CN111385096A - Block chain network, signature processing method, terminal and storage medium - Google Patents

Block chain network, signature processing method, terminal and storage medium Download PDF

Info

Publication number
CN111385096A
CN111385096A CN201811626266.1A CN201811626266A CN111385096A CN 111385096 A CN111385096 A CN 111385096A CN 201811626266 A CN201811626266 A CN 201811626266A CN 111385096 A CN111385096 A CN 111385096A
Authority
CN
China
Prior art keywords
signature
node
result
public key
composite
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811626266.1A
Other languages
Chinese (zh)
Other versions
CN111385096B (en
Inventor
张�林
黄海泉
孙海波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Wodong Tianjun Information Technology Co Ltd
Original Assignee
Beijing Wodong Tianjun Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Wodong Tianjun Information Technology Co Ltd filed Critical Beijing Wodong Tianjun Information Technology Co Ltd
Priority to CN201811626266.1A priority Critical patent/CN111385096B/en
Publication of CN111385096A publication Critical patent/CN111385096A/en
Application granted granted Critical
Publication of CN111385096B publication Critical patent/CN111385096B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Mathematical Optimization (AREA)
  • Health & Medical Sciences (AREA)
  • Mathematical Physics (AREA)
  • Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Pure & Applied Mathematics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Biodiversity & Conservation Biology (AREA)
  • Biomedical Technology (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention provides a block chain network, a signature processing method, a terminal and a storage medium, wherein the signature processing method of the block chain network comprises the following steps: deploying a signature verification node and at least two signature nodes in a blockchain network, further comprising: receiving information to be signed through the at least two signature nodes respectively, carrying out digital signature on the information to be signed, generating signature results corresponding to the signature nodes respectively, and sending the generated signature results to the signature verification nodes; and aggregating at least two signature results through the signature verification node to generate a composite signature result, and verifying the validity of the composite signature result.

Description

Block chain network, signature processing method, terminal and storage medium
Technical Field
The present invention relates to communications technologies, and in particular, to a blockchain network, a signature processing method, a terminal, and a storage medium.
Background
In the process of implementing the present invention, the inventor finds that in the related art blockchain system, sometimes a plurality of entities are needed to determine a same thing, for example, a plurality of managers dominate and manage a same transaction, and at this time, the plurality of managers all need to perform signature calculation on the same transaction, so as to complete the asset transfer corresponding to the transaction.
If Signature calculation is performed on the transaction by using a Signature Algorithm of the related art, such as an Elliptic Curve Digital Signature Algorithm (ECDSA), the validity of a plurality of Signature results can be obtained only by verifying the Signature results of a plurality of managers one by a verifier. When the number of managers is large, the calculation cost of the signer is large, so that the signature verification efficiency for a plurality of signature results is low, and the throughput of the block chain system is seriously influenced.
Disclosure of Invention
In view of the above, embodiments of the present invention are directed to a block chain network, a signature processing method, a terminal and a storage medium, which are at least used to improve efficiency of signature verification for multiple signature results.
In order to achieve the above purpose, the technical solution of the embodiment of the present invention is realized as follows:
in a first aspect, an embodiment of the present invention provides a blockchain network, where the blockchain network includes:
the number of the signing nodes is at least two, and the signing nodes are respectively used for executing the following operations in a process responding to the signing task: receiving information to be signed, carrying out digital signature on the information to be signed, generating signature results corresponding to the information to be signed, and sending the generated signature results to signature verification nodes;
and the signature verification node is used for aggregating the received signature results of the signature nodes aiming at the information to be signed respectively to generate a composite signature result and verifying the validity of the composite signature result.
In a second aspect, an embodiment of the present invention further provides a signature processing method for a blockchain network, where a signature verification node and at least two signature nodes are deployed in the blockchain network, and the method further includes:
receiving information to be signed through the at least two signature nodes respectively, carrying out digital signature on the information to be signed, generating signature results corresponding to the signature nodes respectively, and sending the generated signature results to the signature verification nodes;
and aggregating at least two signature results through the signature verification node to generate a composite signature result, and verifying the validity of the composite signature result.
In a third aspect, an embodiment of the present invention further provides a terminal, where the terminal includes:
the receiving unit is used for receiving the information to be signed;
the signature generation unit is used for carrying out digital signature on the information to be signed and generating a corresponding signature result;
the sending unit is used for sending the signature results of the at least two signature generation units aiming at the information to be signed to a signature verification node so that the signature verification node can aggregate the at least two signature results to generate a composite signature result, and the validity of the composite signature result is verified.
In a fourth aspect, an embodiment of the present invention further provides a block chain network, where the block chain network includes:
a memory for storing executable instructions;
and the processor is used for realizing the signature processing method of the block chain network provided by the embodiment of the invention when the executable instruction stored in the memory is executed.
In a fifth aspect, an embodiment of the present invention further provides a storage medium, which stores executable instructions, and when the executable instructions are executed, the storage medium is configured to implement the signature processing method for a blockchain network provided in the embodiment of the present invention.
By applying the block chain network, the signature processing method, the terminal and the storage medium provided by the embodiment of the invention, the following beneficial effects can be realized:
the signature results of the digital signature of the same information to be signed are aggregated by the plurality of signature nodes to generate a composite signature result, so that the signature verification node can verify the validity of the plurality of signature results only by performing signature verification operation on the composite signature result once. Therefore, the efficiency of the signature verification node for verifying the signature of the plurality of signature results can be effectively improved, and the throughput of the block chain system is improved so as to meet the service requirements of corresponding scenes.
Drawings
Fig. 1 is a functional architecture diagram of a blockchain network according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of an organization of a blockchain network according to an embodiment of the present invention;
fig. 3 is a schematic diagram of an alternative hardware structure of a signature node according to an embodiment of the present invention;
fig. 4 is a schematic flow chart illustrating an implementation of a signature processing method for a blockchain network in the related art;
fig. 5 is a schematic flowchart of an alternative implementation of a signature processing method for a blockchain network according to an embodiment of the present invention;
fig. 6 is a schematic flowchart of another alternative implementation of a signature processing method for a blockchain network according to an embodiment of the present invention;
fig. 7 is a schematic diagram of an alternative component structure of a block chain network according to an embodiment of the present invention;
fig. 8 is an optional structural diagram of a signature node according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail with reference to the accompanying drawings, the described embodiments should not be construed as limiting the present invention, and all other embodiments obtained by a person of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.
It should be noted that in the following description, reference is made to "some embodiments" which describe a subset of all possible embodiments, but it is understood that "some embodiments" may be the same subset or different subsets of all possible embodiments, and may be combined with each other without conflict.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used in the description of the embodiments of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention.
Before further detailed description of the embodiments of the present invention, terms and expressions referred to in the embodiments of the present invention will be described below, and the terms and expressions referred to in the embodiments of the present invention will be explained below.
1) Transaction (Transaction), equivalent to the computer term "thing", is used to refer to a series of Key-Value pairs of data updates in the ledger data by invoking an intelligent contract deployed in a blockchain network and by adding, checking and changing operations in the intelligent contract, thereby causing changes to the Key-Value pairs recorded in the ledger data, and not to refer to transactions in a business context alone, and embodiments of the present invention follow this convention in view of the convention that "transactions" are colloquially used in blockchain technology.
2) A Block (Block) recording a data structure of the ledger data updated by the exchange within a period of time, marked with a timestamp and a unique mark (e.g. a digital fingerprint) of a previous Block, and after the Block is subjected to consensus verification by nodes in the Block chain network, the Block is appended to the end of the Block chain to become a new Block.
3) Block Chain (Block Chain), a Chain of data structures composed of blocks in a sequentially contiguous manner, in each Block referencing the hash value of the previous Block or a subset thereof, thus cryptographically guaranteeing the recorded transaction as being tamper-proof and forgery-proof.
4) A blockchain network incorporates new blocks into a set of centerless nodes of the blockchain in a consensus manner.
5) The account book (Legger) is the sum of data recorded by taking an account as a dimension in a block chain network, and comprises the elements of the account book data, the state of the account book, the state certification of the account book, a block index and the like.
6) The ledger data, the actual block data storage, i.e. the record of a series of ordered and non-falsifiable transactions recorded in the block chain, may be expressed in the form of a file system, and the update of the data in the account/account is realized when an intelligent contract called in the transaction is executed.
7) The ledger state, also referred to as state data, i.e. the state of the ledger data, may be in the form of key-value pairs in the database terminal, where the real-time ledger state is used to represent the latest record of key-value pairs updated by the agreed-upon exchange and the historical ledger state is used to represent the historical record of key-value pairs.
8) Presence attestation is attestation of authenticity of presence of the account data implemented in cryptographic manner, such as attestation of the way the account data computes a merkel (Merkle) tree.
9) Consensus (Consensus), a process in a blockchain network, is used to agree on a transaction among multiple nodes involved, and the mechanisms for achieving Consensus include Proof of workload (PoW, Proof of Work), Proof of rights and interests (PoS, Proof of stamp), Proof of equity authority (DPoS), Proof of Elapsed Time (PoET, Proof of Elapsed Time), bypath fault tolerance (PBFT), etc.
10) Intelligent Contracts (Smart Contracts), also called Chain codes (Chain codes), are programs deployed in blockchain networks that trigger execution according to conditions, and run in a secure container to initialize and manage ledger data and ledger states.
11) In response to the condition or state on which the performed operation depends, one or more of the performed operations may be in real-time or may have a set delay when the dependent condition or state is satisfied; there is no restriction on the order of execution of the operations performed unless otherwise specified.
An exemplary functional architecture of a blockchain network for implementing an embodiment of the present invention is described below, referring to fig. 1, fig. 1 is a functional architecture schematic diagram of a blockchain network provided in an embodiment of the present invention, a functional architecture of the blockchain network 100 includes an application layer 101, a consensus layer 102, a network layer 103, a data layer 104, and a resource layer 105, which are described below respectively.
The resource layer 105 encapsulates various available computing and storage resources, such as those in computers, servers/clusters, and clouds, abstracts and provides a uniform interface to the data layer 104 to mask the variability of the underlying hardware implementing the resource layer 105.
The computing resources include various forms of processors such as a Central Processing Unit (CPU), an Application Specific Integrated Circuit (ASIC), and a Field-Programmable Gate Array (FPGA).
The storage resources include various types of storage media such as various volatile memories and nonvolatile memories. The nonvolatile Memory may be a Read Only Memory (ROM) or a Programmable Read-Only Memory (PROM). Volatile Memory can be Random Access Memory (RAM), which acts as external cache Memory.
The computing resources and storage resources of the resource layer 105 may be mapped to various types of nodes in the blockchain network, and the storage medium implementing an embodiment of the present invention stores executable instructions for implementing the signature processing method of the blockchain network of an embodiment of the present invention, and once the executable instructions deployed to the nodes of the blockchain network are executed, the underlying resources (e.g., various types of processors) implementing the nodes will implement the deployment of various types of nodes in the blockchain network and execute the functions of the various types of nodes, thereby implementing ledgers for transactions in business processes and various applications based on the ledgers.
By way of example, executable instructions may be written in any form of programming language, including compiled or interpreted languages, or declarative or procedural languages, in the form of software (including system programs and applications), software modules, scripts, plug-ins, and the like, and may be deployed in any form, including as a stand-alone program or as a module, component, or other unit suitable for use in a computing environment.
Data layer 104 encapsulates various data structures that implement the ledger, including ledger data implemented in a file system, ledger state and presence proofs implemented in a database form.
Network layer 103 encapsulates point-to-point (P2P) network protocols, data propagation and verification mechanisms, access and authentication mechanisms, and service agent identities. The P2P network protocol realizes communication among nodes in the blockchain network, a data propagation mechanism ensures the propagation of transaction/transaction results in the blockchain network, and a data verification mechanism is used for realizing the reliability of data transmission among the nodes based on an encryption method (such as a digital certificate, a digital signature and a public key/private key pair); the access and authentication mechanism is used for managing the access and authentication of the terminal based on the identity of the service subject.
The consensus layer 102 encapsulates mechanisms for achieving consistency of transaction results propagated in the block chain, including POS, POW, DPOS, etc., and supports pluggable consensus mechanisms.
The application layer 101 encapsulates various services that the blockchain network can implement, including transaction settlement, tracing, and evidence storage.
Based on the above description of the functional architecture of the blockchain network, an exemplary organization architecture of the blockchain network implementing the embodiment of the present invention is described next, referring to fig. 2, fig. 2 is a schematic diagram of an organization architecture of the blockchain network provided by the embodiment of the present invention, where a blockchain network 100 includes at least two signature nodes 110 and one signature verification node 120, and as an example, only a signature node 110-1 and a signature node 110-2 are shown in fig. 2; the signature node 110-1 and the signature node 110-2 are deployed correspondingly for roles realized in the service by two different service entities participating in the service; the signature verification node 120 is deployed for verifying the signature result of the information to be signed for the two signature nodes 110-1 and 110-2, and the signature verification node 120 is connected with the signature nodes 110-1 and 110-2 respectively. In the block chain network 100, the signature nodes 110-1 and 110-2 respectively receive information to be signed, digitally sign the information to be signed, generate respective corresponding signature results, and send the respective corresponding signature results to the signature verification node 120; the signature verification node 120 aggregates the two received signature results to generate a composite signature result and verifies the validity of the composite signature result, and displays various intermediate results or final results on the user interface 310 of the terminal 300, for example, the result of the validity verification for the composite signature result, which is sent to the terminal 300 by the signature verification node 120 through the network 200, may be displayed. The network 200 may be a wide area network or a local area network, or a combination thereof, and uses a wireless link to realize data transmission.
An exemplary hardware structure of the blockchain network 100 implementing the embodiment of the present invention is described below by taking the signature node 110 as an example, and it can be understood that the hardware structures of other nodes in the blockchain network 100, such as the signature verification node 120, may be implemented correspondingly according to the hardware structure of the signature node 110.
Referring to fig. 3, fig. 3 is a schematic diagram of an optional hardware structure of the signature node 110 according to an embodiment of the present invention, where the signature node 110 may be multiple servers or multiple clients, and according to the hardware structure of the signature node 110 shown in fig. 3, other exemplary hardware structures of the signature node 110 may be foreseen, and therefore, the hardware structure described herein should not be considered as a limitation, for example, some components described below may be omitted, or components not described below may be added to adapt to special needs of some application scenarios.
The signing node 110 shown in fig. 3 may include: at least one processor 1101, memory 1102, a user interface 1103, and at least one network interface 1104. The various components in signature node 110 are coupled together by a bus system 1105. It will be appreciated that the bus system 1105 is used to enable communications among the components. The bus system 1105 includes a power bus, a control bus, and a status signal bus in addition to a data bus. For clarity of illustration, however, the various buses are labeled in fig. 3 as the bus system 1105.
The user interface 1103 may include, among other things, a display, a keyboard, a mouse, a trackball, a click wheel, keys, buttons, a touch pad, or a touch screen.
It will be appreciated that the memory 1102 can be either volatile memory or nonvolatile memory, and can include both volatile and nonvolatile memory. The memory 1102 described in connection with the embodiments of the invention is intended to comprise these and any other suitable types of memory.
Memory 1102 in embodiments of the present invention is used to store executable instructions 11021 or an operating system 11022 to support the operation of signing node 110. Examples of these executable instructions 11021 include: various forms of software modules, such as programs, plug-ins, and scripts, for operating on the signing node 110 may include, for example, an operating system and application programs, where the operating system includes various system programs and drivers, such as a framework layer, a core library layer, a driver layer, etc., for implementing various underlying services and handling the tasks of the underlying hardware. The application programs may include programs that implement various functions of the signing node 110.
The signature processing method for the blockchain network disclosed by the embodiment of the invention can be applied to the processor 1101 or implemented by the processor 1101. The Processor 1101 may be an integrated circuit chip having Signal processing capabilities, for example, the Processor 1101 described above may be a general purpose Processor, a Digital Signal Processor (DSP), or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, or the like, wherein the general purpose Processor may be a microprocessor or any conventional Processor or the like.
In combination with the above description, the signature processing method for implementing the blockchain network provided by the embodiment of the present invention may also be directly embodied as the software module executed by the processor 1101 in the different forms described above, where the software module may be located in a storage medium, and the storage medium is located in the memory 1102. In an exemplary embodiment, the storage medium may be a storage medium such as an optical disc, a flash memory, or a magnetic disc, and may optionally be a non-transitory storage medium. The storage medium stores executable instructions 11021 thereon, and when the executable instructions 11021 are executed, the signature processing method of the block chain network provided by the embodiment of the invention is implemented.
Next, a process of processing the signature results of a plurality of signers in the related art will be described. Referring to fig. 4, fig. 4 is a schematic diagram illustrating an implementation flow of a signature processing method for a blockchain network in the related art, where the signature processing method for a blockchain network in the related art mainly includes the following steps:
step 401: the signers generate respective corresponding public and private key pairs, which include public and private keys.
Here, the signer may generate a corresponding public-private key pair based on key generation algorithms, wherein the key generation algorithms include a symmetric key generation algorithm and an asymmetric key generation algorithm. In order to improve the security of the key and to ensure the non-tamper-ability of the signing result of the signer, it is preferred that the key generation algorithm be an asymmetric key generation algorithm.
Signing by adopting an elliptic curve digital signature algorithm in the related technology, and if an elliptic curve is marked as E, the E is in a prime number field EpThe group above (the group may be constituted by positive integer points in the elliptic curve E) may be denoted as E (F)p) The base point of the elliptic curve E is denoted by B, and the number of the group elements is denoted by # E (F)p) Can be represented by the formula # E (F)p)=l2cCalculating the elliptic curve E in the prime number field FpThe number of group elements in the above group, wherein l is a large prime number, and c may be usually 2 or 3.
Assuming that a private key of a signer randomly generated by using a key generation algorithm is denoted as k, the length of k is n bits, and a public key of the signer is denoted as a, the public key a can be obtained by the following method: where B is represented as the base point of the elliptic curve E, s is represented as the digest extracted on the private key k, and the size of s depends on the length of the private key k, and may be obtained, for example, by: s ═ H0,…,n-1(k) That is, s is the digest output value of the first n bits of the hash function H by taking the private key k, where the total output length of H is 2n bits.
Step 402: and signing the information to be signed based on the private key, the public key and the information to be signed of the signer, and generating a corresponding signature result.
Step 403: in synchronization with step 402, the signature results of other signers for the information to be signed are calculated.
Here, when the information to be signed is denoted as M, the signature result of the signer for the information to be signed is denoted as (R, S), and for (R, S), R denotes a commitment value in the signature result, and S denotes a proof value in the signature result, then R can be obtained by: r ═ rB, where R denotes a hash value, i.e., a digest value, based on the private key k and the information M to be signed, and R can be obtained by: r ═ H (H)n,…,2n-1(k) | M), where | represents Hn,…,2n-1(k) The corresponding bit string is connected with the bit string corresponding to the information M to be signed Hn,…,2n-1(k) Representing a digest value that is the digest output value of the last n bits of the hash function H taken on the private key k. S can be obtained by: s ═ R + H (R | | a | | | M) S mod l, where the meaning and obtaining manner of R in the calculation formula of S are the same as those of the above calculation formula of R, and are not described herein again; h (R A M) represents a digest value obtained by sequentially and sequentially concatenating R, A and M bit strings; mod is a complementation function, i.e., it represents complementation of H (R | | a | | M) s and l.
Here, after a malicious signer obtains the private key of a legitimate signer by an illegal means, the malicious signer may use its own public key and information to be signed, and the computed signature result may not be the signature result corresponding to the legitimate signer, and at this time, the signature result computed by the malicious signer is most likely to be forged and has no security, which directly affects the verification of the signature result by the signer.
Step 404: and the signer verifies the signature result of each signer respectively based on the signature result of each signer and the corresponding public key until the signature results of all the signers are verified, and then determines the final verification result aiming at the same information to be signed.
Here, the signer verifies whether the verification condition is satisfied with the signature result (R, S) of the signer, the public key a of the signer, and the information M to be signed as input values, and so on, the same operation is performed for each signer, and then the final verification result of all the signers for the same information to be signed is determined according to the verification result of each signer, that is, the final verification result is determined by a plurality of results of the signer verifying the signature result of each signer.
It can be seen from the above-mentioned signature processing method flow of the blockchain network in the related art that, in order to complete the verification of the signature results of multiple signers, the signer needs to verify the signature results of the multiple signers one by one, and it is not possible to obtain whether the transfer of the asset corresponding to the transaction can be completed by combining multiple verification results until the signer completes the verification of the signature results of all signers. Because the signature checking cost and the number of the signers are in a linear relation, signature checking is carried out for many times, the signature checking time is prolonged, the signature checking process is very complicated, the signature checking efficiency and the transaction chain linking speed aiming at a plurality of signature results are greatly reduced, and the requirement of carrying out efficient signature checking on the plurality of signature results cannot be met.
In order to meet the requirement of efficient signature verification on a plurality of signature results and improve the throughput of a blockchain system, in an embodiment of the present invention, after a signature verification node and at least two signature nodes are deployed in a blockchain network, a process of verifying a plurality of signature results may be implemented in the following manner, fig. 5 is an optional implementation flow diagram of a signature processing method of a blockchain network provided by an embodiment of the present invention, and referring to fig. 5, an implementation flow of the signature processing method of a blockchain network provided by an embodiment of the present invention may include the following steps:
step 501: the method comprises the steps that information to be signed is received through at least two signature nodes respectively, digital signature is carried out on the information to be signed, corresponding signature results are generated respectively, and the generated signature results are sent to signature verification nodes.
In some embodiments, before digitally signing the information to be signed in this step 501, the method further includes: and performing consensus on the information to be signed in the block chain network to generate the information to be signed after consensus. Correspondingly, for digitally signing the information to be signed, the following method can be adopted: and carrying out digital signature on the information to be signed after consensus.
Specifically, at least two signature nodes are deployed in the blockchain network, and the process of performing consensus on the information to be signed can be understood as a process of agreeing on a transaction, i.e., the information to be signed, between the at least two signature nodes. That is to say, each signature node in the blockchain network votes for the information to be signed, and based on the consensus mechanism adopted in the blockchain network, when the multiple signature nodes involved agree on the transaction, that is, the vote for voting reaches the set condition, the information to be signed can be written into the blockchain network by calling the intelligent contract.
Here, the information to be signed to be commonly identified can be securely transmitted by means of P2P in the blockchain network, so that the information to be signed is broadcast to the whole network, and all signing nodes can commonly identify the information to be signed. Of course, all signing nodes can agree on the information to be signed through an external security network. After all the signature nodes agree on the information to be signed, the agreed information to be signed can be digitally signed.
In some embodiments, before receiving the information to be signed in this step 501, the method further comprises: firstly, the signature node is subjected to registration service of a block chain network; secondly, after the signing node performs registration service to the block chain network, generating a corresponding public and private key pair based on a key generation algorithm, wherein the public and private key pair comprises: a public key and a private key corresponding to the public key; thirdly, determining a public key weight value of the public key of the signature node; and finally, the public key of the signature node and the corresponding public key weight value are sent to a signature verification node so that the signature verification node can generate a composite public key.
Here, the key generation algorithm includes a symmetric key generation algorithm and an asymmetric key generation algorithm. In order to improve the security of the key and to ensure the non-tamper-ability of the signing result of the signer, it is preferred that the key generation algorithm be an asymmetric key generation algorithm.
Here, for generating a corresponding public-private key pair based on a key generation algorithm, the following may be specifically adopted: generating a private key with a set length corresponding to the signature node based on the key generation algorithm; and determining a public key corresponding to the private key, which can be verified in the blockchain network, based on the private key and the set length of the private key.
It should be noted that, only the public key can be verified and displayed in the blockchain network, and for the private key, it is not generally stored in the blockchain network in order to ensure the security of the private key.
Here, the determining the public key weight value of the public key of the signature node may specifically be implemented in the following manner: firstly, connecting bit strings corresponding to public keys of at least two signature nodes to generate a first connection result; secondly, connecting the first connection result with a bit string corresponding to the public key of the signature node respectively to generate a second connection result; and finally, extracting the abstract of the second connection result based on an abstract algorithm, and determining the extracted abstract of the second connection result as a public key weight value of the public key of the signature node.
The digest Algorithm includes a Secure Hash Algorithm (SHA). Wherein SHA is a family of Hash functions, such as SHA-224, SHA-256, SHA-384, and SHA-512 algorithms.
In some embodiments, for digitally signing the information to be signed in this step 501 and generating the signature result corresponding to each, the following method may be specifically adopted: firstly, carrying out digital signature on the information to be signed, and generating a commitment value and a proof value in a signature result corresponding to the signature node; then, based on the commitment value and the proof value in the signature result corresponding to the signature node, the signature result corresponding to the signature node is determined.
The following describes an implementation manner of generating a commitment value and a proof value in a signature result corresponding to the signature node, and specifically includes: extracting a summary from the private key of the signature node based on a summary algorithm; generating a commitment value in a signature result corresponding to the signature node based on the extracted digest of the private key of the signature node and the information to be signed; and the number of the first and second groups,
and generating a proof value in a signature result corresponding to the signature node based on the public key of the signature node, the corresponding public key weight value, the private key of the signature node and the information to be signed.
Specifically, for the summary of private key extraction of the signature node based on a digest algorithm, the digest of private key extraction for the signature node is determined based on the private key of the signature node and the length of a preset private key. For generating the commitment value in the signature result corresponding to the signature node based on the extracted digest of the private key of the signature node and the information to be signed, a bit string corresponding to the digest extracted from the private key of the signature node may be connected to a bit string corresponding to the information to be signed, for example, sequentially connected to obtain a connected bit string value, then the digest is extracted from the connected bit string value, and the commitment value in the signature result corresponding to the signature node is determined according to the extracted digest of the connected bit string value and the base point of the elliptic curve.
For generating a proof value in a signature result corresponding to the signature node based on the public key of the signature node and the corresponding public key weight value, the private key of the signature node, and the information to be signed, a bit string value obtained by connecting a bit string corresponding to the private key of the signature node and a bit string corresponding to the information to be signed may be determined first, a digest may be extracted from the connected bit string value, and then the proof value in the signature result corresponding to the signature node may be determined jointly according to the extracted digest of the connected bit string value, the public key weight value of the public key of the signature node, the challenge value of the signature node, and the digest extracted for the private key of the signature node.
In some embodiments, after the generating of the commitment value in the signature result corresponding to the signature node, the method further comprises:
broadcasting a commitment value in a signature result corresponding to the signature node to a target signature node;
the target signature node is a signature node other than the signature node broadcasting the commitment value in the block chain network.
It should be noted that, here, by means of broadcasting, the commitment values are exchanged among the plurality of signature nodes, so that each signature node in the blockchain network can obtain the commitment value of the target signature node, and thus, a sum of the commitment values can be obtained based on the commitment values of all signature nodes in the blockchain network, so as to determine the challenge values of the signature nodes based on the commitment values of all signature nodes, and further determine the proof value in the signature result corresponding to the signature node. The public key weights of the public keys of different signature nodes are considered in the process of calculating the certification value in the signature result corresponding to the signature node to determine the composite public key, and the result of summing the public keys of all signature nodes is not taken as the composite public key, so that the behavior that a malicious signer forges a legal composite public key and a signature result can be prevented.
Step 502: and aggregating at least two signature results through the signature verification node to generate a composite signature result.
In some embodiments, before aggregating at least two of the signature results in this step 502, the method further comprises:
public keys of at least two signature nodes and corresponding public key weight values are obtained through the signature verification nodes; and compounding the public keys of the at least two signature nodes based on the public key weight values of the public keys of the at least two signature nodes to generate a composite public key.
Specifically, the generation process of the composite public key may be understood as multiplying the public key of each signature node by the corresponding public key weight value, and summing the results of multiplying the public keys of at least two signature nodes by the corresponding public key weight values, so as to obtain the composite public key.
In some embodiments, for aggregating at least two of the signature results in this step 502 to generate a composite signature result, the following may be implemented:
summing commitment values in the signature results corresponding to the at least two signature nodes to obtain a first summation result;
summing the proof values in the signature results corresponding to at least two signature nodes to obtain a second summation result;
determining the composite signature result based on the first summation result and the second summation result.
Step 503: and verifying the validity of the composite signature result through the signature verification node.
In some embodiments, the verification of the validity of the composite signature result in this step 503 may be implemented in the following manner: judging whether a set verification condition is met or not by taking the composite signature result, the composite public key aiming at least two signature nodes and the information to be signed as input values to obtain a judgment result;
and when the judgment result representation meets the verification condition, determining that the composite signature result is valid.
In some embodiments, for determining that the composite signature result is valid when the determination result indicates that the verification condition is satisfied, the following may be performed:
comparing a first reference value, which takes the commitment value, the first coefficient, the composite public key and the challenge value in the composite signature result as factors, with a second reference value, which takes the proof value and the second coefficient in the composite signature result as factors;
when the comparison is the same, determining that the composite signature result is valid;
wherein the challenge value is used to characterize a summary of the following information for the corresponding connection:
and the commitment value, the composite public key and the bit string corresponding to the information to be signed in the composite signature result.
Specifically, the process of determining whether or not the set verification condition is satisfied may be understood as constructing a second reference value that is factorized in the proof value and a second coefficient in the composite signature result; constructing a third reference value that is factored by the commitment value and the first coefficient in the composite signature result; associating the commitment value, the composite public key and the bit string corresponding to the information to be signed in the composite signature result to generate a third association result, extracting an abstract of the third association result, and constructing a fourth reference value taking the first coefficient, the composite public key and the abstract extracted from the third association result as factors; constructing a first reference value that is factored by the third reference value and the fourth reference value; and comparing the first reference value with the second reference value, and determining that the composite signature result is valid when the comparison is the same.
Note that, for example, the first coefficient may be expressed as 2cAnd c may typically take 2 or 3. The second coefficient is determined by multiplying the first coefficient by the base point of the elliptic curve E, and may be expressed as 2, for examplecB, of course, the first coefficient and the second coefficient may be adaptively adjusted according to the needs of the actual situation, and are not limited to the above representation.
The following describes in detail an implementation procedure of a signature processing method for a blockchain network according to an embodiment of the present invention with reference to the accompanying drawings.
Fig. 6 is a schematic diagram of another optional implementation flow of the signature processing method for the blockchain network according to the embodiment of the present invention, and referring to fig. 6, a specific implementation flow of the signature processing method for the blockchain network according to the embodiment of the present invention may include the following steps:
step 601: the signing node is made to a registration service of the blockchain network.
Step 602: and generating a public and private key pair corresponding to the signature node based on a key generation algorithm, wherein the public and private key pair comprises a public key and a private key.
In some embodiments, after the signature node performs registration service to the blockchain network, a private key with a set length corresponding to the signature node is generated based on a key generation algorithm; and determining a public key corresponding to the private key, which can pass verification in the blockchain network, based on the private key of the signature node and the set length of the private key.
It is assumed that in the embodiment of the present invention, the signature node is denoted as Ui,i∈[1,N]N represents the number of signature nodes, wherein N is any positive integer greater than or equal to 2; and marking the label checking node as V.
It should be noted that, in the embodiment of the present invention, a manner of generating a public and private key pair corresponding to a signature node is similar to a manner of generating a public and private key pair in a signature processing method of a block chain network in the related art, and it is assumed that a signature node U is used for signature processingiThe corresponding private key is denoted kiTo sign node UiThe corresponding public key is denoted as AiWherein k isiIs set to be n bits, then AiCan be obtained by the following way: a. thei=siB, wherein B is the base point of the elliptic curve E, siExpressed as a pair of private keys kiExtracted summary, and siIs determined by the private key kiOf (2), in particular, siCan be obtained by the following way: si=H0,…,n-1(ki) I.e. siBy pairing a private key kiAnd taking the digest output value of the first n bits of the hash function H, wherein the total output length of H is 2n bits.
It should be noted that, only the public key can be verified and displayed in the blockchain network, and for the private key, it is not generally stored in the blockchain network in order to ensure the security of the private key.
Step 603: after receiving the information to be signed, at least two signature nodes respectively generate a commitment value in the signature result corresponding to each signature node, and the commitment value is broadcasted to the target signature node to obtain the commitment value in the composite signature result.
Here, the target signature node is a signature node other than the signature node broadcasting the commitment value in the block chain network.
It should be noted that, here, by means of broadcasting, the commitment values are exchanged among the plurality of signature nodes, so that each signature node in the blockchain network can obtain the commitment value of the target signature node, and thus, the commitment values of all signature nodes in the blockchain network can be summed to obtain the commitment value in the composite signature result.
In some embodiments, the commitment value in the signature result corresponding to the signature node may be generated in the following manner: extracting an abstract from a private key of the signature node based on an abstract algorithm; and generating a commitment value in the signature result corresponding to the signature node based on the abstracts of the private keys of the signature nodes and the information to be signed.
Specifically, for the summary of private key extraction for the signature node based on the digest algorithm, the digest of private key extraction for the signature node is determined based on the private key of the signature node and the length of the preset private key. For generating the commitment value in the signature result corresponding to the signature node based on the abstracted private key of the signature node and the information to be signed, the bit string corresponding to the abstracted private key of the signature node may be connected with the bit string corresponding to the information to be signed, for example, sequentially connected to obtain a connected bit string value, then the abstracted bit string value is extracted from the connected bit string value, and the commitment value in the signature result corresponding to the signature node is determined according to the extracted abstracted bit string value of the connection and the base point of the elliptic curve.
Suppose that node U will be signediThe commitment value in the corresponding signature result is marked as RiThen R isiCan be obtained by the following way: ri=riB, wherein B is the base point of the elliptic curve E, riCan be obtained by the following way: r isi=H(Hn,…,2n-1(ki) | M), where | represents Hn,…,2n-1(ki) The corresponding bit string is connected with the bit string corresponding to the information M to be signed in sequence, Hn,…,2n-1(ki) Represents a digest value that is a function of the private key kiAnd taking the digest output value of the last n bits of the hash function H. Recording the commitment value in the composite signature result as R, then R can be obtained by:
Figure BDA0001928052550000171
where N represents the number of signature nodes, RiRepresenting each signature node UiThe commitment value in the corresponding signature result, that is, the commitment value R in the composite signature result may pass the commitment value R for each signature node in the blockchain networkiAnd summing to obtain the final product.
Step 604: the method includes determining a public key weight value of public keys of the signature nodes, and determining a composite public key for the public keys of at least two signature nodes.
Here, the signature node determines a public key weight value of its own public key, and sends its own public key and the corresponding public key weight value to the signature verification node, so that the signature verification node generates a composite public key for the public keys of at least two signature nodes.
Here, the following may be specifically adopted for determining the public key weight value of the public key of the signature node: firstly, connecting bit strings corresponding to public keys of at least two signature nodes to generate a first connection result; secondly, connecting the first connection result with the bit strings corresponding to the public keys of the signature nodes respectively to generate a second connection result; and finally, extracting the abstract of the second connection result based on an abstract algorithm, and determining the extracted abstract of the second connection result as a public key weight value of the public key of the signature node.
Suppose that node U will be signediThe public key weight value of the public key is marked as aiThen a isiCan be obtained by the following way: a isi=H(L||Ai) Wherein L represents the first ligation result, AiRepresenting signature node UiThe public key of (2). L can be obtained by: l ═ A1||…||ANWherein A is1To ANRespectively corresponding to the public keys corresponding to the N signature nodes. Here, to connect the bit strings corresponding to the public keys of at least two signature nodes, it is understood that the bit strings corresponding to the public keys of at least two signature nodes are sequentially connected, for example, the signature node U1Public key A of1Corresponding bit string, and signature node U2Public key A of2Corresponding bit strings are connected, and a node U is signed2Public key A of2Corresponding bit string and signature node U3Public key A of3The corresponding bit string is concatenated, … …, until it is connected to the signature node UNPublic key A ofNThe corresponding bit strings are concatenated.
Here, the following may be specifically adopted for determining the composite public key of the public keys for the at least two signature nodes: and compounding the public keys of the at least two signature nodes based on the public key weight values of the public keys of the at least two signature nodes to generate a composite public key.
Specifically, the generation process of the composite public key may be understood as multiplying the public key of each signature node by the corresponding public key weight value, and summing the results of multiplying the public keys of at least two signature nodes by the corresponding public key weight values, so as to obtain the composite public key. Assuming that the composite public key is denoted as a, a can be obtained by:
Figure BDA0001928052550000181
wherein, aiRepresenting signature node UiPublic key weight value of the public key of (A)iRepresenting signature node UiThe public key of (2).
Step 605: and generating a proof value in the signature result corresponding to the signature node based on the public key of the signature node and the corresponding public key weight value, the private key of the signature node, the information to be signed and the composite public key.
Specifically, the following can be implemented for generating the attestation value in the signature result corresponding to the signature node: firstly, a bit string value obtained by connecting a bit string corresponding to a private key of a signature node and a bit string corresponding to information to be signed is determined, a summary is extracted from the connected bit string value, and then a proof value in a signature result corresponding to the signature node is determined jointly according to the extracted summary of the connected bit string value, a public key weight value of a public key of the signature node, a challenge value of the signature node and the extracted summary of the private key of the signature node.
Suppose that node U will be signediThe corresponding signature result is noted as (R)i,Si) Wherein R isiFor signing a node UiCommitment value in corresponding signature result, SiFor signing a node UiCorresponding proof value in the signature result, then SiCan be obtained by the following way: si=ri+aibsiWherein r isiHas generated signature node UiCommitment value R in corresponding signature resultiThe process of (1) is related, and is not described herein again; b represents a challenge value, then b can be obtained by: and b is H (R | | a | | M), that is, the challenge value represents a digest of the result obtained by sequentially connecting the bit strings corresponding to R, A and M, wherein R represents a commitment value in the composite signature result, a represents a composite public key, and M represents information to be signed.
In the embodiment of the invention, the public key weights of the public keys of different signature nodes are considered in the process of calculating the certification value in the signature result corresponding to the signature node to determine the composite public key, instead of taking the result of summing the public keys of all signature nodes as the composite public key, so that the behavior that a malicious signer forges a legal composite public key and the signature result can be prevented.
Step 606: and summing the proof values in the signature results corresponding to at least two signature nodes to obtain the proof value in the composite signature result.
Assuming that the proof value in the composite signature result is denoted as S, S can be obtained by:
Figure BDA0001928052550000191
where N denotes the number of signature nodes, SiRepresenting each signature node UiThe corresponding proof value in the signature result, i.e. the proof value S in the composite signature result, may pass the proof value S for each signature node in the blockchain networkiAnd summing to obtain the final product.
Step 607: a composite signature result is determined based on the commitment value and the attestation value in the composite signature result.
Step 608: judging whether a set verification condition is met or not by taking the composite signature result, the composite public key aiming at least two signature nodes and the information to be signed as input values to obtain a judgment result; and when the judgment result representation meets the verification condition, determining that the composite signature result is valid.
Here, for determining that the composite signature result is valid when the determination result representation satisfies the verification condition, the following may be implemented:
comparing the commitment value, the first coefficient, the composite public key and the first reference value taking the challenge value in the composite signature result as factors with the proof value in the composite signature result and the second reference value taking the second coefficient as factors; when the comparison is the same, determining that the composite signature result is valid;
wherein the challenge value is used to characterize a summary of the following information for the corresponding connection: and the commitment value, the composite public key and the bit string corresponding to the information to be signed in the composite signature result.
Specifically, the process of determining whether the set verification condition is satisfied may be understood as constructing a second reference value that is factorized in the proof value and the second coefficient in the composite signature result; constructing a third reference value that is factored by the commitment value and the first coefficient in the composite signature result; associating the commitment value, the composite public key and the bit string corresponding to the information to be signed in the composite signature result to generate a third association result, extracting an abstract of the third association result, and constructing a fourth reference value taking the first coefficient, the composite public key and the abstract extracted from the third association result as factors; constructing a first reference value that is factored by the third reference value and the fourth reference value; and comparing the first reference value with the second reference value, and determining that the composite signature result is valid when the comparison of the first reference value and the second reference value is the same.
Here, the second coefficient is determined according to the product of the first coefficient and the base point of the elliptic curve E, and for example, the second coefficient may be expressed as 2cB, of course, the first coefficient and the second coefficient can be adaptively modified according to the needs of actual situations, and are not limited to the above representation.
In the embodiment of the present invention, the verification condition may be represented as 2cSB=2cR+2cbA, of course, the verification condition can be adaptively modified according to the actual requirement, and is not limited to the above representation. In the above expression of the verification condition, 2cRepresenting a first coefficient, c may typically take 2 or 3; 2cB denotes a second coefficient and S denotes a proof value in the composite signature result (R, S), the proof value in the composite signature result (R, S) and the second coefficient 2 are constructedcB is a factor, i.e. the second reference value is the proof value S and the second coefficient 2 in the composite signature resultcB, the product of B. R represents the commitment value in the composite signature result (R, S), and the commitment value R and 2 in the composite signature result (R, S) are calculatedcAnd computing the challenge value, the composite public key and 2cThe sum of the first product and the second product is used as a first reference value, the first reference value and the second reference value are compared, and when the comparison is the same, the composite signature result can be determined to be valid.
Based on the implementation process of the signature processing method for the block chain network provided in the embodiment of the present invention, the following describes a composition structure of the block chain network 100 implementing the embodiment of the present invention with reference to the drawings. Referring to fig. 7, fig. 7 is a schematic diagram of an optional component structure of a blockchain network 100 according to an embodiment of the present invention, where the blockchain network 100 includes: a signature node 110 and a signature verification node 120. The functions of the nodes are explained below.
The number of the signing nodes 110 is at least two, and the signing nodes are respectively used for executing the following operations in the process responding to the signing task: receiving information to be signed, carrying out digital signature on the information to be signed, generating signature results corresponding to the information to be signed, and sending the generated signature results to a signature verification node.
And the signature verification node 120 is configured to aggregate the received signature results of the signature nodes for the information to be signed, generate a composite signature result, and verify the validity of the composite signature result.
In some embodiments, the signing node 110 is further configured to: performing consensus on the information to be signed in the block chain network to generate the information to be signed after consensus;
accordingly, for the signing node 110 to digitally sign the information to be signed, the following method can be adopted: and carrying out digital signature on the information to be signed after consensus.
In some embodiments, the signing node 110 is further configured to:
after proceeding with a registration service to the blockchain network, generating a corresponding public-private key pair based on a key generation algorithm, wherein the public-private key pair comprises: a public key and a private key corresponding to the public key;
and determining a public key weight value of the public key of the signature node, and sending the public key of the signature node and the corresponding public key weight value to the signature verification node so that the signature verification node can generate a composite public key.
In some embodiments, for the signing node 110 to generate a corresponding public-private key pair based on a key generation algorithm, the following method may be specifically adopted:
generating a private key with a set length corresponding to the signature node based on the key generation algorithm;
and determining a public key corresponding to the private key, which can be verified in the blockchain network, based on the private key and the set length of the private key.
In some embodiments, the determining, by the signing node 110, a public key weight value of a public key of the signing node may specifically be implemented in the following manner:
connecting bit strings corresponding to public keys of at least two signature nodes to generate a first connection result;
connecting the first connection result with a bit string corresponding to the public key of the signature node respectively to generate a second connection result;
and extracting an abstract of the second connection result based on an abstract algorithm, and determining the extracted abstract of the second connection result as a public key weight value of the public key of the signature node.
In some embodiments, the signature verification node 120 is further configured to: public keys of at least two signature nodes and corresponding public key weight values are obtained;
and compounding the public keys of the at least two signature nodes based on the public key weight values of the public keys of the at least two signature nodes to generate a composite public key.
In some embodiments, for the signing node 110 to digitally sign the information to be signed and generate a corresponding signature result, the following may be implemented:
carrying out digital signature on the information to be signed, and generating a commitment value and a proof value in a signature result corresponding to the signature node;
and determining the signature result corresponding to the signature node based on the commitment value and the proof value in the signature result corresponding to the signature node.
In some embodiments, for the signing node 110 to digitally sign the information to be signed and generate the commitment value and the proof value in the signature result corresponding to the signing node, the following method may be specifically adopted:
extracting a summary from the private key of the signature node based on a summary algorithm;
generating a commitment value in a signature result corresponding to the signature node based on the extracted digest of the private key of the signature node and the information to be signed; and the number of the first and second groups,
and generating a proof value in a signature result corresponding to the signature node based on the public key of the signature node, the corresponding public key weight value, the private key of the signature node and the information to be signed.
In some embodiments, the signing node 110 is further configured to: broadcasting a commitment value in a signature result corresponding to the signature node to a target signature node;
the target signature node is a signature node other than the signature node broadcasting the commitment value in the block chain network.
In some embodiments, for the signature verifying node 120 to aggregate the signature results of at least two signature nodes for the information to be signed, and generate a composite signature result, the following may be implemented:
summing commitment values in the signature results corresponding to the at least two signature nodes to obtain a first summation result;
summing the proof values in the signature results corresponding to at least two signature nodes to obtain a second summation result;
determining the composite signature result based on the first summation result and the second summation result.
In some embodiments, verifying the validity of the composite signature result by the signature verification node 120 may be implemented as follows:
judging whether a set verification condition is met or not by taking the composite signature result, the composite public key aiming at least two signature nodes and the information to be signed as input values to obtain a judgment result;
and when the judgment result representation meets the verification condition, determining that the composite signature result is valid.
In some embodiments, for the signature verification node 120 to determine that the composite signature result is valid when the determination result represents that the verification condition is satisfied, the following may be implemented:
comparing a first reference value, which takes the commitment value, the first coefficient, the composite public key and the challenge value in the composite signature result as factors, with a second reference value, which takes the proof value and the second coefficient in the composite signature result as factors;
when the comparison is the same, determining that the composite signature result is valid;
wherein the challenge value is used to characterize a summary of the following information for the corresponding connection: and the commitment value, the composite public key and the bit string corresponding to the information to be signed in the composite signature result.
It should be particularly noted that the above description related to the composition structure of the blockchain network 100 is similar to the above description of the signature processing method of the blockchain network, and the description of the beneficial effects of the method is not repeated herein. For technical details not disclosed in the embodiment of the block chain network 100 of the present invention, please refer to the description of the method embodiment of the present invention.
The following describes the composition structure of the terminal, i.e., the signature node 110, with reference to the drawings. Referring to fig. 8, fig. 8 is a schematic diagram of an optional constituent structure of a signature node 110 according to an embodiment of the present invention, where the signature node 110 includes: a receiving unit 81, a signature generating unit 82, and a transmitting unit 83. The functions of the program units will be explained below.
A receiving unit 81, configured to receive information to be signed.
And the signature generating unit 82 is used for carrying out digital signature on the information to be signed and generating a corresponding signature result.
The sending unit 83 is configured to send the signature result of each of the at least two signature generating units 82 for the information to be signed to the signature verification node 120, so that the signature verification node 120 aggregates the at least two signature results to generate a composite signature result, and verifies the validity of the composite signature result.
It should be noted that, the signature node 110 provided in the above embodiment is only illustrated by the above division of each program unit when generating the signature result, and in practical applications, the above processing may be distributed to different program units according to needs, that is, the internal structure of the signature node 110 is divided into different program units to complete all or part of the above described processing.
In practical applications, the receiving unit 81 and the sending unit 83 in the signing node 110 can be implemented by a communication module (including a basic communication suite, an operating system, a communication module, a standardized interface, a protocol, and the like) and a transceiving antenna, and the like; the signature generating unit 82 in the signature node 110 may be implemented by a CPU, a microprocessor unit (MPU), a DSP or an FPGA on the server.
In summary, the embodiments of the present invention have the following beneficial effects:
1) the efficiency of the signature verification node for verifying the signature of the plurality of signature results can be effectively improved, and the throughput of the block chain system is improved so as to meet the service requirements of corresponding scenes.
2) The composite public key is determined by using the public key weight value of the public key of the signature node, so that the behavior of a malicious signer for forging a legal composite public key and a signature result can be resisted, and the safety of the composite public key and the signature result is improved.
3) The efficiency of the signature verification node on a plurality of signature results is improved, and meanwhile, the uplink transaction speed can be improved.
The technical solutions described in the embodiments of the present invention can be arbitrarily combined without conflict.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.

Claims (27)

1. A blockchain network, the blockchain network comprising:
the number of the signing nodes is at least two, and the signing nodes are respectively used for executing the following operations in a process responding to the signing task: receiving information to be signed, carrying out digital signature on the information to be signed, generating signature results corresponding to the information to be signed, and sending the generated signature results to signature verification nodes;
and the signature verification node is used for aggregating the received signature results of the signature nodes aiming at the information to be signed respectively to generate a composite signature result and verifying the validity of the composite signature result.
2. The blockchain network of claim 1,
the signature node is further configured to:
after proceeding with a registration service to the blockchain network, generating a corresponding public-private key pair based on a key generation algorithm, wherein the public-private key pair comprises: a public key and a private key corresponding to the public key;
and determining a public key weight value of the public key of the signature node, and sending the public key of the signature node and the corresponding public key weight value to the signature verification node so that the signature verification node can generate a composite public key.
3. The blockchain network of claim 2,
the signature node is specifically configured to:
generating a private key with a set length corresponding to the signature node based on the key generation algorithm;
and determining a public key corresponding to the private key, which can be verified in the blockchain network, based on the private key and the set length of the private key.
4. The blockchain network of claim 2,
the signature node is specifically configured to:
connecting bit strings corresponding to public keys of at least two signature nodes to generate a first connection result;
connecting the first connection result with a bit string corresponding to the public key of the signature node respectively to generate a second connection result;
and extracting an abstract of the second connection result based on an abstract algorithm, and determining the extracted abstract of the second connection result as a public key weight value of the public key of the signature node.
5. The blockchain network of claim 1,
the signature verification node is further configured to:
public keys of at least two signature nodes and corresponding public key weight values are obtained;
and compounding the public keys of the at least two signature nodes based on the public key weight values of the public keys of the at least two signature nodes to generate a composite public key.
6. The blockchain network of claim 1,
the signature node is specifically configured to:
carrying out digital signature on the information to be signed, and generating a commitment value and a proof value in a signature result corresponding to the signature node;
and determining the signature result corresponding to the signature node based on the commitment value and the proof value in the signature result corresponding to the signature node.
7. The blockchain network of claim 6,
the signature node is specifically configured to:
extracting a summary from the private key of the signature node based on a summary algorithm;
generating a commitment value in a signature result corresponding to the signature node based on the extracted digest of the private key of the signature node and the information to be signed; and the number of the first and second groups,
and generating a proof value in a signature result corresponding to the signature node based on the public key of the signature node, the corresponding public key weight value, the private key of the signature node and the information to be signed.
8. The blockchain network of claim 6,
the signature node is further configured to:
broadcasting a commitment value in a signature result corresponding to the signature node to a target signature node;
the target signature node is a signature node other than the signature node broadcasting the commitment value in the block chain network.
9. The blockchain network of claim 1,
the label checking node is specifically configured to:
summing commitment values in the signature results corresponding to the at least two signature nodes to obtain a first summation result;
summing the proof values in the signature results corresponding to at least two signature nodes to obtain a second summation result;
determining the composite signature result based on the first summation result and the second summation result.
10. The blockchain network of claim 1,
the label checking node is specifically configured to:
judging whether a set verification condition is met or not by taking the composite signature result, the composite public key aiming at least two signature nodes and the information to be signed as input values to obtain a judgment result;
and when the judgment result representation meets the verification condition, determining that the composite signature result is valid.
11. The blockchain network of claim 10,
the label checking node is specifically configured to:
comparing a first reference value, which takes the commitment value, the first coefficient, the composite public key and the challenge value in the composite signature result as factors, with a second reference value, which takes the proof value and the second coefficient in the composite signature result as factors;
when the comparison is the same, determining that the composite signature result is valid;
wherein the challenge value is used to characterize a summary of the following information for the corresponding connection:
and the commitment value, the composite public key and the bit string corresponding to the information to be signed in the composite signature result.
12. The blockchain network of claim 1,
the signature node is further configured to:
performing consensus on the information to be signed in the block chain network to generate the information to be signed after consensus;
the signature node is specifically configured to: and carrying out digital signature on the information to be signed after consensus.
13. A signature processing method for a blockchain network, wherein a signature verification node and at least two signature nodes are deployed in the blockchain network, the method further comprising:
receiving information to be signed through the at least two signature nodes respectively, carrying out digital signature on the information to be signed, generating signature results corresponding to the signature nodes respectively, and sending the generated signature results to the signature verification nodes;
and aggregating at least two signature results through the signature verification node to generate a composite signature result, and verifying the validity of the composite signature result.
14. The method of claim 13, wherein prior to said receiving information to be signed, the method further comprises:
performing a registration service of the signing node to a blockchain network;
after the signing node performs registration service to the blockchain network, generating a corresponding public and private key pair based on a key generation algorithm, wherein the public and private key pair comprises: a public key and a private key corresponding to the public key;
and determining a public key weight value of the public key of the signature node, and sending the public key of the signature node and the corresponding public key weight value to the signature verification node so that the signature verification node can generate a composite public key.
15. The method of claim 14, wherein generating the corresponding public-private key pair based on the key generation algorithm comprises:
generating a private key with a set length corresponding to the signature node based on the key generation algorithm;
and determining a public key corresponding to the private key, which can be verified in the blockchain network, based on the private key and the set length of the private key.
16. The method of claim 14, wherein determining a public key weight value of a public key of the signature node comprises:
connecting bit strings corresponding to public keys of at least two signature nodes to generate a first connection result;
connecting the first connection result with a bit string corresponding to the public key of the signature node respectively to generate a second connection result;
and extracting an abstract of the second connection result based on an abstract algorithm, and determining the extracted abstract of the second connection result as a public key weight value of the public key of the signature node.
17. The method of claim 13, wherein prior to said aggregating at least two of said signature results, said method further comprises:
public keys of at least two signature nodes and corresponding public key weight values are obtained through the signature verification nodes;
and compounding the public keys of the at least two signature nodes based on the public key weight values of the public keys of the at least two signature nodes to generate a composite public key.
18. The method according to claim 13, wherein said digitally signing the information to be signed to generate respective corresponding signature results comprises:
carrying out digital signature on the information to be signed, and generating a commitment value and a proof value in a signature result corresponding to the signature node;
and determining the signature result corresponding to the signature node based on the commitment value and the proof value in the signature result corresponding to the signature node.
19. The method according to claim 18, wherein said digitally signing the information to be signed to generate a commitment value and a proof value in a signature result corresponding to the signature node comprises:
extracting a summary from the private key of the signature node based on a summary algorithm;
generating a commitment value in a signature result corresponding to the signature node based on the extracted digest of the private key of the signature node and the information to be signed; and the number of the first and second groups,
and generating a proof value in a signature result corresponding to the signature node based on the public key of the signature node, the corresponding public key weight value, the private key of the signature node and the information to be signed.
20. The method of claim 18, wherein after the generating of the commitment value in the signature result corresponding to the signature node, the method further comprises:
broadcasting a commitment value in a signature result corresponding to the signature node to a target signature node;
the target signature node is a signature node other than the signature node broadcasting the commitment value in the block chain network.
21. The method of claim 13, wherein aggregating at least two of the signature results to generate a composite signature result comprises:
summing commitment values in the signature results corresponding to the at least two signature nodes to obtain a first summation result;
summing the proof values in the signature results corresponding to at least two signature nodes to obtain a second summation result;
determining the composite signature result based on the first summation result and the second summation result.
22. The method of claim 13, wherein verifying the validity of the composite signature result comprises:
judging whether a set verification condition is met or not by taking the composite signature result, the composite public key aiming at least two signature nodes and the information to be signed as input values to obtain a judgment result;
and when the judgment result representation meets the verification condition, determining that the composite signature result is valid.
23. The method of claim 22, wherein determining that the composite signature result is valid when the determination result characterizes the satisfaction of the verification condition comprises:
comparing a first reference value, which takes the commitment value, the first coefficient, the composite public key and the challenge value in the composite signature result as factors, with a second reference value, which takes the proof value and the second coefficient in the composite signature result as factors;
when the comparison is the same, determining that the composite signature result is valid;
wherein the challenge value is used to characterize a summary of the following information for the corresponding connection:
and the commitment value, the composite public key and the bit string corresponding to the information to be signed in the composite signature result.
24. The method of claim 13, wherein prior to said digitally signing the information to be signed, the method further comprises:
performing consensus on the information to be signed in the block chain network to generate the information to be signed after consensus;
the digital signature of the information to be signed comprises the following steps: and carrying out digital signature on the information to be signed after consensus.
25. A terminal, characterized in that the terminal comprises:
the receiving unit is used for receiving the information to be signed;
the signature generation unit is used for carrying out digital signature on the information to be signed and generating a corresponding signature result;
the sending unit is used for sending the signature results of the at least two signature generation units aiming at the information to be signed to a signature verification node so that the signature verification node can aggregate the at least two signature results to generate a composite signature result, and the validity of the composite signature result is verified.
26. A blockchain network, the blockchain network comprising:
a memory for storing executable instructions;
a processor, configured to execute the executable instructions stored in the memory, to implement the signature processing method of the blockchain network according to any one of claims 13 to 24.
27. A storage medium storing executable instructions for implementing a signature processing method of a blockchain network according to any one of claims 13 to 24 when the executable instructions are executed.
CN201811626266.1A 2018-12-28 2018-12-28 Block chain network system, signature processing method, terminal and storage medium Active CN111385096B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811626266.1A CN111385096B (en) 2018-12-28 2018-12-28 Block chain network system, signature processing method, terminal and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811626266.1A CN111385096B (en) 2018-12-28 2018-12-28 Block chain network system, signature processing method, terminal and storage medium

Publications (2)

Publication Number Publication Date
CN111385096A true CN111385096A (en) 2020-07-07
CN111385096B CN111385096B (en) 2023-08-08

Family

ID=71222838

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811626266.1A Active CN111385096B (en) 2018-12-28 2018-12-28 Block chain network system, signature processing method, terminal and storage medium

Country Status (1)

Country Link
CN (1) CN111385096B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112182612A (en) * 2020-09-28 2021-01-05 平安科技(深圳)有限公司 Random number generation method and device, terminal equipment and storage medium
CN112600671A (en) * 2021-03-02 2021-04-02 腾讯科技(深圳)有限公司 Data processing method, device, equipment and storage medium
CN113506104A (en) * 2021-05-07 2021-10-15 杭州宇链科技有限公司 Software and hardware combined signature generation and verification method and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050262353A1 (en) * 2004-05-20 2005-11-24 Docomo Communications Laboratories Usa, Inc. Digital signatures including identity-based aggregate signatures
WO2014204292A1 (en) * 2013-06-18 2014-12-24 Mimos Berhad Non-repudiable collaborative updates of document
CN107968708A (en) * 2017-11-10 2018-04-27 财付通支付科技有限公司 Generate method, apparatus, terminal and the server of signature
CN108650097A (en) * 2018-04-28 2018-10-12 上海扈民区块链科技有限公司 A kind of efficient aggregation number endorsement method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050262353A1 (en) * 2004-05-20 2005-11-24 Docomo Communications Laboratories Usa, Inc. Digital signatures including identity-based aggregate signatures
WO2014204292A1 (en) * 2013-06-18 2014-12-24 Mimos Berhad Non-repudiable collaborative updates of document
CN107968708A (en) * 2017-11-10 2018-04-27 财付通支付科技有限公司 Generate method, apparatus, terminal and the server of signature
CN108650097A (en) * 2018-04-28 2018-10-12 上海扈民区块链科技有限公司 A kind of efficient aggregation number endorsement method

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
D. BONEH: ""A Survey of Two Signature Aggregation Techniques"" *
李康;孙毅;张;李军;周继华;李忠诚;: "零知识证明应用到区块链中的技术挑战" *
苑超;徐蜜雪;斯雪明;: "基于聚合签名的共识算法优化方案" *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112182612A (en) * 2020-09-28 2021-01-05 平安科技(深圳)有限公司 Random number generation method and device, terminal equipment and storage medium
CN112600671A (en) * 2021-03-02 2021-04-02 腾讯科技(深圳)有限公司 Data processing method, device, equipment and storage medium
CN113506104A (en) * 2021-05-07 2021-10-15 杭州宇链科技有限公司 Software and hardware combined signature generation and verification method and system
CN113506104B (en) * 2021-05-07 2024-03-01 杭州宇链科技有限公司 Signature generation and verification modes and system combining software and hardware

Also Published As

Publication number Publication date
CN111385096B (en) 2023-08-08

Similar Documents

Publication Publication Date Title
EP4120114A1 (en) Data processing method and apparatus, smart device and storage medium
JP7285840B2 (en) Systems and methods for authenticating off-chain data based on proof verification
CN111144881B (en) Selective access to asset transfer data
CN109889497B (en) Distrust-removing data integrity verification method
Wei et al. Security and privacy for storage and computation in cloud computing
CN107438002B (en) Block chain based system and electronic device and method in system
CN115210741B (en) Partially ordered blockchain
US20190287105A1 (en) Mechanism for efficient validation of finality proof in lightweight distributed ledger clients
Ferrer-Gomila et al. A fair contract signing protocol with blockchain support
CN111797159A (en) Information management and access control in a database
CN112215608A (en) Data processing method and device
CN111294379B (en) Block chain network service platform, authority hosting method thereof and storage medium
Liu et al. Blockchain-cloud transparent data marketing: Consortium management and fairness
CN111385096B (en) Block chain network system, signature processing method, terminal and storage medium
CN111049806B (en) Joint authority control method and device, electronic equipment and storage medium
CN110990790B (en) Data processing method and equipment
WO2019142884A1 (en) Block verification device, block verification method and program
CN114760071B (en) Zero-knowledge proof based cross-domain digital certificate management method, system and medium
CN115619395A (en) Data processing method based on block chain and related equipment
CN111274612B (en) Practitioner trust verification method and system, witness service system and storage medium
CN109104444B (en) Electronic signature method based on block chain
Lai et al. Blockchain for achieving accountable outsourcing computations in edge computing
Zhou et al. Fair cloud auditing based on blockchain for resource-constrained IoT devices
Jin et al. A framework with data-centric accountability and auditability for cloud storage
Putra et al. Privacy-preserving Trust Management for Blockchain-based Resource Sharing in 6G-IoT

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant