CN110910139B - Trusted hardware and high-performance decentralized anonymous encryption method based on block chain - Google Patents
Trusted hardware and high-performance decentralized anonymous encryption method based on block chain Download PDFInfo
- Publication number
- CN110910139B CN110910139B CN201911228331.XA CN201911228331A CN110910139B CN 110910139 B CN110910139 B CN 110910139B CN 201911228331 A CN201911228331 A CN 201911228331A CN 110910139 B CN110910139 B CN 110910139B
- Authority
- CN
- China
- Prior art keywords
- block
- value
- parameter
- nodes
- trc
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the field of block chain algorithms, and discloses trusted hardware based on a block chain and a high-performance decentralized anonymous encryption algorithm, wherein an intelligent ore digging chip is arranged in the hardware, and an anonymous encryption algorithm is embedded in the intelligent ore digging chip, so that a user can be used as a U disk; when a reading interface of the USB3.0 is inserted, an encryption algorithm is executed, and equipment confirmation is carried out through a chip; if the confirmation is successful, the hardware becomes a block node in a public network block chain, and election calculation is carried out after the existing block data is synchronously completed; the intelligent ore-digging chips are successfully elected as ore working hours and have the power of packing blocks; the intelligent mining chip and the encryption algorithm adopt a consensus mechanism to ensure the protection of the identities of the incumbent miner and the next miner, so that the miners are anonymous in the whole block chain network. The hardware and the algorithm of the invention can solve the problems of computing power energy consumption, network attack on network computing power unevenness, block-out energy consumption and credible nodes.
Description
Technical Field
The invention relates to the field of block chain algorithms, in particular to a trusted hardware and high-performance decentralized anonymous encryption method based on a block chain.
Background
In the development of the blockchain in the years, the first time is the large leadership digital currencies such as Bizhou, Ether Fang, Laite, etc., but all of them have many similar technologies and commonalities.
1. The algorithm is mainly based on POW (Proof of Work) as a consensus algorithm, the Ethern uses POS (Proof of stock) and POW (Proof of Work) mixed consensus algorithm, and the EOS uses DPoS (freed Proof of stock) as a consensus algorithm.
2. Network communication: mainly takes a P2P network as a bottom layer, Ethern develops own network protocol on the basis of the bottom layer, and Kademlia is used for realizing the network protocol.
3. The account category is as follows: the bitcoin and the Laite coin use UTXO as the bottom layer technology support, the Ethermen use an account model, and each user can have a common transaction account and a contract account.
4. And (3) encryption algorithm: all the algorithms are based on elliptic curve algorithms, and the encryption algorithms realized by all the co-chains are different, for example, the ether house uses a Keccak256 hash algorithm and a Secp256k1 elliptic curve algorithm.
The use of the POW consensus algorithm in the existing block chain is accompanied by Sybil attack and 51% computational power, the two problems can seriously affect the network security of the block chain, and the problems of low block generation efficiency, complex account model, data storage and the like are solved. Common mechanisms widely used in the industry at present are PoW (Proof of Work) algorithm, (including its extended algorithms PoS algorithm and DPoS algorithm), PBFT (Practical Byzantine Fault Tolerance) algorithm, Paxos algorithm, and Raft algorithm. The disadvantage of the PoW algorithm is that it requires the participation of the entire network, wasting a lot of computing power and electricity. The PoS algorithm suffers from the drawback that the consensus mechanism is the same as PoW, but slightly improved. The DPoS algorithm selects an agent, and the compliance supervision, performance, resources and fault tolerance of the agent are similar to those of PoS. The Paxos algorithm is based on a consensus mechanism of election leaders, does not allow malicious nodes in the election process, and does not have fault tolerance. The PBFT algorithm is similar to the Paxos algorithm, employing permissive voting, majority compliant minority, allowing byzantine fault tolerance of 33%. The Raft algorithm is simplified by the Paxos algorithm, based on an alliance chain, the block height of the joint-identified node which is not referred to is selected, one joint-identified node keeps accounts continuously, the fault tolerance is poor, the dynamic joining and quitting of the node cannot be realized, and the chain supports the dynamic joining of the node by a variant Raft algorithm.
Disclosure of Invention
In view of the above, the present invention is directed to overcoming the drawbacks of the prior art, and providing a trusted hardware based on block chaining and a high-performance decentralized anonymous encryption method, which uses an intelligent mining chip and corresponding algorithm to avoid unauthorized operations and ensure that all computations, memories, storage and communications are properly monitored and protected.
A high-performance decentralized anonymous encryption method based on block chains comprises an encryption process, a secret key generation process and a signature verification process,
the encryption process comprises the following steps:
(1) the method transmits a parameter private key f, a public key h and core data c;
(2) f ∗ c, generating encrypted data m by using a private key, and solving a derivative value m';
(3) calculating a differential value t = c-m;
(4) HASH is carried out to generate an encrypted basic root seed;
(5) instantiating a differential value m, tseed and assigning as mmask;
(6) defining the parameter m = m '+ mmask again, wherein m' is the derivative value of m in the step 5 and then carrying out derivation;
(7) respectively performing HASH on m and h to obtain a secondarily encrypted radicle rseed;
(8) instantiating an integral value m and rseed;
(9) calling a zkSNARK function to perform zero knowledge encryption, verifying the differential value obtained before, the derivative value m, the rest and the HASH value tseed, and returning parameters msg and mlen;
(10) If the derivative function p · r ∗ h = t is satisfied, wherein p is the first 6 bits of the current timestamp value, r is the calculation root of rseed, h is a public key, and t is the current timestamp value;
(11) the program outputs an HASH value msg after the return data is encrypted and an HASH value mlen of the block header information;
the key generation process comprises the following steps:
(1) methods refer to N, p, q, d and bk;
(2) selecting a random seed as d, performing HASH calculation, and returning a parameter as f;
(3) if the verified parameter f is unique in result and no HASH collision occurs, the next step is carried out, otherwise, the step 2 is returned until the safe parameter f is calculated;
(4) calling zkSNARK function, judging whether the calculation result is reversible or not according to the NORMF (f) which is more than or equal to B kappa, and returning to the step 2 if the calculation result does not meet the condition;
(5) selecting the random seed as d again, performing HASH calculation by an improved elliptic curve algorithm, and returning the parameter as g;
(6) if the verified parameter g is unique, and no HASH collision occurs, the next step is carried out, otherwise, the step 4 is returned until the safe parameter g is calculated;
(7) calling zkSNARK function, judging whether the calculation result is reversible or not according to the condition that NORMF (f) is more than or equal to B kappa, returning to the step 4 when the condition is not met, and determining that g is a public key at the moment;
(8) Calculating the g again to obtain a calculation result h = g/(pf) modq as a private key;
(9) the program returns the generated public key g, the private key h and the parameter value f;
the signature verification process comprises the following steps:
(1) calling a signature checking method to input a parameter public key h, a signature b and other parameter information mu, p, q and Bt, and calling an expected HASH value, sigma and N returned by a zkSNARK function;
(2) HASH calculation is carried out on the parameter (mu | h), and the calculation result is recorded as (up, vp);
(3) signing the parameter P and attaching a return value U of the last step up;
(4) if the absolute value of the program U is still larger than p2 sigma 2N after being squared, continuing to execute, otherwise, ending the operation, and returning a result of failed signature verification, wherein p2 sigma 2N is the lowest safety value of HASH calculation conflict;
(5) calculating the public key g and a return value U with a parameter q, and defining a return result as V;
(6) if V is not equal to the return value calculated by vp and the parameter P, or the absolute value of V tends to infinity, and always satisfies that the value is greater than q/2-Bt, the signature verification is successful;
(7) the program output returns whether the signature was verified successfully.
Further, in the anonymous encryption method, the encryption and decryption processes are based on a lattice-based encryption mechanism and polynomial multiplication is used.
The method comprises the steps that trusted hardware based on a block chain is internally provided with an intelligent ore digging chip, the anonymous encryption algorithm is embedded into the intelligent ore digging chip, and a user can use the hardware as a U disk;
when the hardware is inserted into a reading interface of a USB3.0, an anonymous encryption algorithm is executed, a privacy account address is generated, the address is completely anonymous to users, partial data can be pushed into a supervision chain while the address is generated, the transaction can be supervised, and meanwhile hardware confirmation is carried out through an intelligent mining chip;
if the intelligent ore digging chip is successfully confirmed, the intelligent ore digging chip becomes a block node in a public network block chain, and election calculation is carried out after the existing block data are synchronously completed;
the intelligent ore-digging chip successfully elects the ore-digging working hours and has the power of packing blocks;
the intelligent mining chip and the encryption algorithm adopt a consensus mechanism to ensure the protection of the identities of the incumbent miner and the next miner, so that the miners are anonymous in the whole block chain network.
Further, the block node is a TRC node, and the consensus algorithm process is as follows:
(1) assume that there are N TRC nodes in the chain;
(2) a first round of miner packaging affairs, generating a block and anonymously broadcasting the block;
(3) Verifying the block by other TRC nodes based on a zero-knowledge proof algorithm under the condition that the other TRC nodes do not directly reach which network node the block comes from, and then confirming the block;
(4) after obtaining 2/3 confirmations from other TRC nodes, miners broadcast a request to generate true random numbers RRN, and the full network node begins to race for next miners;
(5) each TRC node generates a true random number RRN and broadcasts the true random number RRN after receiving a request of the true random number RRN;
(6) in time T, a miner receives M (M is less than or equal to N) true random numbers RRNs from M TRC nodes, and performs authentication on all the received true random numbers RRNs, if the true random numbers RRNs from the TRC nodes fail in the intelligent mining chip verification process, the true random numbers RRNs are deleted, corresponding TRC nodes are broadcasted to a network and added to a blacklist, and the network nodes in the blacklist only can use the functions of common nodes;
(7) the miners successfully verify, a seed S1 is obtained as an input in a random function RNV passing the verification, and the output value is recorded as X1;
(8) the miner broadcasts a seed S1, and other TRC nodes record as X2, X3 and X4 … Xm (M is less than or equal to M) by calculating the output of the nodes;
(9) only one output Xi (i is more than or equal to 2 and less than or equal to m) of the TRC node meets a specific condition, then the output Xi is designated as a miner in the next period by an incumbent miner, and in order to guarantee privacy, the identity of the next miner and the incumbent miner cannot be revealed to other people;
(10) Electing a new miner has block-out power, and the process of negotiating consistency returns to step 2.
Further, the new miners are elected to make blocks, and the blocks are broadcasted to each network node using the P2P network after being locally backed up.
Further, when the nodes of the whole network broadcast two thirds, the block information increment of the block is asynchronously and synchronously transmitted to the supervision chain by using the Go language protocol technology, so that the supervision chain can check the whole transaction of each block, if a suspicious address is transacted, the suspicious address can be frozen, the frozen address cannot be transmitted for transaction, the frozen account address can initiate complaint, and the supervision committee can recover to a normal account address by a party.
Further, a core module on the intelligent mining chip is a true random number generator, the true random number generated by the true random number generator and a hardware coding feature code of a credible platform verify the identity of the true random number, the miner can participate in the election after the authentication is successful, and the failure is only a common block network node.
The invention has the beneficial effects that: the block chain-based trusted hardware and high-performance decentralized anonymous encryption algorithm disclosed by the invention is enabled to become a block node in a public network block chain by setting the hardware TRC embedded with the anonymous encryption algorithm, and election calculation is carried out after the existing block data is synchronously completed, so that the node elected as a miner has a block right, the waste of the whole network computing power resource is avoided, the problems of computing power safety and computing power energy consumption can be better solved, and the block-out efficiency is improved; the method of the anonymous encryption algorithm is improved, a credible platform is developed by combining hardware, a brand-new consensus technology is used, an intelligent chip ensures that extra computing power energy consumption is avoided, the block output rate is improved, meanwhile, two-degree research and development are carried out on the basis of zksnacks, and a novel zero-knowledge proof algorithm technology is used; a privacy account mechanism is additionally added, while an account is generated, a transaction user is completely private, a complete account model can be provided by checking the transaction account information of two parties through a government-level account, and block data verification can be performed only on the government account and other accounts to prevent hidden network transaction.
Drawings
To more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and those skilled in the art can also obtain other related drawings based on the drawings without inventive efforts.
FIG. 1 is a flow chart of a process method of the present invention;
FIG. 2 is a flow chart of the present invention for encrypting pseudo code;
FIG. 3 is a flow chart of pseudo code generation for a key according to the present invention;
FIG. 4 is a flow diagram of a signature verification pseudocode of the present invention;
FIG. 5 is a reference diagram of various blockchain data according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all the embodiments. The components of the embodiments of the present application, generally described and illustrated in the figures herein, can be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present application, presented in the accompanying drawings, is not intended to limit the scope of the claimed application, but is merely representative of selected embodiments of the application. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present application without making any creative effort, shall fall within the protection scope of the present application.
The trusted hardware based on blockchains and the algorithm of high-performance decentralized anonymous encryption in the embodiment,
an intelligent ore digging chip is arranged in the hardware, an anonymous encryption algorithm is embedded in the intelligent ore digging chip, and a user can use the intelligent ore digging chip as a U disk;
when a reading interface of the USB3.0 is inserted, an anonymous encryption algorithm is executed, a privacy account address is generated, the address is completely anonymous to users, partial data can be pushed to a supervision chain during generation, the transaction can be supervised, and equipment confirmation is carried out through a chip;
if the confirmation is successful, the hardware becomes a block node in a public network block chain, and election calculation is carried out after the existing block data is synchronously completed;
the hardware is the mine working hour for successfully electing the intelligent ore digging chip and has the power of packing blocks;
the intelligent mining chip and the anonymous encryption algorithm adopt a consensus mechanism to ensure the protection of the identities of an incumbent miner and a next miner, so that the miners are anonymous in the whole block chain network.
By adopting the intelligent mining chip, the node elected as a miner has block right, and the waste of the whole network computing power resource is avoided, so that the problems of computing power energy consumption, network computing power unevenness suffering from network attack, block energy consumption, credible node and user transaction can be supervised, the TPS 2000 can be reached by using the latest PORR consensus technology through the local node building test, and the service application of most scenes can be met.
The chain employs a series of protocols and algorithms involving zero knowledge proof and a homomorphic cryptosystem, providing a basis for privacy protection of the user's account, address, transaction details, and other personal or sensitive information.
The advent of quantum computers has presented challenges to cryptographic mechanisms based on RSA and ECC (two important asymmetric encryption algorithms) which are currently widely used in the public block chain. The quantum computer can solve the problem of prime number decomposition (RSA base) and the problem of discrete logarithm (ECC base) in a short time through the Shor algorithm. Thus, the power of quantum computers parallel computing may cause other encryption mechanisms that are currently widely used in the public blockchain industry to crash. After a few years these potential threats are no longer theoretical but become realistic.
The chain adopts a lattice-based cryptographic mechanism to solve the possible challenges of quantum computers, and serves as a long-term security solution for public block chains. Based on current research, lattice cryptography is considered the most reliable algorithm against quantum computers because it lacks a fast solution to the Shortest Vector Problem (SVP) or the most recent vector problem (CVP).
To enhance defense against threats from network attacks, trojans, viruses or malicious users, the chain utilizes a trusted platform module chip (blue-valley core) and corresponding software to avoid unauthorized operations and to ensure that all computations, memory, storage and communications are properly monitored and protected. All transactions and contracts in this chain are more reliable and secure, as described above. The algorithm model is safely upgraded on the basis of ensuring the hardware safety, two-degree research and development are carried out on the basis of zkSNARK, a novel zero-knowledge proof technology is customized, and the problem of the classic scenes of Alice and Bob in cryptography is solved, for example, the method is as follows
A acts as a verifier and picks up a wallet that B acts as a prover and wants to prove to a. To comply with zero knowledge proofs, the following proof requirements are satisfied:
a cannot let B see the wallet at this time, let him see what is in the wallet.
B must provide enough accurate and error-free information to prove that the wallet is self.
B may then provide:
color, size, brand, etc. of the wallet.
What is in the wallet, such as how much money, what certificate information is.
And B, verifying after answering, and confirming that B is the wallet owner if B is right. The means for this information verification is zero knowledge proof. B proves that the wallet is self without providing it directly to a, nor can it be provided, since the wallet is in the verifier a. The entity's wallet represents information that is useful to the person. The method is characterized in that the CPU is consumed for proving who belongs to the algorithm, and meanwhile, the performance of the algorithm is proved by optimizing part of core zero knowledge in zkSNARK, so that instructions are reordered during CPU calculation, the simplest and optimal calculation logic can be achieved as far as possible in a large-amount calculation scene, and the 1KTPS can be achieved through preliminary tests.
The encryption process, the key generation process and the signature verification process which are researched and developed for two degrees based on zkSNARK are as follows:
referring to fig. 2, in the present embodiment, an encryption flow in the anonymous encryption algorithm of the present invention is disclosed:
(1) the method transmits a parameter private key f, a public key h and core data c;
(2) f ∗ c, generating encrypted data m by using a private key, and solving a derivative value m';
(3) calculating a differential value t = c-m;
(4) HASH is carried out to generate an encrypted basic root tseed;
(5) the instantiated micro integral values m and tseed are assigned as mmask;
(6) The parameter m = m '+ mmask is defined again, wherein m' is a derivative value obtained by derivation after the derivative value m in the step 5 is obtained;
(7) respectively carrying out HASH on m and h to obtain a secondarily encrypted radicle rseed;
(8) instantiating an integral value m and rseed;
(9) calling a zkSNARK function to perform zero knowledge encryption, verifying the differential value obtained before, the derivative value m, the rest and the HASH value tseed, and returning parameters msg and mlen;
(10) if the derivative function p · r ∗ h = t is satisfied, wherein p is 6 bits before the current timestamp value, r is a calculation base root of rseed, h is a public key, and t is the current timestamp value;
(11) the program outputs a HASH value msg after the return data is encrypted, and a HASH value mlen of the block header information.
Referring to fig. 3, in the embodiment, a key generation process of the anonymous encryption algorithm of the present invention is disclosed:
(1) methods are described for N, p, q, d and bk;
(2) selecting a random seed as d, carrying out HASH calculation, and returning a parameter as f;
(3) if the verified parameter f is unique in result and no HASH collision occurs, the next step is carried out, otherwise, the step 2 is returned until the safe parameter f is calculated;
(4) calling zkSNARK function, judging whether the calculation result is reversible or not according to the condition that NORMF (f) is more than or equal to B kappa, and returning to the step 2 if the calculation result is not reversible;
(5) Selecting the random seed as d again, performing HASH calculation by an improved elliptic curve algorithm, and returning the parameter as g;
(6) if the verified parameter g is unique in result and no HASH collision occurs, the next step is carried out, otherwise, the step 4 is returned until the safe parameter g is calculated;
(7) calling zkSNARK function, judging whether the calculation result is reversible or not according to NORMF (f) which is more than or equal to B kappa, returning to the step 4 if the calculation result does not meet the condition, and determining that g is a public key at the moment;
(8) calculating h = g/(pf) modq by using g again to obtain a calculation result h as a private key;
(9) the program returns the generated public key g, private key h, and parameter value f.
Referring to fig. 4, in the embodiment, the signature verification process of the anonymous encryption algorithm of the present invention is disclosed:
(1) calling a signature checking method to input a parameter public key h, a signature b and other parameter information mu, p, q and Bt, and calling an expected HASH value, sigma and N returned by a zkSNARK function;
(2) HASH calculation is carried out on the parameter (mu | h), and the returned calculation result is recorded as (up, vp);
(3) signing the parameter P and attaching a return value U of the step up;
(4) if the absolute value of the program U is still larger than p2 sigma 2N after being squared, continuing to execute, otherwise, ending the operation, and returning a result of failed signature verification, wherein p2 sigma 2N is the lowest safety value of HASH calculation conflict;
(5) Calculating the public key g and a return value U with a parameter q, and defining a return result as V;
(6) if V is not equal to the return value calculated by vp and the parameter P, or the absolute value of V tends to infinity, and the absolute value is always greater than q/2-Bt, the signature verification is successful;
(7) the program output returns whether the signature was verified successfully.
The consensus mechanism combined with hardware innovation:
the hardware with the built-in intelligent mining chip is TRC (true random chip), a trusted platform is developed based on the hardware, and a consensus mechanism of the hardware is called true randomness proof (PORR-simple random proof) so as to realize dispersion, performance and safety at the same time.
Wherein the hardware and the trusted platform are algorithmically agreed to:
(1) the true random numbers generated by the TRC nodes ensure fairness, security, irreversibility, and unpredictability.
(2) The trusted platform can reliably remotely verify the identity of the TRC (a form based on hardware encoding) when a user inserts into the hardware device of the TRC node and prevent attempts to tamper with the hardware.
(3) The identities of the incumbent and next miners are well protected and are anonymous throughout the blockchain network.
In this example, the definition is as follows:
(1) TRC (hardware device implemented by PORR consensus algorithm): name of dedicated consensus hardware
(2) The TRC node: a node running on this blockchain network, a network node with built-in (TRC) hardware devices (the aforementioned user plugged into a USB3.0 hardware device) may participate in mining by initiating transactions, synchronizing blocks, performing authentication calculations and elections, or being elected as a service.
(3) And (3) common nodes: the method is a node without TRC operation, can be locally deployed and started by compiling source codes, but has a plurality of limitations in function, currently supports synchronous blocks and executes simplified verification, and cannot initiate object-type operation to a block chain network.
(4) Miners: the node running on the TRC is responsible for packaging transactions, generating blocks, verifying the identity of the previous miner, and designating the next miner for packaging blocks.
(5) RRN (Real random Numbers): generated by a core module RRNG (Real random number generation true random number generator) in the TRC.
(6) Verification of TRC identity: when a user uses the hardware equipment to prepare to intervene in a block chain network, the user inserts the intelligent chip into the USB3.0 interface, the identity of the TRC is verified through the special hardware coding feature code of the intelligent ore digging chip, the successful authentication can start to participate in the election of miners, and the failure is only one common block network node.
In this embodiment, the consensus process of the consensus mechanism is as follows:
during the formal start-up of the chain, a founder block profile is specified and a founder block is generated, then the miners of the next tenure are specified. The following agreement will be reached, and the consensus algorithm flow is as follows:
(1) assume that there are N TRC nodes in the chain;
(2) a first round of miners packages the affairs, generates a block and broadcasts the block anonymously;
(3) other TRC nodes verify the block based on a zero knowledge proof algorithm and then validate the block without going directly to the network node from which the block came;
(4) after obtaining 2/3 confirmations from other TRC nodes, miners broadcast a request to generate a true random number RRN, and the whole node begins to race for the next round of miners;
(5) each TRC node generates a true random number RRN and broadcasts the true random number RRN after receiving a request of the true random number RRN;
(6) within time T, the mineworker receives M (M ≦ N) true random numbers RRN from the M TRC nodes and performs authentication on all received true random numbers RRN. If the true random number RRN from the TRC node fails in the intelligent mining chip verification process, deleting the true random number RRN, broadcasting the corresponding TRC node to the network, and adding the TRC node to a blacklist, wherein the nodes in the blacklist only can use the functions of common nodes;
(7) The miners successfully verify, a seed S1 is obtained as input in a random function RNV passing the verification, and the output value is recorded as X1;
(8) the miner broadcasts a seed S1, and other TRC nodes record as X2, X3 and X4 … Xm (M is less than or equal to M) by calculating the output of the nodes;
(9) only one TRC node output Xi (i is more than or equal to 2 and less than or equal to m) meets a specific condition, and then the output Xi is designated as a miner in the next period by the incumbent miner, and in order to guarantee privacy, the identity of the next miner and the incumbent miner cannot be disclosed to other people;
(10) electing a new miner has block-out power, and the process of negotiating consistency returns to step 2.
Referring to fig. 1, the miners currently elected make blocks, and the blocks are broadcast to various network nodes using a P2P network after being backed up locally.
When two thirds of the information of the blocks are broadcasted by the nodes of the whole network, the block information increment of the blocks is asynchronously and synchronously transmitted to the supervision chain by using the Go language protocol technology, so that the supervision chain can check the whole transaction of each block, if a suspicious address is transacted, the address can be frozen, the frozen address cannot be used for transmitting the transaction, the frozen account address can initiate complaint, and the supervision committee resolution can be recovered to be a normal account address by using a passing party.
The invention uses the latest PORR consensus technology, can reach more than TPS2000 through the local node building test, and can meet the business application of most scenes.
Finally, the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made to the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention, and all of them should be covered in the claims of the present invention.
Claims (7)
1. The high-performance decentralized anonymous encryption method based on the block chain is characterized by comprising the following steps: the anonymous encryption method comprises an encryption process, a secret key generation process and a signature verification process,
the encryption process comprises the following steps:
(1) the method transmits a parameter private key f, a public key h and core data c;
(2) f ∗ c, generating encrypted data m by using a private key, and solving a derivative value m';
(3) calculating a differential value t, wherein t = c-m;
(4) HASH is carried out to generate an encrypted basic root tseed;
(5) the instantiation micro-integral values m and tseed are assigned as mmask;
(6) defining the parameter m = m "+ mmask again, wherein m" is the derivative value obtained after m derivative value in the step 5 is obtained;
(7) Respectively performing HASH on m and h to obtain a secondarily encrypted radicle rseed;
(8) instantiating an integral value m, rseed;
(9) calling a zkSNARK function to perform zero knowledge encryption, verifying the differential value obtained before, the derivative value m, rseed and the HASH value tseed, and returning the parameters msg and mlen;
(10) if the derivative function p · r ∗ h = t is satisfied, wherein p is 6 bits before the current timestamp value, r is a calculation base root of rseed, h is a public key, and t is the current timestamp value;
(11) the program outputs a HASH value msg after the return data is encrypted and a HASH value mlen of block header information;
the key generation process comprises the following steps:
(1) methods are described for N, p, q, d and bk;
(2) selecting a random seed as d, carrying out HASH calculation, and returning a parameter as f;
(3) if the verified parameter f is unique in result and no HASH collision occurs, the next step is carried out, otherwise, the step 2 is returned until the safe parameter f is calculated;
(4) calling zkSNARK function, judging whether the calculation result is reversible or not according to the condition that NORMF (f) is more than or equal to B kappa, and returning to the step 2 if the calculation result is not reversible;
(5) selecting the random seed as d again, carrying out HASH calculation by using an improved elliptic curve algorithm, and returning the parameter as g;
(6) if the verified parameter g is unique, and no HASH collision occurs, the next step is carried out, otherwise, the step 4 is returned until the safe parameter g is calculated;
(7) Calling zkSNARK function, judging whether the calculation result is reversible or not according to NORMF (f) which is more than or equal to B kappa, returning to the step 4 if the calculation result does not meet the condition, and determining that g is a public key at the moment;
(8) calculating h = g/(pf) modq by using g again to obtain a calculation result h as a private key;
(9) the program returns the generated public key g, the private key h and the parameter value f;
the signature verification process comprises the following steps:
(1) calling a signature checking method to input a parameter public key h, a signature b and other parameter information mu, p, q and Bt, and calling an expected HASH value, sigma and N returned by a zkSNARK function;
(2) HASH calculation is carried out on the parameter (mu | h), and the returned calculation result is recorded as (up, vp);
(3) signing the parameter p and attaching a return value U of the step up;
(4) if the absolute value of the program U is still larger than p2 sigma 2N after being squared, continuing to execute, otherwise, ending the operation, and returning a result of failed signature verification, wherein p2 sigma 2N is the lowest safety value of HASH calculation conflict;
(5) calculating the public key g and a return value U with a parameter q, and defining a return result as V;
(6) if V is not equal to the return value calculated by vp and the parameter P, or the absolute value of V tends to infinity, and the absolute value is always greater than q/2-Bt, the signature verification is successful;
(7) the program output returns whether the signature was verified successfully.
2. The blockchain-based high-performance decentralized anonymous encryption method of claim 1, wherein: in the anonymous encryption method, the encryption and decryption processes are based on a lattice-based cryptographic mechanism and polynomial multiplication is used.
3. Trusted hardware based on blockchains, characterized by:
an intelligent mining chip is arranged in the hardware, the anonymous encryption method according to any one of claims 1-2 is embedded in the intelligent mining chip, and a user can use the hardware as a USB flash disk;
when the hardware is inserted into a reading interface of a USB3.0, an anonymous encryption method is executed, a privacy account address is generated, the address is completely anonymous to users, partial data can be pushed into a supervision chain while the private account address is generated, the transaction can be supervised, and meanwhile hardware confirmation is carried out through an intelligent mining chip;
if the intelligent core digging chip is successfully confirmed, the intelligent core digging chip becomes a block node in a public network block chain, and miners perform election calculation after the existing block data are synchronously completed;
the intelligent ore-digging chip successfully elects the ore-digging working hours and has the power of packing blocks;
the intelligent mining chip and the anonymous encryption method adopt a consensus mechanism to ensure the protection of the identities of an incumbent miner and a next miner, so that the miners are anonymous in the whole block chain network.
4. The blockchain-based trusted hardware according to claim 3, wherein:
the block node is a TRC node, and the consensus mechanism algorithm flow is as follows:
(1) assume that there are N TRC nodes in the chain;
(2) a first round of miners packages the affairs, generates a block and broadcasts the block anonymously;
(3) the other TRC nodes verify the block based on a zero-knowledge proof algorithm under the condition of not knowing which network node the block comes from, and then confirm the block;
(4) after obtaining 2/3 confirmations from other TRC nodes, miners broadcast a request to generate a true random number RRN, and the whole network node begins to race for the next round of miners;
(5) each TRC node generates a true random number RRN and broadcasts the true random number RRN after receiving a request of the true random number RRN;
(6) in time T, a miner receives M true random numbers RRN from M TRC nodes, wherein M is less than or equal to N, and performs authentication on all the received true random numbers RRN, if the true random numbers RRN from the TRC nodes fail in the intelligent mining chip verification process, the true random numbers RRN are deleted, corresponding TRC nodes are broadcasted to a network and added to a blacklist, and the nodes in the blacklist only can use the functions of common nodes;
(7) The miners successfully verify, a seed S1 from the random function RNV passing the verification is used as input, and the output value is recorded as X1;
(8) the method comprises the following steps that a miner broadcasts a seed S1, and other TRC nodes are marked as X2, X3 and X4 … Xm by calculating the output of the other TRC nodes, wherein M is less than or equal to M;
(9) only one output Xi of the TRC node meets a specific condition, wherein i is more than or equal to 2 and less than or equal to m, and then the output Xi is designated as a miner in the next period by the incumbent miner, and in order to guarantee privacy, the identity of the next miner and the incumbent miner cannot be disclosed to other people;
(10) electing a new miner has block-out power, and the process of negotiating consistency returns to step 2.
5. The blockchain-based trusted hardware according to claim 4, wherein: the elected new miners perform block making and broadcast the blocks locally to various network nodes using the P2P network.
6. The blockchain-based trusted hardware according to claim 5, wherein: when two thirds of the information is broadcasted by the nodes of the whole network, the block information increment of the block is asynchronously and synchronously transmitted to the supervision chain by using the Go language protocol technology, so that the supervision chain can check the whole transaction of each block, if a suspicious address is transacted, the suspicious address can be frozen, the frozen address cannot be transmitted for transaction, the frozen account address can initiate complaint, and the supervision committee can recover to a normal account address by the way.
7. The blockchain-based trusted hardware according to claim 3, wherein: the core module on the intelligent core digging chip is a true random number generator, the true random number generated by the true random number generator and the hardware coding feature code of the credible platform verify the identity of the true random number, the authentication can start to participate in the election of miners after success, and the failure is only a common block network node.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911228331.XA CN110910139B (en) | 2019-12-04 | 2019-12-04 | Trusted hardware and high-performance decentralized anonymous encryption method based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911228331.XA CN110910139B (en) | 2019-12-04 | 2019-12-04 | Trusted hardware and high-performance decentralized anonymous encryption method based on block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110910139A CN110910139A (en) | 2020-03-24 |
| CN110910139B true CN110910139B (en) | 2022-06-28 |
Family
ID=69822168
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911228331.XA Active CN110910139B (en) | 2019-12-04 | 2019-12-04 | Trusted hardware and high-performance decentralized anonymous encryption method based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110910139B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111586068B (en) * | 2020-05-14 | 2021-05-04 | 上海简苏网络科技有限公司 | Method and system for solving DPOS consensus node rights and interests potential safety hazard |
| CN111858768B (en) * | 2020-07-27 | 2023-06-16 | 苏州区盟链数字科技有限公司 | Device for optimizing block chain trusted node and consensus algorithm |
| CN112988414A (en) * | 2021-02-07 | 2021-06-18 | 杭州复杂美科技有限公司 | Block chain transaction batch broadcasting method, computer equipment and storage medium |
| CN114362963A (en) * | 2022-01-07 | 2022-04-15 | 南京市中西医结合医院 | Principal node election algorithm of alliance chain under disease control scene based on calculation power certification |
| CN117879787A (en) * | 2024-03-12 | 2024-04-12 | 贵州大学 | Safe transmission method and system for mine data based on block chain |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9608825B2 (en) * | 2014-11-14 | 2017-03-28 | Intel Corporation | Trusted platform module certification and attestation utilizing an anonymous key system |
| US10785022B2 (en) * | 2016-09-13 | 2020-09-22 | Hiroshi Watanabe | Network without abuse of a private key |
| US10291627B2 (en) * | 2016-10-17 | 2019-05-14 | Arm Ltd. | Blockchain mining using trusted nodes |
| CN107545414B (en) * | 2017-07-17 | 2020-09-25 | 招商银行股份有限公司 | Anonymous transaction method, device and computer readable storage medium |
-
2019
- 2019-12-04 CN CN201911228331.XA patent/CN110910139B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN110910139A (en) | 2020-03-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110910139B (en) | Trusted hardware and high-performance decentralized anonymous encryption method based on block chain | |
| Bera et al. | Designing blockchain-based access control protocol in IoT-enabled smart-grid system | |
| JP7289298B2 (en) | Computer-implemented system and method for authorizing blockchain transactions using low-entropy passwords | |
| EP3777013B1 (en) | Computer implemented method and system for transferring access to a digital asset | |
| US20230147842A1 (en) | Computer-implemented systems and methods for performing computational tasks across a group operating in a trust-less or dealer-free manner | |
| WO2020147489A1 (en) | Blockchain transaction generation method and device | |
| CN101048970B (en) | Secure authenticated channel | |
| CN103259650B (en) | A kind of rationality many secret sharings method to honest participant's justice | |
| US8352736B2 (en) | Authentication method | |
| CN109861828A (en) | A kind of node access and node authentication method based on edge calculations | |
| CN110545169B (en) | Block chain method and system based on asymmetric key pool and implicit certificate | |
| CN110380859B (en) | Quantum communication service station identity authentication method and system based on asymmetric key pool pair and DH protocol | |
| CN111046411B (en) | Power grid data safe storage method and system | |
| Ayub et al. | Secure consumer-centric demand response management in resilient smart grid as industry 5.0 application with blockchain-based authentication | |
| CN107465508B (en) | Method, system and equipment for constructing true random number by combining software and hardware | |
| Farley et al. | BADGER-blockchain auditable distributed (RSA) key GEneRation | |
| CN112202560B (en) | Member identity authentication method based on trusted alliance | |
| CN110443616B (en) | Byzantine fault-tolerant consensus method based on random threshold signature mechanism | |
| CN113362065A (en) | Online signature transaction implementation method based on distributed private key | |
| CN113055392B (en) | Block chain-based unified identity authentication method | |
| CN117614707B (en) | Block chain transaction method, system, electronic equipment and medium based on intelligent contract | |
| EP4336774A1 (en) | Fault detection for streaming of cryptographic data objects | |
| Zhao et al. | Blockchain-Based Key Management Scheme Using Rational Secret Sharing. | |
| Kim et al. | Analysis and modification of ask mobile security protocol | |
| CN101222323B (en) | Safety authentication channel |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |