CN113704716A - Application method of zero-knowledge proof in block chain data privacy calculation - Google Patents

Abstract

The invention relates to the technical field of block chain data calculation, in particular to an application method of zero knowledge proof in block chain data privacy calculation, which comprises a block chain, a zero knowledge proof and zk-SNARK, wherein the problem of privacy security is solved by applying the zero knowledge proof to the block chain, and the application of the zero knowledge proof in the block chain is explained, so that the block chain realizes the zero knowledge proof, the verification of client login can be carried out on the premise of not knowing a client password, even if a server is attacked, because a client plaintext password is not stored, the account of a user is safe, the combination of the block chain and the zero knowledge proof enables the user to master their personal data again, and a financial protocol, an online account or an identity verification can be achieved without disclosing personal information.

Description

Application method of zero-knowledge proof in block chain data privacy calculation

Technical Field

The invention relates to the technical field of block chain data calculation, in particular to an application method of zero-knowledge proof in block chain data privacy calculation.

Background

In the current block chain network field, a private key is a unique identification of a user identity, a pair of public and private keys is bound with a digital asset in advance, and the user uses the private key to carry out signature transaction so as to prove that the user has the use right of the digital asset. However, there are some problems with the digital asset management methods in blockchain networks today: the digital assets in the form of private data are bound with the private key, but the private key is not in any contact with a real user, when the private key is lost, the user loses the unique identity of the user on the blockchain, and the private data owned by the user cannot be used; in view of this, some users choose to back up the private key on the third-party platform, and then call the private key from the third-party platform when using the private key, however, since the third-party platform has a centralized characteristic and is vulnerable to attack, it is difficult to ensure the security of the private key, and private data is stolen, so an application method for zero-knowledge proof block-chain data privacy calculation is needed to improve the above problems.

Disclosure of Invention

The invention aims to provide an application method of zero-knowledge proof in block chain data privacy calculation, so as to solve the problems in the background technology.

In order to achieve the purpose, the invention provides the following technical scheme:

an application method of zero knowledge proof in block chain data privacy calculation comprises a block chain, a zero knowledge proof and zk-SNARK, wherein the block chain is a data structure connecting data blocks in time sequence and is ensured to be not to be tampered in a cryptographic mode; the zero-knowledge proof means that the prover can make the verifier believe that a certain conclusion is correct without providing any useful information to the verifier, the prover proves to the verifier and makes the verifier believe that the prover knows or owns a certain message, but the proving process cannot leak any information about the proved message to the verifier, and finally, they can prove that through some interaction between the prover and the verifier, they can fundamentally reduce the amount of knowledge that needs to be transferred between the two, what they are mainly concerned about is the information leakage, i.e. how much information the verifier will know in verifying whether a statement is valid, the zk-SNARK is one of non-interactive zero-knowledge proofs, a theory that turns the actual zero-knowledge proof-like problem into a computer program problem, as one of the most exciting achievements in cryptography and its application field at present, it allows one to prove and verify statements that are in the form of "given an open predicate and an open input, i know some secret input, so that it is true".

As a preferred aspect of the present invention, the block chain has the following characteristics:

decentralization: the block chain can realize complete decentralization without a central node, a distributed data storage structure is adopted, and all nodes store the same block information;

non-tamper-proof property: the head part of each block stores the Hash value of the root node of the Merkle tree, and the leaf nodes of the Merkle tree are formed by the corresponding Hash values of the transaction information stored in the block chain, so that the accuracy of the transaction data can be ensured by verifying the Hash value of the root node of the Merkle tree, and the non-falsification is realized;

non-forgeability: the block chain stores the Hash value of the transaction data, and the signature of both transaction parties is contained in the block chain, and the signature is independent and unique for each user and cannot be forged;

verifiability: the verifiability of the block chain refers to the verifiability of a data source, and the input and the output of the electronic money in each transaction can be verified; for example, the output of all transactions in the bitcoin is used as the input of the next transaction, and the input of the transactions is the output of the previous transaction, namely, the traceability of the transactions, besides the verifiability of the data source, the verifiability of the transaction amount is ensured, and the input fund in each transaction is ensured to be real and reliable;

anonymity: anonymity in blockchains is mainly in a pseudo-anonymous way. The block chain cuts off the relation between the account number and the real identity by using a pseudonymization technology; for example, in the block chain, the user account is a Hash value of a fixed length obtained by performing a Hash operation on the user public key.

As a preferred aspect of the present invention, the basic characteristics of the zero-knowledge proof are as follows:

completeness: if the proving party and the verifying party are honest and correct calculation is carried out by following each step of the proving process, the proving is certainly successful, and the verifying party can certainly accept the proving party;

rationality: nobody can impersonate the proving party, making this proof successful;

zero knowledge: after the certification process is performed, the verifier only obtains the information that the certifier has this knowledge, but does not obtain any information about this knowledge itself.

A zero-knowledge proof application method in block chain data privacy computation comprises the following steps:

s1, dividing the program to be verified into logic verification steps, and dividing these logic steps into arithmetic circuits composed of addition, subtraction, multiplication and division;

s2, transforming the program to be verified into a verification polynomial product with equal polynomial product through a series of transformation, such as t (x) h (x) w (x) v (x);

s3, in order to make the proof more concise, the verifier randomly selects several check points S in advance, and checks whether the equations at these several points are true;

s4, the verifier does not know the actual input value when calculating the equation by homomorphic coding/encryption, but can still perform verification;

s5, if a secret value k different from 0 can be multiplied on both sides of the equation, then when (t (S) h (S) k) (w (S) v (S) k) is verified, t (S), h (S), w (S), v (S) cannot be known specifically, so that the information can be protected.

Compared with the prior art, the invention has the beneficial effects that:

in the invention, the zero knowledge proof is applied to the block chain to solve the privacy security problem, and the application of the zero knowledge proof in the block chain is explained, so that the block chain realizes the zero knowledge proof, the authentication of the client login can be carried out on the premise of not knowing the password of the client, even if a server is attacked, the account of the user is still secure because the plaintext password of the client is not stored, the combination of the block chain and the zero knowledge proof enables the user to master the personal data of the user again, and the financial agreement, the establishment of the online account or the authentication of the identity can be achieved without disclosing the personal information.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, rather than all embodiments, and all other embodiments obtained by a person of ordinary skill in the art without any creative work based on the embodiments of the present invention belong to the protection scope of the present invention.

The invention provides a technical scheme that:

an application method of zero knowledge proof in block chain data privacy calculation comprises a block chain, a zero knowledge proof and zk-SNARK, wherein the block chain is a data structure for connecting data blocks according to time sequence and is ensured to be not to be tampered in a cryptographic mode; zero knowledge proof means that the prover can trust that a certain conclusion is correct without providing any useful information to the verifier, the prover proves to the verifier and trusts himself to know or own a certain message, but the proving process cannot leak any information about the proven message to the verifier, and finally, they can prove that through some interaction between the prover and the verifier, they can fundamentally reduce the amount of knowledge that needs to be transferred between the two, they are mainly concerned about information leakage, i.e. how much information the verifier will know in verifying whether a statement is valid, zk-SNARK is one of the non-interactive zero knowledge proofs, a theory that turns the actual zero knowledge proof class problem into a computer program problem, as one of the most exciting achievements in cryptography and its application field at present, it allows one to prove and verify statements that are in the form of "given an open predicate and an open input, i know some secret input, so that it is true".

As a preferred embodiment of the present invention, the blockchain has the following characteristics:

decentralization: the block chain can realize complete decentralization without a central node, a distributed data storage structure is adopted, and all nodes store the same block information;

non-tamper-proof property: the head part of each block stores the Hash value of the root node of the Merkle tree, and the leaf nodes of the Merkle tree are formed by the corresponding Hash values of the transaction information stored in the block chain, so that the accuracy of the transaction data can be ensured by verifying the Hash value of the root node of the Merkle tree, and the non-falsification is realized;

non-forgeability: the block chain stores the Hash value of the transaction data, and the signature of both transaction parties is contained in the block chain, and the signature is independent and unique for each user and cannot be forged;

verifiability: the verifiability of the block chain refers to the verifiability of a data source, and the input and the output of the electronic money in each transaction can be verified; for example, the output of all transactions in the bitcoin is used as the input of the next transaction, and the input of the transactions is the output of the previous transaction, namely, the traceability of the transactions, besides the verifiability of the data source, the verifiability of the transaction amount is ensured, and the input fund in each transaction is ensured to be real and reliable;

anonymity: anonymity in blockchains is mainly in a pseudo-anonymous way. The block chain cuts off the relation between the account number and the real identity by using a pseudonymization technology; for example, in the block chain, the user account is a Hash value of a fixed length obtained by performing a Hash operation on the user public key.

As a preferred embodiment of the present invention, the basic characteristics of zero knowledge proof are:

completeness: if the proving party and the verifying party are honest and correct calculation is carried out by following each step of the proving process, the proving is certainly successful, and the verifying party can certainly accept the proving party;

rationality: nobody can impersonate the proving party, making this proof successful;

zero knowledge: after the certification process is performed, the verifier only obtains the information that the certifier has this knowledge, but does not obtain any information about this knowledge itself.

A zero-knowledge proof application method in block chain data privacy computation comprises the following steps:

s1, dividing the program to be verified into logic verification steps, and dividing these logic steps into arithmetic circuits composed of addition, subtraction, multiplication and division;

s2, transforming the program to be verified into a verification polynomial product with equal polynomial product through a series of transformation, such as t (x) h (x) w (x) v (x);

s3, in order to make the proof more concise, the verifier randomly selects several check points S in advance, and checks whether the equations at these several points are true;

s4, the verifier does not know the actual input value when calculating the equation by homomorphic coding/encryption, but can still perform verification;

s5, if a secret value k different from 0 can be multiplied on both sides of the equation, then when (t (S) h (S) k) (w (S) v (S) k) is verified, t (S), h (S), w (S), v (S) cannot be known specifically, so that the information can be protected.

Example (b): decomposing a program to be verified into logic verification steps, and decomposing the logic steps into an arithmetic circuit formed by addition, subtraction, multiplication and division; converting the program to be verified into a verification polynomial product that is equal through a series of transformations, such as proving that t (x) h (x) w (x) v (x); in order to make the proof more concise, the verifier randomly selects several check points s in advance, and checks whether the equations at these several points hold; by means of homomorphic coding/encryption, a verifier does not know the actual input numerical value when calculating the equation, but can still perform verification; if a secret value k which is not 0 can be multiplied on the left and right sides of the equation, then when (t(s) h(s) k) ═ w(s) v(s) k is verified, specific t(s), h(s), w(s), v(s) cannot be known, and therefore information can be protected;

after the transaction is successful, the block chain browser or the corresponding RPC interface is called to check the corresponding transaction record, so that data such as the address of a sender of the transaction, the address of a receiver of the transaction, the transaction amount and the like can be obtained. These addresses are only a string of letters and numbers, which has a certain anonymity effect, but this is only a pseudo-anonymity, and the identity of the user may be revealed through a series of related transactions and corresponding displayed social relationships, so that the zeroCash block chain comes up;

zeroCash is a blockchain for privacy protection based on zero-knowledge proof, and adopts non-interactive zero-knowledge proof of zk-SNARKs to prove that some specific assets are owned by themselves, so as to thoroughly solve the problem that transactions are tracked to expose the privacy of users. ZCash has an anonymous trading system that supports multiple trading types, one of which is trading where the address and trading value of the trading parties can be hidden. This is a complete hiding, not to say that the data is still stored in the node database of ZCash, but not a hiding that is shown outwards. But neither node is aware of the contents of the transaction. The strong privacy of Zcash ensures that masked transactions originating in Zcash can be fully encrypted on the blockchain, but can still be validated as valid under network consensus rules by using zk-SNARK;

in ZCASH, the previous UTXO approach is abandoned, and instead a new approach based on UTXO, called NOTE (NOTE) is used, NOTE represents the dominance of the current account to the asset, unlike UTXO, the storage of the account balance is no longer "unconsumed transaction output", but "undeleted check (NOTE)"; a NOTE consisting of the owner's public key PK, the amount of money held V, and a serial number r that uniquely distinguishes the check, denoted as (PK, V, r);

zcah transactions fall into two categories: transparent address transactions and hidden address transactions. The transaction between the two transparent addresses is not different from the bit currency transaction, and the input and output of the transparent address transaction are directly public visible NOTE information; for hidden address transactions, transactions between hidden addresses also occur on public block chains, so everyone knows that a hidden transaction has occurred and a commission is paid to the miners, but the address of the transaction, the amount of funds and the remark field are encrypted and are not visible.

The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art should be considered to be within the technical scope of the present invention, and the technical solutions and the inventive concepts thereof according to the present invention should be equivalent or changed within the scope of the present invention.

Claims (4)

1. An application method of zero-knowledge proof in block chain data privacy computation comprises a block chain, a zero-knowledge proof and zk-SNARK, and is characterized in that: the block chain is a data structure which connects the data blocks according to time sequence and ensures that the data blocks cannot be tampered in a cryptographic mode; the zero-knowledge proof means that the prover can make the verifier believe that a certain conclusion is correct without providing any useful information to the verifier, the prover proves to the verifier and makes the verifier believe that the prover knows or owns a certain message, but the proving process cannot leak any information about the proved message to the verifier, and finally, they can prove that through some interaction between the prover and the verifier, they can fundamentally reduce the amount of knowledge that needs to be transferred between the two, what they are mainly concerned about is the information leakage, i.e. how much information the verifier will know in verifying whether a statement is valid, the zk-SNARK is one of non-interactive zero-knowledge proofs, a theory that turns the actual zero-knowledge proof-like problem into a computer program problem, as one of the most exciting achievements in cryptography and its application field at present, it allows one to prove and verify statements that are in the form of "given an open predicate and an open input, i know some secret input, so that it is true".

2. The method of claim 1, wherein the zero-knowledge proof is applied to the computation of the privacy of the blockchain data, and comprises: the block chain has the following characteristics:

decentralization: the block chain can realize complete decentralization without a central node, a distributed data storage structure is adopted, and all nodes store the same block information;

non-tamper-proof property: the head part of each block stores the Hash value of the root node of the Merkle tree, and the leaf nodes of the Merkle tree are formed by the corresponding Hash values of the transaction information stored in the block chain, so that the accuracy of the transaction data can be ensured by verifying the Hash value of the root node of the Merkle tree, and the non-falsification is realized;

non-forgeability: the block chain stores the Hash value of the transaction data, and the signature of both transaction parties is contained in the block chain, and the signature is independent and unique for each user and cannot be forged;

verifiability: the verifiability of the block chain refers to the verifiability of a data source, and the input and the output of the electronic money in each transaction can be verified; for example, the output of all transactions in the bitcoin is used as the input of the next transaction, and the input of the transactions is the output of the previous transaction, namely, the traceability of the transactions, besides the verifiability of the data source, the verifiability of the transaction amount is ensured, and the input fund in each transaction is ensured to be real and reliable;

anonymity: anonymity in blockchains is mainly in a pseudo-anonymous way. The block chain cuts off the relation between the account number and the real identity by using a pseudonymization technology; for example, in the block chain, the user account is a Hash value of a fixed length obtained by performing a Hash operation on the user public key.

3. The method of claim 1, wherein the zero-knowledge proof is applied to the computation of the privacy of the blockchain data, and comprises: the basic characteristics of the zero knowledge proof are:

completeness: if the proving party and the verifying party are honest and correct calculation is carried out by following each step of the proving process, the proving is certainly successful, and the verifying party can certainly accept the proving party;

rationality: nobody can impersonate the proving party, making this proof successful;

zero knowledge: after the certification process is performed, the verifier only obtains the information that the certifier has this knowledge, but does not obtain any information about this knowledge itself.

4. The method of claim 1, wherein the zero-knowledge proof is applied to the computation of the privacy of the blockchain data, and comprises: the method comprises the following steps:

s1, dividing the program to be verified into logic verification steps, and dividing these logic steps into arithmetic circuits composed of addition, subtraction, multiplication and division;

s2, transforming the program to be verified into a verification polynomial product with equal polynomial product through a series of transformation, such as t (x) h (x) w (x) v (x);

s3, in order to make the proof more concise, the verifier randomly selects several check points S in advance, and checks whether the equations at these several points are true;

s4, the verifier does not know the actual input value when calculating the equation by homomorphic coding/encryption, but can still perform verification;

s5, if a secret value k different from 0 can be multiplied on both sides of the equation, then when (t (S) h (S) k) (w (S) v (S) k) is verified, t (S), h (S), w (S), v (S) cannot be known specifically, so that the information can be protected.