CN110929290A - Private key threshold backup, loss reporting and recovery system and method based on alliance chain - Google Patents

Private key threshold backup, loss reporting and recovery system and method based on alliance chain Download PDF

Info

Publication number
CN110929290A
CN110929290A CN201911226377.8A CN201911226377A CN110929290A CN 110929290 A CN110929290 A CN 110929290A CN 201911226377 A CN201911226377 A CN 201911226377A CN 110929290 A CN110929290 A CN 110929290A
Authority
CN
China
Prior art keywords
key
user
private key
transaction
backup
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911226377.8A
Other languages
Chinese (zh)
Other versions
CN110929290B (en
Inventor
富尧
钟一民
杨羽成
茆冬梅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ruban Quantum Technology Co Ltd
Nanjing Ruban Quantum Technology Co Ltd
Original Assignee
Ruban Quantum Technology Co Ltd
Nanjing Ruban Quantum Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ruban Quantum Technology Co Ltd, Nanjing Ruban Quantum Technology Co Ltd filed Critical Ruban Quantum Technology Co Ltd
Priority to CN201911226377.8A priority Critical patent/CN110929290B/en
Publication of CN110929290A publication Critical patent/CN110929290A/en
Application granted granted Critical
Publication of CN110929290B publication Critical patent/CN110929290B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6272Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database by registering files or documents with a third party
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a private key threshold backup, loss report and recovery system and a private key threshold backup, loss report and recovery method based on a alliance chain, wherein the system comprises a certification authority, a plurality of users and alliance chain members, each user and alliance chain member are provided with a key fob, the key fob is issued by the certification authority, and a public key and a private key are stored in the key fob; the user key cards comprise a main key card and a plurality of backup key cards, and the user private keys are stored in a secret sharing mode in a distributed mode; each federation chain member carries block chain services and the like. The private key protection method has the advantages that the private key is stored in the private key card and backed up through the block chain by respectively configuring the private key cards for the client, the member of the alliance chain and the certification authority, the private key protection effect is good, the security of the private key loss reporting and recovering method is high, the operation is rapid, and the problems of poor security and the like in the private key recovery in the prior art can be effectively solved.

Description

Private key threshold backup, loss reporting and recovery system and method based on alliance chain
Technical Field
The invention relates to the technical field of secret sharing, in particular to a private key threshold backup, loss reporting and recovery system and a private key threshold backup, loss reporting and recovery method based on a alliance chain.
Background
The block chain is a brand new distributed infrastructure and a calculation paradigm, stores data by using an ordered chain data structure, updates the data by using a consensus algorithm, and ensures data security by using a cryptography technology. In blockchain based transactions, ensuring data security for the transaction and privacy for the customer is a necessary condition for the blockchain to be able to develop further. For this reason, cryptography, and in particular public key cryptography, is widely used in blockchains. The alliance chain is a branch of the block chain, so the alliance chain is a distributed and decentralized public database, and the alliance chain is the block chain which is different from other chains in that the alliance chain is directed to members of a specific group and limited third parties, a plurality of preselected nodes are designated as bookkeeping persons inside the alliance chain, and the consensus process of the preselected nodes is controlled by the preselected nodes.
The private key of the block chain is data which only proves the identity of the user, and the core assets of the user, such as bitcoin, are also controlled by the private key, namely, the transaction can be confirmed only through the signature of the private key. Protection of the private key with respect to the blockchain appears to be crucial. On one hand, the private key is prevented from being leaked and stolen by hackers, and on the other hand, the private key is prevented from being lost and can be safely retrieved in case of being lost.
There are currently four main approaches to blockchain storage and use: platform hosting, local client, hardware KEY (similar to U shield), offline cold storage (printing or copying on paper, putting safe). All four methods except the hardware KEY cannot resist the attack of trojans or hackers. Meanwhile, the four methods do not consider the key recovery, and in case of the loss of the private key, the corresponding bitcoin or other rights and interests will disappear permanently. How to ensure the security of the block chain private key and retrieve the block chain private key is a technical problem to be solved.
The problems existing in the prior art are as follows:
1. the existing mainstream methods for storing and using the block chain cannot resist the attack of trojans or hackers, and the key recovery is not considered. Should the private key be lost, the corresponding bitcoin or other rights will forever disappear.
2. The existing method for backing up the private key by using a platform escrow mode needs to entrust a core node to retrieve the private key when a user key is lost, so that the core node is endowed with overlarge rights and cannot meet the requirements of customers. The authorized party can completely control the account and even can carry out the operation against the intention of the authorized party.
3. The user's blockchain private key can be stored in the electronic device, but once lost or information stolen, the blockchain private key is lost, which has a significant impact on the property security of the user.
Disclosure of Invention
The purpose of the invention is as follows: aiming at the defects in the prior art, the invention discloses a private key threshold backup, loss report and recovery system based on a alliance chain and a method thereof.
The technical scheme is as follows: in order to achieve the technical purpose, the invention adopts the following technical scheme:
a private key threshold backup, loss report and recovery system based on a federation chain is characterized in that: including a certification authority, a number of users, and federation chain members, wherein,
each user and member of the alliance chain are provided with a key fob, each key fob is provided with a unique ID, the key fob is issued by a certification authority, and a public key and a private key are stored in the key fob; the user key fobs include a primary key fob and a number of backup key fobs;
each alliance chain member is provided with a block chain service, wherein the block chain service comprises an Endorser, a Committer and an Orderer; the user private key is divided into a plurality of private key components in a secret sharing mode, and each private key component is encrypted and then stored in a standby key card and a block chain service;
the certification authority issues digital certificates and key fobs for users and federation chain members.
Preferably, each user is provided with a blockchain client, and the blockchain client is provided with a public key and a blockchain-free service.
Preferably, the user, the Endorser, and the commit adopt the private key of their respective key fobs to sign the sent information, adopt the public key of the information sending end to verify the received notification information, and search for the public key information of the key fobs of the other party from the digital certificate or through the record of the zone block chain among the user, the Endorser, and the commit.
Preferably, the user is provided with a digital certificate, and if and only if the user ID is used as a user name and is backed up for the first time, the key fob with the user ID as an identity has the digital certificate, and the remaining key fobs do not have the digital certificate; the member of the alliance chain can obtain the user key information through the user digital certificate.
Preferably, the secret sharing mode is as follows: the user groups and stores the private key of the main key fob in a distributed manner by using a secret sharing mode of (T, N), and sends the private key to N Endorsers, wherein N is the number of fragments of the shared secret split by the private key, T is the minimum number of fragments for recovering the private key, T is more than or equal to 2 and less than or equal to N, each Endorser obtains a private key component, and the private key component is marked as Ej(j=1,2,…,N),EjDenotes the jth Endorser, and the resulting secret is (x)j,SKj) (ii) a And selecting any T of the N Endorsers for recovering the private key of the user.
The invention discloses a private key threshold backup, loss report and recovery method based on a alliance chain, which is characterized by comprising the following steps:
A1) the user groups and stores the private key in a distributed manner in a secret sharing manner, and sends signed transaction to Endorsers of N coalition chain members providing services, wherein the transaction comprises user name information, private key component information, key card information used for encrypting the private key component, a timestamp and a backup instruction;
A2) the Endorser verifies the transaction and takes the locally stored private key component of the user as an authentication key; after the verification is passed, generating a read operation set and a write operation set, and sending a transaction response to the user by the Endorser;
A3) after receiving the transaction response, the user screens out the transaction approved by the Endorser and verifies the transaction; the user selects a plurality of received transaction responses which pass the verification to form an endorsement and sends the endorsement to the order;
A4) orderer sorts the endorsements after accumulating the preset number of endorsements, and sends the sorted endorsement set to Committer;
A5) the Committer verifies the endorsement set according to the endorsement strategy, after the checking is finished, the Committer performs actual execution of a read operation set and a write operation set on a local alliance chain database, and records the transaction result of each transaction to a block chain; after completion, the Committer is executed completely; after the Committer finishes executing, sending a transaction result notification to the user;
A6) and after receiving the transaction result notice, the user carries out verification, trusts the transaction result notice after passing the verification, and finishes the backup of the user private key.
Preferably, the read operation set includes a list of all IDs and their attributes under the user name, and the attributes include a current ID, a backup ID, and an invalid ID; the write operation set comprises a list of IDs and attributes thereof to be added, the encrypted private key component, the ID of the key fob used to encrypt the private key component, and public key information.
The invention discloses a private key threshold backup, loss reporting and recovery method based on a alliance chain, which is characterized in that when a main key fob of a user is lost and backup exists in a block chain structure, the user uses a kth user backup key fob to report and recover the private key, and the private key loss reporting and recovery method comprises the following steps:
B1) selecting a kth user backup key fob as a new key fob, carrying out (T, N) secret sharing on a private key of the kth backup key fob to obtain a plurality of groups of private key components, encrypting the private key components by using an Endorser public key, and then carrying out distributed storage, wherein a user client temporarily stores the new private key components in the client key fob;
collecting N transaction information fragments, wherein each transaction information fragment is encrypted by a key fob comprising an original private key component of a user, the user sends a transaction with a new key fob signature to N Endorsers, and the transaction comprises user name information, transaction information fragments, key fob information used for encrypting the transaction information fragments, a timestamp and an instruction for reporting a loss of the private key;
B2) the Endorser decrypts the private key component of the kth user backup key by adopting a private key of the Endorser, verifies the user signature by using the public key of the kth backup key card, verifies the received transaction containing the transaction information segment, and approves the transaction passing the verification;
processing the approved transaction to generate a read operation set and a write operation set containing the kth user backup key card information, and temporarily storing the private key component of the kth user backup key in the key card of each Endorser;
after the processing is finished, the Endorser sends a transaction response to the user;
B3) screening out the transaction approved by the Endorser by the user, and verifying the transaction by using the Endorser public key; checking the read operation set for the transaction response passing the verification;
the user sends the private key component in the received transaction response to the corresponding key fob according to the user ID information, the key fob decrypts the private key component and encrypts the decrypted private key component by using the public key of the kth user backup key fob; then the encrypted private key component is sent to the distributed kth user backup key fob and the kth user backup key fob carries out decryption processing by adopting the private key of the kth user backup key fob;
when the key components successfully decrypted by the kth user backup key card reach the preset number T, recovering the obtained T key components to obtain a backup user private key;
the user sends the endorsement to Orderer;
B4) orderer sorts the endorsements after accumulating the preset number of endorsements, and sends the sorted endorsement set to Committer;
B5) the Committer verifies the endorsement set according to the endorsement strategy, after the checking is finished, the Committer performs actual execution of a read operation set and a write operation set on a local alliance chain database, and records the transaction result of each transaction to a block chain; after completion, the Committer is executed completely; after the Committer finishes executing, sending a transaction result notification to the user and the Endorser;
B6) the method comprises the following steps After receiving the transaction result, the user verifies the signature by using the public key of Committer, and trusts the transaction notice after the signature passes; formally storing the plurality of groups of new private key components obtained in the step B1) in the client key fob, and replacing the private key of the local k-th user backup key fob by the user using the backup user private key obtained in the step B4); calculating to obtain a corresponding user public key according to the backed-up user private key, or obtaining the corresponding user public key from a digital certificate or a block chain record;
B7) and after receiving the notification, each Endorser uses the public key of Committer for verification, trusts the notification after verification, and formally saves a plurality of groups of private key components of the private key of the kth backup key fob in the key fob and replaces the original values, so that the loss report and recovery of the original key fob of the user are completed.
The invention discloses a private key threshold backup, loss report and recovery method based on a alliance chain, when a user loses a current key fob and does not have a backup key, the private key is recovered through manual operation: acquiring private key components of a preset number from the preset number of Endorsers, and recovering the private key of the user; and then calculating according to the user private key to obtain a corresponding user public key, or obtaining the corresponding user public key from a digital certificate or a block chain record.
Preferably, the read operation set includes a list of all IDs and their attributes under the user name, an encrypted private key component, an ID of a key fob used to encrypt the private key component, and public key information; the write operation set comprises the invalid ID and the new ID.
Has the advantages that: due to the adoption of the technical scheme, the invention has the following technical effects:
(1) the key fob used in the invention is an independent hardware isolation device, the private key is stored in the data security zone of the key fob, the possibility of stealing the key by malicious software or malicious operations is greatly reduced, and the attack of Trojan horses or hackers can be resisted;
(2) the invention backups the private key by using a secret sharing mode through the block chain, can effectively protect the safety of the private key of the user, and after the key fob is backed up, the operations of loss report and recovery are very simple and rapid, so that the user can conveniently retrieve the key, and through the backup key fob, the corresponding bit coin or other rights and interests cannot disappear along with the loss of the current key fob;
(3) the private key component obtained by the server of each member of the alliance chain can also be used as an authentication key for the key fob, the authentication key is added into the signature of the key fob for each transaction, and the lost key fob does not have the authentication key, so that the lost key fob cannot generate the signature and obtain the approval of the Endorser, namely, the lost key fob is effectively invalidated, and the safety is high;
(4) in case the key fob is lost and no backup key fob is available, the key fob can be retrieved from a plurality of servers manually; acquiring a plurality of groups of private key components from a plurality of Endorsers and recovering the private key of a user; and then, a public key is obtained by calculation according to a user private key or is obtained from a digital certificate or a block chain record to be used as the user public key, so that the defect that the core node is endowed with overlarge rights in the prior art is overcome.
Drawings
FIG. 1 is a block diagram of an embodiment of a federation chain-based private key threshold backup, loss reporting, and recovery system of the present invention.
Detailed Description
The scheme is further explained by combining the attached drawings.
Fig. 1 is a schematic structural diagram of an embodiment of the present invention, which is a federation-based private key threshold backup, loss report, and recovery system, and includes a certification authority, a plurality of users, and federation members, wherein each user and each federation member is equipped with a key fob issued by the certification authority, and the key fob stores a public key and a private key; the user key fobs include a primary key fob and a number of backup key fobs. All key fobs may be referred to by key fob IDs, and the CA maintains information about the association of user IDs.
The user carries a corresponding block chain client, has 1 or more public keys and does not have block chain service.
The federation chain members are loaded with corresponding block chain services, each service has 1 or more public keys, the block chain services comprise Peer services, Order services and the like, wherein the Peer services are Committer and Endorser; the Order service consists of a number of orderers. The block chain services all have Committer function; block chains and intelligent contracts are stored, and the intelligent contracts run outside the key fob; the world state (outside the key fob) WorldState contains the key fob ID for each user and a list of its attributes.
The certification authority (CA for short) of the present embodiment is similar to a classical CA system. The classical CA issues digital certificates, the CA of this embodiment not only issues digital certificates, but also key fobs as described above.
If the IDU is the identity of the first backup of the UserName, then the key fob with the identity of the IDU has a digital certificate CERT and the remaining key fobs do not have digital certificates. If the IDU is not the identity of the UserName first backup, then neither the key fob with the identity of the IDU nor the remaining key fobs have digital certificates.
The following labels for User, endosser, Orderer, Committer are given as follows:
(1) the respective IDs are IDU, IDE, IDO and IDC;
(2) the respective public keys are PKU, PKE, PKO and PKC respectively;
(3) the respective private keys are SKU, SKE, SKO and SKC respectively.
According to the transaction flow, one of the users, which may be referred to as User, has 1 or more blockchain accounts, each account corresponding to 1 public/private key combination. Members of the federation chain providing the corresponding service may act as Endorser, Orderer, or Committer. And the User uses performs distributed storage on the private key SKU through secret sharing. And the User groups the private key SKUs in a secret sharing mode of (T, N), wherein N is the number of fragments of the split shared secret of the private key, T is the minimum number of fragments of the recovered private key, and T is more than or equal to 2 and less than or equal to N. The Nth Endorser is marked as Ej(j ═ 1, 2.. times, n), each EjThe secret obtained is (x)j,SKj). Using any of N EndorsersThe T private key SKUs of the User can be recovered.
Private key backup process:
step 1: user presents the transaction.
The User key fob comprises a primary key fob comprising an asymmetric key pair PKU/SKU and n backup key fobs; the User groups the private key SKUs in a secret sharing mode (T, N) to obtain multiple groups of private key components (x)i,SKUi). The backup key fob includes an asymmetric key pair PKk/SKk,1≤k≤n。
If and only if the IDU is a username and is backed up for the first time, the key fob with the identity IDU has a digital certificate CERT, and the remaining key fobs do not have digital certificates; the member of the alliance chain can obtain the user key information through the user digital certificate.
Let the ith private key component (x)i,SKUi) User uses PKkWill (x)i,SKUi) Ciphering to obtain SKUEi,SKUEi=ENC(xi||SKUi,PKk). ENC (m, PK) denotes the use of the public key PK to encrypt the message m, e.g. the RSA/ECIES algorithm. User obtains SKUE after encryptioniAssigned to the kth key fob.
The User sends a transaction tx to the N Endorsers, wherein tx is { proposal, clientSig }.
Wherein, propofol is expressed as { IDU, chaincodeID, txPayload, timestamp };
the chain code chaincoded ID is the number of the intelligent contract function; txPayload, a parameter of a function, can be expressed as txPayload ═ UserName | { IDUk||PKk,1≤k≤n}||{IDi||SKUEiI is more than or equal to 1 and less than or equal to T, wherein the UserName is a user name, each key fob has an ID, each user has a UserName, the current ID under the user name is IDU, and the backup ID is ID1~IDn,IDiIs a private key component (x)i,SKUi) An ID of the assigned key fob; timestamp is the timestamp. The signature of client Sig, namely User, on propofol, obtains the signature SIGN (propofol | | | x)i||SKUiSKU). SIGN (m, SK) denotes the signing of a message m with a private key SK, e.g.The RSA/ECDSA algorithm.
Step 2: the Endorser performs the transaction.
If the IDU is the identity of the first backup of the UserName, acquiring the PKU through CERT; and if the IDU is not the identity of the UserName backup for the first time, the PKU is obtained through searching of the block chain records. If the PKU can not be found, the transaction fails, and the process is ended.
Finding locally stored x by Endorser according to IDUi||SKiSplicing the obtained product with propofol to obtain propofol | | | xi||SKiThe clientSig is verified using PKU. And after the verification is passed, checking whether the difference between the timestamp in the proxy and the local time is within a reasonable range. If the transaction is judged to pass, the transaction is approved, and if the transaction is judged not to pass, the transaction is not approved.
And after the verification is passed, processing the transaction, namely executing the chaincode according to the chaincodeID, and generating a readset and a writeset of the read-write operation set. readset is a list of all IDs and attributes thereof under the UserName name, wherein the attributes comprise a current ID, a backup ID and an invalid ID; writeset is a list of IDs that need to be added and their attributes, an
{IDUk||PKk,1≤k≤n}||{IDi||SKUEi,1≤i≤T}。
And step 3: the Endorser sends a transaction reply.
And the Endorser returns a transaction response rtx containing the read-write operation set to the User. Transaction reply rtx may be expressed as { tran-pro pos, epSig }. the tran-propofol or application response may be expressed as IDE, tid, chaincodeID, txPayload, readset, writeset. Including the transaction's sequence number tid (tid ═ HASH (propusal)), chaincodeID and txPayload, and the set of read and write operations readset and writeset. epSig, i.e. signing a tran-propofol with the private key SKE of Endorser, can be denoted SIGN (SKE).
And 4, sending the endorsement etx to the order by the User.
And after receiving the transaction response, the User screens out the transaction approved by the Endorser, and verifies the signature epSig by using a public key PKE (public Key exchange), wherein the PKE can be acquired from the certificate of the Endorser.
After the User receives a plurality of transaction responses and respectively passes verification, the rtx sets obtained through selection are combined into a set etx, namely an endorsement, etx ═ Σ rtx, and the endorsement is sent to the order.
And 5: orderer sends the sorted etx set to Committer.
After Orderer accumulated a certain number of etx, Orderer ordered etx. Orderer generates an ordered endorsement set, i.e. etxs, which also includes a sequence number seqno and a hash value prevhash of the last block of the coalition chain. The set of endorsements etxs may be denoted as { seqno, prevhash, Σ etx }. Orderer sends etxs to Committer.
Step 6: each commit verifies the transaction.
After each Committer receives the ordered endorsement sets, the Committer verifies the etx sets according to the endorsement policy, including checking the read-write operation set, verifying the digital signature, and the like. After the check is completed, the commit performs actual execution of the read-write operation set on the local federation chain database (except for the transaction for which the read-write operation set check fails), and records the transaction result of each transaction into the blockchain. When the execution is completed, the Committer is finished.
And 7: committer sends a transaction notification.
After execution of the Committers is completed, a notification of the transaction results (success or failure) is sent to the User.
Committer generates a transaction notification ntx including tid, result (i.e., success or failure) and a signature commasterSig. CommitterSig, Committer, uses the private key SKC to SIGN result, which may be denoted as SIGN (result, SKC).
After receiving the signature, the User uses the public key PKC of Committer and verifies the signature SIGN (result, SKC), and trusts the transaction notice after passing.
The embodiment is used for realizing the private key loss reporting and recovery process as follows:
step 1: user presents the transaction.
And when the main key card of the User is lost, the kth key card is used for loss report and recovery of the private key. User collects n txmEach txmM is more than or equal to 1 and less than or equal to n and is obtained by the calculation of the mth key fob. And selects IDUkAs a new key fob. txm={proposalm,clientSigm}, its propofolmCan be expressed as { IDUm,chaincodeID,txPayloadm,timestampm},txPayloadmMay be expressed as UserName IDU Msg, which represents a loss-reporting and recovery message instruction. clientSigmDenoted SIGN (propofol)m,SKm)。
The User sends a transaction to the N endorsers, the transaction tx can be expressed as { proposal, txdata, clientSig }. Proposal can be expressed as { IDUkchaincodeID, txPayload, timetag }. The chain code chaincondeid is the number of an intelligent contract function, and the txPayload is the parameter of the function and is UserName | | | IDU | | Msg | | { tx |, of whichmM is more than or equal to 1 and less than or equal to n, and Msg represents a loss report and recovery message instruction; timestamp is the timestamp. The repeated parts can optimize storage, such as chaencodeID/txPayload and the like.
For SKkSecret sharing of (T, N) is carried out to obtain a plurality of groups (x)i||SKki). Using PKE vs. xi||SKkiEncrypted to obtain txdata, which can be expressed as ENC (x)i||SKkiPKE). clientSig, User vs Proposal and xi||SKkiThe signature of (2) can be expressed as SIGN (proposal | | | x)i||SKki,SKk)。
Client side converts multiple sets of IDEi||xi||SKkiTemporarily saved to the client key fob.
Step 2: the Endorser performs the transaction.
Endorser according to ENC (x)i||SKkiPKE) to obtain x by decryption using its own private key SKEi||SKki
Endorser according to IDUkObtaining PK through block chain record searchkUsing PKkThe clientSig is verified. And after the verification is passed, checking whether the difference between the timestamp in the proxy and the local time is within a reasonable range. If the transaction is judged to pass, the transaction is approved, and if the transaction is judged not to pass, the transaction is not approved.
Endorser parses each txmTo obtain { proposalm,clientSigm}. Endorser according to IDUmObtaining PK through block chain record searchmUsing PKmVerifying clientSigm. Checking the propofol after the verification is passedmAnd timestampmWhether the difference in local time lies within a reasonable range. If the transaction is judged to pass, the transaction is approved, and if the transaction is judged not to pass, the transaction is not approved. Endorser uses the method described above for each txmAnd (6) carrying out verification.
And after the verification is passed, processing the transaction, namely executing the chaincode according to the chaincodeID, and generating a readset and a writeset of the read-write operation set. readset is a list of all IDs under the Username name and their attributes, and { IDUk||PKk||SKUEi,1≤k≤n}||{IDi||SKUEiI is more than or equal to 1 and less than or equal to T }; writeset can be expressed as IDUkIndicating IDU as invalid ID, IDUkThe flag is the current ID. If the transaction is not approved, then readset/writeset is invalid. EiWill IDUk||xi||SKkiTemporarily stored in EiA key fob.
And step 3: the Endorser sends a transaction reply.
Endorser returns a transaction response rtx to User. Transaction reply rtx is denoted as { tran-propusal, epSig }.
the tran-propofol, namely the application response, is { IDE, tid, chaencodeID, txPayload, readset, writeset }, and includes transaction serial number tid (tid ═ HASH (propulsal)), chaencodeID and txPayload, and read-write operation set readset and writeset.
epSig, i.e. signing a tran-propofol with the private key SKE of Endorser, can be denoted SIGN (SKE).
And 4, step 4: user sends an Endorsement (Endorsement) etx to order.
And after receiving the transaction response, the User screens out the transaction approved by the Endorser and verifies the signature epSig by using the public key PKE. And checking whether the readsets of the rtx successfully verified are consistent.
According to { IDi||SKUEi,1<=i<T }, get IDi,IDiIs (x)i,SKUi) The ID of the assigned key fob. According to IDiSKUE (secure user equipment)iTo the corresponding key fob. Per key fob decryption SKUEiWherein
SKUEi=ENC(xi||SKUi,PKi) I is not less than 1 and not more than T, thereby obtaining xi||SKUi。IDiAnd IDUkAt different time, IDiWhere the key fob uses PKkEncryption (x)i||SKUi) I.e. SKUEik=ENC(xi||SKUi,PKk). SKUE (secure user equipment)ikIs sent to the IDUk。IDUkSK for key fob inkDecrypting to obtain (x)i||SKUi),IDUkDetermining that decryption is successful (x)i||SKUi) Up to T, with this T (x)i||SKUi) The SKU is restored. User sends an endorsement etx to Orderer. Where etx ═ Σ rtx.
And 5: orderer sends the sorted etx set to Committer.
After Orderer accumulated a certain number of etx, Orderer ordered etx. Orderer generates an ordered endorsement set, i.e. etxs, which also includes a sequence number seqno and a hash value prevhash of the last block of the coalition chain. The set of endorsements etxs may be denoted as { seqno, prevhash, Σ etx }. Orderer sends etxs to Committer.
Step 6: each commit verifies the transaction.
After each Committer receives the ordered endorsement sets, the Committer verifies the etx sets according to the endorsement policy, including checking the read-write operation set, verifying the digital signature, and the like. After the check is completed, the commit performs actual execution of the read-write operation set on the local federation chain database (except for the transaction for which the read-write operation set check fails), and records the transaction result of each transaction into the blockchain. When the execution is completed, the Committer is finished.
And 7: committer sends a transaction notification.
After the Committer execution is completed, a notification of the transaction results (success or failure) is sent to the User and the endorsers.
Committer generates a transaction notification ntx including tid, result (i.e., success or failure) and a signature commasterSig. CommitterSig, Committer, uses the private key SKC to SIGN result, which may be denoted as SIGN (result, SKC).
After receiving the notification, the User uses the public key PKC of Committer and verifies the signature SIGN (result, SKC), and trusts the transaction notification after passing the signature. Multiple sets of IDEi||xi||SKkiFormally stored on the client key fob. User then replaces the local SKU with the SKUk. The PKU is computed from the SKU or obtained from other sources as the public key.
EiAfter receiving the notification, the public key PKC of Committer is used and the signature SIGN (result, SKC) is verified, and the transaction notification is trusted after the signature is passed. EiWill IDUk||xi||SKkiFormally stored in EiThe key fob replaces the original value. I.e. the replacement IDU and its key component. So far the loss reporting and recovery of the key fob is complete.
The following normal transaction flow of key suspension and recovery processing is described as follows:
in subsequent normal transactions, User uses IDUkWhen the secret key card of (A) presents a transaction to Endorser, transaction tx can be expressed as { propesal, clientSig }, and propesal as { IDU }kchaincodeID, txPayload, timestamp }; clientSig can be represented as SIGN (proposal | | | x)i||SKkiSK), where a partial secret x is added to the signaturei||SKki. The key fob of the lost key fob or IDU has SK and can acquire the public IDUk. But still cannot sign and gain approval from the enrser because there is no matching partial secret, i.e. the key fob that has been reported to be revoked is effectively revoked. That is, the private key component obtained by the server of each member of the coalition chain in the invention, such as the user does not lose the key, when in normal use, the key component x is usedj||SKjAs authentication key for key fob, user loses key, reports loss of key with partial secret xi||SKkiAs an authentication key for the key fob, the authentication key is added to the key fob's signature for each transaction, and security is preservedAnd (4) syndrome differentiation. And the lost key fob does not have the new authentication key, so that the lost key fob cannot generate a signature and obtain approval of the endosser, i.e., the lost key fob is effectively revoked and is high in security.
The invention backups the private key of the user by using a secret sharing mode through the block chain, can effectively protect the safety of the private key, has very simple and rapid loss reporting and recovery operations after the key fob is backed up, ensures that the user can conveniently retrieve the key, and does not disappear along with the loss of the current key fob by backing up the key fob and corresponding bit coins or other rights and interests. In addition, the private key threshold of the present invention can also be reported and recovered in extreme cases, i.e., in cases where the user loses the current key fob and there is no backup key fob. Then it is possible to operate manually from a plurality of EiTo obtain multiple sets of private key components (x)j,SKj) And recovering the SK, and calculating to obtain the PK from the SK or from other channels as a public key. Other channels may be digital certificates or blockchain records.
The above description is only of the preferred embodiments of the present invention, and it should be noted that: it will be apparent to those skilled in the art that various modifications and adaptations can be made without departing from the principles of the invention and these are intended to be within the scope of the invention.

Claims (10)

1. A private key threshold backup, loss report and recovery system based on a federation chain is characterized in that: including a certification authority, a number of users, and federation chain members, wherein,
each user and member of the alliance chain are provided with a key fob, each key fob is provided with a unique ID, the key fob is issued by a certification authority, and a public key and a private key are stored in the key fob; the user key fobs include a primary key fob and a number of backup key fobs;
each alliance chain member is provided with a block chain service, wherein the block chain service comprises an Endorser, a Committer and an Orderer; the user private key is divided into a plurality of private key components in a secret sharing mode, and each private key component is encrypted and then stored in a standby key card and a block chain service;
the certification authority issues digital certificates and key fobs for users and federation chain members.
2. The federation chain-based private key threshold backup, loss report and recovery system of claim 1, wherein: each user is provided with a block chain client, and the block chain client is provided with a public key and a blockchain-free service.
3. The federation chain-based private key threshold backup, loss report and recovery system of claim 1, wherein: the user, the Endorser and the Committer adopt the private keys of the key fobs to sign the sent information and adopt the public key of the information sending end to verify the received notification information, and the public key information of the key fobs of the other party is searched from the digital certificate or through the record of the block chain among the user, the Endorser and the Committer.
4. The federation chain-based private key threshold backup, loss report and recovery system of claim 1, wherein: the user is provided with a digital certificate, and if and only if the user ID is used as a user name and is backed up for the first time, the key fob with the user ID as the identity has the digital certificate, and the rest key fobs do not have the digital certificate; the member of the alliance chain can obtain the user key information through the user digital certificate.
5. The federation chain-based private key threshold backup, loss report and recovery system of claim 1, wherein the secret sharing is performed by: the user groups and stores the private key of the main key fob in a distributed manner by using a secret sharing mode of (T, N), and sends the private key to N Endorsers, wherein N is the number of fragments of the shared secret split by the private key, T is the minimum number of fragments for recovering the private key, T is more than or equal to 2 and less than or equal to N, each Endorser obtains a private key component, and the private key component is marked as Ej(j=1,2,…,N),EjRepresenting the j < th > Endorser, the obtained secret is (xj, SK)j) (ii) a And selecting any T of the N Endorsers for recovering the private key of the user.
6. A private key threshold backup, loss report and recovery method based on a alliance chain is characterized by comprising the following steps:
A1) the user groups and stores the private key in a distributed manner in a secret sharing manner, and sends signed transaction to Endorsers of N coalition chain members providing services, wherein the transaction comprises user name information, private key component information, key card information used for encrypting the private key component, a timestamp and a backup instruction;
A2) the Endorser verifies the transaction and takes the locally stored private key component of the user as an authentication key; after the verification is passed, generating a read operation set and a write operation set, and sending a transaction response to the user by the Endorser;
A3) after receiving the transaction response, the user screens out the transaction approved by the Endorser and verifies the transaction; the user selects a plurality of received transaction responses which pass the verification to form an endorsement and sends the endorsement to the order;
A4) orderer sorts the endorsements after accumulating the preset number of endorsements, and sends the sorted endorsement set to Committer;
A5) the Committer verifies the endorsement set according to the endorsement strategy, after the checking is finished, the Committer performs actual execution of a read operation set and a write operation set on a local alliance chain database, and records the transaction result of each transaction to a block chain; after completion, the Committer is executed completely; after the Committer finishes executing, sending a transaction result notification to the user;
A6) and after receiving the transaction result notice, the user carries out verification, trusts the transaction result notice after passing the verification, and finishes the backup of the user private key.
7. A private key threshold backup, loss report and recovery method based on a alliance chain is characterized in that when a main key fob of a user is lost and backup exists in a block chain structure, the user uses a kth user backup key fob to report and recover the private key, and the private key loss report and recovery method comprises the following steps:
B1) selecting a kth user backup key fob as a new key fob, carrying out (T, N) secret sharing on a private key of the kth backup key fob to obtain a plurality of groups of private key components, encrypting the private key components by using an Endorser public key, and then carrying out distributed storage, wherein a user client temporarily stores the new private key components in the client key fob;
collecting N transaction information fragments, wherein each transaction information fragment is encrypted by a key fob comprising an original private key component of a user, the user sends a transaction with a new key fob signature to N Endorsers, and the transaction comprises user name information, transaction information fragments, key fob information used for encrypting the transaction information fragments, a timestamp and an instruction for reporting a loss of the private key;
B2) the Endorser decrypts the private key component of the kth user backup key by adopting a private key of the Endorser, verifies the user signature by using the public key of the kth backup key card, verifies the received transaction containing the transaction information segment, and approves the transaction passing the verification;
processing the approved transaction to generate a read operation set and a write operation set containing the kth user backup key card information, and temporarily storing the private key component of the kth user backup key in the key card of each Endorser;
after the processing is finished, the Endorser sends a transaction response to the user;
B3) screening out the transaction approved by the Endorser by the user, and verifying the transaction by using the Endorser public key; checking the read operation set for the transaction response passing the verification;
the user sends the private key component in the received transaction response to the corresponding key fob according to the user ID information, the key fob decrypts the private key component and encrypts the decrypted private key component by using the public key of the kth user backup key fob; then the encrypted private key component is sent to the distributed kth user backup key fob and the kth user backup key fob carries out decryption processing by adopting the private key of the kth user backup key fob;
when the key components successfully decrypted by the kth user backup key card reach the preset number T, recovering the obtained T key components to obtain a backup user private key;
the user sends the endorsement to Orderer;
B4) orderer sorts the endorsements after accumulating the preset number of endorsements, and sends the sorted endorsement set to Committer;
B5) the Committer verifies the endorsement set according to the endorsement strategy, after the checking is finished, the Committer performs actual execution of a read operation set and a write operation set on a local alliance chain database, and records the transaction result of each transaction to a block chain; after completion, the Committer is executed completely; after the Committer finishes executing, sending a transaction result notification to the user and the Endorser;
B6) the method comprises the following steps After receiving the transaction result, the user verifies the signature by using the public key of Committer, and trusts the transaction notice after the signature passes; formally storing the plurality of groups of new private key components obtained in the step B1) in the client key fob, and replacing the private key of the local k-th user backup key fob by the user using the backup user private key obtained in the step B4); calculating to obtain a corresponding user public key according to the backed-up user private key, or obtaining the corresponding user public key from a digital certificate or a block chain record;
B7) and after receiving the notification, each Endorser uses the public key of Committer for verification, trusts the notification after verification, and formally saves a plurality of groups of private key components of the private key of the kth backup key fob in the key fob and replaces the original values, so that the loss report and recovery of the original key fob of the user are completed.
8. A private key threshold backup, loss report and recovery method based on a alliance chain is characterized in that: when the user loses the current key fob and there is no backup key, the private key is recovered by manual operation: acquiring private key components of a preset number from the preset number of Endorsers, and recovering the private key of the user; and then calculating according to the user private key to obtain a corresponding user public key, or obtaining the corresponding user public key from a digital certificate or a block chain record.
9. The federation chain-based private key threshold backup, loss report and recovery method of claim 6, wherein: the read operation set comprises a list of all IDs and attributes thereof under the name of the user, wherein the attributes comprise a current ID, a backup ID and an invalid ID; the write operation set comprises a list of IDs and attributes thereof to be added, the encrypted private key component, the ID of the key fob used to encrypt the private key component, and public key information.
10. The federation chain-based private key threshold backup, loss report and recovery method of claim 7, wherein: the read operation set comprises a list of all IDs and attributes thereof under the name of the user, an encrypted private key component, and ID and public key information of a key fob used for encrypting the private key component; the write operation set comprises the invalid ID and the new ID.
CN201911226377.8A 2019-12-04 2019-12-04 Private key threshold backup, loss reporting and recovery system and method based on alliance chain Active CN110929290B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911226377.8A CN110929290B (en) 2019-12-04 2019-12-04 Private key threshold backup, loss reporting and recovery system and method based on alliance chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911226377.8A CN110929290B (en) 2019-12-04 2019-12-04 Private key threshold backup, loss reporting and recovery system and method based on alliance chain

