CN113722762A - Method and system for selectively disclosing privacy information - Google Patents

Method and system for selectively disclosing privacy information Download PDF

Info

Publication number
CN113722762A
CN113722762A CN202111047934.7A CN202111047934A CN113722762A CN 113722762 A CN113722762 A CN 113722762A CN 202111047934 A CN202111047934 A CN 202111047934A CN 113722762 A CN113722762 A CN 113722762A
Authority
CN
China
Prior art keywords
privacy information
information
disclosed
privacy
hash
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111047934.7A
Other languages
Chinese (zh)
Inventor
王晓亮
马宇峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Rivtower Technology Co Ltd
Original Assignee
Suzhou Changtong Internet Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Suzhou Changtong Internet Technology Co ltd filed Critical Suzhou Changtong Internet Technology Co ltd
Priority to CN202111047934.7A priority Critical patent/CN113722762A/en
Publication of CN113722762A publication Critical patent/CN113722762A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems

Abstract

A selective disclosure method and system of private information, the private information to be revealed is the subset of the total private information; the method comprises the following steps: the privacy information sender and the certification authority share the total privacy information, the hash commitment of each piece of privacy information and the used salt value; the certification authority sends a non-falsifiable certification certificate carrying the hash commitment to the privacy information sender; the private information sending party reveals the to-be-revealed private information, the corresponding hash commitment, the corresponding salt value and the authentication certificate to a private information receiving party; the privacy information receiver determines whether the authentication certificate carries a corresponding hash commitment, and if so, the integrity of the privacy information to be disclosed is further checked based on the corresponding hash commitment and a corresponding salt value; and if the verification is successful, confirming that the private information to be disclosed is correctly disclosed. The scheme can improve the safety of selective disclosure of the private information and reduce resource consumption.

Description

Method and system for selectively disclosing privacy information
Technical Field
The present disclosure relates to the technical field of private information security, and in particular, to a method and a system for selectively disclosing private information.
Background
When a user participates in internet business, the user may need to disclose his privacy information, such as name, age, occupation, etc.; generally, a user can give all privacy information to an authority in advance for authentication and signature, and obtain an authentication certificate signed by the authority; when the authenticity of the disclosed privacy information needs to be verified, the privacy information verification can be completed by presenting the authentication certificate to the opposite party. However, in the above scheme, the authentication certificate includes all the private information of the user, and therefore, unnecessary private information may be leaked.
In the related art, a user can apply an authentication certificate containing only part of private information to an authority according to specific requirements when needing to selectively disclose the private information every time, so that the whole private information is prevented from being disclosed; however, the scheme can cause the authentication certificate to be difficult to reuse, the service pressure of issuing the authentication certificate by an authority can be obviously increased, and more resources are consumed.
Disclosure of Invention
In view of the above, the present specification discloses a method and a system for selectively disclosing private information.
According to a first aspect of embodiments of the present specification, a method for selectively disclosing private information is disclosed, wherein the private information to be disclosed is a subset of a full amount of private information; the method comprises the following steps:
a privacy information sender and a certification authority share the total privacy information, a hash commitment corresponding to each piece of privacy information in the total privacy information, and a salt value used by the hash commitment;
the authentication mechanism sends a non-falsifiable authentication certificate to the privacy information sender, wherein the authentication certificate carries a corresponding hash commitment of each piece of privacy information in the full amount of privacy information;
the privacy information sending party discloses the to-be-disclosed privacy information, a hash commitment corresponding to the to-be-disclosed privacy information, a salt value corresponding to the to-be-disclosed privacy information and the authentication certificate to a privacy information receiving party;
the privacy information receiver determines whether the authentication certificate carries a hash commitment corresponding to the to-be-disclosed privacy information, and if so, the integrity of the to-be-disclosed privacy information is checked based on the hash commitment corresponding to the to-be-disclosed privacy information and a salt value corresponding to the to-be-disclosed privacy information; and if the verification is successful, confirming that the private information to be disclosed is correctly disclosed.
Optionally, the certificate of authenticity is digitally signed by the certification authority; the method further comprises the following steps:
and the privacy information receiver acquires the signature verification public key of the certification authority and verifies the digital signature in the received certification certificate based on the signature verification public key so as to confirm whether the certification certificate is issued by the certification authority.
Optionally, the interfacing of the certification authority to the block chain, where the privacy information sender and the certification authority share the total privacy information, the hash commitment corresponding to each piece of privacy information in the total privacy information, and the generating of the salt value used by the hash commitment, includes:
the privacy information sender stores the encrypted privacy information in the block chain, and shares a decryption key of the encrypted privacy information with the certification authority;
the encrypted privacy information comprises the encrypted full-amount privacy information, a hash commitment corresponding to each piece of privacy information in the full-amount privacy information, and a salt value used for generating the hash commitment.
Optionally, the full amount of privacy information comprises privacy information associated with the decentralized identity document.
According to a second aspect of embodiments of the present specification, there is disclosed a private information selective disclosure system, wherein private information to be disclosed is a subset of a full amount of private information; the system comprises:
the authentication mechanism is used for sharing the full-amount privacy information, the hash commitment corresponding to each piece of privacy information in the full-amount privacy information and a salt value used by the hash commitment with a privacy information sender; sending a non-falsifiable authentication certificate to the privacy information sender, wherein the authentication certificate carries a corresponding hash commitment of each piece of privacy information in the full amount of privacy information;
the privacy information sender is used for disclosing the privacy information to be disclosed, a hash commitment corresponding to the privacy information to be disclosed, a salt value corresponding to the privacy information to be disclosed and the authentication certificate to a privacy information receiver;
a privacy information receiver, configured to determine whether the authentication certificate carries a hash commitment corresponding to the to-be-disclosed privacy information, and if so, check integrity of the to-be-disclosed privacy information further based on the hash commitment corresponding to the to-be-disclosed privacy information and a salt value corresponding to the to-be-disclosed privacy information; and if the verification is successful, confirming that the private information to be disclosed is correctly disclosed.
Optionally, the certificate of authenticity is digitally signed by the certification authority;
the private information recipient is further configured to: and acquiring a signature verification public key of the certification authority, and verifying the digital signature in the received certification certificate based on the signature verification public key so as to confirm whether the certification certificate is issued by the certification authority.
Optionally, the system further comprises a blockchain interfacing with the certification authority;
the private information sender is further configured to: storing the encrypted privacy information in the block chain, and sharing a decryption key of the encrypted privacy information with the certification authority; the encrypted privacy information comprises the encrypted full-amount privacy information, a hash commitment corresponding to each piece of privacy information in the full-amount privacy information, and a salt value used for generating the hash commitment.
Optionally, the full amount of privacy information comprises privacy information associated with the decentralized identity document.
According to a third aspect of the embodiments of the present specification, a computer device is disclosed, which at least comprises a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any of the above-mentioned aspect embodiments when executing the program.
According to a fourth aspect of embodiments herein, a computer-readable storage medium is disclosed, on which a computer program is stored, which, when executed by a processor, implements the method of any of the above-described aspect embodiments.
In the above technical solution, on one hand, since the hash commitment cannot be modified once being generated, if the integrity of the to-be-disclosed privacy information is successfully verified based on the hash commitment corresponding to the to-be-disclosed privacy information and the salt value corresponding to the to-be-disclosed privacy information, it can be verified that the privacy information sender really owns the to-be-disclosed privacy information, and the to-be-disclosed privacy information is not tampered; moreover, because the privacy information receiver cannot contact the original text and the corresponding salt value of the privacy information except the to-be-disclosed privacy information, the privacy is not leaked; therefore, the scheme can safely and reliably realize the selective disclosure of the private information.
On the other hand, since the authentication certificate carries the corresponding hash commitment of each piece of privacy information in the total privacy information, the authentication certificate can be reused without regeneration no matter what kind of privacy information in the total privacy information is actually expected to be disclosed by the privacy information sender, so that the service pressure of authentication performed by the authentication mechanism can be reduced, and the resource waste is reduced.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with this specification and together with the description, serve to explain the principles.
Fig. 1 is a diagram illustrating an example of a prior art private information disclosure scenario;
FIG. 2 is a flowchart illustrating a method for selective disclosure of private information;
FIG. 3 is a diagram illustrating an example scenario for implementing selective disclosure of private information;
fig. 4 is a diagram showing an exemplary configuration of a private information selective disclosure system shown in the present specification;
fig. 5 is a diagram illustrating an exemplary configuration of a computer device for selective disclosure of private information according to the present specification.
Detailed Description
In order to make those skilled in the art better understand the technical solutions in one or more embodiments of the present disclosure, the technical solutions in one or more embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in one or more embodiments of the present disclosure. It is to be understood that the described embodiments are only a few, and not all embodiments. All other embodiments that can be derived by one of ordinary skill in the art from one or more embodiments of the disclosure without making any creative effort shall fall within the scope of the disclosure.
When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The embodiments described in the following exemplary embodiments do not represent all embodiments consistent with the present specification. Rather, they are merely examples of systems and methods consistent with certain aspects of the present description, as detailed in the appended claims.
The terminology used in the description herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the description. As used in this specification and the appended claims, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used herein to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information, without departing from the scope of the present specification. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
When a user participates in internet business, the user may need to disclose his privacy information, such as name, age, occupation, etc.; referring to fig. 1, fig. 1 is a diagram illustrating a prior art scenario of private information disclosure, in which a user may submit all private information to an authority in advance for authentication and signing, and obtain an authentication certificate issued by the authority; when the authenticity of the disclosed privacy information needs to be verified, the privacy information verification can be completed by presenting the authentication certificate to the opposite party. However, in the above scheme, the authentication certificate includes all the private information of the user, and therefore, unnecessary private information may be leaked.
In the related art, a user can apply an authentication certificate containing only part of private information to an authority according to specific requirements when needing to selectively disclose the private information every time, so that the whole private information is prevented from being disclosed; however, the scheme can cause the authentication certificate to be difficult to reuse, the service pressure of issuing the authentication certificate by an authority can be obviously increased, and more resources are consumed.
Based on the above, the present specification proposes a technical solution that firstly, signature authentication is performed on a hash commitment of each piece of privacy information in the total privacy information, and when the privacy information is required to be selectively disclosed, the authentication is completed only for a part of the privacy information required to be disclosed based on the commitment protocol and the above signature, and the privacy information not required to be disclosed is not exposed.
When the verification is realized, the privacy information sender can acquire a certificate for verifying the hash commitment of each piece of privacy information in the total privacy information from the certification authority, and provides the original text, the hash commitment, the corresponding salt value and the certificate for certification corresponding to the part of privacy information which needs to be disclosed actually to the privacy information receiver, so that the commitment opening verification is realized, and the irrelevant privacy information disclosure is avoided;
for example, the total amount of privacy information includes 3 pieces of privacy information a1, a2 and A3, but only a1 needs to be disclosed actually, the certificate of the certificate may include hash commitments for a1, a2 and A3, and the original text of a1, the hash commitment, the salt value and the certificate, which need to be disclosed actually, of the data sent to the privacy information receiver by the privacy information sender may be included; after receiving the data, the privacy information receiver can determine whether the received hash commitment appears in the certificate, and finally verify the correctness of the hash commitment; if the above verification is passed, it can be proved that the private information a1 is correctly disclosed and a2 and A3 are not exposed.
In the above technical solution, on one hand, since the hash commitment cannot be modified once being generated, if the integrity of the to-be-disclosed privacy information is successfully verified based on the hash commitment corresponding to the to-be-disclosed privacy information and the salt value corresponding to the to-be-disclosed privacy information, it can be verified that the privacy information sender really owns the to-be-disclosed privacy information, and the to-be-disclosed privacy information is not tampered; moreover, because the privacy information receiver cannot contact the original text and the corresponding salt value of the privacy information except the to-be-disclosed privacy information, the privacy is not leaked; therefore, the scheme can safely and reliably realize the selective disclosure of the private information.
On the other hand, since the authentication certificate carries the corresponding hash commitment of each piece of privacy information in the total privacy information, the authentication certificate can be reused without regeneration no matter what kind of privacy information in the total privacy information is actually expected to be disclosed by the privacy information sender, so that the scheme can reduce the service pressure of authentication performed by the authentication mechanism and reduce the resource waste.
The present specification is described below with reference to specific embodiments and specific application scenarios.
Referring to fig. 2, fig. 2 is a flowchart illustrating a method for selectively disclosing private information according to an embodiment of the present specification, where the private information to be disclosed is a subset of a total amount of private information, and the method may include the following steps:
s201, a privacy information sender and a certification authority share the total privacy information, a hash commitment corresponding to each piece of privacy information in the total privacy information, and a salt value used by the hash commitment;
s202, the certification authority sends a non-falsifiable certification certificate to the privacy information sender, wherein the certification certificate carries a corresponding hash commitment of each piece of privacy information in the full amount of privacy information;
s203, the privacy information sending party discloses the to-be-disclosed privacy information, a hash commitment corresponding to the to-be-disclosed privacy information, a salt value corresponding to the to-be-disclosed privacy information and the authentication certificate to a privacy information receiving party;
s204, the privacy information receiver determines whether the authentication certificate carries a hash commitment corresponding to the to-be-disclosed privacy information, and if so, the integrity of the to-be-disclosed privacy information is checked further based on the hash commitment corresponding to the to-be-disclosed privacy information and a salt value corresponding to the to-be-disclosed privacy information; and if the verification is successful, confirming that the private information to be disclosed is correctly disclosed.
The total private information may refer to a private information set containing private information to be disclosed, for example, assuming that the private information to be disclosed includes names and ages of natural persons, the total private information may be a personal identity private information set further containing private information such as native, professional, academic calendar, etc.; assuming that the private information to be disclosed includes the name and address of the company, the total private information may be the business registered private information that also contains the registered capital, the business registered number of the company. It can be seen that the specific selection of the total amount of the private information and the private information to be disclosed can be determined according to actual situations, and detailed limitations do not need to be given in the specification.
In one illustrated embodiment, the full amount of privacy information may include privacy information associated with a decentralized identity document. Because a large amount of privacy information may be carried in the decentralized identity document, in order to ensure that the privacy is not revealed, a plurality of versions of sub-documents containing different privacy information may be generated according to specific application scenarios, which brings more inconvenience; therefore, the scheme can simplify the using process of the decentralized identity document under the situation, and can realize selective disclosure of the privacy information associated with the decentralized identity document without generating sub-documents with multiple versions and containing different privacy information.
In one embodiment, the total private information may be a set of key-value pairs, and the private information to be disclosed is a non-empty subset of the set of key-value pairs; for example, if the total private information in the key-value pair set is "name: Sam, age:23, gender: male, encryption", the private information to be disclosed may be "name: Sam, age: 23". It will of course be appreciated that the above JSON-like representation is only one possible representation of key-value pairs, and that in addition, the above-described set of key-value pairs may be stored using structures, classes, etc., or other symbols as separators, etc. The skilled person can select the data structure according to the specific requirement to store and display the above mentioned total private information and the private information to be disclosed.
The hash commitment may refer to a salted hash value corresponding to the original text in a commitment protocol implemented based on a hash algorithm; for example, assuming that the predetermined hash algorithm is the SHA-1 algorithm, the salt adding rule is to attach a salt value to the end of the original text, "Hello world" (without quotation marks) and the original text to be committed to "123", the corresponding hash commitment "22 ad63e53e79fe6e2d97fd9d588b29409a6ecc 57" (i.e., the SHA-1 hash value of the character string "Hello world 123") can be calculated.
It is understood that besides the SHA-1 hashing algorithm, the hashing algorithms such as MD5 and SM3 may be selected according to specific needs, or those skilled in the art may develop the hashing algorithm according to specific needs. The scheme described in the present specification depends on the common property of the hash algorithm and does not depend on the unique property of a specific hash algorithm, and therefore, the type of the hash algorithm to be specifically used in the scheme is not limited in detail.
In this specification, the privacy information sender and the certification authority may share the total amount of privacy information, the hash commitment corresponding to each piece of privacy information in the total amount of privacy information, and the salt value used to generate the hash commitment. Specifically, the privacy information sender and the certification authority may complete sharing of the data through channels such as cloud services, instant messaging software, e-mails, application built-in data channels, and the like, for example, the privacy information sender may send the total privacy information, the hash commitment corresponding to each piece of privacy information in the total privacy information, and a salt value used to generate the hash commitment to the certification authority through a communication interface opened to the outside by an automated office system of the certification authority, so as to implement sharing of the two.
It is understood that, in order to save network communication resources, the hash commitment corresponding to each piece of privacy information in the total amount of privacy information may not be sent via a communication connection, but rather, the shared parties (i.e., the privacy information sender and the certification authority) each independently generate the hash commitment according to the total amount of privacy information already held and the corresponding salt value. The present specification does not limit whether a network transmission optimization algorithm is specifically adopted in the data sharing process.
In an illustrative embodiment, the sharing of data may be accomplished via a blockchain. The block chain generally has the properties of openness, transparency and non-falsification, so that if the data to be shared is encrypted, the encrypted data to be shared can be directly stored in a distributed account book of the block chain, the integrity of the data can be guaranteed by using the properties of the block chain, the data cannot be falsified, and irrelevant persons can be prevented from directly reading the original text of the data to be shared. Specifically, the certification authority and the privacy information sender may be connected to the same blockchain, and when sharing of the total amount of privacy information, the hash commitment corresponding to each piece of privacy information in the total amount of privacy information, and the salt value used to generate the hash commitment is achieved, the privacy information sender may store the encrypted privacy information in the blockchain and share the decryption key of the encrypted privacy information with the certification authority; the encrypted privacy information includes the encrypted full-scale privacy information, a hash commitment corresponding to each piece of privacy information in the full-scale privacy information, and a salt value used for generating the hash commitment. According to the scheme, the certification authority can acquire the encrypted privacy information from the block chain, and decrypt the encrypted privacy information by using a decryption key shared by the privacy information sender to obtain the full-scale privacy information, the hash commitment corresponding to each piece of privacy information in the full-scale privacy information, and a salt value used by the hash commitment.
It is understood that the block chain may be a public chain, a federation chain or a private chain; generally, private chains have higher performance and lower price, but decentralized degree and reliability are inferior to those of alliance chains and public chains, so the present specification does not limit the specific types of the above block chains, and those skilled in the art can select adaptive block chains according to specific service requirements.
In this specification, the certification authority sends a non-falsifiable certification certificate to the privacy information sender, where the certification certificate carries a hash commitment corresponding to each piece of privacy information in the full amount of privacy information. Specifically, the certification authority may generate or receive a hash commitment corresponding to each piece of the total amount of the privacy information, and then store the hash commitment corresponding to each piece of the total amount of the privacy information in a non-falsifiable certificate. For example, a fragile digital watermark is added to the certificate, so as to determine whether the certificate is tampered after being generated by the fragile digital watermark.
In an illustrated embodiment, the non-tampered certificate may be a certificate digitally signed by the certification authority, for example, the certification authority may calculate an integrity check value of a hash commitment corresponding to each piece of privacy information in the full amount of privacy information, encrypt the integrity check value by using a private key of the integrity check value, and use an encryption result as a digital signature given by the certification authority for the hash commitment corresponding to each piece of privacy information in the full amount of privacy information. In this case, after the data sender sends the certificate to the data receiver, the data receiver may first obtain the signature verification public key of the certificate authority, and verify the digital signature in the received certificate based on the signature verification public key, so as to confirm the validity of the certificate, that is, whether the certificate is issued by the certificate authority.
By using the scheme, the authentication certificate can be further ensured not to be tampered, and the reliability and the safety of the process are improved; in addition, because the existing certification authority usually supports the digital signature mechanism based on asymmetric encryption in advance, the anti-tampering protection of the certification certificate is realized by using a digital signature mode, and the implementation difficulty of the scheme can be reduced.
In this specification, the privacy information sender discloses, to a privacy information receiver, the privacy information to be disclosed, a hash commitment corresponding to the privacy information to be disclosed, a salt value corresponding to the privacy information to be disclosed, and the authentication certificate. Different from the prior art, in the scheme, the certificate given by the certification authority is not the certificate aiming at the original text of the private information to be disclosed any more, but the certificate aiming at the hash commitment of the private information to be disclosed, so that the sender of the private information does not need to expose the whole amount of the private information any more. Referring to fig. 3, fig. 3 is a diagram illustrating an example scenario for selectively disclosing private information according to the present disclosure; in this example, the full amount of privacy information includes data1, data2, data3, … … datan, where only data2 is the privacy information to be disclosed, the certificate of authentication given by the certificate authority may include hash commitments hash1, hash2, hash3, … … hash of data1, data2, data3, … … datan, and the sender of the privacy information may send the certificate of authentication, data2, hash2, and corresponding salt2 to the recipient of the privacy information. Even if the recipient of the private information can extract the hash commitment of the other private information from the authentication certificate, the recipient of the private information cannot reversely obtain the original text of the other private information.
In this specification, the privacy information receiver determines whether the authentication certificate carries a hash commitment corresponding to the to-be-disclosed privacy information, and if so, further verifies the integrity of the to-be-disclosed privacy information based on the hash commitment corresponding to the to-be-disclosed privacy information and a salt value corresponding to the to-be-disclosed privacy information; and if the verification is successful, confirming that the private information to be disclosed is correctly disclosed. Continuing with the scenario of fig. 3, the privacy information receiver may first determine whether the received hash2 exists in the certificate, and then use the to-be-disclosed privacy information data2 and the corresponding salt2 (both of which may be referred to as "promised open") to regenerate a hash commitment hash2 ', and if the hash 2' is the same as the hash2, it may be determined that the data2 is the authentic and untampered to-be-disclosed privacy information authenticated by the certificate authority.
The above description is all embodiments of the present specification directed to the method for selectively disclosing privacy information. Based on the above embodiments, on one hand, since the hash commitment cannot be modified once generated, the verification scheme can verify that the sender of the private information really owns the private information to be disclosed, and the private information to be disclosed is not tampered; moreover, because the privacy information receiver cannot contact the original text and the corresponding salt value of the privacy information except the to-be-disclosed privacy information, the privacy is not leaked; therefore, the scheme can safely and reliably realize the selective disclosure of the private information.
On the other hand, since the authentication certificate carries the corresponding hash commitment of each piece of privacy information in the total privacy information, the authentication certificate can be reused without regeneration no matter what kind of privacy information in the total privacy information is actually expected to be disclosed by the privacy information sender, so that the service pressure of authentication performed by the authentication mechanism can be reduced, and the resource waste is reduced.
The present specification also provides embodiments of a corresponding private information selective disclosure system as follows:
the present specification proposes a private information selective disclosure system, an example of the structure of which is shown in fig. 4, including:
the certification authority 401 is configured to share the full amount of privacy information, the hash commitment corresponding to each piece of privacy information in the full amount of privacy information, and a salt value used by the hash commitment with a privacy information sender; sending a non-falsifiable authentication certificate to the privacy information sender, wherein the authentication certificate carries a corresponding hash commitment of each piece of privacy information in the full amount of privacy information;
a privacy information sender 402, configured to disclose the to-be-disclosed privacy information, a hash commitment corresponding to the to-be-disclosed privacy information, a salt value corresponding to the to-be-disclosed privacy information, and the authentication certificate to a privacy information receiver;
a privacy information receiver 403, configured to determine whether the authentication certificate carries a hash commitment corresponding to the to-be-disclosed privacy information, and if so, further check integrity of the to-be-disclosed privacy information based on the hash commitment corresponding to the to-be-disclosed privacy information and a salt value corresponding to the to-be-disclosed privacy information; and if the verification is successful, confirming that the private information to be disclosed is correctly disclosed.
In one embodiment, the certificate is digitally signed by the certificate authority; the privacy information receiver is further configured to: and acquiring a signature verification public key of the certification authority, and verifying the digital signature in the received certification certificate based on the signature verification public key so as to confirm whether the certification certificate is issued by the certification authority. By applying the scheme, the existing public and private key signature authentication system can be utilized, the implementation difficulty of the scheme is reduced, and the security of the authentication certificate is improved.
In one embodiment, the system further comprises a blockchain interfacing with the certification authority; the privacy information sender is further configured to: storing the encrypted privacy information in the block chain, and sharing a decryption key of the encrypted privacy information with the certification authority; the encrypted privacy information includes the encrypted full-scale privacy information, a hash commitment corresponding to each piece of privacy information in the full-scale privacy information, and a salt value used for generating the hash commitment. By applying the scheme, the reliability of data sharing between the authentication mechanism and the privacy information sender can be further improved by utilizing the characteristic that the block chain cannot be tampered.
In one embodiment, the full amount of privacy information includes privacy information associated with a decentralized identity document. By using the scheme, the system resource consumption of the privacy information associated with the decentralized identity document in selective disclosure can be improved.
Embodiments of the present specification further provide a computer device, which at least includes a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the foregoing method for selectively disclosing private information when executing the program.
Fig. 5 is a schematic diagram illustrating a more specific hardware structure of a computing device according to an embodiment of the present disclosure, where the computing device may include: a processor 1010, a memory 1020, an input/output interface 1030, a communication interface 1040, and a bus 1050. Wherein the processor 1010, memory 1020, input/output interface 1030, and communication interface 1040 are communicatively coupled to each other within the device via bus 1050.
The processor 1010 may be implemented by a general-purpose CPU (Central Processing Unit), a microprocessor, an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits, and is configured to execute related programs to implement the technical solutions provided in the embodiments of the present disclosure.
The Memory 1020 may be implemented in the form of a ROM (Read Only Memory), a RAM (Random Access Memory), a static storage device, a dynamic storage device, or the like. The memory 1020 may store an operating system and other application programs, and when the technical solution provided by the embodiments of the present specification is implemented by software or firmware, the relevant program codes are stored in the memory 1020 and called to be executed by the processor 1010.
The input/output interface 1030 is used for connecting an input/output module to input and output information. The i/o module may be configured as a component in a device (not shown) or may be external to the device to provide a corresponding function. The input devices may include a keyboard, a mouse, a touch screen, a microphone, various sensors, etc., and the output devices may include a display, a speaker, a vibrator, an indicator light, etc.
The communication interface 1040 is used for connecting a communication module (not shown in the drawings) to implement communication interaction between the present apparatus and other apparatuses. The communication module can realize communication in a wired mode (such as USB, network cable and the like) and also can realize communication in a wireless mode (such as mobile network, WIFI, Bluetooth and the like).
Bus 1050 includes a path that transfers information between various components of the device, such as processor 1010, memory 1020, input/output interface 1030, and communication interface 1040.
It should be noted that although the above-mentioned device only shows the processor 1010, the memory 1020, the input/output interface 1030, the communication interface 1040 and the bus 1050, in a specific implementation, the device may also include other components necessary for normal operation. In addition, those skilled in the art will appreciate that the above-described apparatus may also include only those components necessary to implement the embodiments of the present description, and not necessarily all of the components shown in the figures.
Embodiments of the present specification also provide a computer-readable storage medium, on which a computer program is stored, and the computer program, when executed by a processor, implements the foregoing method for selectively disclosing private information.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
From the above description of the embodiments, it is clear to those skilled in the art that the embodiments of the present disclosure can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the embodiments of the present specification may be essentially or partially implemented in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments of the present specification.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. A typical implementation device is a computer, which may take the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email messaging device, game console, tablet computer, wearable device, or a combination of any of these devices.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus embodiment, since it is substantially similar to the method embodiment, it is relatively simple to describe, and reference may be made to some descriptions of the method embodiment for relevant points. The above-described apparatus embodiments are merely illustrative, and the modules described as separate components may or may not be physically separate, and the functions of the modules may be implemented in one or more software and/or hardware when implementing the embodiments of the present disclosure. And part or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
The foregoing is only a specific embodiment of the embodiments of the present disclosure, and it should be noted that, for those skilled in the art, a plurality of modifications and decorations can be made without departing from the principle of the embodiments of the present disclosure, and these modifications and decorations should also be regarded as the protection scope of the embodiments of the present disclosure.

Claims (10)

1. A private information selective disclosure method, wherein, the private information to be disclosed is a subset of the whole private information; the method comprises the following steps:
a privacy information sender and a certification authority share the total privacy information, a hash commitment corresponding to each piece of privacy information in the total privacy information, and a salt value used by the hash commitment;
the authentication mechanism sends a non-falsifiable authentication certificate to the privacy information sender, wherein the authentication certificate carries a corresponding hash commitment of each piece of privacy information in the full amount of privacy information;
the privacy information sending party discloses the to-be-disclosed privacy information, a hash commitment corresponding to the to-be-disclosed privacy information, a salt value corresponding to the to-be-disclosed privacy information and the authentication certificate to a privacy information receiving party;
the privacy information receiver determines whether the authentication certificate carries a hash commitment corresponding to the to-be-disclosed privacy information, and if so, the integrity of the to-be-disclosed privacy information is checked based on the hash commitment corresponding to the to-be-disclosed privacy information and a salt value corresponding to the to-be-disclosed privacy information; and if the verification is successful, confirming that the private information to be disclosed is correctly disclosed.
2. The method of claim 1, the certificate of authenticity being digitally signed by the certification authority; the method further comprises the following steps:
and the privacy information receiver acquires the signature verification public key of the certification authority and verifies the digital signature in the received certification certificate based on the signature verification public key so as to confirm whether the certification certificate is issued by the certification authority.
3. The method of claim 1, the certification authority interfacing to a blockchain, the sender of the privacy information sharing the full amount of privacy information, the hash commitment corresponding to each piece of privacy information in the full amount of privacy information, and a salt value used to generate the hash commitment with a certification authority, comprising:
the privacy information sender stores the encrypted privacy information in the block chain, and shares a decryption key of the encrypted privacy information with the certification authority;
the encrypted privacy information comprises the encrypted full-amount privacy information, a hash commitment corresponding to each piece of privacy information in the full-amount privacy information, and a salt value used for generating the hash commitment.
4. The method of claim 1, the full amount of privacy information comprising privacy information associated with a decentralized identity document.
5. A private information selective disclosure system, wherein, the private information to be disclosed is a subset of the whole private information; the system comprises:
the authentication mechanism is used for sharing the full-amount privacy information, the hash commitment corresponding to each piece of privacy information in the full-amount privacy information and a salt value used by the hash commitment with a privacy information sender; sending a non-falsifiable authentication certificate to the privacy information sender, wherein the authentication certificate carries a corresponding hash commitment of each piece of privacy information in the full amount of privacy information;
the privacy information sender is used for disclosing the privacy information to be disclosed, a hash commitment corresponding to the privacy information to be disclosed, a salt value corresponding to the privacy information to be disclosed and the authentication certificate to a privacy information receiver;
a privacy information receiver, configured to determine whether the authentication certificate carries a hash commitment corresponding to the to-be-disclosed privacy information, and if so, check integrity of the to-be-disclosed privacy information further based on the hash commitment corresponding to the to-be-disclosed privacy information and a salt value corresponding to the to-be-disclosed privacy information; and if the verification is successful, confirming that the private information to be disclosed is correctly disclosed.
6. The system of claim 5, the certificate of authenticity being digitally signed by the certification authority;
the private information recipient is further configured to: and acquiring a signature verification public key of the certification authority, and verifying the digital signature in the received certification certificate based on the signature verification public key so as to confirm whether the certification certificate is issued by the certification authority.
7. The system of claim 5, further comprising a blockchain interfacing with the certification authority;
the private information sender is further configured to: storing the encrypted privacy information in the block chain, and sharing a decryption key of the encrypted privacy information with the certification authority; the encrypted privacy information comprises the encrypted full-amount privacy information, a hash commitment corresponding to each piece of privacy information in the full-amount privacy information, and a salt value used for generating the hash commitment.
8. The system of claim 5, the full amount of privacy information comprising privacy information associated with a decentralized identity document.
9. A computer device comprising at least a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any of claims 1 to 4 when executing the program.
10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the method of any one of claims 1 to 4.
CN202111047934.7A 2021-09-08 2021-09-08 Method and system for selectively disclosing privacy information Pending CN113722762A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111047934.7A CN113722762A (en) 2021-09-08 2021-09-08 Method and system for selectively disclosing privacy information

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111047934.7A CN113722762A (en) 2021-09-08 2021-09-08 Method and system for selectively disclosing privacy information

Publications (1)

Publication Number Publication Date
CN113722762A true CN113722762A (en) 2021-11-30

Family

ID=78682417

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111047934.7A Pending CN113722762A (en) 2021-09-08 2021-09-08 Method and system for selectively disclosing privacy information

Country Status (1)

Country Link
CN (1) CN113722762A (en)

Similar Documents

Publication Publication Date Title
US10558974B2 (en) Methods and systems of providing verification of information using a centralized or distributed ledger
US20210051027A1 (en) User identity information authentication and verification methods and devices
US20180227130A1 (en) Electronic identification verification methods and systems
US20190165947A1 (en) Signatures for near field communications
CN108965250B (en) Digital certificate installation method and system
JP6880055B2 (en) Message anti-counterfeiting implementation method and device
US10783277B2 (en) Blockchain-type data storage
CN106664308B (en) Device authentication prior to enrollment
CN107995200B (en) Certificate issuing method, identity authentication method and system based on smart card
JP2017532707A (en) User verification based on digital fingerprint signal derived from out-of-band data
CN111835526A (en) Method and system for generating anonymous voucher
CN104426657A (en) Service authentication method and system, server
EP4011031B1 (en) Secure identity card using unclonable functions
CN109818965B (en) Personal identity verification device and method
US11968526B2 (en) Identity management on a mobile device
CN108764834A (en) Signature method, system, equipment and the medium of electronic contract
CN111371555A (en) Signature authentication method and system
CN110598389A (en) Method and device for storing account book certificate based on block chain
CN113722762A (en) Method and system for selectively disclosing privacy information
CN113806335A (en) Data migration method and device applied to block chain
CN114266680A (en) Block chain-based electronic contract signing method, device and system
CN113987574A (en) Block chain private transaction method, device, equipment and readable storage medium
CN114092292A (en) Government affair processing system and method based on block chain and decentralized identity
CN113726764B (en) Private data transmission method and device
CN113765674A (en) Cross-platform registration method and device based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20231003

Address after: 10/F, Guotou Building, No. 398 Shaoxing Road, Gongshu District, Hangzhou City, Zhejiang Province, 310000

Applicant after: Hangzhou Xita Technology Co.,Ltd.

Address before: 215133 room 1805-080, 18 / F, building 1, Lingyu Business Plaza, No. 66, qinglonggang Road, high speed railway new town, Xiangcheng District, Suzhou City, Jiangsu Province (cluster registration)

Applicant before: Suzhou Changtong Internet Technology Co.,Ltd.

TA01 Transfer of patent application right