CN111369251A - Block chain transaction supervision method based on user secondary identity structure - Google Patents
Block chain transaction supervision method based on user secondary identity structure Download PDFInfo
- Publication number
- CN111369251A CN111369251A CN202010154432.3A CN202010154432A CN111369251A CN 111369251 A CN111369251 A CN 111369251A CN 202010154432 A CN202010154432 A CN 202010154432A CN 111369251 A CN111369251 A CN 111369251A
- Authority
- CN
- China
- Prior art keywords
- transaction
- john
- bob
- anonymous
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/383—Anonymous user system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
Abstract
The invention discloses a block chain transaction supervision method based on a user secondary identity structure, which comprises the following steps: the two parties of the transaction firstly sign own anonymous transaction by using a private key of a public key cryptosystem (PKI) CA certificate of the two parties of the transaction to form mutual commitment to the transaction; the two transaction parties encrypt the digital signature and the CA certificate by using the generated public key of the anonymous account of the other party and send the encrypted digital signature and the CA certificate to the other party; the two transaction parties decrypt the received encrypted commitment signature of the other party and verify the decrypted commitment signature by using the public key of the CA certificate of the other party; and judging whether the verification is established, if so, finishing the down-link transaction, and otherwise, terminating the down-link transaction process. The invention combines the primary real-name identity with the secondary anonymous identity, realizes the under-chain bidirectional authenticable signature and verification of the point-to-point transaction content through the primary real-name identity, and simultaneously realizes the on-chain public tracking and verification of the transaction content authenticity through the secondary anonymous identity.
Description
Technical Field
The invention relates to the technical field of blockchain, in particular to a blockchain transaction supervision method based on a user secondary identity structure.
Background
The block chain is used as a basic technology of the bit currency, has the characteristics of decentralization, middleman removal, trust removal, anonymity, openness, traceability, distributed type, non-tampering and the like, and has wide revolutionary application in the fields of digital currency, cross-border payment, financial science and technology, intelligent contracts, security transactions, electronic commerce, Internet of things, social communication, file storage, evidence storage and right confirmation, share rights crowd funding and the like. The user of the centralized system must register public identity, the user has no independent control right on own identity and privacy information, and the centralized system has no privacy protection problem. A fully decentralized blockchain is a non-third party based untrusted network (trustless) and may be referred to as a consensus network. Thus, a fully decentralized blockchain may employ anonymous identities, with users having autonomous control over their true identity and private information. If the blockchain is not completely decentralized, trust relationships between users must be established based on public (registered) identities. Thus, anonymity of the user account is an optional attribute of a completely decentralized blockchain network, and you can choose to have their public identity or not. The anonymous digital economy, like the cash trading market, can facilitate commercial transactions by protecting individual privacy. Public digital economies like Taobao network blooms, the network owner providing the business service must legally register the public business identity. Thus, a digital economic entity includes a transaction account number for which an individual must have a publicly registered identity and anonymity. How to ensure that own transaction keeps anonymity on a transaction-unrelated party, but the authenticity of the transaction can be publicly traced and verified on a chain, and meanwhile, real-name identity is adopted for a transaction-related party to carry out chain authentication, so that the problem of chain real-name traceability (KYC) of the transaction-related party is solved, and a default \ illegal evidence for cryptographically preventing repudiation and testability can be provided for the transaction-related party, so that the method is a key problem which needs to be solved when a blockchain technology is applied to a ground practice in a real e-commerce scene.
The block chain network adopts the public account book to record all transactions, anyone can trace back and verify the authenticity of any transaction on the account book at any time, but an irrelevant party of any transaction must never trace and evidence the public real-name identity of a relevant party of the transaction in law. When a party to a transaction violates a law, such as default, money laundering, drug selling, or smuggling, the regulatory authorities can legally disclose criminal evidence by cryptographically repudiation-proof techniques. However, anonymous privacy protection of users of existing blockchain networks conflicts with the real-name regulatory requirements of transaction breach/crime pursuit.
Disclosure of Invention
In order to solve the technical problems, the invention provides a block chain transaction supervision method based on a user secondary identity structure, which is simple in algorithm, safe and reliable.
The technical scheme for solving the technical problems is as follows:
a block chain transaction supervision method based on a user secondary identity structure combines a primary real-name identity with a secondary anonymous identity, realizes under-chain bidirectional authenticable signature and verification of point-to-point transaction contents through the primary real-name identity, and simultaneously realizes on-chain tracking and verification of authenticity of public transaction contents through the secondary anonymous identity, and comprises the following steps:
the method comprises the following steps: the two parties of the transaction firstly sign own anonymous transaction by using the private key of the CA certificate of the two parties of the transaction to form mutual commitment to the transaction;
step two: the two transaction parties encrypt the digital signature and the CA certificate by using the generated public key of the anonymous account of the other party and send the encrypted digital signature and the CA certificate to the other party;
step three: the two transaction parties decrypt the received encrypted commitment signature of the other party and verify the decrypted commitment signature by using the public key of the CA certificate of the other party;
step four: judging whether the verification is established or not, and if the verification is established, finishing the down-link transaction; otherwise, the off-link transaction process is terminated.
According to the block chain transaction supervision method based on the user secondary identity structure, the primary real-name identity is represented by a CA certificate of a user account management App designed based on a public key cryptosystem, and the secondary anonymous identity is represented by a user anonymous account designed based on an asymmetric cryptosystem.
In the block chain transaction supervision method based on the user secondary identity structure, the CA certificate of the App is managed by the user account designed based on the public key cryptosystem, and the CA certificate is stored on a block chain public account and issued by a CA mechanism or an intelligent contract or a CA certificate issued by the CA mechanism and stored on a central server; the user anonymous account designed based on the asymmetric cryptosystem is generated by a cryptographic hash value of one public key or a mixture of a plurality of public keys belonging to the anonymous account.
In the above block chain transaction supervision method based on the user secondary identity structure, in the first step, when the anonymous account number of the transaction initiator is generated by a password hash value mixed by a plurality of public keys, signatures of all private keys of the anonymous account number of the transaction initiator on the anonymous transaction content are provided.
The block chain transaction supervision method based on the user secondary identity structure,assume customer John's public identity certificate as CAJohnThe public key is pubKJohnThe private key is priKJohn(ii) a The public identity certificate of the network commodity sales shop owner Bob is CABobThe public key is pubKBobThe private key is priKBob(ii) a Suppose thatIs an anonymous account number, shorthand, of the customer JohnBy a randomly generated public keyGenerated by cryptographic hashing, the corresponding private key being Is another anonymous account number, shorthand, of customer JohnTwo randomly generated public keysAndis generated by cryptographic hashing, with a corresponding private key ofAndassuming anonymous account numbersN digital encryption currencies exist, and n is more than or equal to p; suppose thatIs an anonymous account number, brief note, of a network shop owner BobBy a randomly generated public keyGenerated by cryptographic hashing, the private key beingThe block chain network transaction steps for customer John to purchase item G in p digital cryptocurrency from network owner Bob are as follows:
1) customer John's anonymous account with himselfTo another anonymous account of oneselfSending p digital cryptocurrency John via anonymous accountSigns the contents of the transaction, i.e. calculatessign is a signature operation symbol; the signature on the transaction is actually a signature on the cryptographic hash value of the transaction content itself,refers to a simplified representation containing a transaction hash signature value and a transaction file, i.e. representing an anonymous account numberTo anonymous account numbersP digital cryptocurrency are sent out,representation by private keyFor transactionThe signature of (3), the following are similar;
2) customer John's anonymous account with himselfAnonymous account number to store owner BobSending p digital encryption currencies; john through anonymous accountA private key ofPartially signing, i.e. computing, transaction contentThen will beAre sent together to
3) The shop owner Bob receivesAndafter the information, recordThen the identity certificate CA is published by the userBobPrivate key priKBobTo pairSigning, i.e. calculating commitment signaturesThen the signature value SignBobPublic identity certificate CA of shop owner BobBobMerchant Bob anonymous account numberOf (2) a public keyAnd a nonce generated instantaneously by BobBobConcatenating to obtain a sequence of messagesWith the anonymous account number of the customer JohnOf (2) a public keyEncryptionObtaining an encrypted ciphertextEnc is an encryption operation symbol; then the encrypted ciphertext is encryptedAnonymous account number sent to customer John
4) Customer John receives the invitationCipher textAfter the information, the account number is anonymous through the userPrivate key ofTo pairPerforming decryption, i.e. calculationTo obtainAs a store owner Bob to the transactionThe verifiable chain promissory signature of (1), Dec is a decryption operation symbol, and is the inverse operation of encryption operation Enc; using public real-name certificates CABobPublic key publicKBobSigning commitmentsPerforming authentication, i.e. verifying If the verification is true, continuing the next step; otherwise, terminating the down-link transaction process;
5) customer John with anonymous account numberAnother private key ofFor transactionThe content being partially signed, i.e. calculatedNote the book Is that the customer John is through an anonymous account numberReconciled transactionsThe complete commitment of; note the book Is that the customer John is through an anonymous account numberAndreconciled transactionsThe complete commitment of;
6) customer John publishes certificate CA by himselfJohnPrivate key priKJohnTo pairSigning, i.e. calculating commitment signaturesSign value SignJohnPublic certificate CA with customer JohnJohnAnd a random number nonce generated immediately by customer JohnJohnConcatenating to obtain a sequence of messagesAnd using the anonymous account number of the network shop owner BobOf (2) a public keyTo pairEncrypted to obtain Will encrypt the resultAnonymous account number sent to network store owner Bob
7) The network shop owner Bob receivesAfter the information, the account number is anonymous through the userPrivate key ofTo pairPerforming decryption, i.e. calculationGet SignJohn||CAJohn||nonceJohnAs a customer John's pair transactionVerifiable commitment signature of (a); using public certificates CAJohnPublic key pubKJohnSign the acceptance SignJohn||CAJohn||nonceJohnPerforming authentication, i.e. verifyingIf the verification is true, continuing the next step; otherwise, terminating the down-link transaction process;
8) the network owner Bob initiates a shipping program for the item G purchased by the customer John.
In the block chain transaction monitoring method based on the user secondary identity structure, in the step 3), the block chain transaction monitoring method is implementedThe encryption of (c) may use the public key of any anonymous account number of the customer John that the network store owner Bob knows.
The block chain transaction supervision method based on the user secondary identity structure further comprises the step that one of the two transaction parties carries out duty following on the real-name identity of the default/illegal party under the condition that the other party violates/violates a law, and supposing that the customer John and the network store owner Bob successfully complete the under-chain transaction program for the commodity G through the block chain, but the network store owner Bob does not start the delivery program of the commodity G; in the case that the customer John cannot receive the commodity G, the real-name identity tracing program for the network store owner Bob is started, and the steps are as follows:
step 1: the public real-name certificate CA of the network store owner Bob that the customer John will save in step 4) of the transaction programBobAnd its signed commitment to the transactionSent together to intelligence responsible for blockchain transaction supervisionAn issuing authority of a contract or public key CA certificate;
step 2: the supervisor checks the real name certificate CA of the network shop owner Bob through the certificate revocation listBobPerforming temporary suspension and informing the shop owner to complete the transaction process, starting a delivery program of the purchased commodity G or returning the order of the customer John on the commodity G by p cryptocurrency, or directly deducting p cryptocurrency from the block chain network transaction security deposit of the network shop owner Bob to the customer John; and the penalty is used for maintaining the normal operation cost of the supervisory program according to the scene intensity.
In the block chain transaction supervision method based on the user secondary identity structure, in the step that one of two transaction parties violates/violates the law, and the other party undertakes responsibility for the real-name identity of the violated/violated party, there is a violation behavior of the customer John on the network store owner Bob:
a double-flower transaction is generated immediately after customer John completes the off-chain transaction stepAnd sends it to the blockchain network, which invalidates the customer John's commitment to the network store owner Bob's payment, and a briefWhereinIs an anonymous account number of customer John; when the network store owner Bob encounters a double-flower attack of the customer John, the public identity certificate CA of the customer is utilizedJohnAnd its pair transactionUnder-chain commitment signature SignJohnThe real-name identity accountability program for the customer John is started, and the real-name identity accountability program for the customer John is the same as the real-name identity accountability program for the network store owner Bob.
According to the block chain transaction supervision method based on the user secondary identity structure, two parties conducting transactions through the block chain network do not need to wait for the transaction of the block chainThe record and confirmation of the transaction is carried out after the transaction process, namely, when the transaction parties successfully complete the down-link transaction step and do not find the default/illegal event, the transaction parties can carry out anonymous transactionAnd sending to the blockchain network.
The invention has the beneficial effects that:
1. the invention combines the primary real-name identity with the secondary anonymous identity, realizes the under-chain bidirectional authenticable signature and verification of the point-to-point transaction content through the primary real-name identity, and simultaneously realizes the on-chain tracking and verification of the authenticity of the public transaction content through the secondary anonymous identity.
2. Blockchain network anonymous accounts may facilitate commercial transactions by protecting individual privacy, and legitimate registration public identities may provide traceability of network violations/violations. The block chain secondary identity structure in the invention has dual identity information of the user public registration identity and the anonymous transaction account number, thereby promoting commercial transaction and protecting the legal rights and interests of participants.
3. The user with the primary public CA certificate can realize point-to-point anonymous value/message transmission through the secondary anonymous account, only two interactive parties can carry out cryptology anti-repudiation under-chain authentication on the real-name identity through a CA certificate system, and the public block chain account book can realize on-chain tracing verification on the authenticity of any transaction/interactive content.
4. The user secondary identity structure can ensure the necessary privacy protection rights among digital economic behavior individuals, and meanwhile, when one party is in default or illegal, the other party can carry out effective anti-repudiation evidence-raising on the digital economic behavior individuals in the cryptographic sense, thereby providing digital criminal evidence with legal efficacy for anonymous account behavior supervision and criminal tracing services of a block chain network.
5. The public key CA certificates of both transaction parties and the signature of the public identity commitment of the transaction do not need to be recorded on the public account book of the block chain, and only the public key CA certificate of the other party and the signature of the public key CA certificate on the commitment of the transaction need to be stored by the transaction related party under the chain.
6. The block chain network of the invention can adopt the public account book of the traditional mode (bitcoin) to record all transactions, anyone can trace and verify the authenticity of any transaction on the account book at any time, and an irrelevant party of any transaction does not permit to track and obtain the public real-name identity of a relevant party of the transaction.
7. In the invention, both sides of the block chain network downlink transaction process are carried out through the secondary identity structure of the user, the record and confirmation of the transaction by the block chain network are not required to be waited, the record and confirmation process of the transaction is submitted by both sides for post-processing, and the efficient downlink transaction process, namely the transaction is firstly carried out and then the record is carried out.
8. In the invention, the secondary identity structure can solve the basic problem of deep human society. In the construction of a decentralized social network platform, on the basis of how to protect the freedom of the personal online talk and creation behaviors (including audio, video, pictures, characters and other digital creative products), the method simultaneously ensures that the personal digital creative works obtain copyright protection evidences with cryptographic significance and evidence or source-tracing evidences for propagating illegal contents in the propagation process, and a secondary identity structure can provide deep technical support.
Drawings
FIG. 1 is a block chain network secondary identity structure of the present invention.
Fig. 2 is a schematic diagram of a secondary identity structure of a blockchain network node John according to the present invention.
FIG. 3 is a diagram illustrating a secondary identity structure of a blockchain network node Bob according to the present invention.
FIG. 4 is a diagram of a customer John's single public key account with the present inventionTransferring P digital currencies to a Dual public Key AccountA schematic diagram of a payment requiring double signature verification is generated.
FIG. 5 illustrates a customer John using dual public key account according to the present inventionPrimary account number to storeSending P digital currencies for useSchematic diagram of partial commitment signature.
FIG. 6 is a diagram illustrating a store owner Bob sending a verifiable encrypted blockchain transaction chain commitment signature to customer John in accordance with the present invention.
FIG. 7 is a diagram illustrating customer John decrypting and verifying a commitment signature under the blockchain transaction chain in accordance with the present invention.
FIG. 8 illustrates a customer John using dual public key account according to the present inventionPrimary account number to storeSending P digital currencies for useSchematic diagram of partial commitment signature.
FIG. 9 is a diagram illustrating a customer John sending a verifiable encrypted blockchain transaction chain commitment signature to a merchant Bob in accordance with the present invention.
FIG. 10 is a diagram of a store owner Bob decrypting and verifying a commitment signature under a blockchain transaction chain in accordance with the present invention.
Detailed Description
The invention is further described below with reference to the figures and examples.
A block chain transaction supervision method based on a user secondary identity structure combines a primary real-name identity with a secondary anonymous identity, realizes under-chain bidirectional authenticatable signature and verification of point-to-point transaction contents through the primary real-name identity, and simultaneously realizes on-chain tracking and verification of authenticity of public transaction contents through the secondary anonymous identity, wherein the primary real-name identity is represented by a CA (certificate authority) certificate of a user account management (App) designed based on a public key cryptosystem, and the secondary anonymous identity is represented by a user anonymous account designed based on an asymmetric cryptosystem. The CA certificate of the user account management App designed based on the public key cryptosystem refers to a CA certificate which is stored on a block chain public account and issued by a CA mechanism or an intelligent contract or a CA certificate which is issued by the CA mechanism and stored on a central server; the user anonymous account designed based on the asymmetric cryptosystem is generated by a cryptographic hash value of one public key or a mixture of a plurality of public keys belonging to the anonymous account.
The method comprises the following steps:
the method comprises the following steps: the two parties of the transaction firstly sign own anonymous transaction by using the private key of the CA certificate of the two parties of the transaction to form mutual commitment to the transaction; when the transaction initiator anonymous account number is generated by a cryptographic hash value of a mixture of a plurality of public keys, a signature of all private keys of the transaction initiator anonymous account number on the anonymous transaction content is provided.
Step two: and the two transaction parties encrypt the digital signature and the CA certificate of the two transaction parties by using the generated public key of the anonymous account of the other party and send the encrypted digital signature and the CA certificate to the other party.
Step three: the two transaction parties decrypt the received acceptance signature encrypted by the other party and verify the decrypted acceptance signature by using the public key of the CA certificate of the other party.
Step four: judging whether the verification is established or not, and if the verification is established, finishing the down-link transaction; otherwise, the off-link transaction process is terminated.
Take the blockchain transaction process in which customer John purchases a commodity G in p digital cryptocurrency from a network owner Bob.
FIG. 1 is a schematic diagram of the structure of the secondary identity of the present invention. FIG. 2 is a secondary identity structure of block chain node John with anonymous account numbersIs composed of twoRandomly generated public keyAndis generated by a cryptographic hash value, referred to as a multiple public key anonymous account number. Multiple public key anonymous account numbers can be used to construct complex payment commitments for multiple signature verification. Fig. 3 is a secondary identity structure of block link points Bob. As shown in FIGS. 2 and 3, assume that customer John's public identity certificate is CAJohnThe public key is pubKJohnThe private key is priKJohn(ii) a The public identity certificate of the network commodity sales shop owner Bob is CABobThe public key is pubKBobThe private key is priKBob(ii) a An illustrative example is a blockchain network transaction process in which customer John purchases a good G with price p digital cryptocurrency from a network owner Bob. Suppose thatIs an anonymous account number, shorthand, of the customer JohnBy a randomly generated public keyGenerated by cryptographic hashing, the corresponding private key being Is another anonymous account number, shorthand, of customer JohnTwo randomly generated public keysAndis generated by cryptographic hashing, which may be a direct concatenation, logical operation, or other mathematical operation, with the corresponding private key beingAndassuming anonymous account numbersN digital encryption currencies exist, and n is more than or equal to p; suppose thatIs an anonymous account number, brief note, of a network shop owner BobBy a randomly generated public keyGenerated by cryptographic hashing, the private key beingThe data format of the transaction and the script logic of the transaction verification are similar to those of the bitcoin network, and the step of the blockchain network transaction of the customer John buying the commodity G with the price of p digital encryption currencies from the network store owner Bob is as follows:
1) customer John's anonymous account with himselfTo another anonymous account of oneselfSending p digital cryptocurrency John via anonymous accountSigns the contents of the transaction, i.e. calculatessign is a signature operation symbol, as shown in fig. 4; the signature on the transaction is actually a signature on the cryptographic hash value of the transaction content itself,refers to a simplified representation containing a transaction hash signature value and a transaction file, i.e. representing an anonymous account numberTo anonymous account numbersP digital cryptocurrency are sent out,representation by private keyFor transactionThe signature of (2) is the same as the following.
2) As shown in FIG. 5, customer John is anonymous to his own account numberAnonymous account number to store owner BobSending p digital encryption currencies; john through anonymous accountA private key ofPartial signing of transaction contentFirst name, i.e. calculationThen will beAre sent together to
3) The shop owner Bob receivesAndafter the information, recordAs shown in fig. 6, the identity certificate CA is then published by itselfBobPrivate key priKBobTo pairSigning, i.e. calculating commitment signaturesThen the signature value SignBobPublic identity certificate CA of shop owner BobBobMerchant Bob anonymous account numberOf (2) a public keyAnd a nonce generated instantaneously by BobBobConcatenating to obtain a sequence of messagesWith the anonymous account number of the customer JohnOf (2) a public keyEncryptionObtaining an encrypted ciphertextEnc is an encryption operation symbol; then the encrypted ciphertext is encryptedAnonymous account number sent to customer JohnTo pairThe encryption of (1) may use the public key of any anonymous account number of customer John that the network store owner Bob knows, but recommends use of the current anonymous account numberOf (2) a public key
4) As shown in FIG. 7, customer John receives the encrypted ciphertextAfter the information, the account number is anonymous through the userPrivate key ofTo pairPerforming decryption, i.e. calculationTo obtainAs a store owner Bob to the transactionThe verifiable chain promissory signature of (1), Dec is a decryption operation symbol, and is the inverse operation of encryption operation Enc; using public real-name certificates CABobPublic key publicKBobSigning commitmentsPerforming authentication, i.e. verifying If the verification is true, continuing the next step; otherwise, the off-link transaction process is terminated.
5) As shown in FIG. 8, customer John is presented with an anonymous account numberAnother private key ofFor transactionThe content being partially signed, i.e. calculated Note the bookIs that the customer John is through an anonymous account numberReconciled transactionsThe complete commitment of; note the bookIs that the customer John is through an anonymous account numberAndreconciled transactionsThe complete commitment of.
6) As shown in FIG. 9, customer John publishes a certificate CA by himselfJohnPrivate key priKJohnTo pairSigning, i.e. calculating commitment signaturesSign value SignJohnPublic certificate CA with customer JohnJohnAnd a random number nonce generated immediately by customer JohnJohnConcatenating to obtain a sequence of messagesAnd using the anonymous account number of the network shop owner BobOf (2) a public keyTo pairEncrypted to obtain Will encrypt the resultAnonymous account number sent to network store owner Bob
7) As shown in FIG. 10, the network store owner Bob receivesAfter the information, the account number is anonymous through the userPrivate key ofTo pairPerforming decryption, i.e. calculation Get SignJohn||CAJohn||nonceJohnAs a customer John's pair transactionVerifiable commitment signature of (a); using public certificates CAJohnPublic key pubKJohnSign the acceptance SignJohn||CAJohn||nonceJohnPerforming authentication, i.e. verifying If the verification is true, continuing the next step; otherwise, the off-link transaction process is terminated.
8) The network owner Bob initiates a shipping program for the item G purchased by the customer John.
The block chain transaction supervision method based on the user secondary identity structure further comprises the step that one of the two transaction parties carries out duty following on the real-name identity of the default/illegal party under the condition that the other party violates/violates a law, and supposing that the customer John and the network store owner Bob successfully complete the under-chain transaction program for the commodity G through the block chain, but the network store owner Bob does not start the delivery program of the commodity G; in the case that the customer John cannot receive the commodity G, the real-name identity tracing program for the network store owner Bob is started, and the steps are as follows:
step 1: the public real-name certificate CA of the network store owner Bob that the customer John will save in step 4) of the transaction programBobAnd its signed commitment to the transactionSending the information to an issuing organization of an intelligent contract or a public key CA certificate which undertakes block chain transaction supervision;
step 2: the supervisor checks the real name certificate CA of the network shop owner Bob through the certificate revocation listBobPerforming temporary suspension and informing the shop owner to complete the transaction process, starting a delivery program of the purchased commodity G or returning the order of the customer John on the commodity G by p cryptocurrency, or directly deducting p cryptocurrency from the block chain network transaction security deposit of the network shop owner Bob to the customer John; and the penalty is used for maintaining the normal operation cost of the supervisory program according to the scene intensity.
In the block chain transaction supervision method based on the user secondary identity structure, in the step that one of two transaction parties violates/violates the law, and the other party undertakes responsibility for the real-name identity of the violated/violated party, there is a violation behavior of the customer John on the network store owner Bob:
a double-flower transaction is generated immediately after customer John completes the off-chain transaction stepAnd sends it to the blockchain network, which invalidates the customer John's commitment to the network store owner Bob's payment, and a briefWhereinIs an anonymous account number of customer John; when the network store owner Bob encounters a double-flower attack of the customer John, the public identity certificate CA of the customer is utilizedJohnAnd its pair transactionUnder-chain commitment signature SignJohnThe real-name identity accountability program for the customer John is started, and the real-name identity accountability program for the customer John is the same as the real-name identity accountability program for the network store owner Bob.
According to the block chain transaction supervision method based on the user secondary identity structure, two parties conducting transactions through the block chain network do not need to wait for the record and confirmation of the block chain to the transactions, and post-processing is conducted on the record and confirmation process of the transactions, namely when the two parties of the transactions successfully complete the down-chain transaction step and do not find an event of default/violation, both parties of the transactions conduct anonymous transactionsAnd sending to the blockchain network.
Claims (9)
1. A block chain transaction supervision method based on a user secondary identity structure is characterized in that a primary real-name identity is combined with a secondary anonymous identity, the down-chain bidirectional authenticable signature and verification of point-to-point transaction contents are realized through the primary real-name identity, and the on-chain tracking and verification of the authenticity of public transaction contents are realized through the secondary anonymous identity, and the method comprises the following steps:
the method comprises the following steps: the two parties of the transaction firstly sign own anonymous transaction by using the private key of the CA certificate of the two parties of the transaction to form mutual commitment to the transaction;
step two: the two transaction parties encrypt the digital signature and the CA certificate by using the generated public key of the anonymous account of the other party and send the encrypted digital signature and the CA certificate to the other party;
step three: the two transaction parties decrypt the received encrypted commitment signature of the other party and verify the decrypted commitment signature by using the public key of the CA certificate of the other party;
step four: judging whether the verification is established or not, and if the verification is established, finishing the down-link transaction; otherwise, the off-link transaction process is terminated.
2. The method for supervising the block chain transaction based on the secondary identity structure of the user according to claim 1, wherein the primary real-name identity is represented by a CA certificate of an account management App of the user designed based on a public key cryptosystem, and the secondary anonymous identity is represented by an anonymous account of the user designed based on an asymmetric cryptosystem.
3. The method as claimed in claim 2, wherein the CA certificate of the App is a CA certificate stored in a blockchain public account issued by a CA organization or an intelligent contract or a CA certificate stored in a central server and issued by the CA organization; the user anonymous account designed based on the asymmetric cryptosystem is generated by a cryptographic hash value of one public key or a mixture of a plurality of public keys belonging to the anonymous account.
4. The method as claimed in claim 3, wherein in the first step, when the anonymous account number of the transaction initiator is generated from a cryptographic hash value mixed by a plurality of public keys, a signature of all private keys of the anonymous account number of the transaction initiator on the content of the anonymous transaction is provided.
5. The blockchain transaction monitoring method based on user secondary identity structure as in claim 4, wherein the public identity certificate of the customer John is assumed to be CAJohnThe public key is pubKJohnThe private key is priKJohn(ii) a The public identity certificate of the network commodity sales shop owner Bob is CABobThe public key is pubKBobThe private key is priKBob(ii) a Suppose thatIs an anonymous account number, shorthand, of the customer John By a randomly generated public keyGenerated by cryptographic hashing, the corresponding private key being Is another anonymous account number, shorthand, of customer JohnTwo randomly generated public keysAndis generated by cryptographic hashing, with a corresponding private key ofAndassuming anonymous account numbersN digital encryption currencies exist, and n is more than or equal to p; suppose thatIs an anonymous account number, brief note, of a network shop owner BobBy a randomly generated public keyGenerated by cryptographic hashing, the private key beingThe block chain network transaction steps for customer John to purchase item G in p digital cryptocurrency from network owner Bob are as follows:
1) customer John's anonymous account with himselfTo another anonymous account of oneselfSending p digital cryptocurrency John via anonymous accountSigns the contents of the transaction, i.e. calculatessign is a signature operationA symbol; the signature on the transaction is actually a signature on the cryptographic hash value of the transaction content itself,refers to a simplified representation containing a transaction hash signature value and a transaction file, i.e. representing an anonymous account numberTo anonymous account numbersP digital cryptocurrency are sent out,representation by private keyFor transactionThe signature of (3), the following are similar;
2) customer John's anonymous account with himselfAnonymous account number to store owner BobSending p digital encryption currencies; john through anonymous accountA private key ofPartially signing, i.e. computing, transaction contentThen will beAre sent together to
3) The shop owner Bob receivesAndafter the information, recordThen the identity certificate CA is published by the userBobPrivate key priKBobTo pairSigning, i.e. calculating commitment signaturesThen the signature value SignBobPublic identity certificate CA of shop owner BobBobMerchant Bob anonymous account numberOf (2) a public keyAnd a nonce generated instantaneously by BobBobConcatenating to obtain a sequence of messagesWith the anonymous account number of the customer JohnOf (2) a public keyEncryptionObtaining an encrypted ciphertextEnc is an encryption operation symbol; then the encrypted ciphertext is encryptedAnonymous account number sent to customer John
4) Customer John receives the encrypted ciphertextAfter the information, the account number is anonymous through the userPrivate key ofTo pairPerforming decryption, i.e. calculationTo obtainAs a store owner Bob to the transactionCan verify the chainThe next committed signature, Dec is the decryption operation symbol, which is the inverse of the encryption operation Enc; using public real-name certificates CABobPublic key publicKBobSigning commitmentsPerforming authentication, i.e. verifying If the verification is true, continuing the next step; otherwise, terminating the down-link transaction process;
5) customer John with anonymous account numberAnother private key ofFor transactionThe content being partially signed, i.e. calculatedNote the book Is that the customer John is through an anonymous account numberReconciled transactionsThe complete commitment of; note the book Is that the customer John is through an anonymous account numberAndreconciled transactionsThe complete commitment of;
6) customer John publishes certificate CA by himselfJohnPrivate key priKJohnTo pairSigning, i.e. calculating commitment signaturesSign value SignJohnPublic certificate CA with customer JohnJohnAnd a random number nonce generated immediately by customer JohnJohnConcatenating to obtain a sequence of messagesAnd using the anonymous account number of the network shop owner BobOf (2) a public keyTo pairEncrypted to obtain Will encrypt the resultAnonymous account number sent to network store owner Bob
7) The network shop owner Bob receivesAfter the information, the account number is anonymous through the userPrivate key ofTo pairPerforming decryption, i.e. calculationGet SignJohn||CAJohn||nonceJohnAs a customer John's pair transactionVerifiable promise signA name; using public certificates CAJohnPublic key pubKJohnSign the acceptance SignJohn||CAJohn||nonceJohnPerforming authentication, i.e. verifyingIf the verification is true, continuing the next step; otherwise, terminating the down-link transaction process;
8) the network owner Bob initiates a shipping program for the item G purchased by the customer John.
7. The method of claim 5, wherein the method further comprises: the method also comprises the step that one of the two transaction parties carries out tracing to the real-name identity of the default/illegal party under the condition that the other party is illegal, and the customer John and the network store owner Bob are supposed to successfully complete the offline transaction program of the commodity G through the block chain, but the network store owner Bob does not start the delivery program of the commodity G; in the case that the customer John cannot receive the commodity G, the real-name identity tracing program for the network store owner Bob is started, and the steps are as follows:
step 1: the public real-name certificate CA of the network store owner Bob that the customer John will save in step 4) of the transaction programBobAnd its signed commitment to the transactionSending the information to an issuing organization of an intelligent contract or a public key CA certificate which undertakes block chain transaction supervision;
step 2: the supervisor program is networked through certificate revocation listReal name certificate CA of merchant BobBobPerforming temporary suspension and informing the shop owner to complete the transaction process, starting a delivery program of the purchased commodity G or returning the order of the customer John on the commodity G by p cryptocurrency, or directly deducting p cryptocurrency from the block chain network transaction security deposit of the network shop owner Bob to the customer John; and the penalty is used for maintaining the normal operation cost of the supervisory program according to the scene intensity.
8. The method of claim 7, wherein the method further comprises: in the step of tracing the real-name identity of the default/illegal party by one of the two parties of the transaction under the condition of default/illegal, there is a default behavior of the customer John to the network store owner Bob:
a double-flower transaction is generated immediately after customer John completes the off-chain transaction stepAnd sends it to the blockchain network, which invalidates the customer John's commitment to the network store owner Bob's payment, and a briefWhereinIs an anonymous account number of customer John; when the network store owner Bob encounters a double-flower attack of the customer John, the public identity certificate CA of the customer is utilizedJohnAnd its pair transactionUnder-chain commitment signature SignJohnThe real-name identity accountability program for the customer John is started, and the real-name identity accountability program for the customer John is the same as the real-name identity accountability program for the network store owner Bob.
9. The user secondary identity structure based blockchain transaction of claim 7The supervision method is characterized in that two parties carrying out transaction through a blockchain network do not need to wait for the record and confirmation of the blockchain to the transaction, and carry out post-processing on the record and confirmation process of the transaction, namely when the two parties successfully complete the step of the down-chain transaction and do not find out default/illegal events, the two parties of the transaction can carry out anonymous transactionAnd sending to the blockchain network.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010154432.3A CN111369251B (en) | 2020-03-07 | 2020-03-07 | Block chain transaction supervision method based on user secondary identity structure |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010154432.3A CN111369251B (en) | 2020-03-07 | 2020-03-07 | Block chain transaction supervision method based on user secondary identity structure |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111369251A true CN111369251A (en) | 2020-07-03 |
CN111369251B CN111369251B (en) | 2021-09-28 |
Family
ID=71206745
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010154432.3A Active CN111369251B (en) | 2020-03-07 | 2020-03-07 | Block chain transaction supervision method based on user secondary identity structure |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111369251B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116471081A (en) * | 2023-04-18 | 2023-07-21 | 中国石油天然气股份有限公司辽宁销售分公司 | Indoor security anonymous authentication method based on Internet of things technology |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108369697A (en) * | 2015-10-16 | 2018-08-03 | 科因普拉格株式会社 | Recognized certificate based on block chain signs and issues system and method and recognized certificate Verification System and method based on block chain |
CN108418689A (en) * | 2017-11-30 | 2018-08-17 | 矩阵元技术(深圳)有限公司 | A kind of the zero-knowledge proof method and medium of suitable block chain secret protection |
US10102526B1 (en) * | 2017-03-31 | 2018-10-16 | Vijay K. Madisetti | Method and system for blockchain-based combined identity, ownership, integrity and custody management |
CN108764874A (en) * | 2018-05-17 | 2018-11-06 | 深圳前海微众银行股份有限公司 | Anonymous refund method, system and storage medium based on block chain |
CN110728576A (en) * | 2019-08-19 | 2020-01-24 | 湖南科技学院 | Decentralized anonymous data transaction method based on zero knowledge proof |
-
2020
- 2020-03-07 CN CN202010154432.3A patent/CN111369251B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108369697A (en) * | 2015-10-16 | 2018-08-03 | 科因普拉格株式会社 | Recognized certificate based on block chain signs and issues system and method and recognized certificate Verification System and method based on block chain |
US10102526B1 (en) * | 2017-03-31 | 2018-10-16 | Vijay K. Madisetti | Method and system for blockchain-based combined identity, ownership, integrity and custody management |
CN108418689A (en) * | 2017-11-30 | 2018-08-17 | 矩阵元技术(深圳)有限公司 | A kind of the zero-knowledge proof method and medium of suitable block chain secret protection |
CN108764874A (en) * | 2018-05-17 | 2018-11-06 | 深圳前海微众银行股份有限公司 | Anonymous refund method, system and storage medium based on block chain |
CN110728576A (en) * | 2019-08-19 | 2020-01-24 | 湖南科技学院 | Decentralized anonymous data transaction method based on zero knowledge proof |
Non-Patent Citations (1)
Title |
---|
李强 等: "《第六届中国指挥控制大会论文集(下册)》", 2 July 2018 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116471081A (en) * | 2023-04-18 | 2023-07-21 | 中国石油天然气股份有限公司辽宁销售分公司 | Indoor security anonymous authentication method based on Internet of things technology |
CN116471081B (en) * | 2023-04-18 | 2023-12-12 | 中国石油天然气股份有限公司辽宁销售分公司 | Indoor security anonymous authentication method based on Internet of things technology |
Also Published As
Publication number | Publication date |
---|---|
CN111369251B (en) | 2021-09-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111008836B (en) | Privacy security transfer payment method, device, system and storage medium | |
CN108389046B (en) | Privacy protection transaction method based on block chain technology in electronic commerce | |
Alketbi et al. | Blockchain for government services—Use cases, security benefits and challenges | |
CN108009917B (en) | Transaction verification and registration method and system for digital currency | |
CN108418680B (en) | Block chain key recovery method and medium based on secure multi-party computing technology | |
CN110147994A (en) | A kind of instant execution method of the block chain based on homomorphic cryptography | |
Li et al. | RZKPB: A privacy-preserving blockchain-based fair transaction method for sharing economy | |
CN110612547A (en) | System and method for information protection | |
CN111064734B (en) | Block chain system user identity anonymity and traceable method, corresponding storage medium and electronic device | |
CN110719176A (en) | Logistics privacy protection method and system based on block chain and readable storage medium | |
Li et al. | A decentralized and secure blockchain platform for open fair data trading | |
Zhang et al. | An anonymous off-blockchain micropayments scheme for cryptocurrencies in the real world | |
Cha et al. | Blockchain based sensitive data management by using key escrow encryption system from the perspective of supply chain | |
CN114580029A (en) | Block chain digital asset privacy protection method, device, equipment and storage medium | |
CN112801778A (en) | Federated bad asset blockchain | |
Zhou et al. | Distributed bitcoin account management | |
Aggarwal et al. | History of blockchain-blockchain 1.0: Currency | |
Mamunts et al. | The use of authentication technology blockchain platform for the marine industry | |
Thapa et al. | SPA: A secure and private auction framework for decentralized online social networks | |
Islam et al. | A low-cost cross-border payment system based on auditable cryptocurrency with consortium blockchain: Joint digital currency | |
Iwasokun et al. | Encryption and tokenization-based system for credit card information security | |
Mukte et al. | Smart Data Transfer for Data Monetization | |
Islam | A privacy-preserving transparent central bank digital currency system based on consortium blockchain and unspent transaction outputs | |
CN111369251B (en) | Block chain transaction supervision method based on user secondary identity structure | |
CN107403310A (en) | Payment system and its method of payment under quantum Metropolitan Area Network (MAN) |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |