CN115913513A - Distributed credible data transaction method, system and device supporting privacy protection - Google Patents
Distributed credible data transaction method, system and device supporting privacy protection Download PDFInfo
- Publication number
- CN115913513A CN115913513A CN202310021062.XA CN202310021062A CN115913513A CN 115913513 A CN115913513 A CN 115913513A CN 202310021062 A CN202310021062 A CN 202310021062A CN 115913513 A CN115913513 A CN 115913513A
- Authority
- CN
- China
- Prior art keywords
- data
- transaction
- privacy protection
- distributed
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a distributed credible data transaction method, a system and a device supporting privacy protection, wherein in the data transaction process, the privacy protection of data in the storage process is ensured by introducing a disk falling encryption on the basis of distributed storage; in the transaction process, decentralized identity information is provided for a data provider and a data demander through a distributed multi-center identity identification protocol, so that the identity privacy of a user can be guaranteed; by introducing homomorphic encryption and zero knowledge proof in the transaction process, under the condition that the original text of the data does not need to be disclosed, the transaction calculation or authentication service is provided for the user, and the privacy of the transaction data is guaranteed.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to a distributed trusted data transaction method, a system and a device supporting privacy protection.
Background
In the large environment where internet applications are increasingly popular, a large number of applications need to persistently record occurring events, behaviors, and states in a database for later query, i.e., persistent storage. In the traditional method, a data management service platform is used as a fair third party to carry out unified billing, all inquiry operations of transaction information are processed on the platform, and data of other organizations and organizations are also added to the transaction service platform in an access mode. In the traditional centralized accounting mode, the main transaction information is stored in a single accounting party, which is a "logical" centralized storage mode, that is, the transaction data is stored in and managed by only one service participant.
The centralized accounting mode has the problem of data access performance, namely, an accounting party needs to store a plurality of copies of data for ensuring reliability, so that the performance bottleneck of data access is caused; data trust problem, namely, transaction data may be tampered by the accounting party and cannot be verified, so that each party needs to trust the accounting party completely; and (4) a data disaster recovery problem, namely that data is difficult to recover after the bookkeeping party is attacked. Therefore, the traditional centralized accounting mode has the defects of low storage efficiency, poor credibility, vulnerability and the like.
With the popularity of cryptocurrency and decentralized applications, blockchain technology has received great attention from various industries. From a data management perspective, a blockchain can be viewed as an untrustworthy ledger that is commonly maintained by numerous untrusted nodes in a distributed environment. Because the nodes are not trusted, the block chain ensures the consistency of data storage through a consensus protocol, and realizes decentralized data management. The block chain-based data management technology disperses the overlarge authority to all node participants through a chain structure and a distributed consensus mechanism of the block chain, avoids the possibility that a centralized third party with the overlarge authority maliciously destroys data, and can effectively solve the problems of centralized authority and real and reliable data faced by the traditional data management.
Compared with a traditional distributed database system, the block chain system provides better distribution, transparency and credibility in the billing mode, and functionally provides a tamper-proof verification mechanism and an intelligent contract mechanism, so that the block chain system is more suitable for anonymous use in an untrusted environment. However, the blockchain technique also faces serious privacy disclosure problems while improving efficiency, reducing cost, and improving data security. One is the on-chain data privacy and threats, including transaction privacy, account address privacy, user identity privacy, and other on-chain data information. The system can construct an intelligent contract transaction after a user initiates a function call, and a plurality of nodes in the block chain system can process the transaction, so that operations and data related to the transaction need to be opened for all nodes, and the problems of privacy disclosure, such as voting scheme, medical data collection and the like, can exist when the application scene of sensitive data is processed.
Disclosure of Invention
In view of this, embodiments of the present invention provide a distributed trusted data transaction method, system and device supporting privacy protection, so as to eliminate or improve one or more defects in the prior art, so as to solve a problem that privacy data cannot be guaranteed due to a transparent trust mechanism in the prior art.
In one aspect, the present invention provides a distributed trusted data transaction method supporting privacy protection, where the method is executed by a data management module, and the data management module further calls a privacy protection module, a blockchain infrastructure, and a storage module through a data interface connection, and the method includes the following steps:
the data management module receives a data uploading request sent by a data provider, wherein the data uploading request contains first authority information of the data provider; verifying the first authority information, and receiving transaction data of the data provider under the condition that the first authority information passes the verification;
the data management module calls the privacy protection module to generate a first decentralized identity of the data provider by using a distributed multi-center-based identity identification protocol and feeds the first decentralized identity back to the data provider; the privacy protection module encrypts the transaction data by adopting a homomorphic encryption algorithm to obtain a transaction ciphertext;
the data management module calls the block chain infrastructure to store the first decentralized identity and the transaction ciphertext in a distributed uplink mode to the storage module based on off-the-shelf encryption, obtains a first storage result and a first uplink transaction receipt and sends the first storage result and the first uplink transaction receipt to the data management module;
the data management module receives a data transaction request sent by a data demanding party, wherein the data transaction request comprises second authority information of the data demanding party; verifying the second authority information, and under the condition that the verification is passed, generating a second decentralized identity of the data demand party by the privacy protection module by using an identity identification protocol based on distributed multiple centers, and sending the second decentralized identity to the data demand party;
the data management module calls the privacy protection module to perform homomorphic calculation on the transaction ciphertext or generate a zero-knowledge proof according to the data transaction request;
the data management module calls the block chain infrastructure to acquire a first decentralized identity of a data provider corresponding to the data transaction request;
the data management module calls the privacy protection module to send the homomorphic calculation result or the zero-knowledge proof to the block chain infrastructure, and the block chain infrastructure performs encrypted distributed storage to the storage module based on a falling plate to obtain a second storage result and a second uplink transaction receipt;
the blockchain infrastructure sending the second stored result and the second uplink transaction receipt to the data management module;
and the data management module sends the homomorphic calculation result or the zero-knowledge proof to the data demand side and sends the trusted certificate containing the first decentralized identity to the data demand side.
In some embodiments, the privacy protection module encrypts the transaction data using a homomorphic encryption algorithm to obtain a transaction ciphertext, and the homomorphic encryption algorithm uses a fully homomorphic encryption algorithm based on a lattice cipher.
In some embodiments, in the lattice cipher based fully homomorphic encryption algorithm, the private key sk is represented as a vector
The public key pk is denoted A and the plaintext is denoted @>
Ciphertext is denoted as C;
acquiring a Setup function for generating security parameters, a SecretKeyGen function for generating a private key and a PublicKeyGen function for generating a public key;
in the Setup function, the set of the function,
selecting a modulus q, <' > or>
Bit length, lattice size parameter>
And an error distribution function>
,/>
A system security parameter representing an encryption algorithm, <' > based on a key value>
Representing the number of layers of homomorphic operation; simultaneous selection of parameters>
And a merge parameter->
,
,/>
(ii) a Function->
Representing the complexity; />
Among the SecretKeyGen functions, secretKeyGen (params) was sampled
The dimension of the representative vector t is n and belongs to a prime finite field, and the output private key sk = ^ is selected>
And satisfy->
;
In the public KeyGen function, the public KeyGen (params, sk) uniformly and randomly generates a matrix
And vector->
Make->
Let A be selected from ^ n>
An n +1 column matrix formed together with the n column matrix B, with a public key pk = a;
the message encryption algorithm Enc (params, pk, mu) is used to encrypt the plaintext
,/>
Represents a finite field of prime numbers ranging (-q/2, q/2), and samples a mean matrix->
And outputting the ciphertext C, wherein the calculation formula is as follows:
wherein the BitDecomp (.) function represents the binary expansion of each bit of the input,
is its inverse function, flatten (. -) function is->
;
Decrypting the ciphertext C to obtain the message decryption algorithm Decry (params, sk, C)
。
In some embodiments, the message decryption algorithm Decry (params, sk, C), two decryption algorithms Dec (params, sk, C) and MPDec (params, sk, C) are introduced;
in Dec (params, sk, C), vectors are observed
Pre-or pre-X>
Multiple coefficients>
Let->
Let a
Is line i of C, calculate:
in MPDec (params, sk, C), it is known
,/>
Before->
Has a coefficient of->
Therefore if satisfied +>
Then>
Is pre->
Has a number of coefficients>
In which>
. Slave/slave unit>
Is recovered>
Then slave->
The next least significant bit is recovered from the first bit,and so on to finally obtain the clear text->
(ii) a Where Small indicates that it is within an acceptable noise range.
In some embodiments, the method employs a FISCO BCOS distributed storage architecture to store the first decentralized identity, the transaction cryptogram, the result of the homomorphic calculation, and/or the zero knowledge proof.
In another aspect, the present invention further provides a distributed trusted data transaction system supporting privacy protection, including:
the data management module is used for connecting the clients of the data provider and the data demander and executing the distributed credible data transaction method supporting privacy protection;
the privacy protection module is connected with the data management module through a data interface and is used for calling and executing a homomorphic encryption algorithm;
the blockchain infrastructure comprises a plurality of network nodes, is connected with the privacy protection module and the data management module and is used for accounting transactions;
and the storage module is used for storing the transaction data in a distributed mode.
In some embodiments, the storage module unifies SQL and NOSQL through abstract table structures to support LevelDB, rocksDB, and MySQL based on a FISCO BCOS distributed storage architecture.
In some embodiments, the privacy preserving module provides decentralized identity for clients of the data provider and the data consumer based on the WeIdentity DID distributed multi-centric identity protocol.
In another aspect, the present invention also provides a distributed trusted data transaction apparatus supporting privacy protection, including a processor and a memory, wherein the memory stores computer instructions, and the processor is configured to execute the computer instructions stored in the memory, and when the computer instructions are executed by the processor, the apparatus implements the steps of the above method.
In another aspect, the present invention also provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the above method.
The invention has the beneficial effects that:
according to the distributed credible data transaction method, the system and the device supporting privacy protection, in the data transaction process, the privacy protection of data in the storage process is guaranteed by introducing the off-disk encryption on the basis of distributed storage; in the transaction process, decentralized identity information is provided for a data provider and a data demander through a distributed multi-center identity identification protocol, so that the identity privacy of a user can be guaranteed; by introducing homomorphic encryption and zero knowledge proof in the transaction process, under the condition that the original text of the data does not need to be disclosed, the transaction calculation or authentication service is provided for the user, and the privacy of the transaction data is guaranteed.
Additional advantages, objects, and features of the invention will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and drawings.
It will be appreciated by those skilled in the art that the objects and advantages that can be achieved with the present invention are not limited to the specific details set forth above, and that these and other objects that can be achieved with the present invention will be more clearly understood from the detailed description that follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
fig. 1 is a flowchart of a distributed trusted data transaction method supporting privacy protection according to an embodiment of the present invention.
Fig. 2 is a timing diagram of an algorithm protocol based on homomorphic encryption and zero knowledge proof according to another embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the following embodiments and accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.
It should be noted that, in order to avoid obscuring the present invention with unnecessary details, only the structures and/or processing steps closely related to the scheme according to the present invention are shown in the drawings, and other details not so relevant to the present invention are omitted.
It should be emphasized that the term "comprises/comprising" when used herein, is taken to specify the presence of stated features, elements, steps or components, but does not preclude the presence or addition of one or more other features, elements, steps or components.
It is also noted herein that the term "coupled," if not specifically stated, may refer herein to not only a direct connection, but also an indirect connection in which an intermediate is present.
Hereinafter, embodiments of the present invention will be described with reference to the accompanying drawings. In the drawings, the same reference numerals denote the same or similar parts, or the same or similar steps.
Traditional data management stores data in a third party with public credibility after encryption, and binds information such as a time stamp and an operator to prove the reliability of source information. A third party is required to be trustfully in the data access and verification processes, the authority of the third party is too concentrated, and if the third party maliciously tampers or deletes data, the data cannot be checked, so that the data cannot be guaranteed to be real and reliable. The block chain-based data management technology can establish an efficient and transparent trust mechanism, and effectively solves the trust problem of centralized authority in the access and use processes of the traditional data management. However, there are still a number of data management issues, such as data privacy, scalability and latency, in developing blockchain applications. Aiming at the problems, the invention provides a distributed trusted data management system and a distributed trusted data management method supporting privacy protection, which can effectively solve the pain point of traditional centralized data management and realize privacy protection from three aspects of storage privacy, data privacy and identity privacy. The form of combining the privacy protection technology and the block chain technology is adopted, the privacy protection technology and the block chain data management technology complement each other, and the confidentiality, the integrity, the availability, the authentication and the non-repudiation of the information system are guaranteed. The data is stored and processed by the system, and the data is safely usable under the condition of ensuring privacy.
In particular, in one aspect, the invention provides a distributed trusted data transaction method supporting privacy protection, which is executed by a data management module, and the data management module is further connected with and calls a privacy protection module, a blockchain infrastructure and a storage module through a data interface. In the actual operation process, the data management module and the privacy protection module can adopt independent hardware, and can also be loaded on an agent of a block chain network to operate.
The method comprises the following steps S101-S109:
step S101: the data management module receives a data uploading request sent by a data provider, wherein the data uploading request contains first authority information of the data provider; and verifying the first authority information, and receiving the transaction data of the data provider under the condition that the verification is passed.
Step S102: the data management module calls a privacy protection module to generate a first decentralized identity of a data provider by using a distributed multi-center-based identity identification protocol and feeds the first decentralized identity back to the data provider; the privacy protection module encrypts the transaction data by adopting a homomorphic encryption algorithm to obtain a transaction ciphertext.
Step S103: the data management module calls a block chain infrastructure to store the first decentralized identity and the transaction ciphertext in a distributed uplink mode to the storage module based on the off-the-shelf encryption, and a first storage result and a first uplink transaction receipt are obtained and sent to the data management module.
Step S104: the data management module receives a data transaction request sent by a data demand party, wherein the data transaction request comprises second authority information of the data demand party; and verifying the second authority information, and under the condition that the verification is passed, generating a second decentralized identity of the data demand party by using a distributed multi-center-based identity identification protocol through the privacy protection module, and sending the second decentralized identity to the data demand party.
Step S105: and the data management module calls the privacy protection module to perform homomorphic calculation on the transaction ciphertext or generate a zero-knowledge proof according to the data transaction request.
Step S106: the data management module calls the blockchain infrastructure to obtain a first decentralized identity of a data provider corresponding to the data transaction request.
Step S107: and the data management module calls the privacy protection module to send the homomorphic calculation result or the zero-knowledge certificate to the blockchain infrastructure, and the blockchain infrastructure encrypts and stores the homomorphic calculation result or the zero-knowledge certificate to the storage module in a distributed manner based on the falling plate to obtain a second storage result and a second uplink transaction receipt.
Step S108: the blockchain infrastructure sends the second stored result and the second uplink transaction receipt to the data management module.
Step S109: the data management module sends the homomorphic calculation result or the zero-knowledge proof to the data demand side, and sends the credible certificate containing the first decentralized identity to the data demand side.
In step S101, the data provider makes a data upload request for data that needs to be stored in an uplink, where the first permission information of the data provider may add an identity to a specific field to confirm that it has permission to upload data. The first authority information may mark not only a subject having a data upload authority, but also a type, a data format, a data length, and the like of data allowed to be uploaded. Only if the verification is passed, the subsequent upload operation is allowed to be performed, and if the verification is not passed, the transaction is stopped.
In step S102, the identity identification protocol based on the distributed multi-center is a WeIdentity DID, which may be used for selectively disclosing or providing an identity certificate during a transaction process by a user, so as to achieve the purpose of identity privacy protection. Distributed digital identity claims users to manage and control digital identities, and different users do not rely on third parties for secure communication. The DID-based point-to-point mutual authentication and secure communication requirements are met through DID identifiers and keys managed by the user and distributed digital identity data registered to a distributed account book. As for the communication between two points, the working principle of the secure communication is still based on the traditional PKI challenge response mechanism and the negotiation data encryption mode. The bottom layer protocol of the secure communication can use HTTP, RPC, bluetooth, NFC or other protocols, and becomes a standard communication mode of end-to-end interconnection and intercommunication among different solutions; as for all nodes in the whole network, authentication interaction based on an asymmetric key mode can be realized among nodes representing the identities of any different entities through identity key wallets deployed in a decentralized server and a personal client and DID distributed accounts shared in the whole network, and finally, whole network trust is realized through trust transfer among the entities.
In this embodiment, homomorphic Encryption (Homomorphic Encryption) is introduced, after Homomorphic Encryption is performed on original data, a specific operation is performed on an obtained ciphertext, and then a plaintext obtained by Homomorphic decryption of a calculation result is equivalent to a data result obtained by directly performing the same operation on original plaintext data. In homomorphic encryption, other users can process the encrypted data, any original content cannot be leaked in the process, and decryption is performed after data processing is completed, so that the result of the same processing on the original data is obtained. The data processing safety performance can be improved, and the data privacy is guaranteed.
In step S103, the present application performs distributed storage by using a fall encryption technique, where the fall encryption is performed inside the organization. In the intranet environment of the organization, each organization independently encrypts the hard disk data of the nodes. When the hard disk of the machine where the node is located is taken away from the mechanism and the node is started in a network outside the mechanism intranet, the hard disk data cannot be decrypted and the node cannot be started. And thus cannot steal data on the federation chain. Therefore, privacy protection in the data storage process can be effectively realized in a disk-dropping encryption mode.
In step S104, corresponding to step S101, the authority of the data requester is also required to check to confirm that it has the access authority of the corresponding data. The form and content of the second rights information may be set with reference to the first rights information. The identity privacy of the data demand party can be effectively protected by providing the second decentralized identity for the data demand party through the WeIdentityDID protocol.
In step S105, based on the data transaction request, the privacy protection module performs homomorphic calculation on the required transaction ciphertext or generates a zero-knowledge proof. Specifically, homomorphic encryption is used for calculating data to be calculated, and zero-knowledge proof is provided for data to be proved.
In steps S106-S109, the first decentralized identity is synchronously sent to the data requesting party to prove that the provided homomorphic calculation result or zero knowledge proof really comes from the required data providing party, and the uplink storage and recording are carried out on the transaction process.
In some embodiments, in step S102, the privacy protection module encrypts the transaction data by using a homomorphic encryption algorithm to obtain a transaction ciphertext, where the homomorphic encryption algorithm uses a fully homomorphic encryption algorithm based on a lattice cipher. In step S105, the calculation is performed by using the fully homomorphic encryption algorithm.
Specifically, in the lattice-cipher-based fully homomorphic encryption algorithm, the private key sk is expressed as a vector
The public key pk is denoted A and the plaintext is denoted @>
And the ciphertext is denoted as C.
A Setup function for generating security parameters, a secetkeygen function for generating a private key, and a PublicKeyGen function for generating a public key are obtained.
In the Setup function, the set of the function,
selecting a modulus q, <' > or>
BitsLength, lattice size parameter
And an error distribution function>
,/>
And &>
Represents and->
、/>
Is concerned, is>
A system security parameter representing an encryption algorithm, <' > based on a key value>
The number of layers of homomorphic operation is indicated. While selecting a parameter->
And a merge parameter->
,/>
,/>
(ii) a Function->
Indicating complexity.
In the SecretKeyGen function, secretKeyGen (params) samples
The dimension of the representative vector t is n and belongs to a prime finite field, and the output private key sk = ^ is selected>
And satisfy->
。
In the PublicKeyGen function, publicKeyGen (params, sk) uniformly and randomly generates a matrix
And vector->
Make->
Let A be selected from ^ n>
An n +1 column matrix, which is composed together with the n column matrix B, assuming that the public key pk = a.
The message encryption algorithm Enc (params, pk, mu) is used to encrypt the plaintext
,/>
Represents a finite field of prime numbers ranging (-q/2, q/2), and samples a mean matrix->
And outputting the ciphertext C, wherein the calculation formula is as follows:
wherein, the BitDecomp (.) function represents that each bit of the input is expanded according to binary,
is its inverse function, flatten (. -) function is->
。
Decrypting the ciphertext C to obtain a message decryption algorithm Decry (params, sk, C)
。
In some embodiments, the message decryption algorithm Decry (params, sk, C), two decryption algorithms Dec (params, sk, C) and MPDec (params, sk, C) are introduced;
dec can sufficiently recover information
In Dec (params, sk, C), the observation vector @>
Front->
Number of coefficient->
Let alone>
Let alone>
Is line i of C, calculate:
MPDec can recover arbitrary
In MPDec (params, sk, C), known +>
,/>
Front of
Has a coefficient of->
Therefore if satisfy->
Then>
Is pre->
Has a coefficient of->
Wherein->
. Slave/slave unit>
In and restore>
Then slave->
The next least significant bit is recovered, and so on, and finally the plaintext->
(ii) a Wherein Small indicates that within an acceptable noise range, such as q/4; LSB represents the Least Significant Bit (Least Significant Bit) and refers to the 0 th Bit (i.e., the Least Significant Bit) in a binary digit with a weight of 2^0, which can be used to detect the parity of the number. And conversely the most significant bit. In big endian, LSB refers to the rightmost bit. The least significant bit represents the smallest unit in a binary number and can be used to indicate a small change in the number.
In some embodiments, in steps S101-S109, the method employs a FISCO BCOS distributed storage architecture to store the first decentralized identity, the transaction cryptogram, the result of the homomorphic calculation, and/or the zero knowledge proof.
In another aspect, the present invention further provides a distributed trusted data transaction system supporting privacy protection, including:
the data management module is used for connecting the clients of the data provider and the data demander and executing the distributed credible data transaction method supporting privacy protection;
the privacy protection module is connected with the data management module through a data interface and is used for calling and executing a homomorphic encryption algorithm;
a blockchain infrastructure comprising a plurality of network nodes connecting the privacy protection module and the data management module for accounting transactions;
and the storage module is used for storing the transaction data in a distributed mode.
In some embodiments, the storage module unifies SQL and NOSQL through abstract table structures to support LevelDB, rocksDB, and MySQL based on the FISCO BCOS distributed storage architecture.
In some embodiments, the privacy protection module provides decentralized identity for clients of the data provider and the data consumer based on the WeIdentity DID distributed multi-centric identity protocol.
In another aspect, the present invention also provides a distributed trusted data transaction apparatus supporting privacy protection, including a processor and a memory, wherein the memory stores computer instructions, and the processor is configured to execute the computer instructions stored in the memory, and when the computer instructions are executed by the processor, the apparatus implements the steps of the above method.
In another aspect, the present invention also provides a computer readable storage medium, on which a computer program is stored, which program, when executed by a processor, performs the steps of the above method.
The invention is illustrated below with reference to specific examples:
the distributed trusted data transaction system supporting privacy protection is constructed and comprises a data management module, and the data management module is connected with and calls a privacy protection module, a block chain infrastructure and a storage module through a data interface. A data provider and a data sharer are defined as DO, a data demander and a data user are defined as DU, a decentralized unique identity certificate is defined as DID, a homomorphic operation result is DR, and a zero-knowledge credibility certificate is Proof.
The embodiment provides a distributed trusted data transaction method supporting privacy protection, which includes the following specific steps, as shown in fig. 1:
step 1: and the DO initiates a data uploading request according to the service requirement, and the request reaches the data management module.
Step 2: the data management module firstly verifies the access authority of the DO, and receives the data of the requester after the authority passes.
And 3, step 3: and generating DID for the identity of the DO, carrying out privacy protection processing on the data of the DO, and encrypting through a homomorphic encryption algorithm.
And 4, step 4: the DID is returned to DO.
And 5: and carrying out distributed storage on the ciphertext data and the DID. Firstly, storage access control is carried out according to the authority of DO, and ciphertext data and DID uplink are carried out after the authority passes.
And 6: and returning the stored result and the uplink transaction receipt to the data management module.
And 7: and returning the successful information of the data uplink to the DO.
And step 8: the DU initiates a data acquisition request and sends the request content to the data management module.
And step 9: and verifying the access authority of the DU, and generating the DID of the DU after the authority passes and returning the DID to the DU.
Step 10: and performing ciphertext homomorphic calculation on the data of the DO according to the content of the DU request to obtain a data result DR, or generating a credible Proof based on a zero knowledge Proof.
Step 11: the DID of DO is provided for the DU.
Step 12: and performing uplink storage on the transaction process.
Step 13: and returning the stored result and the uplink transaction receipt to the data management module.
Step 14: the DR or Proof required for the DU is returned.
In the steps S1 to S14, the storage module stores the identification DID by using a distributed storage technology, homomorphic operation is performed on the encrypted data, and the result of homomorphic operation is DR and the zero-knowledge credibility certificate is Proof. The storage module mainly comprises two parts: world state and distributed storage. The world states may be further divided into MPTState and StorageState. Wherein the mptdate uses the MPT tree to store the state of the account, consistent with etherhouses. The StorageState uses a distributed storage table structure to store account states, does not store historical information, removes dependence on an MPT tree and has higher performance. Distributed storage (Advanced Mass Database, AMDB): by means of the abstract table structure, the SQL and NOSQL are unified, and by means of corresponding storage driving, various databases can be supported, and the level DB, the rocksDB and the MySQL are supported.
In the steps S1-S14, access control is adopted, and on one hand, the authority management and the identity management are performed on the user; another aspect is the application of access control, i.e., a landed encryption technique, to node-stored data. The data can be effectively prevented from being accessed under the condition of being separated from the intranet and being accessed under the condition of non-authorization.
In the steps S1 to S14, data privacy protection is adopted, homomorphic encryption and zero knowledge proof are mainly combined, cryptograph operation is performed in a homomorphic encryption manner during data use, and a zero knowledge proof technology is used for trusted proof in a scene where proof needs to be provided.
In the steps S1 to S14, an identity distribution technology is also adopted, and a distributed multi-center identity identification protocol based on WeIdentity DID is mainly used, so that the real identity of the entity (person or object) realizes the identity identification on the chain; meanwhile, the weldentity DID gives the Entity the ability to directly own and control the identity ID of the Entity, so as to selectively disclose or provide the identity certificate in the transaction process to achieve the purpose of identity privacy.
Specifically, the following describes three cores employed in this embodiment, including a block chain-based off-disk encryption technique, a homomorphic encryption and zero-knowledge proof technique, and a distributed identity-based identity privacy protection technique.
1. Description is made on block chain-based falling-disk encryption technology
The block chain deployment is participated in by multiple parties, and in order to simplify the construction of a multi-party collaboration environment, a public cloud deployment block chain is generally used. The mechanism deploys the nodes of the mechanism to the cloud, enables the service to interact with the nodes on the cloud, and achieves multi-party cooperation. In this architecture, security inside the institution, especially the financial institution, is high. Although the nodes are limited in the intranet through the isolation mechanism of the network, data cannot be stolen easily through the network, but the data is all hosted on the cloud, and as all participants can store one piece of data, under the extreme conditions that the security measures of the network and the system are neglected or the operation is improper, a certain piece of data can be accessed without authorization. The data disk can be effectively prevented from being broken or stolen by the disk falling encryption technology based on the FISCOBCOCOS, and the data leakage condition is avoided.
Specifically, the off-the-shelf encryption is performed by a Key (dataKey) held by the node itself and a global Key (superKey) managed by a Key Manager.
The node encrypts and decrypts the Encrypted data (Encrypted Space) by using the own dataKey. The node itself does not store the dataKey in the local disk, but stores the cipherDataKey after the dataKey is encrypted. When the node is started, the nepherDataKey is taken to request the Key Manager to acquire the DataKey. The dataKey is only in the memory of the node, and when the node is closed, the dataKey is automatically discarded.
The Key Manager holds a global superKey and is responsible for responding to authorization requests when all nodes are started. The Key Manager must be online when the node is started, and responds to the starting request of the node. When the node is started, the ciperDataKey is sent, the Key Manager decrypts the ciperDataKey by using the superKey, and if the decryption is successful, the datapKey of the node is returned to the node. Key Manager can only be accessed in the intranet, and an extranet outside the organization cannot access the Key Manager.
2. Description of homomorphic encryption and zero knowledge proof techniques
In this embodiment, homomorphic encryption and zero knowledge proof are used as the core of privacy protection, and when a transaction is completed in a blockchain by using homomorphic encryption and zero knowledge proof techniques, all input addresses in the same transaction belong to the same user set (the same person or an organization). The application layer needs to process the transaction data using the key pair (public key and private key) generated by the homomorphic encryption algorithm, and the processing process includes generating relevant evidence for various zero-knowledge proofs. And then, the application layer sends the encrypted transaction data and the relevant evidence to the blockchain network together, so that the blockchain endorsement node performs validity endorsement check on the transaction data. In the whole process, the transaction data processed by all the nodes are encrypted ciphertext, so that the privacy protection of the data is realized. The protocol design adopts the existing homomorphic encryption algorithm and zero knowledge proof algorithm, and can ensure the correctness. In this embodiment, homomorphic encryption and zero knowledge proof are combined to encrypt the data to be linked, so as to ensure privacy and security of the data on the link. And zero knowledge proof is adopted to ensure that the correctness of the constraint relation is proved to a verifier on the premise that a prover cannot reveal the plaintext of the proved data. As shown in fig. 2, the specific steps are as follows:
step 200: key initialization generates key generation functions, which are Setup, secretceyge and publicenggen functions, respectively. The system security parameters params1, params2 are generated by running Setup. For homomorphic encryption and zero knowledge proof, respectively.
Step 201: the client requests the privacy protection module to generate a public key Pk and a private key Sk of the user, which are specifically represented by the following formula:
step 202: and returning the Pk and the Sk to the client.
Step 203: the client requests data chaining, the request can be intercepted by the access control module, and the request is released after the authority is verified.
Step 204: and after receiving the permission passing message, the client prepares to generate a zero-knowledge proof or encrypt local data.
Step 205: the client encrypts the local data to generate a zero knowledge proof, and the specific formula of the local data encryption is as follows:
the specific formula of generating zero knowledge proof is as follows:
step 206: the client uploads the encrypted data or zero knowledge proof to the blockchain network interface.
Step 207: the network interface can verify the zero knowledge proof or calculate the ciphertext data according to the service scene.
Step 208: if ciphertext calculation is needed, a homomorphic encryption algorithm of the privacy protection module is continuously requested to perform homomorphic calculation, and the specific formula is as follows:
step 209: and returning the operation result sData to the requesting node.
Step 210: in a scene needing to verify zero knowledge proof, a verification algorithm of the zero knowledge proof is utilized to ensure the correctness of a data source and ensure the identity privacy of a user. The specific validation formula is as follows:
step 211: and returning the operation result or the proof to the interface layer, and judging by the interface layer according to the result.
Furthermore, in order to ensure that all transaction data are public and transparent in the blockchain, each participant can obtain complete data backup, and in order to prevent the current situation that enterprise business confidentiality and personal privacy are revealed to users and enterprises due to data tampering to bring great trouble, the embodiment selects different homomorphic encryption or zero knowledge proof encryption algorithms based on the homomorphic encryption and zero knowledge proof data privacy protection algorithm according to application scenes and design requirements of the blockchain, breaks through condition limitation of data privacy protection in the data sharing, cooperation and circulation processes, and ensures authenticity, validity, privacy and safety of data in multiple scenes.
In this embodiment, in the homomorphic encryption algorithm aspect, a fully homomorphic encryption algorithm GSW (a fully homomorphic encryption algorithm based on a lattice code) is selected, and a GSW scheme provides a homomorphic encryption scheme based on an approximate feature vector for solving the problems of complex re-linearization technology and large calculation amount in an LWE algorithm, and as a fully homomorphic encryption algorithm, the scheme has the characteristics of simpler calculation and easy understanding.
In the full homomorphism encryption algorithm based on the lattice code, the private key sk is expressed as a vector
Public key pk is denoted a and plaintext is denoted &>
And the ciphertext is denoted as C.
A Setup function for generating security parameters, a secetkeygen function for generating a private key, and a PublicKeyGen function for generating a public key are obtained.
In the set up function,
selecting a modulus q, <' > or>
Length of bit, lattice size parameter
And an error distribution function>
,/>
A system security parameter representing an encryption algorithm, <' > based on a key value>
Representing the number of layers of homomorphic operation; while selecting a parameter->
And a merge parameter->
,
,/>
(ii) a Function->
Representing the complexity; .
Among the SecretKeyGen functions, secretKeyGen (params) were sampled
The dimension of the representative vector t is n and belongs to a prime finite field, and the output private key sk = ^ is selected>
And satisfy >>
。
In the PublicKeyGen function, publicKeyGen (params, sk) uniformly and randomly generates a matrix
And vector->
Make->
Let A be selected from ^ n>
An n +1 column matrix, which is composed together with the n column matrix B, assuming that the public key pk = a.
The message encryption algorithm Enc (params, pk, mu) is used to encrypt the plaintext
,/>
Represents a finite field of prime numbers ranging (-q/2, q/2), and samples a mean matrix->
And outputting the ciphertext C, wherein the calculation formula is as follows:
wherein the BitDecomp (.) function represents the binary expansion of each bit of the input,
is its inverse function, scatter (.) function is->
。
Decrypting the ciphertext C to obtain a message decryption algorithm Decry (params, sk, C)
。
In some embodiments, the message decryption algorithm Decry (params, sk, C), two decryption algorithms Dec (params, sk, C) and MPDec (params, sk, C) are introduced;
dec can fully recover
In Dec (params, sk, C), the observation vector @>
Front->
Number of coefficient->
Let alone>
Let->
Is row i of C, calculate:
MPDec can recover arbitrary
In MPDec (params, sk, C), it is known that ` is present>
,/>
Front of
Has a coefficient of->
Therefore if satisfied +>
Then>
Front of
Has a coefficient of->
Wherein->
. Slave->
Middle recovery
And then slave>
To recover the next bestThe low significant bit, and so on, finally gets the plaintext->
(ii) a Wherein Small indicates that within the acceptable noise range, LSB indicates the Least Significant Bit (Least Significant Bit) refers to the 0 th Bit (i.e., the lowest Bit) in a binary digit, and the weight is 2^0, which can be used to detect the parity of the digit. And conversely, the most significant bit. In big endian, LSB refers to the rightmost bit. The least significant bit represents the smallest unit in a binary number and can be used to indicate a small change in the number.
Further, the full homomorphism is verified, which specifically comprises the following steps:
(a) The BSW scheme provides four homographies, multcost (multiplication constant), add (addition homography), mult (multiplication homography), and NAND (homography of NAND gates).
(b) MultConst(C,a)
Cipher text
Multiply by a known constant>
Is set>
And output
And then:
(c) Add
perform ciphertext addition, return
From the matrix properties, it is known that additive homomorphism is satisfied.
(d) Mult
Perform ciphertext multiplication, return
The following formula is obtained.
Observing noise
Is known to->
Is in the {0,1} range, so an important focus is on->
. Message
The smaller the value of (c), the smaller the increase in homomorphic operation error.
Therefore, a way of limiting the message space to small messages using NA boolean circuits of NAND operation, that is, NAND, is introduced
。
(e) NAND
Performing NAND operation, returning
The following formula is obtained.
The NAND operation remains homomorphic, and if the input message satisfies the {0,1} range, the output ciphertext will also be an encryption of {0,1}, thus ensuring
Is a small message in that->
And therefore the error of the multiplication is at most N +1.
Zero knowledge proof was originally proposed by the cryptologist of Goldwasser et al in 1985, who needed to prove that they know some secrets, but they did not present any useful relevant information about this secret, in order for the verifier to believe that they were correct. The verifier computationally translates the information they want to verify into proof in a zero knowledge proof, from which the verifier randomly generates a series of challenges. The prover needs to use his own secret information to accomplish these challenges, which last many times. If the prover is able to complete all the challenges randomly chosen by the verifier, then the zero-knowledge proof is verified through, and the verifier can trust that the prover knows the secret. This example studies the zero-knowledge proof of knowledge (zk-SNARK) algorithm, from QSP/QAP to Groth16. The algorithm proposed by Groth16, with very little attestation data (2/3 attestation data) and one expression validation. The following are examples of verification of zero knowledge proof:
let Q be a finite field, the elliptic curve be E, Q be a point on the elliptic curve E, and Q = nP, P be a public value, n be a secret. The proof and verification method of the public point P, Q and the elliptic curve E, zero knowledge proof is as follows:
the prover needs to prove to the verifier that he knows the secret n, but does not expose it, the following steps can be followed.
Setp1: provers randomly choose an integer, <. Calculates 1=,2= (-), and sends 1,2 to the verifier.
Setp2: the verifier randomly asks the prover to send i, i = 1,2, where 1=,2= -.
Setp3: after the prover receives i, verify if i = and 1+2= hold.
The above three steps are repeated m times until the prover believes that the prover knows the secret n.
The prover can be proven to have a 1/2 probability of successfully spoofing the verifier on each round because if the prover wants to successfully spoof the verifier without knowing the secret n, the prover can do the following:
the prover selects an integer r and notes 1=,2= -1 and then sends to the verifier as above, assuming the verifier asks the prover to transmit 1=, it can just provide r, when the prover successfully spoofs the verifier. Assuming that the verifier requests the transmission of a number 2 corresponding to 2, the prover cannot get 2 anyway because the prover does not know the secret n and getting the corresponding number 2 by 2 is a discrete logarithm problem based on elliptic curves. Thus, the prover has a 1/2 probability of being able to successfully spoof the verifier in each round, and after m rounds, the prover has a 1/2m probability of being able to successfully spoof the verifier. So after a sufficiently large number of times, if the prover answers correctly each time, the verifier trusts that the prover knows the secret n.
Through the above process, the prover proves itself to the verifier knowing the secret n without disclosing any information about n to the verifier. In a specific zero-knowledge proof application environment, firstly, a proof problem is converted into a circuit gate form and an R1CS constraint condition, and then a converted vector group is converted into a polynomial form, and the conversion process is called QAP. A pair of keys (ek, vk) is generated in the trusted setting phase, ek being used for generating proof conditions and vk being used for generating proof of verification.
3. Description of distributed identity-based identity privacy protection technology
In the traditional mode, the registration and identity management of a user completely depend on a single central registration mechanism; with the advent of distributed ledger technologies (e.g., blockchains), identity registration, identification, and management of distributed multicenter becomes possible. Aiming at the problem that identity and transaction anonymity are kept and meanwhile identity privacy disclosure is difficult to prevent by the blockchain technology, the embodiment researches the blockchain identity privacy protection technology for avoiding user identity information disclosure, and realizes high security of the anonymity and privacy of the user identity.
Researching a WeIdentity distributed multi-center technical solution based on FISCO BCOS, a WeIdentity DID module realizes a set of distributed multi-center identity identification protocol conforming to W3C DID specification on a FISCO-BCOS block chain bottom platform to realize the identity identification of an entity (person or object) on a chain; meanwhile, the weldentity DID gives the Entity the ability to directly own and control its own identity ID. In the real world, there are various data describing the identity of entities and relationships between entities, such as identification cards, driving licenses, deposit certificates, prescriptions, graduation certificates, property certificates, credit reports, etc. The weldentity Credential provides a set of solutions based on the W3C VC specification, aiming at standardizing and electronizing this kind of data, generating verifiable and exchangeable "credentials" (Credential), supporting selective disclosure of the attributes of the credentials, and generating chain-store credentials (evidences). The embodiment combines the distributed identity module and the verifiable digital certificate module to realize distributed and credible data management.
The WeIdentity can be widely applied to the entity identity and trusted data exchange scenarios, and in the WeIdentity ecology, the following different roles exist: user (Entity), i.e. User (Entity); issuer, the Issuer of certification; verifier, i.e., certified user.
The user (entity) will register its own WeIdentity DID in the chain, apply for certification from the issuer, and authorize forwarding or direct presentation to the user for use. The issuer is used to verify the entity's ownership of the weldentity DID and, secondly, issue entity-related proofs. The user verifies the entity's ownership of the weldentity DID and then verifies the authenticity of the certificate on the chain in order to handle the associated transaction.
By storing the real-world identity of the entity and the contents of the verifiable digital voucher down-link, the supporting entity minimizes or selectively reveals information to other institutions, while preventing any third party from back-guessing the identity of the entity in real-world or other scene semantics to achieve privacy protection. Firstly, generating independent and unique DID for different entities through a user agent; then, the issuer verifies the identity and DID ownership of the entity and issues various electronic certificates for the entity. When the entity needs to handle the business, the certificate can be directly shown to the user, or the certificate storage mechanism authorized before can forward the certificate to the user by the mode of performing active authorization and authorization on the chain to store the certificate uplink. The above process ensures that the data is centered on the entity user, and the operations of entity identity, right confirmation, authorization and the like are completed on the chain, and can be traced, verified and not tampered.
The distributed credible data transaction system and the distributed credible data transaction method supporting privacy protection can effectively overcome the pain points of traditional data management, such as defects in data trust, data access, data disaster recovery and the like; meanwhile, the problem that data and identity privacy after the block chain adding technology is revealed is mainly solved. The identity of a multi-party user is ensured not to be exposed or selectively exposed in the transaction process, and the privacy of user data is ensured by using a homomorphic calculation mode in the data calculation process. Meanwhile, for data stored on the chain, access control is performed on the stored content in a disk-down encryption and group isolation mode, and stored data leakage is prevented. The specific beneficial effects can be divided into the following two 2 aspects:
1) Protection aspect of data illegal use
The system is based on a unified digital identity system of a block chain platform, adopts a distributed identity authentication model based on authority control, changes the use logic of user data, transfers the right of the data from a host to a user, and really determines the access authority of the data by the user. The redundancy problem, the island problem, the privacy problem and the supervision problem in the operation process are effectively solved. The system has the following characteristics: firstly, identity uniqueness is realized, and identity credibility is improved by adopting identity information authentication based on DID; secondly, the privacy is strong, the participator has ownership, management right and control right on own digital identity and behavior data, and meanwhile, the data can be used and invisible by combining a zero-knowledge proof technology; thirdly, the supervision is strong, the user needs the authorization of the supervision mechanism when the identity is opened, and the supervision mechanism can conveniently supervise the users on the chain in real time. The system performs identity authentication and access control on data from multiple aspects of storage management, authority control, identity management and the like, and ensures that a data user can expose an interface for data access to the user on the basis of owning the data use right.
2) Data privacy security protection aspect
The system uses homomorphic encryption and zero knowledge proof to combine with an operation protocol to realize the protection of anonymous identity privacy and data privacy under different scenes. The data are calculated under the condition of ciphertext by using a homomorphic encryption algorithm without decryption, so that the data privacy is improved, and the ciphertext calculation is realized. The identity privacy protection and the proof generation verification can be given to the scene in which the two parties participate by using the zero-knowledge proof and the identity privacy protection technology based on the distributed identity. In the aspect of data storage, data storage privacy is guaranteed by using disk dropping encryption. The cost of data encryption and decryption calculation is reduced, and the privacy and the safety of the data are improved.
One important meaning of block chain privacy protection is to reduce real world privacy threats. The privacy security of the user cannot be completely guaranteed, but the user can master the data in the user by using a block chain technology, so that the leakage channel is reduced. The distributed high-credibility data management system and method supporting privacy protection have important significance in dealing with the embarrassment that the privacy leakage risk of the current block chain technology faces and the credibility cannot be guaranteed through traditional data management.
In summary, according to the distributed trusted data transaction method, system and device supporting privacy protection, in the data transaction process, the privacy protection of data in the storage process is guaranteed by introducing the off-disk encryption on the basis of distributed storage; in the transaction process, decentralized identity information is provided for a data provider and a data demander through a distributed multi-center identity identification protocol, so that the identity privacy of a user can be guaranteed; by introducing homomorphic encryption and zero knowledge proof in the transaction process, under the condition that the original text of the data is not required to be disclosed, transaction calculation or authentication service is provided for the user, and the privacy of transaction data is guaranteed.
In accordance with the method, the present invention also provides an apparatus/system, which includes a computer device, the computer device includes a processor and a memory, the memory stores computer instructions, the processor is configured to execute the computer instructions stored in the memory, and when the computer instructions are executed by the processor, the apparatus/system implements the steps of the method.
Embodiments of the present invention further provide a computer-readable storage medium, on which a computer program is stored, where the computer program is executed by a processor to implement the foregoing steps of the edge computing server deployment method. The computer readable storage medium may be a tangible storage medium such as Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, floppy disks, hard disks, removable storage disks, CD-ROMs, or any other form of storage medium known in the art.
Those of ordinary skill in the art will appreciate that the various illustrative components, systems, and methods described in connection with the embodiments disclosed herein may be implemented as hardware, software, or combinations thereof. Whether this is done in hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, plug-in, function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments can be stored in a machine-readable medium or transmitted by a data signal carried in a carrier wave over a transmission medium or a communication link.
It is to be understood that the invention is not limited to the specific arrangements and instrumentality described above and shown in the drawings. A detailed description of known methods is omitted herein for the sake of brevity. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications and additions or change the order between the steps after comprehending the spirit of the present invention.
Features that are described and/or illustrated with respect to one embodiment may be used in the same way or in a similar way in one or more other embodiments and/or in combination with or instead of the features of the other embodiments in the present invention.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made to the embodiment of the present invention by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A distributed trusted data transaction method supporting privacy protection, the method being performed by a data management module, the data management module further invoking a privacy protection module, a blockchain infrastructure, and a storage module through a data interface connection, the method comprising the steps of:
the data management module receives a data uploading request sent by a data provider, wherein the data uploading request contains first authority information of the data provider; verifying the first authority information, and receiving transaction data of the data provider under the condition that the first authority information passes the verification;
the data management module calls the privacy protection module to generate a first decentralized identity of the data provider by using a distributed multi-center-based identity identification protocol, and feeds the first decentralized identity back to the data provider; the privacy protection module encrypts the transaction data by adopting a homomorphic encryption algorithm to obtain a transaction ciphertext;
the data management module calls the block chain infrastructure to store the first decentralized identity and the transaction ciphertext in a distributed uplink mode to the storage module based on off-the-shelf encryption, obtains a first storage result and a first uplink transaction receipt and sends the first storage result and the first uplink transaction receipt to the data management module;
the data management module receives a data transaction request sent by a data demanding party, wherein the data transaction request comprises second authority information of the data demanding party; verifying the second authority information, and under the condition that the verification is passed, generating a second decentralized identity of the data demand party by the privacy protection module by using an identity identification protocol based on distributed multiple centers, and sending the second decentralized identity to the data demand party;
the data management module calls the privacy protection module to perform homomorphic calculation on the transaction ciphertext or generate a zero-knowledge proof according to the data transaction request;
the data management module calls the block chain infrastructure to acquire a first decentralized identity of a data provider corresponding to the data transaction request;
the data management module calls the privacy protection module to send the homomorphic calculation result or the zero-knowledge proof to the block chain infrastructure, and the block chain infrastructure performs encrypted distributed storage to the storage module based on a falling plate to obtain a second storage result and a second uplink transaction receipt;
the blockchain infrastructure sending the second stored result and the second uplink transaction receipt to the data management module;
and the data management module sends the homomorphic calculation result or the zero-knowledge proof to the data demand side and sends the trusted certificate containing the first decentralized identity to the data demand side.
2. The distributed trusted data transaction method supporting privacy protection as claimed in claim 1, wherein said privacy protection module encrypts said transaction data to obtain a transaction ciphertext using a homomorphic encryption algorithm, said homomorphic encryption algorithm using a lattice-based fully homomorphic encryption algorithm.
3. The distributed trusted data transaction method supporting privacy protection as claimed in claim 2, wherein in the lattice-cipher-based fully homomorphic encryption algorithm, the private key sk is represented as a vector
The public key pk is denoted A and the plaintext is denoted @>
Ciphertext is denoted as C;
acquiring a Setup function for generating security parameters, a SecretKeyGen function for generating a private key and a public KeyGen function for generating a public key;
in the set up function,
selecting a modulus q, <' > or>
Length of bit, lattice size parameter
And an error distribution function>
,/>
A system security parameter representing an encryption algorithm, device for combining or screening>
Representing the number of layers of homomorphic operation; while selecting a parameter->
And a merging parameter>
,
(ii) a Function->
Representing the complexity;
among the SecretKeyGen functions, secretKeyGen (params) was sampled
The dimension of the representative vector t is n and belongs to a prime finite field, and the output private key sk = ^ is selected>
And satisfy->
;
In the public KeyGen function, the public KeyGen (params, sk) uniformly and randomly generates a matrix
And vector->
In order to>
Let A be selected from ^ n>
An n +1 column matrix formed together with the n column matrix B, and a public key pk = A;
message encryption algorithm Enc (params, pk, mu) for encrypting plaintext
Represents a finite field of prime numbers ranging (-q/2, q/2), and samples a mean matrix->
And outputting the ciphertext C, wherein the calculation formula is as follows:
wherein the BitDecomp (.) function represents the binary expansion of each bit of the input,
is its inverse function, scatter (.) function is->
;
Decrypting the ciphertext C to obtain a message decryption algorithm Decry (params, sk, C)
。
4. The distributed trusted data transaction method supporting privacy protection as claimed in claim 3, wherein said message decryption algorithm Decry (params, sk, C) introduces two decryption algorithms Dec (params, sk, C) and MPDec (params, sk, C);
in Dec (params, sk, C), vectors are observed
Pre-or pre-X>
Multiple coefficients>
Let->
Let->
Is line i of C, calculate:
in MPDec (params, sk, C), it is known
,/>
Before->
Has a coefficient of->
Therefore if satisfied +>
Then>
Is pre->
Has a coefficient of->
Wherein->
(ii) a Slave->
Is recovered>
And then slave>
The next least significant bit is recovered, and so on, and finally the plaintext->
(ii) a Where Small indicates that it is within an acceptable noise range.
5. The distributed trusted data transaction method supporting privacy protection as claimed in claim 1, wherein the method employs a FISCO BCOS distributed storage architecture to store the first decentralized identity, the transaction cryptogram, the result of the homomorphic calculation and/or the zero knowledge proof.
6. A distributed trusted data transaction system supporting privacy protection, comprising:
a data management module, configured to connect clients of a data provider and a data demander, and execute the distributed trusted data transaction method supporting privacy protection according to any one of claims 1 to 5;
the privacy protection module is connected with the data management module through a data interface and is used for calling and executing a homomorphic encryption algorithm;
the blockchain infrastructure comprises a plurality of network nodes, is connected with the privacy protection module and the data management module and is used for accounting transactions;
and the storage module is used for storing the transaction data in a distributed mode.
7. The distributed trusted data transaction system that supports privacy protection as claimed in claim 6, wherein said storage module unifies SQL and NOSQL by an abstract table structure based on FISCO BCOS distributed storage architecture to support level DB, rocksDB and MySQL.
8. The distributed trusted data transaction system with privacy protection as claimed in claim 6, wherein said privacy protection module provides decentralized identities for clients of said data provider and said data consumer based on the identity protocol of the Weinity DID distributed multi-hub.
9. A distributed trusted data transaction apparatus supporting privacy protection comprising a processor and a memory, wherein the memory has stored therein computer instructions for executing computer instructions stored in the memory, which when executed by the processor, implements the steps of the method of any one of claims 1 to 5.
10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310021062.XA CN115913513B (en) | 2023-01-07 | 2023-01-07 | Distributed trusted data transaction method, system and device supporting privacy protection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310021062.XA CN115913513B (en) | 2023-01-07 | 2023-01-07 | Distributed trusted data transaction method, system and device supporting privacy protection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115913513A true CN115913513A (en) | 2023-04-04 |
| CN115913513B CN115913513B (en) | 2023-05-12 |
Family
ID=85771818
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310021062.XA Active CN115913513B (en) | 2023-01-07 | 2023-01-07 | Distributed trusted data transaction method, system and device supporting privacy protection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115913513B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116912002A (en) * | 2023-09-12 | 2023-10-20 | 深圳小米房产网络科技有限公司 | Real estate transaction system based on blockchain technology |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180234409A1 (en) * | 2017-02-13 | 2018-08-16 | Mark A. Nelson | Privacy ensured brokered identity federation |
| CN111090876A (en) * | 2020-03-18 | 2020-05-01 | 支付宝(杭州)信息技术有限公司 | Contract calling method and device |
| CN113411384A (en) * | 2021-06-10 | 2021-09-17 | 华中科技大学 | System and method for privacy protection in data security sharing process of Internet of things |
| CN114785511A (en) * | 2022-02-25 | 2022-07-22 | 蚂蚁区块链科技(上海)有限公司 | Certificate generation method and device, electronic device and storage medium |
| CN114900290A (en) * | 2022-03-07 | 2022-08-12 | 南京信息工程大学 | Data transaction model and privacy protection method based on block chain |
| CN115174091A (en) * | 2022-05-29 | 2022-10-11 | 北京理工大学 | Homomorphic encryption privacy protection method for distributed digital identity |
| CN115473664A (en) * | 2022-05-31 | 2022-12-13 | 北京邮电大学 | Credit data processing method and model based on block chain |
-
2023
- 2023-01-07 CN CN202310021062.XA patent/CN115913513B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180234409A1 (en) * | 2017-02-13 | 2018-08-16 | Mark A. Nelson | Privacy ensured brokered identity federation |
| CN111090876A (en) * | 2020-03-18 | 2020-05-01 | 支付宝(杭州)信息技术有限公司 | Contract calling method and device |
| CN113411384A (en) * | 2021-06-10 | 2021-09-17 | 华中科技大学 | System and method for privacy protection in data security sharing process of Internet of things |
| CN114785511A (en) * | 2022-02-25 | 2022-07-22 | 蚂蚁区块链科技(上海)有限公司 | Certificate generation method and device, electronic device and storage medium |
| CN114900290A (en) * | 2022-03-07 | 2022-08-12 | 南京信息工程大学 | Data transaction model and privacy protection method based on block chain |
| CN115174091A (en) * | 2022-05-29 | 2022-10-11 | 北京理工大学 | Homomorphic encryption privacy protection method for distributed digital identity |
| CN115473664A (en) * | 2022-05-31 | 2022-12-13 | 北京邮电大学 | Credit data processing method and model based on block chain |
Non-Patent Citations (1)
| Title |
|---|
| 黄勤龙 等: "云计算环境中支持隐私保护的数字版权保护方案", 通信学报 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116912002A (en) * | 2023-09-12 | 2023-10-20 | 深圳小米房产网络科技有限公司 | Real estate transaction system based on blockchain technology |
| CN116912002B (en) * | 2023-09-12 | 2023-12-12 | 深圳小米房产网络科技有限公司 | Real estate transaction system based on blockchain technology |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115913513B (en) | 2023-05-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108418680B (en) | Block chain key recovery method and medium based on secure multi-party computing technology | |
| US10673626B2 (en) | Threshold secret share authentication proof and secure blockchain voting with hardware security modules | |
| US11689371B2 (en) | Techniques for securing digital signatures using multi-party computation | |
| US11159307B2 (en) | Ad-hoc trusted groups on a blockchain | |
| WO2021114819A1 (en) | Methods for generating and executing smart contract transaction and device | |
| JP4639084B2 (en) | Encryption method and encryption apparatus for secure authentication | |
| US10116445B2 (en) | Method and system for protected exchange of data | |
| US20210218720A1 (en) | Systems and methods for secure custodial service | |
| CN114600419A (en) | Encrypted asset hosting system with equity certification blockchain support | |
| TW201914254A (en) | Method, apparatus and system for data encryption and decryption | |
| US9009464B2 (en) | Anonymous register system and method thereof | |
| US11405365B2 (en) | Method and apparatus for effecting a data-based activity | |
| CN115242555A (en) | Supervisable cross-chain private data sharing method and device | |
| CN115296838B (en) | Block chain-based data sharing method, system and storage medium | |
| CN109741068A (en) | Internetbank inter-bank contracting method, apparatus and system | |
| CN113393225B (en) | Digital currency encryption payment method and system | |
| CN114266069B (en) | House transaction electronic data sharing system and method based on blockchain technology | |
| CN112073196B (en) | Service data processing method and device, electronic equipment and storage medium | |
| CN111738857B (en) | Generation and verification method and device of concealed payment certificate applied to block chain | |
| CN115913513B (en) | Distributed trusted data transaction method, system and device supporting privacy protection | |
| Wu et al. | The survey on the development of secure multi-party computing in the blockchain | |
| US20240187256A1 (en) | Systems and methods for enforcing cryptographically secure actions in public, non-permissioned blockchains using bifurcated self-executing programs comprising shared digital signature requirements | |
| CN110519045B (en) | Anti-quantum computing alliance chain transaction method and system based on group asymmetric key pool | |
| CN113545004A (en) | Authentication system with reduced attack surface | |
| JP2023540739A (en) | A method for secure, traceable, and privacy-preserving digital currency transfers with anonymity revocation on a distributed ledger |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |