CN113645036A - Ether shop transaction privacy protection method based on ring signature and intelligent contract - Google Patents
Ether shop transaction privacy protection method based on ring signature and intelligent contract Download PDFInfo
- Publication number
- CN113645036A CN113645036A CN202110656722.2A CN202110656722A CN113645036A CN 113645036 A CN113645036 A CN 113645036A CN 202110656722 A CN202110656722 A CN 202110656722A CN 113645036 A CN113645036 A CN 113645036A
- Authority
- CN
- China
- Prior art keywords
- address
- account
- contract
- transaction
- ring signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- RTZKZFJDLAIYFH-UHFFFAOYSA-N Diethyl ether Chemical compound CCOCC RTZKZFJDLAIYFH-UHFFFAOYSA-N 0.000 title description 20
- 230000006870 function Effects 0.000 claims description 59
- 238000012546 transfer Methods 0.000 claims description 27
- 230000008569 process Effects 0.000 claims description 14
- 238000004364 calculation method Methods 0.000 claims description 3
- 125000004122 cyclic group Chemical group 0.000 claims description 3
- 239000003999 initiator Substances 0.000 claims description 3
- 239000007787 solid Substances 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 4
- 238000011160 research Methods 0.000 description 3
- 238000012795 verification Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3255—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- Computing Systems (AREA)
- Algebra (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- Computer Hardware Design (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses an Ethernet workshop transaction privacy protection method based on a ring signature and an intelligent contract, which is used for hiding an original account address of a user and realizing Ethernet workshop transaction privacy protection and comprises the following steps: (1) a production account address; (2) deploying an intelligent contract; (3) calculating a ring signature; (4) transferring the account to the contract; (5) sending a public key and a ring signature to the contract; (6) verifying the public key; (7) verifying the ring signature; (8) the invention can finish the purpose of transferring accounts to the target account address under the condition of hiding the original account address of the user and simultaneously ensure the traceability of the transaction.
Description
Technical Field
The invention relates to the technical field of cryptography and information security, in particular to an Ethernet shop transaction privacy protection method based on a ring signature and an intelligent contract.
Background
With the advent of blockchain systems such as etherhouses, how to protect the transaction privacy of users in an open blockchain system has become an important research topic. The public account book maintained by the blockchain records all transaction data, including an initiating account and a receiving account of the transaction. Although these account addresses do not have any relationship to the user's information in the real world, an attacker can correlate to the user's IP or other identifiable identity information in the real world by analyzing the transaction and account data in the blockchain.
For example, if a user pays in ethernet coins while online, the merchant may in fact associate the user's online ethernet account address with the user's offline identity. Once the attacker has locked out a particular account address from which a transfer was received by analyzing the transaction data in the Etherhouse, the account address of the merchant is the account address of the attacker. An attacker can acquire the associated information of the Ethernet house account address and the real world identity of the user by invading a data system of a merchant, and the security of the digital currency assets of the user is seriously threatened.
In the field of research on privacy protection of blockchain transactions, the ring signature technology is a hotspot for research and attention. The ring signature algorithm is a novel digital signature algorithm proposed in 2001 by Rivest et al, and in the generation process of the signature, the signatures need to be connected end to end according to a certain rule to form a ring structure, so the algorithm is called a ring signature. Unlike group signatures, there is no management system in ring signatures, so the anonymity of individual signatures cannot be revoked. In addition, the generation of the ring signature does not need a group establishment process required in the group signature, so that the generation efficiency of the signature is greatly increased.
Ring signatures can be performed by any member of a set of signer collections having public-private key pairs without the involvement of other members. The actual signer can use its own private key and the public keys of all the members in the set of signers to generate the ring signature, and any verifier can verify whether the ring signature is signed by the members in the set of signers through the public keys in the set of signers. If the signature is verified, the verifier can only know that the signer belongs to the set of signers, but cannot determine which member of the set the signer is. Therefore, the ring signature can well protect the privacy of the user and realize the anonymity.
An intelligent contract is code running in an Ethernet Virtual Machine (EVM), and may be understood as a collection of functional modules that exist at a particular account address. Based on the currently mainstream solidity programming language, users can develop intelligent contracts that implement customized operations. After the smart contract is deployed to the ethernet host network, a specific contract account address is generated. When a user in the etherhouse needs to invoke a function in a contract, it can communicate with the contract account address using a means of sending transaction information. The function to be called and the corresponding function parameter to be transferred are indicated in the message field, and the successful execution of the function represents that the transaction is successful. This transaction differs from a traditional ethernet transfer transaction and does not involve the transfer of balance between wallets, but still costs gas, and each transaction also generates a hash value and is stored in a block as in a normal transaction.
As the current popular blockchain system, the transaction data in the Ethernet house is public, so any transaction initiated by the user in the Ethernet house is public and transparent. The invention tries to protect the ether house transaction privacy of the user through the ring signature technology and the intelligent contract technology, finishes the purpose of transferring accounts to the target account address under the condition of hiding the original account address of the user and simultaneously ensures the traceability of the transaction.
Disclosure of Invention
Based on the background and the existing problems, the invention aims to provide an Etherhouse transaction privacy protection method based on a ring signature and an intelligent contract, which can fulfill the aim of transferring to a target account address under the condition of hiding the original account address of a user and simultaneously ensure the traceability of transactions.
In order to solve the technical problem, the invention provides an Ethernet shop transaction privacy protection method based on a ring signature and an intelligent contract, which comprises the following steps:
(1) generating an account address: the user needs to generate n additional account addresses by using an elliptic curve encryption algorithm, which is specifically as follows:
addressPool={address0,address1,...,addressn-2,addressn-1}
each account address in the address pool corresponds to an account public key, namely addressiThe corresponding account public key isEach account address in the address pool corresponds to an account private key, and each transaction initiated by the account address needs to be signed by the corresponding account private key, namely, the addressiThe corresponding account private key is
The user uses the account address of the userAReplace address in Address pooljWhere j is ∈ [0, n-1 ]]Generating an address group; an account public key set corresponding to the account address in the addressGroup is pubicicekeygroup, which is specifically as follows:
addressGroup={address0,...,addressj-1,addressA,addressj+1,...,addressn-1}
(2) deploying intelligent contracts: user uses account addressjDeploying a transaction privacy protection contract into an Ethernet host network and generating a contract account addresscontract. Account addressjIs the owner of the contract, i.e. owner ═ addressj. The owner variable will be stored in the contract for protecting transaction privacy, the function in the contract for protecting transaction privacy needs to judge whether the account address of the caller is the same as the owner variable when calling, and only the address of the contract owner is availablejThe function in the contract can be called.
(3) Calculating a ring signature: public key set publishgroup and address are utilizedACorresponding account private keyGenerates a ring signature sigma by using the AOS ring signature algorithm, the ring signature sigma is expressed as (e0,s0,s1,......,sn-1) Public keyWhereinIs addressACorresponding account private key andprime order q cyclic group Is a circulating groupA generator of (2); waiting for the signed message M ═ keccak256(pwd), where keccak256 is the hash function and pwd is the one-time password that the user set for computing the ring signature, which is not disclosed throughout the process, only the user knows the contents of password pwd.
(4) Transferring the account to the contract: transaction privacy protection contracts utilize contract addresscontractTo help the user perform the transfer transaction, but the user needs to use the account address in advancejSending an amount of money (in units of wei) to the contract account addresscontractThe transaction privacy protection contract thus will have an amount of ethernet (in wei) for performing transfer transactions on behalf of the user.
(5) Sending the public key and the ring signature to the contract: user uses account addressjCorresponding account private key xjTo sign a transaction that calls the sendRingSignature function on the ring signature contract. In the transaction, the parameters that the user needs to transfer to the function are an account address set addressGroup, an account public key set publicKeyGroup, a ring signature σ, and a signed numberThe named message keccak256(pwd), the account address of the transaction recipientBThe amount of the Ethernet money transferred for the transaction, the transaction will be broadcast to the account address of the transaction privacy protection contractcontractAnd calls sendRingSignature function, and sendRingSignature function will call 3 functions in the contract in turn, which are respectively verifyPublicKey function for verifying public key, verifyrringsignature function for verifying ring signature, and transferetherther function for executing transaction.
(6) Verifying the public key: first, the verifyPublicKey function obtains the account address of the transaction initiator using the msg. Only if the caller's account address is the same as the winner variable, that is, the caller's address is addressjAnd when the function is successfully called, the ms g.sender global variable in the solid intelligent contract can be used for acquiring the account address of the calling contract, and the variable acquires the real account address of the contract caller.
Then, the verifyPublicKey function will determine whether each account address in the incoming account address set address group corresponds to each public key in the account public key set public Key group, and the pseudo code of the determination method is as follows:
(7) verifying the ring signature: the verifyrringsignature function is then called to determine the incoming ring signature σ ═ (e)0,s0,s1,......,sn-1) The integrity of (c).
(8) Performing a transfer transaction: the transferetherfunction may be invoked to transfer to a particular account address. Once the ring signature authentication is successful, the transaction privacy protection contract date uses the contract account address of the transaction privacy protection contract datecontractAddress of the accountBA transfer transaction is initiated and the amount transferred is in amount of ethernet (in units of wei). Transaction privacy protection contract uses its contract addresscontractTo help the user make a transaction, successfully hiding the useThe original account address of the user realizes the purpose of protecting the transaction privacy of the user Ether house. .
Preferably, the specific generation process of the AOS ring signature algorithm in step (3) is as follows:
1) the signer selects a public key set public key group with the length of n as { P }0,P1,......,Pn-2,Pn-1H, wherein Pi has the following values:
3)for i=(j+1)mod n;0≤i<n,i≠j;i=(i+1)mod n do
5) Generated AOS Ring signature as σ=(e0,s0,s1,......,sn-1);
Preferably, the method for judging the integrity of the ring signature σ in the step (7) specifically includes the following steps:
1) the signed message M is known from the parameters passed in by the function as keccak256 (pwd).
2) Calculating in sequence according to the values in the AOS ring signature, and finally solving e0. Wherein P isi=publicKeyGroup[i]The calculation process is as follows:
3) will find e0And e in AOS Ring signature0And comparing, and if the two are the same, representing that the ring signature sigma is valid. The verifier cannot know which s of the ring signature σ isiThe signature is generated by using the private key of the signer, so that the function of hiding the identity of the signer is realized.
Preferably, the undisclosed password pwd used in generating the ring signature in step (3) can ensure the traceability of the transaction. The password pwd used in calculating the ring signature is not disclosed throughout the transaction. If the transaction needs to be traced later, the user can prove that the user is the generator of the ring signature by disclosing the password pwd to the transaction receiver or a third party institution, thereby proving that the user is the true sender of the transaction.
The invention has the beneficial effects that: the invention provides an Ethernet shop transaction privacy protection method based on a ring signature and an intelligent contract. Ring signature technology can hide a user's original account address in a set of account addresses that contains multiple account addresses; if the computed ring signature passes the verification of the smart contract, the smart contract transfers to the designated recipient address using its own contract account address. An external observer in the ether house can only judge that the original account address of the account transfer transaction is one of the account addresses in the account address set through the ring signature, but cannot accurately analyze which account address is specific, so that the purpose of hiding the original account address of the user is achieved, and the ether house transaction privacy of the user is effectively protected. In addition, the method can ensure the traceability of the transaction while realizing the Ethernet transaction privacy protection. If the transaction needs to be traced in the future, the user can prove that the user is the generator of the ring signature by publicly calculating the password used in the ring signature process, thereby proving that the user is the true sender of the transaction.
Drawings
FIG. 1 is a process diagram of the practice of the method of the present invention.
Fig. 2 is a schematic diagram of deploying an intelligent contract in the present invention.
Fig. 3 is a schematic diagram of ring signature generation in the present invention.
FIG. 4 is a diagram illustrating invoking an intelligent contract in accordance with the present invention.
Detailed Description
Fig. 1 shows a method for protecting privacy of an ethernet transaction based on a ring signature and an intelligent contract, which includes the following steps:
(1) generating an account address: alice needs to additionally generate n account addresses by using an Elliptic Curve Cryptography (ECC for short), which is specifically shown as follows:
addressPool={address0,address1,...,addressn-2,addressn-1}
each account address in the address pool corresponds to an account public key, namely addressiThe corresponding account public key isEach account address in the address pool corresponds to an account private key, and each transaction initiated by the account address needs to be signed by the corresponding account private key, namely, the addressiThe corresponding account private key is
Alice uses his own account addressATo replaceAddress in the Address PooljWhere j is ∈ [0, n-1 ]]Generating an address group; an account public key set corresponding to the account address in the addressGroup is pubicicekeygroup, which is specifically as follows:
addressGroup={address0,...,addressj-1,addressA,addressj+1,...,addressn-1}
(2) deploying intelligent contracts: the role of the transaction privacy protection contract is to verify the authenticity of the ring signature provided by the user and then to utilize the contract address to assist the user in performing the transaction to hide the user's original account address. As shown in FIG. 2, Alice uses the account addressjDeploying a transaction privacy protection contract into an Ethernet host network and generating a contract account addresscontract. Account addressjIs the owner of the contract, i.e. owner ═ addressj. The owner variable will be stored in the contract for protecting privacy of trade, the function in the contract needs to judge whether the account address of the caller is the same as the owner variable when calling, only the address of the owner of the contractjThe function in the contract can be called.
(3) Calculating a ring signature: alice uses public key set public Key group and addressACorresponding account private keyTo generate a ring signature σ. The algorithm of AOS (Abe-Ohkubo-Suzuki, AOS for short) ring signature is adopted, wherein the related parameters are as follows: prime order q cyclic group Is a circulating groupA generator of (2); public keyWhereinIs addressACorresponding account private key andthe hash function adopts a keccak256 hash function; waiting for the signed message M — keccak256(pwd), where pwd is the one-time password that Alice sets for computing the ring signature, which is not disclosed throughout, only Alice knows the contents of password pwd.
The generation of AOS ring signature is schematically shown in fig. 3, and includes the following steps:
1) the signer selects a public key set public key group with the length of n as { P }0,P1,......,Pn-2,Pn-1In which P isiThe values of (A) are as follows:
3)for i=(j+1)mod n;0≤i<n,i≠j;i=(i+1)mod n do
5) The generated AOS ring signature is σ ═ (e)0,s0,s1,......,sn-1);
(4) Transferring the account to the contract: transaction privacy protection contracts utilize contract addresscontractTo help the user perform the transfer transaction, but the user needs to use the account address in advancejSending an amount of money (in units of wei) to the contract account addresscontractThe transaction privacy protection contract thus will have an amount of ethernet (in wei) for performing transfer transactions on behalf of the user.
(5) Sending the public key and the ring signature to the contract: as shown in FIG. 4, Alice uses the account addressjCorresponding account private key xjTo sign a transaction that calls the sendRingSignature function on the ring signature contract. In the transaction, the parameters that Alice needs to transfer to the function are an account address set address, an account public key set public key, a ring signature σ, a signed message keccak256(pwd), and an account address of the transaction receiverBThe amount of ethernet money to transfer the transaction, amount.
The transaction is broadcast to the account address of the transaction privacy protection contractcontractAnd calls sendRingSignature function, and sendRingSignature function will call 3 functions in the contract in turn, which are verifyPublicKey function for verifying public key, ver for verifying ring signature respectivelyifyRingSignature function, transferEther function to execute transactions.
(6) Verifying the public key: first, the verifyPublicKey function obtains the account address of the transaction initiator using the msg. Only if the caller's account address is the same as the winner variable, that is, the caller's address is addressjThe function can only be called successfully. (the msg. sender global variable in the solid intelligent contract can be used to get the account address of the calling contract, which gets the real account address of the contract caller).
Then, the verifyPublicKey function will determine whether each account address in the incoming account address set address group corresponds to each public key in the account public key set public Key group, and the pseudo code of the determination method is as follows:
(7) verifying the ring signature: the verifyrringsignature function is then called to determine the incoming ring signature σ ═ (e)0,s0,s1,......,sn-1) The integrity of (2) is judged by the following method:
1) the signed message M is known from the parameters passed in by the function as keccak256 (pwd).
2) Calculating in sequence according to the values in the AOS ring signature, and finally solving e0. Wherein P isi=publicKeyGroup[i]The calculation process is as follows:
3) will find e0And e in AOS Ring signature0And comparing, and if the two are the same, representing that the ring signature sigma is valid. The verifier cannot know which s of the ring signature σ isiThe signature is generated by using the private key of the signer, so that the function of hiding the identity of the signer is realized.
(8) Performing a transfer transaction: then, the process of the present invention is carried out,the transferetherfunction may be invoked to transfer to a particular account address. Once the ring signature authentication is successful, the transaction privacy protection contract date uses the contract account address of the transaction privacy protection contract datecontractAddress of the accountBA transfer transaction is initiated and the amount transferred is in amount of ethernet (in units of wei). Transaction privacy protection contract uses its contract addresscontractThe method helps the user to carry out transaction, successfully hides the original account address of the user, and achieves the purpose of protecting the privacy of the user Ethernet transaction.
The Etherhouse transaction privacy protection method based on the ring signature and the intelligent contracts can protect the transaction privacy and ensure the openness and traceability of transaction records. All transaction information in the ether house is public, and calling the function on the intelligent contract is also conducted in a transaction mode, which means that parameters transmitted to the function in the process of calling the intelligent contract function are also publicly visible. Any observer in the ether house can conclude by viewing and validating the transaction record: an account address in the address group is addressBEther money (in wei) is transferred in the amount of amount, but the real account address of the transfer is not clear; in addition, the password pwd used by Alice in computing the ring signature is not disclosed throughout the transaction. If the transaction needs to be traced later, Alice can prove that himself is the generator of the ring signature by disclosing the password pwd to the transaction receiver Bob or a third party authority, thereby proving that himself is the true sender of the transaction.
The invention provides an Ethernet workshop transaction privacy protection method based on a ring signature and an intelligent contract, which can effectively protect the Ethernet workshop transaction privacy. Ring signature technology can hide a user's original account address in a set of account addresses that contains multiple account addresses; if the computed ring signature passes the verification of the smart contract, the smart contract transfers to the designated recipient address using its own contract account address. An external observer in the ether house can only judge that the original account address of the account transfer transaction is one of the account addresses in the account address set through the ring signature, but cannot accurately analyze which account address is specific, so that the purpose of hiding the original account address of the user is achieved, and the ether house transaction privacy of the user is effectively protected. In addition, the method can ensure the traceability of the transaction while realizing the Ethernet transaction privacy protection. If the transaction needs to be traced in the future, the user can prove that the user is the generator of the ring signature by publicly calculating the password used in the ring signature process, thereby proving that the user is the true sender of the transaction.
The above-mentioned embodiments, objects, technical solutions and advantages of the present application are further described in detail, it should be understood that the above-mentioned embodiments are only examples of the present application, and are not intended to limit the scope of the present application, and any modifications, equivalent substitutions, improvements and the like made on the basis of the technical solutions of the present application should be included in the scope of the present application.
Claims (4)
1. A Ether shop transaction privacy protection method based on ring signature and intelligent contracts is characterized in that: the method comprises the following steps:
(1) generating an account address: the user needs to generate n additional account addresses by using an elliptic curve encryption algorithm, which is specifically as follows:
addressPool={address0,address1,...,addressn-2,addressn-1}
each account address in the address pool corresponds to an account public key, namely addressiThe corresponding account public key isEach account address in the address pool corresponds to an account private key, and each transaction initiated by the account address needs to be signed by the corresponding account private key, namely, the addressiThe corresponding account private key is
The user uses the account address of the userAReplace address in Address pooljWhere j is ∈ [0, n-1 ]]Generating an address group; an account public key set corresponding to an account address in the addressGroup is pubiciccoygroup, which is specifically shown as follows:
addressGroup={address0,...,addressj-1,addressA,addressj+1,…,addressn-1}
(2) deploying intelligent contracts: user uses account addressjDeploying a transaction privacy protection contract into an Ethernet host network and generating a contract account addresscontract. Account addressjIs the owner of the contract, i.e. owner ═ addressj. The owner variable will be stored in the contract for protecting transaction privacy, the function in the contract for protecting transaction privacy needs to judge whether the account address of the caller is the same as the owner variable when calling, and only the address of the contract owner is availablejThe function in the contract can be called.
(3) Calculating a ring signature: public key set publishgroup and address are utilizedACorresponding account private keyA ring signature σ is generated using the AOS ring signature algorithm, and the ring signature σ is expressed as σ ═ (e)0,s0,s1,......,sn-1) Public keyWhereinIs addressACorresponding account private key andprime order q cyclic group Is a circulating groupA generator of (2); (ii) a Waiting for the signed message M ═ keccak256(pwd), where keccak256 is the hash function and pwd is the one-time password that the user set for computing the ring signature, which is not disclosed throughout the process, only the user knows the contents of password pwd.
(4) Transferring the account to the contract: transaction privacy protection contracts utilize contract addresscontractTo help the user perform the transfer transaction, but the user needs to use the account address in advancejSending an amount of money (in units of wei) to the contract account addresscontractThe transaction privacy protection contract thus will have an amount of ethernet (in wei) for performing transfer transactions on behalf of the user.
(5) Sending the public key and the ring signature to the contract: user uses account addressjCorresponding account private key xjTo sign a transaction that calls the sendRingSignature function on the ring signature contract. In the transaction, the parameters that the user needs to transfer to the function are the account address set address, the account public key set public key, the ring signature σ, the signed message keccak256(pwd), and the account address of the transaction receiverBThe amount of the Ethernet money transferred for the transaction, the transaction will be broadcast to the account address of the transaction privacy protection contractcontractAnd calls sendRingSignature function, and sendRingSignature function calls 3 functions in the contract in sequence, which are respectively verifyPublicKey function for verifying public key, verifRingSignature function for verifying ring signature, and executing transactionThe transferEther function of (c).
(6) Verifying the public key: first, the verifyPublicKey function obtains the account address of the transaction initiator using the msg. Only if the caller's account address is the same as the winner variable, that is, the caller's address is addressjAnd when the function is successfully called, a global variable msg.sender in the solid intelligent contract can be used for acquiring an account address of the calling contract, and the variable acquires a real account address of a contract caller.
Then, the verifyPublicKey function will determine whether each account address in the incoming account address set address group corresponds to each public key in the account public key set public Key group, and the pseudo code of the determination method is as follows:
for i=0;i<n;i=i+1 do
Pi=publicKeyGroup[i],addressi=addressGroup[i];
Base=0x00FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF;
if(uint(keccak256(Pi))&Base)≠uint(addressi)then
return false;
return true;
(7) verifying the ring signature: the verifyrringsignature function is then called to determine the incoming ring signature σ ═ (e)0,s0,s1,......,sn-1) The integrity of (c).
(8) Performing a transfer transaction: the transferetherfunction may be invoked to transfer to a particular account address. Once the ring signature authentication is successful, the transaction privacy protection contract date uses the contract account address of the transaction privacy protection contract datecontractAddress of the accountBA transfer transaction is initiated and the amount transferred is in amount of ethernet (in units of wei). Transaction privacy protection contract uses its contract addresscontractThe method helps the user to carry out transaction, successfully hides the original account address of the user, and achieves the purpose of protecting the privacy of the user Ethernet transaction.
2. The etherhouse transaction privacy protection method based on ring signatures and smart contracts according to claim 1, wherein: the specific generation process of the AOS ring signature algorithm in step (3) is as follows:
1) the signer selects a public key set public key group with the length of n as { P }0,P1,......,Pn-2,Pn-1In which P isiThe values of (A) are as follows:
3)for i=(j+1)mod n;0≤i<n,i≠j;i=(i+1)mod n do
5) The generated AOS ring signature is σ ═ (e)0,s0,s1,......,sn-1)。
3. The etherhouse transaction privacy protection method based on ring signatures and smart contracts according to claim 1, wherein: the method for judging the integrity of the ring signature sigma in the step (7) specifically comprises the following steps:
1) the signed message M is known from the parameters passed in by the function as keccak256 (pwd).
2) Calculating in sequence according to the values in the AOS ring signature, and finally solving e0. Wherein P isi=publicKeyGroup[i]The calculation process is as follows:
3) will find e0And e in AOS Ring signature0And comparing, and if the two are the same, representing that the ring signature sigma is valid. The verifier cannot know which s of the ring signature σ isiThe signature is generated by using the private key of the signer, so that the function of hiding the identity of the signer is realized.
4. The etherhouse transaction privacy protection method based on ring signatures and smart contracts according to claim 1, wherein: the undisclosed password pwd used in generating the ring signature in step (3) can ensure the traceability of the transaction. The password pwd used in calculating the ring signature is not disclosed throughout the transaction. If the transaction needs to be traced later, the user can prove that the user is the generator of the ring signature by disclosing the password pwd to the transaction receiver or a third party institution, thereby proving that the user is the true sender of the transaction.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110656722.2A CN113645036A (en) | 2021-06-11 | 2021-06-11 | Ether shop transaction privacy protection method based on ring signature and intelligent contract |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110656722.2A CN113645036A (en) | 2021-06-11 | 2021-06-11 | Ether shop transaction privacy protection method based on ring signature and intelligent contract |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113645036A true CN113645036A (en) | 2021-11-12 |
Family
ID=78416024
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110656722.2A Pending CN113645036A (en) | 2021-06-11 | 2021-06-11 | Ether shop transaction privacy protection method based on ring signature and intelligent contract |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113645036A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114363013A (en) * | 2021-12-15 | 2022-04-15 | 武汉大学 | Supervision-friendly block chain content privacy protection system, message sending method and query method |
CN115276982A (en) * | 2022-07-29 | 2022-11-01 | 武汉科技大学 | Ethernet workshop key management method and system based on SGX |
-
2021
- 2021-06-11 CN CN202110656722.2A patent/CN113645036A/en active Pending
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114363013A (en) * | 2021-12-15 | 2022-04-15 | 武汉大学 | Supervision-friendly block chain content privacy protection system, message sending method and query method |
CN114363013B (en) * | 2021-12-15 | 2024-04-26 | 武汉大学 | Supervision-friendly blockchain content privacy protection system, message sending and query method |
CN115276982A (en) * | 2022-07-29 | 2022-11-01 | 武汉科技大学 | Ethernet workshop key management method and system based on SGX |
CN115276982B (en) * | 2022-07-29 | 2024-04-16 | 武汉科技大学 | SGX-based Ethernet key management method and system |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108418689B (en) | Zero-knowledge proof method and medium suitable for block chain privacy protection | |
CA3044907C (en) | Blockchain-based system and method for concealing sender and receiver identities | |
CN106911470B (en) | Bit currency transaction privacy enhancement method | |
CN111064734B (en) | Block chain system user identity anonymity and traceable method, corresponding storage medium and electronic device | |
EP3646563A1 (en) | Method, system, and computer program product for determining solvency of a digital asset exchange | |
CN110009318A (en) | A kind of digital cash method for tracing based on door sieve coin | |
CN113645036A (en) | Ether shop transaction privacy protection method based on ring signature and intelligent contract | |
CN115564434A (en) | Block chain supervision privacy protection method based on zero knowledge proof | |
CN113360943A (en) | Block chain private data protection method and device | |
CN116566626A (en) | Ring signature method and apparatus | |
CN112184245B (en) | Transaction identity confirmation method and device for cross-region block chain | |
CN111311260A (en) | Method and device for resetting account private key | |
WO2019174404A1 (en) | Digital group signature method, device and apparatus, and verification method, device and apparatus | |
CN114389822B (en) | Block chain based signature generation method, device, equipment and storage medium | |
CN111159774A (en) | Decentralized intelligent contract escrow wallet method and system | |
CN102833239B (en) | Method for implementing nesting protection of client account information based on network identity | |
Aravind et al. | Combined Digital Signature with SHA Hashing Technique-based Secure System: An Application of Blockchain using IoT | |
CN115131018A (en) | Block chain based private transaction method and related product | |
Reddy et al. | Block Chain for Financial Application using IOT | |
Qin et al. | A distributed authentication scheme based on zero-knowledge proof | |
CN110992010A (en) | Digital currency issuing total amount control method and verification method | |
CN111539031A (en) | Data integrity detection method and system for privacy protection of cloud storage tag | |
CN111340489A (en) | Custodable transaction recipient protection method and apparatus | |
CN115473635B (en) | SM2 two-party adapter signature generation method and device for preventing malicious enemy | |
CN118555077B (en) | Adapter signature generation method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20211112 |