CN116541880A - Knowledge signature-based blockchain transaction identity privacy protection and traceability method and system - Google Patents

Knowledge signature-based blockchain transaction identity privacy protection and traceability method and system Download PDF

Info

Publication number
CN116541880A
CN116541880A CN202310481129.8A CN202310481129A CN116541880A CN 116541880 A CN116541880 A CN 116541880A CN 202310481129 A CN202310481129 A CN 202310481129A CN 116541880 A CN116541880 A CN 116541880A
Authority
CN
China
Prior art keywords
transaction
tracking
user
identity
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310481129.8A
Other languages
Chinese (zh)
Inventor
谢晴晴
杨念民
冯霞
宋亮晴
李晨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu University
Original Assignee
Jiangsu University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu University filed Critical Jiangsu University
Priority to CN202310481129.8A priority Critical patent/CN116541880A/en
Publication of CN116541880A publication Critical patent/CN116541880A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Marketing (AREA)
  • Technology Law (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a blockchain transaction identity privacy protection and traceability method and system based on knowledge signature. The knowledge signature is applied to the blockchain system, so that the strong anonymity and traceability of the user identity are realized; and the transaction supervision function is realized by supervising the encrypted ciphertext and the tracking tag. In addition, the invention introduces a key sharing technology on the basis of supervision, realizes multiparty supervision, and avoids the problem of rights abuse caused by a single supervision organization. The invention provides conditional identity anonymity for the blockchain application user, and solves the contradiction problem between privacy protection and traceability of the blockchain user identity.

Description

Knowledge signature-based blockchain transaction identity privacy protection and traceability method and system
Technical Field
The invention relates to an information security technology, in particular to a blockchain transaction identity privacy protection and traceability method and system based on knowledge signature.
Background
In recent years, the emerging technology of blockchain is increasingly subject to the risk of privacy disclosure due to the continuous development and application of the technology to various fields. The blockchain transaction address does not require real-name authentication and is not associated with identity information such as network address, cell phone number, address, etc. Blockchains have a degree of anonymity. But the blockchain transaction records are all published in the form of plaintext in the account book, and an attacker can detect the identity privacy of the user through means such as address association.
To solve this problem, related scholars have proposed a centralized coin scheme, but the centralized coin scheme is prone to asset theft. For this reason, related scholars have proposed de-centralized coin schemes in turn, but such schemes require all participants to be online, subject to denial of service attacks, and long mixing times. Moreover, while all users 'transactions are mixed together, an attacker may masquerade as an internal node analyzing the mixed transactions, thus stealing the user's identity privacy. In pursuit of a stronger level of anonymity, the relevant scholars use cryptographic tools to protect user identity privacy, such as zero knowledge proof, ring signature, etc. ZeroCoin and zeroflash are two typical cryptocurrencies that use zero knowledge proof techniques to prove that there is an unexpired coin in the confusion set. The door coin uses a ring signature technique and a one-time public key technique to protect user identity privacy.
However, the complete anonymity of blockchain transaction identity is not desirable, because the completely anonymized blockchain transaction provides convenience for illegal activities, and blockchain mediated money laundering crimes, munitions smuggling, drug transactions, etc. are increasingly rampant, increasing the difficulty of government law enforcement in implementing supervision. Thus transaction identity privacy protection in blockchains needs to be balanced between privacy and custody.
Disclosure of Invention
The invention aims to: the invention aims to solve the defects in the prior art and provides a blockchain transaction identity privacy protection and traceability method and system based on knowledge signature; the invention combines the disposable public key, the knowledge signature and the anonymous certificate to realize the strong anonymity and authenticability of the user identity; and the transaction supervision function is realized by supervising the encrypted ciphertext and the tracking tag. In addition, the key sharing technology is introduced on the basis of supervision, so that multiparty supervision is realized, and the problem of authority abuse caused by a single supervision organization is avoided.
The technical scheme is as follows: the invention discloses a blockchain transaction identity privacy protection and traceability method based on knowledge signature, which comprises the following steps:
s1, generating initial parameters by system setting
The identity authentication mechanism generates and publishes a system parameter pp; tracking mechanism cooperatively generates tracking sub public and private keys<Tpk s ,Tsk s >And tracking the public key TPK; the identity authentication mechanism generates its own public and private keys<pk R ,sk R >;
S2, identity registration
User of transaction User i Generating public key pk for application registration by asymmetric encryption algorithm i And private key sk i And to put its own identity ID i And public key pk i Sending the request to an identity authentication mechanism for authentication; after the identity authentication mechanism successfully verifies the identity of the user, a short randomized signature algorithm is adopted to carry out public key pk on the user i Signature, the signature result is delta i The method comprises the steps of carrying out a first treatment on the surface of the The identity authority then generates a registration transaction (pk R ,pk i ,flag=RE,δ i ) And propagating the transaction into a blockchain network, wherein flag = RE indicates that the transaction type is a registered transaction; after the verification node verifies that the signature passes, uploading the registered transaction to a blockchain; where the transaction User includes a transaction initiator User u And transaction recipient User v
S3, constructing transaction
The transaction initiator is used for protecting the identity privacy of both transaction parties and realizing supervision, and needs to reconstruct transaction input and output, and the construction transaction method is as follows:
s3.1 transaction initiator User u To protect self privacy, the public keys of some users are randomly selected to be taken as input public keys along with the self public keysAnd calculate tracking mark T g The method comprises the steps of carrying out a first treatment on the surface of the Then signing by using a knowledge signature technology, wherein the signature result is delta'; wherein User represents a set of transaction input users;
s3.2, in order to protect the privacy of the receiver, the transaction initiator User u Acquiring transaction recipient User v Identity public key pk v For which a disposable address otpk is generated v The method comprises the steps of carrying out a first treatment on the surface of the Then, the transaction initiator User u Encrypting the public key of the transaction receiver v by adopting an Elgamal encryption algorithm, wherein the encrypted ciphertext is C vp The method comprises the steps of carrying out a first treatment on the surface of the Then, the transaction initiator User u Using knowledge signature technology to prove transaction recipient User v Is correctly encrypted, the signature result is delta';
s3.3, assuming that the specific information of the transfer asset is data, constructing a complete transaction record as a transaction initiator uTR is denoted as asset transfer transaction tag; after constructing a complete transaction, broadcasting the transaction to be verified to a blockchain network by an initiator;
s4, transaction verification
After receiving the transaction to be verified, the transaction verification node verifies the validity of the signatures delta 'and delta'; after the signature is verified successfully, the legal transaction is linked;
s5, transaction tracking
When the tracking mechanism receives a tracking request for an illegal transaction, the tracking mechanism and the identity authentication mechanism cooperate to track the true identity of the user, including tracking the identity of the transaction initiator and the identity of the transaction recipient.
Further, the specific process in the step S1 is as follows:
s1.1, system parameter initialization
The identity authentication mechanism first selects the hash function H: {0,1} * →Z q * Randomly selecting three multiplication cyclic groups G with prime numbers q 1 ,G 2 ,G T Define a bilinear pairing e: G 1 ×G 2 →G T G is G 1 A meta-value is generated and the meta-value is generated,is G 2 Generating elements, definitionWherein->Is G 1 Is a unit cell of (2); then, determining a threshold t participating in generating a complete tracking key according to the number n of tracking mechanisms, namely the minimum tracking mechanism required by generating the complete tracking key; then, the identity authentication mechanism randomly selectsPrivate key sk used as identity authentication mechanism R Generate->Public key pk as identity authentication mechanism R The method comprises the steps of carrying out a first treatment on the surface of the Finally, the identity authentication authority sets the parameter to +.>
S1.2 tracking Key initialization of tracking mechanism
Assuming that n tracking mechanisms are provided, the identity id of the s-th tracking mechanism is denoted as Tid s ,s∈[1,n]Each tracking mechanism Tid s The following operations are performed:
a) Selecting t random number marks as a s0 ,a s1 ,…a s(t-1) ∈Z q Composition ofA polynomial f of order t-1 s (x)=a s0 +a s1 x+…+a s(t-1) x t-1 Obviously f s (0)=a s0
b) Calculation ofAnd broadcast F sk Wherein F sk Representing sharing of polynomial coefficients;
c) Computing key sharing z for all tracking institutions sj =f s (Tid j ) Where j=1, 2, …, n, and then to each of the other tracking mechanisms Tid through the secure channel l Sending the corresponding key share z sl Where l=1, 2, …, s-1, s+1, …, n;
d) Once received from the other n-1 tracking mechanisms Tid l Key sharing z of (2) li The tracking mechanism Tid s Verification equationWhether or not it is, if so, from the tracking mechanism Tid l Is legal, and if not, re-associates with the tracking mechanism Tid l Negotiating to obtain the correct z li The method comprises the steps of carrying out a first treatment on the surface of the Wherein Tid s Is the identity id of the s-th tracking mechanism, k is an index;
e) Computing tracking subkeysAnd the corresponding tracker public key->
f) Any tracing mechanism can randomly select t tracing sub public keys to generate a tracing public key Wherein Ω is a group comprising at least t chasersThe identity id of the trace organization and the corresponding tracing sub-public key, t is a threshold value for generating a complete tracing key, tid j Is the identity id of the jth tracking mechanism.
Further, in the step S2, the user needs to interact with the identity authentication mechanism to complete registration authentication before participating in the transaction, which comprises the following steps of
Transaction user Useri i Randomly select sk i ∈Z p As a private key, calculateAs public key, then uses its own ID i And public key pk i Sending the data to an identity authentication mechanism; after the identity authentication mechanism verifies the identity of the user, a registration transaction (pk) is generated R ,pk i ,flag=RE,δ i ),δ i Is a transaction signature generated by an identity authentication mechanism by adopting a short random signature technologyWherein-> And->As transaction signature delta i Is a component of (a).
Subsequently, the identity authentication mechanism propagates the transaction into the blockchain network;
the authentication node is according to the equationVerifying whether the signature is established, if so, uploading the registered transaction to a blockchain network;
finally, the identity authentication mechanism carries out related transaction numbersAnd delta i And sent to the registered user.
Further, the step S3.1 constructs a transaction input, and the transaction initiator User u Randomly selecting a plurality of transaction users, and combining the transaction users with users u The User set formed by the User is denoted as User, wherein |user|=m; then, the public key and registered transaction number of each transaction User in the User are obtained to form a new set to be recorded asSubsequently, the transaction initiator User u Calculating tracking marker->And signs the transaction using a knowledge signature that has two functions: one is to demonstrate that the index of Tg is sk u Secondly, the initiator is proved to have the private key sk corresponding to the real transaction input u
(1) Randomly selecting a random number c i ,s i ∈Z p ,1≤i≤m,i≠u;
(2) When i is not equal to u, transaction initiator User u Calculation ofWhen i=u, randomly selecting a random number r u ∈Z p Calculate->
(3) Transaction initiator User u Calculation ofc u =(c-c 1 -c 2 …c u+1 -…c m )modp,s u =r u +c u sk u mod p;
(4) Generating signature delta' = (c) 1 ,s 1 ,…c m ,s m );
Wherein the method comprises the steps ofIntermediate calculation parameters s representing signatures u ,c u As an integral part of the signature delta'.
Further, the step S3.2 constructs specific contents of the transaction output:
first transaction initiator User u Acquiring transaction recipient User v Identity public key of (a)Selecting a random number r E Z q Generating a disposable address->Wherein the one-time address otpk v The corresponding disposable private key is +.>Second, transaction initiator User u Encrypting a public key of a receiver by adopting an Elgamal encryption algorithm, wherein ciphertext is C vp =(C 1 ,C 2 )=(pk v TPK β ,g β ) Wherein beta is E Z q Is a random number; then the transaction initiator User u Knowledge signature technique is used to prove that the public key of the receiver is correctly encrypted, wherein +.>Intermediate calculation parameters, pk, representing disposable addresses v TPK β ,g β An example algorithm for knowledge signature representing ciphertext components of Elgamal encrypted ciphertext is as follows:
(1) The transaction initiator randomly generates two random numbers r β ,r τ ∈Z q
(2) Calculation ofc=H(C vp ,R 1 ,R 2 );
(3) Meter with a meter bodyCalculating Z β =r β +cβ,Z τ =r τ +ch tx
(4) Generating signature delta "= (c, Z β ,Z τ )。
Wherein R is 1 ,R 2 ,Intermediate calculation parameters, c, Z, representing signatures β ,Z τ Representing the constituent parts of the signature delta ".
Further, the specific content of signature verification in step S4 is:
s4.1 verification of signature delta
(1) For l is more than or equal to 1 and less than or equal to m, iterative calculation
(2) Verifying whether the following equation is satisfied, and if so, successfully verifying the signature;
wherein the method comprises the steps ofRepresenting intermediate computational parameters of the signature verification algorithm.
S4.2 verification of signature delta
(1) Calculation of
(2) Calculate C' =h (C vp ,R′ 1 ,R′ 2 );
(3) Verifying whether equation c= c' holds; if so, the signature verification is successful.
Wherein R 'is' 1 ,R′ 2 ,Representing intermediate computational parameters of the signature verification algorithm.
Further, the detailed method of step S5 is as follows:
assuming that the illegal transaction isThe set of tracking mechanisms involved in this tracking is defined as Ω' = { Tid l L=1, 2, …, t } (to improve efficiency, only t tracking mechanisms are allowed to participate in tracking).
S5.1 public Key tracking of transaction sponsor
For any User i E User, each tracking mechanism Tid l (l=1, 2, …, t) calculationWherein->For Lagrangian coefficients, tsk l For tracking mechanism Tid l Is a tracking subkey of (1);
when all t tracking mechanisms in omega ' complete the calculation, t pk ' can be obtained ' 1 ,pk′ 2 ,…·,pk′ t Calculation of
Subsequently, it is determined whether Tg' = Tg is true; if true, the true public key of the transaction initiator is pk u =pk i The public key of the transaction initiator is successfully tracked; otherwise, continuing to scan the next transaction input address;
s5.2 public Key tracking of transaction recipients
For ciphertext C vp =(C 1 ,C 2 )=(pk v TPK β ,g β ) Each tracking mechanism Tid l (l=1, 2, …, t) calculationWherein->For Lagrangian coefficients, tsk l For tracking mechanism Tid l Is a tracking subkey of (1); after all t tracking mechanisms in Ω' complete the above calculation, the calculation is performed
Finally, calculate the public key of the transaction receiver as pk v =C 1 /TPK β
The invention also discloses a system for implementing the blockchain transaction identity privacy protection and traceability method based on the knowledge signature, which comprises a transaction user, an identity authentication mechanism, a tracking mechanism and a verification node, wherein the transaction user comprises a transaction initiator and a transaction receiver;
firstly, a transaction user generates a public and private key, and applies authentication to an identity authentication mechanism by using a long-term public key representing an identity and attached identity information; after the identity authentication mechanism authenticates the identity information of the transaction user, generating a registration transaction, and returning the registration transaction number to the transaction user; when a transaction is carried out, a transaction receiver sends a long-term public key and a registered transaction number to a transaction initiator, and the transaction initiator derives a transaction address as the address of the transaction initiator by using the long-term public key and adds ciphertext supervision information to write the transaction;
then, the transaction initiator randomly selects a plurality of public keys from the blockchain and takes the public keys along with the public keys as an input set to mask real transaction input, adds a tracking tag, and uses a knowledge signature technology to prove the ownership of the transaction, so that identity privacy protection is realized to avoid transaction tracking;
then, the transaction initiator constructs a complete transaction and uploads the complete transaction to the blockchain network;
finally, the transaction verifier verifies the correctness of the transaction content, and mainly verifies the following transaction content comprises the following steps: 1. is the legitimacy of the input of the transaction initiator; 2. and (5) monitoring the correctness of the information. When suspicious transactions are found, t tracking mechanisms are gathered to track the sub-public keys, and long-term public keys of both transaction parties are recovered. If the true identity of the transaction parties is to be further tracked, a request may be issued to an identity authentication authority.
The beneficial effects are that: compared with the prior art, the invention has the following advantages:
(1) The invention combines knowledge signature technology, disposable address technology and secret sharing technology, and realizes privacy protection and supervision of the identities of both transaction parties.
(2) Simulation experiments and security analysis prove that the privacy protection and supervision characteristics of the user identity can be considered on the premise that the supervision cost is only slightly increased.
Drawings
FIG. 1 is a schematic diagram of the overall system of the present invention;
fig. 2 is a timing diagram of the major elements (identity registration, transaction generation and verification, and transaction tracking) in an embodiment.
FIG. 3 is a graph of the calculation overhead versus the result of the main algorithm of the simulation experiment of the present invention.
Detailed Description
The technical scheme of the present invention is described in detail below, but the scope of the present invention is not limited to the embodiments.
As shown in fig. 1, a system for implementing a knowledge signature based blockchain transaction identity privacy preserving and traceable method of the present invention includes a transaction user, an identity authentication mechanism, a tracking mechanism, and a verification node, the transaction user including a transaction initiator and a transaction receiver;
firstly, a transaction user generates a public and private key, and applies authentication to an identity authentication mechanism by using a long-term public key representing an identity and attached identity information; after the identity authentication mechanism authenticates the identity information of the transaction user, generating a registration transaction, and returning the registration transaction number to the transaction user; when a transaction is carried out, a transaction receiver sends a long-term public key and a registered transaction number to a transaction initiator, and the transaction initiator derives a transaction address as the address of the transaction initiator by using the long-term public key and adds ciphertext supervision information to write the transaction;
then, the transaction initiator randomly selects a plurality of public keys from the blockchain and takes the public keys along with the public keys as an input set to mask real transaction input, adds a tracking tag, and uses a knowledge signature technology to prove the ownership of the transaction, so that identity privacy protection is realized to avoid transaction tracking;
then, the transaction initiator constructs a complete transaction and uploads the complete transaction to the blockchain network;
and finally, the transaction initiator verifies the correctness of the transaction content, and when suspicious transaction is found, t tracking mechanisms are gathered to track the sub-public keys, so that the long-term public keys of both transaction sides are recovered. If the true identity of the transaction parties is to be further tracked, a request may be issued to an identity authentication authority.
As shown in fig. 2, the blockchain transaction identity privacy protection and traceability method based on knowledge signature of the present embodiment specifically includes the following steps:
link i (System initialization)
This stage is divided into three sub-processes: system initialization, tracking key initialization of a tracking mechanism and authentication mechanism key initialization.
(1) System initialization
The process is performed by an identity authentication mechanism as follows:
a) First a hash function H {0,1}, is chosen * →Z q * Then randomly selecting three multiplication cyclic groups G with prime numbers q 1 ,F 2 ,G T Define a bilinear pairing e: G 1 ×G 2 →G T G is G 1 A meta-value is generated and the meta-value is generated,is G 2 Generating elements, definitionWherein->Is G 1 Is a unit cell of (a).
b) The threshold t for participating in generating the complete tracking key, i.e. the minimum tracking mechanism needed for generating the complete tracking key, is determined according to the number n of tracking mechanisms.
c) Publishing system public parameters
(2) Tracking key initialization for tracking mechanism
Assuming that n tracking mechanisms are provided, the identity id of the s-th tracking mechanism is denoted as Tid s ,s∈[1,n]Each tracking mechanism Tid s The following operations are performed:
a) Selecting t random number marks as a s0 ,a s1 ,…a s(t-1) ∈Z q Form a polynomial f with order of t-1 s (x)=a s0 +a s1 x+…+a s(t-1) x t-1 Obviously f s (0)=a s01
b) Calculation ofAnd broadcast F sk Wherein F sk Representing sharing of polynomial coefficients;
c) Computing key sharing z for all tracking institutions sj =f s (Tid j ) Where j=1, 2, …, n, and then to each of the other tracking mechanisms Tid through the secure channel l Sending the corresponding key share z sl Where l=1, 2, …, s-1, s+1, …, n;
d) Once received from the other n-1 tracking mechanisms Tid l Key sharing z of (2) li The tracking mechanism Tid s Verification equationWhether or not it is, if so, from the tracking mechanism Tid l Is legal, and if not, re-associates with the tracking mechanism Tid l Negotiating to obtain the correct z li The method comprises the steps of carrying out a first treatment on the surface of the Wherein Tid s Is the identity id of the s-th tracking mechanism, k is an index;
e) Computing tracking subkeysAnd the corresponding tracker public key->
f) Any tracing mechanism can randomly select t tracing sub public keys to generate a tracing public key Where Ω is a threshold value for generating a complete tracking key, tid, containing the identity id of at least t tracking institutions and the corresponding tracking sub-public key j Is the identity id of the jth tracking mechanism;
(3) Key initialization for identity authentication authorities
Identity authentication mechanism random selectionPrivate key sk used as identity authentication mechanism R GeneratingPublic key pk as identity authentication mechanism R
Link ii (identity registration)
Before participating in a transaction, a user needs to interact with an identity authentication mechanism to finish registration authentication, and the process is as follows:
(1) User of transaction User i Randomly select sk i ∈Z p As a private key, calculateAs public key, then uses its own ID i And public key pk i And the data is sent to an identity authentication mechanism, and the storage format is shown in the following table.
Table 1 table of identity information and public key information association
(2) After the identity authentication mechanism verifies the identity of the user, a registration transaction (pk) is generated R ,pk i ,flag=RE,δ i ) Wherein pk is R For identity authentication authority public key pk i For the user public key, flag=re indicates that the transaction type is a registered transaction, δ i Is a transaction signature generated by an identity authority according to the following equation (1) using a short randomized signature technique, whereinIs a random number. The identity authority propagates the transaction into the blockchain network.
(3) The verification node verifies whether the signature is valid according to equation (2) below, and if so, uploads the registered transaction into the blockchain network.
Wherein,,
(4) The identity authentication mechanism carries out related transaction numbersAnd delta i And sent to the registered user.
Link iii (construction transaction)
The transaction initiator constructs a transaction stage in three steps, specifically as follows:
(1) Constructing transaction inputs
Initiator User u Randomly selecting a plurality of transaction users and associating them withUser u The User set itself is denoted User, where |user|=m. Then the public key and registered transaction number of each transaction User in the User are obtained to form a new set which is recorded asSubsequently, the transaction initiator calculates the tracking flag +.>And signs the transaction using a knowledge signature that has two functions: one is to demonstrate that the index of Tg is sk u Secondly, the initiator is proved to have the private key sk corresponding to the real transaction input u
a) Randomly selecting a random number c i ,s i ∈Z p Wherein i is equal to or greater than 1 and equal to or less than m, and i is equal to or greater than u.
b) When i is not equal to u, transaction initiator User u Calculation ofWhen i=u, the transaction initiator User u Randomly selecting a random number r u ∈Z p Calculate->
c) Transaction initiator User u Calculation ofc u =(c-c 1 -c 2 …c u+1 -…c m )mod p,s u =r u +c u sk u modp。
d) Generating signature delta' = (c) 1 ,s 1 ,…c m ,s m )
Wherein the method comprises the steps ofIntermediate calculation parameters s representing signatures u ,c u As an integral part of the signature delta';
(2) Constructing transaction outputs
First transaction initiator User u Acquiring transaction recipient User v Identity public key of (a)Selecting a random number r E Z q Generating a disposable address->Wherein the one-time address otpk v The corresponding disposable private key is +.>Second, transaction initiator User u Encrypting a public key of a receiver by adopting an Elgamal encryption algorithm, wherein ciphertext is C vp =(C 1 ,C 2 )=(pk v TPK β ,g β ) Wherein beta is E Z q Is a random number. Then the transaction initiator User u Knowledge signature technique is used to prove that the public key of the receiver is correctly encrypted in the above step, wherein +.>Intermediate calculation parameters, pk, representing disposable addresses v TPK β ,g β An example algorithm for knowledge signature representing ciphertext components of Elgamal encrypted ciphertext is as follows:
a) Random number r generation by transaction initiator β ,r τ ∈Z q
b) Calculation ofc=H(C vp ,R 1 ,R 2 )。
c) Calculation of Z β =r β +cβ,Z τ =r τ +ch tx
d) Generating signature delta "= (c, Z β ,Z τ )
Wherein R is 1 ,R 2 ,Intermediate calculation parameters, c, Z, representing signatures β ,Z τ Representing the constituent parts of the signature delta ";
(3) Constructing a complete transaction record
Assuming that the specific information of the transfer asset is data, then the transaction initiator User u Constructing a complete transaction record asWhere δ "is related to the transaction recipient public key pk v TR is denoted as an asset transfer transaction tag. In digital money systems, asset transfer transactions refer to spending transactions; in a supply chain system, an asset transfer transaction refers to the transfer of a product from a sender to a recipient.
Link iv (transaction verification)
After receiving the complete transaction, the transaction verification node invokes the following two algorithms to verify the signature δ 'and the signature δ', respectively.
(1) Verification of signature delta
a) For l is more than or equal to 1 and less than or equal to m, iterative calculation
b) Verification equationWhether or not to establish; if so, the signature verification is successful.
Wherein the method comprises the steps ofRepresenting intermediate calculation parameters of a signature verification algorithm;
(2) Verification of signature delta'
a) Calculation of
b) Calculate C' =h (C vp ,R′ 1 ,R′ 2 )。
c) Verifying whether equation c= c' holds; if so, the signature verification is successful.
Wherein R 'is' 1 ,R′ 2 ,Representing a calculation intermediate parameter of a signature verification algorithm;
link v (transaction tracking)
When the tracking mechanism receives a tracking request for an illegal transaction, the tracking mechanism and the authentication mechanism cooperate to track the true identity of the user. Assuming that the illegal transaction is The set of tracking mechanisms involved in this tracking is defined as Ω' = { Tid l I l=1, 2, …, t } (for efficiency, only t tracking mechanisms are allowed to participate in tracking). The specific process of transaction tracking comprises the tracking of the identities of a transaction initiator and a transaction receiver, and is specifically as follows:
(1) Public key tracking of transaction sponsors
For any User i ∈User,
a) Each tracking mechanism Tid l (l=1, 2, …, t) calculationWherein-> For Lagrangian coefficients, tsk l For tracking mechanism Tid l Is used to track the subkeys.
b) When all t tracking mechanisms in omega ' complete the calculation, t pk ' can be obtained ' 1 ,pk′ 2 ,…·,pk′ t Calculation of
c) It is determined whether Tg' = Tg holds. If true, the true public key of the transaction initiator is pk u =pk i The public key of the transaction initiator is successfully tracked; otherwise, continuing to scan the next transaction input address.
(2) Public key tracking of transaction recipients
a) For ciphertext C vp =(C 1 ,C 2 )=(pk v TPK β ,g β ) Each tracking mechanism Tid l (l=1, 2, …, t) calculationWherein->For Lagrangian coefficients, tsk l For tracking mechanism Tid l Is used to track the subkeys.
b) After all t tracking mechanisms in Ω' complete the above calculation, the calculation is performed
c) Calculating the public key of the transaction receiver as pk v =C 1 /TPK β
(3) Identity tracking of transaction initiator and recipient
Obtaining the transaction initiator public key pk through the steps (1) and (2) u And the public key pk of the recipient v Later, the tracking mechanism requests the identity authentication mechanism to inquire corresponding identity information, and the identity authentication mechanism obtains corresponding identity information ID according to the table 1 u And the recipient's public key ID v And returns to the tracking mechanism, so that the transaction identity tracking is completed.
Examples:
as shown in fig. 3, the technical Scheme of the present invention is compared with the overhead of the conventional Scheme proposed by Scheme Li in different stages.
For fairness comparison, the present embodiment sets the tracking mechanism number and the group administrator number to the same value, both of which are 8. The number of registrants in one system is greater than the input aggregate size in one transaction, so this embodiment sets the number of ring members to 8 and the number of group registrants to 20.
As can be seen from fig. 3, the calculation cost of the technical Scheme of the present invention in the transaction generation stage is slightly greater than the Scheme Li, while the other stages are more advantageous, especially, in the calculation overhead of tracking the identities of both transaction parties, the Scheme Li needs to traverse the whole group of registered users, but the technical Scheme of the present invention only needs to traverse the ring member set when tracking the identity of the transaction initiator, and the time cost of the present invention in tracking both transaction parties is less than the Scheme proposed by the Scheme Li.

Claims (8)

1. A blockchain transaction identity privacy preserving and traceable method based on knowledge signatures, comprising the steps of:
s1, generating initial parameters by system setting
The identity authentication mechanism generates and publishes a system parameter pp; tracking mechanism cooperatively generates tracking sub public and private keys<Tpk s ,Tsk s >And tracking the public key TPK; the identity authentication mechanism generates its own public and private keys<pk R ,sk R >;
S2, identity registration
User of transaction User i Generating public key pk for application registration by asymmetric encryption algorithm i And private key sk i And to put its own identity ID i And public key pk i Sending the request to an identity authentication mechanism for authentication; after the identity authentication mechanism successfully verifies the identity of the user, a short randomized signature algorithm is adopted to carry out public key pk on the user i Signature, the signature result is delta i The method comprises the steps of carrying out a first treatment on the surface of the The identity authority then generates a registration transaction (pk R ,pk i ,flag=RE,δ i ) And propagates the transaction toIn a blockchain network, wherein flag=re indicates that the transaction type is a registered transaction; after the verification node verifies that the signature passes, uploading the registered transaction to a blockchain; here, the transaction User i Including transaction initiator User u And transaction recipient User v
S3, constructing transaction
S3.1 transaction initiator User u Randomly selecting the public keys of some users along with their own public keys as input public keysAnd calculate tracking mark T g The method comprises the steps of carrying out a first treatment on the surface of the Then signing by using a knowledge signature technology, wherein the signature result is delta'; wherein User represents a transaction input User set, input User set size |user|=m;
s3.2 transaction initiator User u Acquiring transaction recipient User v Identity public key pk v For which a disposable address otpk is generated v The method comprises the steps of carrying out a first treatment on the surface of the Then, the transaction initiator User u Encrypting transaction receiver User by adopting Elgamal encryption algorithm v Is encrypted with ciphertext C vp The method comprises the steps of carrying out a first treatment on the surface of the Then, the transaction initiator User u Using knowledge signature technology to prove transaction recipient User v Is correctly encrypted, the signature result is delta';
s3.3, assuming that the specific information of the transfer asset is data, then a transaction initiator User u Constructing a complete transaction record asTR is denoted as asset transfer transaction tag; after constructing a complete transaction, broadcasting the transaction to be verified to a blockchain network by a transaction initiator;
s4, transaction verification
After receiving the transaction to be verified, the transaction verification node verifies the validity of the signatures delta 'and delta'; after the signature is verified successfully, the legal transaction is linked;
s5, transaction tracking
When the tracking mechanism receives a tracking request for an illegal transaction, the tracking mechanism and the identity authentication mechanism cooperate to track the true identity of the user, including tracking the identity of the transaction initiator and the identity of the transaction recipient.
2. The knowledge signature based blockchain transaction identity privacy preserving and traceable method of claim 1, wherein: the specific process in the step S1 is as follows:
s1.1, system parameter initialization
The identity authentication mechanism first selects a hash function h {0,1} * →Z q * Randomly selecting three multiplication cyclic groups G with prime numbers q 1 ,G 2 ,G T Define a bilinear pairing e: G 1 ×G 2 →G T G is G 1 A meta-value is generated and the meta-value is generated,is G 2 Generating elements, definitionWherein->Is G 1 Is a unit cell of (2); then, determining a threshold t participating in generating a complete tracking key according to the number n of tracking mechanisms, namely the minimum tracking mechanism required by generating the complete tracking key; then, the identity authentication mechanism randomly selectsPrivate key sk used as identity authentication mechanism R Generate->Public key pk as identity authentication mechanism R The method comprises the steps of carrying out a first treatment on the surface of the Finally, the identity authentication authority sets the parameter to +.>
S1.2 tracking Key initialization of tracking mechanism
Assuming that n tracking mechanisms are provided, the identity id of the s-th tracking mechanism is denoted as Tid s ,s∈[1,n]Each tracking mechanism Tid s The following operations are performed:
a) Selecting t random number marks as a s0 ,a s1 ,…a s(t-1) ∈Z q Form a polynomial f with order of t-1 s (x)=a s0 +a s1 x+…+a s(t-1) x t-1 Obviously f s (0)=a s0
b) Calculation ofAnd broadcast F sk Wherein F sk Representing sharing of polynomial coefficients;
c) Computing key sharing z for all tracking institutions sj =f s (Tid j ) Where j=1, 2, …, n, and then to each of the other tracking mechanisms Tid through the secure channel l Sending the corresponding key share z sl Where l=1, 2, …, s-1, s+1, …, n;
d) Once received from the other n-1 tracking mechanisms Tid l Key sharing z of (2) li The tracking mechanism Tid s Verification equationWhether or not it is, if so, from the tracking mechanism Tid l Is legal, and if not, re-associates with the tracking mechanism Tid l Negotiating to obtain the correct z li The method comprises the steps of carrying out a first treatment on the surface of the Wherein Tid s Is the identity id of the s-th tracking mechanism, k is an index;
e) Computing tracking subkeysAnd the corresponding tracker public key->
f) Any tracing mechanism can randomly select t tracing sub public keys to generate a tracing public key Where Ω is a threshold value for generating a complete tracking key, tid, containing the identity id of at least t tracking institutions and the corresponding tracking sub-public key j Is the identity id of the jth tracking mechanism.
3. The knowledge signature based blockchain transaction identity privacy preserving and traceable method of claim 2, wherein: said step S2 trades User i Randomly select sk i ∈Z p As a private key, calculateAs public key, then uses its own ID i And public key pk i Sending the data to an identity authentication mechanism; after the identity authentication mechanism verifies the identity of the user, a registration transaction (pk) is generated R ,pk i ,flag=RE,δ i ),δ i Is transaction signature generated by an identity authentication agency by adopting a short random signature technology>Wherein-> And->As transaction signature delta i Is formed by the components of (a);
subsequently, the identity authentication mechanism propagates the transaction into the blockchain network;
the authentication node is according to the equationVerifying whether the signature is established, if so, uploading the registered transaction to a blockchain network;
finally, the identity authentication mechanism carries out related transaction numbersAnd delta i Sent to registered user i
4. The knowledge signature based blockchain transaction identity privacy preserving and traceable method of claim 1, wherein: when the step S3.1 constructs the transaction input, the transaction initiator User u Randomly selecting a plurality of transaction users, and combining the transaction users with users u The User set formed by the User is denoted as User, wherein |user|=m; then, the public key and registered transaction number of each transaction User in the User are obtained to form a new set to be recorded asSubsequently, the transaction initiator User u Calculating tracking marker-> Signing the transaction by adopting the following knowledge signature, wherein the signature process is as follows:
(1) Randomly selecting a random number c i ,s i ∈Z p I is more than or equal to 1 and less than or equal to m, and i is not equal to u;
(2) When i is not equal to u, transaction initiator User u Calculation ofWhen i=u, the user u randomly selects the random number r u ∈Z p Calculate->
(3) Transaction initiator User u Calculation ofc u =(c-c 1 -c 2 …c u+1 -…c m )mod p,s u =r u +c u sk u mod p;
(4) Generating signature delta' = (c) 1 ,s 1 ,…c m ,s m );
Wherein the method comprises the steps ofIntermediate calculation parameters s representing signatures u ,c u As an integral part of the signature delta'.
5. The knowledge signature based blockchain transaction identity privacy preserving and traceable method of claim 1, wherein: the step S3.2 is to construct concrete contents of transaction output:
first transaction initiator User u Acquiring transaction recipient User v Identity public key of (a)Selecting a random number r E Z q Generating a disposable address->Wherein the one-time address otpk v The corresponding disposable private key isSecond, transaction initiator User u Encrypting a public key of a receiver by adopting an Elgamal encryption algorithm, wherein ciphertext is C vp =(C 1 ,C 2 )=(pk v TPK β ,g β ) Wherein beta is E Z q Is a random number; then the transaction initiator User u Using knowledge signature technology to prove that the recipient's public key is properly encrypted, the knowledge signature proceeds as follows, whereinIntermediate calculation parameters, pk, representing disposable addresses v TPK β ,g β Ciphertext component representing Elgamal encrypted ciphertext:
(1) The transaction initiator randomly generates two random numbers r β ,r τ ∈Z q
(2) Calculation ofc=H(C vp ,C 1 ,R 2 );
(3) Calculation of Z β =r β +cβ,Z τ =r τ +ch tx
(4) Generating signature delta "= (c, Z β ,Z τ )。
Wherein R is 1 ,R 2 ,Intermediate calculation parameters, c, Z, representing signatures β ,Z τ Representing one of the components of the signature delta ".
6. The knowledge signature based blockchain transaction identity privacy preserving and traceable method of claim 1, wherein: the specific content of signature verification in the step S4 is as follows:
s4.1 verification of signature delta
(1) For l is more than or equal to 1 and less than or equal to m, iterative calculation
(2) Verifying whether the following equation is satisfied, and if so, successfully verifying the signature;
wherein the method comprises the steps ofAll are intermediate calculation parameters of a signature verification algorithm;
s4.2 verification of signature delta
(1) Calculation of
(2) Calculate C' =h (C vp ,R′ 1 ,R′ 2 );
(3) Verifying whether equation c= c' holds; if so, the signature verification is successful.
Wherein R 'is' 1 ,R′ 2 ,Are all intermediate calculation parameters of the signature verification algorithm.
7. The knowledge signature based blockchain transaction identity privacy preserving and traceable method of claim 1, wherein: in the step S5, it is assumed that the illegal transaction is { data, { pk } i } i∈User ,Tg,δ′,otpk v ,δ",C vp The set of tracking mechanisms involved in this tracking is defined as Ω' = { Tid } l I l=1, 2, …, t }, in particular by;
s5.1 public Key tracking of transaction sponsor
For any User i E User, each tracking mechanism Tid l Calculation ofWherein-> For Lagrangian coefficients, tsk l For tracking mechanism Tid l Is a tracking subkey of (1);
when all t tracking mechanisms in omega ' complete the calculation, t pk ' can be obtained ' 1 ,pk′ 2 ,…·,pk′ t Calculation of
Subsequently, it is determined whether Tg' = Tg is true; if true, the true public key of the transaction initiator is pk u =pk i The public key of the transaction initiator is successfully tracked; otherwise, continuing to scan the next transaction input address;
s5.2 public Key tracking of transaction recipients
For ciphertext C vp =(C 1 ,C 2 )=(pk v TPK β ,g β ) Each tracking mechanism Tid l (l=1, 2, …, t) calculationWherein->For Lagrangian coefficients, tsk l For tracking mechanism Tid l Is a tracking subkey of (1); after all t tracking mechanisms in Ω' complete the above calculation, the calculation is performed
Finally, calculate the public key of the transaction receiver as pk v =C 1 /TPK β
8. A system for implementing the knowledge signature based blockchain transaction identity privacy preserving and traceable method of any of claims 1 to 7, comprising a transaction user, an identity authentication mechanism, a tracking mechanism, and a verification node, the transaction user comprising a transaction initiator and a transaction recipient;
firstly, a transaction user generates a public and private key, and applies authentication to an identity authentication mechanism by using a long-term public key representing an identity and attached identity information; after the identity authentication mechanism authenticates the identity information of the transaction user, generating a registration transaction, and returning the registration transaction number to the transaction user; when a transaction is carried out, a transaction receiver sends a long-term public key and a registered transaction number to a transaction initiator, and the transaction initiator derives a transaction address as the address of the transaction initiator by using the long-term public key and adds ciphertext supervision information to write the transaction;
then, the transaction initiator randomly selects a plurality of public keys from the blockchain and takes the public keys along with the public keys as an input set to mask real transaction input, adds a tracking tag, and uses a knowledge signature technology to prove the ownership of the transaction, so that identity privacy protection is realized to avoid transaction tracking;
then, the transaction initiator constructs a complete transaction and uploads the complete transaction to the blockchain network;
finally, the transaction verification node verifies the correctness of the transaction content, and when suspicious transactions are found, t tracking mechanisms are gathered to track the sub-public keys, so that the long-term public keys of both transaction parties are recovered.
CN202310481129.8A 2023-04-28 2023-04-28 Knowledge signature-based blockchain transaction identity privacy protection and traceability method and system Pending CN116541880A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310481129.8A CN116541880A (en) 2023-04-28 2023-04-28 Knowledge signature-based blockchain transaction identity privacy protection and traceability method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310481129.8A CN116541880A (en) 2023-04-28 2023-04-28 Knowledge signature-based blockchain transaction identity privacy protection and traceability method and system

Publications (1)

Publication Number Publication Date
CN116541880A true CN116541880A (en) 2023-08-04

Family

ID=87457058

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310481129.8A Pending CN116541880A (en) 2023-04-28 2023-04-28 Knowledge signature-based blockchain transaction identity privacy protection and traceability method and system

Country Status (1)

Country Link
CN (1) CN116541880A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117455488A (en) * 2023-11-13 2024-01-26 电子科技大学 Threshold supervision method for privacy protection cryptocurrency

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117455488A (en) * 2023-11-13 2024-01-26 电子科技大学 Threshold supervision method for privacy protection cryptocurrency
CN117455488B (en) * 2023-11-13 2024-08-09 电子科技大学 Threshold supervision method for privacy protection cryptocurrency

Similar Documents

Publication Publication Date Title
CN111654363B (en) Group signature and homomorphic encryption-based alliance chain privacy protection method
Lai et al. Applying semigroup property of enhanced Chebyshev polynomials to anonymous authentication protocol
Wang et al. LAMANCO: A lightweight anonymous mutual authentication scheme for $ N $-times computing offloading in IoT
Zheng et al. Linkable group signature for auditing anonymous communication
CN108494559B (en) Electronic contract signing method based on semi-trusted third party
Jan et al. Mitigating the desynchronisation attack in multiserver environment
CN105187405A (en) Reputation-based cloud computing identity management method
CN114531243B (en) Alliance chain transaction privacy protection method based on label encryption and zero knowledge proof
Li et al. LaT-Voting: Traceable anonymous E-voting on blockchain
Tsai et al. An ECC‐based blind signcryption scheme for multiple digital documents
CN115834067A (en) Ciphertext data sharing method in edge cloud collaborative scene
CN115442057A (en) Randomizable blind signature method and system with strong unlinkability
CN115174184A (en) Attribute-based encryption-based transaction object identity anonymous traceable method, network device and storage device
CN116541880A (en) Knowledge signature-based blockchain transaction identity privacy protection and traceability method and system
Gao et al. Quantum election protocol based on quantum public key cryptosystem
Rana et al. Computational efficient authenticated digital content distribution frameworks for DRM systems: Review and outlook
Cui et al. Towards Multi-User, Secure, and Verifiable $ k $ NN Query in Cloud Database
CN113536347A (en) Bidding method and system based on digital signature
CN116432204B (en) Supervision transaction privacy protection method based on homomorphic encryption and zero knowledge proof
CN110278081A (en) A kind of control method and equipment of group&#39;s digital signature
CN114066449A (en) Multi-center collaborative supervision block chain user identity anonymity and tracking method and system
CN115242388B (en) Group key negotiation method based on dynamic attribute authority
CN114978622A (en) Anonymous credential verification method and system based on block chain and zero-knowledge proof
Heydari et al. An Improved Authentication Scheme for Electronic Payment Systems in Global Mobility Networks
Zhong et al. An Efficient Electronic English Auction System with a Secure On‐Shelf Mechanism and Privacy Preserving

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination