CN113726767B - Distributed multi-party privacy computing system and method based on blockchain - Google Patents

Distributed multi-party privacy computing system and method based on blockchain Download PDF

Info

Publication number
CN113726767B
CN113726767B CN202110996460.4A CN202110996460A CN113726767B CN 113726767 B CN113726767 B CN 113726767B CN 202110996460 A CN202110996460 A CN 202110996460A CN 113726767 B CN113726767 B CN 113726767B
Authority
CN
China
Prior art keywords
data
calculation
computing
node
party
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110996460.4A
Other languages
Chinese (zh)
Other versions
CN113726767A (en
Inventor
王蓓
杜永刚
谢谨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank of Communications Co Ltd
Original Assignee
Bank of Communications Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank of Communications Co Ltd filed Critical Bank of Communications Co Ltd
Priority to CN202110996460.4A priority Critical patent/CN113726767B/en
Publication of CN113726767A publication Critical patent/CN113726767A/en
Application granted granted Critical
Publication of CN113726767B publication Critical patent/CN113726767B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention relates to a distributed multi-party privacy computing system and a method based on a blockchain, wherein the multi-party privacy computing system comprises a blockchain security computing node and a plurality of node APIs, and the node APIs and the blockchain security computing node are in information interaction. The multiparty privacy calculating method comprises the following steps: step 1: registering; step 2: maintaining a data certificate; step 3: registering and cataloging data through a node API; step 4: data computation is initiated through the node API. Compared with the prior art, the invention has the advantages of high safety, low cost, good popularization and the like.

Description

Distributed multi-party privacy computing system and method based on blockchain
Technical Field
The invention relates to the technical field of multiparty privacy computing, in particular to a distributed multiparty privacy computing system and method based on a blockchain.
Background
In the context of big data age, big data based applications increasingly affect everyday life. From the service provider perspective, to provide more targeted personalized services, a larger amount of personalized data is needed to provide calculation, so that the user needs can be met more accurately. However, in the practical application process, the digitization degree of the service application is still not high, the depicted user portrait is not accurate enough, even the risk recognition capability cannot support full online imaging, the reason is analyzed, and the pain points are as follows: 1. the data acquisition cost is high, the difficulty is high, a large amount of external data is needed to participate in the service-related collaborative calculation in addition to the data in the mechanism for service development, and the larger the acquired data amount is, the more the data types are, the more the depicted customer image is accurate, so that the risk identification and the service accurate development are facilitated. At present, data sharing is basically carried out in a point-to-point mode, a large number of security measures are required to be suggested to ensure the data privacy security, and the acquisition cost of data exceeds the service value per se, so that the promotion of data sharing is hindered. 2. At present, the data sharing calculation is not transparent enough, perfect specifications are not formed, the data sharing is hindered, the data provider worries about privacy security risks caused by data leakage or overrun use, the data demand worries about deviation of data reliability aggravation model results, and the development of data as production elements is seriously hindered.
One of the privacy calculation methods in the prior art is to develop a data docking module specially by a service application system to perform summarized calculation, define the data sharing range, the use purpose and the like of both the supply and demand sides of data in a negotiation mode, realize data calling inquiry in a point-to-point mode, calculate after summarizing inquiry results by a data demand side, ensure the confidentiality of a data inquiry target by means of data encryption, privacy safety inquiry and the like under the conditional condition, generally develop a special data docking platform for a system with more data demands, and basically realize docking with a plurality of data providers through the development of platformization. The method can realize the query access requirement to the data provider to a certain extent, but with the continuous and deep development of the service, the range and the type of the data are gradually increased, the external data provider which is required to be in butt joint by the application system is more and more, and the application system is required to adapt to various data query services without service standards and different protocols, so that the query service becomes complex. Meanwhile, even if the privacy security technology is applied, it is difficult to avoid the risk of revealing private data to the data provider, and after all, the data has been transmitted from the data provider to the data demander. The other method is that a trusted third party builds a data platform to carry out summarized calculation, a plurality of parties provided with data provide data for the data platform in a standard protocol, the trusted third party calculates the data and feeds the data back to a data demand party, the trusted third party ensures the safety and accuracy of the data calculation process through a safety calculation technology, privacy data required by calculation is not reserved or stored in any party, and the risk of data leakage in the demand party is prevented. However, the method takes the trusted third party as the intermediate to receive and calculate the private data, but the paid security cost is very high, and firstly, the intermediate as the core calculator is enough open to ensure the reliable and trusted calculation and is required to take the audit responsibility of the data calculation. Second, the man-in-the-middle is trusted enough that the entire business trust chain and trusted computing will collapse once a centralized trust crisis occurs. The selection and validation of such trusted third parties would be a significant challenge.
At present, the data between each institution and enterprises cannot be smoothly combined, and the cooperative calculation is carried out in an organization-level cooperation mode, but basically the unified calculation is carried out after the data is acquired, so that the worry about data privacy disclosure cannot be relieved, the risk of misuse after the data is acquired by a data demander cannot be prevented, and further cooperation of a data layer is hindered. For a calculation mode with a trusted third party as a trusted intermediate, data of each party needs to be transmitted to the intermediate, so that the call cost is high, the call efficiency is low, and meanwhile, the trust problem of service call exists.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide a distributed multi-party privacy computing system and method based on block chains, which have high security, low cost and good popularization.
The aim of the invention can be achieved by the following technical scheme:
a distributed multi-party privacy computing system based on a blockchain, the multi-party privacy computing system comprises a blockchain security computing node and a plurality of node APIs; the node API performs information interaction with the block chain security computing node;
the block chain security computing node is used for carrying out data release and data computation;
the node API is deployed on the supply and demand sides of the data and is used for realizing the data release and data calculation functions initiated by the data platform system in the business system or the organization.
Preferably, the blockchain security computing node comprises a data publishing module and a data computing module;
the data release module comprises:
a data demand contract unit for registering a data demand contract of the data demand party;
the data release registration unit is used for registering self information released by the data provider, and the self information of the data provider is released by the data provider according to the data demand contract;
the data cataloging unit is used for carrying out data standardized cataloging after the number of data release users meets the data requirement, or initiating cataloging operation after the data requirement side finishes releasing the data requirement, registering the cataloging directory in the data requirement into a cataloging contract, and finishing registration by taking the date as a version number;
a certificate management unit for establishing a data certificate under user information;
the data calculation module is used for carrying out calculation initiation, calculation matching and result calculation of the privacy data.
More preferably, the data demand contract includes data type, length, value, format, calculation mode, number of participating calculation nodes and cataloging path of the required data.
More preferably, the number of the participating computing nodes is more than three.
More preferably, the information of the data provider itself includes user information, user credentials, data security credentials and validity period of the data provider.
More preferably, the data logging unit needs all user signatures in the data distribution to be validated after registration is completed, and the signature content is Enc (privkey, SHA256 (data requirement ID)).
Preferably, the node API monitors the calculation task of the blockchain at the same time, and automation of data provision is realized.
Preferably, the data calculation method of the blockchain security calculation node is as follows:
the data demand side inquires matched catalogue information according to the data demand and initiates a calculation task according to the catalogue number;
the block chain safety calculation node generates calculation tasks, automatically matches the calculation sequence of a user list in the catalogue information in a random mode, and feeds back calculation task numbers to a data requiring party;
the data demand side generates data corresponding to the calculation task and encrypts the data;
the block chain security computing node registers a computing process, and flows among data users according to a computing sequence until a user list in the catalogue information is traversed;
the block chain safety calculation node feeds the ciphertext of the calculation result back to the data demand party;
and the data demand party decrypts the ciphertext to obtain a calculation result, and completes data calculation.
More preferably, the method for encrypting the data by the data requiring party specifically comprises the following steps:
firstly, generating a homomorphic computing key MKey, and acquiring the computing data D;
next, the data D is homomorphic encrypted, i.e., meD [0] =renc (MKey, D), where renc is the homomorphic encryption algorithm
Subsequently, the ciphertext meD [0] is data signed;
finally, encrypting ciphertext meD [0] with the next user public key, namely r [1] = enc (PUBKEY [1], meD [0 ]), wherein enc is an asymmetric encryption algorithm, and PUBKEY is the user public key;
when the data is circulated according to the calculation sequence, the processing method of each data user comprises the following steps:
firstly, checking labels on data;
secondly, decrypting by using a private key of the user to obtain meD [ n-1];
then, the present data Dn is obtained, and meD n=HE (meD n-1, dn) is homomorphically calculated, wherein HE is a homomorphism calculation method;
subsequently, the ciphertext meD [ n ] is data signed;
finally, the ciphertext meD [ n ] is encrypted using the next user public key, i.e., rn+1 ] =enc (PUBKREY [ n+1], meD [ n ]);
wherein n is the data user sequence number in the user list, and n is more than or equal to 1.
A blockchain-based distributed multi-party privacy computing method for the multi-party privacy computing system, the multi-party privacy computing method comprising:
step 1: registering;
generating a blockchain identity certificate by a data supplier and a data consumer according to the cryptographic characteristics of the data supplier and the data consumer, and calculating a public key address to register on the privacy security blockchain to obtain legal identity;
step 2: maintaining a data certificate;
by calling a contract module, maintaining a data certificate and a certificate index number thereof according to identity address information;
step 3: registering and cataloging data through a node API;
registering data requirements by data requirement parties, responding the data requirements by each provider and then issuing user information, and carrying out standardized cataloging of data to form data elements after the requirements of the cataloging are met;
step 4: initiating data calculation through a node API;
and the data provider participates in the secure calculation according to the system rule, saves the calculation result on the blockchain, feeds back the result to the data demand after the calculation is completed, decrypts the result data according to the cryptography characteristic, and utilizes the data to develop related services.
Compared with the prior art, the invention has the following beneficial effects:
1. the safety is high: the distributed multi-party privacy computing system and the method thereof construct a data computing result sharing platform on a blockchain system, compute multi-party data on the blockchain, only feed back the result after multiple rounds of computation to a data demand party, and the data demand party only obtains the result data on the premise of ensuring that the original data is not computed, so that the data is not delivered; meanwhile, the platform registers all calculation flow information and data hash values, is convenient for subsequent tracing and auditing, and effectively improves the safety of multiparty safety calculation.
2. The cost is low: according to the distributed multi-party privacy computing system and method, the data elements are cooperated in a standardized and marketized mode to form the standardized data catalog set, the arithmetic operation is carried out on multiple parties under the encryption state by means of the cryptography computation, the result is cooperated in a mode that original privacy data is not exposed, the result computing cost is effectively reduced, and the data use efficiency is improved.
3. The popularization is good: the distributed multiparty privacy computing system and method can be applied to the scenes of comprehensive credit giving, financial wind control and the like needing collaborative computing, the data needing collaborative multiparty computing in the business development process is embodied into the system in a factorization mode and is compiled into the element data, the data form can be business data, limited financial data and even related data of the Internet of things of a provider, and by real-time sharing computing, more efficient financial wind control and more targeted financial service can be realized, business cost reduction and synergy are realized, and the general Hui Yewu benefit-receiving party is realized; the invention can realize safe and reliable data sharing calculation among multiple institutions, break the data barriers and improve the data utilization value.
Drawings
FIG. 1 is a schematic diagram of a multi-party privacy computing system of the present invention;
FIG. 2 is a schematic diagram of a block chain security computing node in a multi-party privacy computing system for performing data computation in accordance with the present invention;
fig. 3 is a flow chart of a multiparty privacy calculation method in the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
A multiparty privacy computing system is shown in figure 1, and comprises a blockchain security computing node and a plurality of node APIs, wherein the node APIs interact with the blockchain security computing node in information.
The block chain security computing node is used for carrying out data release and data computation;
the node API is a calling interface of the block chain secure computing node, is deployed on the supply and demand sides of data and is used for realizing data release and data computing functions initiated by a data platform system in a business system or an organization. Meanwhile, the calculation task of the block chain is monitored through an automation means, so that the automation of data provision is realized. The node API module is beneficial to isolating data from self service system data, and guaranteeing that the data can be invisible.
In this embodiment, the node API performs information interaction with the blockchain security computing node and the data service application end, and the service system performs interaction with the data service application end.
The block chain security computing node comprises a data issuing module and a data computing module, wherein the data issuing module comprises a data demand contract unit, a data issuing registering unit, a data cataloging unit and a certificate management unit, and the specific description of each unit is as follows:
(1) Data demand contract unit
The method mainly bears the registration of data demands, and the data demand party generally registers information such as the type, the length, the value, the format, the calculation mode, the number of the participating calculation nodes, the cataloging path and the like of the data on a blockchain by calling intelligent contracts, wherein the number of the participating calculation nodes is more than 3 (including 3), and the on-chain data is disclosed to all users of a platform to participate in data sharing calculation in a marketing mode.
(2) Data distribution registration unit
The method mainly comprises the steps of initiating registration according to a data demand contract, and issuing user information, user certificates, data security certificates, validity periods and the like of the data provider according to data information registered by the demand contract so as to ensure that the data provider can provide data services for the blockchain security computing nodes to share and calculate in the validity periods. In addition, to ensure a fair sharing principle of data, the data demander also has to provide data support for the computing platform for a member of the data provider.
(3) Data cataloging unit
The method mainly comprises the steps that standardized cataloging of data can be carried out after the number of data release users meets data requirements, the cataloging operation can be initiated after a data demand party finishes releasing the data requirements, the cataloging catalogs in the data requirements are registered into a cataloging contract, the registration is completed by taking the date as a version number, and meanwhile, the data can be validated after all user signatures in the data release are required to be approved. The signed content is Enc (privkey, SHA256 (data requirement ID)). After the data is catalogued, the type, length, value, format, calculation mode and number of participating calculation nodes of the data can be clearly catalogued, wherein the number of the participating calculation nodes is already participated in the user public key certificate and the data public key certificate of the user, and the role of the certificates is mainly to safely transfer the data in the calculation process.
(4) Certificate management unit
The data certificate is mainly established under the user information, the user mark is the identity address information of the user certificate, the identity address information is calculated by SHA256 (PUBKEY), namely, the public key address is calculated by SHA256 to obtain 64-bit address information. The identity address in the identification mode is convenient to exchange and has a certain confidentiality. Through the certificate management module, a user can define a certificate list, public key certificates are stored in the certificate module in a list form, and for convenience of management, the user is required to play an alias for each certificate, and in the process of participating in the calculation of private data, the data is required to be encrypted by the data certificate of the next user.
The data calculation module is a core module of the whole calculation and bears the functions of calculating initiation, calculating matching and calculating results of the privacy data. The data result corresponding to the data catalog is calculated under the condition of ensuring that the data of the data provider is not divulged by the calculation of the module, and is stored in the calculation transaction block in an encrypted mode.
The method for performing data calculation by the blockchain security calculation node shown in fig. 2 is as follows:
(1) The data demand side inquires matched catalogue information according to the data demand and initiates a calculation task according to the catalogue number;
(2) The block chain safety calculation node generates calculation tasks, automatically matches the calculation sequence of a user list in the catalogue information in a random mode, and feeds back calculation task numbers to a data requiring party;
(3) The data demand side generates and encrypts the data corresponding to the calculation task, and the specific method comprises the following steps:
firstly, generating a homomorphic computing key MKey, and acquiring the computing data D;
secondly, homomorphic encryption is carried out on the data D, namely meD [0] =MENC (MKey, D), wherein the MENC is a homomorphic encryption algorithm;
subsequently, the ciphertext meD [0] is data signed;
finally, encrypting ciphertext meD [0] with the next user public key, namely r [1] = enc (PUBKEY [1], meD [0 ]), wherein enc is an asymmetric encryption algorithm, and PUBKEY is the user public key;
(4) The block chain security computing node registers a computing process, and flows among data users according to a computing sequence until a user list in the catalogue information is traversed;
the processing method of each data user comprises the following steps:
firstly, checking labels on data;
secondly, decrypting by using a private key of the user to obtain meD [ n-1];
then, the present data Dn is obtained, and meD n=HE (meD n-1, dn) is homomorphically calculated, wherein HE is a homomorphism calculation method;
subsequently, the ciphertext meD [ n ] is data signed;
finally, the ciphertext meD [ n ] is encrypted using the next user public key, i.e., rn+1 ] =enc (PUBKREY [ n+1], meD [ n ]);
wherein n is the data user sequence number in the user list, and n is more than or equal to 1.
(5) The block chain safety calculation node feeds the ciphertext of the calculation result back to the data demand party;
(6) The data demand party decrypts the ciphertext to obtain a calculation result, and the data calculation is completed, and the specific method comprises the following steps:
firstly, ciphertext data is obtained, and a calculation result meD [ n ] is decrypted;
subsequently, homomorphic decryption SD [ n ] =hd (MKey, meD [ n ]);
finally, SD [ n ] is the result value of joint calculation of each party, taking homomorphic addition as an example, and the result value SD [ n ] is D+D1+D2+ … +Dn.
The actual value provided by other data cannot be known by the data demand party in the whole process, and the more data providers are involved, the more reliable the security is. All calculation processes are recorded on the blockchain, so that the follow-up audit verification and the data reliability of a data provider are ensured.
The flow of the distributed multi-party privacy calculation method based on the blockchain is shown in fig. 3, fig. 3 describes that after data elements are issued and recorded from a data demand party, each party participates in secure calculation and finally feeds back the result to the data demand party in an encrypted mode, and the specific flow comprises the following steps:
step 1: registering;
generating a blockchain identity certificate by a data supplier and a data consumer according to the cryptographic characteristics of the data supplier and the data consumer, and calculating a public key address to register on the privacy security blockchain to obtain legal identity;
step 2: maintaining a data certificate;
by calling a contract module, maintaining a data certificate and a certificate index number thereof according to identity address information;
step 3: registering and cataloging data through a node API;
registering data requirements by data requirement parties, responding the data requirements by each provider and then issuing user information, and carrying out standardized cataloging of data to form data elements after the requirements of the cataloging are met;
meanwhile, after more data providers respond, version upgrade can be carried out on the recorded data in an upgrade mode, and the accuracy and usability of the data are improved;
step 4: initiating data calculation through a node API;
the data demand side initiates a calculation task, the data provider participates in safe calculation according to system rules, the calculation result is stored in the blockchain, after all the data providers (generally more than three parties) participate in the calculation, the result is fed back to the data demand side, the result data is decrypted according to the cryptography characteristics, and related services are developed by using the data. Meanwhile, any data provider can be converted into a data demander to perform sharing calculation in the data alliance.
While the invention has been described with reference to certain preferred embodiments, it will be understood by those skilled in the art that various changes and substitutions of equivalents may be made and equivalents will be apparent to those skilled in the art without departing from the scope of the invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.

Claims (7)

1. The distributed multi-party privacy computing system based on the blockchain is characterized by comprising a blockchain security computing node and a plurality of node APIs; the node API performs information interaction with the block chain security computing node;
the block chain security computing node is used for carrying out data release and data computation;
the node API is deployed on the supply and demand sides of the data and is used for realizing the data release and data calculation functions initiated by the service system or the in-mechanism data platform system;
the block chain security computing node comprises a data release module and a data computing module;
the data release module comprises:
a data demand contract unit for registering a data demand contract of the data demand party;
the data release registration unit is used for registering self information released by the data provider, and the self information of the data provider is released by the data provider according to the data demand contract; providing data service for sharing calculation of the block chain security calculation node by the clear data provider in the validity period;
the data cataloging unit is used for carrying out data standardized cataloging after the number of data release users meets the data requirement, or initiating cataloging operation after the data requirement side finishes releasing the data requirement, registering the cataloging directory in the data requirement into a cataloging contract, and finishing registration by taking the date as a version number;
a certificate management unit for establishing a data certificate under user information;
the data calculation module is used for carrying out calculation initiation, calculation matching and result calculation of the privacy data;
the data which needs to cooperate with the multiparty calculation in the service development process is embodied in the system in an element mode and is compiled into the element data;
the data calculation method of the block chain security calculation node comprises the following steps:
the data demand side inquires matched catalogue information according to the data demand and initiates a calculation task according to the catalogue number;
the block chain safety calculation node generates calculation tasks, automatically matches the calculation sequence of a user list in the catalogue information in a random mode, and feeds back calculation task numbers to a data requiring party;
the data demand side generates data corresponding to the calculation task and encrypts the data;
the block chain security computing node registers a computing process, and flows among data users according to a computing sequence until a user list in the catalogue information is traversed;
the block chain safety calculation node feeds the ciphertext of the calculation result back to the data demand party;
decrypting the ciphertext by the data demand party to obtain a calculation result and finishing data calculation;
the data demand side generates and encrypts the data corresponding to the calculation task, and the specific method comprises the following steps:
firstly, generating a homomorphic computing key MKey, and acquiring the computing data D;
secondly, homomorphic encryption is carried out on the data D, namely meD [0] =MENC (MKey, D), wherein the MENC is a homomorphic encryption algorithm;
subsequently, the ciphertext meD [0] is data signed;
finally, encrypting ciphertext meD [0] with the next user public key, namely r [1] = enc (PUBKEY [1], meD [0 ]), wherein enc is an asymmetric encryption algorithm, and PUBKEY is the user public key;
the block chain security computing node registers a computing process, and flows among data users according to a computing sequence until a user list in the catalogue information is traversed;
the processing method of each data user comprises the following steps:
firstly, checking labels on data;
secondly, decrypting by using a private key of the user to obtain meD [ n-1];
then, the present data Dn is obtained, and meD n=HE (meD n-1, dn) is homomorphically calculated, wherein HE is a homomorphism calculation method;
subsequently, the ciphertext meD [ n ] is data signed;
finally, the ciphertext meD [ n ] is encrypted using the next user public key, i.e., rn+1 ] =enc (PUBKREY [ n+1], meD [ n ]);
wherein n is the data user sequence number in the user list, and n is more than or equal to 1;
the block chain safety calculation node feeds the ciphertext of the calculation result back to the data demand party;
the data demand party decrypts the ciphertext to obtain a calculation result, and the data calculation is completed, and the specific method comprises the following steps:
firstly, ciphertext data is obtained, and a calculation result meD [ n ] is decrypted;
subsequently, homomorphic decryption SD [ n ] =hd (MKey, meD [ n ]);
finally, SD [ n ] is the result value of joint calculation of each party.
2. The blockchain-based distributed multi-party privacy computing system of claim 1, wherein the data demand contracts include data type, length, value, format, computing means, number of participating computing nodes, and cataloging path of the required data.
3. The blockchain-based distributed multi-party privacy computing system of claim 2, wherein the number of participating computing nodes is greater than three.
4. The blockchain-based distributed multi-party privacy computing system of claim 1, wherein the data provider's own information includes user information of the data provider, data security credentials, and expiration dates.
5. The distributed multi-party privacy computing system of claim 1, wherein the signature content is Enc (privkey, SHA256 (data requirement ID)) after all user signatures in the data distribution are validated after the data logging unit completes the registration.
6. The distributed multi-party privacy computing system based on blockchain as in claim 1 wherein the node API simultaneously listens to the blockchain computing tasks to automate the data provision.
7. A blockchain-based distributed multi-party privacy computing method for use in a multi-party privacy computing system as defined in claim 1, the multi-party privacy computing method comprising:
step 1: registering;
generating a blockchain identity certificate by a data supplier and a data consumer according to the cryptographic characteristics of the data supplier and the data consumer, and calculating a public key address to register on the privacy security blockchain to obtain legal identity;
step 2: maintaining a data certificate;
by calling a contract module, maintaining a data certificate and a certificate index number thereof according to identity address information;
step 3: registering and cataloging data through a node API;
registering data requirements by data requirement parties, responding the data requirements by each provider and then issuing user information, and carrying out standardized cataloging of data to form data elements after the requirements of the cataloging are met;
step 4: initiating data calculation through a node API;
and the data provider participates in the secure calculation according to the system rule, saves the calculation result on the blockchain, feeds back the result to the data demand after the calculation is completed, decrypts the result data according to the cryptography characteristic, and utilizes the data to develop related services.
CN202110996460.4A 2021-08-27 2021-08-27 Distributed multi-party privacy computing system and method based on blockchain Active CN113726767B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110996460.4A CN113726767B (en) 2021-08-27 2021-08-27 Distributed multi-party privacy computing system and method based on blockchain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110996460.4A CN113726767B (en) 2021-08-27 2021-08-27 Distributed multi-party privacy computing system and method based on blockchain

Publications (2)

Publication Number Publication Date
CN113726767A CN113726767A (en) 2021-11-30
CN113726767B true CN113726767B (en) 2023-09-12

Family

ID=78678597

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110996460.4A Active CN113726767B (en) 2021-08-27 2021-08-27 Distributed multi-party privacy computing system and method based on blockchain

Country Status (1)

Country Link
CN (1) CN113726767B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114996768B (en) * 2022-08-03 2023-01-06 天聚地合(苏州)科技股份有限公司 Data collaboration method and device based on privacy requirements, storage medium and equipment
CN115051878B (en) * 2022-08-16 2023-01-06 天聚地合(苏州)科技股份有限公司 Interface-based privacy calculation method, system, storage medium and equipment
CN115987690B (en) * 2023-03-20 2023-08-08 天聚地合(苏州)科技股份有限公司 Privacy computing method based on API, API calling terminal and API providing terminal
CN117495296A (en) * 2023-11-15 2024-02-02 广州市城市规划勘测设计研究院有限公司 Automobile industry chain research and development management system, method, device, equipment and storage medium

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110175461A (en) * 2019-05-08 2019-08-27 矩阵元技术(深圳)有限公司 Implementation method, device, computer equipment and the storage medium of multi-party computations
CN110335037A (en) * 2019-04-19 2019-10-15 矩阵元技术(深圳)有限公司 Method of commerce, device and the storage medium calculated based on block chain and Secure
CN110414272A (en) * 2019-08-08 2019-11-05 北京芯际科技有限公司 A kind of block chain method for secret protection calculated based on Secure
CN110971390A (en) * 2019-11-29 2020-04-07 杭州云象网络技术有限公司 Fully homomorphic encryption method for intelligent contract privacy protection
CN111932364A (en) * 2020-08-11 2020-11-13 杭州增信信息技术有限公司 Puff financial system for protecting business secret
CN112052466A (en) * 2020-08-28 2020-12-08 西安电子科技大学 Support vector machine user data prediction method based on multi-party secure computing protocol
CN112380565A (en) * 2020-11-20 2021-02-19 天翼电子商务有限公司 Secure multi-party computing method based on trusted hardware and block chain
CN112434109A (en) * 2020-11-23 2021-03-02 交通银行股份有限公司 Data sharing and secret query method and system based on block chain technology
CN112862616A (en) * 2021-04-23 2021-05-28 北京中科金财科技股份有限公司 Secure multi-party computing method, device and storage medium supporting block chain

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110335037A (en) * 2019-04-19 2019-10-15 矩阵元技术(深圳)有限公司 Method of commerce, device and the storage medium calculated based on block chain and Secure
CN110175461A (en) * 2019-05-08 2019-08-27 矩阵元技术(深圳)有限公司 Implementation method, device, computer equipment and the storage medium of multi-party computations
CN110414272A (en) * 2019-08-08 2019-11-05 北京芯际科技有限公司 A kind of block chain method for secret protection calculated based on Secure
CN110971390A (en) * 2019-11-29 2020-04-07 杭州云象网络技术有限公司 Fully homomorphic encryption method for intelligent contract privacy protection
CN111932364A (en) * 2020-08-11 2020-11-13 杭州增信信息技术有限公司 Puff financial system for protecting business secret
CN112052466A (en) * 2020-08-28 2020-12-08 西安电子科技大学 Support vector machine user data prediction method based on multi-party secure computing protocol
CN112380565A (en) * 2020-11-20 2021-02-19 天翼电子商务有限公司 Secure multi-party computing method based on trusted hardware and block chain
CN112434109A (en) * 2020-11-23 2021-03-02 交通银行股份有限公司 Data sharing and secret query method and system based on block chain technology
CN112862616A (en) * 2021-04-23 2021-05-28 北京中科金财科技股份有限公司 Secure multi-party computing method, device and storage medium supporting block chain

Also Published As

Publication number Publication date
CN113726767A (en) 2021-11-30

Similar Documents

Publication Publication Date Title
CN113726767B (en) Distributed multi-party privacy computing system and method based on blockchain
US20220318907A1 (en) Systems and methods for generating secure, encrypted communications across distributed computer networks for authorizing use of cryptography-based digital repositories in order to perform blockchain operations in decentralized applications
CN109615378B (en) Block chain-based secure multi-party computing method and device and readable storage medium
CN109544331B (en) Supply chain financial application method and device based on block chain, terminal equipment and storage medium
CN109937420B (en) De-identified distributed bridging network platform
US20190295069A1 (en) Systems and methods for integrating cryptocurrency wallet identifiers with digital certificates
Yang et al. A mobile payment mechanism with anonymity for cloud computing
CN110601816B (en) Lightweight node control method and device in block chain system
Chen et al. A blockchain-based intelligent anti-switch package in tracing logistics system
US11436597B1 (en) Biometrics-based e-signatures for pre-authorization and acceptance transfer
Li et al. Anonymous and verifiable reputation system for E-commerce platforms based on blockchain
CN110990855A (en) Block chain information recording and inquiring method, device and system
CN111931250A (en) Multi-party safety computing integrated machine
CN111507747B (en) Block chain point exchange mileage system
US20230095123A1 (en) Systems and Methods for Digitally Signed Contracts with Verifiable Credentials
Lee et al. An innovative electronic group-buying system for mobile commerce
CN113609224A (en) Crowdsourcing operation method and system for realizing privacy protection based on block chain
Li et al. Nereus: Anonymous and secure ride-hailing service based on private smart contracts
CN111915302B (en) Associated data processing method and device, electronic equipment and computer readable medium
KR20220070303A (en) Proxyed Ledger-to-Ledger Authentication
WO2023244993A1 (en) Systems and methods for mitigating network congestion on blockchain networks by supporting blockchain operations through off-chain interactions
Chau et al. Blockchain-enabled decentralized privacy-preserving group purchasing for retail energy plans
US20230246817A1 (en) Systems and methods for generating secure, encrypted communications across distributed computer networks for authorizing use of cryptography-based digital repositories in order to perform blockchain operations in decentralized applications
CN116975810A (en) Identity verification method, device, electronic equipment and computer readable storage medium
US20230246822A1 (en) Systems and methods for providing secure, encrypted communications across distributed computer networks by coordinating cryptography-based digital repositories in order to perform blockchain operations in decentralized applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant