CN111507711A - Service interaction method and system based on block chain invisible address - Google Patents
Service interaction method and system based on block chain invisible address Download PDFInfo
- Publication number
- CN111507711A CN111507711A CN202010270040.3A CN202010270040A CN111507711A CN 111507711 A CN111507711 A CN 111507711A CN 202010270040 A CN202010270040 A CN 202010270040A CN 111507711 A CN111507711 A CN 111507711A
- Authority
- CN
- China
- Prior art keywords
- public key
- address
- invisible
- service interaction
- block chain
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000003993 interaction Effects 0.000 title claims abstract description 60
- 238000000034 method Methods 0.000 title claims abstract description 37
- 230000008569 process Effects 0.000 claims abstract description 13
- 238000012795 verification Methods 0.000 claims abstract description 9
- 238000004422 calculation algorithm Methods 0.000 claims description 18
- 238000004364 calculation method Methods 0.000 claims description 7
- 238000012545 processing Methods 0.000 claims description 7
- 238000012544 monitoring process Methods 0.000 claims description 6
- 238000012423 maintenance Methods 0.000 abstract description 2
- 230000002452 interceptive effect Effects 0.000 abstract 1
- 230000006870 function Effects 0.000 description 20
- 238000004590 computer program Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 238000009795 derivation Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 230000002349 favourable effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/389—Keeping log of transactions for guaranteeing non-repudiation of a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Abstract
The invention discloses a service interaction method and a system based on a block chain invisible address, which are characterized by receiving an invisible address access request from a sending end, randomly generating a private key and extending a parent public key according to a public key definition corresponding to the private key; generating an invisible address based on a child public key derived from the extended parent public key and a serial number of the child public key; and feeding back the invisible address information to the sending end. And the sending end generates a random number after receiving the invisible address information, calculates a hash function related to the invisible address, takes the hash function as a payee address identifier and adds the payee address identifier and the coded data to the service interaction data of the block chain. And the receiving end monitors the output on the block chain in real time, and obtains the service interaction data meeting the preset conditions through verification to finish the service interaction process. According to the scheme, business interaction is carried out on the block chain invisible address, the address length and the additional data volume are more concise, the transaction safety of two interactive parties is improved, efficient management of a user wallet and points is facilitated, and the later maintenance cost is reduced.
Description
Technical Field
The invention belongs to the field of computers, and particularly relates to a service interaction method and system based on a block chain invisible address.
Background
The concept of invisible addresses was first proposed and developed by the Monero blockchain project. The invisible address data of Monero is actually two public keys, one corresponds to a read-only key, and the other corresponds to a key with the capability of spending transaction output. The invisible address is designed to protect the address privacy of the payee. As described in the cryptote white paper published in 2013, month 10, the working principle of this invisible address scheme by Monero is that, according to a cryptology axiom a x R a, both sender and receiver (and only both) can easily calculate P, and only the receiver knows the private key of P' (i.e., Hash (a x R) + b). In addition, the owner of the invisible address (a, B) can share the private key a corresponding to the public key a to the auditor, so that the auditor can use (a, B) to view all the collection records of the invisible address, and (a, a) is therefore also referred to as a read-only key.
The disadvantages of this solution are the following:
1) compared with the typical address of a bitcoin, the Hash160 data with the length of only 20 bytes is needed, the invisible address data of Monero is much larger, and two pieces of public key information are characterized by at least 65 bytes;
2) the read-only secret key needs to share one private key, the detection of collection also needs to use one private key a in the invisible address, and compared with the address scheme which can be checked only by a public key, the wallet realization of the invisible address scheme is necessarily more complex;
the additional data R needs to be packed into the service interaction data, and each transaction output is added with 33 bytes of data, which is not trivial in some transaction schemes which are compact in nature. For example, a typical single input dual output bitcoin transaction may require only 225 bytes, and adding 33 bytes would correspond to a 15% increase in data size.
Almost at the same time as Monero publishes its stealth address scheme, the bitcoin community also publishes a proposal called Hierarchical Deterministic Wallets, bip-32. The scheme can also be used for enabling a sender and a receiver to share one Extended Public Key (K, c) based on the invisible address, and the sender can derive a sub Public Key K by selfiFor payment without requiring a new recipient address from the recipient to complete the transaction interaction. However, the disadvantages of this solution are the following:
the length of the address information is 65 bytes as with Monero, and the address data is large. Because the extended public key (K, c) needs to be shared as address information to the payer in advance;
the sub-serial number i is maintained locally by both the payer and the payee, respectively, and if the payee loses the current value of i locally, (and the payer cannot tell) the payee needs a painful, lengthy and time-consuming grinding calculation to exhaust all possible i to find the payment output. I.e. from 0 to (2)31-1);
The above solution is only applicable to payments and receipts between enterprise users and is not practical for payees who need to maintain multiple random payers, since the payee needs to use all possible payee accounts (K, c) for each transaction output on the chain to try to check whether K is the caseiMatching, the computational complexity increases linearly as the total number of collection accounts increases.
Disclosure of Invention
In order to solve the above problems, the present invention provides a service interaction method and system based on a blockchain hidden address, and compared with the existing service interaction scheme, because the blockchain hidden address has a shorter length and is more concise, the service interaction through the blockchain hidden address has wide practicability, and the safety of the transaction between two interacting parties is ensured.
The purpose of the invention is realized by adopting the following technical scheme:
a service interaction method based on a block chain invisible address comprises the following steps:
sending an invisible address access request to a receiving end;
after receiving the invisible address information from a receiving end, generating a random number and calculating a hash function related to the invisible address;
and adding the hash function serving as a payee address identifier and the coded data obtained by coding the random number into the service interaction data of the block chain.
Preferably, the generating a random number and calculating a hash function associated with the invisible address includes:
transmit end obtains invisible address (K)iI) generating a random number r ∈ [0,2 ]64-1];
Calculating a hash function C-K associated with the invisible addressihr;
Wherein, KiIs the payee's sub-public key, h represents a group element, i is the sub-public key KiAnd i ∈ [0,2 ]31-1]。
Further, the encoding the random number to obtain encoded data includes:
adopting symmetric encryption algorithm to encrypt the sub public key serial number i and to encrypt the invisible address (K)iI) modified to (K)iI'); and by the following formula r' ═ rXOR Hash (K)i) The random number (r ', i) is modified to (r ', i ').
A service interaction method based on a block chain invisible address comprises the following steps:
receiving an invisible address access request from a sending end;
randomly generating a private key according to the invisible address access request, and defining and expanding a parent public key according to a public key corresponding to the private key;
generating an invisible address based on a child public key and a child public key serial number derived from the extended parent public key;
feeding back invisible address information to a sending end;
monitoring service interaction data output on a block chain in real time, and acquiring a payee address identifier and coded data from the service interaction data;
obtaining original coded data by decoding the coded data, and calculating a new transaction collection address identifier based on the original coded data;
and verifying the consistency of the new transaction collection address identifier and the collection party address identifier, and storing all the verified business interaction data into the wallet to finish the collection process.
Preferably, the extending the parent public key according to the public key definition corresponding to the private key specifically includes:
according to a private key k ∈ Z randomly generated by a receiving terminalpCalculating the corresponding public key K ═ gk;
The public key K and the randomly generated 256-bit digital sequence c jointly form an extended parent public key (K, c).
Preferably, the deriving a child public key based on the extended parent public key, and the generating the invisible address includes:
deriving the extended parent public key (K, c) as a child public key K by a predefined generation algorithmi;
According to the public key sequence number i and the sub public key KiBuilding invisible addresses (K)i,i);
Therein, public key sequence number i ∈ [0,2 ]31-1]C represents a 256-bit number sequence, K is a public key, and K is gkAnd k is a private key.
Further, the child public key is determined by:
wherein, ILTo split I into the first 32-byte sequence of two 32-byte sequences, I is HMAC SHA512(c, K, I).
Further, a new transaction recipient address identification is calculated by:
C′=Kihr
wherein C ' represents a new transaction receipt address identifier, r is original encoded data obtained by decoding r ', r ' is encoded data obtained from the service interaction data, KiA child public key derived for extending the parent public key (K, c).
Further, the new transaction recipient address identification is verified for consistency with the recipient address identification by:
c ═ C or Hash (C') ═ Hash (C).
A service interaction system based on block chain invisible addresses comprises a sending end and a receiving end;
the transmitting end comprises:
the sending module is used for sending an invisible address access request to a receiving end;
the first calculation module is used for generating a random number and calculating a hash function related to the invisible address after receiving the invisible address information from the receiving end;
the processing module is used for adding the hash function as a payee address identifier output by the transaction and coded data obtained by coding the random number into the service interaction data of the block chain;
the receiving end includes:
the receiving module is used for receiving an invisible address access request from a sending end;
the definition module is used for randomly generating a private key according to the invisible address access request and defining and expanding a parent public key according to a public key corresponding to the private key;
the generation module is used for generating an invisible address based on a child public key and a child public key serial number derived from the extended parent public key;
the feedback module is used for feeding back the invisible address information to the sending end;
the acquisition module is used for monitoring the service interaction data output on the block chain in real time and acquiring a payee address identifier and coded data from the service interaction data;
the second calculation module is used for obtaining original coded data by decoding the coded data and calculating a new transaction collection address identifier based on the original coded data;
and the verification module is used for verifying the consistency of the transaction collection address identifier and the collector address identifier, and storing all the service interaction data which passes the verification into the wallet to finish the collection process.
Compared with the closest prior art, the invention has the following beneficial effects:
the invention provides a service interaction method and system based on a block chain invisible address, which take the invisible address as service interaction data of both transaction parties and finally complete the transaction. Because the block chain invisible address has shorter length and simpler additional data volume, compared with the invisible address of Monero, the block chain invisible address saves 64 percent, so that the sending party and the receiving party have simpler, more convenient and more transparent business data interaction process, the transaction safety of the two parties is improved, the efficient management of the user wallet and the credit is facilitated, and the later maintenance cost is reduced.
Drawings
In order to more clearly illustrate the detailed description of the invention or the technical solutions in the prior art, the drawings that are needed in the detailed description of the invention or the prior art will be briefly described below. Throughout the drawings, like elements or portions are generally identified by like reference numerals. In the drawings, elements or portions are not necessarily drawn to scale.
Fig. 1 is a flowchart of a service interaction method based on a block chain hidden address and using a sending end as an execution subject according to the present invention;
fig. 2 is a flowchart of a service interaction method based on a block chain hidden address and using a receiving end as an execution subject according to the present invention.
Detailed Description
The following describes embodiments of the present invention in further detail with reference to the accompanying drawings.
In order to specifically understand the technical solutions provided by the present invention, the technical solutions of the present invention will be described and illustrated in detail in the following examples. It is apparent that the embodiments provided by the present invention are not limited to the specific details familiar to those skilled in the art. The following detailed description of the preferred embodiments of the invention is intended to provide further embodiments of the invention in addition to those described herein.
The invention provides a new service interaction scheme, and service interaction is realized by two interacting parties through a block chain invisible address. The data contained in the block chain invisible address is composed of a sub public key KiAnd a value i consisting ofKiI) where KiIs a sub-public key of the receiver, KiAn extended public key (K, c) derived from the payee as a secret known only to the receiving end (payee), i is the sub-public key number and i ∈ [0, 2)31- 1]. The transmitting end (payer) knows the invisible address information (K) of the receiving endiI) generating a random number r, r ∈ [0,2 ]64-1]And calculate a Pedersen committement C ═ Ki+ r × H. The sending end can use the hash value Hash (C) of C or C as the identification of the collection address output by the transaction, and the coded information (r', i) as the additional data and is packed into the service interaction data. The coding algorithm of r may use r ═ rXORHash (K)i) (ii) a Generating a child public key KiThe public key derivation algorithm of (1) can adopt the HD algorithm of bip-32: ki=K+ILG, wherein I ═ HMAC _ SHA512(c, K, I), ILIs the first 32 byte sequence of I, G is the group generator.
The receiving end checks the transaction output on each link, takes out the collection address mark C and the coding data (r', i) of the transaction, and derives the sub public key K from the extended father public key K, C by using the taken out iiDecoding r' to get original r and calculating Pedersen committement C ═ KiAnd + r H, all the transaction output data meeting the condition C' is sorted out and stored in the wallet, and the money receiving process is completed. With this scheme, the amount of data is much smaller and less additional payload data needs to be added to the transaction.
The scheme of the invention adopts Pedersen committent C ═ Ki+ r H as the transaction receipt address, thanks to the perfect hidden attribute (perfect) and the computational binding attribute (computational binding) of Pedersen statement, anyone cannot resolve the actual receipt address K contained in C without knowing ri. Therefore, the scheme has strong privacy and security.
The scheme also packs the sub public key serial numbers i into the transaction together, so that the design has the advantages that the management of a plurality of addresses by the wallet account becomes very easy by means of the i, and the method is favorable for encouraging the payee to issue a random payee address for each payer, thereby avoiding address reuse to the maximum extent, enhancing the security of the transaction and protecting the address privacy. Any possibility of the occurrence of the need for lengthy and time-consuming grinding to calculate the exhaustive i is also avoided.
The specific implementation of the present invention provides corresponding implementation processes from two ends of a sending end and a receiving end, and specifically includes the following steps:
(1) with a sending end as an execution main body, in this embodiment, a service interaction method based on a block chain hidden address is provided as shown in fig. 1, including:
s1, sending an invisible address access request to a receiving end;
s2, after receiving the invisible address information from the receiving end, generating a random number and calculating a hash function related to the invisible address;
s3 adds the hash function as the payee address identifier to the service interaction data of the blockchain together with the encoded data obtained by encoding the random number.
In step S2, generating a random number and calculating a hash function associated with the invisible address includes:
transmit end obtains invisible address (K)iI) generating a random number r ∈ [0,2 ]64-1];
Calculating a hash function C-K associated with the invisible addressihr;
Wherein, KiIs the payee's sub-public key, h represents a group element, i is the sub-public key KiAnd i ∈ [0,2 ]31-1]。
In step S3, the encoding the random number to obtain encoded data includes:
adopting symmetric encryption algorithm to encrypt the sub public key serial number i and to encrypt the invisible address (K)iI) modified to (K)iI'); and by the following formula r' ═ rXOR Hash (K)i) The random number (r ', i) is modified to (r ', i ').
(2) With the receiving end as the execution subject, the embodiment of the present invention provides a service interaction method based on a block chain hidden address as shown in fig. 2, which includes:
s101, receiving an invisible address access request from a sending end;
s102, randomly generating a private key according to the invisible address access request, and defining and expanding a parent public key according to a public key corresponding to the private key;
s103, generating an invisible address based on a child public key and a child public key serial number derived from the extended parent public key;
s104, feeding back the invisible address information to the sending end;
s105, monitoring service interaction data output on the block chain in real time, and acquiring payee address identification and coded data from the service interaction data;
s106, original coded data are obtained by decoding the coded data, and a new transaction collection address identifier is calculated based on the original coded data;
s107, the consistency of the new transaction collection address identification and the collection party address identification is verified, and all the service interaction data passing the verification is stored in the wallet, so that the collection process is completed.
In step S102, extending the parent public key according to the public key definition corresponding to the private key specifically includes:
according to a private key k ∈ Z randomly generated by a receiving terminalpCalculating the corresponding public key K ═ gk;
The public key K and the randomly generated 256-bit digital sequence c jointly form an extended parent public key (K, c).
In step S103, deriving a child public key based on the extended parent public key, and generating the invisible address includes:
deriving the extended parent public key (K, c) as a child public key K by a predefined generation algorithmi;
According to the public key sequence number i and the sub public key KiBuilding invisible addresses (K)i,i);
Therein, public key sequence number i ∈ [0,2 ]31-1]C represents a 256-bit number sequence, K is a public key, and K is gkAnd k is a private key.
The child public key is determined by:
wherein, ILTo split I into the first 32-byte sequence of two 32-byte sequences, I is HMAC SHA512(c, K, I).
In step S106, a new transaction receipt address identification is calculated by the following formula:
C′=Kihr
wherein C ' represents a new transaction receipt address identifier, r is original encoded data obtained by decoding r ', r ' is encoded data obtained from the service interaction data, KiA child public key derived for extending the parent public key (K, c).
In step S107, the new transaction recipient address identifier is verified for consistency with the recipient address identifier by the following equation:
c ═ C or Hash (C') ═ Hash (C).
Based on the same invention concept, the specific embodiment of the invention also provides a service interaction system based on the block chain invisible address, which comprises a sending end and a receiving end;
1. the transmitting end includes:
the sending module is used for sending an invisible address access request to a receiving end;
the first calculation module is used for generating a random number and calculating a hash function related to the invisible address after receiving the invisible address information from the receiving end;
the processing module is used for adding the hash function as a payee address identifier output by the transaction and coded data obtained by coding the random number into the service interaction data of the block chain;
2. the receiving end includes:
the receiving module is used for receiving an invisible address access request from a sending end;
the definition module is used for randomly generating a private key according to the invisible address access request and defining and expanding a parent public key according to a public key corresponding to the private key;
the generation module is used for generating an invisible address based on a child public key and a child public key serial number derived from the extended parent public key;
the feedback module is used for feeding back the invisible address information to the sending end;
the acquisition module is used for monitoring the service interaction data output on the block chain in real time and acquiring a payee address identifier and coded data from the service interaction data;
the second calculation module is used for obtaining original coded data by decoding the coded data and calculating a new transaction collection address identifier based on the original coded data;
and the verification module is used for verifying the consistency of the transaction collection address identifier and the collector address identifier, and storing all the service interaction data which passes the verification into the wallet to finish the collection process.
Example 1:
for convenience of description hereinafter, the parameters involved in the invisible address scheme of the present invention are described as follows: the group parameters are defined as (G, p, G, h), where p is a positive integer, G is a cyclic group of order p, G is the generator of the group G, and h is an element of the group G, but no one knows its discrete log solutiongh, Hash is a Hash function.
The scheme of the embodiment adopts (K)iI) as invisible address data, where KiIs the recipient's child public key, is generated by a public key derivation function f (K, c, i), i.e., KiDerived from the parent extended public key (K, c), i being the child public key sequence number. The generation steps of the invisible address are as follows:
the receiving party generates a random private key k ∈ ZpCalculating its corresponding public key K ═ gkAnd generates a random 256-bit digital sequence c (called chain code) which together form an extended parent public key (K, c). The extended parent public key (K, c) serves as secret information known only to the recipient.
The receiver sends an invisible address (K)iI) notification to the sender, where i ∈ [0,231-1]。
Receiver generates sub public key KiThe function f (K, c, i) of (A) may follow the bip-32HD algorithm, i.e.
Where I ═ HMAC _ SHA512(c, K, I), ILIs the first 32-byte sequence after splitting I into two 32-byte sequences.
The receiver can create different receiving addresses for different senders by changing the value of the sub-sequence number i, and the sub-sequence number i can be sequentially increased from 0 or randomly generated.
The sender knows the invisible address (K) of the receiveriI) after which a random number r ∈ [0,2 ] is generated64-1]And calculate a Pedersen committement C ═ Kihr. The sender can use this comment C or hash (C) as the recipient address identification of the transaction output and add the encoded data (r', i) to the service interaction data. Using the Hash (C) as the recipient address identifier of the transaction output, the Hash function may use the SHA-256 algorithm, or the Hash160 algorithm (i.e., ripemm 160(SHA256(C)) algorithm), or any other feasible Hash algorithm.
The receiver can encrypt the sub serial number information i and can encrypt the invisible address (K)iI) modified to (K)iI ') and modifying the encoded data (r', i) to (r ', i') such that it is readable only by the recipient.
Wherein, the coding algorithm of r can adopt r' ═ rXOR Hash (K)i) Or any feasible symmetric encryption algorithm.
Modified invisible address (K)iI '), i.e. the result of encrypting the transmitted i, the encryption algorithm may use i' ═ iXOR Hash (K), or any other feasible symmetric encryption algorithm. Since the extended parent public key (K, c) of the receiver is secret information known only to the receiver itself, only the receiver itself can decode i'. In addition, although the scheme provided herein is directed to encrypting the sub-sequence number i, it does not mean that any keys are leaked by transmitting and disclosing the sub-sequence number i in the service interaction data, and disclosing unencrypted i is also secure.
The receiver checks the output of each transaction occurring on the chain, takes the transaction receipt address C and the coded data (r', i) from the output of the transaction, derives the child public key K from the extended parent public key K, C using iiDecoding r' to get the original r and calculating Pedersen commitmentC′=KihrAll transactions that meet the condition C 'or Hash (C') are sorted out and deposited into the purse, and the money receiving process is completed.
When a pen is spent, the Pedersen committent C is adopted as KihrOr UTXO identified by hash (c) as owner address, the blockchain system needs to provide a signature to the transaction creator to prove ownership of the UTXO. A problem arises here, however, in that a Pedersen comment, by virtue of its cryptographic nature, does not have any one person know its private key, including the owner of its UTXO. Therefore, the embodiment of the present invention provides a feasible solution: attaching information r in the transaction so that the UTXO owner can use the address KiThe corresponding private key is used for signing, and the signature verifier can calculate Ki=Ch-rTo obtain the corresponding verification public key K of the signatureiTo complete the interaction process of the service.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart 1 flow or flows and/or block 1 block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows of FIG. 1 and/or block diagram block or blocks of FIG. 1.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart 1 flow or flows and/or block 1 block or blocks.
Finally, it should be noted that: the above embodiments are only used for illustrating the technical solutions of the present application and not for limiting the protection scope thereof, and although the present application is described in detail with reference to the above embodiments, those of ordinary skill in the art should understand that: numerous variations, modifications, and equivalents will occur to those skilled in the art upon reading the present application and are within the scope of the claims appended hereto.
Claims (10)
1. A service interaction method based on a block chain invisible address is characterized by comprising the following steps:
sending an invisible address access request to a receiving end;
after receiving the invisible address information from a receiving end, generating a random number and calculating a hash function related to the invisible address;
and adding the hash function serving as a payee address identifier and the coded data obtained by coding the random number into the service interaction data of the block chain.
2. The method of claim 1, wherein the generating a random number and computing a hash function associated with the invisible address comprises:
transmit end obtains invisible address (K)iI) generating a random number r ∈ [0,2 ]64-1];
Calculating a hash function C-K associated with the invisible addressihr;
Wherein, KiIs the payee's sub-public key, h represents a group element, i is the sub-public key KiAnd i ∈ [0,2 ]31-1]。
3. The method of claim 2, wherein the encoding the random number to obtain encoded data comprises:
adopting symmetric encryption algorithm to encrypt the sub public key serial number i and to encrypt the invisible address (K)iI) modified to (K)iI'); and by the following formula r' ═ rXOR Hash (K)i) The random number (r ', i) is modified to (r ', i ').
4. A service interaction method based on a block chain invisible address is characterized by comprising the following steps:
the receiving end receives an invisible address access request from the sending end;
randomly generating a private key according to the invisible address access request, and defining and expanding a parent public key according to a public key corresponding to the private key;
generating an invisible address based on a child public key and a child public key serial number derived from the extended parent public key;
feeding back invisible address information to a sending end;
monitoring service interaction data output on a block chain in real time, and acquiring a payee address identifier and coded data from the service interaction data;
obtaining original coded data by decoding the coded data, and calculating a new transaction collection address identifier based on the original coded data;
and verifying the consistency of the new transaction collection address identifier and the collection party address identifier, and storing all the verified business interaction data into the wallet to finish the collection process.
5. The method of claim 4, wherein said extending the parent public key according to the public key definition corresponding to the private key specifically comprises:
according to a private key k ∈ Z randomly generated by a receiving terminalpCalculating the corresponding public key K ═ gk;
The public key K and the randomly generated 256-bit digital sequence c jointly form an extended parent public key (K, c).
6. The method of claim 5, wherein deriving a child public key based on the extended parent public key, generating an invisible address comprises:
deriving the extended parent public key (K, c) as a child public key K by a predefined generation algorithmi;
According to the public key sequence number i and the sub public key KiBuilding invisible addresses (K)i,i);
Therein, public key sequence number i ∈ [0,2 ]31-1]C represents a 256-bit number sequence, K is a public key, and K is gkAnd k is a private key.
7. The method of claim 6, wherein the child public key is determined by:
wherein, ILTo split I into the first 32-byte sequence of two 32-byte sequences, I is HMAC SHA512(c, K, I).
8. The method of claim 6 wherein the new transaction recipient address identification is calculated by the following equation:
C′=Kihr
where C 'represents the new transaction recipient address identifier, r is the original encoded data obtained by decoding r',i) for the coded data obtained from the service interaction data, KiA child public key derived for extending the parent public key (K, c).
9. The method of claim 8 wherein the new transaction recipient address identification is verified for consistency with the recipient address identification by:
c ═ C or Hash (C') ═ Hash (C).
10. A service interaction system based on block chain invisible addresses is characterized by comprising a sending end and a receiving end;
the transmitting end comprises:
the sending module is used for sending an invisible address access request to a receiving end;
the first calculation module is used for generating a random number and calculating a hash function related to the invisible address after receiving the invisible address information from the receiving end;
the processing module is used for adding the hash function as a payee address identifier output by the transaction and coded data obtained by coding the random number into the service interaction data of the block chain;
the receiving end includes:
the receiving module is used for receiving an invisible address access request from a sending end;
the definition module is used for randomly generating a private key according to the invisible address access request and defining and expanding a parent public key according to a public key corresponding to the private key;
the generation module is used for generating an invisible address based on a child public key and a child public key serial number derived from the extended parent public key;
the feedback module is used for feeding back the invisible address information to the sending end;
the acquisition module is used for monitoring the service interaction data output on the block chain in real time and acquiring a payee address identifier and coded data from the service interaction data;
the second calculation module is used for obtaining original coded data by decoding the coded data and calculating a new transaction collection address identifier based on the original coded data;
and the verification module is used for verifying the consistency of the transaction collection address identifier and the collector address identifier, and storing all the service interaction data which passes the verification into the wallet to finish the collection process.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010270040.3A CN111507711B (en) | 2020-04-08 | 2020-04-08 | Business interaction method and system based on block chain invisible address |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010270040.3A CN111507711B (en) | 2020-04-08 | 2020-04-08 | Business interaction method and system based on block chain invisible address |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111507711A true CN111507711A (en) | 2020-08-07 |
| CN111507711B CN111507711B (en) | 2023-12-15 |
Family
ID=71878707
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010270040.3A Active CN111507711B (en) | 2020-04-08 | 2020-04-08 | Business interaction method and system based on block chain invisible address |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111507711B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113438072A (en) * | 2021-06-09 | 2021-09-24 | 北京理工大学 | Block chain covert communication method based on derived chain |
| CN116384999A (en) * | 2023-04-19 | 2023-07-04 | 北方工业大学 | Lightweight hierarchical deterministic wallet model supporting invisible addresses and method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106651331A (en) * | 2016-12-22 | 2017-05-10 | 飞天诚信科技股份有限公司 | Digital currency-based electronic transaction method and system |
| CN108985760A (en) * | 2018-06-15 | 2018-12-11 | 杭州复杂美科技有限公司 | Method of payment and system, equipment and storage medium |
| CN110009499A (en) * | 2019-04-17 | 2019-07-12 | 北京八分量信息科技有限公司 | A kind of method of commerce and system based on block chain and hidden address |
| US10535062B1 (en) * | 2019-03-20 | 2020-01-14 | Capital One Services, Llc | Using a contactless card to securely share personal data stored in a blockchain |
-
2020
- 2020-04-08 CN CN202010270040.3A patent/CN111507711B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106651331A (en) * | 2016-12-22 | 2017-05-10 | 飞天诚信科技股份有限公司 | Digital currency-based electronic transaction method and system |
| CN108985760A (en) * | 2018-06-15 | 2018-12-11 | 杭州复杂美科技有限公司 | Method of payment and system, equipment and storage medium |
| US10535062B1 (en) * | 2019-03-20 | 2020-01-14 | Capital One Services, Llc | Using a contactless card to securely share personal data stored in a blockchain |
| CN110009499A (en) * | 2019-04-17 | 2019-07-12 | 北京八分量信息科技有限公司 | A kind of method of commerce and system based on block chain and hidden address |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113438072A (en) * | 2021-06-09 | 2021-09-24 | 北京理工大学 | Block chain covert communication method based on derived chain |
| CN113438072B (en) * | 2021-06-09 | 2022-04-08 | 北京理工大学 | Block chain covert communication method based on derived chain |
| CN116384999A (en) * | 2023-04-19 | 2023-07-04 | 北方工业大学 | Lightweight hierarchical deterministic wallet model supporting invisible addresses and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111507711B (en) | 2023-12-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6724249B2 (en) | System and method for information protection | |
| EP3364598B1 (en) | Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys | |
| CN107392603B (en) | Transaction method and apparatus using digital money | |
| CN109983466A (en) | A kind of account management system and management method, storage medium based on block chain | |
| CN108352015A (en) | The anti-loss storage of Secure for the system combination wallet management system based on block chain and encryption key transfer | |
| JP7231630B2 (en) | Blockchain-implemented security systems and methods for blinded consequent selection | |
| JP2013118707A (en) | Radio frequency identification (rfid) authentication and key distribution system therefor | |
| CN110545169B (en) | Block chain method and system based on asymmetric key pool and implicit certificate | |
| CN111615810A (en) | Computer-implemented method and system for acquiring digitally signed data | |
| CN103444128B (en) | Key PV signs | |
| CN113711564A (en) | Computer-implemented method and system for encrypting data | |
| WO2020240289A1 (en) | Knowledge proof | |
| CN116830523A (en) | threshold key exchange | |
| CN111507711B (en) | Business interaction method and system based on block chain invisible address | |
| Sathya et al. | A comprehensive study of blockchain services: future of cryptography | |
| Zhou et al. | Implementation of cryptographic algorithm in dynamic QR code payment system and its performance | |
| CN110557247B (en) | Identity-based blockchain method and system | |
| CN200993803Y (en) | Internet banking system safety terminal | |
| CN116210199A (en) | Data management and encryption in a distributed computing system | |
| KR20230002941A (en) | (EC)DSA Threshold Signature with Secret Sharing | |
| CN116707778A (en) | Data hybrid encryption transmission method and device and electronic equipment | |
| Shbair et al. | HSM-based Key Management Solution for Ethereum Blockchain | |
| CN116547944A (en) | Signature generation device, authentication device, and program | |
| Kaur et al. | Monitoring data integrity while using TPA in cloud environment | |
| EP4231583A1 (en) | Methods and arrangements for establishing digital identity |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |