CN113222591B - Fair two-party negotiation method and system based on block chain - Google Patents

Fair two-party negotiation method and system based on block chain Download PDF

Info

Publication number
CN113222591B
CN113222591B CN202011547454.2A CN202011547454A CN113222591B CN 113222591 B CN113222591 B CN 113222591B CN 202011547454 A CN202011547454 A CN 202011547454A CN 113222591 B CN113222591 B CN 113222591B
Authority
CN
China
Prior art keywords
party
output
deposit
input
block chain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011547454.2A
Other languages
Chinese (zh)
Other versions
CN113222591A (en
Inventor
詹茁
曾兵
金茁
李东
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
South China University of Technology SCUT
Original Assignee
South China University of Technology SCUT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by South China University of Technology SCUT filed Critical South China University of Technology SCUT
Priority to CN202011547454.2A priority Critical patent/CN113222591B/en
Publication of CN113222591A publication Critical patent/CN113222591A/en
Application granted granted Critical
Publication of CN113222591B publication Critical patent/CN113222591B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a block chain-based fair two-party negotiation method and a block chain-based fair two-party negotiation system, wherein the method comprises the following steps of: 1. an initialization stage: the first party P1 and the second party P2 negotiate a determining function f'; 2. a confusion stage: p1, constructing a confusion circuit by the function f', and obtaining a confusion circuit file, an input comparison table and an output comparison table; 3. an input stage: the first party and the second party use the input comparison table to encrypt respective input data into an obfuscated input; 4. an execution stage: the second party using the obfuscated input to execute the obfuscated circuit to obtain an obfuscated output; 5. a commitment stage: the first party calculates the commitment of the output comparison table and sends the commitment of the output comparison table to the second party; 6. the first party pays a first party deposit and publishes a verification algorithm on the blockchain, and the second party pays a second party deposit and publishes a verification algorithm on the blockchain; 7. a claiming stage; 8. a refund stage; 9. the first party and the second party respectively decrypt and confuse the output to obtain a protocol result.

Description

Fair two-party negotiation method and system based on block chain
Technical Field
The invention relates to the field of secure multiparty computation, in particular to a block chain-based fair two-party negotiation method and system.
Background
Secure multi-party computing is an important privacy protection technique that allows multiple parties to jointly compute using their respective private data and ensures that the private data of each party is not available to other parties. The garbled circuit protocol is a classical two-way computing protocol first proposed by Yao, andrew C in "Protocols for secure computers," 23rd annual simple on bases of computer science (sfcs 1982), IEEE, 1982. The garbled circuit protocol constructs an arbitrary algorithm as a garbled circuit from the level of the underlying logic circuit, and one part constructing the garbled circuit is called a garbled party and the other part is called an evaluator. After the confusion party constructs the confusion circuit, the two parties encrypt respective private inputs into confusion inputs; then, the evaluator executes the confusion circuit by using the confusion input to obtain the confusion output, and any information of the privacy input cannot be obtained in the calculation process; finally, both parties decrypt and confuse and output to obtain a calculation result.
Although the confusion circuit protocol can ensure privacy protection, the fairness that both parties obtain the protocol result cannot be ensured. Fairness of the protocol means that either all participants of the protocol can get the result of the protocol or none of the participants gets the result of the protocol. In the final decryption stage of the garbled circuit protocol, both parties can decrypt independently only by acquiring the data of the other party. Then the party that first obtained the partner data may exit the agreement or provide the wrong data, thereby preventing the partner from obtaining the outcome of the agreement. Gao H, ma Z, luo S et al in Bfr-mpc: a block-based face and robust multi-party calculation scheme [ J ]. IEEE Access,2019,7:110439-110450, a block chain-based fair multi-party calculation scheme is proposed, fairness in a Yao's circuit protocol process is guaranteed through a block chain technology, however, the scheme still depends on a credible third party, a completely credible third party does not exist in the real world, and malicious behaviors of the third party inevitably destroy the fairness of the protocol.
Disclosure of Invention
The invention aims to provide a block chain-based fair two-party negotiation method, aiming at the defects of the prior art, which executes the process of data exchange in the garbled circuit protocol on a block chain and punishs the behavior of a malicious destruction protocol in digital currency, thereby ensuring that both parties can obtain the result of the protocol. The invention also discloses a two-party negotiation system based on the block chain.
The invention is realized by at least one of the following technical schemes.
A block chain based fair two-party negotiation method, the method comprises the following steps:
step1, initialization stage: the first party P1 and the second party P2 negotiate a deterministic function f', P1 prepares the secret data x input to the first party 1 P2 preparing for entry of private data x of the second party 2 A position array L and a characteristic value V;
step2, confusion phase: p1, constructing the function f' into an obfuscated circuit to obtain an obfuscated circuit file
Figure BDA0002856083170000021
Input look-up table T in And output comparison table T out
Step3, input stage: the first party P1 and the second party P2 use the input look-up table T in Encrypting respective input data as obfuscated inputs;
step4, an execution phase: the second party P2 performs the garbled circuit using the garbled input to obtain a garbled output
Figure BDA0002856083170000022
Step5, a commitment stage: first party P1 calculation output comparison table T out And sends an output look-up table T out To the second party P2; second party P2 computing obfuscated outputs
Figure BDA0002856083170000023
And send the obfuscated output
Figure BDA0002856083170000024
To the first party P1;
step6, deposit stage: the first party P1 pays the first party deposit q on the blockchain 1 And publishes an authentication algorithm phi 1 The second party P2 pays the second party deposit q on the blockchain 2 And publishes verification algorithm phi 2
Step7, claim phase: first party P1 publishes output comparison table T on block chain out Satisfy phi 2 (T out ) =1, thereby obtaining a second party deposit q 2 And executing Step9; second party P2 publishes obfuscated outputs on blockchains
Figure BDA0002856083170000026
Satisfy the requirements of
Figure BDA0002856083170000025
Thereby obtaining a first party deposit q 1 And executing Step9;
step8, refund stage: in Step6, if the first party P1 does not yet publish the output lookup table T within the set time out The second party P2 deposits a deposit q on the second party 2 Retrieving; if the second party P2 has not yet published the obfuscated output
Figure BDA0002856083170000027
The first partyP1 deposit the first party q 1 Retrieving;
step9, output stage: the first party P1 and the second party P2 respectively decrypt and confuse the output to obtain a protocol result.
Preferably, the specific details of the initialization in Step1 are as follows: function f' (x) 1 ,x 2 L, V) are as follows:
f′(x 1 ,x 2 ,L,V)=g(f(x 1 ,x 2 ),L,V)
f′(x 1 ,x 2 l, V) first calculate the first party P1 and second party P2 calculation functions f (x) 1 ,x 2 ) The result is noted as y, and then the result y is transmitted into a function g, and a feature value V is inserted into y according to a position array L in the function g (y, L, V).
Preferably, step2 is specifically: according to the Boolean circuit corresponding to the function f', all values in an input line, an output line and an internal line in the Boolean circuit are replaced by symmetric keys which are randomly generated and are not equal to each other; each logic gate is replaced by a cipher text set, each item in the cipher text set corresponds to each item of the logic gate truth table, the cipher text obtained by encrypting the output by taking the input of the corresponding item in the logic gate truth table as a key is obtained, and finally the confusion circuit file is obtained
Figure BDA0002856083170000028
At the same time, the corresponding relation between the plain text and the key on the input line is recorded in the input look-up table T in In the method, the corresponding relation between the plaintext and the secret key on the output line is recorded in an output comparison table T out In (1).
Preferably, step3 is specifically: the first party P1 and the second party P2 execute the OT protocol, the first party P1 sends an input lookup table T in Assisting second party P2 in obtaining obfuscated inputs to second party P2
Figure RE-GDA0003149302610000026
The first party P1 inputs the comparison table T in Privacy data x 1 Encrypting as obfuscated input
Figure RE-GDA0003149302610000027
And sent to the second party P2, the second party P2 obtains the final obfuscated input
Figure RE-GDA0003149302610000028
Preferably, step5 is specifically: first party P1 calculation output comparison table T out Hash value h of T And sends an output look-up table T out Hash value h of T To the second party P2; second party P2 computing obfuscated outputs
Figure BDA0002856083170000031
Hash value of
Figure BDA0002856083170000032
And sends the hash value
Figure BDA0002856083170000033
To the first party P1.
Preferably, the specific process of Step6 is as follows:
first, a first party P1 initiates a transaction in the blockchain, the first party spending q 1 And submit verification algorithm phi 1 Verification algorithm phi 1 Is the alias output
Figure BDA0002856083170000034
When the output is obfuscated
Figure BDA0002856083170000035
When the correctness checking condition is satisfied, the device,
Figure BDA0002856083170000036
and returning to the step1, otherwise,
Figure BDA0002856083170000037
returning to 0;
then, the second party P2 is used for a specified time
Figure BDA0002856083170000038
Is output in a mixed-up manner
Figure BDA0002856083170000039
The cost q of the first party can be obtained 1 Otherwise, the first party spends q after a prescribed time 1 Will be returned to the first party P1; similarly, the second party P2 initiates a transaction in the blockchain, the cost of the second party q 2 And submit verification algorithm phi 2 Verification algorithm phi 2 Is an output look-up table T out When T is out When the correctness verification condition is satisfied, phi 2 (T out ) Return to 1, otherwise, phi (T out ) Returning to 0;
finally, the first party P1 uses the request to satisfy phi within a predetermined time (T out ) Output lookup table T of =1 out The cost q of the second party can be obtained 2 Otherwise, after a timeout, the cost of the second party q 2 Will be returned to the second party P2.
Preferably, the specific process of Step7 is as follows: the first party P1 obtains the verification algorithm phi submitted by the second party P2 from the blockchain within a specified time after confirming the uplink of the deposit transaction of the second party P2 2 And locally calculates phi 2 (T out ) If phi is 2 (T out ) =1 publish output mapping table T in block chain out To obtain a second party deposit q 2 Otherwise, executing Step8 after timeout; similarly, the second party P2 verifies locally within a specified time after confirming the uplink of the deposit transaction of the first party P1
Figure BDA00028560831700000310
Thereafter, the obfuscated outputs are published in a blockchain
Figure BDA00028560831700000311
To obtain a first party deposit q 1 Otherwise, executing Step8 after time out.
Preferably, the specific process of Step9 is as follows: after the step Setp 8 is normally executed, the first party P1 and the second party P2 both obtain the aliasing output
Figure BDA00028560831700000312
Output look-up table T out And a position array L, the first party P1 and the second party P2 according to the output comparison table T out Decipher obfuscated output
Figure BDA00028560831700000313
A plaintext output z is obtained and the eigenvalues are then removed from z according to the position array, thus obtaining a result y of the protocol.
A system for implementing the block chain based fair two-party negotiation method, the system comprising a client and a block chain, wherein the client comprises the following modules:
a request module: initiating a query and a modification two-party calculation request to a request registration contract of a block chain;
constructing a module: responsible for constructing the garbled circuit;
an evaluation module: responsible for executing the garbled circuit;
a deposit module: submitting, claiming and returning deposit to a deposit management module of the block chain;
an output module: and decrypting to obtain a final calculation result.
Preferably, the blockchain comprises the following intelligent contracts:
request to register a contract: registering and recording all two-party calculation requests;
a factory contract: for each responded two-party calculation request, initiating a deposit management contract;
deposit management contracts: and processing the submission, claiming and return requests of the deposit of the two parties in the calculation process of the two parties at one time.
Compared with the prior art, the invention has the following advantages and beneficial effects:
1. the invention introduces the block chain to realize the penalty mechanism, and ensures the fairness of the protocol of the confusion circuit. Our protocol performs the steps of fairness problem in the original protocol on the block chain based on the confusing circuit protocol, and the participant is penalized with digital currency if he/she is willing to exit the protocol. Furthermore, we propose efficient, chain-executed authentication algorithms to prevent participants from providing erroneous data.
2. Compared with the traditional negotiation system, the invention realizes the two-party negotiation system and has the following advantages: a. and (4) privacy protection. The confusion circuit protocol realizes that the participating party does not need to reveal the original data in the calculation process, thereby protecting the privacy of the data; b. And (4) fairness. By realizing data exchange on the block chain, the participators can obtain the final calculation result; c. and (4) decentralizing. The system does not need a centralized server to maintain data, and avoids the risk of malicious data tampering by the central server.
Drawings
FIG. 1 is a flow chart of a block chain based fairness two-party protocol according to an embodiment of the present invention;
fig. 2 is an architecture diagram of a block chain-based two-party negotiation system according to an embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to examples and drawings, but the present invention is not limited thereto.
As shown in fig. 1 and fig. 2, the embodiment of the present invention introduces a block chain technique to implement a fair two-party negotiation method based on the garbled circuit protocol. A block chain-based fair two-party negotiation method comprises the following steps:
step (1 a), the first party P1 and the second party P2 negotiate to determine initial parameters, wherein the initial parameters comprise the content (represented by an original function f) which is calculated together, the length m of a characteristic array, and the deposit q of the first party P1 1 Deposit q of the second party P2 2 And a time limit τ;
step (1 b), the first party P1 transforms the original function f into a function f ', and the function f' receives the input x of the first party P1 1 And input x of a second party P2 2 The position array L, the characteristic value V, f' are in f (x) 1 ,x 2 ) The feature value is then inserted into the result according to the feature value V, the location array L provided by the second party P2, so that the result of the garbled circuit protocol is partially visible to the second party P2, so that the second party P2 has the ability to verify the first partyP1 generated comparison Table T out The ability of the cell to perform. The function f' is shown in table 1.
Table 1 function f'
Figure BDA0002856083170000041
Figure BDA0002856083170000051
Step (2) -step (4) performing a garbled circuit protocol calculation f' (x) for the first party P1 and the second party P2 1 ,x 2 V, L). The specific process is as follows:
step (2), the first party P1 constructs the function f' into the confusion circuit to obtain the confusion circuit file
Figure BDA0002856083170000052
Input look-up table T in Output the look-up table T out And will be
Figure BDA0002856083170000053
Sending to a second party P2;
step (3 a), the first party P1 and the second party P2 execute OT protocol, the first party P1 sends input comparison table T in Assisting a second party P2 in obtaining obfuscated inputs
Figure RE-GDA0003149302610000054
Step (3 b), the first party P1 inputs the comparison table T in To privacy data x 1 Encrypting as obfuscated input
Figure BDA0002856083170000055
And sent to the second party P2;
step (4), the second party P2 uses the final confusion input
Figure RE-GDA0003149302610000061
Execution obfuscation circuit
Figure RE-GDA0003149302610000062
Obtaining obfuscated outputs
Figure RE-GDA0003149302610000063
Steps (5) - (8) are that the first party P1 and the second party P2 exchange the output comparison table T fairly out And obfuscating the output
Figure BDA0002856083170000065
The specific process is as follows:
step (5 a), second party P2 calculation
Figure BDA0002856083170000066
Hash value of
Figure BDA0002856083170000067
And transmit
Figure BDA0002856083170000068
To the first party P1;
step (5 b) of the first party P1 calculating T out Hash value h of T And sends h T To the second party P2.
Step (6 a), the first party P1 submits a first party deposit q 1 First party verification algorithm phi 1 And verifying the conditions
Figure BDA0002856083170000069
Where position i is randomly chosen from {1, 2., n } by the first party P1, the secret key
Figure BDA00028560831700000610
For outputting the key corresponding to bit 0 in the ith entry in the look-up table
Figure BDA00028560831700000611
To output the key corresponding to bit 1 in the ith entry in the look-up table,
Figure BDA00028560831700000612
is the step (5 a)Obfuscated output of (1)
Figure BDA00028560831700000613
The Ha-chi value of (c). First party verification algorithm phi 1 As shown in table 2;
step (6 b), the second party P2 submits a second party deposit q 2 Second square verification algorithm phi 2 And verifying the conditions
Figure BDA00028560831700000614
Wherein
Figure BDA00028560831700000615
To obfuscate the output
Figure BDA00028560831700000616
A key array consisting of keys at specific locations, i.e. each item in the location array L, h T Outputting a look-up table T in step (5 b) out The hash value of (1). Second party verification algorithm phi 2 As shown in table 3.
Step (7 a), the first party P1 verifies phi locally within tau time 2 (T out ) Release T on blockchain after =1 out Obtaining a second party deposit q 2
Step (7 b), the second party P2 verifies locally within tau time
Figure BDA00028560831700000617
Post publishing on blockchain
Figure BDA00028560831700000618
Obtaining a first party deposit q 1
Step (8 a), after the time tau is over, if the first party P1 does not publish T out The second party P2 deposits a deposit q on the second party 2 Retrieving;
step (8 b), after tau time, if the second party P2 does not publish
Figure BDA00028560831700000619
The first party P1 deposits a deposit q on the first party 1 Retrieve。
Fair exchange T between first party P1 and second party P2 out And
Figure BDA00028560831700000620
then both parties have obtained
Figure BDA00028560831700000621
The first party P1 and the second party P2 locally perform the step (9):
step (9) according to T out Decrypting obfuscated outputs
Figure BDA00028560831700000622
A plaintext output z is obtained and then the remove feature value from z is obtained according to the remove feature algorithm of table 4 to obtain the result y of the protocol.
TABLE 2 first party authentication Algorithm
Figure BDA0002856083170000061
Figure BDA0002856083170000071
TABLE 3 second party verification algorithm
Figure BDA0002856083170000072
Figure BDA0002856083170000081
TABLE 4 Decharacterization Algorithm
Figure BDA0002856083170000082
The specific process of the protocol of the embodiment of the invention is shown in table 5 as a fair two-party negotiation method, wherein the block chain part is detailed in table 6.
TABLE 5 Fair two-party negotiation method
Figure RE-GDA0003149302610000091
Figure BDA0002856083170000101
TABLE 6 Block chain
Figure BDA0002856083170000102
Figure BDA0002856083170000111
An embodiment of the present invention further provides a two-party negotiation system based on a blockchain, where the system includes a client and a blockchain, as shown in fig. 2. Wherein the client comprises the following modules: a request module: initiating, inquiring and modifying a two-party calculation request to a request registration contract of a block chain; constructing a module: responsible for constructing the garbled circuit; an evaluation module: responsible for executing the garbled circuit; a deposit module: submitting, claiming and returning the deposit to a deposit management module of the block chain; an output module: and decrypting to obtain a final calculation result. The blockchain includes the following intelligent contracts: request for registration of a contract: registering and recording all two-party calculation requests; a factory contract: for each responded two-party calculation request, initiating a deposit management contract; deposit management contracts: processing the request of submitting, claiming and returning the deposit of the two parties in the calculation process of the two parties at one time.
In summary, the embodiments of the present invention are a block chain based fair two-party negotiation method and a block chain based two-party negotiation system using the same. The protocol calculates the modified function f' by operating an original (unfair) garbled circuit protocol, so that key data can be efficiently verified on a chain, a data exchange process is carried out on a block chain, and digital currency punishment is carried out on a participant who maliciously quits the protocol or publishes error data, thereby realizing the fairness of a two-party negotiation method. The two-party negotiation system based on the block chain realizes two-party calculation of privacy protection, fairness and decentralization, a user initiates or responds to a two-party calculation request on the block chain, then executes a confusion circuit protocol under the chain, obtains key intermediate data while protecting data privacy, exchanges the key data on the chain to ensure fairness, and finally obtains a final result through local calculation.
The above description is only a preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can substitute or change the technical solution of the present invention and the inventive concept within the scope of the present invention.

Claims (9)

1. A block chain based fair two-party negotiation method is characterized by comprising the following steps:
step1, initialization stage: the first party P1 and the second party P2 negotiate a determining function f', P1 prepares the private data x input to the first party 1 P2 preparing for entry of private data x of the second party 2 A position array L and a characteristic value V;
the specific details of the initialization are as follows: function f' (x) 1 ,x 2 L, V) are as follows:
f′(x 1 ,x 2 ,L,V)=g(f(x 1 ,x 2 ),L,V)
wherein x is 1 A privacy input for the first party P1 for calculating L; x is a radical of a fluorine atom 2 A privacy input for the second party P2 for calculating L; l is the number of position groups generated by the second party P2, and V is the number of feature groups generated by the second party P2;
f′(x 1 ,x 2 l, V) first calculate the first party P1 and second party P2 calculation functions f (x) 1 ,x 2 ) The result is marked as y, and then the result y is transmitted into a function g, and the function g (y, L, V) is inserted into y according to a position array LA characteristic value V;
step2, confusion phase: p1 constructs the function f' into the garbled circuit to obtain the garbled circuit file
Figure 275337DEST_PATH_IMAGE001
Input look-up table T in And output look-up table T out
Step3, input stage: the first party P1 and the second party P2 use the input comparison table T in Encrypting respective input data into obfuscated inputs;
step4, execution phase: the second party P2 performs the garbled circuit using the garbled input to obtain a garbled output
Figure 61634DEST_PATH_IMAGE002
Step5, a commitment stage: first party P1 calculation output comparison table T out And sends an output look-up table T out To the second party P2; second party P2 computing obfuscated outputs
Figure 182037DEST_PATH_IMAGE002
And send the obfuscated output
Figure 820829DEST_PATH_IMAGE002
To the first party P1;
step6, deposit stage: the first party P1 pays the first party deposit q on the blockchain 1 And publishes verification algorithm phi 1 The second party P2 pays the second party deposit q on the blockchain 2 And publishes verification algorithm phi 2
Step7, claiming phase: first party P1 publishes output comparison table T on block chain out Satisfies phi 2 (T out ) =1, thereby obtaining a second party deposit q 2 And executing Step9; second party P2 publishes obfuscated outputs on blockchains
Figure 684880DEST_PATH_IMAGE002
Satisfy the requirement of
Figure 92727DEST_PATH_IMAGE003
Thereby obtaining a first party deposit q 1 And executing Step9;
step8, refund stage: in Step6, if the first party P1 does not yet publish the output lookup table T within the set time out The second party P2 deposits a deposit q on the second party 2 Retrieving; if the second party P2 has not yet published the obfuscated output
Figure 977507DEST_PATH_IMAGE002
The first party P1 deposits a deposit q on the first party 1 Retrieving;
step9, output stage: the first party P1 and the second party P2 respectively decrypt and confuse the output to obtain a protocol result.
2. The block chain based fair two-party negotiation method of claim 1, wherein Step2 specifically comprises: according to the Boolean circuit corresponding to the function f', all values in an input line, an output line and an internal line in the Boolean circuit are replaced by symmetric keys which are randomly generated and are not equal to each other; each logic gate is replaced by a ciphertext set, each item in the ciphertext set corresponds to each item of the logic gate truth table, the ciphertext is obtained by encrypting the output by taking the input of the corresponding item in the logic gate truth table as a key, and finally the confusion circuit file is obtained
Figure 713381DEST_PATH_IMAGE001
Simultaneously, the corresponding relation between the plaintext and the secret key on the input line is recorded in the input comparison table T in In the method, the corresponding relation between the plaintext and the secret key on the output line is recorded in an output comparison table T out In (1).
3. The block chain based fair two-party negotiation method of claim 2, wherein Step3 specifically comprises: the first party P1 and the second party P2 execute the OT protocol, the first party P1 sends an input look-up table T in Assisting the second party P2 in the second party P2 obtainingObfuscating input
Figure 741642DEST_PATH_IMAGE004
The first party P1 inputs the comparison table T in Privacy data x 1 Encrypting as obfuscated input
Figure 879363DEST_PATH_IMAGE005
And sent to the second party P2, the second party P2 obtains the final obfuscated input
Figure 731781DEST_PATH_IMAGE006
4. The block chain based fair two-party negotiation method of claim 3, wherein Step5 specifically comprises: first party P1 calculation output comparison table T out Hash value h of T And sends an output look-up table T out Hash value h of T To the second party P2; second party P2 calculates obfuscated outputs
Figure 689373DEST_PATH_IMAGE002
Hash value of
Figure 285439DEST_PATH_IMAGE007
And sends the hash value
Figure 277666DEST_PATH_IMAGE007
To the first party P1.
5. The block chain based fair two-party negotiation method of claim 4, wherein the specific process of Step6 is as follows:
first, the first party P1 initiates a transaction in the blockchain, the deposit q of the first party 1 And submit the verification algorithm phi 1 Verification algorithm phi 1 Is the alias output
Figure 35406DEST_PATH_IMAGE002
When the output is garbled
Figure 745874DEST_PATH_IMAGE002
When the correctness checking condition is satisfied, the device,
Figure 667603DEST_PATH_IMAGE003
and returning to the step1, otherwise,
Figure 514337DEST_PATH_IMAGE003
returning to 0;
then, the second party P2 is used for a specified time
Figure 708558DEST_PATH_IMAGE008
Is output in a garbled way
Figure 640742DEST_PATH_IMAGE002
To obtain deposit q of the first party 1 Otherwise, after a predetermined time, deposit q of the first party 1 Will be returned to the first party P1; similarly, the second party P2 initiates a transaction in the blockchain, the deposit q of the second party 2 And submit verification algorithm phi 2 Verification algorithm phi 2 The input of (A) is an output comparison table T out When T is out When the correctness checking condition is satisfied, phi 2 (T out ) Return to 1, otherwise, phi 2 (T out ) Returning to 0;
finally, the first party P1 uses the request for phi within a predetermined time 2 (T out ) Output look-up table T of =1 out To obtain deposit q of the second party 2 Otherwise, after time out, deposit q of the second party 2 Will be returned to the second party P2.
6. The block chain based fair two-party negotiation method of claim 5, wherein the specific process of Step7 is as follows: the first party P1 obtains the verification algorithm phi submitted by the second party P2 from the blockchain within a prescribed time after confirming the uplink of the deposit transaction of the second party P2 2, And locally calculate phi 2 (T out ) If phi is 2 (T out ) =1 publish output mapping table T in block chain out To obtain a second party deposit q 2 Otherwise, executing Step8 after timeout; similarly, the second party P2 verifies locally within a specified time after confirming the uplink of the deposit transaction of the first party P1
Figure 578611DEST_PATH_IMAGE008
Thereafter, obfuscated outputs are published in a blockchain
Figure 873326DEST_PATH_IMAGE002
To obtain a first party deposit q 1 Otherwise, executing Step8 after time out.
7. The block chain based fair two-party negotiation method according to claim 6, wherein the specific process of Step9 is: when Step8 is executed normally, the first party P1 and the second party P2 both obtain the confusion output and the output comparison table T out And a position array L, the first party P1 and the second party P2 according to the output comparison table T out Decrypting obfuscated outputs
Figure 113814DEST_PATH_IMAGE002
A plaintext output z is obtained and the eigenvalues are then removed from z according to the position array, thus obtaining a result y of the protocol.
8. A system for implementing the block chain based fair two-party negotiation method of claim 7, wherein the system comprises a client and a block chain, and wherein the client comprises the following modules:
a request module: initiating a query and a modification two-party calculation request to a request registration contract of a block chain;
constructing a module: responsible for constructing the garbled circuit;
an evaluation module: responsible for executing the garbled circuit;
a deposit module: submitting, claiming and returning the deposit to a deposit management module of the block chain;
an output module: and decrypting to obtain a final calculation result.
9. The system of block chain based fair two-party negotiation method of claim 8, wherein the block chain comprises the following intelligent contracts:
request for registration of a contract: registering and recording all two-party calculation requests;
a factory contract: for each responded two-party calculation request, initiating a deposit management contract;
deposit management contracts: and processing the submission, claiming and return requests of the deposit of the two parties in the calculation process of the two parties at one time.
CN202011547454.2A 2020-12-23 2020-12-23 Fair two-party negotiation method and system based on block chain Active CN113222591B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011547454.2A CN113222591B (en) 2020-12-23 2020-12-23 Fair two-party negotiation method and system based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011547454.2A CN113222591B (en) 2020-12-23 2020-12-23 Fair two-party negotiation method and system based on block chain

Publications (2)

Publication Number Publication Date
CN113222591A CN113222591A (en) 2021-08-06
CN113222591B true CN113222591B (en) 2022-12-27

Family

ID=77085900

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011547454.2A Active CN113222591B (en) 2020-12-23 2020-12-23 Fair two-party negotiation method and system based on block chain

Country Status (1)

Country Link
CN (1) CN113222591B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109815728A (en) * 2018-12-21 2019-05-28 暨南大学 The fair contract with secret protection based on block chain signs method

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140372769A1 (en) * 2013-06-18 2014-12-18 Sap Ag Automatic Protocol Selection in Mixed-Protocol Secure Computation
CN110909356B (en) * 2018-09-18 2022-02-01 百度在线网络技术(北京)有限公司 Secure multiparty computing method, apparatus, device and computer readable medium
CN109886687B (en) * 2019-02-28 2023-12-05 矩阵元技术(深圳)有限公司 Result verification method and system for realizing secure multiparty calculation based on blockchain

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109815728A (en) * 2018-12-21 2019-05-28 暨南大学 The fair contract with secret protection based on block chain signs method

Also Published As

Publication number Publication date
CN113222591A (en) 2021-08-06

Similar Documents

Publication Publication Date Title
US9009464B2 (en) Anonymous register system and method thereof
Wei et al. SecCloud: Bridging secure storage and computation in cloud
US7840813B2 (en) Method and system with authentication, revocable anonymity and non-repudiation
US8526603B2 (en) Public-key encrypted bloom filters with applications to private set intersection
Xu et al. Secure multi-authority data access control scheme in cloud storage system based on attribute-based signcryption
CN112839046B (en) Traceable anonymous crowdsourcing method and system based on block chain
CN113127926B (en) Method, system, storage medium and computer for analyzing statistical correlation of privacy data
CN113420886B (en) Training method, device, equipment and storage medium for longitudinal federal learning model
GB2599404A (en) Verification system and method
GB2599416A (en) Authentication system and method
CN115913513B (en) Distributed trusted data transaction method, system and device supporting privacy protection
US20240202718A1 (en) Blockchain based system and method
US20230362019A1 (en) Physically unclonable functions storing response values on a data store
Sharma et al. Anonymous fair auction on blockchain
Hou et al. Blockchain-based efficient verifiable outsourced attribute-based encryption in cloud
CN115982746B (en) Block chain-based data sharing method
CN110519045B (en) Anti-quantum computing alliance chain transaction method and system based on group asymmetric key pool
Gunupudi et al. Generalized non-interactive oblivious transfer using count-limited objects with applications to secure mobile agents
CN113222591B (en) Fair two-party negotiation method and system based on block chain
CN116318901A (en) Privacy and verifiable internet of things data aggregation method integrating blockchain
US20230370288A1 (en) Physically unclonable functions storing response values on a blockchain
Zhong et al. An Efficient Electronic English Auction System with a Secure On‐Shelf Mechanism and Privacy Preserving
Hu et al. An innovative key agreement protocol with complex attribute authentication based on blockchain
Dong et al. The secure data sharing and interchange model based on blockchain for single window in trade facilitation
Wang et al. Privacy-preserving and verifiable classifier training in edge-assisted mobile communication systems

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant