety protection, and the password is replaced regularly, which is beneficial to protecting the key information of encrypted storage.
Input device
Parameter(s) | Type (B) | Whether or not it is necessary to | Examples of such applications are |
keyID | ID character string | Is that | “Alice_1” |
oldParams | Necessary parameters for decryption | According to the implementation | 1, "AES", "GCM", "123456", "mailbox" |
newParams | Parameters necessary for encryption | According to the implementation | 1, "AES", "GCM", "abcdef", "mailbox" |
Table 20 UpdatePassword interface input information.
Output of
Type (B) | Examples of such applications are |
Error | Null|“passwordinvalid” |
Table 21 UpdatePassword interface input information.
Claims (5)
1. A block chain key management system based on secure multiparty computation is characterized in that a four-layer structure is adopted, decoupling and plug-in architecture design are used, multiple communication protocols are used for information transmission among all participants, key management service is provided for users, and a secure and easy-to-use key management tool is provided for block chain account users and block chain application; the four-layer structure is as follows: data storage layer, network communication layer, password service layer, API service layer, wherein:
the data storage layer is responsible for backing up storage key information; after the key shares obtained by the user in the key generation stage and the key refreshing stage are encrypted by the integrated encryption module, corresponding ciphertext information is stored in a data storage database according to the account ID and the key kid, the data storage database is a relational database or a non-relational database, and two types of different data are stored in the database: encryption algorithm information of different security levels, an encryption algorithm of an encryption key and encrypted ciphertext information;
the network communication layer is responsible for carrying out data communication with other participants in a safe multiparty computing stage; in order to adapt to communication protocols used in different service scenes, RPC, TLS and HTTPS/HTTP network protocols are uniformly packaged on a TCP (transmission control protocol) by the system; a user can set a required protocol through a configuration file when initializing the key management service; meanwhile, in order to adapt to the coding formats of different system platforms, a uniform data format is used for data transmission; each protocol encapsulates a unified interface:
the password service layer provides encryption service for the API service layer in a plug-in mode; the cryptographic service layer is divided into two modules: integrating an encryption module and an MPC module; the integrated encryption module comprises all used KDFs, Hash algorithms, symmetric encryption algorithms and the like, and guarantees are provided for the share of the backup key; during encryption and decryption, the security strength of the user password is judged according to the security strength configuration selected by the user, a sufficient amount of user identity information is received, prompt information is returned when the security strengths are not matched, and then the corresponding KDF algorithm and the encryption algorithm are selected to encrypt and store key share information; the MPC module is a core module supporting multi-party computing of ECDSA and comprises algorithms of key generation, signature and key refreshing; a user needs to use a distributed key generation algorithm to create a blockchain account, a distributed signature algorithm needs to be used when the existing blockchain account initiates a transaction, a distributed key refreshing interface needs to be called to update key shares in an emergency, and the blockchain account is protected; the operation of the MPC module depends on the network communication module, the MPC participants ensure normal network communication and receive relevant certification information and interaction information within the specified time, thereby ensuring the correct execution of the MPC algorithm;
the plug-in architecture facilitates users to add an autonomous cryptographic module, and users can use an autonomous algorithm when encrypting keys by only realizing a defined interface, and the plug-in architecture is designed into an open framework to be beneficial to being adapted to a key protection module in the existing traditional industry;
the API service layer is an upper interface provided for a user, and the user can directly use the API service layer; the method comprises the steps of initialization configuration, key generation, signature, key refreshing and password interface modification; after instantiating the key management system, the user can directly call the interface in the service flow.
2. The system according to claim 1, wherein an index is created in the data storage layer to speed up the query of data when the amount of data is large; the specific configuration and use mode of the database depend on user design, and the safety and disaster tolerance of the database are enhanced on the basis of the design.
3. The system according to claim 1, wherein a caching mechanism is adapted in the data storage layer, and a least recently used algorithm is used to cache data with a high frequency of use in a memory, so as to speed up the performance of signature and key refresh; if the system is used on a light client and is not convenient to build a database, the system provides a file storage function, each encrypted information is stored in a file, and the encrypted information is directly read from the file when needed.
4. The system of claim 1, wherein to increase the success rate of secure multiparty computation, measures are added in the network communication layer that are highly available, and the system is automatically reconnected when the network connection is disconnected, and resends the request when no message is received on the network connection for a long time, and notifies the upper layer user if the request fails after three times, and the service status of other participants needs to be checked by the user.
5. The system according to any of claims 1-4, wherein when the key management system is applied to the blockchain business system, the application system directly interacts with the key management system, the application system sends the information to be signed or decrypted to the key management system, and the key management system returns the information after the operation is completed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911169093.XA CN110880972A (en) | 2019-11-26 | 2019-11-26 | Block chain key management system based on safe multiparty calculation |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911169093.XA CN110880972A (en) | 2019-11-26 | 2019-11-26 | Block chain key management system based on safe multiparty calculation |
Publications (1)
Publication Number | Publication Date |
---|---|
CN110880972A true CN110880972A (en) | 2020-03-13 |
Family
ID=69729215
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911169093.XA Pending CN110880972A (en) | 2019-11-26 | 2019-11-26 | Block chain key management system based on safe multiparty calculation |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110880972A (en) |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111555870A (en) * | 2020-04-29 | 2020-08-18 | 支付宝实验室(新加坡)有限公司 | Key operation method and device |
CN112187442A (en) * | 2020-09-30 | 2021-01-05 | 中国科学技术大学 | Telemetry data analysis system and method based on privacy protection |
CN112187862A (en) * | 2020-08-31 | 2021-01-05 | 华控清交信息科技(北京)有限公司 | Task processing method and device for task processing |
CN112202565A (en) * | 2020-09-21 | 2021-01-08 | 中国电子科技网络信息安全有限公司 | Block chain system password patch plug-in implementation method |
CN112989436A (en) * | 2021-03-30 | 2021-06-18 | 广西师范大学 | Multi-signature method based on block chain platform |
CN113037464A (en) * | 2021-01-27 | 2021-06-25 | 广东轻工职业技术学院 | Intelligent city metropolitan area network architecture method based on block chain technology |
CN113408752A (en) * | 2021-05-27 | 2021-09-17 | 复旦大学 | Garbage recovery supervision system and method based on block chain |
CN113538140A (en) * | 2021-07-05 | 2021-10-22 | 杭州宇链科技有限公司 | Data transaction method based on trusted execution environment and threshold signature |
CN113612821A (en) * | 2021-07-14 | 2021-11-05 | 支付宝(杭州)信息技术有限公司 | Data interaction method and device in multi-party security computing |
WO2024001028A1 (en) * | 2022-06-29 | 2024-01-04 | 蚂蚁区块链科技(上海)有限公司 | Method and apparatus for maintaining blockchain data, and electronic device and storage medium |
-
2019
- 2019-11-26 CN CN201911169093.XA patent/CN110880972A/en active Pending
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111555870A (en) * | 2020-04-29 | 2020-08-18 | 支付宝实验室(新加坡)有限公司 | Key operation method and device |
CN111555870B (en) * | 2020-04-29 | 2023-01-17 | 支付宝实验室(新加坡)有限公司 | Key operation method and device |
CN112187862A (en) * | 2020-08-31 | 2021-01-05 | 华控清交信息科技(北京)有限公司 | Task processing method and device for task processing |
CN112187862B (en) * | 2020-08-31 | 2023-08-08 | 华控清交信息科技(北京)有限公司 | Task processing method and device for task processing |
CN112202565A (en) * | 2020-09-21 | 2021-01-08 | 中国电子科技网络信息安全有限公司 | Block chain system password patch plug-in implementation method |
CN112187442A (en) * | 2020-09-30 | 2021-01-05 | 中国科学技术大学 | Telemetry data analysis system and method based on privacy protection |
CN113037464A (en) * | 2021-01-27 | 2021-06-25 | 广东轻工职业技术学院 | Intelligent city metropolitan area network architecture method based on block chain technology |
CN113037464B (en) * | 2021-01-27 | 2022-06-03 | 广东轻工职业技术学院 | Intelligent city metropolitan area network architecture method based on block chain technology |
CN112989436B (en) * | 2021-03-30 | 2022-04-22 | 广西师范大学 | Multi-signature method based on block chain platform |
CN112989436A (en) * | 2021-03-30 | 2021-06-18 | 广西师范大学 | Multi-signature method based on block chain platform |
CN113408752A (en) * | 2021-05-27 | 2021-09-17 | 复旦大学 | Garbage recovery supervision system and method based on block chain |
CN113538140A (en) * | 2021-07-05 | 2021-10-22 | 杭州宇链科技有限公司 | Data transaction method based on trusted execution environment and threshold signature |
CN113612821A (en) * | 2021-07-14 | 2021-11-05 | 支付宝(杭州)信息技术有限公司 | Data interaction method and device in multi-party security computing |
WO2024001028A1 (en) * | 2022-06-29 | 2024-01-04 | 蚂蚁区块链科技(上海)有限公司 | Method and apparatus for maintaining blockchain data, and electronic device and storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110880972A (en) | Block chain key management system based on safe multiparty calculation | |
US11552792B2 (en) | Systems and methods for generating signatures | |
CN109495274B (en) | Decentralized intelligent lock electronic key distribution method and system | |
US10205713B2 (en) | Private and mutually authenticated key exchange | |
Lin et al. | A collaborative key management protocol in ciphertext policy attribute-based encryption for cloud data sharing | |
US20170244687A1 (en) | Techniques for confidential delivery of random data over a network | |
KR102619383B1 (en) | End-to-end double ratchet encryption using epoch key exchange | |
US10880100B2 (en) | Apparatus and method for certificate enrollment | |
CN103795533A (en) | Id-based encryption and decryption method, and apparatus for executing same | |
US20220021526A1 (en) | Certificateless public key encryption using pairings | |
Shen et al. | Toward data privacy preservation with ciphertext update and key rotation for IoT | |
Murugesan et al. | Analysis on homomorphic technique for data security in fog computing | |
CN114036539A (en) | Safety auditable Internet of things data sharing system and method based on block chain | |
JP2020532177A (en) | Computer-implemented systems and methods for advanced data security, high-speed encryption, and transmission | |
CN114631285A (en) | Key generation for use in secure communications | |
CN111953487B (en) | Key management system | |
CN114205090A (en) | Safe file sharing method and system based on state cryptographic algorithm | |
WO2020042023A1 (en) | Instant messaging data encryption method and apparatus | |
CN116405320B (en) | Data transmission method and device | |
CN108599941A (en) | Random asymmetries expand byte encryption of communicated data method | |
CN115834038A (en) | Encryption method and device based on national commercial cryptographic algorithm | |
Döring et al. | Post-Quantum Cryptography key exchange to extend a high-security QKD platform into the mobile 5G/6G networks | |
CN113132980B (en) | Key management system method and device applied to Beidou navigation system | |
Lin et al. | Verifiable attribute‐based proxy re‐encryption for secure public cloud data sharing | |
KR102304831B1 (en) | Encryption systems and method using permutaion group based cryptographic techniques |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20200313 |