Publications (2)

Publication Number Publication Date
CN110929290A true CN110929290A (en) 2020-03-27
CN110929290B CN110929290B (en) 2022-03-18

Family

ID=69857873

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911226377.8A Active CN110929290B (en) 2019-12-04 2019-12-04 Private key threshold backup, loss reporting and recovery system and method based on alliance chain

Country Status (1)

Country Link
CN (1) CN110929290B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111476572A (en) * 2020-04-09 2020-07-31 财付通支付科技有限公司 Data processing method and device based on block chain, storage medium and equipment
CN111818087A (en) * 2020-07-27 2020-10-23 深圳壹账通智能科技有限公司 Block chain node access method, device, equipment and readable storage medium
CN113033605A (en) * 2021-02-08 2021-06-25 广东迅科动力科技有限公司 Motor fault judgment method and device, terminal equipment and computer storage medium
CN113190234A (en) * 2021-05-21 2021-07-30 电子科技大学 Method and system for automatically recovering intelligent contract function signature of block chain
CN113347009A (en) * 2021-08-05 2021-09-03 成都飞机工业(集团)有限责任公司 Certificateless threshold signcryption method based on elliptic curve cryptosystem
CN114172660A (en) * 2021-12-03 2022-03-11 浙商银行股份有限公司 Method, device and equipment for managing account of alliance chain and storage medium
WO2022111175A1 (en) * 2020-11-24 2022-06-02 International Business Machines Corporation Key reclamation in blockchain network via oprf
CN114666066A (en) * 2022-05-20 2022-06-24 杭州天谷信息科技有限公司 Private key recovery method and system and private key updating method and system

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102739401A (en) * 2012-06-05 2012-10-17 北京工业大学 Private key safety management method based on identity public key cryptography system
CN106548345A (en) * 2016-12-07 2017-03-29 北京信任度科技有限公司 The method and system of block chain private key protection are realized based on Secret splitting
CN107528688A (en) * 2017-09-30 2017-12-29 矩阵元技术(深圳)有限公司 A kind of keeping of block chain key and restoration methods, device based on encryption commission technology
CN107623569A (en) * 2017-09-30 2018-01-23 矩阵元技术(深圳)有限公司 Block chain key escrow and restoration methods, device based on Secret sharing techniques
CN107944255A (en) * 2016-10-13 2018-04-20 深圳市图灵奇点智能科技有限公司 A kind of key management method towards block chain
US20190089543A1 (en) * 2017-09-20 2019-03-21 Nagravision S.A. FAULT ATTACKS COUNTER-MEASURES FOR EdDSA
CN109687963A (en) * 2019-01-15 2019-04-26 如般量子科技有限公司 Anti- quantum calculation alliance chain method of commerce and system based on public key pond
CN110086626A (en) * 2019-04-22 2019-08-02 如般量子科技有限公司 Quantum secret communication alliance chain method of commerce and system based on unsymmetrical key pond pair
CN110086612A (en) * 2019-04-26 2019-08-02 山大地纬软件股份有限公司 A kind of public and private key backup of block chain and lose method for retrieving and system
CN110519045A (en) * 2019-07-02 2019-11-29 如般量子科技有限公司 Anti- quantum calculation alliance chain method of commerce, system and equipment based on group's unsymmetrical key pond

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102739401A (en) * 2012-06-05 2012-10-17 北京工业大学 Private key safety management method based on identity public key cryptography system
CN107944255A (en) * 2016-10-13 2018-04-20 深圳市图灵奇点智能科技有限公司 A kind of key management method towards block chain
CN106548345A (en) * 2016-12-07 2017-03-29 北京信任度科技有限公司 The method and system of block chain private key protection are realized based on Secret splitting
US20190089543A1 (en) * 2017-09-20 2019-03-21 Nagravision S.A. FAULT ATTACKS COUNTER-MEASURES FOR EdDSA
CN107528688A (en) * 2017-09-30 2017-12-29 矩阵元技术(深圳)有限公司 A kind of keeping of block chain key and restoration methods, device based on encryption commission technology
CN107623569A (en) * 2017-09-30 2018-01-23 矩阵元技术(深圳)有限公司 Block chain key escrow and restoration methods, device based on Secret sharing techniques
CN109687963A (en) * 2019-01-15 2019-04-26 如般量子科技有限公司 Anti- quantum calculation alliance chain method of commerce and system based on public key pond
CN110086626A (en) * 2019-04-22 2019-08-02 如般量子科技有限公司 Quantum secret communication alliance chain method of commerce and system based on unsymmetrical key pond pair
CN110086612A (en) * 2019-04-26 2019-08-02 山大地纬软件股份有限公司 A kind of public and private key backup of block chain and lose method for retrieving and system
CN110519045A (en) * 2019-07-02 2019-11-29 如般量子科技有限公司 Anti- quantum calculation alliance chain method of commerce, system and equipment based on group's unsymmetrical key pond

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
RENU DALAL 等: "A Review on Key Management Schemes in MANET", 《INTERNATIONAL JOURNAL OF DISTRIBUTED AND PARALLEL SYSTEMS》 *
方亮 等: "基于秘密共享的组密钥协商方案", 《计算机工程与应用》 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111476572A (en) * 2020-04-09 2020-07-31 财付通支付科技有限公司 Data processing method and device based on block chain, storage medium and equipment
CN111476572B (en) * 2020-04-09 2024-03-19 财付通支付科技有限公司 Block chain-based data processing method, device, storage medium and equipment
CN111818087A (en) * 2020-07-27 2020-10-23 深圳壹账通智能科技有限公司 Block chain node access method, device, equipment and readable storage medium
WO2022111175A1 (en) * 2020-11-24 2022-06-02 International Business Machines Corporation Key reclamation in blockchain network via oprf
GB2615710A (en) * 2020-11-24 2023-08-16 Ibm Key reclamation in blockchain network via OPRF
CN113033605A (en) * 2021-02-08 2021-06-25 广东迅科动力科技有限公司 Motor fault judgment method and device, terminal equipment and computer storage medium
CN113190234A (en) * 2021-05-21 2021-07-30 电子科技大学 Method and system for automatically recovering intelligent contract function signature of block chain
CN113347009A (en) * 2021-08-05 2021-09-03 成都飞机工业(集团)有限责任公司 Certificateless threshold signcryption method based on elliptic curve cryptosystem
CN113347009B (en) * 2021-08-05 2022-01-07 成都飞机工业(集团)有限责任公司 Certificateless threshold signcryption method based on elliptic curve cryptosystem
CN114172660A (en) * 2021-12-03 2022-03-11 浙商银行股份有限公司 Method, device and equipment for managing account of alliance chain and storage medium
CN114172660B (en) * 2021-12-03 2024-03-26 浙商银行股份有限公司 Account management method, device and equipment of alliance chain and storage medium
CN114666066A (en) * 2022-05-20 2022-06-24 杭州天谷信息科技有限公司 Private key recovery method and system and private key updating method and system

Also Published As

Publication number Publication date
CN110929290B (en) 2022-03-18

Similar Documents

Publication Publication Date Title
CN110929290B (en) Private key threshold backup, loss reporting and recovery system and method based on alliance chain
CN109377198B (en) Signing system based on multi-party consensus of alliance chain
CN108418680B (en) Block chain key recovery method and medium based on secure multi-party computing technology
CN111062716B (en) Method and device for generating block chain signature data and block chain transaction initiating system
CN109687963B (en) Anti-quantum computing alliance chain transaction method and system based on public key pool
CN108009917B (en) Transaction verification and registration method and system for digital currency
CN107528688B (en) Block chain key keeping and recovering method and device based on encryption delegation technology
IL270824B2 (en) Distributed ledger for physical material
CN110690957B (en) Anti-quantum computing private key backup, loss report and recovery method and system
CN111242617A (en) Method and apparatus for performing transaction correctness verification
GB2337145A (en) Delegating use of electronic key
CN110868295B (en) Anti-quantum computing union chain system based on secret sharing and communication method
CN110830244B (en) Anti-quantum computing Internet of vehicles method and system based on identity secret sharing and alliance chain
US20180069697A1 (en) Method and Apparatus for Restoring Access to Digital Assets
CN107920052B (en) Encryption method and intelligent device
CN111355591A (en) Block chain account safety management method based on real-name authentication technology
CN110737915B (en) Anti-quantum-computation anonymous identity recognition method and system based on implicit certificate
CN112463454B (en) Data recovery method, server, terminal device and storage medium
CN110661613A (en) Anti-quantum-computation implicit certificate issuing method and system based on alliance chain
CN116057554A (en) Method for managing transaction data sets, participant unit, transaction register and payment system
CN104881595B (en) The self-help remote unlocking method managed based on PIN code
CN110098925B (en) Quantum communication service station key negotiation method and system based on asymmetric key pool pair and random number
CN107205080B (en) Smart phone with independent financial transaction system
CN110634072A (en) Block chain transaction system based on multiple tags and hardware encryption and operation mechanism thereof
CN113761578A (en) Document true checking method based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant