CN114124406B - Convergence chain privacy protection method based on conditional anonymity ring signature and privacy calculation - Google Patents
Convergence chain privacy protection method based on conditional anonymity ring signature and privacy calculation Download PDFInfo
- Publication number
- CN114124406B CN114124406B CN202111401060.0A CN202111401060A CN114124406B CN 114124406 B CN114124406 B CN 114124406B CN 202111401060 A CN202111401060 A CN 202111401060A CN 114124406 B CN114124406 B CN 114124406B
- Authority
- CN
- China
- Prior art keywords
- privacy
- transaction
- contract
- user
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3255—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using group based signatures, e.g. ring or threshold signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
Abstract
The invention relates to a federation chain privacy protection method based on conditional anonymous ring signature and privacy calculation, and belongs to the technical field of federation chain privacy protection. The method comprises the following steps: when joining a alliance chain, a user needs to register with a certificate authority, and the certificate authority issues a digital certificate containing a public and private key pair with a conditional anonymous ring signature for the user; after receiving the request of the user, the client side constructs an effective transaction containing a conditional anonymous ring signature, and the receiving address of the effective transaction is a privacy contract address; the node in the alliance chain acquires the privacy contract and the transaction data through the privacy computing gateway, the contract executor executes the privacy contract, if the privacy contract is executed successfully, the execution result is prepared for being linked, otherwise, the execution result is discarded; protecting the privacy of the transaction producer using a conditional anonymous ring signature; and the privacy contract environment is isolated by combining the intelligent contract and the privacy computing gateway, so that the privacy of transaction data is protected. The invention can ensure the data privacy security of the privacy contract during execution.
Description
Technical Field
The invention belongs to the technical field of alliance chain privacy protection, and relates to an alliance chain privacy protection method based on conditional anonymous ring signature and privacy calculation.
Background
The blockchain technology is a distributed account book technology integrating the technologies of a cryptographic algorithm, a consensus algorithm, an intelligent contract and the like. To ensure non-tampering of the transaction, the transaction producer needs to sign the transaction; to ensure consistency of transaction records in the block, the data on the chain is transparent to the participant disclosure.
However, since each transaction requires a producer signature to ensure the authenticity and non-tamper ability of the transaction, this increases the risk of revealing the identity privacy information of the user. Meanwhile, the transaction data on the chain are all public and transparent to participants in the alliance chain, namely once the transaction data is broadcast in the alliance chain network, the participant nodes in the alliance chain network need to verify and execute the transaction, and the transaction sensitive information is exposed to all nodes in the alliance chain network in the process of verifying and executing the transaction, so that privacy threat is brought to sensitive data in the transaction data. The sharing of data in blockchains is not separated from privacy threat, and privacy protection of information such as user identity, transaction sensitive data and the like is a hot spot of current research.
Disclosure of Invention
In view of the above, the present invention aims to provide a federation link privacy protection method based on conditional anonymous ring signature and privacy calculation, which ensures the data privacy security of privacy contracts during execution.
In order to achieve the above purpose, the present invention provides the following technical solutions:
a federation chain privacy protection method based on conditional anonymous ring signature and privacy calculation comprises the following steps: when joining the alliance chain, the user needs to register with a certificate authority, and the certificate authority issues a digital certificate containing a public and private key pair with a conditional anonymous ring signature for the user, so that the authenticity of the user is ensured; after receiving the request of the user, the client side constructs an effective transaction containing a conditional anonymous ring signature, and the receiving address of the effective transaction is a privacy contract address; the node in the alliance chain acquires the privacy contract and the transaction data through the privacy computing gateway, the contract executor executes the privacy contract, if the privacy contract is executed successfully, the execution result is prepared for being linked, otherwise, the execution result is discarded; protecting the privacy of the transaction producer using a conditional anonymous ring signature; and the privacy contract environment is isolated by combining the intelligent contract and the privacy computing gateway, so that the privacy of transaction data is protected.
Further, the method specifically comprises the following steps:
s1: if the license is obtained, the user directly accesses the alliance chain network through the client; otherwise, the user registers the identity with the alliance chain certificate authority, and after the certificate authority verifies and registers the identity of the user, the digital certificate containing the conditional anonymous ring signature public-private key pair is issued for the user;
s2: after receiving a data request of a user, a client constructs an effective transaction containing a conditional anonymous ring signature, wherein the transaction (data structure) comprises a sending address, a receiving address, related data information of the transaction, transaction signature and other key information, and the transaction signature is conditional anonymous ring signature information generated by utilizing a public-private key pair in a digital certificate;
s3: the client broadcasts the transaction in the alliance chain network through the alliance chain gateway;
s4: when receiving the transaction data, the access node verifies the validity of the transaction, and if the verification signature is valid, the transaction is broadcasted in the blockchain network; otherwise, discarding the transaction, and returning information to the client through a alliance chain gateway callback mechanism;
s5: after receiving the transaction of the block threshold, the consensus node agrees with the transaction sequence through a consensus algorithm, packages the agreed transaction into blocks, and broadcasts the blocks in the alliance chain network;
s6: when a peer node in the alliance chain network receives the blocks, the peer node calls a block verifier to verify and execute transactions in the blocks one by one: after the verifier verifies that the transaction is successful by using the verification engine, the transaction is sent to the execution engine, and the execution engine executes the transaction; otherwise, the transaction is marked as an invalid transaction;
s7: if the transaction address is the privacy contract address, acquiring the privacy contract through the privacy computing gateway, sending the privacy contract to the contract executor for execution by the privacy computing gateway, returning the privacy contract execution result to the privacy computing gateway by the contract executor, and returning the privacy contract execution result to the user by the privacy computing gateway through the event callback mechanism; otherwise, directly calling the execution engine to execute the transaction.
Further, in step S1, a digital certificate containing a conditional anonymous ring signature public-private key pair is issued to a user, and specifically includes the following steps:
s11: using the formulapk=g sk mod p generates a public-private key pair of the user; where sk represents the private key of the user, pk represents the public key of the user, g represents the generator of the finite field with p as the base;
s12: and packaging the public and private key pair into a digital certificate and sending the digital certificate to the user.
Further, in step S2, a conditional anonymous ring signature is performed on the transaction, specifically including the following steps:
s21: using the formula a=h u mod p,b=a v mod p generates a validation factor, wherein a and b represent the validation factor, h represents a generator of a finite field with p as a base, and u and v represent key primordial factors;
s22: correlating the validation factor with the transaction by using a formula θ=w+vf (tx||a, c) mod p, wherein w is a random number in a finite field, F (-) represents an encryption method of a value field in the finite field, tx represents the transaction, c represents the production number of the validation factor, and θ represents the validation correlation coefficient;
s23: using formula h tx =H p (tx a b) re-acquire the hash values of the transaction and validation factors, where H p (. Cndot.) represents a hash function of a hash value in a finite field based on p, h tx A hash value representing the binding acknowledgement factor;
s24: using the formulaGenerating a signed random number, wherein R represents a total random number, g represents a generator of a finite field with p as a base, gamma represents a random number, n represents the number of ring members, k represents the number of real signers, R i Representing public key pk i A corresponding random number;
s25: using the formula set r=h q (L,tx',R),ρ=γ-r k sk k mod p generates a ring signature, where H q (. Cndot.) is a hash function of the hash value in a finite field with q as a base, L is a public key list of members in an organization, and ρ represents a generated signature;
s26: the generated signature value is assigned to a transaction signature bit in the transaction (data structure).
Further, in step S4, the transaction signature is verified, specifically including the following steps:
s41: using the formulaJudging whether the signatures are equal to confirm whether the signatures are valid or not;
s42: if the signature is valid, broadcasting the transaction in the alliance chain network; otherwise the transaction is discarded.
Further, in step S6, the transaction sensitive data is executed, specifically including the following steps:
s61: after receiving the block, the peer node invokes a block verifier to verify the transaction in the block;
s62: if the transaction address in the transaction is the privacy contract address, the peer node requests the privacy computation gateway to acquire the privacy contract; otherwise, directly calling an execution engine to execute the transaction;
s63: after receiving the request of the peer node, the privacy computing gateway acquires related privacy contracts on the blockchain and sends the privacy contracts to a contract executor in a privacy contract environment;
s64: after receiving the privacy contract, the contract executor executes the privacy contract and returns the privacy contract execution result to the privacy computing gateway;
s65: after receiving the privacy contract execution result, the privacy computing gateway returns the privacy contract execution result to the user through a alliance chain gateway callback mechanism, and prepares the privacy contract execution result for being uplink.
The invention has the beneficial effects that: the invention uses the conditional anonymity ring signature algorithm to generate the transaction signature, and hides the identity privacy information of the transaction producer in the organization members, thereby effectively protecting the identity privacy of the producer and simultaneously ensuring the authenticity and tamper resistance of the transaction signature. Executing transactions containing sensitive information by using privacy calculation, and ensuring the data privacy security of the privacy contract during execution in a privacy contract environment; the privacy contract environment is isolated for all nodes in the alliance chain, so that the privacy of sensitive data in transactions is ensured.
Additional advantages, objects, and features of the invention will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the invention. The objects and other advantages of the invention may be realized and obtained by means of the instrumentalities and combinations particularly pointed out in the specification.
Drawings
For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in the following preferred detail with reference to the accompanying drawings, in which:
FIG. 1 is a schematic diagram of the overall architecture of the privacy preserving method of the present invention;
FIG. 2 is a diagram of an intelligent contract interface for the privacy preserving method of the present invention;
fig. 3 is a schematic diagram of a transaction structure of the privacy preserving device of the present invention.
Detailed Description
Other advantages and effects of the present invention will become apparent to those skilled in the art from the following disclosure, which describes the embodiments of the present invention with reference to specific examples. The invention may be practiced or carried out in other embodiments that depart from the specific details, and the details of the present description may be modified or varied from the spirit and scope of the present invention. It should be noted that the illustrations provided in the following embodiments merely illustrate the basic idea of the present invention by way of illustration, and the following embodiments and features in the embodiments may be combined with each other without conflict.
The embodiment of the invention provides a federation chain privacy protection method based on conditional anonymous ring signature and privacy calculation, which mainly utilizes a conditional anonymous ring signature algorithm to sign a transaction, protects the privacy of a transaction producer, utilizes a transaction address to identify whether the transaction needs to call a privacy contract, and protects the privacy of transaction sensitive data through privacy calculation.
Referring to fig. 1 and fig. 3, a federation chain privacy protection technique based on conditional anonymous ring signatures and privacy calculations, the method comprises:
step 1: if the license is obtained, the user directly accesses the alliance chain network through the client; otherwise, the user registers the identity with the alliance chain certificate authority, and after the certificate authority verifies and registers the identity of the user, the digital certificate containing the conditional anonymous ring signature public-private key pair is issued for the user.
The method comprises the following steps of:
step 1.1: using the formulapk=g sk mod p generates a public-private key pair of the user; where sk represents the private key of the user, pk represents the public key of the user, g represents the generator of the finite field with p as the base;
step 1.2: and packaging the public and private key pair into a digital certificate and sending the digital certificate to the user.
Step 2: after receiving the data request of the user, the client side constructs an effective transaction containing a conditional anonymous ring signature, wherein the transaction (data structure) comprises key information such as a sending address, a receiving address, related data information of the transaction, a transaction signature and the like, and the transaction signature is conditional anonymous ring signature information generated by utilizing a public and private key pair in a digital certificate.
The method specifically comprises the following steps of:
step 2.1: using the formula a=h u mod p,b=a v mod p generates a validation factor, wherein a and b represent the validation factor, h represents a generator of a finite field with p as a base, and u and v represent key primordial factors;
step 2.2: correlating the validation factor with the transaction by using a formula θ=w+vf (tx||a, c) mod p, wherein w is a random number in a finite field, F (-) represents an encryption method of a value field in the finite field, tx represents the transaction, c represents the production number of the validation factor, and θ represents the validation correlation coefficient;
step 2.3: using formula h tx =H p (tx a b) re-acquire the hash values of the transaction and validation factors, where H p (. Cndot.) represents a hash function of a hash value in a finite field based on p, h tx A hash value representing the binding acknowledgement factor;
step 2.4: using the formulaGenerating a signed random number, wherein R represents a total random number, g represents a generator of a finite field with p as a base, gamma represents a random number, n represents the number of ring members, k represents the number of real signers, R i Representing public key pk i A corresponding random number;
step 2.5: using the formula set r=h q (L,tx',R),ρ=γ-r k sk k mod p generates a ring signature, where H q (. Cndot.) is a hash function of the hash value in a finite field with q as a base, L is a public key list of members in an organization, and ρ represents a generated signature;
step 2.6: the generated signature value is assigned to a transaction signature bit in the transaction (data structure).
Step 3: the client broadcasts transactions within the federated chain network through the federated chain gateway.
Step 4: when receiving the transaction data, the access node verifies the validity of the transaction, and if the verification signature is valid, the transaction is broadcasted in the blockchain network; otherwise, the transaction is discarded, and the information is returned to the client through a alliance chain gateway callback mechanism.
Wherein, verify the transaction signature, the concrete step includes:
step 4.1: using the formulaJudging whether the signatures are equal to confirm whether the signatures are valid or not;
step 4.2: if the signature is valid, broadcasting the transaction in the alliance chain network; otherwise the transaction is discarded.
Step 5: after receiving the transaction of the block threshold, the consensus node agrees with the transaction sequence through a consensus algorithm, packages the agreed transaction into blocks, and broadcasts the blocks in the alliance chain network.
Step 6: when a peer node in the alliance chain network receives a block, the node calls a block verifier to verify and execute transactions in the block one by one: after the verifier verifies that the transaction is successful by using the verification engine, the transaction is sent to the execution engine, and the execution engine executes the transaction; otherwise, the transaction is marked as an invalid transaction.
If the transaction address is the privacy contract address, the privacy contract is acquired through the privacy computing gateway, the privacy computing gateway sends the privacy contract to the contract executor, the contract executor executes the privacy contract, the privacy contract execution result is returned to the privacy computing gateway, and the privacy computing gateway returns the privacy contract execution result to the user through the event callback mechanism; otherwise, directly calling the execution engine to execute the transaction.
Wherein, the transaction sensitive data is executed, the specific steps include:
step 6.1: upon receiving the block, the peer node invokes the block validator to validate the transaction in the block.
Step 6.2: if the transaction address in the transaction is the privacy contract address, the peer node requests the privacy computation gateway to acquire the privacy contract; otherwise, directly calling the execution engine to execute the transaction.
Step 6.3: after receiving the request of the peer node, the privacy computing gateway obtains the related privacy contract on the blockchain and sends the privacy contract to a contract executor in the privacy contract environment.
Step 6.4: after receiving the privacy contract, the contract executor executes the privacy contract and returns the privacy contract execution result to the privacy computing gateway.
Step 6.5: after receiving the privacy contract execution result, the privacy computing gateway returns the privacy contract execution result to the user through a alliance chain gateway callback mechanism, and prepares the privacy contract execution result for being uplink.
Referring to fig. 2, the conditional anonymous ring signature algorithm deployment method includes:
step 1: and configuring and deploying a GenKey (k) interface of a key generation algorithm in the conditional anonymous ring signature algorithm to a certificate authority password library.
Step 2: the conditional anonymous ring signature intelligent contract CARSPrecom is deployed on a blockchain in a specified channel, wherein the blockchain comprises a sign (string message, string key, list L, string u, string v) signature interface and a verify (string message, string signature L) verification interface.
Step 3: and configuring the contract address obtained by the contract CARSPrecom through a hash algorithm in the channel.
The working principle of the invention is as follows: and generating a digital certificate containing a conditional anonymous ring signature public-private key pair by using a certificate authority in the alliance chain network, and issuing a digital certificate of identity authentication for a newly added user. Thereafter, each transaction that the user initiates the request generation within the coalition chain requires the use of the key pair to sign, ensuring the authenticity of the transaction. Each transaction contains key information such as a transmitting address, a receiving address, related data, an identification bit, signature information and the like. The sending address stores the address information of the user client, and is used for receiving a transaction execution result by the event callback mechanism; receiving an address storage intelligent contract address, and if the intelligent contract address is a privacy contract address, indicating privacy calculation by a flag bit; the related data stores the transaction related data, and generally adopts JSON format data; the signature information stores signature information generated by a user using a signature algorithm σ=sign (m, sk, L, u, v) of a conditional anonymous ring signature on the transaction. After the user client builds a transaction, the transaction is sent to the alliance chain gateway, and the alliance chain gateway broadcasts the request to the nodes. When an access node receives a transaction, the node performs a validation operation on the transaction using a validation algorithm {0,1} +.verify (tx, σ, L). If the verification is successful, the transaction confirmation is indicated to be valid and is broadcast to the consensus node. After receiving a certain number of transactions, the consensus node achieves consistency of transaction sequences through a consensus algorithm, packages the ordered transactions into blocks, and broadcasts the blocks in a alliance chain network.
Upon receiving the block, all peer nodes within the federated chain network invoke the block validator to validate and execute the transactions in the block. If the flag bit of the transaction is privacy calculation, calling a privacy contract to execute the transaction through a privacy calculation gateway: after receiving the request, the privacy computing gateway acquires related privacy contracts on the blockchain and sends the privacy contracts to the contract executor; the contract executor executes the privacy data according to the data and the logic structure of the privacy contract, and the privacy of the sensitive data is protected. The contract executor returns the execution result of the transaction to the privacy computing gateway, and after the privacy computing gateway performs corresponding processing, the processing result is returned to the user by using the event callback mechanism, and the executed transaction is marked in the block. After all transactions in the block are performed, the block is added to the chain tail of the current blockchain.
As a preferred embodiment, all members in the alliance chain are independent nodes, and the blockchains in all channels are maintained together according to a consensus mechanism, so that the data of the account books of all nodes are consistent.
As a preferred embodiment, the public and private key pair of the conditional anonymity ring signature is packaged in the digital certificate, a user applying for joining the alliance chain registers with the certificate authority, the user can register with the root certificate authority in a recursive mode, and the certificate authority issues the digital certificate for the user after the registration is successful.
As a preferred embodiment, the conditional anonymous ring signature algorithm is deployed in the form of a smart contract on the blockchain within the user channel, signed and verified by invoking a privacy smart contract.
As a preferred embodiment, the privacy contract environment is a black box environment constructed using a Docker container, and more privacy contract environments can be constructed and deployed according to different scenarios.
Finally, it is noted that the above embodiments are only for illustrating the technical solution of the present invention and not for limiting the same, and although the present invention has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications and equivalents may be made thereto without departing from the spirit and scope of the present invention, which is intended to be covered by the claims of the present invention.
Claims (2)
1. A federation chain privacy protection method based on conditional anonymous ring signatures and privacy calculations, the method comprising: when joining a alliance chain, a user needs to register with a certificate authority, and the certificate authority issues a digital certificate containing a public and private key pair with a conditional anonymous ring signature for the user; after receiving the request of the user, the client side constructs an effective transaction containing a conditional anonymous ring signature, and the receiving address of the effective transaction is a privacy contract address; the node in the alliance chain acquires the privacy contract and the transaction data through the privacy computing gateway, the contract executor executes the privacy contract, if the privacy contract is executed successfully, the execution result is prepared for being linked, otherwise, the execution result is discarded; protecting the privacy of the transaction producer using a conditional anonymous ring signature; the privacy contract environment is isolated by combining the intelligent contract and the privacy computing gateway, so that the privacy of transaction data is protected;
the method specifically comprises the following steps:
s1: if the license is obtained, the user directly accesses the alliance chain network through the client; otherwise, the user registers the identity with the alliance chain certificate authority, and after the certificate authority verifies and registers the identity of the user, the digital certificate containing the conditional anonymous ring signature public-private key pair is issued for the user;
in step S1, a digital certificate containing a conditional anonymous ring signature public-private key pair is issued for a user, and the method specifically comprises the following steps:
s11: using the formulapk=g sk The modp generates a public and private key pair of the user; where sk represents the private key of the user, pk represents the public key of the user, g represents the generator of the finite field with p as the base;
s12: packaging the public and private key pair into a digital certificate and sending the digital certificate to a user;
s2: after receiving a data request of a user, a client constructs an effective transaction containing a conditional anonymous ring signature, wherein the transaction comprises a sending address, a receiving address, related data information of the transaction and a transaction signature, and the transaction signature is conditional anonymous ring signature information generated by utilizing a public-private key pair in a digital certificate;
in step S2, a conditional anonymous ring signature is performed on the transaction, specifically including the following steps:
s21: using the formula a=h u modp,b=a v modp generates a validation factor, wherein a and b represent the validation factor, h represents a generator of a finite field taking p as a base, and u and v represent key primordial factors;
s22: associating a validation factor with the transaction by using a formula θ=w+vf (tx||a, c) modp, wherein w represents a random number in a finite field, F (-) represents an encryption method of a value field in the finite field, tx represents the transaction, c represents a validation factor production number, and θ represents a validation association coefficient;
s23: using formula h tx =H p (tx a b) re-acquire the hash values of the transaction and validation factors, where H p (. Cndot.) represents a hash function of a hash value in a finite field based on p, h tx A hash value representing the binding acknowledgement factor;
s24: using the formulaGenerating a signed random number, wherein R represents a total random number, g represents a generator of a finite field with p as a base, gamma represents a random number, n represents the number of ring members, k represents the number of real signers, R i Representing public key pk i A corresponding random number;
s25: using formula setsρ=γ-r k sk k modp generates a ring signature, where H q (. Cndot.) is a hash function of the hash value in a finite field with q as a base, L is a public key list of members in an organization, and ρ represents a generated signature;
s26: assigning the generated signature value to a transaction signature bit in the transaction;
s3: the client broadcasts the transaction in the alliance chain network through the alliance chain gateway;
s4: when receiving the transaction data, the access node verifies the validity of the transaction, and if the verification signature is valid, the transaction is broadcasted in the blockchain network; otherwise, discarding the transaction, and returning information to the client through a alliance chain gateway callback mechanism; in step S4, verifying the transaction signature, specifically including the following steps:
s41: using the formulaJudging whether the signatures are equal to confirm whether the signatures are valid or not;
s42: if the signature is valid, broadcasting the transaction in the alliance chain network; otherwise the transaction is discarded;
s5: after receiving the transaction of the block threshold, the consensus node agrees with the transaction sequence through a consensus algorithm, packages the agreed transaction into blocks, and broadcasts the blocks in the alliance chain network;
s6: when a peer node in the alliance chain network receives the blocks, the peer node calls a block verifier to verify and execute the transactions in the blocks one by one, and after the verifier verifies the transactions successfully by using a verification engine, the transaction is sent to an execution engine, and the execution engine executes the transactions; otherwise, the transaction is marked as an invalid transaction;
2. the federation chain privacy protection method according to claim 1, wherein step S6 specifically comprises the steps of:
s61: after receiving the block, the peer node invokes a block verifier to verify the transaction in the block;
s62: if the transaction address in the transaction is the privacy contract address, the peer node requests the privacy computation gateway to acquire the privacy contract; otherwise, directly calling an execution engine to execute the transaction;
s63: after receiving the request of the peer node, the privacy computing gateway acquires related privacy contracts on the blockchain and sends the privacy contracts to a contract executor in a privacy contract environment;
s64: after receiving the privacy contract, the contract executor executes the privacy contract and returns the privacy contract execution result to the privacy computing gateway;
s65: after receiving the privacy contract execution result, the privacy computing gateway returns the privacy contract execution result to the user through a alliance chain gateway callback mechanism, and prepares the privacy contract execution result for being uplink.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111401060.0A CN114124406B (en) | 2021-11-19 | 2021-11-19 | Convergence chain privacy protection method based on conditional anonymity ring signature and privacy calculation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111401060.0A CN114124406B (en) | 2021-11-19 | 2021-11-19 | Convergence chain privacy protection method based on conditional anonymity ring signature and privacy calculation |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114124406A CN114124406A (en) | 2022-03-01 |
| CN114124406B true CN114124406B (en) | 2023-08-29 |
Family
ID=80440803
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111401060.0A Active CN114124406B (en) | 2021-11-19 | 2021-11-19 | Convergence chain privacy protection method based on conditional anonymity ring signature and privacy calculation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114124406B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115277000B (en) * | 2022-06-17 | 2023-08-25 | 湖南天河国云科技有限公司 | Information transmission method based on door coin |
| CN115499453B (en) * | 2022-06-28 | 2024-03-12 | 重庆邮电大学 | Fragment storage method oriented to alliance chain |
| CN115051878B (en) * | 2022-08-16 | 2023-01-06 | 天聚地合(苏州)科技股份有限公司 | Interface-based privacy calculation method, system, storage medium and equipment |
| CN116911851A (en) * | 2023-06-26 | 2023-10-20 | 石河子大学 | Cotton transaction privacy protection method and system based on alliance chain |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108418689A (en) * | 2017-11-30 | 2018-08-17 | 矩阵元技术(深圳)有限公司 | A kind of the zero-knowledge proof method and medium of suitable block chain secret protection |
| CN109862046A (en) * | 2019-04-10 | 2019-06-07 | 南京大学 | Anonymous methods can be traced in a kind of alliance's chain |
| CN111654363A (en) * | 2020-06-18 | 2020-09-11 | 福建师范大学 | Alliance chain privacy protection method based on group signature and homomorphic encryption |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110084068B (en) * | 2018-01-26 | 2023-09-29 | 阿里巴巴集团控股有限公司 | Block chain system and data processing method for block chain system |
-
2021
- 2021-11-19 CN CN202111401060.0A patent/CN114124406B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108418689A (en) * | 2017-11-30 | 2018-08-17 | 矩阵元技术(深圳)有限公司 | A kind of the zero-knowledge proof method and medium of suitable block chain secret protection |
| CN109862046A (en) * | 2019-04-10 | 2019-06-07 | 南京大学 | Anonymous methods can be traced in a kind of alliance's chain |
| CN111654363A (en) * | 2020-06-18 | 2020-09-11 | 福建师范大学 | Alliance chain privacy protection method based on group signature and homomorphic encryption |
Non-Patent Citations (1)
| Title |
|---|
| 基于双层协同的联盟区块链隐私数据保护方法;蔡亮;《软件学报》;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114124406A (en) | 2022-03-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109325331B (en) | Big data acquisition transaction system based on block chain and trusted computing platform | |
| CN114124406B (en) | Convergence chain privacy protection method based on conditional anonymity ring signature and privacy calculation | |
| CN110602138B (en) | Data processing method and device for block chain network, electronic equipment and storage medium | |
| CN107196966B (en) | Identity authentication method and system based on block chain multi-party trust | |
| Yang et al. | Provable data possession of resource-constrained mobile devices in cloud computing | |
| CN108768652B (en) | Coalition block chain bottom layer encryption method capable of resisting quantum attack | |
| Katz et al. | Efficient and secure authenticated key exchange using weak passwords | |
| CA3048425A1 (en) | System and method for an electronic identity brokerage | |
| CN109767218B (en) | Block chain certificate processing method and system | |
| CN109286490A (en) | Support close state data deduplication and integrity verification method and system | |
| WO2015173434A1 (en) | Method for proving retrievability of information | |
| CN109040060B (en) | Terminal matching method and system and computer equipment | |
| CN113301022B (en) | Internet of things equipment identity security authentication method based on block chain and fog calculation | |
| CN110096894B (en) | Data anonymous sharing system and method based on block chain | |
| TWI776404B (en) | Method of authenticating biological payment device, apparatus, electronic device, and computer-readable medium | |
| US20230052608A1 (en) | Remote attestation | |
| CN113360943A (en) | Block chain private data protection method and device | |
| US10291614B2 (en) | Method, device, and system for identity authentication | |
| Luong et al. | Privacy-preserving blockchain-based healthcare system for IoT devices using zk-SNARK | |
| CN108449322B (en) | Identity registration and authentication method, system and related equipment | |
| CN113766452B (en) | V2X communication system, communication key distribution method and implicit authentication method | |
| CN113438650B (en) | Network equipment authentication method and system based on block chain | |
| CN115694838A (en) | Anonymous trusted access control method based on verifiable certificate and zero-knowledge proof | |
| CN111651740B (en) | Trusted platform sharing system for distributed intelligent embedded system | |
| CN113326527A (en) | Credible digital signature system and method based on block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |