CN113159745A - Block chain transaction privacy protection method based on full homomorphism - Google Patents

Block chain transaction privacy protection method based on full homomorphism Download PDF

Info

Publication number
CN113159745A
CN113159745A CN202110308482.7A CN202110308482A CN113159745A CN 113159745 A CN113159745 A CN 113159745A CN 202110308482 A CN202110308482 A CN 202110308482A CN 113159745 A CN113159745 A CN 113159745A
Authority
CN
China
Prior art keywords
transaction
user
ciphertext
amount
cloud server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110308482.7A
Other languages
Chinese (zh)
Other versions
CN113159745B (en
Inventor
高军涛
汤年
岳浩
李�浩
李雪莲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN202110308482.7A priority Critical patent/CN113159745B/en
Publication of CN113159745A publication Critical patent/CN113159745A/en
Application granted granted Critical
Publication of CN113159745B publication Critical patent/CN113159745B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/04Payment circuits
    • G06Q20/06Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
    • G06Q20/065Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0625Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI

Landscapes

  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Engineering & Computer Science (AREA)
  • Finance (AREA)
  • General Physics & Mathematics (AREA)
  • Strategic Management (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Development Economics (AREA)
  • Technology Law (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Signal Processing (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a block chain transaction privacy protection method based on a homomorphism, which solves the problem that the transaction data in the existing block chain needs privacy protection in a transparent and open mode. The implementation scheme is as follows: generating a user key; encrypting the symmetric key; sending data to a cloud server; symmetrically encrypting the transaction amount; converting the ciphertext; balance verification under a ciphertext; performing transaction operation under the ciphertext; decrypting the sign bit for true verification; uploading to a block chain; the payer decrypts the ciphertext to check the balance of the payer, and privacy protection in the block chain transaction process is achieved. The invention protects the transaction information by applying homomorphic encryption, realizes transaction privacy calculation under a ciphertext and prevents the transaction information from being acquired by an attacker. The invention can protect the transaction information in the block chain, prevent information leakage, calculate the transaction amount in an encrypted state, and can be used for hiding the transaction information on the block chain.

Description

Block chain transaction privacy protection method based on full homomorphism
Technical Field
The invention belongs to the technical field of network security information, mainly relates to a multi-key homomorphic encryption and threshold encryption technology in cryptography, and particularly relates to a block chain transaction privacy protection method based on a full homomorphic, which is used for protecting transaction amount and calculating amount privacy in a block chain.
Background
The block chain realizes the distributed accounting which cannot be tampered through a consensus mechanism, provides a reliable brand new trust form for the value internet, and changes the ecology of the internet and even the economic society by taking trust as an entry point. However, the information on the chain is publicly available to all, and privacy is greatly sacrificed. Meanwhile, credibility brought by running on the chain of the intelligent contract also needs to sacrifice privacy, all processing records can be searched on the block chain, and the application range of the processing records is also limited by data sensitivity. In order to ensure the safety and verifiability of the information on the block chain, the ciphertext calculation of the information on the chain needs to be realized by using the fully homomorphic encryption technology.
The essence of the blockchain is a trust mechanism established by applying cryptographic algorithms and security protocols. In conjunction with cloud computing technology, the services provided by blockchains design aspects of the society. The exposure of data privacy on the blockchain is more and more risky due to the publicization of the data on the blockchain, the internal relevance of the data, the defects of the traditional cryptographic algorithm and the security protocol, and the continuous progress of the big data analysis technology.
Aiming at the problem, the current mode solves the privacy problem in the digital currency transaction process by means of zero knowledge proof, ring signature, mixed currency, homomorphic encryption and the like, thereby generating various encryption currencies.
Zero currency (Zerocash) uses compact non-interactive zero knowledge proof of knowledge technology (zk-SNARKs) and a cryptographic commitment scheme to achieve the goal of hiding both parties to a transaction and the amount of the transaction on a chain of bitcoins. But the scheme does not support homomorphic calculation, and simultaneously proves that the cost of the generation process is high and the efficiency is low.
The menlo money (Monero) uses a connectable ring signature to hide the original information of the transaction, thereby better providing privacy protection for the payer. In order to hide the wallet balance, a commitment scheme is used for hiding. However, the blinding factor adopted by the scheme is specially selected, which may result in lower randomness and lower safety of the scheme.
In 2013, Gregory proposed the Coinjoin mechanism to obfuscate the input and output of transactions. In the simplest case, two users combine two inputs together, making two payments in one transaction. But to participate in the Coinjoin transaction, other users who want to pay must be found at the same time, which greatly reduces the efficiency of the transaction.
In summary, the existing privacy protection scheme for the block chain does not support homomorphic calculation, cannot perform corresponding calculation in a ciphertext state, cannot realize corresponding privacy calculation, and has the problems of safety and efficiency.
Disclosure of Invention
The invention aims to provide a block chain transaction privacy protection method based on homomorphism, which can still perform transaction operation in a state of encrypted money.
The invention discloses a block chain transaction privacy protection method based on homomorphism, which relates to interactive operation between a user and a cloud server, uses a network to transmit data, the user comprises a payer and a payee, and carries out privacy protection on the amount of transaction in the transaction process on a block chain, and the method is characterized by comprising the following steps:
(1) and (3) generating a user key: when a transaction is needed, a payer and a payee in a user determine the transaction amount, and respectively obtain a symmetric encrypted private key and a homomorphic encrypted public key and private key through two algorithms;
(1a) generating a homomorphic key: when a transaction is required, the user invokes a threshold encryption algorithmMethod for generating user private key share in multi-key homomorphic encryption
Figure BDA0002988572250000021
Cloud server private key share
Figure BDA0002988572250000022
And the public key pk of the corresponding private keyH
(1b) Generating a symmetric key: meanwhile, the user calls a symmetric key generation algorithm to generate a symmetric key skS
(2) Encrypting the symmetric key: symmetric key sk generated by encrypting by using multi-key homomorphic encryption algorithmSTo obtain a ciphertext C of the symmetric keyH(skS);
(3) Sending data to a cloud server: user cipher text C of symmetric keyH(skS) And a public key pk for multi-key homomorphic encryptionHMeanwhile, the data is sent to a cloud server through a network, and the cloud server temporarily stores the data;
(4) symmetric encrypted transaction amount: the user uses the symmetric cipher algorithm to encrypt the transaction amount m, and the obtained symmetric encrypted cryptograph C of the transaction amount is obtainedS(m) sending to a cloud server;
(5) and (4) converting the ciphertext: after the cloud server receives the symmetrically encrypted transaction amount ciphertext, the obtained symmetrically encrypted transaction amount ciphertext C is encrypted by using the homomorphic encryption property of multiple keysS(m) cryptogram C of transaction amount converted into homomorphic encryptionH(m);
(6) Balance verification under ciphertext: the payer encrypts the transaction amount by using the public key of the payee, the payee obtains a cryptograph of the homomorphic encrypted transaction amount through ciphertext conversion, the cloud server performs balance verification of the transaction in a cryptograph state by using homomorphic properties, and if the result is equal to 0, the transaction is continued; otherwise, refusing the transaction;
(7) trading operation under ciphertext: after the balance verification result of the transaction is 0, the cloud server uses a cryptograph C of the transaction amount of homomorphic encryption of the transaction userH(m) performing a transaction operation in a ciphertext state to obtain a ciphertextTransaction calculation result CH(f(m));
(8) Decrypting the sign bit for true verification: the cloud server verifies the authenticity of the transaction amount under the ciphertext, and if the transaction is authentic, the true operation result C is obtainedH(f (m)) sending to the payer over the network; otherwise, rejecting the transaction;
(9) uploading to a block chain: cipher text C of transaction amount obtained by cloud server through homomorphic encryptionH(m) uploading to a block chain through a network, wherein in the transmission process and on the block chain, the transaction amount is protected in a ciphertext mode, an attacker cannot check the transaction amount in the whole process, the transaction amount is subjected to privacy calculation in a ciphertext state, the transaction is completed, and a payee receives the transaction amount;
(10) the payer decrypts the ciphertext to check the balance: operation result C of payer for decrypting ciphertext obtained from cloud serverH(f (m)) the account balance of the user can be checked at any time;
(10a) the cloud server shares its private key
Figure BDA0002988572250000031
Sending to the payer;
(10b) cloud server private key share to be obtained by payer
Figure BDA0002988572250000032
And its own private key share
Figure BDA0002988572250000033
Inputting the data into a decryption algorithm to obtain an operation result f (m) in plain text, and checking the account balance at any time;
(10c) in order to protect the security of the transaction, if the payer wants to perform a new transaction, the payer needs to return to performing the steps (1) - (9) to restart the new transaction.
The invention solves the technical problem of privacy disclosure of transactions on the blockchain.
Compared with the prior art, the invention has the following advantages:
the privacy protection of the users on the block chain is realized: the method is characterized in that the transaction amount is encrypted based on homomorphic encryption and symmetric encryption technologies, the transaction amount is protected, an attacker is prevented from viewing transaction information, users on the block chain encrypt the transaction privacy by adopting homomorphic encryption, symmetric encryption and cloud computing assistance and then upload the encrypted transaction privacy, and consensus is achieved through the cloud server, so that the privacy protection of the users on the block chain is realized.
And realizing privacy calculation under a ciphertext: the invention is encrypted based on a homomorphic encryption technology, and the cryptograph of the homomorphic encrypted transaction amount is obtained through cryptograph conversion, so that a user can carry out privacy calculation on the encrypted amount according to transaction requirements, the problem that homomorphic calculation cannot be carried out in the traditional scheme is solved, multi-party transaction is realized under the condition of protecting the privacy of the user, and an attacker cannot obtain the privacy information of the user from encrypted data.
The cloud server is added, the user utilizes the strong computing power and the memory resource of the cloud server to assist in transaction computing without computing by the user, the problems of overlarge computing amount and excessive resource consumption of the local user in the traditional scheme are solved, and the transaction verification and computing are realized through the cloud server under the condition of not consuming excessive local resources.
Drawings
FIG. 1 is a general flow chart of an implementation of the present invention;
fig. 2 is a transaction flow diagram of the present invention.
The invention is described in detail below with reference to the figures and examples
Detailed Description
Example 1
The traditional privacy protection scheme of the block chain does not support homomorphic calculation, cannot perform corresponding calculation in a ciphertext state, and cannot realize corresponding privacy calculation. The invention aims at the problem and provides a block chain transaction privacy protection method based on the homomorphism.
The invention discloses a block chain transaction privacy protection method based on homomorphism, which relates to interactive operation between a user and a cloud server, uses a network to transmit data, wherein the user comprises a payer and a payee, and carries out privacy protection on the amount of transaction in the transaction process on a block chain, and the method comprises the following steps:
(1) user initialization key generation: when a transaction is required, a payer and a payee in a user determine the transaction amount, and respectively obtain a symmetric encrypted private key and a homomorphic encrypted public key and private key through two algorithms.
(1a) Generating a homomorphic key: when transaction is needed, the user calls a threshold encryption algorithm to generate a multi-key homomorphic encryption user private key share
Figure BDA0002988572250000041
Cloud server private key share
Figure BDA0002988572250000042
And the public key pk of the corresponding private keyHFor encrypting the symmetric key.
(1b) Generating a symmetric key: meanwhile, the user calls a symmetric key generation algorithm to generate a symmetric key skSFor encrypting the transaction amount.
(2) Encrypting the symmetric key: symmetric key sk generated by encrypting by using multi-key homomorphic encryption algorithmSTo obtain a ciphertext C of the symmetric keyH(skS)。
(3) Sending data to a cloud server: user cipher text C of symmetric keyH(skS) And a public key pk for multi-key homomorphic encryptionHAnd meanwhile, the data is sent to a cloud server through a network, and the cloud server temporarily stores the data.
(4) Symmetric encrypted transaction amount: the user uses the symmetric cipher algorithm to encrypt the transaction amount m, and the obtained symmetric encrypted cryptograph C of the transaction amount is obtainedSAnd (m) sending to the cloud server.
And (4) executing steps (1) - (4), and finishing generation of homomorphic and symmetric keys by each party of the user and further encrypting.
(5) And (4) converting the ciphertext: after the cloud server receives the symmetrically encrypted transaction amount ciphertext, the obtained symmetrically encrypted transaction amount ciphertext C is encrypted by using the homomorphic encryption property of multiple keysS(m) cryptogram C of transaction amount converted into homomorphic encryptionH(m)。
(6) Balance verification under ciphertext: after the user executes the homomorphic and symmetric key generation and the symmetric key and amount encryption of the payer and the payee respectively, namely, the steps (1) to (4) are executed, the payer encrypts the transaction amount by using the public key of the payee, the payee obtains the cryptograph of the homomorphic encrypted transaction amount through cryptograph conversion, the cloud server performs balance verification of the transaction in the cryptograph state by using homomorphic properties, and if the result is equal to 0, the transaction is continued; otherwise, the transaction is denied.
(7) Trading operation under ciphertext: after the balance verification result of the transaction is 0, the cloud server uses the obtained cryptograph C of the transaction amount for homomorphic encryption of the transaction userH(m) performing a transaction operation in a ciphertext state to obtain a transaction operation result C in the ciphertext stateH(f(m))。
(8) Decrypting the sign bit for true verification: the cloud server verifies the authenticity of the transaction amount under the ciphertext, and if the transaction is authentic, the true operation result C is obtainedH(f (m)) sending over a network to a designated payer; otherwise, the transaction is rejected.
(9) Uploading to a block chain: cipher text C of transaction amount obtained by cloud server through homomorphic encryptionH(m) uploading to a block chain through a network, wherein in the transmission process and on the block chain, the transaction amount is protected in a ciphertext mode, an attacker cannot check the transaction amount in the whole process, and the transaction amount can be subjected to privacy calculation in a ciphertext state when needed, so that the transaction amount cannot be seen, the transaction is completed, and a payee receives the transaction amount.
(10) The payer decrypts the ciphertext to check the balance: operation result C of payer for decrypting ciphertext obtained from cloud serverH(f (m)) the account balance of the user can be checked at any time.
(10a) The cloud server shares its private key
Figure BDA0002988572250000051
Sending to the payer;
(10b) pair ofThe money party obtains the share of the private key of the cloud server
Figure BDA0002988572250000061
And its own private key share
Figure BDA0002988572250000062
Inputting the data into a decryption algorithm to obtain an operation result f (m) in plain text, and checking the account balance at any time;
(10c) in order to protect the security of the transaction, if the payer wants to perform a new transaction, the payer needs to return to performing the steps (1) - (9) to restart the new transaction.
At present, transaction data on a blockchain is open and transparent to all users, but in a big data era, a sharp contradiction exists between privacy protection requirements of the linked data and the technical current situation of the blockchain, so that a novel safety protocol is designed, and the safe operation of each link of the blockchain is ensured, so that the method has extremely important significance for the privacy protection of the linked data.
The invention establishes a safe transaction model based on multi-key homomorphic encryption and symmetric encryption. Due to the fact that encryption protection is conducted on the transaction data, the transaction data on the blockchain cannot be seen by others, and privacy protection on the transaction is achieved. The balance verification and the authenticity verification of the transaction data under the ciphertext are designed, and the transaction authenticity and the transaction effectiveness are verified under the condition that the transaction privacy is not disclosed. The homomorphic encryption of the transaction data enables the transaction to be calculated in a ciphertext state, and is beneficial to application in certain scenes.
Meanwhile, the cloud server is introduced. In encryption or privacy computing, a user can utilize the strong computing power of the cloud server to assist in computing, the problem of overlarge computing amount in the traditional scheme is solved, and local resources of the user are saved.
Therefore, the invention not only realizes the protection of the user transaction privacy on the block chain, but also realizes the calculation of the transaction data under the ciphertext by using homomorphic encryption, thereby solving the requirement of the ciphertext calculation on the block chain.
Example 2
Block chain transaction hiding based on full homomorphismThe privacy protection method is the same as that in embodiment 1, the balance verification in the ciphertext in step (6) is the balance of the cloud server verification transaction, assuming that users A, B, C all participate in the transfer transaction, user a is the payer, user B, C is the payee, and user a wants to transfer the amount mBTransfer the amount m to user BCGiving user C with user A current balance m0,A,m0,A≠mB≠mCThe method comprises the following steps:
(6a) user A encrypts the transfer amount mB,mC: user A encrypts the transfer amount m using the homomorphic encrypted public key of user B, C, respectivelyB,mCTo obtain the cryptographs of the transfer amount corresponding to each
Figure BDA0002988572250000063
And simultaneously sending the data to the cloud server.
(6b) User B, C obtains a homomorphic ciphertext by transforming the ciphertext: user B, C may perform steps (1) - (5) separately to obtain homomorphically encrypted ciphertext of the transfer amount
Figure BDA0002988572250000064
(6c) Balance verification under ciphertext: the cloud server respectively calculates by utilizing homomorphism property
Figure BDA0002988572250000071
And
Figure BDA0002988572250000072
the calculation result is decrypted and verified whether it is equal to 0.
(6d) And (5) result verification: if the result is equal to 0, continuing to carry out the transaction; otherwise, the transaction is denied.
In this example, the payer is user a, and the payee is two users B, C, but the block chain transaction privacy protection method based on the homomorphism of the present invention can extend the payee to multiple users, so that one payer can pay for multiple payees, see fig. 2.
According to the invention, the cloud server confirms the transaction amount in the ciphertext state by using the property of homomorphic encryption, so that the transaction amount is not leaked, and the privacy of a user is ensured. Therefore, the balance of the transaction is guaranteed, and the user is prevented from carrying out fraud transaction, so that the technical scheme of the invention guarantees the transaction to be effective and prevents the user from cheating.
Example 3
The block chain transaction privacy protection method based on the homomorphism is the same as the embodiment 1-2, the transaction operation under the ciphertext in the step (7) of the invention is that the cloud server assists the transaction user to perform the transaction operation, and the amount m to be transferred is assumed to be transferred by the user ABTransfer the amount m to user BCIn the case of user C, this is achieved as follows:
the users A, B, C respectively generate C after respectively operating the steps (1) - (4)H(skS),pkH,CS(m0) And sending the ciphertext to a cloud server, and after the cloud server converts the ciphertext, performing the following steps:
(7a) taking the inverse of the ciphertext and adding 1: the cloud server performs bit-by-bit negation and one addition operation on the transfer amount of the user B, C under the ciphertext of the transfer amount to obtain a negation ciphertext, the negation ciphertext is prepared for transaction operation, and a calculation formula of bit-by-bit negation and one addition is as follows:
user B homomorphically encrypted transfer amount negation ciphertext:
Figure BDA0002988572250000073
user C homomorphically encrypted transfer amount negation ciphertext:
Figure BDA0002988572250000074
Figure BDA0002988572250000075
ciphertext homomorphic encrypted for pair 1 using user B, C public key respectively, wherein
Figure BDA0002988572250000076
To homomorphically encrypt ciphertext 1 using user B's public key,
Figure BDA0002988572250000077
for ciphertext homomorphic encryption of pair 1 using user C public key, (m)n-1,B,...,m0,B) For transferring an amount mBN is the length of the binary representation, (m)n-1,C,...,m0,C) For transferring an amount mCIs represented in a binary representation of (a),
Figure BDA0002988572250000078
amount of money m for account conversionBAs a result of bit-by-bit encryption using the user B public key,
Figure BDA0002988572250000081
amount of money m for account conversionCThe result of bit-by-bit encryption using user C public key.
(7b) Obtaining the result of the transaction operation under the ciphertext: the cloud server calculates a transaction operation result under a ciphertext by using a negation ciphertext obtained by homomorphic operation MKFHE
Figure BDA0002988572250000082
The calculation formula is as follows:
Figure BDA0002988572250000083
in the formula
Figure BDA0002988572250000084
And homomorphically encrypting the ciphertext of the current balance for the user A.
The invention combines a multi-key homomorphic encryption scheme and utilizes the strong computing power of the cloud server to operate the transaction in a ciphertext state. And calculating the current balance of the payer to subtract the transfer amount in a ciphertext state, and updating the account of the payer by using a calculation result in the ciphertext state, so that the privacy of the user is protected, and non-transactants are prevented from inquiring transaction information. Therefore, the technical scheme of the invention realizes the transaction operation and the account updating under the ciphertext.
Example 4
The block chain transaction privacy protection method based on the homomorphism is the same as the embodiment 1-3, the authenticity verification of the decrypted sign bit in the step (8) is to verify the authenticity of the transaction, and the implementation comprises the following steps:
(8a) and extracting a transaction operation result form under the ciphertext: according to the operation result obtained in the step (7b)
Figure BDA0002988572250000085
In the form of bit-by-bit encryption, i.e. cipher text
Figure BDA0002988572250000086
Wherein the nth bit of the most significant bit is the sign bit.
(8b) Decrypting the sign bit for true verification: the user A and the cloud server jointly run the threshold decryption algorithm to decrypt the sign bit of the transaction operation result, and at the moment, the user A and the cloud server simultaneously obtain a decryption value mn-1If m isn-1If 0, the transaction is true, if mn-1If 1, the cloud server rejects the transaction.
In the invention, the transaction amount is binary expressed, and simultaneously, the transaction amount is encrypted bit by combining homomorphic encryption. In the transaction operation result, the sign bit is used for verifying the authenticity of the transaction, so that the payer is ensured to have enough balance to complete the transaction, the payer is prevented from carrying out fraudulent transaction, and the authenticity and effectiveness of the transaction are guaranteed. Therefore, the technical scheme of the invention can ensure the transaction to be real and legal and prevent the transaction from being empty.
A full example is given below to illustrate the invention in more detail.
Example 5
The block chain transaction privacy protection method based on the homomorphism relates to the interaction operation among a network, a user, a block chain and a cloud server, the user and the cloud server use the network for data transmission, the user comprises a payer and a payee, and the privacy protection is carried out on the amount of a transaction in the transaction process on the block chain, referring to fig. 1, and the method comprises the following steps:
(1) user initialization key generation: when a transaction is required, a payer and a payee in a user determine the transaction amount, and respectively obtain a symmetric encrypted private key and a homomorphic encrypted public key and private key through two algorithms.
(1a) Generating a homomorphic key: when transaction is needed, the user calls a threshold encryption algorithm to generate a multi-key homomorphic encryption user private key share
Figure BDA0002988572250000091
Cloud server private key share
Figure BDA0002988572250000092
And the public key pk of the corresponding private keyHFor encrypting the symmetric key.
(1b) Generating a symmetric key: meanwhile, the user calls a symmetric key generation algorithm to generate a symmetric key skSFor encrypting the transaction amount.
(2) Encrypting the symmetric key: symmetric key sk generated by encrypting by using multi-key homomorphic encryption algorithmSTo obtain a ciphertext C of the symmetric keyH(skS)。
In this embodiment, for example, BGV multi-key homomorphic encryption is implemented, which includes the following steps:
(2a) the user obtains a public key of BGV multi-key homomorphic encryption:
pkH=[az+pe,a]=[b,a]
wherein
Figure BDA0002988572250000093
For randomly selected vectors, the user's private key
Figure BDA0002988572250000094
p is the sum of the modulus of each layer qlL is a small integer of { 0.,. L } prime, e is the distribution from errors
Figure BDA0002988572250000095
Of the randomly selected vector.
(2b) Encrypting the symmetric key skSAnd calculating the ciphertext of the ciphertext by the following calculation formula:
Figure BDA0002988572250000096
where r, e, e' are randomly selected elements from the error distribution χ.
(3) Sending data to a cloud server: user cipher text C of symmetric keyH(skS) And a public key pk for multi-key homomorphic encryptionHAnd meanwhile, the data is sent to a cloud server through a network, and the cloud server temporarily stores the data.
(4) Symmetric encrypted transaction amount: the user uses the symmetric cipher algorithm to encrypt the transaction amount m, and the obtained symmetric encrypted cryptograph C of the transaction amount is obtainedSAnd (m) sending to the cloud server.
And (4) executing steps (1) - (4), and finishing generation of homomorphic and symmetric keys by each party of the user and further encrypting.
(5) And (4) converting the ciphertext: after the cloud server receives the symmetrically encrypted transaction amount ciphertext, the obtained symmetrically encrypted transaction amount ciphertext C is encrypted by using the homomorphic encryption property of multiple keysS(m) cryptogram C of transaction amount converted into homomorphic encryptionH(m)。
(6) Balance verification under ciphertext: after the user executes the homomorphic and symmetric key generation and the symmetric key and amount encryption of the payer and the payee respectively, namely, the steps (1) to (4) are executed, the payer encrypts the transaction amount by using the public key of the payee, the cloud server obtains the cryptograph of the homomorphic encrypted transaction amount of the payee through cryptograph conversion, the balance verification of the transaction is carried out in the cryptograph state by using homomorphic properties, and if the result is equal to 0, the transaction is continued; otherwise, the transaction is denied.
Suppose users A, B, C all participate in the transfer transaction, user A is the payer, user B, C is the payee, and user A wants to transfer mBTransfer the amount m to user BCGiving user C with user A current balance m0,A,m0,A≠mB≠mCThe method comprises the following steps:
(6a) user A encrypts the transfer amount mB,mC: user A encrypts the transfer amount m using the homomorphic encrypted public key of user B, C, respectivelyB,mCTo obtain the cryptographs of the transfer amount corresponding to each
Figure BDA0002988572250000101
And simultaneously sending the data to the cloud server.
(6b) User B, C obtains a homomorphic ciphertext by transforming the ciphertext: user B, C may perform steps (1) - (5) separately to obtain homomorphically encrypted ciphertext of the transfer amount
Figure BDA0002988572250000102
(6c) Balance verification under ciphertext: the cloud server respectively calculates by utilizing homomorphism property
Figure BDA0002988572250000103
And
Figure BDA0002988572250000104
the calculation result is decrypted and verified whether it is equal to 0.
(6d) And (5) result verification: if the result is equal to 0, continuing to carry out the transaction; otherwise, the transaction is denied.
(7) Trading operation under ciphertext: after the balance verification result of the transaction is 0, the cloud server uses the obtained cryptograph C of the transaction amount for homomorphic encryption of the transaction userH(m) performing a transaction operation in a ciphertext state to obtain a transaction operation result C in the ciphertext stateH(f(m))。
Suppose that user A wants to transfer an amount mBTransfer the amount m to user BCIn the case of user C, this is achieved as follows:
(7a) taking the inverse of the ciphertext and adding 1: the cloud server performs bit-by-bit negation and one addition operation on the transfer amount of the user B, C under the ciphertext of the transfer amount to obtain a negation ciphertext, the negation ciphertext is prepared for transaction operation, and a calculation formula of bit-by-bit negation and one addition is as follows:
user B homomorphically encrypted transfer amount negation ciphertext:
Figure BDA0002988572250000111
user C homomorphically encrypted transfer amount negation ciphertext:
Figure BDA0002988572250000112
wherein
Figure BDA0002988572250000113
Ciphertext homomorphic encrypted for pair 1 using user B, C public key respectively, wherein
Figure BDA0002988572250000114
To homomorphically encrypt ciphertext 1 using user B's public key,
Figure BDA0002988572250000115
for ciphertext homomorphic encryption of pair 1 using user C public key, (m)n-1,B,...,m0,B) For transferring an amount mBN is the length of the binary representation, (m)n-1,C,...,m0,C) For transferring an amount mCIs represented in a binary representation of (a),
Figure BDA0002988572250000116
amount of money m for account conversionBAs a result of bit-by-bit encryption using the user B public key,
Figure BDA0002988572250000117
amount of money m for account conversionCThe result of bit-by-bit encryption using user C public key.
(7b) Obtaining the result of the transaction operation under the ciphertext: the cloud server calculates a transaction operation result under a ciphertext by using a negation ciphertext obtained by homomorphic operation MKFHE
Figure BDA0002988572250000118
The calculation formula is as follows:
Figure BDA0002988572250000119
in the formula
Figure BDA00029885722500001110
And homomorphically encrypting the ciphertext of the current balance for the user A.
(8) Decrypting the sign bit for true verification: the cloud server verifies the authenticity of the transaction amount under the ciphertext, and if the transaction is authentic, the true operation result C is obtainedH(f (m)) sending over a network to a designated payer; otherwise, the transaction is rejected.
The decryption sign bit is used for verifying the authenticity of the transaction, and the implementation comprises the following steps:
(8a) and extracting a transaction operation result form under the ciphertext: according to the operation result obtained in the step (7b)
Figure BDA00029885722500001111
In the form of bit-by-bit encryption, i.e. cipher text
Figure BDA00029885722500001112
Wherein the nth bit of the most significant bit is the sign bit.
(8b) Decrypting the sign bit for true verification: the user A and the cloud server jointly run the threshold decryption algorithm to decrypt the sign bit of the transaction operation result, and at the moment, the user A and the cloud server simultaneously obtain a decryption value mn-1If m isn-1If 0, the transaction is true, if mn-1If 1, the cloud server rejects the transaction.
(9) Uploading to a block chain: cipher text C of transaction amount obtained by cloud server through homomorphic encryptionH(m) uploading to the block chain through the network, wherein the transaction amount is protected in a ciphertext mode in the transmission process and the block chain, and an attacker cannot check the transaction amount in the whole processWhen needed, the transaction amount can be calculated in a privacy mode in a ciphertext state, so that the transaction amount is invisible, the transaction is completed, and the payee receives the transaction amount.
(10) The payer decrypts the ciphertext to check the balance: operation result C of payer for decrypting ciphertext obtained from cloud serverH(f (m)) the account balance of the user can be checked at any time.
(10a) The cloud server shares its private key
Figure BDA0002988572250000121
And sent to the payer.
(10b) Cloud server private key share to be obtained by payer
Figure BDA0002988572250000122
And its own private key share
Figure BDA0002988572250000123
And inputting the data into a decryption algorithm to obtain an operation result f (m) in plain text, and checking the account balance at any time.
The user decrypts the calculation result, which is implemented as follows:
(10b1) private key sk with which user A, B, C respectively extends its homomorphic encryptionH=(1,-zl,j) The extended private key is s'l,j=(1,-zl,j,0,...,0)。
(10b2) The user A, B, C calculates the result of step (8g) separately
Figure BDA0002988572250000124
And performing semi-decryption, wherein the calculation formula is as follows:
c'j=(cj,0)=(<c,s'l,j>,0)=(bl-al,j·zl,j,0)
(10b3) user A, B, C respectively utilizes a cloud server to use user A's homomorphic encrypted public key
Figure BDA0002988572250000125
Encryption 0, the calculation formula is as follows:
Figure BDA0002988572250000126
(10b4) user A, B, C will decrypt results and c, respectivelyAAddition, i.e. c "j=(bl-al,j·zl,j+bl,A,al,A) And the result is sent to the user a.
(10b5) User A calculates csum=c”A+c”B+c”C
(10b6) User A pair
Figure BDA0002988572250000127
Decryption is carried out, and the calculation formula is as follows:
m1,A=(csum-(k-1)bl)·sl,A
where k is the number of users participating in the transaction, in this example k equals 3.
(10c) In order to protect the security of the transaction, if the payer wants to perform a new transaction, the payer needs to return to performing the steps (1) - (9) to restart the new transaction.
The invention mainly solves the problem that the transparent disclosure of transaction data in the existing block chain needs privacy protection. The implementation scheme is as follows: generating a user key; the user encrypts the generated symmetric key by using a multi-key homomorphic encryption algorithm; the user encrypts the transaction amount m by using a symmetric cryptographic algorithm; the cloud server converts the cryptograph of the symmetrically encrypted transaction amount into the cryptograph of the homomorphic encrypted transaction amount; the cloud server performs balance verification under the ciphertext; the cloud server carries out transaction operation under the ciphertext; the cloud server decrypts the sign bit of the transaction operation result to carry out real verification; and the cloud server uploads the cryptograph of the transaction amount encrypted in the same state to the block chain. The invention can protect the transaction information in the block chain, prevent information leakage, calculate the transaction amount in an encrypted state, and can be used for hiding the transaction information on the block chain.
The following provides a more detailed example from the theoretical implementation and will be described with reference to the technical effects of the present invention.
Example 6
The block chain transaction privacy protection method based on the homomorphism is the same as the embodiment 1-5, referring to fig. 1, and comprises the following steps:
step 1, initialization
1.1) the user calls the threshold encryption algorithm to generate the user private key share in the multi-key homomorphic encryption algorithm
Figure BDA0002988572250000131
Cloud server private key share
Figure BDA0002988572250000132
And the corresponding public key pkH
1.2) the user calls the symmetric key generation algorithm to generate the symmetric key skS
Step 2, encrypting the symmetric key skSHere, a BGV multi-key homomorphic encryption algorithm is taken as an example.
2.1) the user obtains the public key of BGV multi-key homomorphic encryption:
pkH=[az+pe,a]=[b,a]
wherein
Figure BDA0002988572250000133
For randomly selected vectors, the user's private key
Figure BDA0002988572250000134
p is the sum of the modulus of each layer qlL is a small integer of { 0.,. L } prime, e is the distribution from errors
Figure BDA0002988572250000135
Of the randomly selected vector.
2.2) encrypting the symmetric Key skSCalculating its ciphertext CH(skS) The calculation formula is as follows:
Figure BDA0002988572250000136
where r, e, e' are randomly selected elements from the error distribution χ.
Step 3, the user encrypts the ciphertext C of the symmetric keyH(skS) And a public key pk for multi-key homomorphic encryptionHAnd sending the data to the cloud server.
Step 4, the user encrypts the transaction amount m by using a symmetric cryptographic algorithm, and the obtained symmetric encrypted ciphertext CSAnd (m) sending to the cloud server.
Step 5, the cloud server utilizes the property of homomorphic encryption to obtain a symmetric encrypted ciphertext C of the transaction amountS(m) ciphertext C transformed to homomorphic encryptionH(m)。
And 6, balance verification.
Suppose user A wants to transfer mBTransferring money to user BCAmount is given to user C, and the rest amount is m0,A
6.1) user A encrypts the transfer amount m using the homomorphic encrypted public key of user B, CB,mCTo obtain its cipher text
Figure BDA0002988572250000141
And sending the data to the cloud server.
6.2) user B, C runs steps (1) - (5) respectively to obtain ciphertext
Figure BDA0002988572250000142
6.3) the servers use the homomorphism to calculate respectively
Figure BDA0002988572250000143
The calculation result is decrypted and verified whether it is equal to 0.
6.4) if the result is equal to 0, continuing to carry out the transaction; otherwise, the transaction is denied.
And 7, performing transaction operation.
7.1) user A, B, C each executes steps (1) - (4) to generate CH(skS),pkH,CS(m0) And sending the data to the cloud server.
7.2) cloud Server associates C of user A, B, CS(m) converting the result into a multi-key homomorphic encrypted ciphertext, wherein the calculation formula is as follows:
CH(m)=H.Eval(S.Dec(CS(m),CH(skS),pkH)
7.3) the cloud server performs bit-by-bit negation plus one operation on the homomorphic encrypted bit cipher text of the user B, C, and the calculation formula is as follows:
Figure BDA0002988572250000144
wherein
Figure BDA0002988572250000151
Ciphertext being a homomorphic encryption of 1, cB,CNegation ciphertext of transfer amount homomorphically encrypted for user B, C, such that cloud server obtains ctj={cj,{j},l},j=A,B,C。
7.4) cloud Server will ctjExtending to the set S, S ═ a, B, C, and is calculated as follows:
Figure BDA0002988572250000152
7.5) cloud Server computing Using homomorphic operation MKFHE
Figure BDA0002988572250000153
And 8, verifying authenticity.
8.1) based on the obtained calculation results
Figure BDA0002988572250000154
In the form of bit-by-bit encryption, i.e. cipher text
Figure BDA0002988572250000155
Wherein the nth bit of the highest bit is symbolAnd (6) number bit.
8.2) the user A and the cloud server jointly run a threshold decryption algorithm to decrypt the sign bit, and at the moment, the user A and the cloud server simultaneously obtain a decryption value mn-1If m isn-1If 0, the transaction is true, if mn-1If 1, the cloud server rejects the transaction.
Step 9, the cloud server uses the obtained homomorphic encrypted ciphertext CH(m) uploading to a blockchain to enable invisibility of transaction amounts while satisfying privacy calculations.
And step 10, decrypting by the user.
10.1) cloud Server shares its own private Key
Figure BDA0002988572250000156
And sending the data to the user.
10.2) user A, B, C separately extends its homomorphic encrypted private key skH=(1,-zl,j) The extended private key is s'l,j=(1,-zl,j,0,...,0)。
10.3) user A, B, C separately for the calculated results
Figure BDA0002988572250000157
And performing semi-decryption, wherein the calculation formula is as follows:
c'j=(cj,0)=(<c,s'l,j>,0)=(bl-al,j·zl,j,0)
10.4) user A, B, C respectively utilize the cloud server to use user A's homomorphic encrypted public key
Figure BDA0002988572250000158
Encryption 0, the calculation formula is as follows:
Figure BDA0002988572250000161
10.5) user A, B, C will half decrypt the result and c, respectivelyAAdd, i.e. to
c”j=(bl-al,j·zl,j+bl,A,al,A) And the result is sent to the user a.
10.6) user A calculates csum=c”A+c”B+c”C
10.7) user A Pair
Figure BDA0002988572250000162
Decryption is carried out, and the calculation formula is as follows:
m1,A=(csum-(k-1)bl)·sl,A
where k is the number of users participating in the transaction, in this example k equals 3.
10.8) to protect the security of the transaction, steps (1) - (9) need to be re-run if the user wants to make a new transaction.
In summary, the invention discloses a block chain transaction privacy protection method based on homomorphism, which solves the problem that privacy protection is needed when transaction data in the existing block chain is transparently disclosed. The implementation scheme is as follows: generating a user key; encrypting the symmetric key; sending data to a cloud server; symmetrically encrypting the transaction amount; converting the ciphertext; balance verification under a ciphertext; performing transaction operation under the ciphertext; decrypting the sign bit for true verification; uploading to a block chain; the payer decrypts the ciphertext to check the balance of the payer, and privacy protection in the block chain transaction process is achieved. The invention protects the transaction information by applying homomorphic encryption, realizes transaction privacy calculation under a ciphertext and prevents the transaction information from being acquired by an attacker. The invention can protect the transaction information in the block chain, prevent information leakage, calculate the transaction amount in an encrypted state, and can be used for hiding the transaction information on the block chain.

Claims (4)

1. A block chain transaction privacy protection method based on homomorphism relates to interactive operation between a user and a cloud server, data transmission is carried out by using a network, the user comprises a payer and a payee, and privacy protection is carried out on the amount of transaction in the transaction process on a block chain, and the method is characterized by comprising the following steps:
(1) and (3) generating a user key: when a transaction is needed, a payer and a payee in a user determine the transaction amount, and respectively obtain a symmetric encrypted private key and a homomorphic encrypted public key and private key through two algorithms;
(1a) generating a homomorphic key: when transaction is needed, the user calls a threshold encryption algorithm to generate a multi-key homomorphic encryption user private key share
Figure FDA0002988572240000011
Cloud server private key share
Figure FDA0002988572240000012
And the public key pk of the corresponding private keyH
(1b) Generating a symmetric key: meanwhile, the user calls a symmetric key generation algorithm to generate a symmetric key skS
(2) Encrypting the symmetric key: symmetric key sk generated by encrypting by using multi-key homomorphic encryption algorithmSTo obtain a ciphertext C of the symmetric keyH(skS);
(3) Sending data to a cloud server: user cipher text C of symmetric keyH(skS) And a public key pk for multi-key homomorphic encryptionHMeanwhile, the data is sent to a cloud server through a network, and the cloud server temporarily stores the data;
(4) symmetric encrypted transaction amount:
the user uses the symmetric cipher algorithm to encrypt the transaction amount m, and the obtained symmetric encrypted cryptograph C of the transaction amount is obtainedS(m) sending to a cloud server;
(5) and (4) converting the ciphertext: after the cloud server receives the symmetrically encrypted transaction amount ciphertext, the obtained symmetrically encrypted transaction amount ciphertext C is encrypted by using the homomorphic encryption property of multiple keysS(m) cryptogram C of transaction amount converted into homomorphic encryptionH(m);
(6) Balance verification under ciphertext: the payer encrypts the transaction amount by using the public key of the payee, the payee obtains a cryptograph of the homomorphic encrypted transaction amount through cryptograph conversion, the cloud server performs balance verification of the transaction in a cryptograph state by using homomorphic properties, and if the result is equal to 0, the transaction is continued; otherwise, refusing the transaction;
(7) trading operation under ciphertext: after the balance verification result of the transaction is 0, the cloud server uses a cryptograph C of the transaction amount of homomorphic encryption of the transaction userH(m) performing a transaction operation in a ciphertext state to obtain a transaction operation result C in the ciphertext stateH(f(m));
(8) Decrypting the sign bit for true verification: the cloud server verifies the authenticity of the transaction amount under the ciphertext, and if the transaction is authentic, the true operation result C is obtainedH(f (m)) sending to the payer over the network; otherwise, rejecting the transaction;
(9) uploading to a block chain: cipher text C of transaction amount obtained by cloud server through homomorphic encryptionH(m) uploading to a block chain through a network, wherein in the transmission process and on the block chain, the transaction amount is protected in a ciphertext mode, an attacker cannot check the transaction amount in the whole process, the transaction amount is subjected to privacy calculation in a ciphertext state, the transaction is completed, and a payee receives the transaction amount;
(10) the payer decrypts the ciphertext to check the balance: operation result C of payer for decrypting ciphertext obtained from cloud serverH(f (m)) the account balance of the user can be checked at any time;
(10a) the cloud server shares its private key
Figure FDA0002988572240000021
Sending to the payer;
(10b) cloud server private key share to be obtained by payer
Figure FDA0002988572240000022
And its own private key share
Figure FDA0002988572240000023
Inputting the data into a decryption algorithm to obtain an operation result f (m) in plain text, and checking the account balance at any time;
(10c) in order to protect the security of the transaction, if the payer wants to perform a new transaction, the payer needs to return to performing the steps (1) - (9) to restart the new transaction.
2. The block chain transaction privacy protection method based on homomorphism in claim 1, wherein the balance verification in the ciphertext in step (6) is that the cloud server verifies the balance of the transaction, assuming that users A, B, C all participate in the transfer transaction, user a is a payer, user B, C is a payee, and user a wants to transfer the amount mBTransfer the amount m to user BCGiving user C with user A current balance m0,A,m0,A≠mB≠mCThe method comprises the following steps:
(6a) user A encrypts the transfer amount mB,mC: user A encrypts the transfer amount m using the homomorphic encrypted public key of user B, C, respectivelyB,mCTo obtain the cryptographs of the transfer amount corresponding to each
Figure FDA0002988572240000024
Simultaneously sending the data to a cloud server;
(6b) user B, C obtains a homomorphic ciphertext by transforming the ciphertext: user B, C may perform steps (1) - (5) separately to obtain homomorphically encrypted ciphertext of the transfer amount
Figure FDA0002988572240000025
(6c) Balance verification under ciphertext: the cloud server respectively calculates by utilizing homomorphism property
Figure FDA0002988572240000026
And
Figure FDA0002988572240000027
decrypting the calculation result and verifying whether the calculation result is equal to 0;
(6d) and (5) result verification: if the result is equal to 0, continuing to carry out the transaction; otherwise, the transaction is denied.
3. The block chain transaction privacy protection method based on homomorphism of claim 1, wherein the transaction operation under the ciphertext in the step (7) is that the cloud server assists the transaction user in performing the transaction operation, assuming that the user A wants to transfer the amount mBTransfer the amount m to user BCIn the case of user C, this is achieved as follows:
(7a) taking the inverse of the ciphertext and adding 1: the cloud server performs bit-by-bit negation and one addition operation on the transfer amount of the user B, C under the ciphertext of the transfer amount to obtain a negation ciphertext, and a calculation formula of bit-by-bit negation and one addition is as follows:
user B homomorphically encrypted transfer amount negation ciphertext:
Figure FDA0002988572240000031
user C homomorphically encrypted transfer amount negation ciphertext:
Figure FDA0002988572240000032
wherein
Figure FDA0002988572240000033
To homomorphically encrypt ciphertext 1 using user B's public key,
Figure FDA0002988572240000034
for ciphertext homomorphic encryption of pair 1 using user C public key, (m)n-1,B,...,m0,B) For transferring an amount mBN is the length of the binary representation, (m)n-1,C,...,m0,C) For transferring an amount mCIs represented in a binary representation of (a),
Figure FDA0002988572240000035
amount of money m for account conversionBAs a result of bit-by-bit encryption using the user B public key,
Figure FDA0002988572240000036
amount of money m for account conversionCUsing the public key of the user C to encrypt the result bit by bit;
(7b) obtaining the result of the transaction operation under the ciphertext: the cloud server calculates a transaction operation result under a ciphertext by using a negation ciphertext obtained by homomorphic operation MKFHE
Figure FDA0002988572240000037
The calculation formula is as follows:
Figure FDA0002988572240000038
in the formula
Figure FDA0002988572240000039
And homomorphically encrypting the ciphertext of the current balance for the user A.
4. The block chain transaction privacy protection method based on homomorphism according to claim 1, wherein the true verification of the decryption sign bit in step (8) is to verify the transaction authenticity, and the implementation includes the following steps:
(8a) and extracting a transaction operation result form under the ciphertext: according to the operation result obtained in the step (7b)
Figure FDA00029885722400000310
In the form of bit-by-bit encryption, i.e. cipher text
Figure FDA00029885722400000311
Wherein the nth bit of the highest bit is a sign bit;
(8b) decrypting the sign bit for true verification: the user A and the cloud server jointly run the threshold decryption algorithm to decrypt the sign bit of the transaction operation result, and at the moment, the user A and the cloud server simultaneously obtain a decryption value mn-1If m isn-1If 0, the transaction is true, if mn-1If 1, the cloud server rejects the transaction.
CN202110308482.7A 2021-03-23 2021-03-23 Block chain transaction privacy protection method based on full homomorphism Active CN113159745B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110308482.7A CN113159745B (en) 2021-03-23 2021-03-23 Block chain transaction privacy protection method based on full homomorphism

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110308482.7A CN113159745B (en) 2021-03-23 2021-03-23 Block chain transaction privacy protection method based on full homomorphism

Publications (2)

Publication Number Publication Date
CN113159745A true CN113159745A (en) 2021-07-23
CN113159745B CN113159745B (en) 2023-06-16

Family

ID=76888198

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110308482.7A Active CN113159745B (en) 2021-03-23 2021-03-23 Block chain transaction privacy protection method based on full homomorphism

Country Status (1)

Country Link
CN (1) CN113159745B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113643134A (en) * 2021-08-24 2021-11-12 杭州云象网络技术有限公司 Internet of things block chain transaction method and system based on multi-key homomorphic encryption
CN114143311A (en) * 2021-11-03 2022-03-04 深圳前海微众银行股份有限公司 Privacy protection scheme aggregation method and device based on block chain

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106549749A (en) * 2016-12-06 2017-03-29 杭州趣链科技有限公司 A kind of block chain method for secret protection encrypted based on additive homomorphism
US20200074459A1 (en) * 2018-08-30 2020-03-05 Alibaba Group Holding Limited Method, apparatus and electronic device for blockchain transactions
CN111191280A (en) * 2019-12-24 2020-05-22 远光软件股份有限公司 Block chain transaction method based on encrypted data, electronic equipment and storage medium
WO2020253234A1 (en) * 2019-06-18 2020-12-24 创新先进技术有限公司 Data homomorphic encryption and decryption method and apparatus for implementing privacy protection

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106549749A (en) * 2016-12-06 2017-03-29 杭州趣链科技有限公司 A kind of block chain method for secret protection encrypted based on additive homomorphism
US20200074459A1 (en) * 2018-08-30 2020-03-05 Alibaba Group Holding Limited Method, apparatus and electronic device for blockchain transactions
WO2020253234A1 (en) * 2019-06-18 2020-12-24 创新先进技术有限公司 Data homomorphic encryption and decryption method and apparatus for implementing privacy protection
CN111191280A (en) * 2019-12-24 2020-05-22 远光软件股份有限公司 Block chain transaction method based on encrypted data, electronic equipment and storage medium

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Y. DU等: "Towards Privacy-assured and Lightweight On-chain Auditing of Decentralized Storage", 《2020 IEEE 40TH INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING SYSTEMS 》 *
仝秦玮等: "一种基于智能合约的全同态加密方法", 网络空间安全, no. 09 *
李龚亮等: "基于零知识证明的区块链隐私保护算法", 华中科技大学学报(自然科学版), no. 07 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113643134A (en) * 2021-08-24 2021-11-12 杭州云象网络技术有限公司 Internet of things block chain transaction method and system based on multi-key homomorphic encryption
CN113643134B (en) * 2021-08-24 2023-08-25 杭州云象网络技术有限公司 Internet of things blockchain transaction method and system based on multi-key homomorphic encryption
CN114143311A (en) * 2021-11-03 2022-03-04 深圳前海微众银行股份有限公司 Privacy protection scheme aggregation method and device based on block chain

Also Published As

Publication number Publication date
CN113159745B (en) 2023-06-16

Similar Documents

Publication Publication Date Title
US11936774B2 (en) Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
CN113364576B (en) Data encryption evidence storing and sharing method based on block chain
CN107392603B (en) Transaction method and apparatus using digital money
JPH1041932A (en) Ciphering key recovery method and equipment
CN109919611B (en) Quantum computation resistant blockchain transaction method and system based on symmetric key pool server
CN113159745B (en) Block chain transaction privacy protection method based on full homomorphism
Niu et al. A third-party E-payment protocol based on quantum multi-proxy blind signature
CN112470423A (en) Computer-implemented system and method for asset blending
Mangipudi et al. Towards automatically penalizing multimedia breaches
CN109660344B (en) Anti-quantum computation block chain transaction method and system based on asymmetric key pool routing device
CN110971403A (en) Anti-quantum computation blockchain system based on secret shared public key pool and transaction method
Sarkar et al. A multi-instance cancelable fingerprint biometric based secure session key agreement protocol employing elliptic curve cryptography and a double hash function
Sui et al. AuxChannel: Enabling efficient bi-directional channel for scriptless blockchains
Lou et al. A weak quantum blind signature with entanglement permutation
Abadi et al. Payment with Dispute Resolution: A Protocol for Reimbursing Frauds Victims
Gou et al. An improved E-payment protocol based on quantum blind signature without entanglement
Reddy et al. Block Chain for Financial Application using IOT
CN113330712A (en) Encryption system and method using permutation group-based encryption technology
US20230186296A1 (en) Enabling confidential and non-confidential transactions on a digital token architecture
EP4181457A1 (en) Quantum based method and system for performing cryptocurrency asset transactions
Yang et al. Discretionary Access Control Method to Protect Blockchain Privacy
CN116094726A (en) Partially blind signature method and system based on lattice public key cryptography
Li et al. Efficient Quantum Signature and Its Application in On-line Quantum Payment System
NAZZIWA APPLICATION FRAMEWORK FOR ENCRYPTING DATA FOR CLOUD TRANSMISSION USING A HOMOMORPHIC TOKEN
Khelifi et al. Open Source Cryptographic Algorithm to Better Secure E-Banking Services and Enhance its Protection Techniques

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant