CN112804272A - Conflict calculation method of chameleon hash function and cuttable block chain account book structure - Google Patents

Conflict calculation method of chameleon hash function and cuttable block chain account book structure Download PDF

Info

Publication number
CN112804272A
CN112804272A CN202110404002.7A CN202110404002A CN112804272A CN 112804272 A CN112804272 A CN 112804272A CN 202110404002 A CN202110404002 A CN 202110404002A CN 112804272 A CN112804272 A CN 112804272A
Authority
CN
China
Prior art keywords
block
message
hash
private
random number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110404002.7A
Other languages
Chinese (zh)
Inventor
徐勤
朱洪亮
邢晓梅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING SAFE-CODE TECHNOLOGY CO LTD
Original Assignee
BEIJING SAFE-CODE TECHNOLOGY CO LTD
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING SAFE-CODE TECHNOLOGY CO LTD filed Critical BEIJING SAFE-CODE TECHNOLOGY CO LTD
Priority to CN202110404002.7A priority Critical patent/CN112804272A/en
Publication of CN112804272A publication Critical patent/CN112804272A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention belongs to the technical field of network security, and particularly relates to a collision calculation method of a chameleon hash function and a cuttable block chain account book structure. The collision calculation method of the chameleon hash function is characterized by comprising the following steps of: the method comprises the following steps: and (3) generating a hash key: calculating to obtain a system public key and n private shares based on a public parameter, a secret key generation algorithm and a verifiable secret sharing algorithm, and calculating at least t private shares in the n private shares to obtain a trapdoor private key; and (3) Hash calculation: calculating to obtain a hash value according to the system public key, the message and the chameleon random number corresponding to the message; and (3) collision calculation: and calculating Hash collision based on the obtained trap door private key, the message, the random number, the Hash value and the new message to obtain a new chameleon random number meeting the collision. Based on the algorithm, the chameleon Hash trapdoor authority is not mastered by a certain node independently to cause the risk of malicious utilization, and the influence on efficiency caused by the fact that all nodes participate in trapdoor synthesis is avoided.

Description

Conflict calculation method of chameleon hash function and cuttable block chain account book structure
Technical Field
The invention belongs to the technical field of network security, and particularly relates to a collision calculation method of a chameleon hash function, a cuttable block chain account book structure and a cutting method.
Background
The blockchain is an innovative application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism and an encryption algorithm in the internet era. Blockchain technology is considered as a subversive innovation of computing models behind mainframes, personal computers, the internet. In a narrow sense, the blockchain is a distributed account book which is a chain data structure formed by combining data blocks in a sequential connection mode according to a time sequence and is guaranteed in a cryptographic mode and cannot be tampered and forged. Broadly speaking, the blockchain technique is a completely new distributed infrastructure and computing paradigm that utilizes blockchain data structures to verify and store data, utilizes distributed node consensus algorithms to generate and update data, cryptographically secure data transmission and access, and utilizes intelligent contracts composed of automated script code to program and manipulate data.
The block chain account book plays an important role in the working process of the block chain, all data of the distributed block chain account book are transparent and shared, can be updated in real time, and can be widely adopted by industries such as medical treatment, finance and transportation, so that the purposes of saving application cost, simplicity, rapidness, avoiding manual errors, effectively preventing cheating and the like can be achieved. However, as the application data is continuously increased, the blockchain account book is increasingly large, which inevitably results in increased storage and calculation costs. For example, in Bizhou, the amount of data from the current created tile to the current tile reaches 243.6GB and continues to increase.
A tailorable block chain technique based on chameleon hash functions is proposed in renewable Block-or-rewriting history in bitcoin and friends, introduced by Atenise et al in 2016, to allow blocks to be re-edited while keeping hash values unchanged. However, there is no specific mention in this scheme of how to implement editing of tile content in a fully decentralized environment.
Chinese patent CN11061850A and chinese patent disclose a collision calculation method for chameleon hash function and an editable block chain construction method. However, although the above scheme adopts a non-centralized distribution trapdoor method, all nodes are required to participate, so the following problems are easily caused: firstly, the sharers can not be well prevented from cheating, namely some sharers can provide false shares when restoring the trapdoor, and some members can not restore the correct secret; the second is the inability to effectively prevent distributor spoofing, i.e., a distributor may distribute false shares to some sharers when distributing secret shares.
Therefore, in view of the above disadvantages, the present invention is urgently needed to provide a collision calculation method for chameleon hash function, and a tailorable block chain ledger structure and a tailoring method.
Disclosure of Invention
The invention aims to provide a collision calculation method of a chameleon hash function, a cuttable block chain account book structure and a cutting method, and aims to solve the problem that cutting of a block chain needs participation of all nodes in the prior art.
The invention provides a collision calculation method of a chameleon hash function, which comprises the following steps: and (3) generating a hash key: calculating based on a public parameter, a secret key generation algorithm and a verifiable secret sharing algorithm to obtain a system public key and n private shares, wherein at least t private shares in the n private shares can be calculated based on a secret reconstruction algorithm to obtain a trapdoor private key; and (3) Hash calculation: calculating to obtain a hash value according to the system public key, the message and the chameleon random number corresponding to the message, and verifying whether the hash value and the chameleon random number are effective hash pairs for the message book; and (3) collision calculation: and calculating Hash collision based on the obtained trap door private key, the message, the random number, the Hash value and the new message, and deducing a new chameleon random number meeting the collision through a collision calculation result.
In the collision calculation method of chameleon hash function, it is further preferable that the public parameter generating step specifically includes: firstly, selecting a safety parameter, selecting a prime number q according to the safety parameter, and selecting a GDH group G with a generation element G with the order of q, wherein a system public parameter is paramtch = { G, q, G }.
In the collision calculation method of chameleon hash function, it is further preferable that in the key generation step, each secret share is calculated based on the following formula:
Figure 792655DEST_PATH_IMAGE001
wherein the content of the first and second substances,
Figure 314903DEST_PATH_IMAGE002
and satisfy
Figure 764470DEST_PATH_IMAGE003
(ii) a tk is the trapdoor private key, tkjThe secret share of the jth node, j being the jth node, n being the total number of nodes in the blockchain network, j =1,2,3, … n; p is a big prime number, and q is a big prime factor of p-1; mod is a mod function.
In the collision calculation method of chameleon hash function, it is further preferable that in the key generation step, whether the private share used for synthesizing the trapdoor private key is correct is verified, and the trapdoor private key is calculated based on the correct private share and a secret reconstruction algorithm; verifying the secret share for synthesizing the trapdoor private key based on the following formula:
Figure 979551DEST_PATH_IMAGE004
wherein g is a q-order element, p is a large prime number, tkjIs a private share of the jth node;
Figure 6413DEST_PATH_IMAGE005
,aidisclosing functions for polynomials
Figure 191406DEST_PATH_IMAGE006
I =0,1,2 … t-1; mod is a mod function.
The invention also discloses a cuttable block chain account book structure which is realized based on the collision calculation method of the chameleon hash function and comprises a plurality of blocks, wherein each block comprises a block head and a block body which are in one-to-one correspondence; the block body stores transaction information of the block; the block header comprises a hash value, a message, a nonce value and a random number; the hash value is a chameleon hash value of a previous block, and is used for forming a chain structure with the previous block, and so on until the hash value is linked to the initial block; the message is calculated by the transaction information; the random number and the hash value are hash pairs based on a chameleon hash function.
The invention also discloses a cutting method of the cuttable block chain account book, which is realized based on the collision calculation method of the chameleon hash function and comprises the following steps: step 1: the system management node initiates trapdoor verification and synthesis based on the chameleon hash function, and obtains a system public key and a trapdoor private key under the cooperation of at least t nodes; step 2: the system management node performs cutting operation on the block of the area to be cut, and calculates to obtain a new message of the block after the cutting operation; and step 3: and the system management node modifies the block head of the cuttable block chain cutting operation area in the step 2 based on the system public key and the trapdoor private key obtained in the step 1, so that blocks before and after the operation area can form a chain structure through the hash value.
As described above, in the method for cutting a block chain ledger, preferably, the step 1 specifically includes: step 1.1: the system management node outputs a public key and a trapdoor private key based on a chameleon hash function, wherein the trapdoor private key is a plurality of private shares obtained based on a verifiable secret sharing algorithm; step 1.2: the system management node distributes the plurality of private shares obtained in the step 1.1 to a plurality of nodes one by one; step 1.3: the node receives the private shares distributed in the step 1.2, verifies whether the private shares are valid or not, and returns the private shares to the system management node when the private shares are verified to be valid; step 1.4: and the system management node receives and verifies the returned private shares, and calculates a Laval difference value calculation formula based on at least t private shares passing the verification to obtain the trapdoor private key.
As described above, in the method for cutting a block chain ledger, preferably, the step 2 specifically includes: step 2.11: the block chain capable of being cut positions a block of the operation area to be cut, and deletes the transaction to be deleted in the block body of the block to obtain an updated block; step 2.12: the new message for updating the block obtained in step 2.11 is calculated.
As described above, in the method for cutting a block chain ledger, preferably, step 3 specifically includes: step 3.11: the system management node calculates to obtain a hash value according to the system public key and the information and the random number of the cutting block head in the step 2; step 3.12: the system management node verifies whether the hash value and the random number are effective hash pairs of the message according to the message of the cutting block head, the random number and the hash value calculated in the step 3.11; step 3.13: if the verification in the step 3.12 is passed, the system management node takes the trapdoor private key obtained in the step 1, the hash value obtained in the step 3.11, the new message obtained in the step 2.12, the message of the cutting block head and the random number as input to obtain a new random number; step 3.14: and the system management node updates the new message obtained in the step 2.12 and the new random number obtained in the step 3.13 to the head of the cutting block.
Alternatively, in the method for cutting a block chain ledger book that can be cut as described above, it is further preferable that step 2 specifically includes: step 2.21: the block chain capable of being cut positions and deletes the blocks of the operation area to be cut; step 2.22: the tailorable block chain locates the previous and next blocks of the deleted block.
In the above method for clipping a clipable block chain ledger, it is further preferable that the chameleon hash function model includes: the secret key generation module: the system is used for outputting a public key and a trap door private key according to the security parameters; a hash calculation module: the hash value is output according to the public key, the message and the random number; a verification calculation module: the message, the hash value and the random number are used as input to verify whether the hash value and the random number are effective hash pairs for the message; and the collision calculation module is used for taking the trap door private key, the message, the random number, the hash value and the new message as input when the verification is passed, and outputting the new random number.
Compared with the prior art, the invention has the following advantages:
the method solves the problem of block chain capacity cutting by introducing the chameleon hash function, so that specific personnel with chameleon hash trapdoor authority can delete the account book record of the block chain, and meanwhile, the integrity verification of the forward and backward block chains of the corresponding block chain account book is not influenced. By the mode, the capacity of the block chain ledger book can be deleted, garbage transactions and error transactions can also be deleted, error check and timely loss stopping of block chain intelligent contracts are facilitated, and healthy development of block chain application is facilitated.
The verification secret sharing algorithm is introduced to solve the safety problem in block chain capacity cutting, so that the chameleon Hash trapdoor authority is not only not mastered by a certain node to cause the risk of malicious utilization, but also the influence on efficiency caused by the participation of all nodes in trapdoor synthesis is avoided, meanwhile, the hidden danger caused by malicious trapdoor private key distribution and malicious participant is solved, the verification of multi-person shared trapdoor information is realized, and the safety of centralized block chain ledger cutting is ensured.
Detailed Description
Example 1:
the embodiment discloses a block chain account book structure capable of being cut, which comprises a plurality of blocks, wherein each block comprises a block head and a block body which are in one-to-one correspondence; the block body stores transaction information of the block; the block header comprises a hash value, a message, a nonce value and a random number; the hash value is a chameleon hash value of a previous block, and is used for forming a chain structure with the previous block, and so on until the hash value is linked to the initial block; the message is calculated by the transaction information; the random number and the hash value are hash pairs based on a chameleon hash function.
One chameleon Hash function scheme consists of four functions, Key Generation HG, Hash H, Verification HV and Collision HC [10 ]:
Figure 354534DEST_PATH_IMAGE007
(1)
Figure 851768DEST_PATH_IMAGE008
: a key generation algorithm for inputting a security parameter
Figure 365926DEST_PATH_IMAGE009
And outputting the public key hk and the trap door private key tk.
(2)
Figure 620190DEST_PATH_IMAGE010
: generating hash value, inputting user's public key
Figure 903404DEST_PATH_IMAGE011
Any one message
Figure 460287DEST_PATH_IMAGE012
And random number
Figure 71528DEST_PATH_IMAGE013
Outputting the hash value
Figure 4849DEST_PATH_IMAGE014
(3)
Figure 267203DEST_PATH_IMAGE015
: by messages
Figure 994988DEST_PATH_IMAGE012
Hash value
Figure 483738DEST_PATH_IMAGE014
And random number
Figure 63493DEST_PATH_IMAGE013
As an input, if
Figure 321299DEST_PATH_IMAGE016
To pair
Figure 219984DEST_PATH_IMAGE017
Is a valid hash pair, thenD is 1, otherwise 0.
(4)
Figure 320664DEST_PATH_IMAGE018
: calculated by H function by trap door private key tk, original message m, m
Figure 64630DEST_PATH_IMAGE016
And new message
Figure 442521DEST_PATH_IMAGE019
As input, new random number is output
Figure 387475DEST_PATH_IMAGE020
And satisfy
Figure 585238DEST_PATH_IMAGE021
Specifically, based on the tailorable block chain book structure of the chameleon hash function, the block head can be represented by one tuple
Figure 398473DEST_PATH_IMAGE022
Wherein
Figure 489926DEST_PATH_IMAGE023
The hash value, i.e. the hash value of the last chunk,
Figure 995993DEST_PATH_IMAGE024
for a message, the Merkle tree root representing all transactions in the block corresponding to the block header,
Figure 681053DEST_PATH_IMAGE025
and (h, z) is a random number, namely a hash pair output by the chameleon hash function. Function G is defined as a chameleon hash function
Figure 426809DEST_PATH_IMAGE026
When the block B satisfies
Figure 248134DEST_PATH_IMAGE027
Then the block is valid.
This time zone block chain
Figure 784158DEST_PATH_IMAGE028
Chain head
Figure 300721DEST_PATH_IMAGE029
Expanding a blockchain may be accomplished by adding valid blocks to the chain header
Figure 190180DEST_PATH_IMAGE030
Wherein
Figure 256225DEST_PATH_IMAGE031
Due to the fact that
Figure 838516DEST_PATH_IMAGE032
Can be derived from other data in the block header by a chameleon hash function, so that a modifiable block can be obtained
Figure 498167DEST_PATH_IMAGE033
The method is simplified as follows:
Figure 565218DEST_PATH_IMAGE034
wherein
Figure 361136DEST_PATH_IMAGE035
The random number is required for calculating the chameleon hash function. At this time, the blocks are aligned
Figure 379907DEST_PATH_IMAGE033
To satisfy
Figure 385909DEST_PATH_IMAGE036
Is effective.
Simplified block chain
Figure 882750DEST_PATH_IMAGE028
The chain head is
Figure 674119DEST_PATH_IMAGE037
By adding valid blocks after the chain head
Figure 598213DEST_PATH_IMAGE038
Wherein
Figure 966878DEST_PATH_IMAGE039
And the purpose of expanding the block chain is achieved.
Compare ordinary block chain, the tailorable block chain account book structure disclosed in this embodiment mainly has following two changes:
(1) changing a block hash value generation function G from a common hash function such as an SHA-256 function to a chameleon hash function;
(2) the block header is incremented by a random value r. The random value r also needs to be updated when the blockchain is modified (i.e., the collision value found using the chameleon hash function).
Example 2:
the embodiment discloses a method for cutting a cuttable block chain account book, which is used for realizing the cutting of the cuttable block chain account book structure in the embodiment 1, and comprises the following steps:
step 1: the system management node initiates trapdoor verification and synthesis based on the chameleon hash function, and obtains a system public key and a trapdoor private key under the cooperation of at least t nodes;
step 2: the system management node performs cutting operation on the block of the area to be cut, and calculates to obtain a new message of the block after the cutting operation;
and step 3: and the system management node modifies the block head of the cuttable block chain cutting operation area in the step 2 based on the system public key and the trapdoor private key obtained in the step 1, so that blocks before and after the operation area can form a chain structure through the hash value.
Further, in the above-mentioned case,
the step 1 specifically comprises the following steps:
step 1.1: the system management node outputs a public key and a trapdoor private key based on a chameleon hash function, wherein the trapdoor private key is a plurality of private shares obtained based on a verifiable secret sharing algorithm;
step 1.2: the system management node distributes the plurality of private shares obtained in the step 1.1 to a plurality of nodes one by one;
step 1.3: the node receives the private shares distributed in the step 1.2, verifies whether the private shares are valid or not, and returns the private shares to the system management node when the private shares are verified to be valid;
step 1.4: and the system management node receives and verifies the returned private shares, and calculates a Laval difference value calculation formula based on at least t private shares passing the verification to obtain the trapdoor private key.
Further, step 2 specifically includes:
step 2.11: the block chain capable of being cut positions a block of the operation area to be cut, and deletes the transaction to be deleted in the block body of the block to obtain an updated block;
step 2.12: the new message for updating the block obtained in step 2.11 is calculated.
The embodiment is mainly used for deleting the transaction of the block in the block, namely, realizing the clipping of the transaction in the block.
For blocks to delete transactionsB i Deleting the transaction to be deleted, regenerating a Merkle tree, and calculating to obtain the message value of the block body after deleting the transactionx i '
In particular, for blocks
Figure 392043DEST_PATH_IMAGE040
Wherein
Figure 162553DEST_PATH_IMAGE041
Is updated to
Figure 103220DEST_PATH_IMAGE042
To maintain
Figure 959181DEST_PATH_IMAGE043
Does not change, does not affect the normal link of the subsequent blocks, and needs to be updated
Figure 188037DEST_PATH_IMAGE044
The value is obtained. By chameleon hash functions
Figure 813053DEST_PATH_IMAGE045
The function being updated, i.e.
Figure 78949DEST_PATH_IMAGE046
New block after modification
Figure 297572DEST_PATH_IMAGE047
Reuse the new block
Figure 205485DEST_PATH_IMAGE048
Substitution
Figure 950587DEST_PATH_IMAGE049
The position in the blockchain.
Further, in the above-mentioned case,
the step 3 specifically comprises the following steps:
step 3.11: the system management node calculates to obtain a hash value according to the system public key and the information and the random number of the cutting block head in the step 2;
step 3.12: the system management node verifies whether the hash value and the random number are effective hash pairs of the message according to the message of the cutting block head, the random number and the hash value calculated in the step 3.11;
step 3.13: if the verification in the step 3.12 is passed, the system management node takes the trapdoor private key obtained in the step 1, the hash value obtained in the step 3.11, the new message obtained in the step 2.12, the message of the cutting block head and the random number as input to obtain a new random number;
step 3.14: and the system management node updates the new message obtained in the step 2.12 and the new random number obtained in the step 3.13 to the head of the cutting block.
Further, the chameleon hash function model includes:
the secret key generation module: the system is used for outputting a public key and a trap door private key according to the security parameters;
a hash calculation module: the hash value is output according to the public key, the message and the random number;
a verification calculation module: the message, the hash value and the random number are used as input to verify whether the hash value and the random number are effective hash pairs for the message;
and the collision calculation module is used for taking the trap door private key, the message, the random number, the hash value and the new message as input when the verification is passed, and outputting the new random number.
Further, in step 2.1, the calculation formula of the private share in the trapdoor private key is as follows:
Figure 512019DEST_PATH_IMAGE001
wherein the content of the first and second substances,
Figure 342572DEST_PATH_IMAGE050
is a t-1 degree polynomial on the finite field GF (p) and satisfies
Figure 523017DEST_PATH_IMAGE051
(ii) a tk is a trap door private key, j is the jth node, n is the total number of nodes in the blockchain network, j =1,2,3, … n; p is a large prime number, q is a large prime factor of p-1, mod refers to the mod function. Simultaneously disclosing functions
Figure 496527DEST_PATH_IMAGE052
Promise of coefficients of
Figure 369805DEST_PATH_IMAGE053
Wherein a isi= parameters of the polynomial equation,
Figure 422075DEST_PATH_IMAGE054
further, in step 2.3 and step 2.4, it is verified whether the secret share is correct by the following formula:
Figure 530845DEST_PATH_IMAGE055
wherein g is a q-order element and p is a large prime number,tkjIs a private share of the jth node.
Specifically, the number of nodes in the blockchain network is n, and the threshold value of the synthesizable trapdoor is t, where t is less than or equal to n and can be set by the system management node. In step 2.1, the calculated trapdoor private key is divided into a plurality of private shares based on a verifiable secret sharing algorithm, and the trapdoor private key can be synthesized from the plurality of shares, and simultaneously the following two requirements are met:
(1) verifiability: after receiving a secret share, the user can test whether it is a valid share. If a share is valid, there is a unique secret as the output of the secret reconstruction algorithm, which acts on any t valid shares.
(2) Unpredictability: for the polynomial time algorithm, t-1 secret shares are input, and no information about the secret can be obtained.
The verifiable secret sharing model is mainly composed of four parts: system parameters, secret distribution, authentication algorithms, and secret reconstruction.
(1) System parameters: p is a large prime number, q is a large prime factor of p-1, g is a q-order element, the triplet (p, q, g) is public, t is a threshold value, n is the number of participants, s is the secret to be shared, and the secret space and the share space are both finite fields gf (p). Firstly selecting safety parameters, selecting prime number q according to the safety parameters, and selecting a GDH group G with generation element G of order q, wherein the system public parameters are paramtch = { G, q, G }.
(2) Secret distribution: randomly select one
Figure 719381DEST_PATH_IMAGE056
On
Figure 638927DEST_PATH_IMAGE057
Polynomial of degree
Figure 178492DEST_PATH_IMAGE058
Satisfy the following requirements
Figure 966320DEST_PATH_IMAGE059
Then calculate the secret shares
Figure 399575DEST_PATH_IMAGE060
And sent to the participants in secret, wherein
Figure 614656DEST_PATH_IMAGE061
Simultaneously disclosing functions
Figure 746910DEST_PATH_IMAGE052
Promise of coefficients of
Figure 338428DEST_PATH_IMAGE062
,aiDisclosing functions for polynomials
Figure 501557DEST_PATH_IMAGE063
I =0,1,2 … t-1; wherein
Figure 746593DEST_PATH_IMAGE064
Mod is a mod function.
(3) And (3) verification algorithm: each participant verifies after receiving the secret share
Figure 526330DEST_PATH_IMAGE065
And if the secret share is not correct, the share is valid, otherwise, the received secret share is incorrect.
(4) Secret reconstruction: when in use
Figure 655960DEST_PATH_IMAGE066
A participant
Figure 548961DEST_PATH_IMAGE067
Each participant when collaborating to recover secrets
Figure 371424DEST_PATH_IMAGE068
Disclose his share
Figure 372878DEST_PATH_IMAGE069
To other collaborators, each collaboratorThe validity of the secret shares is judged by executing a verification algorithm. Polynomial function calculated by Lagrange difference formula
Figure 165253DEST_PATH_IMAGE070
Finally, calculating the function value
Figure 302973DEST_PATH_IMAGE071
I.e. secret
Figure 296337DEST_PATH_IMAGE072
In this embodiment, the trapdoor private key is the secret to be shared.
Example 3:
the present embodiment discloses a method for cutting a cuttable block chain ledger, which is used to implement cutting of the cuttable block chain ledger structure described in embodiment 1, wherein the main steps are the same as those in embodiment 2, and the difference is as follows:
1)
the step 2 specifically comprises the following steps:
step 2.21: the block chain capable of being cut positions and deletes the blocks of the operation area to be cut;
step 2.22: the tailorable block chain locates the previous and next blocks of the deleted block.
This embodiment is mainly used to delete the whole block in a large block chain. Instead of deleting a particular transaction, to delete a block
Figure 893410DEST_PATH_IMAGE073
Requiring modification of the block
Figure 364842DEST_PATH_IMAGE074
So that it can be associated with the block
Figure 622648DEST_PATH_IMAGE075
And (5) normal linking.
When a block is to be deleted
Figure 645968DEST_PATH_IMAGE077
For block
Figure 356435DEST_PATH_IMAGE078
Need to be provided with
Figure 241345DEST_PATH_IMAGE079
Is modified into
Figure 619237DEST_PATH_IMAGE080
To maintain
Figure 688824DEST_PATH_IMAGE081
Does not change, does not affect the normal link of the subsequent blocks, and needs to be updated
Figure 152167DEST_PATH_IMAGE082
The value: by chameleon hash functions
Figure 824456DEST_PATH_IMAGE083
The function being updated, i.e.
Figure 56855DEST_PATH_IMAGE085
New block after modification
Figure 470912DEST_PATH_IMAGE087
Deleting block
Figure 421550DEST_PATH_IMAGE049
Then, the new block is reused
Figure 772897DEST_PATH_IMAGE088
Substitution
Figure 735168DEST_PATH_IMAGE089
The position in the blockchain.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.

Claims (11)

1. A collision calculation method of chameleon hash function is characterized in that: the method comprises the following steps:
and (3) generating a hash key: calculating based on a public parameter, a secret key generation algorithm and a verifiable secret sharing algorithm to obtain a system public key and n private shares, wherein at least t private shares in the n private shares can be calculated based on a secret reconstruction algorithm to obtain a trapdoor private key;
and (3) Hash calculation: calculating to obtain a chameleon hash value according to the system public key, the message and the chameleon random number corresponding to the message, and verifying whether the hash value and the chameleon random number are effective hash pairs for the message book;
and (3) collision calculation: and calculating Hash collision based on the obtained trap door private key, the message, the random number, the Hash value and the new message, and deducing a new chameleon random number meeting the collision through a collision calculation result.
2. The chameleon hash function collision calculation method according to claim 1, wherein the public parameter generation step specifically includes: firstly, selecting a safety parameter, selecting a prime number q according to the safety parameter, and selecting a GDH group G with a generation element G with the order of q, wherein a system public parameter is paramtch = { G, q, G }.
3. The method for calculating collision of chameleon hash function according to claim 2, wherein in the key generating step, each private share is calculated based on the following formula:
Figure 637466DEST_PATH_IMAGE001
wherein tk is the trap door private key, tkjSection jA secret share of a point, j being the jth node, n being the total number of nodes in the blockchain network, j =1,2,3, … n;
Figure 297117DEST_PATH_IMAGE002
and satisfy
Figure 114901DEST_PATH_IMAGE003
(ii) a p is a big prime number, and q is a big prime factor of p-1; mod is a mod function.
4. The chameleon hash function collision calculation method according to claim 3,
in the key generation step, whether the private share for synthesizing the trapdoor private key is correct is verified, and the trapdoor private key is obtained by calculation based on the correct private share and a secret reconstruction algorithm; verifying the secret share for synthesizing the trapdoor private key based on the following formula:
Figure 910818DEST_PATH_IMAGE005
wherein g is a q-order element, p is a large prime number, tkjIs a private share of the jth node;
Figure 788644DEST_PATH_IMAGE007
,aidisclosing functions for polynomials
Figure 670013DEST_PATH_IMAGE009
I =0,1,2 … t-1; mod is a mod function.
5. A tailorable block chain ledger structure is characterized in that the collision calculation method based on the chameleon hash function of any one of claims 1 to 4 is realized, and comprises a plurality of blocks, wherein each block comprises a block head and a block body which are in one-to-one correspondence; the block body stores transaction information of the block; the block header comprises a hash value, a message, a nonce value and a random number; the hash value is a chameleon hash value of a previous block, and is used for forming a chain structure with the previous block, and so on until the hash value is linked to the initial block; the message is calculated by the transaction information; the random number and the hash value are hash pairs based on a chameleon hash function.
6. A clipping method of a cuttable block chain ledger book is characterized by being realized based on the chameleon hash function collision calculation method of any one of claims 1 to 4, and comprising the following steps:
step 1: the system management node initiates trapdoor verification and synthesis based on the chameleon hash function, and obtains a system public key and a trapdoor private key under the cooperation of at least t nodes;
step 2: the system management node performs cutting operation on the block of the area to be cut, and calculates to obtain a new message of the block after the cutting operation;
and step 3: and the system management node modifies the block head of the cuttable block chain cutting operation area in the step 2 based on the system public key and the trapdoor private key obtained in the step 1, so that blocks before and after the operation area can form a chain structure through the hash value.
7. The method for clipping the block chain ledger of claim 6, wherein the step 1 specifically comprises:
step 1.1: the system management node outputs a public key and a trapdoor private key based on a chameleon hash function, wherein the trapdoor private key is a plurality of private shares obtained based on a verifiable secret sharing algorithm;
step 1.2: the system management node distributes the plurality of private shares obtained in the step 1.1 to a plurality of nodes one by one;
step 1.3: the node receives the private shares distributed in the step 1.2, verifies whether the private shares are valid or not, and returns the private shares to the system management node when the private shares are verified to be valid;
step 1.4: and the system management node receives and verifies the returned private shares, and calculates a Laval difference value calculation formula based on at least t private shares passing the verification to obtain the trapdoor private key.
8. The method for clipping the block chain ledger of claim 7, wherein the step 2 specifically includes:
step 2.11: the block chain capable of being cut positions a block of the operation area to be cut, and deletes the transaction to be deleted in the block body of the block to obtain an updated block;
step 2.12: the new message for updating the block obtained in step 2.11 is calculated.
9. The method for clipping the block chain ledger of claim 8, wherein step 3 specifically includes:
step 3.11: the system management node calculates to obtain a hash value according to the system public key and the information and the random number of the cutting block head in the step 2;
step 3.12: the system management node verifies whether the hash value and the random number are effective hash pairs of the message according to the message of the cutting block head, the random number and the hash value calculated in the step 3.11;
step 3.13: if the verification in the step 3.12 is passed, the system management node takes the trapdoor private key obtained in the step 1, the hash value obtained in the step 3.11, the new message obtained in the step 2.12, the message of the cutting block head and the random number as input to obtain a new random number;
step 3.14: and the system management node updates the new message obtained in the step 2.12 and the new random number obtained in the step 3.13 to the head of the cutting block.
10. The method for clipping the block chain ledger of claim 6, wherein the step 2 specifically includes:
step 2.21: the block chain capable of being cut positions and deletes the blocks of the operation area to be cut;
step 2.22: the tailorable block chain locates the previous and next blocks of the deleted block.
11. The method for clipping a clipable blockchain ledger according to any one of claims 6 to 10, wherein the chameleon hash function model includes:
the secret key generation module: the system is used for outputting a public key and a trap door private key according to the security parameters;
a hash calculation module: the hash value is output according to the public key, the message and the random number;
a verification calculation module: the message, the hash value and the random number are used as input to verify whether the hash value and the random number are effective hash pairs for the message;
and the collision calculation module is used for taking the trap door private key, the message, the random number, the hash value and the new message as input when the verification is passed, and outputting the new random number.
CN202110404002.7A 2021-04-15 2021-04-15 Conflict calculation method of chameleon hash function and cuttable block chain account book structure Pending CN112804272A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110404002.7A CN112804272A (en) 2021-04-15 2021-04-15 Conflict calculation method of chameleon hash function and cuttable block chain account book structure

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110404002.7A CN112804272A (en) 2021-04-15 2021-04-15 Conflict calculation method of chameleon hash function and cuttable block chain account book structure

Publications (1)

Publication Number Publication Date
CN112804272A true CN112804272A (en) 2021-05-14

Family

ID=75811430

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110404002.7A Pending CN112804272A (en) 2021-04-15 2021-04-15 Conflict calculation method of chameleon hash function and cuttable block chain account book structure

Country Status (1)

Country Link
CN (1) CN112804272A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113472518A (en) * 2021-07-11 2021-10-01 南京理工大学 Construction method of chameleon hash function resisting key exposure
CN113794556A (en) * 2021-09-10 2021-12-14 福建师范大学 PCH revocable method and system oriented to programmable block chain protocol
CN114337990A (en) * 2021-12-31 2022-04-12 浪潮云信息技术股份公司 Two-round multiple chameleon Hash function calculation method and system
CN114362921A (en) * 2021-12-31 2022-04-15 浪潮云信息技术股份公司 Improved two-wheel multiple chameleon Hash function calculation method and system
CN114978524A (en) * 2022-04-21 2022-08-30 浪潮云信息技术股份公司 Discrete logarithm-based multiple chameleon hash method and system
CN116865972A (en) * 2023-06-15 2023-10-10 长沙学院 Block chain data processing method based on trapdoor hash operation
CN114337990B (en) * 2021-12-31 2024-05-31 浪潮云信息技术股份公司 Two-round multiple chameleon hash function calculation method and system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110061850A (en) * 2019-04-24 2019-07-26 电子科技大学 The collision calculation method and editable block chain building method of chameleon hash function
US20200204376A1 (en) * 2018-12-20 2020-06-25 International Business Machines Corporation File provenance database system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200204376A1 (en) * 2018-12-20 2020-06-25 International Business Machines Corporation File provenance database system
CN110061850A (en) * 2019-04-24 2019-07-26 电子科技大学 The collision calculation method and editable block chain building method of chameleon hash function

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
李佩丽等: ""可更改区块链技术研究"", 《密码学报》 *

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113472518A (en) * 2021-07-11 2021-10-01 南京理工大学 Construction method of chameleon hash function resisting key exposure
CN113794556A (en) * 2021-09-10 2021-12-14 福建师范大学 PCH revocable method and system oriented to programmable block chain protocol
CN113794556B (en) * 2021-09-10 2023-05-23 福建师范大学 PCH revocable method and system for collectable blockchain protocol
CN114337990A (en) * 2021-12-31 2022-04-12 浪潮云信息技术股份公司 Two-round multiple chameleon Hash function calculation method and system
CN114362921A (en) * 2021-12-31 2022-04-15 浪潮云信息技术股份公司 Improved two-wheel multiple chameleon Hash function calculation method and system
CN114362921B (en) * 2021-12-31 2024-04-30 浪潮云信息技术股份公司 Improved two-round multiple chameleon hash function calculation method and system
CN114337990B (en) * 2021-12-31 2024-05-31 浪潮云信息技术股份公司 Two-round multiple chameleon hash function calculation method and system
CN114978524A (en) * 2022-04-21 2022-08-30 浪潮云信息技术股份公司 Discrete logarithm-based multiple chameleon hash method and system
CN114978524B (en) * 2022-04-21 2024-04-12 浪潮云信息技术股份公司 Discrete logarithm-based multi-chameleon hash method and system
CN116865972A (en) * 2023-06-15 2023-10-10 长沙学院 Block chain data processing method based on trapdoor hash operation
CN116865972B (en) * 2023-06-15 2024-01-30 长沙学院 Block chain data processing method based on trapdoor hash operation

Similar Documents

Publication Publication Date Title
CN112804272A (en) Conflict calculation method of chameleon hash function and cuttable block chain account book structure
CN112468302B (en) Editable blockchain based on verifiable multiparty secret sharing
CN110061850B (en) Collision calculation method of chameleon hash function and editable block chain construction method
Zheng et al. Fair and dynamic proofs of retrievability
WO2021220278A1 (en) System and method for fast, post-quantum blockchain concensus generation and smart contracts execution
Huang et al. Scalable and redactable blockchain with update and anonymity
CN110740033A (en) block chain multi-party data sharing method based on secret sharing technology
Alwen et al. Modular design of secure group messaging protocols and the security of MLS
CN113536389B (en) Fine-grained controllable decentralized editable block chain construction method and system
CN111639935A (en) Account book modification method applicable to editable block chain
Gayvoronskaya et al. Blockchain
CN112132579A (en) Block chain consensus node updating method and device
CN115270145A (en) User electricity stealing behavior detection method and system based on alliance chain and federal learning
Hong et al. A secure peer to peer multiparty transaction scheme based on blockchain
Santiago et al. Concordia: a streamlined consensus protocol for blockchain networks
Handayani et al. Proof of blockchain work on the security of academic certificates
CN114463009B (en) Method for improving transaction security of large-scale energy nodes
Long Nakamoto consensus with verifiable delay puzzle
CN115174570A (en) Cross-chain consensus method and system based on dynamic committee
Kudin et al. Blockchain technology: Issues of analysis and synthesis
Reddy securePrune: Secure block pruning in UTXO based blockchains using Accumulators
CN117290887A (en) Account blockchain-based accountability privacy protection intelligent contract implementation method
Zhang et al. F3B: A low-overhead blockchain architecture with per-transaction front-running protection
CN111756545A (en) Contract authentication method based on block chain digital signature technology
CN116388991A (en) Notary group cross-chain transaction method and system based on non-threshold structure

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20210514