CN116633548A - Encryption process supervision method, device, system and storage medium - Google Patents
Encryption process supervision method, device, system and storage medium Download PDFInfo
- Publication number
- CN116633548A CN116633548A CN202310346507.1A CN202310346507A CN116633548A CN 116633548 A CN116633548 A CN 116633548A CN 202310346507 A CN202310346507 A CN 202310346507A CN 116633548 A CN116633548 A CN 116633548A
- Authority
- CN
- China
- Prior art keywords
- encryption
- knowledge proof
- public key
- zero knowledge
- zero
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 75
- 238000012795 verification Methods 0.000 claims abstract description 18
- 230000006870 function Effects 0.000 claims description 11
- 238000004590 computer program Methods 0.000 claims description 9
- 238000012806 monitoring device Methods 0.000 claims 1
- 238000010586 diagram Methods 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 238000004364 calculation method Methods 0.000 description 2
- 239000002131 composite material Substances 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 235000019800 disodium phosphate Nutrition 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Abstract
The embodiment of the application discloses an encryption process supervision method, device, system and storage medium, wherein the method comprises the following steps: encrypting the private data m by adopting a specified public key B based on an asymmetric encryption system to obtain an encryption result; generating a zero knowledge proof according to the encryption result; and verifying the validity of the zero knowledge proof, and if the verification is passed, releasing the encryption result. The operator has to use the appointed public key to encrypt, thus avoiding the possibility of privacy disclosure. When an operator intentionally or unintentionally encrypts data by using an incorrect public key, the operator cannot generate a correct zero knowledge proof according to the characteristic of the zero knowledge proof, and at the moment, the verification of the zero knowledge proof cannot be passed, so that the encryption result is refused. Only when the specified public key is used for encryption, a correct zero knowledge proof can be generated and verified, and the encryption result is released.
Description
Technical Field
The application relates to the technical field of computer software, in particular to an encryption process supervision method, an encryption process supervision system and a storage medium.
Background
Today's mainstream asymmetric encryption systems in which the key consists of a pair of public and private keys. The public key is used for encryption and is fully public; the private key is used for decryption. Meanwhile, the asymmetric encryption system includes a validity verification function, that is, if the ciphertext is not the encryption result of a certain plaintext, decryption of the ciphertext by using the private key is rejected (failure result is returned).
The current encryption process for private data has the following problems: in actual business, there is generally a scene that needs to be given after private data is encrypted. Now, it is assumed that the public key used for encryption has been given and trusted (hereinafter referred to as a specified public key), but the operator performing this encryption operation has the following several illegal possibilities:
(1) The operator encrypts the private data by using the public key of the operator or other third parties instead of the specified public key to give an encryption result;
(2) The method comprises the steps of directly slightly adjusting the private data without encryption, or directly slightly adjusting the private data and then encrypting the private data by using a public key of the private data or other third parties to obtain an encryption result;
(3) The private data is slightly modified and then encrypted using a specified public key to give an encryption result.
For the encryption system commonly used at present, any third party cannot judge whether the encryption result is legal or not only according to the encryption result field given by an operator under the condition that the third party does not contact the original data and does not contact the private key corresponding to the designated public key, that is, whether the encryption result is encrypted by the designated public key or not can not be judged, so that an effective supervision means cannot be provided. Especially for the case of (1), once the encryption result is released, it means that the private data can be decrypted by the operator or other third party possessing the private key, thus causing privacy disclosure; in case (2), the data is equivalent to no encryption, and privacy leakage is caused; in the case of (3), even if the operator tampers with the data, only the private key owner corresponding to the specified public key can decrypt, which means that the private key owner has obtained erroneous private data, but does not cause disclosure of the private data.
The technical scheme of the application is used for avoiding the situations of privacy disclosure of the (1) th and (2) th.
Disclosure of Invention
Aiming at the technical defects in the prior art, the embodiment of the application aims to provide an encryption process supervision method, an encryption process supervision system and a storage medium, so as to ensure that a public key used in an encryption process is a specified public key.
To achieve the above object, in a first aspect, an embodiment of the present application provides an encryption process supervision method, including:
encrypting the private data m by adopting a specified public key B based on an asymmetric encryption system to obtain an encryption result;
generating a zero knowledge proof according to the encryption result;
and verifying the validity of the zero knowledge proof, and if the verification is passed, releasing the encryption result.
Further, the ECIES-based encryption system encrypts the private data m with a specified public key B to obtain an encryption result (R, C, T).
Further, the zero knowledge proof proves that the solution k, k of the equation exists 2 Z satisfies the following equation:
R=kP;
Z=kB;
H 1 the post-preset bits of (R, Z) are k 2 ;
T=H 2 (C,k 2 );
Wherein k, k 2 Are all positive integers; p is the generator of elliptic curve group G; h 1 (·),H 2 (. Cndot.) is two hash functions.
Further, a validity of the zero-knowledge proof is verified based on a zero-knowledge proof system.
In a second aspect, an embodiment of the present application further provides an encryption process supervision apparatus, where the apparatus includes:
the encryption module is used for encrypting the private data m by adopting the appointed public key B based on the asymmetric encryption system to obtain an encryption result;
the generation module is used for generating a zero knowledge proof according to the encryption result; the method comprises the steps of,
and the verification module is used for verifying the validity of the zero knowledge proof, and releasing the encryption result if the verification is passed.
Further, the encryption module encrypts the private data m by using the specified public key B based on the ECIES encryption system to obtain an encryption result (T, C, T).
Further, the zero knowledge proof proves that the solution k, k of the equation exists 2 Z satisfies the following equation:
R=kP;
Z=kB;
H 1 the post-preset bits of (R, Z) are k 2 ;
T=H 2 (C,k 2 );
Wherein k, k 2 Are all positive integers; p is the generator of elliptic curve group G; h 1 (·),H 2 (. Cndot.) is two hash functions.
Further, the verification module verifies the validity of the zero knowledge proof based on a zero knowledge proof system.
In a third aspect, an embodiment of the present application further provides an encryption process supervision system, which is characterized by comprising a processor, an input device, an output device and a memory, where the processor, the input device, the output device and the memory are connected to each other, and the memory is configured to store a computer program, where the computer program includes program instructions, and where the processor is configured to invoke the program instructions to perform the method according to the first aspect.
In a fourth aspect, an embodiment of the present application also provides a computer readable storage medium, characterized in that the computer readable storage medium stores a computer program comprising program instructions which, when executed by a processor, cause the processor to perform the method according to the first aspect.
In the embodiment of the application, the encryption process supervision method, the encryption process supervision system and the storage medium have the advantage that operators have to use the appointed public key for encryption, so that the possibility of privacy disclosure is eliminated. When an operator intentionally or unintentionally encrypts data by using an incorrect public key, the operator cannot generate a correct zero knowledge proof according to the characteristic of the zero knowledge proof, and at the moment, the verification of the zero knowledge proof cannot be passed, so that the encryption result is refused. Only when the specified public key is used for encryption, a correct zero knowledge proof can be generated and verified, and the encryption result is released.
The length of zero knowledge proof required by the application is only a constant level, the cost is extremely low, and the application can be applied to most practical scenes.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application. In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly described below, and it will be obvious to those skilled in the art that other drawings can be obtained from these drawings without inventive effort.
Fig. 1 is a schematic diagram of an implementation principle of an encryption process supervision method according to an embodiment of the present application;
FIG. 2 is a flow chart of an encryption process supervision method according to an embodiment of the present application;
FIG. 3 is a schematic diagram of an encryption process supervision apparatus according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of an encryption process supervision system according to an embodiment of the present application.
The achievement of the objects, functional features and advantages of the present application will be further described with reference to the accompanying drawings, in conjunction with the embodiments. Specific embodiments of the present application have been shown by way of the above drawings and will be described in more detail below. The drawings and the written description are not intended to limit the scope of the inventive concepts in any way, but rather to illustrate the inventive concepts to those skilled in the art by reference to the specific embodiments.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the application. Rather, they are merely examples of apparatus and methods consistent with aspects of the application as detailed in the accompanying claims.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, the element defined by the phrase "comprising one … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element, and furthermore, elements having the same name in different embodiments of the application may have the same meaning or may have different meanings, the particular meaning of which is to be determined by its interpretation in this particular embodiment or by further combining the context of this particular embodiment.
It should be understood that although the terms first, second, third, etc. may be used herein to describe various information, these information should not be limited by these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope herein. The word "if" as used herein may be interpreted as "at … …" or "at … …" or "responsive to a determination", depending on the context. Furthermore, as used herein, the singular forms "a", "an" and "the" are intended to include the plural forms as well, unless the context indicates otherwise. It will be further understood that the terms "comprises," "comprising," "includes," and/or "including" specify the presence of stated features, steps, operations, elements, components, items, categories, and/or groups, but do not preclude the presence, presence or addition of one or more other features, steps, operations, elements, components, items, categories, and/or groups. The terms "or", "and/or", "including at least one of", and the like, as used herein, may be construed as inclusive, or mean any one or any combination. For example, "including at least one of: A. b, C "means" any one of the following: a, A is as follows; b, a step of preparing a composite material; c, performing operation; a and B; a and C; b and C; a and B and C ", again as examples," A, B or C "or" A, B and/or C "means" any of the following: a, A is as follows; b, a step of preparing a composite material; c, performing operation; a and B; a and C; b and C; a and B and C). An exception to this definition will occur only when a combination of elements, functions, steps or operations are in some way inherently mutually exclusive.
It should be understood that, although the steps in the flowcharts in the embodiments of the present application are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited in order and may be performed in other orders, unless explicitly stated herein. Moreover, at least some of the steps in the figures may include multiple sub-steps or stages that are not necessarily performed at the same time, but may be performed at different times, the order of their execution not necessarily occurring in sequence, but may be performed alternately or alternately with other steps or at least a portion of the other steps or stages.
The words "if", as used herein, may be interpreted as "at … …" or "at … …" or "in response to a determination" or "in response to a detection", depending on the context. Similarly, the phrase "if determined" or "if detected (stated condition or event)" may be interpreted as "when determined" or "in response to determination" or "when detected (stated condition or event)" or "in response to detection (stated condition or event), depending on the context.
It should be noted that, in this document, step numbers such as S1 and S2 are adopted, and the purpose of the present application is to more clearly and briefly describe the corresponding content, and not to constitute a substantial limitation on the sequence, and those skilled in the art may execute S2 first and then execute S1 when implementing the present application, which is within the scope of protection of the present application.
The operator encrypts the private data and gives an encryption result, which can contact the private data m and the specified public key B. The firewall judges the validity of the encryption result given by the operator, so that the encryption result is obtained after the operator encrypts the private data m by adopting the appointed public key B, and the firewall can only contact the appointed public key B. A schematic diagram of a specific implementation principle is shown in fig. 1.
The application aims to provide a firewall aiming at an encryption result for avoiding the situation of privacy disclosure. The operator gives a proof at the same time as the encryption result, which is truly obtained by using the specified public key, and requires:
(1) This proof does not reveal any information of the original data and the intermediate data of the encryption process,
(2) Any third party administration can verify the correctness of the proof without touching the original data, knowing only the specified public key.
Once authenticated, this means that the encryption result can be released.
As shown in fig. 2, a flowchart of an encryption process supervision method according to an embodiment of the present application may include:
s100: and encrypting the private data m by adopting the appointed public key B based on the asymmetric encryption system to obtain an encryption result.
Given an elliptic curve generator G, the private data is m, specifying the public key B.
After receiving an encryption operation instruction of an operator, the ECIES-based encryption system encrypts the private data m by adopting the appointed public key B to obtain an encryption result (R, C, T).
ECIES encryption system:
assume that there is: an elliptic curve group G, the generating element of which is P, and the order of which is q;
two hash functions H 1 (·),H 2 (·) Any input can be converted to a fixed length output and is collision resistant, i.e. it is difficult to find two different inputs so that their outputs are the same;
symmetrical encryption module Enc k (.), if the AES encryption module, the input is converted into a ciphertext output after symmetric encryption through a key k;
the private key of the encryption system is a certain random s epsilon {1, …, q-1}, the public key is b=sp, and the group operation of s times is performed on P.
Encryption process (given public key B, plaintext information m):
1. randomly selecting an integer k epsilon {1, …, q-1}, and calculating R=kp and Z=kb;
2. calculate H 1 (R, Z) and writing the result as k 1 ||k 2 Where I is a string connector, k 1 ,k 2 The length of (2) is a preset value;
3. calculation of
4. And outputting (R, C, T) as an encryption result.
S200: and generating a zero knowledge proof according to the encryption result.
Zero knowledge proof technique: assuming that the prover knows the solution of a set of equations, he can give a proof that he does know the solution of this equation, while this proof does not reveal any information of this solution.
In this embodiment, the zero knowledge proof proves that there is a solution k, k to the equation 2 Z satisfies the following equation:
R=kP;
Z=kB;
H 1 the post-preset bits of (R, Z) are k 2 ;
T=H 2 (C,k 2 );
Wherein k, k 2 Are all positive integers; p is the generator of elliptic curve group G; h 1 (·),H 2 (. Cndot.) is two hash functions.
R, P, T and C in the above equation are public data,k,k 2 z is a solution known only to the operator.
S300: and verifying the validity of the zero knowledge proof, and if the verification is passed, releasing the encryption result.
And the operator submits the encryption result (R, C, T) and the zero knowledge proof to the firewall, and the firewall verifies the validity of the zero knowledge proof based on the zero knowledge proof system after receiving the data submitted by the operator.
In this embodiment, the zero knowledge proof system may be any of a plurality of existing zero knowledge proof systems such as zk-SNARK system, and is not limited in particular.
The operator has to use the appointed public key to encrypt, thus avoiding the possibility of privacy disclosure. When an operator intentionally or unintentionally encrypts data by using an incorrect public key, the operator cannot generate a correct zero knowledge proof according to the characteristic of the zero knowledge proof, and at the moment, the verification of the zero knowledge proof cannot be passed, so that the encryption result is refused. Only when the specified public key is used for encryption, a correct zero knowledge proof can be generated and verified, and the encryption result is released.
It should be noted that the steps illustrated in the flowcharts of the figures may be performed in a computer system such as a set of computer executable instructions, and that although a logical order is illustrated in the flowcharts, in some cases the steps illustrated or described may be performed in an order other than that illustrated herein.
Based on the same inventive concept, the embodiment of the application also provides an encryption process supervision device. As shown in fig. 3, the apparatus 200 includes:
an encryption module 210, configured to encrypt the private data m with a specified public key B based on the asymmetric encryption system, to obtain an encryption result;
a generating module 220, configured to generate a zero knowledge proof according to the encryption result; the method comprises the steps of,
and the verification module 230 is configured to verify the validity of the zero-knowledge proof, and if the verification is passed, pass the encryption result.
Specifically, after receiving the encryption operation instruction of the operator, the encryption module 210 encrypts the private data m by using the specified public key B based on the ECIES encryption system, so as to obtain an encryption result (R, C, T).
ECIES encryption system:
assume that there is: an elliptic curve group G, the generating element of which is P, and the order of which is q;
two hash functions H 1 (·),H 2 (. Cndot.), any input can be converted to a fixed length output, and is collision resistant, i.e., it is difficult to find two different inputs so that their outputs are the same;
symmetrical encryption module Enc k (.), if the AES encryption module, the input is converted into a ciphertext output after symmetric encryption through a key k;
the private key of the encryption system is a certain random s epsilon {1, …, q-1}, the public key is b=sp, and the group operation of s times is performed on P.
Encryption process (given public key B, plaintext information m):
1. randomly selecting an integer k epsilon {1, …, q-1}, and calculating R=kp and Z=kb;
2. calculate H 1 (R, Z) and writing the result as k 1 ||k 2 Where I is a string connector, k 1 ,k 2 The length of (2) is a preset value;
3. calculation of
4. And outputting (R, C, T) as an encryption result.
Zero knowledge proof technique: assuming that the prover knows the solution of a set of equations, he can give a proof that he does know the solution of this equation, while this proof does not reveal any information of this solution.
In this embodiment, the zero knowledge proof proves that there is a solution k, k to the equation 2 Z satisfies the following equation:
R=kP;
Z=kB;
H 1 the post-preset bits of (R, Z) are k 2 ;
T=H 2 (C,k 2 );
Wherein k, k 2 Are all positive integers; p is the generator of elliptic curve group G; h 1 (·),H 2 (. Cndot.) is two hash functions.
The operator submits the encryption result (R, C, T) and the zero knowledge proof to the firewall, and the firewall enables the verification module 230 to verify the zero knowledge proof after receiving the data submitted by the operator. The verification module 230 verifies the validity of the zero knowledge proof based on a zero knowledge proof system.
In this embodiment, the zero knowledge proof system may be any of a plurality of existing zero knowledge proof systems such as zk-SNARK system, and is not limited in particular.
It will be apparent to those skilled in the art that the modules or steps of the application described above may be implemented in a general purpose computing device, they may be concentrated on a single computing device, or distributed across a network of computing devices, or they may alternatively be implemented in program code executable by computing devices, such that they may be stored in a memory device for execution by the computing devices, or they may be separately fabricated into individual integrated circuit modules, or multiple modules or steps within them may be fabricated into a single integrated circuit module. Thus, the present application is not limited to any specific combination of hardware and software.
Based on the same inventive concept, the embodiment of the application provides an encryption process supervision system. As shown in fig. 4, the system may include: one or more processors 101, one or more input devices 102, one or more output devices 103, and a memory 104, the processors 101, input devices 102, output devices 103, and memory 104 being interconnected by a bus 105. The memory 104 is used for storing a computer program comprising program instructions, said processor 101 being configured for invoking said program instructions for performing the method of the above-described encryption process supervision method embodiment part.
It should be appreciated that in embodiments of the present application, the processor 101 may be a central processing unit (Central Processing Unit, CPU), which may also be other general purpose processors, digital signal processors (Digital Signal Processor, DSPs), application specific integrated circuits (Application Specific Integrated Circuit, ASICs), off-the-shelf programmable gate arrays (Field-Programmable Gate Array, FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The input device 102 may include a keyboard or the like, and the output device 103 may include a display (LCD or the like), a speaker or the like.
The memory 104 may include read only memory and random access memory and provides instructions and data to the processor 101. A portion of the memory 104 may also include non-volatile random access memory. For example, the memory 104 may also store information of device type.
In a specific implementation, the processor 101, the input device 102, and the output device 103 described in the embodiments of the present application may execute the implementation described in the embodiments of the encryption process supervision method provided in the embodiments of the present application, which is not described herein again.
It should be noted that, regarding the specific workflow of the encryption process supervision system, reference may be made to the foregoing method embodiment section, and no further description is given here.
Further, an embodiment of the present application also provides a readable storage medium storing a computer program, the computer program including program instructions that when executed by a processor implement: the encryption process supervision method.
The computer readable storage medium may be an internal storage unit of the background server according to the foregoing embodiment, for example, a hard disk or a memory of the system. The computer readable storage medium may also be an external storage device of the system, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card) or the like, which are provided on the system. Further, the computer readable storage medium may also include both internal storage units and external storage devices of the system. The computer readable storage medium is used to store the computer program and other programs and data required by the system. The computer-readable storage medium may also be used to temporarily store data that has been output or is to be output.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps described in connection with the embodiments disclosed herein may be embodied in electronic hardware, in computer software, or in a combination of the two, and that the elements and steps of the examples have been generally described in terms of function in the foregoing description to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application is essentially or a part contributing to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing embodiment numbers of the present application are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
In the present application, the same or similar term concept, technical solution and/or application scenario description will be generally described in detail only when first appearing and then repeatedly appearing, and for brevity, the description will not be repeated generally, and in understanding the present application technical solution and the like, reference may be made to the previous related detailed description thereof for the same or similar term concept, technical solution and/or application scenario description and the like which are not described in detail later.
In the present application, the descriptions of the embodiments are emphasized, and the details or descriptions of the other embodiments may be referred to.
The technical features of the technical scheme of the application can be arbitrarily combined, and all possible combinations of the technical features in the above embodiment are not described for the sake of brevity, however, as long as there is no contradiction between the combinations of the technical features, the application shall be considered as the scope of the description of the application.
While the application has been described with reference to certain preferred embodiments, it will be understood by those skilled in the art that various changes and substitutions of equivalents may be made and equivalents will be apparent to those skilled in the art without departing from the scope of the application.
Claims (10)
1. An encryption process supervision method, comprising:
encrypting the private data m by adopting a specified public key B based on an asymmetric encryption system to obtain an encryption result;
generating a zero knowledge proof according to the encryption result;
and verifying the validity of the zero knowledge proof, and if the verification is passed, releasing the encryption result.
2. An encryption process supervision method according to claim 1, wherein the private data m is encrypted with a specified public key B based on the ECIES encryption system to obtain an encryption result (R, C, T).
3. An encryption process supervision method according to claim 2, wherein the zero knowledge proof proves the solution k, k of the existence equation 2 Z satisfies the following equation:
R=kP;
Z=kB;
H 1 the post-preset bits of (R, Z) are k 2 ;
T=H 2 (C,k 2 );
Wherein k, k 2 Are all positive integers; p is the generator of elliptic curve group G; h 1 (·),H 2 (. Cndot.) is two hash functions.
4. An encryption process supervision method according to claim 2, wherein the validity of the zero-knowledge proof is verified based on a zero-knowledge proof system.
5. An encryption process supervision apparatus, the apparatus comprising:
the encryption module is used for encrypting the private data m by adopting the appointed public key B based on the asymmetric encryption system to obtain an encryption result;
the generation module is used for generating a zero knowledge proof according to the encryption result; the method comprises the steps of,
and the verification module is used for verifying the validity of the zero knowledge proof, and releasing the encryption result if the verification is passed.
6. The encryption process supervision apparatus according to claim 5, wherein the encryption module encrypts the private data m with the specified public key B based on the ECIES encryption system to obtain an encryption result (R, C, T).
7. The encryption process supervision apparatus according to claim 6, wherein theThe zero knowledge proof proves that the solution k, k of the existence equation 2 Z satisfies the following equation:
R=kP;
Z=kB;
H 1 the post-preset bits of (R, Z) are k 2 ;
T=H 2 (C,k 2 );
Wherein k, k 2 Are all positive integers; p is the generator of elliptic curve group G; h 1 (·),H 2 (. Cndot.) is two hash functions.
8. The cryptographic process monitoring device of claim 7, wherein the verification module verifies the validity of the zero-knowledge proof based on a zero-knowledge proof system.
9. An encryption process supervision system comprising a processor, an input device, an output device and a memory, the processor, the input device, the output device and the memory being interconnected, wherein the memory is adapted to store a computer program comprising program instructions, the processor being configured to invoke the program instructions to perform the method according to any of the claims 1-4.
10. A computer readable storage medium, characterized in that the computer readable storage medium stores a computer program comprising program instructions which, when executed by a processor, cause the processor to perform the method of any of claims 1-4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310346507.1A CN116633548A (en) | 2023-04-03 | 2023-04-03 | Encryption process supervision method, device, system and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310346507.1A CN116633548A (en) | 2023-04-03 | 2023-04-03 | Encryption process supervision method, device, system and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116633548A true CN116633548A (en) | 2023-08-22 |
Family
ID=87590855
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310346507.1A Pending CN116633548A (en) | 2023-04-03 | 2023-04-03 | Encryption process supervision method, device, system and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116633548A (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110419055A (en) * | 2018-11-07 | 2019-11-05 | 阿里巴巴集团控股有限公司 | Block chain data protection based on the account bill model using zero-knowledge proof |
| WO2021046668A1 (en) * | 2019-09-09 | 2021-03-18 | 深圳市网心科技有限公司 | Blockchain system, information transmission method, system and apparatus, and computer medium |
| CN113034135A (en) * | 2021-02-08 | 2021-06-25 | 中国工商银行股份有限公司 | Block chain-based information processing method, apparatus, device, medium, and product |
| CN113271209A (en) * | 2021-04-21 | 2021-08-17 | 山东大学 | Trustable public key encryption system and method based on non-interactive zero-knowledge proof |
| CN114244534A (en) * | 2021-12-21 | 2022-03-25 | 杭州趣链科技有限公司 | Data storage method, device, equipment and storage medium |
-
2023
- 2023-04-03 CN CN202310346507.1A patent/CN116633548A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110419055A (en) * | 2018-11-07 | 2019-11-05 | 阿里巴巴集团控股有限公司 | Block chain data protection based on the account bill model using zero-knowledge proof |
| WO2021046668A1 (en) * | 2019-09-09 | 2021-03-18 | 深圳市网心科技有限公司 | Blockchain system, information transmission method, system and apparatus, and computer medium |
| CN113034135A (en) * | 2021-02-08 | 2021-06-25 | 中国工商银行股份有限公司 | Block chain-based information processing method, apparatus, device, medium, and product |
| CN113271209A (en) * | 2021-04-21 | 2021-08-17 | 山东大学 | Trustable public key encryption system and method based on non-interactive zero-knowledge proof |
| CN114244534A (en) * | 2021-12-21 | 2022-03-25 | 杭州趣链科技有限公司 | Data storage method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109274503B (en) | Distributed collaborative signature method, distributed collaborative signature device and soft shield system | |
| US11895231B2 (en) | Adaptive attack resistant distributed symmetric encryption | |
| CN110855631B (en) | Method, system and storage medium for verifying supervision-capable zero knowledge in block chain | |
| CN106161034B (en) | RSA decryption using multiplicative secret sharing | |
| US7574596B2 (en) | Cryptographic method and apparatus | |
| EP3732821B1 (en) | Secure provisioning of keys | |
| US10805090B1 (en) | Address whitelisting using public/private keys and ring signature | |
| US20230246825A1 (en) | Generating secret shares | |
| TW201521411A (en) | Block encryption apparatus, block encryption method, block decryption apparatus, and block decryption method having integrity verification | |
| US20230224147A1 (en) | Generating shared private keys | |
| US20160149708A1 (en) | Electronic signature system | |
| US20130212391A1 (en) | Elliptic curve cryptographic signature | |
| KR20090008162A (en) | An apparatus and method for direct anonymous attestation from bilinear maps | |
| ALmarwani et al. | An effective, secure and efficient tagging method for integrity protection of outsourced data in a public cloud storage | |
| KR102157695B1 (en) | Method for Establishing Anonymous Digital Identity | |
| US11356427B1 (en) | Signcrypted envelope message | |
| GB2401013A (en) | Cryptographic Method and Apparatus | |
| US20190089543A1 (en) | FAULT ATTACKS COUNTER-MEASURES FOR EdDSA | |
| CN116633548A (en) | Encryption process supervision method, device, system and storage medium | |
| JP4748663B2 (en) | Secret calculation method and system, and program | |
| CN114826653B (en) | Credential verification method, system, device, equipment and storage medium based on blockchain network | |
| CN115134093B (en) | Digital signature method and computing device | |
| US20230085577A1 (en) | Secured performance of an elliptic curve cryptographic process | |
| US20220385481A1 (en) | Certificate-based multi-factor authentication | |
| Matyas | Privacy-friendly Monero transaction signing on a hardware wallet, extended version |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |