CN114520728B - Distributed anonymous marking method and system - Google Patents

Distributed anonymous marking method and system Download PDF

Info

Publication number
CN114520728B
CN114520728B CN202210417933.5A CN202210417933A CN114520728B CN 114520728 B CN114520728 B CN 114520728B CN 202210417933 A CN202210417933 A CN 202210417933A CN 114520728 B CN114520728 B CN 114520728B
Authority
CN
China
Prior art keywords
marking
random
check code
hash value
random check
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210417933.5A
Other languages
Chinese (zh)
Other versions
CN114520728A (en
Inventor
李顺斌
张汝云
丁文
王乐乐
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Lab
Original Assignee
Zhejiang Lab
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Lab filed Critical Zhejiang Lab
Priority to CN202210417933.5A priority Critical patent/CN114520728B/en
Publication of CN114520728A publication Critical patent/CN114520728A/en
Application granted granted Critical
Publication of CN114520728B publication Critical patent/CN114520728B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09BEDUCATIONAL OR DEMONSTRATION APPLIANCES; APPLIANCES FOR TEACHING, OR COMMUNICATING WITH, THE BLIND, DEAF OR MUTE; MODELS; PLANETARIA; GLOBES; MAPS; DIAGRAMS
    • G09B7/00Electrically-operated teaching apparatus or devices working with questions and answers
    • G09B7/02Electrically-operated teaching apparatus or devices working with questions and answers of the type wherein the student is expected to construct an answer to the question which is presented or wherein the machine gives an answer to the question presented by a student
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD

Abstract

The invention discloses a distributed anonymous marking method and a distributed anonymous marking system, a public key certificate is registered for a marking appraiser terminal and is disclosed to all appraisers, the marking appraiser terminal generates a random check code by itself and calculates a hash value of the random check code, the marking appraiser terminal carries out anonymous signature on the hash value of the random check code by using a whole member public key and a personal private key, and the signed random check code hash value is registered on a system public chain until all the marking appraiser terminals finish the registration of the random check code hash value; when the examination papers are formally examined, the examination paper examination results of each examination paper examination and examination assistant terminal are added with random check codes and submitted together; and the system server calculates the hash value of the random check code and compares the hash value with the hash value on the public link to judge the effectiveness. The distributed paper marking and evaluation system and the distributed paper marking and evaluation method realize complete anonymity of distributed paper marking and evaluation committees based on the block chain, the ring signature and the one-way characteristic of the hash function, and adopt the random check code as an anonymous authentication means, thereby reducing the calculation overhead of the system and improving the data interaction efficiency.

Description

Distributed anonymous marking method and system
Technical Field
The invention relates to information security and user privacy protection technologies, in particular to a distributed anonymous marking scoring method and a distributed anonymous marking scoring system.
Background
Digital signatures are a public key cryptographic algorithm that can perform the functions of traditional signatures or stamps, ensuring the integrity, authenticity and non-repudiation of information transmissions. However, in some problems related to user privacy protection, the conventional digital signature cannot meet the requirements of the application. For example: under the epidemic situation, examination paper reading experts in various places cannot gather together to carry out closed examination paper reading on examination papers of examinees, and online examination paper reading is a distributed solution with high efficiency.
The traditional marking and scoring system comprises a server and a plurality of marking and scoring clients, wherein the marking and scoring clients transmit marking results to the server in an encrypted manner through a system public key, the server decrypts the marking and scoring results through a system private key to obtain the marking and scoring results, and in order to achieve independent judgment and objective justice, the anonymity of the identity of a marking expert needs to be guaranteed. Conventional digital signatures do not have anonymity.
Ring signatures are a signature mechanism proposed by Rivest et al to achieve anonymity. It is a signature for a group, but does not require a group establishment process, nor a group administrator. The signer only needs to spontaneously select a part of the public keys of the members and then generates a signature through the private key of the signer. The signer and the user who has chosen the public key form a signature group. It is computationally possible to verify that the signature originates from a certain user of the signature group, but that no specific user can be located. The anonymity performance of ring signatures provides a technical basis for distributed anonymity scoring. The technology is also widely used in the fields of anonymous election, electronic money and the like.
However, because the ring signature involves complex public key encryption and decryption calculations many times, there is a great efficiency problem in both certificate verification management and actual information transmission, and in order to achieve the effect of anonymity, the calculation overhead of the system is increased, and the transmission efficiency is reduced. Especially in a distributed examination paper marking scene, if complex ring signature authentication is performed on each examination paper marking result, the practicability of the anonymous examination paper marking system is reduced, so that the anonymity of examination paper marking evaluation committees is ensured, meanwhile, the calculation overhead of the system is reduced, the practicability of the system is enhanced, and the technical problem to be solved urgently is solved.
On the other hand, in the scoring scene of the paper marking, the traditional ring signature is difficult to find and avoid cheating on the scoring result of the paper marking, and the traceability of the anonymous signature is difficult.
In an examination paper marking scene, an examination paper marking evaluation client sometimes requires to claim an examination paper marking evaluation result given by the examination paper marking evaluation client, but in order to achieve better anonymity, the traditional examination paper marking evaluation system is difficult to achieve that the examination paper marking evaluation client claims the examination paper marking evaluation result given by the examination paper marking evaluation client.
Disclosure of Invention
In order to solve the defects of the prior art, ensure the anonymity of the scoring judges, reduce the calculation cost of the system and improve the data interaction efficiency, the invention adopts the following technical scheme:
a distributed anonymous marking scoring method comprises a server and a group of marking evaluation terminals, wherein the marking evaluation terminals transmit marking results to the server in an encrypted manner through a system public key, the server decrypts the marking results through a system private key to obtain the marking results, and the method adopts anonymous marking scoring and comprises the following steps:
step S1: registering a public key certificate, namely registering the public key certificate for an examination paper marking evaluation side, and disclosing the public key certificate to all examination paper marking evaluation sides through a certificate public chain;
step S2: the random check code and the hash value thereof are generated, and the examination paper evaluation client generates the random check code for the examination paper result authenticationcodeAnd calculating the hash value of the random check codem
Step S3: the random check code hash value registration comprises the following steps:
step S3.1: the marking and appraising client carries out anonymous signature on the hash value of the random check code through a public key in the public key certificate and a private key of the marking and appraising client;
step S3.2: registering the random check code hash value after anonymous signature on a check code public chain until all the examination paper review judges finish the registration of the random check code hash value;
step S3.3: after all the scoring evaluation terminals finish the registration of the hash values of the random check codes, collectively declaring that each scoring evaluation terminal successfully finishes the registration of the hash values of the random check codes, the number of the registered hash values of the random check codes is consistent with that of the scoring evaluation terminals, and if the registered hash values of the random check codes are not consistent with that of the scoring evaluation terminals, re-registering the hash values of the random check codes;
because no user privacy is involved in the registration process of the random check code hash value, and a cheater is easy to find out in the final collective declaration stage, the cheater cheats without any benefit, namely the behavior that a certain judge registers the random check code hash value more is avoided;
step S4: examination paper readingThe result is signed without the name of the name, and after the examination paper marking evaluation side finishes formal examination paper marking, the examination paper marking evaluation side adds the random check code generated in the step S2 to the examination paper marking resultcodeThe encrypted data is transmitted to a server after being encrypted by a system public key;
step S5: and (4) verifying the validity of the marking result, wherein the server receives and decrypts the file returned by the marking evaluation client through a system private key, calculates the hash value of the random check code attached to the marking result, compares the hash value of the marking result with the hash value of the random check code recorded in the check code public chain, and confirms the validity of the marking result.
Further, the step S3.1 comprises the steps of:
step S3.1.1: based on the hash value of the random check codemComputing an encryption keykEncryption keykFor encryption algorithms
Figure 936160DEST_PATH_IMAGE001
The secret key of (a);
step S3.1.2: according to the number of the scoring judges participating in scoringnGenerating a corresponding private certificate, wherein the current marking evaluation client is the firstsThe number of the evaluation committee is 1 or lesssnThe private certificate of other n-1 scoring judges is
Figure 229738DEST_PATH_IMAGE002
(ii) a Each private certificate is a character string which is not less than 16 bits in length and needs to contain upper and lower case letters, numbers and special characters;
step S3.1.3: calculating the hash value of the private certificate and using it as the random parameter for anonymous signature disclosureR i ,i=1,2,…,s-1,s+1,…,n
Step S3.1.4: obtaining public keys of other marking evaluation terminals disclosed in the certificate public chain, respectively encrypting n-1 random parameters through the public keys to obtain n-1 encrypted private certificatesy i ,i=1,2,…,s-1,s+1,…,n
Step S3.1.5: randomly selecting an initial value
Figure 994344DEST_PATH_IMAGE003
Step S3.1.6: constructing a closed loop functionC k,v() Let us order
Figure 980755DEST_PATH_IMAGE004
(ii) a Wherein the content of the first and second substances,
Figure 411736DEST_PATH_IMAGE005
let us order
Figure 259737DEST_PATH_IMAGE006
Obtaining the encrypted private certificate of the current paper marking appraiser
Figure 826985DEST_PATH_IMAGE007
≧ indicates xor;
step S3.1.7: private key based on current paper marking evaluation client
Figure 718718DEST_PATH_IMAGE008
Calculating random parameters of anonymous signature disclosure of current examination review client
Figure 636995DEST_PATH_IMAGE009
Step S3.1.8: public random check code hash valuemRing signature of
Figure 521643DEST_PATH_IMAGE010
Step S3.2 comprises the steps of:
step S3.2.1: based on the hash value of the random check codemComputing a symmetric encryption key
Figure 208977DEST_PATH_IMAGE011
Step S3.2.2: based on public keys
Figure 537190DEST_PATH_IMAGE012
Calculating random parameters
Figure 677184DEST_PATH_IMAGE013
Forward transformation of
Figure 132567DEST_PATH_IMAGE014
Step S3.2.3: checking calculation
Figure 471145DEST_PATH_IMAGE015
If yes, registering the check code hash value to a cochain, namely uploading a check code common chain; otherwise, the uplink is rejected.
And generating a private certificate by the marking and appraising committee, and calculating a hash value of the private certificate as a random parameter of the final disclosure of the ring signature to realize traceable signature authentication.
The validity of the random check code is ensured by means of the ring signature and block chain technology, and complete anonymity of the paper marking and appraising committee is realized.
Further, in step S3.3, based on the anonymous signature algorithm, the paper marking and evaluation client can declare that the random check code is owned by the node, and the method includes the following steps:
s3.3.1: public part private certificate of paper marking and evaluating client
Figure 970259DEST_PATH_IMAGE016
S3.3.2: by private certification
Figure 846817DEST_PATH_IMAGE016
The calculated hash value and the random parameter on the anonymous signature
Figure 824001DEST_PATH_IMAGE017
And verifying, wherein when the random check codes are consistent, the random check codes are all owned by the node.
The hash value of the private certificate of the marking evaluation client is used as the random parameter of the ring signature by combining the one-way irreversible characteristic of the hash function, and the marking evaluation client can claim the random check code of the client, namely claim the marking evaluation result given by the client if necessary.
Further, said step S3.1In 1, a symmetric encryption algorithm is adopted
Figure 485926DEST_PATH_IMAGE001
A 256-bit key k sequence is generated using a hash function,
Figure 155942DEST_PATH_IMAGE011
further, in the step S3.1.3, based on the secure hash function SHA256, the hash value of the private certificate is calculated more than or equal to 5000 times in iteration as the random parameter for signature disclosure
Figure 755682DEST_PATH_IMAGE018
In step S3.1.4, the public key of the review board client is
Figure 536556DEST_PATH_IMAGE012
The private key is
Figure 52988DEST_PATH_IMAGE019
Using public keys
Figure 893905DEST_PATH_IMAGE012
And (3) realizing forward transformation:
Figure 745055DEST_PATH_IMAGE020
Figure 329620DEST_PATH_IMAGE017
which is a representation of a random parameter,g i () represents an encryption operation that is performed,y i representing encrypted random parameters only by means of a private key
Figure 497296DEST_PATH_IMAGE019
Can realize reverse transformation
Figure 259847DEST_PATH_IMAGE021
g i -1 (. -) represents a decryption operation, then n-1 copies of the private certificate are encryptedProcedure, i.e. encryption of random parameters
Figure 83447DEST_PATH_IMAGE022
R i Indicates that it is going to useiAnd (4) a random parameter encrypted by a public key of the bit marking evaluation client.
Further, in the step S3.3.2, the server checks and calculates through a secure hash function
Figure 471703DEST_PATH_IMAGE023
Whether to match random parameters on anonymous signatures
Figure 697148DEST_PATH_IMAGE017
And if the random check codes are consistent, the random check codes are considered to be owned by the node.
Further, in step S1, the public key encryption algorithm of the reviewing commentator end may adopt the same public key encryption algorithm or different kinds of public key encryption algorithms, in the embodiment of the present invention, the RSA encryption algorithm is adopted, and the public key of the reviewing commentator end is adoptedP i Is a pair of integers (e, t), the private key
Figure 881134DEST_PATH_IMAGE019
For another pair of integers (d, t), the encryption process for plaintext p is c = e (p) = p e mod t, E (·) denotes an encryption operation, mod denotes a modulo operation, and the decryption process for the ciphertext c is p = d (c) = c d mod t, D (-) represents the decryption operation.
Further, in the step S2, a secure hash function is adoptedSHA256, performing loop iteration on all random check codes of the scoring judges, and calculating the hash value of the random check code
Figure 457609DEST_PATH_IMAGE024
The iteration cycle number is more than or equal to 5000 times, and the length of the corresponding random check code is 256 bits.
A distributed anonymous scoring system comprises a memory and one or more processors, wherein executable codes are stored in the memory, and when the one or more processors execute the executable codes, the one or more processors are used for realizing the distributed anonymous scoring method.
The invention has the advantages and beneficial effects that:
the invention utilizes the random check code as an effective authentication means for marking, greatly reduces the calculation overhead of the system and improves the transmission efficiency; the validity of the random check code is ensured by means of anonymous signature and block chain technology, and complete anonymity of the paper marking and evaluation committee is realized; after the hashed values of the random check codes are linked, a whole member judge confirmation link is added, and the action of applying for a plurality of random check codes by a single person is effectively avoided; the distributed anonymous marking and scoring method and the distributed anonymous marking and scoring system have complete anonymous characteristics, can effectively reduce the calculation overhead of the system, and have high practical value.
Drawings
Fig. 1 is a schematic diagram of a distributed anonymous scoring process in the embodiment of the present invention.
Fig. 2 is a flowchart of a distributed anonymous scoring method according to an embodiment of the present invention.
FIG. 3 is a diagram illustrating the process of establishing a public chain of certificate of the paper marking reviewer according to an embodiment of the present invention.
FIG. 4 is a diagram illustrating the generation process of the hash value of the random check code of the paper marking reviewer according to the embodiment of the present invention.
FIG. 5 is a diagram illustrating an anonymous signing process of a random number check code hash value by an examination paper reader in an embodiment of the present invention.
Fig. 6 is a structural diagram of a distributed anonymous scoring system in an embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the invention refers to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating the present invention, are given by way of illustration and explanation only, not limitation.
As shown in fig. 1 and fig. 2, a distributed anonymous scoring method for paper marking includes a server and a group of scoring evaluation clients, wherein the scoring evaluation clients encrypt and transmit scoring results to the server through a system public key, the server decrypts the scoring results through a system private key to obtain the scoring results, and the method for scoring paper marking using anonymous scoring includes the following steps:
step S1: the public key certificate registration is to register a public key certificate for the examination paper review clients and to disclose the public key certificate to all examination paper review clients through a certificate public chain, as shown in fig. 3.
The public key of each scoring judge side is
Figure 383976DEST_PATH_IMAGE012
The private key is
Figure 463928DEST_PATH_IMAGE019
. In this step, the user may select the same public key encryption algorithm, or may select different kinds of public key encryption algorithms.
In the embodiment of the invention, the adopted public key encryption algorithm is RSA encryption algorithm, and the public key of the marking and appraising client
Figure 833860DEST_PATH_IMAGE012
Is a pair of integers (e, t), the private key
Figure 428790DEST_PATH_IMAGE019
For another pair of integers (d, t), the encryption process for plaintext p is c = e (p) = p e mod t, E (·) denotes an encryption operation, mod denotes a modulo operation, and the process of decrypting the ciphertext c is p = d (c) = c d mod t, D (-) represents the decryption operation.
Step S2: generating a random check code and a hash value thereof, and generating the random check code for verifying the result of the examination paper by the examination paper evaluation clientcodeAnd calculating the hash value of the random check codem
In the embodiment of the invention, a secure hash function SHA256 is adopted to carry out cycle iteration on all random check codes of the appraisers of the examination papers, and the hash value of the random check code is calculated
Figure 893269DEST_PATH_IMAGE024
The iteration cycle number is greater than or equal to 5000 times, and the length of the corresponding random check code is 256 bits, as shown in fig. 4.
Step S3: and registering the hash value of the random check code, wherein the anonymous signature is carried out on the hash value of the random check code by the marking appraiser through a public key in the public key certificate and a private key of the marking appraiser, the anonymous signature is carried out on the hash value of the random check code, the anonymous signature is registered on a public chain of the check code, until all the marking appraiser finishes registering the hash value of the random check code, collective declaration is carried out, each marking appraiser successfully finishes registering the hash value of the random check code, the number of the registered hash values of the random check code is consistent with that of the marking appraiser, and if the numbers are not consistent, the registration of the hash value of the random check code is carried out again.
Because no user privacy is involved in the registration process of the hash value of the random check code and cheaters are easy to find out in the final collective declaration stage, the cheaters do not cheat and have any benefit, and the behavior that one judge registers the hash value of the random check code more can be avoided.
As shown in fig. 5, step S3.1: the anonymous signature adopts a ring signature and comprises the following steps:
step S3.1.1: based on the hash value of the random check codemComputing an encryption keykEncryption keykFor encryption algorithms
Figure 342574DEST_PATH_IMAGE001
The secret key of (a);
in the embodiment of the invention, a symmetric encryption algorithm is adopted
Figure 132675DEST_PATH_IMAGE001
A 256-bit key k sequence is generated using a hash function,
Figure 152584DEST_PATH_IMAGE011
step S3.1.2: according to the number of the appraisers participating in the paper markingnGenerating a corresponding private certificate, wherein the current marking evaluation client is the firstsThe number of the evaluation committee is 1 or lesssnDetermining the private certification of other n-1 scoring judges
Figure 686333DEST_PATH_IMAGE002
In the embodiment of the invention, each private certificate is a character string which is not less than 16 bits in length and needs to contain upper and lower case letters, numbers and special characters.
Step S3.1.3: random argument to disclose hash value of private certificate as anonymous signatureR i ,i=1,2,…,s-1,s+1,…,n
In the embodiment of the invention, 5000 times of iteration calculation of the hash value of the private certificate is carried out based on the secure hash function SHA256 and is used as the random parameter for signature disclosure
Figure 491610DEST_PATH_IMAGE018
Step S3.1.4: obtaining public keys of other marking evaluation terminals disclosed in the certificate public chain, respectively encrypting and calculating n-1 private certificates through the public keys of the certificate public chain to obtain the encrypted n-1 private certificatesy i ,i=1,2,…,s-1,s+1,…,n
The public key of each scoring judge side is
Figure 187033DEST_PATH_IMAGE012
The private key is
Figure 959817DEST_PATH_IMAGE019
. By using
Figure 31678DEST_PATH_IMAGE012
The forward transform can be implemented:
Figure 924417DEST_PATH_IMAGE025
x i which represents the original data of the image data,g i (. cndot.) represents a forward transform operation,y i representing data after forward transformation, using
Figure 56321DEST_PATH_IMAGE019
Can realize reverse transformation
Figure 50822DEST_PATH_IMAGE021
g i -1 (. cndot.) denotes an inverse transformation operation, the encryption process of n-1 copies of private certificates is
Figure 926374DEST_PATH_IMAGE022
R i Indicates that it is going to useiAnd (4) a random parameter encrypted by a public key of the bit marking evaluation client.
Step S3.1.5: randomly selecting an initial value
Figure 706242DEST_PATH_IMAGE003
Step S3.1.6: constructing a closed loop functionC k,v() Let us order
Figure 540206DEST_PATH_IMAGE004
Wherein the content of the first and second substances,
Figure 287582DEST_PATH_IMAGE005
let us order
Figure 950513DEST_PATH_IMAGE006
Obtaining the encrypted private certificate of the current marking appraiser
Figure 834156DEST_PATH_IMAGE007
And ∈ indicates exclusive or.
Step S3.1.7: private key based on current paper marking evaluation client
Figure 776704DEST_PATH_IMAGE008
Calculating random parameters disclosed by anonymous signature of current scoring appraiser
Figure 745797DEST_PATH_IMAGE009
Step S3.1.8: public random check code hash valuemRing signature of
Figure 510622DEST_PATH_IMAGE010
Step S3.2: the method for registering uplink verification by using the hash value of the random verification code comprises the following steps:
step S3.2.1: based on the hash value of the random check codemComputing a symmetric encryption key
Figure 248771DEST_PATH_IMAGE011
Step S3.2.2: based on public keys
Figure 627799DEST_PATH_IMAGE012
Calculating random parameters
Figure 339315DEST_PATH_IMAGE013
Forward transformation of
Figure 94782DEST_PATH_IMAGE014
Step S3.2.3: checking calculation
Figure 749754DEST_PATH_IMAGE015
Whether the result is true or not; if yes, registering the check code hash value on the uplink; otherwise, the uplink is rejected.
And generating a private certificate by the marking and appraising client, and calculating the hash value of the private certificate as a random parameter of the final disclosure of the ring signature to realize the traceable signature authentication.
The validity of the random check code is ensured by means of the ring signature and block chain technology, and complete anonymity of the marking and appraising client is realized.
Based on an anonymous signature algorithm, the paper marking and evaluating client can declare all the random check codes, and the method comprises the following steps:
s3.3.1: public part private certificate of paper marking and evaluating client
Figure 315996DEST_PATH_IMAGE016
S3.3.2: by private certification
Figure 994102DEST_PATH_IMAGE016
The calculated hash value is associated with the signatureMechanical parameters
Figure 553259DEST_PATH_IMAGE017
And verifying, wherein when the random check codes are consistent, the random check codes are all owned by the node.
In the embodiment of the invention, the system checks and calculates through a safe hash function
Figure 266000DEST_PATH_IMAGE023
Whether or not to be associated with the signature
Figure 501678DEST_PATH_IMAGE017
And (5) the consistency is achieved. If the random check codes are consistent, the random check codes are considered to be owned by the node.
The hash value of the private certificate of the marking evaluation client is used as the random parameter of the ring signature by combining the one-way irreversible characteristic of the hash function, and the marking evaluation client can claim the random check code of the client, namely claim the marking evaluation result given by the client if necessary.
Step S4: the certification with the anonymous marking result of the marking result, after the marking evaluation side finishes formal marking, the marking result is added with the random check code generated in the step S2codeAnd the encrypted data is transmitted to the server side through the system public key.
Step S5: and (4) verifying the validity of the marking result, wherein the server receives and decrypts the file returned by the marking evaluation client through a system private key, calculates the hash value of the random check code attached to the marking result, compares the hash value of the marking result with the hash value of the random check code recorded in the check code public chain, and confirms the validity of the marking result.
Corresponding to the embodiment of the distributed anonymous scoring method, the invention also provides an embodiment of a distributed anonymous scoring system.
Referring to fig. 6, the distributed anonymous scoring system provided in an embodiment of the present invention includes a memory and one or more processors, where the memory stores executable codes, and the one or more processors, when executing the executable codes, are configured to implement a distributed anonymous scoring method in the foregoing embodiments.
The embodiment of the distributed anonymous scoring system can be applied to any device with data processing capability, such as a computer or other devices. The device embodiments may be implemented by software, or by hardware, or by a combination of hardware and software. The software implementation is taken as an example, and as a logical device, the device is formed by reading corresponding computer program instructions in the nonvolatile memory into the memory for running through the processor of any device with data processing capability. From a hardware aspect, as shown in fig. 6, a hardware structure diagram of any device with data processing capability where the distributed anonymous scoring system of the present invention is located is shown, except for the processor, the memory, the network interface, and the nonvolatile memory shown in fig. 6, in the embodiment, any device with data processing capability where the apparatus is located may also include other hardware generally according to the actual function of the any device with data processing capability, which is not described again.
The implementation process of the functions and actions of each unit in the above device is specifically described in the implementation process of the corresponding step in the above method, and is not described herein again.
For the device embodiments, since they substantially correspond to the method embodiments, reference may be made to the partial description of the method embodiments for relevant points. The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules can be selected according to actual needs to achieve the purpose of the scheme of the invention. One of ordinary skill in the art can understand and implement it without inventive effort.
The embodiment of the invention also provides a computer-readable storage medium, wherein a program is stored on the computer-readable storage medium, and when the program is executed by a processor, the distributed anonymous scoring method in the embodiment is realized.
The computer readable storage medium may be an internal storage unit, such as a hard disk or a memory, of any data processing capability device described in any of the foregoing embodiments. The computer readable storage medium may also be any external storage device of a device with data processing capabilities, such as a plug-in hard disk, a Smart Media Card (SMC), an SD Card, a Flash memory Card (Flash Card), etc. provided on the device. Further, the computer readable storage medium may include both an internal storage unit and an external storage device of any data processing capable device. The computer-readable storage medium is used for storing the computer program and other programs and data required by the arbitrary data processing-capable device, and may also be used for temporarily storing data that has been output or is to be output.
The above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions depart from the scope of the technical solutions of the embodiments of the present invention.

Claims (10)

1. A distributed anonymous marking method comprises a server and a group of marking evaluation terminals, wherein the marking evaluation terminals encrypt and transmit marking results to the server through a system public key, and the server decrypts the marking results through a system private key to obtain the marking results, and is characterized in that: the scoring method adopts anonymous scoring and comprises the following steps:
step S1: registering a public key certificate, namely registering the public key certificate for an examination paper marking evaluation side, and disclosing the public key certificate to all examination paper marking evaluation sides through a certificate public chain;
step S2: generating a random check code and a hash value thereof, generating the random check code for verifying the result of the examination paper by the examination paper evaluation terminal, and calculating the hash value of the random check code;
step S3: the random check code hash value registration comprises the following steps:
step S3.1: the examination paper evaluation side carries out anonymous signature on the hash value of the random check code through a public key in the public key certificate and a private key of the examination paper evaluation side;
step S3.2: registering the random check code hash value after anonymous signature on a check code public chain until all the examination paper evaluation terminals finish the registration of the random check code hash value;
step S3.3: after all the scoring evaluation terminals finish the registration of the hash values of the random check codes, collectively declaring that each scoring evaluation terminal successfully finishes the registration of the hash values of the random check codes, the number of the registered hash values of the random check codes is consistent with that of the scoring evaluation terminals, and if the registered hash values of the random check codes are not consistent with that of the scoring evaluation terminals, re-registering the hash values of the random check codes;
step S4: the examination paper marking result is signed anonymously, after the examination paper marking evaluation side finishes formal examination paper marking, the examination paper marking evaluation side adds the random check code generated in the step S2 to the examination paper marking result, and the examination paper marking result is encrypted by a system public key and then is transmitted to the server side;
step S5: and (4) verifying the validity of the marking result, wherein the server receives and decrypts the file returned by the marking evaluation client through a system private key, calculates the hash value of the random check code attached to the marking result, compares the hash value of the marking result with the hash value of the random check code recorded in the check code public chain, and confirms the validity of the marking result.
2. The distributed anonymous scoring method according to claim 1, wherein:
step S3.1 comprises the steps of:
step S3.1.1: based on the hash value of the random check codemComputing an encryption keykEncryption keykFor encryption algorithms
Figure DEST_PATH_IMAGE001
The secret key of (a);
step S3.1.2: according to the examination paper evaluation committee who participates in examination paper markingNumber of terminalsnGenerating a corresponding private certificate, wherein the current marking evaluation client is the firstsThe number of the evaluation committee is 1 or lesssnThe private certificate of other n-1 scoring judges is
Figure DEST_PATH_IMAGE002
Step S3.1.3: calculating the hash value of the private certificate and using it as the random parameter for anonymous signature disclosureR i ,i=1,2,…,s-1,s+1,…,n
Step S3.1.4: obtaining public keys of other marking evaluation terminals disclosed in the certificate public chain, respectively encrypting n-1 random parameters through the public keys to obtain n-1 encrypted private certificatesy i ,i=1,2,…,s-1,s+1,…,n
Step S3.1.5: randomly selecting an initial value
Figure DEST_PATH_IMAGE003
Step S3.1.6: constructing a closed loop functionC k,v() Let us order
Figure DEST_PATH_IMAGE004
(ii) a Wherein the content of the first and second substances,
Figure DEST_PATH_IMAGE005
let us order
Figure DEST_PATH_IMAGE006
Obtaining the encrypted private certificate of the current paper marking appraiser
Figure DEST_PATH_IMAGE007
≧ indicates xor;
step S3.1.7: private key based on current paper marking evaluation client
Figure DEST_PATH_IMAGE008
And calculating random parameters disclosed by anonymous signature of current scoring evaluation sideMeasurement of
Figure DEST_PATH_IMAGE009
Step S3.1.8: public random check code hash valuemRing signature of (2)
Figure DEST_PATH_IMAGE011
Step S3.2 comprises the steps of:
step S3.2.1: based on the hash value of the random check codemComputing a symmetric encryption key
Figure DEST_PATH_IMAGE012
Step S3.2.2: based on public keys
Figure DEST_PATH_IMAGE013
Calculating random parameters
Figure DEST_PATH_IMAGE014
Forward transformation of
Figure DEST_PATH_IMAGE015
Step S3.2.3: checking calculation
Figure DEST_PATH_IMAGE016
If yes, registering the check code hash value to a cochain, namely uploading a check code common chain; otherwise, the uplink is rejected.
3. The distributed anonymous scoring method according to claim 2, wherein: in step S3.3, based on the anonymous signature algorithm, the paper marking and evaluation client can declare that the random check code is owned by the node, and the method includes the following steps:
s3.3.1: public part private certificate of paper marking and evaluating client
Figure DEST_PATH_IMAGE017
S3.3.2: by partial private attestation
Figure 297726DEST_PATH_IMAGE017
The calculated hash value and the random parameter on the anonymous signature
Figure DEST_PATH_IMAGE018
And verifying, wherein when the random check codes are consistent, the random check codes are all owned by the node.
4. The distributed anonymous scoring method according to claim 2, wherein: in the step S3.1.1, a symmetric encryption algorithm is adopted
Figure 11604DEST_PATH_IMAGE001
A 256-bit key k sequence is generated using a hash function,
Figure DEST_PATH_IMAGE019
5. the distributed anonymous scoring method according to claim 2, wherein: in the step S3.1.3, the hash value of the private certificate is calculated more than or equal to 5000 times based on the SHA256 iteration of the secure hash function as the random parameter for signature disclosure
Figure 243871DEST_PATH_IMAGE018
6. The distributed anonymous scoring method according to claim 2, wherein: in the step S3.1.4, the public key of the reader is
Figure 311184DEST_PATH_IMAGE013
The private key is
Figure DEST_PATH_IMAGE020
Using public keys
Figure 702720DEST_PATH_IMAGE013
And (3) realizing forward transformation:
Figure DEST_PATH_IMAGE021
Figure 321920DEST_PATH_IMAGE018
which is a representation of a random parameter,g i () represents an encryption operation that is performed,y i representing the encrypted random parameter only by the private key
Figure 572642DEST_PATH_IMAGE020
Can realize reverse transformation
Figure DEST_PATH_IMAGE022
g i -1 The (DEG) represents a decryption operation, and the encryption process of the n-1 private certificates is the encryption process of the random parameter
Figure DEST_PATH_IMAGE023
R i Indicates that it is going to useiAnd (4) a random parameter encrypted by a public key of the bit marking evaluation client.
7. A distributed anonymous scoring method according to claim 3, wherein: in the step S3.3.2, the server checks the calculation through the secure hash function
Figure DEST_PATH_IMAGE024
Whether to match random parameters on anonymous signatures
Figure 105298DEST_PATH_IMAGE018
And if the random check codes are consistent, the random check codes are considered to be owned by the node.
8. The distributed anonymous scoring method according to claim 1, wherein: in the step S1, the public key encryption algorithm of the paper marking evaluation side adopts the RSA encryption algorithm and the public key of the paper marking evaluation sideP i Is a pair of integers (e, t), the private key
Figure 243018DEST_PATH_IMAGE020
For another pair of integers (d, t), the encryption process for plaintext p is c = e (p) = p e mod t, E (·) denotes an encryption operation, mod denotes a modulo operation, and the decryption process for the ciphertext c is p = d (c) = c d mod t, D (-) represents the decryption operation.
9. The distributed anonymous scoring method according to claim 1, wherein: in the step S2, a secure hash function is adoptedSHA256, performing loop iteration on all random check codes of the scoring judges, and calculating the hash value of the random check code
Figure DEST_PATH_IMAGE025
The iteration cycle number is more than or equal to 5000 times, and the length of the corresponding random check code is 256 bits.
10. A distributed anonymous scoring system is characterized in that: comprising a memory having stored therein executable code and one or more processors operable when executing the executable code to implement a distributed anonymous scoring method according to any one of claims 1-9.
CN202210417933.5A 2022-04-21 2022-04-21 Distributed anonymous marking method and system Active CN114520728B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210417933.5A CN114520728B (en) 2022-04-21 2022-04-21 Distributed anonymous marking method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210417933.5A CN114520728B (en) 2022-04-21 2022-04-21 Distributed anonymous marking method and system

Publications (2)

Publication Number Publication Date
CN114520728A CN114520728A (en) 2022-05-20
CN114520728B true CN114520728B (en) 2022-08-05

Family

ID=81600277

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210417933.5A Active CN114520728B (en) 2022-04-21 2022-04-21 Distributed anonymous marking method and system

Country Status (1)

Country Link
CN (1) CN114520728B (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111901292A (en) * 2020-06-08 2020-11-06 徐华 High and new enterprise evaluation system based on group signature
CN112702159A (en) * 2020-12-15 2021-04-23 浙江工商大学 Online expert scoring method and system based on block chain
CN114005217A (en) * 2021-10-21 2022-02-01 浙江工商大学 Electronic voting system and method based on block chain

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101098223A (en) * 2007-07-05 2008-01-02 李江 Method and device for encrypting network user password
US20150006895A1 (en) * 2009-06-01 2015-01-01 Maidsafe Foundation Distributed network system
CN111932052A (en) * 2020-06-08 2020-11-13 徐华 Teacher scoring management system based on anonymous mechanism
CN111984959B (en) * 2020-08-31 2022-05-03 北京数字认证股份有限公司 Anonymous information publishing and verifying method and device
CN112487468B (en) * 2020-12-21 2023-11-03 暨南大学 Traceable complete anonymous electronic voting method and system based on blockchain
CN113595738B (en) * 2021-07-29 2022-09-02 南京工业大学 Block chain-based collaborative position privacy protection method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111901292A (en) * 2020-06-08 2020-11-06 徐华 High and new enterprise evaluation system based on group signature
CN112702159A (en) * 2020-12-15 2021-04-23 浙江工商大学 Online expert scoring method and system based on block chain
CN114005217A (en) * 2021-10-21 2022-02-01 浙江工商大学 Electronic voting system and method based on block chain

Also Published As

Publication number Publication date
CN114520728A (en) 2022-05-20

Similar Documents

Publication Publication Date Title
Chaidos et al. BeleniosRF: A non-interactive receipt-free electronic voting scheme
CN110971405B (en) SM2 signing and decrypting method and system with cooperation of multiple parties
Yu et al. Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage
Mao Modern cryptography: theory and practice
CN104811450B (en) The date storage method and integrity verification method of a kind of identity-based in cloud computing
Wei et al. SecCloud: Bridging secure storage and computation in cloud
RU2376651C2 (en) Using isogenies to design cryptosystems
Wang et al. Generalization of threshold signature and authenticated encryption for group communications
JPWO2005071881A1 (en) Mix net system
EP3496331A1 (en) Two-party signature device and method
CN114521319A (en) Lattice-based signatures with uniform secrets
CN115804059A (en) Generating secret shares
Xu et al. Secure fuzzy identity-based public verification for cloud storage
Peng A general and efficient countermeasure to relation attacks in mix-based e-voting
WO2019174404A1 (en) Digital group signature method, device and apparatus, and verification method, device and apparatus
CN114520728B (en) Distributed anonymous marking method and system
Feng et al. A new public remote integrity checking scheme with user and data privacy
TW202318833A (en) Threshold signature scheme
Peng How Secure Are The Main Real-World Mix Networks—Case Studies To Explore Vulnerabilities And Usability
Pape Authentication in insecure environments: using visual cryptography and non-transferable credentials in practise
Lueks et al. Vote to link: Recovering from misbehaving anonymous users
Hanaoui et al. MULTI-AGENT identity combined key Signature authentication PROTOCOL based schnorr signature with provable security under AVISPA
Mitani et al. Anonymous probabilistic payment in payment hub
Santos Cryptography for pragmatic distributed trust and the role of blockchain
Bashir Analysis and Improvement of Some Signcryption Schemes Based on Elliptic Curve

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant