CN115913513B - Distributed trusted data transaction method, system and device supporting privacy protection - Google Patents
Distributed trusted data transaction method, system and device supporting privacy protection Download PDFInfo
- Publication number
- CN115913513B CN115913513B CN202310021062.XA CN202310021062A CN115913513B CN 115913513 B CN115913513 B CN 115913513B CN 202310021062 A CN202310021062 A CN 202310021062A CN 115913513 B CN115913513 B CN 115913513B
- Authority
- CN
- China
- Prior art keywords
- data
- transaction
- privacy protection
- distributed
- identity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 96
- 238000004364 calculation method Methods 0.000 claims abstract description 28
- 238000013523 data management Methods 0.000 claims description 69
- 238000004422 calculation algorithm Methods 0.000 claims description 56
- 230000006870 function Effects 0.000 claims description 43
- 238000012795 verification Methods 0.000 claims description 17
- 239000011159 matrix material Substances 0.000 claims description 15
- 239000013598 vector Substances 0.000 claims description 14
- 238000004590 computer program Methods 0.000 claims description 4
- 238000005070 sampling Methods 0.000 claims description 4
- 230000008569 process Effects 0.000 abstract description 34
- 238000005516 engineering process Methods 0.000 description 26
- 230000007246 mechanism Effects 0.000 description 12
- 238000004891 communication Methods 0.000 description 7
- 238000007726 management method Methods 0.000 description 7
- 230000008520 organization Effects 0.000 description 7
- 238000007792 addition Methods 0.000 description 5
- 230000008901 benefit Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 5
- 238000013500 data storage Methods 0.000 description 4
- 238000013475 authorization Methods 0.000 description 3
- 230000008859 change Effects 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012546 transfer Methods 0.000 description 3
- 230000006399 behavior Effects 0.000 description 2
- 239000003795 chemical substances by application Substances 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 230000001419 dependent effect Effects 0.000 description 2
- 238000002955 isolation Methods 0.000 description 2
- 238000011084 recovery Methods 0.000 description 2
- YSCNMFDFYJUPEF-OWOJBTEDSA-N 4,4'-diisothiocyano-trans-stilbene-2,2'-disulfonic acid Chemical compound OS(=O)(=O)C1=CC(N=C=S)=CC=C1\C=C\C1=CC=C(N=C=S)C=C1S(O)(=O)=O YSCNMFDFYJUPEF-OWOJBTEDSA-N 0.000 description 1
- RWSOTUBLDIXVET-UHFFFAOYSA-N Dihydrogen sulfide Chemical compound S RWSOTUBLDIXVET-UHFFFAOYSA-N 0.000 description 1
- 102000018210 Recoverin Human genes 0.000 description 1
- 108010076570 Recoverin Proteins 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013480 data collection Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000002085 persistent effect Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000013589 supplement Substances 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a distributed trusted data transaction method, a system and a device supporting privacy protection, wherein in the data transaction process, the privacy protection of data in the storage process is ensured by introducing disc-falling encryption on the basis of distributed storage; in the transaction process, the decentralized identity information is provided for a data provider and a data demander through a distributed multi-center identity identification protocol, so that the identity privacy of a user can be ensured; by introducing homomorphic encryption and zero knowledge proof in the transaction process, service of transaction calculation or authentication is provided for users under the condition that data originals do not need to be disclosed, and transaction data privacy is guaranteed.
Description
Technical Field
The invention relates to the technical field of blockchains, in particular to a distributed trusted data transaction method, system and device supporting privacy protection.
Background
In the increasingly popular large environment of internet applications, a large number of applications need to record the events, behaviors, and states that occur in a database for future queries, i.e., for persistent storage. The traditional method adopts a data management service platform as a fair third party to carry out unified accounting, all inquiry operations of transaction information are processed on the platform, and data of other institutions and organizations are added to the transaction service platform in an access mode. In this traditional centralized billing approach, the primary transaction information is stored on a single billing party, which is a "logically" centralized storage mode, i.e., the transaction data is stored on and managed by a unique party to a service.
The centralized accounting mode has the problem of data access performance, namely an accounting party needs to store multiple copies of data in order to ensure reliability, thereby causing performance bottleneck of data access; data trust issues, i.e., transaction data may be tampered with by the billing party and not verified, so each party needs to fully trust the billing party; and the problem of data disaster recovery is that the data is difficult to recover after the billing party is attacked. Therefore, the traditional centralized billing mode has the defects of low storage efficiency, poor credibility, easy attack and the like.
With the popularity of cryptocurrency and decentralised applications, blockchain technology has received great attention from various industries. From a data management perspective, a blockchain may be viewed as a ledger that is commonly maintained and not tampered with by numerous untrusted nodes in a distributed environment. Because the nodes are mutually unreliable, the blockchain ensures the consistency of data storage through a consensus protocol, and the decentralised data management is realized. The data management technology based on the block chain distributes the overlarge authority to all node participants through a chain structure and a distributed consensus mechanism of the block chain, avoids the possibility of maliciously damaging data by a centralized third party with overlarge authority, and can effectively solve the problems of centralized authority and true and reliable data faced by the traditional data management.
The blockchain system provides better distribution, transparency and credibility in a billing mode and provides a tamper-proof verification mechanism and an intelligent contract mechanism in functions compared with the traditional distributed database system, so that the blockchain system is more suitable for anonymous use in an untrusted environment. However, the blockchain technology also faces serious privacy disclosure problems while improving efficiency, reducing cost and improving data security. One is link data privacy and threat, including link data information such as transaction privacy, account address privacy, user identity privacy, etc. The system can construct intelligent contract transaction after the user initiates the function call, a plurality of nodes in the blockchain system can process the transaction, the operation and data related to the transaction are required to be opened to all nodes, and the problem of privacy leakage exists when the application scene of sensitive data is processed, such as voting scheme, medical data collection and the like.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method, a system, and an apparatus for distributed trusted data transaction supporting privacy protection, so as to eliminate or improve one or more drawbacks existing in the prior art, and solve the problem that the existing blockchain technology cannot guarantee the private data due to a transparent trust mechanism.
In one aspect, the present invention provides a distributed trusted data transaction method supporting privacy protection, the method being performed by a data management module, the data management module further invoking a privacy protection module, a blockchain infrastructure and a storage module through a data interface connection, the method comprising the steps of:
receiving a data uploading request sent by a data provider by the data management module, wherein the data uploading request comprises first authority information of the data provider; verifying the first authority information, and receiving transaction data of the data provider under the condition that verification is passed;
the data management module invokes the privacy protection module to generate a first decentralised identity of the data provider by using an identity identification protocol based on a distributed multi-center, and feeds the first decentralised identity back to the data provider; the privacy protection module encrypts the transaction data by adopting a homomorphic encryption algorithm to obtain a transaction ciphertext;
the data management module invokes the blockchain infrastructure to store the first decentralised identity and the transaction ciphertext in a distributed uplink manner to the storage module based on falling disk encryption, and obtains a first storage result and a first uplink transaction receipt which are sent to the data management module;
Receiving a data transaction request sent by a data demand party by the data management module, wherein the data transaction request comprises second authority information of the data demand party; verifying the second authority information, and under the condition that verification is passed, generating a second decentralised identity of the data requiring party by using an identity identification protocol based on a distributed multi-center by using the privacy protection module, and sending the second decentralised identity to the data requiring party;
the data management module calls the privacy protection module to perform homomorphic calculation on the transaction ciphertext or generate zero knowledge proof according to the data transaction request;
the data management module invokes the blockchain infrastructure to acquire a first decentralised identity of a data provider corresponding to the data transaction request;
the data management module calls the privacy protection module to send the homomorphic calculation result or the zero knowledge proof to the blockchain infrastructure, and the blockchain infrastructure performs distributed storage to the storage module based on the disc-falling encryption to obtain a second storage result and a second uplink transaction receipt;
the blockchain infrastructure sending the second stored result and the second uplink transaction receipt to the data management module;
The data management module sends the results of the homomorphic calculation or the zero knowledge proof to the data demander and sends a trusted credential containing the first decentralized identity to the data demander.
In some embodiments, the privacy protection module encrypts the transaction data to obtain a transaction context using a homomorphic encryption algorithm that uses a homomorphic encryption algorithm based on a lattice password.
In some embodiments, the private key sk is represented as a vector in the homomorphic encryption algorithm of the base Yu Ge cipher
Public key pk is denoted as A and plaintext is denoted as +.>
Ciphertext is denoted as C;
acquiring a Setup function for generating security parameters, a SecretKeyGen function for generating a private key and a PublicKeyGen function for generating a public key;
in the set function, the set function is used,
selecting a modulus q,
Bit length, lattice size parameter->
And error distribution function->
,
System security parameters representing encryption algorithm +.>
The number of layers representing homomorphic operation; simultaneously select the parameters->
And combining parameters->
,
,
The method comprises the steps of carrying out a first treatment on the surface of the Function->
Representing complexity;
in the SecretKeyGen function, secretKeyGen (params) samples
The dimension representing the vector t is n and belongs to prime finite field, and the output private key sk= = -j >
And meet->
;
In the publicKeyGen function, a matrix is uniformly and randomly generated by publicKeyGen (params, sk)
Sum vector->
Let->
Let A be->
An n+1 column matrix composed with n column matrices B, provided with a public key pk=a;
message encryption algorithm Enc (params, pk, μ), which is encryption of plaintext
,
Representing prime finite field, the range is (-q/2, q/2), sampling an average matrix>
The ciphertext C is output as follows:
wherein the BitDecomp ()'s function represents that each bit of the input is spread out in binary,
is an inverse function of the current,the Flatten (& gt) function is +.>
;
Message decryption algorithm Decry (params, sk, C), decrypting ciphertext C
。
In some embodiments, the message decryption algorithm Decry (params, sk, C), two decryption algorithms Dec (params, sk, C) and MPDEc (params, sk, C) are introduced;
in Dec (params, sk, C), the vectors are observed
Front->
Personal coefficient->
Let->
Let->
Is line i of C, calculate:
MPDec (params, sk, C) is known to
,
Before->
The number of coefficients is
Thus if it meets->
Then->
Before->
The number of coefficients is->
Wherein
. From->
Middle recovery->
Then from->
The next least significant bit is recovered, and so on, finally the plaintext ++>
The method comprises the steps of carrying out a first treatment on the surface of the Wherein Small represents within an acceptable noise range.
In some embodiments, the method stores the first decentralized identity, the transaction ciphertext, the homomorphic calculation result, and/or the zero knowledge proof using a fsco BCOS distributed storage architecture.
In another aspect, the present invention also provides a distributed trusted data transaction system supporting privacy protection, including:
the data management module is used for connecting the data provider and the client of the data demander and executing the distributed trusted data transaction method supporting privacy protection;
the privacy protection module is connected with the data management module through a data interface and is used for calling and executing homomorphic encryption algorithms;
a blockchain infrastructure comprising a plurality of network nodes connecting the privacy protection module and the data management module for accounting transactions;
and the storage module is used for storing the transaction data in a distributed mode.
In some embodiments, the storage module unifies SQL and NOSQL through abstract table structures to support LevelDB, rocksDB and MySQL based on the FISCO BCOS distributed storage architecture.
In some embodiments, the privacy protection module provides the data provider and the data demander's clients with decentralized identities based on a WeIdentity DID distributed multi-centric identity protocol.
In another aspect, the present invention also provides a distributed trusted data transaction apparatus supporting privacy protection, including a processor and a memory, wherein the memory stores computer instructions, and the processor is configured to execute the computer instructions stored in the memory, and when the computer instructions are executed by the processor, the apparatus implements the steps of the method.
In another aspect, the present invention also provides a computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of the above method.
The invention has the advantages that:
according to the distributed trusted data transaction method, system and device supporting privacy protection, in the data transaction process, the privacy protection of data in the storage process is ensured by introducing the landing disc encryption on the basis of distributed storage; in the transaction process, the decentralized identity information is provided for a data provider and a data demander through a distributed multi-center identity identification protocol, so that the identity privacy of a user can be ensured; by introducing homomorphic encryption and zero knowledge proof in the transaction process, service of transaction calculation or authentication is provided for users under the condition that data originals do not need to be disclosed, and transaction data privacy is guaranteed.
Additional advantages, objects, and features of the invention will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the invention. The objectives and other advantages of the invention may be realized and attained by the structure particularly pointed out in the written description and drawings.
It will be appreciated by those skilled in the art that the objects and advantages that can be achieved with the present invention are not limited to the above-described specific ones, and that the above and other objects that can be achieved with the present invention will be more clearly understood from the following detailed description.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate and together with the description serve to explain the invention. In the drawings:
fig. 1 is a flowchart of a distributed trusted data transaction method supporting privacy protection according to an embodiment of the present invention.
Fig. 2 is a timing diagram of an algorithm protocol based on homomorphic encryption and zero knowledge proof according to another embodiment of the invention.
Detailed Description
The present invention will be described in further detail with reference to the following embodiments and the accompanying drawings, in order to make the objects, technical solutions and advantages of the present invention more apparent. The exemplary embodiments of the present invention and the descriptions thereof are used herein to explain the present invention, but are not intended to limit the invention.
It should be noted here that, in order to avoid obscuring the present invention due to unnecessary details, only structures and/or processing steps closely related to the solution according to the present invention are shown in the drawings, while other details not greatly related to the present invention are omitted.
It should be emphasized that the term "comprises/comprising" when used herein is taken to specify the presence of stated features, elements, steps or components, but does not preclude the presence or addition of one or more other features, elements, steps or components.
It is also noted herein that the term "coupled" may refer to not only a direct connection, but also an indirect connection in which an intermediate is present, unless otherwise specified.
Hereinafter, embodiments of the present invention will be described with reference to the accompanying drawings. In the drawings, the same reference numerals represent the same or similar components, or the same or similar steps.
Traditional data management stores data in a third party with public trust through encryption, and binds information such as time stamps, operators and the like to prove the reliability of source information. In the process of accessing and verifying the data, a third party needs unconditionally to be trusted, the authority of the third party is too concentrated, and if the third party maliciously falsifies or deletes the data, the data cannot be verified, and the data cannot be ensured to be real and reliable. The data management technology based on the blockchain can establish a high-efficiency transparent trust mechanism, and effectively solves the trust problem of authority centralization faced by the traditional data management in the processes of access and use. However, there are still a number of data management issues in the development of blockchain applications, such as data privacy, scalability, and latency. Aiming at the problems, the invention provides a distributed trusted data management system and a distributed trusted data management method supporting privacy protection, which can effectively solve the pain point of traditional centralized data management and realize privacy protection from three aspects of storage privacy, data privacy and identity privacy. The privacy protection technology and the blockchain data management technology are used to supplement each other in a mode of combining the privacy protection technology and the blockchain data management technology, so that confidentiality, integrity, usability, authentication and non-repudiation of the information system are guaranteed. The system stores and processes the data, and realizes the safe and usable data under the condition of ensuring privacy.
In particular, in one aspect, the present invention provides a distributed trusted data transaction method supporting privacy protection, the method being performed by a data management module that also invokes a privacy protection module, a blockchain infrastructure, and a storage module via a data interface connection. In the actual operation process, the data management module and the privacy protection module can adopt independent hardware and can also be loaded on an intelligent agent of the blockchain network for operation.
The method comprises the following steps S101-S109:
step S101: receiving a data uploading request sent by a data provider by a data management module, wherein the data uploading request comprises first authority information of the data provider; and verifying the first authority information, and receiving transaction data of the data provider under the condition that the verification is passed.
Step S102: the data management module calls the privacy protection module to generate a first decentralised identity of the data provider by using an identity identification protocol based on a distributed multi-center, and feeds the first decentralised identity back to the data provider; the privacy protection module encrypts transaction data by adopting a homomorphic encryption algorithm to obtain transaction ciphertext.
Step S103: the data management module invokes the blockchain infrastructure to store the first decentralised identity and the transaction ciphertext in a distributed uplink manner to the storage module based on the falling disk encryption, obtains a first storage result and a first uplink transaction receipt, and sends the first storage result and the first uplink transaction receipt to the data management module.
Step S104: the data management module receives a data transaction request sent by a data demand party, wherein the data transaction request comprises second authority information of the data demand party; and verifying the second authority information, and generating a second decentralised identity of the data requiring party by the privacy protection module by using an identity identification protocol based on a distributed multi-center and sending the second decentralised identity to the data requiring party under the condition that verification is passed.
Step S105: the data management module calls the privacy protection module to perform homomorphic calculation on the transaction ciphertext or generate zero knowledge proof according to the data transaction request.
Step S106: the data management module invokes the blockchain infrastructure to obtain a first decentralized identity of a data provider corresponding to the data transaction request.
Step S107: the data management module calls the privacy protection module to send the homomorphic calculation result or the zero knowledge proof to the blockchain infrastructure, and the blockchain infrastructure performs distributed storage to the storage module based on the drop disc encryption to obtain a second storage result and a second uplink transaction receipt.
Step S108: the blockchain infrastructure sends the second stored result and the second uplink transaction receipt to the data management module.
Step S109: the data management module sends the homomorphic computed result or zero knowledge proof to the data demander and sends the trusted voucher containing the first decentralized identity to the data demander.
In step S101, the data provider makes a data upload request for data that needs to be stored in the uplink, where the first permission information of the data provider may add an identity in a specific field to confirm that the data provider has permission to upload the data. The first authority information may mark not only a main body having data uploading authority, but also a type, a data format, a data length, etc. of data that is allowed to be uploaded. Only if the verification is passed, the subsequent upload operation is allowed to be performed, and if the verification is not passed, the transaction is stopped.
In step S102, the embodiment is based on the distributed multi-center identity protocol, which is the identity DID, and may be that the user selectively reveals or provides identity in the transaction process, so as to achieve the purpose of identity privacy protection. The distributed digital identity claims that the user manages and controls the digital identity, and the different users do not depend on a third party for secure communication. The DID identifier and the secret key managed by the user are used for registering the distributed digital identity data of the distributed account book, so that the point-to-point mutual authentication and the safety communication requirements based on the DID are met. For communication between two points, the working principle of secure communication is still based on the traditional PKI challenge-response mechanism and the negotiation data encryption mode. The bottom layer protocol of the secure communication can use HTTP, RPC, bluetooth, NFC or other protocols, and becomes a standard communication mode of end-to-end interconnection and intercommunication among different solutions; for all nodes of the whole network, authentication interaction based on an asymmetric key mode can be realized between nodes representing any different entity identities through an identity key wallet deployed at a decentralization server and a personal client and a DID distributed account book shared by the whole network, and finally, the whole network trust is realized through trust transfer among the entities.
In this embodiment, homomorphic encryption (Homomorphic Encryption) is introduced, after the original data is homomorphic encrypted, specific operation is performed on the obtained ciphertext, and then the plaintext obtained after homomorphic decryption of the calculation result is equivalent to the data result obtained by directly performing the same calculation on the original plaintext data. In homomorphic encryption, other users can process the encrypted data, any original content cannot be revealed in the process, decryption is performed after the data processing is completed, and the result obtained after the same processing is performed on the original data is obtained. The data processing safety performance can be improved, and the data privacy is ensured.
In step S103, the present application uses a disk-drop encryption technique for distributed storage, where disk-drop encryption is performed inside the organization. In an intranet environment of an organization, each organization independently encrypts hard disk data of a node. When the hard disk of the machine where the node is located is taken away from the mechanism, and the node is started in a network outside the intranet of the mechanism, the hard disk data cannot be decrypted, and the node cannot be started. And thus cannot steal data on the federation chain. Therefore, privacy protection in the data storage process can be effectively realized by a disc-dropping encryption mode.
In step S104, corresponding to step S101, the authority of the data demander is also required to be checked to confirm that it has the access authority of the corresponding data. The form and content of the second authority information may be set with reference to the first authority information. The second decentralised identity is provided for the data requiring party through the Weientity DID protocol, so that the identity privacy of the data requiring party can be effectively protected.
In step S105, based on the data transaction request, the privacy protection module performs homomorphic calculation or generates a zero knowledge proof on the required transaction ciphertext. Specifically, homomorphic encryption is adopted for computing the data needing to be computed, and zero knowledge proof is provided for the data needing to be proved.
In steps S106-S109, the first de-centralized identity is synchronously sent to the data demander to prove that the provided homomorphic calculation result or zero knowledge proof is indeed derived from the required data provider, and the transaction process is stored and recorded in a uplink manner.
In some embodiments, in step S102, the privacy protection module encrypts the transaction data to obtain the transaction secret using a homomorphic encryption algorithm, where the homomorphic encryption algorithm uses a homomorphic encryption algorithm of the base Yu Ge password. Corresponding step S105, the calculation is also performed using the homomorphic encryption algorithm.
Specifically, in the isomorphic encryption algorithm based on the lattice password, the private key sk is expressed as a vector
Public key pk is denoted as A and plaintext is denoted as +.>
The ciphertext is denoted as C.
A Setup function for generating security parameters, a SecretKeyGen function for generating a private key, and a PublicKeyGen function for generating a public key are obtained.
In the Setup function, the function of the set,
selecting a modulus q,
Bit length, lattice size parameter
And error distribution function->
,
And->
Representation and->
、
Related (I)>
System security parameters representing encryption algorithm +.>
Indicating the number of layers for homomorphic operation. Simultaneously select the parameters->
And combining parameters->
,
,
The method comprises the steps of carrying out a first treatment on the surface of the Function->
Representing complexity.
SecretKeyGen (params) samples in the SecretKeyGen function
The dimension representing the vector t is n and belongs to prime finite field, and the output private key sk= = -j>
And meet->
。
In the publicKeyGen function, publicKeyGen (params, sk) uniformly randomly generates a matrix
Sum vector->
Let->
Let A be->
The n+1 column matrix, which is composed together with the n column matrix B, is set with public key pk=a.
Message encryption algorithm Enc (params, pk, μ), which is encryption of plaintext
,
Representing prime finite field, the range is (-q/2, q/2), sampling an average matrix>
The ciphertext C is output as follows:
wherein the BitDecomp ()'s function represents that each bit of the input is spread out in binary, 
Is an inverse function thereof, the Flatten ()'s function is +.>
。
Message decryption algorithm Decry (params, sk, C), decrypting ciphertext C
。
In some embodiments, the message decryption algorithm Decry (params, sk, C), two decryption algorithms Dec (params, sk, C) and MPDec (params, sk, C) are introduced;
dec can fully recover information
In Dec (params, sk, C), the observation vector +.>
Front->
Personal coefficient->
Let->
Let->
Is line i of C, calculate:
MPDec can recover arbitrary
In MPDEC (params, sk, C), it is known +.>
,
Before->
The number of coefficients is->
Thus if it meets->
Then->
Before->
The number of coefficients is
Wherein->
. From->
Middle recovery->
Then from
The next least significant bit is recovered, and so on, finally the plaintext ++>
The method comprises the steps of carrying out a first treatment on the surface of the Wherein Small represents within an acceptable noise range, such as q/4; LSB means least significant bit (Least Significant Bit) which refers to the 0 th (i.e., least significant) bit of a binary digit, and has a weight of 2^0, which can be used to detect the parity of a number. And is otherwise referred to as the most significant bit. In the big endian, LSB refers to the rightmost bit. The least significant bit represents the smallest unit in a binary number and can be used to indicate a small change in number.
In some embodiments, in steps S101 to S109, the method uses a fsco BCOS distributed storage architecture to store the first decentralized identity, the transaction ciphertext, the homomorphic calculation result, and/or the zero knowledge proof.
In another aspect, the present invention also provides a distributed trusted data transaction system supporting privacy protection, including:
the data management module is used for connecting the data provider and the client of the data demander and executing the distributed trusted data transaction method supporting privacy protection;
the privacy protection module is connected with the data management module through a data interface and is used for calling and executing homomorphic encryption algorithms;
a blockchain infrastructure comprising a plurality of network nodes connecting the privacy protection module and the data management module for accounting transactions;
and the storage module is used for storing the transaction data in a distributed mode.
In some embodiments, the storage module unifies SQL and NOSQL through abstract table structures to support LevelDB, rocksDB and MySQL based on the FISCO BCOS distributed storage architecture.
In some embodiments, the privacy protection module provides the data provider and the client of the data demander with decentralized identities based on a identity protocol of a Weientity DID distributed multi-center.
In another aspect, the present invention also provides a distributed trusted data transaction apparatus supporting privacy protection, including a processor and a memory, wherein the memory stores computer instructions, and the processor is configured to execute the computer instructions stored in the memory, and when the computer instructions are executed by the processor, the apparatus implements the steps of the method.
In another aspect, the present invention also provides a computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of the above method.
The invention is illustrated below with reference to specific examples:
the distributed trusted data transaction system supporting privacy protection is constructed and comprises a data management module, wherein the data management module is connected with a calling privacy protection module, a blockchain infrastructure and a storage module through a data interface. The provider and the sharer of the definition data are DO, the demander and the user of the definition data are DU, the unique identification of the definition decentralization is DID, the homomorphic operation result is DR, and the zero knowledge credibility is Proof.
The embodiment provides a distributed trusted data transaction method supporting privacy protection, as shown in fig. 1, which comprises the following specific steps:
Step 1: the DO initiates a data uploading request according to the service requirement, and the request reaches the data management module.
Step 2: the data management module firstly verifies the access authority of the DO, and receives the data of the requesting party after the authority passes.
Step 3: and generating DID for the identity of the DO, performing privacy protection processing on the data of the DO, and encrypting by using an encryption algorithm of homomorphic encryption.
Step 4: the DID is returned to DO.
Step 5: and carrying out distributed storage on the ciphertext data and the DID. Firstly, carrying out storage access control according to the right of DO, and carrying out ciphertext data and DID uplink after the right passes.
Step 6: and returning the stored result and the uplink transaction receipt to the data management module.
Step 7: and returning a message of successful data uplink to the DO.
Step 8: the DU initiates a request for acquiring data and sends the request content to the data management module.
Step 9: and (3) performing access permission verification on the DU, and generating the DID of the DU after the permission passes and returning the DID to the DU.
Step 10: and performing ciphertext homomorphic calculation on the DO data according to the content of the DU request to obtain a data result DR, or generating a trusted Proof based on zero knowledge Proof.
Step 11: the DID of DO is provided for the DU.
Step 12: and (5) carrying out uplink storage on the transaction process.
Step 13: and returning the stored result and the uplink transaction receipt to the data management module.
Step 14: DR or Proof required for return DUs.
In the steps S1-S14, the storage module stores the identification DID by adopting a distributed storage technology, homomorphic operation is carried out on the encrypted data, and the homomorphic operation result is DR and the zero knowledge trusted Proof is Proof. The memory module mainly comprises two parts: world state and distributed storage. World states can be further divided into mptsate and StorageState. Wherein, MPTState uses MPT tree to store account status, consistent with Ethernet. The StorageState uses a distributed stored table structure to store account states, history information is not stored, dependence on MPT trees is eliminated, and the performance is higher. Distributed storage (Advanced Mass Database, AMDB): through the abstract table structure, the unification of SQL and NOSQL is realized, and through realizing corresponding storage drive, various databases can be supported, and LevelDB, rocksDB and MySQL are supported.
In the steps S1-S14, access control is adopted, on one hand, aiming at authority management and identity management of a user; another aspect is access control for node storage data, namely the application of drop disc encryption technology. The method can effectively prevent the data from being accessed and unauthorized to be accessed under the condition of being separated from the intranet.
In the steps S1-S14, data privacy protection is adopted, homomorphic encryption and zero knowledge proof are mainly combined, ciphertext operation is carried out in a homomorphic encryption mode in the data use process, and trusted proof is carried out in a scene needing to be provided with proof by using a zero knowledge proof technology.
In the steps S1-S14, a distributed identity technology is adopted, and a distributed multi-center identity protocol based on a WeIdentityDID is mainly used, so that the real identity of an entity (person or object) realizes the identity identification on a chain; meanwhile, the WeIdentityDID gives the Entity (person or object) the ability of directly owning and controlling the own identity ID, so that the purpose of selectively disclosing or providing identity in the transaction process to achieve identity privacy is achieved.
Specifically, three cores adopted in the present embodiment are described below, including a blocking-chain-based disk-drop encryption technology, a homomorphic encryption and zero knowledge proof technology, and a distributed identity-based identity privacy protection technology.
1. Description of a blocking-chain-based drop disc encryption technique
Blockchain deployment is multi-party, and public clouds are typically used to deploy blockchains in order to simplify the construction of multi-party collaboration environments. The mechanism deploys the nodes of the mechanism to the cloud, so that the service interacts with the nodes on the cloud, and multiparty cooperation is realized. In this architecture, security inside the institution is very high, especially for financial institutions. Although the nodes are limited in an 'intranet' through an isolation mechanism of the network, the data cannot be easily stolen through the network, but the data are all hosted on the cloud, and as all participants can store one piece of data, under extreme conditions of overlooking or improper operation of network and system security measures, the condition that one piece of data is unauthorized to be accessed can occur. The falling disk encryption technology based on the FISCOBCOS can effectively prevent the data disk from being broken or stolen, and avoid the occurrence of data leakage.
Specifically, the disk-drop encryption is completed through a Key (dataKey) held by the node itself and a global Key (superKey) managed by a Key Manager.
The node encrypts and decrypts the Encrypted data (Encrypted Space) by using its dataKey. The node itself does not store the dataKey in the local disk, but rather stores the ciphererdatakey after it is encrypted. When the node is started, the daciferDataKey is requested to the Key Manager to acquire the dataKey. The dataKey is only in the memory of the node, and is automatically discarded after the node is closed.
Key Manager holds global superKey and is responsible for responding to authorization requests when all nodes are started. Key Manager must be online when the node is started, and responds to the start request of the node. When the node is started, the transmitted cipherer dataKey is decrypted by the Key Manager, and if the decryption is successful, the dataKey of the node is returned to the node. Key Manager can only be accessed on the intranet, and the external network outside the organization cannot access the Key Manager.
2. Description of homomorphic encryption and zero knowledge proof techniques
In this embodiment, homomorphic encryption and zero knowledge proof are used as the core of privacy protection, and when a transaction is completed in a blockchain using homomorphic encryption and zero knowledge proof techniques, all input addresses in the same transaction are affiliated to the same user set (same person or organization). The application layer needs to process the transaction data using key pairs (public and private keys) generated by homomorphic encryption algorithms, including generating relevant evidence for various zero knowledge proofs. The application layer then sends the encrypted transaction data and the related evidence to the blockchain network, so that the blockchain endorsement node performs legal endorsement verification on the transaction data. In the whole process, transaction data processed by all nodes are encrypted ciphertext, so that the privacy protection of the data is realized. The protocol design adopts the existing homomorphic encryption algorithm and zero knowledge proof algorithm, so that the correctness can be ensured. In this embodiment, homomorphic encryption and zero knowledge proof are combined, and data to be uplinked is encrypted, so that the privacy and security of the data on the chain are ensured. Zero knowledge proof is adopted to ensure that the correctness of the constraint relation is proved to the verifier on the premise that the prover does not reveal the plaintext of the data to be proved. As shown in fig. 2, the specific steps are as follows:
Step 200: key initialization generates key generation functions, namely Setup, secretKeyGe and PublickeyGen functions, respectively. The system security parameters params1, params2 are generated by running Setup. Respectively used for homomorphic encryption and zero knowledge proof.
Step 201: the client requests the privacy protection module to generate a public key Pk and a private key Sk of the user, and the specific formula is as follows:
step 202: and returning the Pk and Sk to the client.
Step 203: the client requests data to be uplink, the request can be intercepted by the access control module, and the request is released after the authority is verified.
Step 204: after receiving the permission passing message, the client prepares to generate zero knowledge proof or encrypt local data.
Step 205: the client encrypts the local data to generate zero knowledge proof, and the specific formula of the local data encryption is as follows:
the specific formula for generating the zero knowledge proof is as follows:
step 206: the client uploads encrypted data or zero knowledge proof to the blockchain network interface.
Step 207: the network interface may verify the zero knowledge proof or calculate the ciphertext data according to the service scenario.
Step 208: if ciphertext calculation is needed, the homomorphic encryption algorithm of the privacy protection module is continuously requested to perform homomorphic calculation, and the specific formula is as follows:
Step 209: and returning the operation result sData to the request node.
Step 210: in the scene of needing to verify the zero knowledge proof, a verification algorithm of the zero knowledge proof is utilized to ensure the correctness of the data source, and meanwhile, the identity privacy of the user can be ensured. The specific verification formula is as follows:
step 211: and returning the operation result or the evidence to the interface layer, and judging by the interface layer according to the result.
Furthermore, in order to ensure that all transaction data are public and transparent in a blockchain, each participant can obtain complete data backup, and in order to prevent the current situation that enterprise business confidentiality and personal privacy are revealed to users and enterprises due to data tampering, the embodiment selects different homomorphic encryption or zero knowledge proof encryption algorithms according to requirements of a blockchain application scene and design based on the homomorphic encryption or zero knowledge proof data privacy protection algorithms, breaks through the condition limit of data privacy protection in the processes of data sharing, collaboration and circulation, and ensures the authenticity, effectiveness, privacy and safety of the data in multiple scenes.
In this embodiment, the homomorphic encryption algorithm GSW (homomorphic encryption algorithm based on lattice password) is selected in terms of homomorphic encryption algorithm, and the GSW scheme provides a homomorphic encryption scheme based on an approximate feature vector as a complete homomorphic encryption algorithm, which has the characteristics of simpler computation and easy understanding, aiming at the problems of complex re-linearization technology and large calculation amount in the LWE algorithm.
In the isomorphic encryption algorithm based on the lattice cipher, the private key sk is expressed as a vector
Public key pk is denoted as A and plaintext is denoted as +.>
The ciphertext is denoted as C.
A Setup function for generating security parameters, a SecretKeyGen function for generating a private key, and a PublicKeyGen function for generating a public key are obtained.
In the Setup function, the function of the set,
selecting a modulus q,
Bit length, lattice size parameter
And error distribution function->
,
System security parameters representing encryption algorithm +.>
The number of layers representing homomorphic operation; simultaneously select the parameters->
And combining parameters->
,
,
The method comprises the steps of carrying out a first treatment on the surface of the Function->
Representing complexity; .
SecretKeyGen (params) samples in the SecretKeyGen function
The dimension representing the vector t is n and belongs to prime finite field, and the output private key sk= = -j>
And meet->
。
In the publicKeyGen function, publicKeyGen (params, sk) uniformly randomly generates a matrix
Sum vector->
Let->
Let A be->
The n+1 column matrix, which is composed together with the n column matrix B, is set with public key pk=a.
Message encryption algorithm Enc (params, pk, μ), which is encryption of plaintext
,
Representing prime finite field, the range is (-q/2, q/2), sampling an average matrix>
The ciphertext C is output as follows: />
Wherein the BitDecomp ()'s function represents that each bit of the input is spread out in binary, 
Is an inverse function thereof, the Flatten ()'s function is +.>
。
Message decryption algorithm Decry (params, sk, C), decrypting ciphertext C
。
In some embodiments, the message decryption algorithm Decry (params, sk, C), two decryption algorithms Dec (params, sk, C) and MPDec (params, sk, C) are introduced;
dec can fully recover
In Dec (params, sk, C), the observation vector +.>
Front->
Personal coefficient->
Let the
Let->
Is line i of C, calculate:
MPDec can recover arbitrary
In MPDEC (params, sk, C), it is known +.>
,
Before->
The number of coefficients is->
Thus if it meets->
Then->
Before->
The number of coefficients is
Wherein->
. From->
Middle recovery->
Then from
The next least significant bit is recovered, and so on, finally the plaintext ++>
The method comprises the steps of carrying out a first treatment on the surface of the Where Small indicates that within an acceptable noise range, LSB indicates the least significant bit (Least Significant Bit) which is the 0 th (i.e., least significant) bit of a binary digit, and has a weight of 2^0, which can be used to detect the parity of the number. And is otherwise referred to as the most significant bit. In the big endian, LSB refers to the rightmost bit. The least significant bit represents the smallest unit in a binary number and can be used to indicate that the number is smallAnd (3) a change.
Further, the full homomorphism is verified as follows:
(a) The BSW scheme provides four homomorphisms, multConst (multiplication constant), add (addition homomorphism), mult (multiplication homomorphism) and NAND (homomorphism of NAND gates), respectively.
(b) MultConst(C,a)
Ciphertext is sent to
Multiplying by a known constant>
Setting->
And output
Then:
(c) Add
perform ciphertext addition and return
The addition homomorphism is satisfied according to the matrix property.
(d) Mult
Performing ciphertext multiplication and returning
The following formula can be used.
Observation noise
Known->
The value of (2) is within {0,1}, and thus focus on +.>
. Message->
The smaller the value of (c), the smaller the increase in homomorphic operation error.
Thus, a way of limiting the message space to small messages, i.e. NAND, is introduced using NA Boolean circuits of NAND operation
。
(e) NAND
Execute NAND operation, return
The following formula can be used.
The NAND operation remains homomorphic, and if the input message satisfies the {0,1} range, the output ciphertext will also be the {0,1} encryption, thus ensuring
Is a small message due to->
The error of the multiplication is therefore at most n+1.
Zero knowledge proof was at the earliest the concept proposed by cryptologists such as goldwassser in 1985 that the prover needs to prove that they know some secret, but that they can let the verifier believe that they are correct without presenting any useful relevant information about this secret. The verifier converts the information they want to verify into evidence in a zero knowledge proof by calculation, and the verifier randomly generates a series of challenges from this information. The prover then needs to complete these challenges with the secret information he has, and the challenge process continues multiple times. If the prover is able to complete all the challenges randomly chosen by the verifier, then zero knowledge proof is verified, and the verifier can trust that the prover knows this secret. This example studies the zero knowledge proof (zk-SNARK) algorithm from QSP/QAP to Groth16. The algorithm proposed by Groth16 has very few proof data (2/3 proof data) and one expression validation. The following is an example of verification of zero knowledge proof:
Let Q be a finite field, the elliptic curve be E, Q be a point on the elliptic curve E, q=np, P be the public value, n be the secret. The points P, Q and elliptic curve E are disclosed, and the zero knowledge proof and verification method is as follows:
the prover needs to prove to the verifier that he knows the secret n, but does not expose it, and can proceed as follows.
Setp1: the prover randomly selects an integer <. Calculate 1=, 2= (-), and send 1,2 to the verifier.
Setp2: the verifier randomly asks the prover to send i, i=1, 2, where 1=, 2= -.
Setp3: after the prover receives i, it verifies whether i=and 1+2=are true.
The above three steps are repeated m times until the prover believes that the prover knows the secret n.
The probability that the prover can successfully spoof the verifier per round can be proved to be 1/2 because if the prover does not know the secret n, the prover wants to successfully spoof the verifier, the prover can proceed as follows:
the prover selects an integer r and notes 1=, 2= -1, which is then sent to the verifier in the above steps, assuming that the verifier asks the prover to transmit 1=, which just can provide r, when the prover successfully spoofs the verifier. Assuming that the verifier requires the transfer of the number 2 corresponding to 2, the prover cannot get 2 anyway because the prover does not know the secret n, while getting the corresponding number 2 through 2 is a discrete logarithm problem based on an elliptic curve. Thus, the prover has a probability of 1/2 of each round of being able to successfully spoof the verifier, and after m rounds of the prover has a probability of 1/2m of being able to successfully spoof the verifier. So after a sufficiently large number of times, the verifier believes that the prover knows the secret n if the prover answers correctly each time.
Through the above-described procedure, the prover proves to the verifier that he knows the secret n by himself without revealing any information about n to the verifier. In a specific zero knowledge proof application environment, the problem of proof is first converted into a form of a circuit gate and an R1CS constraint, and then the converted vector group is converted into a form of a polynomial, and the conversion process is called QAP. A pair of keys (ek, vk) is generated during a trusted setup phase, ek being used to generate attestation conditions, vk being used to generate verification attestations.
3. Description of identity privacy protection techniques based on distributed identities
In the traditional way, the registration and identity management of users are completely dependent on a single central registration authority; with the advent of distributed ledger technology (e.g., blockchain), distributed multi-centric identity registration, identification, and management is possible. Aiming at the problem that the blockchain technology is difficult to prevent the disclosure of the identity privacy while keeping the anonymity of the identity and the transaction, the embodiment researches the blockchain identity privacy protection technology for avoiding the disclosure of the user identity information, and realizes the high security of the anonymity and the privacy of the user identity.
The technical solution of WeIdentity distributed multi-center based on the FISCO BCOS is researched, a WeIdentity DID module realizes a set of distributed multi-center identification protocol conforming to the W3C DID standard on a FISCO-BCOS block chain bottom layer platform, so that the real identity of an entity (person or object) realizes the identity identification on the chain; meanwhile, the WeIdentityDID gives the Entity the ability to directly own and control its own identity ID. There are a variety of data in the real world that describe the identity of entities, relationships between entities, such as identification cards, travel cards, deposit certificates, prescriptions, graduation cards, house property cards, credit reports, etc. WeIdentity Credential provides a complete set of solutions based on the W3C VC specification, aimed at standardizing, electronically, generating verifiable, exchangeable "credentials", supporting selective disclosure of the attributes of the credentials, and generating on-chain Evidence (authentication). The embodiment combines the distributed identity module and the verifiable digital certificate module to realize the distributed trusted data management.
The Weientity can be widely applied to entity identity identification and trusted data exchange scenes, and in the Weientity ecology, the following different roles exist: user (Entity), i.e. User (Entity); issuer, i.e., the Issuer of the certificate; verifiers, i.e., authenticated users.
The user (entity) will register his own identity DID on the chain, apply for proof from the issuer, and authorize forwarding or presentation directly to the user for use. The issuer is used to verify the ownership of the entity to the WeIdentity DID and then issues entity-related certificates. The user will verify the ownership of the entity to the WeIdentity DID and then verify the authenticity of the proof on the chain to handle the relevant business.
By storing the entity's real identity and the content of the verifiable digital voucher in a chain, the supporting entity minimizes or selectively reveals information to other institutions while preventing any third party from reverse-inferring the entity's identity in the real world or other scene semantics to achieve privacy protection. Firstly, generating independent and unique DIDs for different entities through a user agent; second, the issuer verifies the identity and DID ownership of the entity, issuing a variety of electronic certificates for the entity. When the entity needs to transact business, the certificate can be directly presented to the user, or the certificate can be forwarded to the user by a certificate storage mechanism with the prior authorization in a mode of actively authorizing and authorizing the certificate to be uploaded on a chain. The above flow ensures that the data is centered on the entity user, and the operations of entity identity, authorization and the like are finished on the chain, so that the operation can be traced, verified and not tampered.
The distributed trusted data transaction system and the method supporting privacy protection can effectively overcome the defects of the traditional data management such as data trust, data access and data disaster recovery; and meanwhile, the problem of data and identity privacy disclosure after the blockchain technology is added is mainly solved. The method and the system ensure that the identities of the multiparty users are not exposed or selectively exposed in the transaction process, and ensure the privacy of the user data in a homomorphic calculation mode in the data calculation process. And meanwhile, for the data stored on the chain, access control is carried out on the storage content by using a falling disk encryption and group isolation mode, so that the leakage of the storage data is prevented. The specific beneficial effects can be divided into the following two aspects:
1) Protection aspect for illegal use of data
The system is based on a unified digital identity system of a blockchain platform, adopts a distributed identity authentication model based on authority control, changes the use logic of user data, transfers the right of the data from a hosting party to a user, and really determines the access authority of the data by the user. The method effectively solves the problems of redundancy, island, privacy and supervision in the operation process. The system has the following characteristics: firstly, identity uniqueness, identity information authentication based on DID is adopted, so that identity credibility is improved; secondly, the privacy is strong, the participators have ownership, management and control rights to own digital identity and behavior data, and meanwhile, the zero knowledge proof technology can be combined, so that the data can be used and invisible; thirdly, the system is strong in supervision, and users need to be authorized by a supervision organization when the identities are opened, so that the supervision organization is convenient to supervise users on the chain in real time. The system performs identity authentication and access control on data from multiple aspects such as storage management, authority control and identity management, and ensures that a data user can expose an interface for data access to the user on the basis of having data use rights.
2) Data privacy security protection aspect
The system uses homomorphic encryption and zero knowledge proof to combine operation protocol to realize identity anonymity privacy protection and data privacy protection under different scenes. The full homomorphic encryption algorithm is used for realizing calculation of data under the ciphertext condition, decryption is not needed, and the data privacy is improved, so that ciphertext calculation is realized. The zero knowledge proof and the identity privacy protection technology based on the distributed identity can be used for giving identity privacy protection and proof generation verification to scenes in which both parties participate. In the aspect of data storage, the data storage privacy is ensured by using the drop disc encryption. The cost of data encryption and decryption calculation is reduced, and the privacy and safety of the data are improved.
One important meaning of blockchain privacy preservation is to reduce real-world privacy threats. The privacy security of the user cannot be completely guaranteed, but the data of the user can be mastered in the user by using a block chain technology, so that the leakage channel is reduced. The distributed high-credibility data management system and method supporting privacy protection have important significance in dealing with the current blockchain technology facing privacy disclosure risks and the embarrassment that the traditional data management cannot guarantee credibility.
In summary, according to the distributed trusted data transaction method, system and device supporting privacy protection, in the data transaction process, privacy protection of data in the storage process is ensured by introducing disc-falling encryption on the basis of distributed storage; in the transaction process, the decentralized identity information is provided for a data provider and a data demander through a distributed multi-center identity identification protocol, so that the identity privacy of a user can be ensured; by introducing homomorphic encryption and zero knowledge proof in the transaction process, service of transaction calculation or authentication is provided for users under the condition that data originals do not need to be disclosed, and transaction data privacy is guaranteed.
Accordingly, the present invention also provides an apparatus/system comprising a computer device including a processor and a memory, the memory having stored therein computer instructions for executing the computer instructions stored in the memory, the apparatus/system implementing the steps of the method as described above when the computer instructions are executed by the processor.
The embodiments of the present invention also provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the edge computing server deployment method described above. The computer readable storage medium may be a tangible storage medium such as Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, floppy disks, hard disk, a removable memory disk, a CD-ROM, or any other form of storage medium known in the art.
Those of ordinary skill in the art will appreciate that the various illustrative components, systems, and methods described in connection with the embodiments disclosed herein can be implemented as hardware, software, or a combination of both. The particular implementation is hardware or software dependent on the specific application of the solution and the design constraints. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, a plug-in, a function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine readable medium or transmitted over transmission media or communication links by a data signal carried in a carrier wave.
It should be understood that the invention is not limited to the particular arrangements and instrumentality described above and shown in the drawings. For the sake of brevity, a detailed description of known methods is omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and shown, and those skilled in the art can make various changes, modifications and additions, or change the order between steps, after appreciating the spirit of the present invention.
In this disclosure, features that are described and/or illustrated with respect to one embodiment may be used in the same way or in a similar way in one or more other embodiments and/or in combination with or instead of the features of the other embodiments.
The above description is only of the preferred embodiments of the present invention and is not intended to limit the present invention, and various modifications and variations can be made to the embodiments of the present invention by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. A distributed trusted data transaction method supporting privacy protection, the method being performed by a data management module that also invokes a privacy protection module, a blockchain infrastructure, and a storage module via a data interface connection, the method comprising the steps of:
receiving a data uploading request sent by a data provider by the data management module, wherein the data uploading request comprises first authority information of the data provider; verifying the first authority information, and receiving transaction data of the data provider under the condition that verification is passed;
The data management module invokes the privacy protection module to generate a first decentralised identity of the data provider by using an identity identification protocol based on a distributed multi-center, and feeds the first decentralised identity back to the data provider; the privacy protection module encrypts the transaction data by adopting a homomorphic encryption algorithm to obtain a transaction ciphertext;
the data management module invokes the blockchain infrastructure to store the first decentralised identity and the transaction ciphertext in a distributed uplink manner to the storage module based on falling disk encryption, and obtains a first storage result and a first uplink transaction receipt which are sent to the data management module;
receiving a data transaction request sent by a data demand party by the data management module, wherein the data transaction request comprises second authority information of the data demand party; verifying the second authority information, and under the condition that verification is passed, generating a second decentralised identity of the data requiring party by using an identity identification protocol based on a distributed multi-center by using the privacy protection module, and sending the second decentralised identity to the data requiring party;
the data management module calls the privacy protection module to perform homomorphic calculation on the transaction ciphertext or generate zero knowledge proof according to the data transaction request;
The data management module invokes the blockchain infrastructure to acquire a first decentralised identity of a data provider corresponding to the data transaction request;
the data management module calls the privacy protection module to send the homomorphic calculation result or the zero knowledge proof to the blockchain infrastructure, and the blockchain infrastructure performs distributed storage to the storage module based on the disc-falling encryption to obtain a second storage result and a second uplink transaction receipt;
the blockchain infrastructure sending the second stored result and the second uplink transaction receipt to the data management module;
the data management module sends the results of the homomorphic calculation or the zero knowledge proof to the data demander and sends a trusted credential containing the first decentralized identity to the data demander.
2. The method for transaction of distributed trusted data supporting privacy protection according to claim 1, wherein the privacy protection module encrypts the transaction data by using a homomorphic encryption algorithm to obtain a transaction context, and the homomorphic encryption algorithm uses a homomorphic encryption algorithm based on a lattice password.
3. The privacy preserving distributed trusted data transaction method as claimed in claim 2, whichCharacterized in that, in the isomorphic encryption algorithm based on the lattice password, the private key sk is expressed as a vector
Public key pk is denoted as A and plaintext is denoted as +.>
Ciphertext is denoted as C;
acquiring a Setup function for generating security parameters, a SecretKeyGen function for generating a private key and a PublicKeyGen function for generating a public key;
in the set function, the set function is used,
selecting a modulus q,
Bit length, lattice size parameter
And error distribution function->
,
System security parameters representing encryption algorithm +.>
The number of layers representing homomorphic operation; simultaneously select the parameters->
And combining parameters->
,
The method comprises the steps of carrying out a first treatment on the surface of the Function->
Representing complexity;
in the SecretKeyGen function, secretKeyGen (params) samples
The dimension representing the vector t is n and belongs to prime finite field, and the output private key sk= = -j>
And meet->
;
In the publicKeyGen function, a matrix is uniformly and randomly generated by publicKeyGen (params, sk)
Sum vector->
Let->
Let A be->
An n+1 column matrix composed with n column matrices B, provided with a public key pk=a;
message encryption algorithm Enc (params, pk, μ), which is encryption of plaintext
Representing prime finite field, the range is (-q/2, q/2), sampling an average matrix >
The ciphertext C is output as follows:
wherein the BitDecomp ()'s function represents that each bit of the input is spread out in binary,
is an inverse function thereof, the Flatten ()'s function is +.>
;
Message decryption algorithm Decry (params, sk, C), decrypting ciphertext C
。
4. A distributed trusted data transaction method supporting privacy protection as claimed in claim 3, wherein said message decryption algorithm Dec (params, sk, C) is introduced with two decryption algorithms Dec (params, sk, C) and MPDec (params, sk, C);
in Dec (params, sk, C), the vectors are observed
Front->
Personal coefficient->
Let->
Let->
Is line i of C, calculate:
MPDec (params, sk, C) is known to
,
Before->
The number of coefficients is->
Thus if it meets->
Then->
Before->
The number of coefficients is->
Wherein->
The method comprises the steps of carrying out a first treatment on the surface of the From->
Middle recovery->
Then from->
The next least significant bit is recovered, and so on, finally the plaintext ++>
The method comprises the steps of carrying out a first treatment on the surface of the Wherein Small represents within an acceptable noise range.
5. The privacy preserving distributed trusted data transaction method of claim 1, wherein said method employs a fsco BCOS distributed storage architecture to store said first de-centralized identity, said transaction ciphertext, results of said homomorphic computation, and/or said zero knowledge proof.
6. A distributed trusted data transaction system supporting privacy protection, comprising:
a data management module for connecting the data provider and the data demander's clients and performing the distributed trusted data transaction method supporting privacy protection as claimed in any one of claims 1 to 5;
the privacy protection module is connected with the data management module through a data interface and is used for calling and executing homomorphic encryption algorithms;
a blockchain infrastructure comprising a plurality of network nodes connecting the privacy protection module and the data management module for accounting transactions;
and the storage module is used for storing the transaction data in a distributed mode.
7. The privacy preserving distributed trusted data transaction system of claim 6 wherein the storage module unifies SQL and NOSQL via abstract table structures based on a fsco BCOS distributed storage architecture to support LevelDB, rocksDB and MySQL.
8. The privacy preserving distributed trusted data transaction system of claim 6 wherein the privacy preserving module provides de-centralized identification for the data provider and the data demander's clients based on the identification protocol of the weidity DID distributed multi-center.
9. A distributed trusted data transaction device supporting privacy protection, comprising a processor and a memory, wherein said memory has stored therein computer instructions for executing the computer instructions stored in said memory, which when executed by the processor, implement the steps of the method of any one of claims 1 to 5.
10. A computer readable storage medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements the steps of the method according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310021062.XA CN115913513B (en) | 2023-01-07 | 2023-01-07 | Distributed trusted data transaction method, system and device supporting privacy protection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310021062.XA CN115913513B (en) | 2023-01-07 | 2023-01-07 | Distributed trusted data transaction method, system and device supporting privacy protection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115913513A CN115913513A (en) | 2023-04-04 |
| CN115913513B true CN115913513B (en) | 2023-05-12 |
Family
ID=85771818
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310021062.XA Active CN115913513B (en) | 2023-01-07 | 2023-01-07 | Distributed trusted data transaction method, system and device supporting privacy protection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115913513B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116912002B (en) * | 2023-09-12 | 2023-12-12 | 深圳小米房产网络科技有限公司 | Real estate transaction system based on blockchain technology |
| CN118233214A (en) * | 2024-05-14 | 2024-06-21 | 广州信安数据有限公司 | Ciphertext data sharing method, system and computer program product based on onion encryption |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111090876A (en) * | 2020-03-18 | 2020-05-01 | 支付宝(杭州)信息技术有限公司 | Contract calling method and device |
| CN113411384A (en) * | 2021-06-10 | 2021-09-17 | 华中科技大学 | System and method for privacy protection in data security sharing process of Internet of things |
| CN114785511A (en) * | 2022-02-25 | 2022-07-22 | 蚂蚁区块链科技(上海)有限公司 | Certificate generation method and device, electronic device and storage medium |
| CN114900290A (en) * | 2022-03-07 | 2022-08-12 | 南京信息工程大学 | Data transaction model and privacy protection method based on block chain |
| CN115174091A (en) * | 2022-05-29 | 2022-10-11 | 北京理工大学 | Homomorphic encryption privacy protection method for distributed digital identity |
| CN115473664A (en) * | 2022-05-31 | 2022-12-13 | 北京邮电大学 | Credit data processing method and model based on block chain |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11082418B2 (en) * | 2017-02-13 | 2021-08-03 | Avalanche Cloud Corporation | Privacy ensured brokered identity federation |
-
2023
- 2023-01-07 CN CN202310021062.XA patent/CN115913513B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111090876A (en) * | 2020-03-18 | 2020-05-01 | 支付宝(杭州)信息技术有限公司 | Contract calling method and device |
| CN113411384A (en) * | 2021-06-10 | 2021-09-17 | 华中科技大学 | System and method for privacy protection in data security sharing process of Internet of things |
| CN114785511A (en) * | 2022-02-25 | 2022-07-22 | 蚂蚁区块链科技(上海)有限公司 | Certificate generation method and device, electronic device and storage medium |
| CN114900290A (en) * | 2022-03-07 | 2022-08-12 | 南京信息工程大学 | Data transaction model and privacy protection method based on block chain |
| CN115174091A (en) * | 2022-05-29 | 2022-10-11 | 北京理工大学 | Homomorphic encryption privacy protection method for distributed digital identity |
| CN115473664A (en) * | 2022-05-31 | 2022-12-13 | 北京邮电大学 | Credit data processing method and model based on block chain |
Non-Patent Citations (1)
| Title |
|---|
| 云计算环境中支持隐私保护的数字版权保护方案;黄勤龙 等;通信学报;第35卷(第02期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115913513A (en) | 2023-04-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108418680B (en) | Block chain key recovery method and medium based on secure multi-party computing technology | |
| US11689366B2 (en) | Cryptoasset custodial system with vault-specific rules governing different actions allowed for different vaults | |
| US11301845B2 (en) | Cryptoasset custodial system with proof-of-stake blockchain support | |
| US10673626B2 (en) | Threshold secret share authentication proof and secure blockchain voting with hardware security modules | |
| US12088568B2 (en) | Systems and methods for secure key service | |
| US11159307B2 (en) | Ad-hoc trusted groups on a blockchain | |
| CN115913513B (en) | Distributed trusted data transaction method, system and device supporting privacy protection | |
| US9009464B2 (en) | Anonymous register system and method thereof | |
| CN109462472A (en) | The methods, devices and systems of data encryption and decryption | |
| CN115296838B (en) | Block chain-based data sharing method, system and storage medium | |
| CN104917780A (en) | Systems and methods for securing data in motion | |
| CN114631286A (en) | Encrypted asset hosting system with custom logic | |
| CN109741068A (en) | Internetbank inter-bank contracting method, apparatus and system | |
| CN113393225B (en) | Digital currency encryption payment method and system | |
| CN115242555A (en) | Supervisable cross-chain private data sharing method and device | |
| CN114866323B (en) | User-controllable privacy data authorization sharing system and method | |
| CN114051031B (en) | Encryption communication method, system, equipment and storage medium based on distributed identity | |
| CN113643134B (en) | Internet of things blockchain transaction method and system based on multi-key homomorphic encryption | |
| CN114266069B (en) | House transaction electronic data sharing system and method based on blockchain technology | |
| CN112073196B (en) | Service data processing method and device, electronic equipment and storage medium | |
| Huynh et al. | A reliability guaranteed solution for data storing and sharing | |
| Wu et al. | The survey on the development of secure multi-party computing in the blockchain | |
| JP2023540739A (en) | A method for secure, traceable, and privacy-preserving digital currency transfers with anonymity revocation on a distributed ledger | |
| CN110266483B (en) | Quantum communication service station key negotiation method, system and device based on asymmetric key pool pair and QKD | |
| CN113545004A (en) | Authentication system with reduced attack surface |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |