CN117236954A - One-time modification editable blockchain system based on condition limitation and working method - Google Patents
One-time modification editable blockchain system based on condition limitation and working method Download PDFInfo
- Publication number
- CN117236954A CN117236954A CN202310529997.9A CN202310529997A CN117236954A CN 117236954 A CN117236954 A CN 117236954A CN 202310529997 A CN202310529997 A CN 202310529997A CN 117236954 A CN117236954 A CN 117236954A
- Authority
- CN
- China
- Prior art keywords
- transaction
- modifier
- blockchain
- user
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012986 modification Methods 0.000 title claims abstract description 70
- 230000004048 modification Effects 0.000 title claims abstract description 64
- 238000000034 method Methods 0.000 title claims abstract description 37
- 239000003607 modifier Substances 0.000 claims abstract description 168
- 238000012795 verification Methods 0.000 claims abstract description 50
- 238000013475 authorization Methods 0.000 claims abstract description 24
- 238000000605 extraction Methods 0.000 claims description 11
- 230000003044 adaptive effect Effects 0.000 claims description 10
- 241000347391 Umbrina cirrosa Species 0.000 abstract 1
- 241000122205 Chamaeleonidae Species 0.000 description 15
- 238000005516 engineering process Methods 0.000 description 12
- 238000010586 diagram Methods 0.000 description 6
- 238000004519 manufacturing process Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 1
- 230000009956 central mechanism Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 238000012394 real-time manufacturing Methods 0.000 description 1
- 239000004575 stone Substances 0.000 description 1
- 238000003860 storage Methods 0.000 description 1
- 201000009032 substance abuse Diseases 0.000 description 1
Abstract
The invention relates to the technical field of blockchains, in particular to a one-time modification editable blockchain system based on condition limitation and a working method thereof, wherein the system comprises an authentication mechanism, a user, a modifier and a blockchain user; the authentication mechanism initializes the system parameters of the CORB and broadcasts the related parameters of the system to other parties; after receiving the request of the authorization key of the modifier, the certification authority checks the signature of the deposit of the modifier and issues the authorization key for the modifier; the user allows two types of transactions to be issued on the chain; the modifier is a chain participant who is issued modification privileges by the certification authority; the modifier must pay a certain amount of deposit when obtaining the modification privilege, if the transaction after modification passes verification, the deposit of the modifier will be returned; the blockchain user validates the transaction and adds the validated transaction to the global public ledger. The invention can limit the malicious modification of transaction contents by a modifier and the malicious authorization of an authorization mechanism.
Description
Technical Field
The invention relates to the technical field of blockchains, in particular to a one-time modification editable blockchain system based on condition limitation and a working method.
Background
The blockchain technology is applied to the Internet of things, so that not only can the transaction in the Internet of things be protected, but also the deployment of the blockchain can eliminate a central mechanism in the Internet of things. A learner designs a new consensus algorithm for attack problems encountered by a blockchain technology in the application of the internet of things by utilizing a cryptography tool. The authors not only select a proper method to quantify the security protection level of the consensus algorithm, but also prove the superiority of the novel consensus algorithm in terms of security and expandability through a large number of experimental evaluations. Intelligent manufacturing is part of a smart city entity, and the intelligent manufacturing and the smart city entity cooperate by using technical information, so that the process is more efficient. The learner designs a universal configurable blockchain intelligent manufacturing system by utilizing the characteristics of blockchain distrust. With this system, it is possible to agree to handle complex manufacturing structures. Meanwhile, authors solve the problems of efficiency and delay of the blockchain in the real-time manufacturing process by making optimization of block size, task scheduling and the like.
Because of the decentralization, transparency, non-tamper-ability and other characteristics of the blockchain, the blockchain technology has great deployment potential in the operation management of the supply chain. Any data in the blockchain-based supply chain system cannot be changed, so that dynamic connection between network stakeholders can be realized, and the threat of security and fraud is reduced.
The blockchain technology is applied to digital asset transaction, and can solve the problems of tampering, counterfeiting, profit distribution and the like in the digital content transaction environment. Aiming at the problems of difficult transmission of digital content, limited capacity, privacy disclosure and the like in digital asset transaction of a blockchain technology, a learner proposes a blockchain based on a secret block. The proposal of the blockchain can solve the problems of privacy and storage capacity limitation of the current blockchain technology in digital asset transaction. Authors propose a weight-based consensus algorithm in this context for environments where authenticated and non-authenticated users coexist to achieve reliable consensus.
Therefore, the blockchain technology has a considerable application prospect in various industries. In particular, the blockchain is a novel database integrated by a plurality of technologies such as a distributed network, encryption technology, intelligent contracts and the like, and the ecological environment of the blockchain system is orderly. In short, a blockchain is a distributed ledger that is non-tamperable and non-counterfeitable by combining data blocks in a sequential manner using hash functions by each node in time order. The data block contains specific contents of each transaction and various auxiliary information. The non-tamperability is used as one of the basic attributes of the blockchain, ensures that the transaction added to the history block cannot be tampered, and is a base stone for ensuring the security of the blockchain. Because any modification to a block affects the associated block and all subsequent blocks. Therefore, the blocks that are confirmed by the subsequent series of blocks cannot be tampered with. However, non-tamperability has become an important impediment to the development of blockchain technology due to the diverse needs of real-world applications and the regulations of related laws.
For example, one uses the non-tamper-ability of blockchain technology to propagate inappropriate content on blockchains. If a block on a chain contains illegal content, the chain participant may inadvertently become a distributor of the illegal content by failing to identify the legitimacy of the transaction content. If the chain participant can identify, then there is concern that it is imperative to have illegal content and refuse to participate in and download the chain.
The data owner has the right to delete his own privacy information from the internet or from the search engine to protect his own privacy from being violated. However, the non-tampering of the blockchain prevents messages that have been added to the blockchain from being modified or deleted, a feature that violates the "forgotten rights" of the data laws. Inevitably, various legal ramifications and incompatibilities arise between blockchain technology and data protection regulations. It is therefore necessary to edit the blockchain information in a controlled manner.
Disclosure of Invention
The present disclosure is directed to a one-time-modification editable blockchain system and method of operation that overcomes some or all of the shortcomings of the prior art.
A condition constraint based one time modification editable blockchain system in accordance with the invention includes a certification authority, a user, a modifier and a blockchain user;
certification authority initializing one-time-modification editable blockchain based on conditional restrictionsBroadcasting the related parameters of the system to other parties; after receiving the request of the authorization key of the modifier, the certification authority checks the signature of the deposit of the modifier and issues the authorization key for the modifier;
the user allows two types of transactions to be issued on the chain, one being an immutable transaction that cannot be modified; one is a variable transaction that may be modified by an authorized modifier;
the modifier is a chain participant who is issued modification privileges by the certification authority; the modifier must pay a certain amount of deposit when obtaining the modification privilege, if the transaction after modification passes verification, the deposit of the modifier will be returned; if the modifier is found to maliciously modify the transaction content, the modifier loses own deposit;
the blockchain user validates the transaction and adds the validated transaction to the global public ledger where the blocks are held by the blockchain user and connected end-to-end to form a chain.
Preferably, the one-time modification editable blockchain based on conditional restrictionsThe following eight algorithms are included:
1)the probability setting algorithm is run by the certification authority; with a security parameter->For input, a public parameter pp is output, a master public private key pair (msk, mpk), wherein msk is the master private key and mpk is the master public key; the public parameter pp and the master public key mpk in the algorithm are implicit inputs to other algorithms;
2)a probabilistic user setting algorithm is run by each user; with the public parameter pp as input, the public-private key pair (sk u ,pk u ) Wherein sk is u Is the private key, pk of the user u Is the public key of the user;
3)a probabilistic modifier setting algorithm is run by each modifier; with the public parameter pp as input, the public-private key pair (sk) of the modifier is output m ,pk m ) Wherein sk is m Is the private key of the modifier, pk m Is the public key of the modifier;
4)the probability modifier authorizes the key generation algorithm to run by the certification authority; modifier public key pk with master public key msk m And attribute set S as inputs, outputting a modifier authorization key mak;
5)the probability hash algorithm is run by each user; with the master public key mpk, the user private key sk u One comprising a transaction tag tau, transaction content tx τ Revise the control rule ADM and the related message describing desc, an access structure +.>As input; outputting hash value h, random value r and signature sigma τ The method comprises the steps of carrying out a first treatment on the surface of the Wherein ADM is transaction content tx τ The collective case of the subsets that can be modified is referred to as revising the control rules; and desc is an explanation and description given by the user of how the ADM is modified;
6)the probabilistic adaptive algorithm is run by the modifier; with the master public key mpk, modifier private key sk m One comprising a transaction tag tau, transaction content tx τ Revising the control rule ADM and the related message describing desc, hash value h, random value r, signature sigma τ And another one including transaction tag tau, transaction content tx τ ' revise the message of the control rule ADM and the associated description desc as input; outputting another random value r' and signature sigma τ ′;
7)The deterministic verification algorithm is run by the chain participants; transaction content tx is transacted with master public key mpk, public key pk, one containing transaction tag τ τ Revising the control rule ADM and the related message describing desc, hash value h, random value r and signature sigma τ As input; outputting a decision bit b, wherein b is {0,1}; if b=0, the transaction verification fails; if b=1, the transaction verification is successful; the public keys here fall into two categories: if the transaction is not modified, the public key is pk u The method comprises the steps of carrying out a first treatment on the surface of the If the transaction has been modified, the public key is (pk u ,pk m ,mak);
8) The deterministic extraction algorithm is run by CA; it uses the public key pk of modifier m A transaction content tx containing transaction tag tau τ Revising the control rule ADM and the related message describing desc, another one comprising a transaction tag tau', transaction content tx τ 'the message and two signatures (στ, στ') of the control rule ADM and the associated description desc are revised as inputs; output modifier's signature private key sk m 。
The invention provides a working method of a one-time modification editable blockchain system based on condition limitation, which adopts the one-time modification editable blockchain system based on condition limitation and comprises the following steps:
1. initializing a system;
2. generating a transaction;
3. variable transaction modification;
4. transaction verification, signing key extraction, and malicious punishment.
Preferably, in the first step, the system initialization includes: initializing system parameters, initializing user parameters and initializing modifier parameters;
initializing system parameters: CA by operationThe algorithm generates a public parameter pp and a main public key mpk, and broadcasts pp and mpk to other parties on the chain;
initializing user parameters: after each user receives the public parameters pp and the master public key mpk from the CA, a modifier setting algorithm is runGenerates own public-private key pair (sk) u ,pk u );
Modifier parameter initialization: each modifier runs the modifier setting algorithm after receiving the public parameter pp and the master public key mpk from the CAGenerates own public-private key pair (sk) m ,pk m ) The method comprises the steps of carrying out a first treatment on the surface of the The modifier then submits a signature sk using the modifier's private key m A subsequent deposit; if the modifier has malicious modification or more than one modification, the deposit can be extracted using the private keys of the CA and the modifier; then, the modifier will use its own public key pk m Sending to CA; CA specifies the modifier' S property set S and runs the modifier authorization key generation algorithm +.>A modifier authorization key mak is generated to the modifier.
Preferably, in the second step, the transaction generation includes an invariable transaction generation and a variable transaction generation;
immutable transaction generation: the user allows for the generation of immutable transactions in the traditional blockchain; user use of selfPrivate key sk u And conventional hash functions to generate transaction tx and signature σ tx And the public key pk of the user is used for u Transaction tx and signature sigma tx Broadcast to a blockchain system;
variable transaction generation: the user allowing the generation of variable transactions, i.e. the user running a hash algorithmGenerating a hash value h, a random value r and a signature sigma τ The method comprises the steps of carrying out a first treatment on the surface of the Then, the user will public key pk u Transactions (tau, tx) with tags tau τ ADM, desc) and signature (h, r, sigma τ ) Broadcast to the blockchain system.
Preferably, in step three, the variable transaction modification is a variable transaction rewrite: when the transaction modifier receives a variable transaction modification request, the authorized modifier checks whether the own set of attributes S satisfies the access structureIf the property set S satisfies the access structure +.>The modifier runs an adaptive algorithmGenerating a random value r' and signature sigma τ 'A'; then, the modifier will public key pk= (pk u ,pk m Mak), with tag τ and transaction after modification (τ, tx) τ 'ADM, desc) and signature (h, r', sigma τ ') to the blockchain system.
Preferably, in the fourth step, the transaction verification includes an invariable transaction verification, a variable transaction verification, and a transaction overwriting verification;
the immutable transaction validates as: the blockchain user receives a public key as pk u Transaction content tx and transaction signature sigma tx After the immutable transaction, a conventional immutable blockchain verification algorithm is run to verify the signature σ tx The method comprises the steps of carrying out a first treatment on the surface of the If the algorithm output is 1, the blockchain user adds the transactionAdded to the blockchain; otherwise, the blockchain user refuses to add the transaction;
variable transaction verification: the blockchain user receives a public key as pk u Trade is (τ, tx τ ADM, desc) and signature (h, r, sigma) τ ) After a variable transaction of (a), runIs (are) verification algorithmValidating the variable transaction; if the algorithm output is 1, the blockchain user adds the transaction to the blockchain; otherwise, the blockchain user refuses to add the transaction;
transaction overwrite verification: the blockchain user receives a public key (pk u ,pk m Mak), trade is (τ, tx τ 'ADM, desc) and signed (h, r', sigma) τ ') after the overwrite transaction, runIs (are) verification algorithmVerifying the overwrite transaction; if the algorithm output result is 1, the blockchain user adds the overwrite transaction to the blockchain; otherwise, the blockchain user refuses to add the overwrite transaction.
Preferably, in the fourth step, the signing key is extracted: if an authorized modifier occurs that violates a user-given revision control rule ADM or there is more than one modification, the blockchain user operates the key extraction algorithmObtaining a modifier's signing key sk m The method comprises the steps of carrying out a first treatment on the surface of the The blockchain user then obtains the signing key sk m And its own public key pk miner To the CA.
Preferably, in the fourth step, malicious penalty: the CA receives the signing key sk of the malicious modifier m And blockchain user publicKey pk miner Thereafter, the private key sk itself is used CA And private key sk of malicious modifier m Obtaining a transaction of the modifier deposit; the CA then distributes the resulting partial deposit to blockchain users as a reward.
The present invention introduces revision control rules to limit the modifier from making modifications at will. The user specifies transaction content that the modifier can modify when issuing the transaction, i.e., introduces revision control rules to limit the transaction content that the modifier can rewrite. The modifier can only modify the content in the revision control rules when modifying, and the content outside the revision control rules is not allowed to be modified.
The invention grants the modifier any number of modification rights through the one-time chameleon hash prohibiting authority. The modification authority of the modifier is granted by an authority (CA), and the authority has the option of granting the modifier the number of modification times, so that the modifier abuses the modification. Therefore, the invention uses the one-time chameleon hash to enable the authority to grant the modifier the right of one-time modification. If the modifier modifies more than once or does not modify according to the associated description of the revised control rules, the deposit of the modifier is extracted as a penalty for its malicious behaviour.
Drawings
FIG. 1 is a schematic diagram of a one-time-modification editable blockchain system based on conditional constraints in an embodiment;
FIG. 2 is an embodiment ofIs a system initialization schematic of (1);
FIG. 3 is an embodiment ofA transaction-generated schematic of (a);
FIG. 4 is a schematic diagram of a variable transaction modification in an embodiment;
FIG. 5 is a schematic diagram of an immutable transaction verification in an embodiment;
FIG. 6 is a schematic diagram of variable transaction verification in an embodiment;
FIG. 7 is a schematic diagram of variable transaction overwrite verification in an embodiment;
FIG. 8 is a diagram illustrating malicious punishment in an embodiment.
Detailed Description
For a further understanding of the present invention, the present invention will be described in detail with reference to the drawings and examples. It is to be understood that the examples are illustrative of the present invention and are not intended to be limiting.
Examples
Preliminary knowledge
A comment
Order theRepresenting a set of all natural numbers. We use the greek letter λ to represent the security parameter and use capital letters, e.g. a, B, to represent the algorithm. If not stated otherwise, all algorithms need to run within a Probabilistic Polynomial Time (PPT), i.e., the run time is determined by the polynomials in their input lengths. In addition, a special symbol is returned when the algorithm is wrong. If a is a probabilistic algorithm, y++a (x, r) represents x and a random value r as inputs to a, and the output result y is calculated. Let us assume 1 λ Is an implicit input to all algorithms. For function->If->We call->Can be ignored.
B access structure
Order theRepresenting attribute fields. A non-empty set->Is->An access structure on。/>Is called an authorization set, not +.>Is referred to as an unlicensed set. />Is said to be monotonous if +.>If->Andthen->
C digital signature
Having message spacesDigital signature of->Comprises four algorithms
With a security parameter->For input, a common parameter pp is output, wherein the common parameter pp is an implicit input to the other three algorithms.
With the common parameter pp as input, output a signatureName key pair (pk, sk). Where pk is the public key and sk is the private signature key.
With private key sk and a message +.>As input, a signature σ is output.
With public key pk, a signature sigma and message +.>As input, a decision bit b e 0,1 is output. If b=0, the verification fails; if b=1, the verification is successful.
The correctness requirements of digital signatures are for all security parametersFor all common parametersFor all->For all messages +.>We have->
EUF-CMA security: the digitally signed EUF-CMA security is based on the following experiment:
d primary chameleon Hash one-time chameleon Hash function
Having message spacesThe primary chameleon Hash consists of the following five algorithms { CH_setup, CH_KeyGen, CH_hash, CH_verify, CH_Adapt }:
CH_Setup(1 λ ) By a security parameterFor input, a common parameter pp is output, where pp is an implicit input to the other four algorithms.
CH_KeyGen (pp) → (sk, pk) takes the public parameter pp as input, and outputs the public-private key pair (sk, pk). Where sk is the trapdoor private key and pk is the public key.
CH_Hash (pk, τ, m) → (h, r): with public key pk, tag τ and messageAs inputs, a q hash value h and a random value r are output.
CH_verify (pk, τ, m, h, r) →b with public key pk, tag τ, messageThe hash value h and the random value r are taken as outputs, and a decision bit b epsilon {0,1}. If b=0, the verification fails; if b=1, the verification passes.
CH_Adapt (sk, τ, m, m ', h, r) →r' inputs private key sk, tag τ, messageMessage->The hash value h and the random value r output another random value r'.
The correctness requirement of the one-time chameleon hash is that for all security parametersFor all common parameters pp≡ch_setup (1 λ ) For all (sk, pk) ≡CH_KeyGen (pp), for all messages +.>For all (h, r) ≡chet_hash (pk, τ, m), for all r '≡ch_adapt (sk, τ, m, m', h, r), we have ch_verify (pk, τ, m, h, r) =1 ∈ch_verify (pk, τ, m ', h, r')=1.
The primary chameleon hash ensures the safety by the following two properties.
Property 1: for any adversaryThe probability Pr ((ch_verify (pk, τ, h, m ', r')=1)/(ch_verify (pk, τ, h, m, r) =1)/(m+.m ')Λ (τ, m, m')) of success is negligible. In other words, it is not feasible to calculate a new collision for any tag for which the collision has arrived once.
Property 2: enemy with probability polynomial time of existenceThe input comprises a triple collision, i.e. (tau) 1 ,h 1 ,m 1,1 ,r 1,1 ,m 1,2 ,r 1,2 ,m 1,3 ,r 1,3 ) Satisfy m 1,1 ,m 1,2 ,m 1,3 Are different from each other and CH_Verify (pk, τ) 1 ,h 1 ,m 1,j ,r 1,j ) =1, j=1, 2,3, a double collision, i.e. (τ 2 ,h 2 ,m 2,1 ,r 2,1 ,m 2,2 ,r 2,2 ) Satisfy m 2,1 ≠m 2,2 And CH_verify (pk, τ) 2 ,h 2 ,m 2,j ,r 2,j ) =1, j=1, 2 and m 2,1 And m 2,2 Different target messages m 2,3 ,/>Successful output r 2,3 Probability Pr ((CH_verify (pk, τ) 2 ,h 2 ,m 2,3 ,r 2,3 ) =1), i.e. (τ) 2 ,h 2 ,m 2,1 ,r 2,1 ,m 2,2 ,r 2,2 ,m 2,3 ,r 2,3 ) The probability of a triple collision is not negligible. In other words, once three messages under a certain tag collide with one hash value, i.e., the collision under the tag exceeds one time, it is possible to calculate a new collision for any tag for which the collision reaches one time.
E anti-collision hash
A hash function satisfying the following properties is called a collision-resistant hash function.
Adversary for all probability polynomial timeProbability of successfully finding a collision-> Is negligible.
One-time modification editable blockchain based on conditional restrictions
As shown in FIG. 1, the present embodiment provides a one-time-modification editable blockchain system based on conditional restrictions, including a certification authority, a user, a modifier, and a blockchain user;
certification authority (authority CA) initializing one-time-modification editable blockchain based on conditional restrictionsBroadcasting the related parameters of the system to other parties; after receiving the request of the authorization key of the modifier, the certification authority checks the signature of the deposit of the modifier and issues the authorization key for the modifier;
the user allows two types of transactions to be issued on the chain, one being an immutable transaction that cannot be modified; one is a variable transaction that may be modified by an authorized modifier;
the modifier is a chain participant who is issued modification privileges by the certification authority; the modifier must pay a certain amount of deposit when obtaining the modification privilege, if the transaction after modification passes verification, the deposit of the modifier will be returned; if the modifier is found to maliciously modify the transaction content, the modifier loses own deposit;
the blockchain user validates the transaction and adds the validated transaction to the global public ledger where the blocks are held by the blockchain user and connected end-to-end to form a chain.
One-time modification editable blockchain based on conditional restrictionsThe following eight algorithms are included:
1)the probability setting algorithm is run by the certification authority; with a security parameter->For input, a public parameter pp is output, a master public private key pair (msk, mpk), wherein msk is the master private key and mpk is the master public key; the public parameter pp and the master public key mpk in the algorithm are implicit inputs to other algorithms;
2)a probabilistic user setting algorithm is run by each user; with the public parameter pp as input, the public-private key pair (sk u ,pk u ) Wherein sk is u Is the private key, pk of the user u Is the public key of the user;
3)a probabilistic modifier setting algorithm is run by each modifier; with the public parameter pp as input, the public-private key pair (sk) of the modifier is output m ,pk m ) Wherein sk is m Is the private key of the modifier, pk m Is the public key of the modifier;
4)the probability modifier authorizes the key generation algorithm to run by the certification authority; modifier public key pk with master public key msk m And attribute set S as inputs, outputting a modifier authorization key mak;
5)the probability hash algorithm is run by each user; with the master public key mpk, the user private key sk u One comprising a transaction tag tau, transaction content tx τ Revise the control rule ADM and the related message describing desc, an access structure +.>As input; outputting hash value h, random value r and signature sigma τ The method comprises the steps of carrying out a first treatment on the surface of the Wherein ADM is transaction content tx τ The collective case of the subsets that can be modified is referred to as revising the control rules; and desc is an explanation and description given by the user of how the ADM is modified;
6)the probabilistic adaptive algorithm is run by the modifier; the probabilistic adaptive algorithm is run by the modifier; with the master public key mpk, modifier private key sk m One comprising a transaction tag tau, transaction content tx τ Revising the control rule ADM and the related message describing desc, hash value h, random value r, signature sigma τ And another one including transaction tag tau, transaction content tx τ ' revise the message of the control rule ADM and the associated description desc as input; outputting another random value r' and signature sigma τ ′;
7)The deterministic verification algorithm is run by the chain participants; transaction content tx is transacted with master public key mpk, public key pk, one containing transaction tag τ τ Revise control rule ADM and related message describing desc, hash value h, randomValue r and signature sigma τ As input; outputting a decision bit b, wherein b is {0,1}; if b=0, the transaction verification fails; if b=1, the transaction verification is successful; the public keys here fall into two categories: if the transaction is not modified, the public key is pk u The method comprises the steps of carrying out a first treatment on the surface of the If the transaction has been modified, the public key is (pk u ,pk m ,mak);
8) The deterministic extraction algorithm is run by CA; it uses the public key pk of modifier m A transaction content tx containing transaction tag tau τ Revising the control rule ADM and the related message describing desc, another one comprising a transaction tag tau', transaction content tx τ ' revision control rules ADM and related messages describing desc and two signatures (sigma τ ,σ τ ') as input; output modifier's signature private key sk m 。
A method of operating a condition-based one-time-modification-editable blockchain system employing the condition-based one-time-modification-editable blockchain system described above, comprising the steps of:
1. initializing a system;
2. generating a transaction;
3. variable transaction modification;
4. transaction verification, signing key extraction, and malicious punishment.
As shown in fig. 2, the system initialization includes: initializing system parameters, initializing user parameters and initializing modifier parameters;
initializing system parameters: CA by operationThe algorithm generates a public parameter pp and a main public key mpk, and broadcasts pp and mpk to other parties on the chain;
initializing user parameters: each user receives the public parameter pp and the master public key from the CAAfter mpk, run modifier setting algorithmGenerates own public-private key pair (sk) u ,pk u );
Modifier parameter initialization: each modifier runs the modifier setting algorithm after receiving the public parameter pp and the master public key mpk from the CAGenerates own public-private key pair (sk) m ,pk m ) The method comprises the steps of carrying out a first treatment on the surface of the The modifier then submits a signature sk using the modifier's private key m A subsequent deposit; if the modifier has malicious modification or more than one modification, the deposit can be extracted using the private keys of the CA and the modifier; then, the modifier will use its own public key pk m Sending to CA; CA specifies the modifier' S property set S and runs the modifier authorization key generation algorithm +.>A modifier authorization key mak is generated to the modifier.
As shown in fig. 3, the transaction generation includes both an immutable transaction generation and a variable transaction generation;
immutable transaction generation: the user allows for the generation of immutable transactions in the traditional blockchain; the user uses his own private key sk u And conventional hash functions to generate transaction tx and signature σ tx And the public key pk of the user is used for u Transaction tx and signature sigma tx Broadcast to a blockchain system;
variable transaction generation: the user allowing the generation of variable transactions, i.e. the user running a hash algorithmGenerating a hash value h, a random value r and a signature sigma τ The method comprises the steps of carrying out a first treatment on the surface of the Then, the user will public key pk u Transactions (tau, tx) with tags tau τ ADM, desc) and signature (h, r, sigma τ ) Broadcast to the blockchain system.
As shown in fig. 4, the variable transaction modification, i.e., variable transaction overwriting: when crossingAfter the easy modifier receives a variable transaction modification request, the authorized modifier checks whether the own attribute set S satisfies the access structureIf the property set S satisfies the access structure +.>The modifier runs an adaptive algorithmGenerating a random value r' and signature sigma τ 'A'; then, the modifier will public key pk= (pk u ,pk m Mak), with tag τ and transaction after modification (τ, tx) τ 'ADM, desc) and signature (h, r', sigma ′ τ') is broadcast to the blockchain system.
Transaction verification includes invariable transaction verification, variable transaction verification, and transaction overwriting verification;
as shown in fig. 5, the immutable transaction validates as: the blockchain user receives a public key as pk u Transaction content tx and transaction signature sigma tx After the immutable transaction, a conventional immutable blockchain verification algorithm is run to verify the signature σ tx The method comprises the steps of carrying out a first treatment on the surface of the If the algorithm output is 1, the blockchain user adds the transaction to the blockchain; otherwise, the blockchain user refuses to add the transaction;
as shown in fig. 6, variable transaction verification: the blockchain user receives a public key as pk u Trade is (τ, tx τ ADM, desc) and signature (h, r, sigma) τ ) After a variable transaction of (a), runIs (are) verification algorithmValidating the variable transaction; if the algorithm output is 1, the blockchain user adds the transaction to the blockchain; otherwise, the blockchain user refuses to add the transaction;
as shown in FIG. 7Transaction overwrite verification: the blockchain user receives a public key (pk u ,pk m Mak), trade is (τ, tx τ 'ADM, desc) and signed (h, r', sigma) τ ') after the overwrite transaction, runIs (are) verification algorithmVerifying the overwrite transaction; if the algorithm output result is 1, the blockchain user adds the overwrite transaction to the blockchain; otherwise, the blockchain user refuses to add the overwrite transaction.
As shown in fig. 8, signing key extraction: if an authorized modifier occurs that violates a user-given revision control rule ADM or there is more than one modification, the blockchain user operates the key extraction algorithmObtaining a modifier's signing key sk m The method comprises the steps of carrying out a first treatment on the surface of the The blockchain user then obtains the signing key sk m And its own public key pk miner To the CA.
Malicious punishment: the CA receives the signing key sk of the malicious modifier m And blockchain user public key pk miner Thereafter, the private key sk itself is used CA And private key sk of malicious modifier m Obtaining a transaction of the modifier deposit; the CA then distributes the resulting partial deposit to blockchain users as a reward.
Threat Model
In our threat model we assume that the authority (CA) is fully trusted, i.e. the CA is honest. In a blockchain system, the number of modifiers is only a small fraction. Therefore, we assume that the modifier and blockchain user are mostly honest. However, there are a small fraction of dishonest modifiers and blockchain users in the system. They will launch collusion attacks together, i.e. they will either rewrite unauthorized transactions without the authorization key or make more than one modification without any penalty. In our solution, modifications made by unauthorized users cannot be verified. Thus, the private key of the CA is kept secret, and our solution is secure. We give the user the right to edit the transaction by digital signing by an authority, and unauthorized users cannot effectively edit the transaction. Thus, the security of our solution relies on the security of the underlying digital full name. We give here a formal proof of the security of the scheme EUF-CMA as follows:
make modifier predict asThe modifier spoilage predictor is +>The user prophetic machine isThe user spoilage predictor is +.>The modifier authorizes the key predictor to be +.>The hash predictor is->The adaptive predictor is->
Is (are) instantiated
In this scenario we use EUF-CMA secure digital signaturesAnd collision-resistant primary chameleon Hash och= { ch_setup, ch_keygen, ch_hash, ch_verify, ch_adapt } to instantiate our ∈>The specific instantiation process is as follows:
parameter initialization algorithm by running digital signatureParameter for generating digital signature->Running key generation algorithmA key pair (sk) for obtaining a digital signature ca ,pk ca ). Selecting an anti-collision primary chameleon hash function H:>parameter initialization algorithm ch_setup (1) by running one-time chameleon hash λ ) Parameter of generating once chameleon hash ≡pp ≡>Two large primes p, q of the same length are selected and n=pq is calculated. A sufficiently large prime number e is chosen, and ed=1 mod (p-1) (q-1) is calculated. Random selection->Calculate->Then, two secure hash functions are selected: h e :/>And H N :/>Running a key generation algorithm CH_KeyGen (pp) → (sk, pk) to obtain a public key pk of the primary chameleon hash ch =(N,e,X 0 ,H e ,H N ) And private key sk ch =d. The algorithm returns the common parameter +.>Master private key msk=sk ca And master public key mpk= (sk) ch ,pk ca ,pk ch ,H)。/>
User setup algorithm by running signature generation algorithmReturning to obtain private key sk of user u And public key pk u 。
Modifier setting algorithm by running digital signature key algorithmInitializing a signing key pair (sk) m ′,pk m '). Then, a random index (Choose a random exponent) is selected>And selecting a random item (randomly choosesterms)>Calculate c=g α . Returning modifier private key sk m =(sk′ m (β, r) and a public key pk m =(pk′ m ,c)。
The modifier authorization key algorithm returns t when no deposit signed by the modifier is received, otherwiseAuthority CA runs digital signature algorithmAn authorization key mak is obtained.
The Hash algorithm runs a chameleon Hash algorithm CH_Hash (pk, tau, m) to (h, r) to calculate a Hash valueAnd random value->Wherein,then, by generating a signatureDefining an access policy->Wherein our hash value h and signature σ τ Is linked by a transaction tag τ. Also, our signature σ τ Includes the revision control rules ADM and the associated description desc, but does not include the transaction specific information tx τ To prevent any party from deducing previous transaction information. The algorithm returns a hash value h, a random value r and a signature sigma τ 。
Adaptive algorithm ch_adapt (sk) is adapted by running the chameleon hash adaptive algorithm once ch ,(τ,tx τ ,ADM,desc),h,r,(τ,tx τ 'ADM, desc)), r' generates another random value:
then, through digital signature algorithmGenerating a further signature sigma τ '. The algorithm returns another random value r' and another signature sigma τ ′=(σ τ ' z), wherein>
If the transaction is not edited, i.e. r=r' and public key pk=pk u . If->The algorithm returns to 1. Otherwise, the algorithm returns 0. If the transaction is edited, i.e. r+.r' and public key pk= (pk) u ,pk m ,mak)。
If it is
The algorithm returns to 1. Otherwise, the algorithm returns 0.
If-> The key extraction algorithm returns +.>Otherwise, the algorithm returns a failure symbol.
In this embodiment we propose a one-time modification editable blockchain based on conditional restrictions, which aims to limit the malicious modification of transaction content by the modifier and the malicious authorization of the authority. We prohibit the modifier from making any modifications to the transaction content by revising the control rules and associated descriptive limits. By introducing the one-time chameleon hash function, the authority is restricted from granting the modifier rights for any number of modifications. In future work, we will consider a set of authorities to issue modification rights, thereby avoiding corruption of individual authorities.
The invention and its embodiments have been described above by way of illustration and not limitation, and the invention is illustrated in the accompanying drawings and described in the drawings in which the actual structure is not limited thereto. Therefore, if one of ordinary skill in the art is informed by this disclosure, the structural mode and the embodiments similar to the technical scheme are not creatively designed without departing from the gist of the present invention.
Claims (9)
1. A condition constraint based one-time modification editable blockchain system, characterized by: including certification authorities, users, modifiers and blockchain users;
certification authority initializing one-time-modification editable blockchain based on conditional restrictionsBroadcasting the related parameters of the system to other parties; after receiving the request of the authorization key of the modifier, the certification authority checks the signature of the deposit of the modifier and issues the authorization key for the modifier;
the user allows two types of transactions to be issued on the chain, one being an immutable transaction that cannot be modified; one is a variable transaction that may be modified by an authorized modifier;
the modifier is a chain participant who is issued modification privileges by the certification authority; the modifier must pay a certain amount of deposit when obtaining the modification privilege, if the transaction after modification passes verification, the deposit of the modifier will be returned; if the modifier is found to maliciously modify the transaction content, the modifier loses own deposit;
the blockchain user validates the transaction and adds the validated transaction to the global public ledger where the blocks are held by the blockchain user and connected end-to-end to form a chain.
2. The condition-constraint-based one-time-modification-editable blockchain system of claim 1, wherein: one-time modification editable blockchain based on conditional restrictionsThe following eight algorithms are included:
1)the probability setting algorithm is run by the certification authority; with a security parameter->For input, a public parameter pp is output, a master public private key pair (msk, mpk), wherein msk is the master private key and mpk is the master public key; the public parameter pp and the master public key mpk in the algorithm are implicit inputs to other algorithms;
2)a probabilistic user setting algorithm is run by each user; with the public parameter pp as input, the public-private key pair (sk u ,pk u ) Wherein sk is u Is the private key, pk of the user u Is the public key of the user;
3)a probabilistic modifier setting algorithm is run by each modifier; with the public parameter pp as input, the public-private key pair (sk) of the modifier is output m ,pk m ) Wherein sk is m Is the private key of the modifier, pk m Is the public key of the modifier;
4)the probability modifier authorizes the key generation algorithm to run by the certification authority; modifier public key pk with master public key msk m And attribute set S as inputs, outputting a modifier authorization key mak;
5)the probability hash algorithm is run by each user; with the master public key mpk, the user private key sk u One comprising a transaction tag tau, transaction content tx τ Revise the control rule ADM and the related message describing desc, an access structure +.>As input; outputting hash value h, random value r and signature sigma τ The method comprises the steps of carrying out a first treatment on the surface of the Wherein ADM is transaction content tx τ The collective case of the subsets that can be modified is referred to as revising the control rules; and desc is an explanation and description given by the user of how the ADM is modified;
6)the probabilistic adaptive algorithm is run by the modifier; with the master public key mpk, modifier private key sk m One comprising a transaction tag tau, transaction content tx τ Revising the control rule ADM and the related message describing desc, hash value h, random value r, signature sigma τ And another one including transaction tag tau, transaction content tx τ ' revise the message of the control rule ADM and the associated description desc as input; outputting another random value r' and signature sigma τ ′;
7)The deterministic verification algorithm is run by the chain participants; with the master public keympk, public key pk, a transaction content tx containing transaction tag τ τ Revising the control rule ADM and the related message describing desc, hash value h, random value r and signature sigma τ As input; outputting a decision bit b, wherein b is {0,1}; if b=0, the transaction verification fails; if b=1, the transaction verification is successful; the public keys here fall into two categories: if the transaction is not modified, the public key is pk u The method comprises the steps of carrying out a first treatment on the surface of the If the transaction has been modified, the public key is (pk u ,pk m ,mak);
8) The deterministic extraction algorithm is run by CA; it uses the public key pk of modifier m A transaction content tx containing transaction tag tau τ Revising the control rule ADM and the related message describing desc, another one comprising a transaction tag tau', transaction content tx τ ' revision control rules ADM and related messages describing desc and two signatures (sigma τ ,σ τ ') as input; output modifier's signature private key sk m 。
3. A method of operating an editable blockchain system based on one modification of a conditional constraint, characterized by: employing a conditional constraint based one time modification editable blockchain system as in claim 2, and comprising the steps of:
1. initializing a system;
2. generating a transaction;
3. variable transaction modification;
4. transaction verification, signing key extraction, and malicious punishment.
4. A method of operating a condition constraint based one time modification editable blockchain system as in claim 3, wherein: in step one, the system initialization includes: initializing system parameters, initializing user parameters and initializing modifier parameters;
initializing system parameters: CA by operationThe algorithm generates a public parameter pp and a main public key mpk, and broadcasts pp and mpk to other parties on the chain;
initializing user parameters: after each user receives the public parameters pp and the master public key mpk from the CA, a modifier setting algorithm is runGenerates own public-private key pair (sk) u ,pk u );
Modifier parameter initialization: each modifier runs the modifier setting algorithm after receiving the public parameter pp and the master public key mpk from the CAGenerates own public-private key pair (sk) m ,pk m ) The method comprises the steps of carrying out a first treatment on the surface of the The modifier then submits a signature sk using the modifier's private key m A subsequent deposit; if the modifier has malicious modification or more than one modification, the deposit can be extracted using the private keys of the CA and the modifier; then, the modifier will use its own public key pk m Sending to CA; CA specifies the modifier' S property set S and runs the modifier authorization key generation algorithm +.>A modifier authorization key mak is generated to the modifier.
5. The method of claim 4, wherein the operating of the one-time condition-constraint-based modifiable editable blockchain system is further characterized by: in the second step, the transaction generation comprises invariable transaction generation and variable transaction generation;
immutable transaction generation: the user allows for the generation of immutable transactions in the traditional blockchain; the user uses his own private key sk u And conventional hash functions to generate transaction tx and signature σ tx And the public key pk of the user is used for u Transaction tx and signature sigma tx Broadcast to a blockchain system;
variable transaction generation: the user allowing the generation of variable transactions, i.e. the user running a hash algorithmGenerating a hash value h, a random value r and a signature sigma τ The method comprises the steps of carrying out a first treatment on the surface of the Then, the user will public key pk u Transactions (tau, tx) with tags tau τ ADM, desc) and signature (h, r, sigma τ ) Broadcast to the blockchain system.
6. The method of claim 5, wherein the operating of the one-time condition-constraint-based modifiable editable blockchain system is further characterized by: in step three, variable transaction modification, i.e., variable transaction overwriting: when the transaction modifier receives a variable transaction modification request, the authorized modifier checks whether the own set of attributes S satisfies the access structureIf the set of attributes S satisfies the access structure A, the modifier runs an adaptive algorithmGenerating a random value r 'and signature sigma' τ The method comprises the steps of carrying out a first treatment on the surface of the Then, the modifier will public key pk= (pk u ,pk m Mak), with tag τ and transaction after modification (τ, tx) τ ' ADM, desc) and signature (h, r ', σ ' τ ) Broadcast to the blockchain system.
7. The method of operating a conditional restriction based one time modifiable editable blockchain system as in claim 6, wherein: in the fourth step, the transaction verification comprises invariable transaction verification, variable transaction verification and transaction rewriting verification;
the immutable transaction validates as: the blockchain user receives a public key as pk u Transaction content tx and transaction signature sigma tx Is not variable of (1)After the transaction, the signature σ is verified by running a conventional immutable blockchain verification algorithm tx The method comprises the steps of carrying out a first treatment on the surface of the If the algorithm output is 1, the blockchain user adds the transaction to the blockchain; otherwise, the blockchain user refuses to add the transaction;
variable transaction verification: the blockchain user receives a public key as pk u Trade is (τ, tx τ ADM, desc) and signature (h, r, sigma) τ ) After a variable transaction of (a), runIs (are) verification algorithmValidating the variable transaction; if the algorithm output is 1, the blockchain user adds the transaction to the blockchain; otherwise, the blockchain user refuses to add the transaction;
transaction overwrite verification: the blockchain user receives a public key (pk u ,pk m Mak), trade is (τ, tx τ 'ADM, desc) and signed (h, r', sigma) τ ') after the overwrite transaction, runIs (are) verification algorithmVerifying the overwrite transaction; if the algorithm output result is 1, the blockchain user adds the overwrite transaction to the blockchain; otherwise, the blockchain user refuses to add the overwrite transaction.
8. The method of operating a conditional restriction based one time modifiable editable blockchain system as in claim 7, wherein: in the fourth step, the signature key is extracted: if an authorized modifier occurs that violates a user-given revision control rule ADM or there is more than one modification, the blockchain user operates the key extraction algorithmObtaining a modifier's signing key sk m The method comprises the steps of carrying out a first treatment on the surface of the The blockchain user then obtains the signing key sk m And its own public key pk miner To the CA.
9. The method of operating a conditional restriction based one time modifiable editable blockchain system as in claim 8, wherein: in step four, malicious punishment: the CA receives the signing key sk of the malicious modifier m And blockchain user public key pk miner Thereafter, the private key sk itself is used CA And private key sk of malicious modifier m Obtaining a transaction of the modifier deposit; the CA then distributes the resulting partial deposit to blockchain users as a reward.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310529997.9A CN117236954A (en) | 2023-05-11 | 2023-05-11 | One-time modification editable blockchain system based on condition limitation and working method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310529997.9A CN117236954A (en) | 2023-05-11 | 2023-05-11 | One-time modification editable blockchain system based on condition limitation and working method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117236954A true CN117236954A (en) | 2023-12-15 |
Family
ID=89086799
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310529997.9A Pending CN117236954A (en) | 2023-05-11 | 2023-05-11 | One-time modification editable blockchain system based on condition limitation and working method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117236954A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160342978A1 (en) * | 2015-05-21 | 2016-11-24 | Mastercard International Incorporated | Method and system for integration of market exchange and issuer processing for blockchain-based transactions |
| CN111639935A (en) * | 2020-04-30 | 2020-09-08 | 南京理工大学 | Account book modification method applicable to editable block chain |
| CN113438073A (en) * | 2021-06-24 | 2021-09-24 | 福建师范大学 | Block chain compiling and correcting method based on period and supporting appointed modification times |
-
2023
- 2023-05-11 CN CN202310529997.9A patent/CN117236954A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160342978A1 (en) * | 2015-05-21 | 2016-11-24 | Mastercard International Incorporated | Method and system for integration of market exchange and issuer processing for blockchain-based transactions |
| CN111639935A (en) * | 2020-04-30 | 2020-09-08 | 南京理工大学 | Account book modification method applicable to editable block chain |
| CN113438073A (en) * | 2021-06-24 | 2021-09-24 | 福建师范大学 | Block chain compiling and correcting method based on period and supporting appointed modification times |
Non-Patent Citations (1)
| Title |
|---|
| XU S M ETC: "K-time modifiable and epoch-based redactable blockchain", TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 31 August 2021 (2021-08-31), pages 4507 - 4520, XP011876066, DOI: 10.1109/TIFS.2021.3107146 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6986519B2 (en) | Distributed transaction propagation and validation system | |
| CN110517139B (en) | Voting mechanism-based alliance block chain power sharing consensus method | |
| US20240005310A1 (en) | Implementing logic gate functionality using a blockchain | |
| CN108292395B (en) | Block chain generation device, block chain generation method, block chain verification device, block chain verification method, and computer-readable storage medium | |
| CN108352009B (en) | Block chain generation device, block chain generation method, block chain verification device, block chain verification method, and computer-readable storage medium | |
| EP3718069A1 (en) | Blockchain system for confidential and anonymous smart contracts | |
| KR20180128968A (en) | Computer-implemented method and system for verifying tokens for cryptography based on block chaining | |
| TW201732706A (en) | Registry and automated management method for blockchain-enforced smart contracts | |
| CN111639935A (en) | Account book modification method applicable to editable block chain | |
| US20230004970A1 (en) | Distributed Ledgers with Ledger Entries Containing Redactable Payloads | |
| CN108320155A (en) | A method of realizing block chain common recognition mechanism | |
| Gayvoronskaya et al. | Blockchain | |
| CN109840767A (en) | Multi-party Fair contract based on block chain technology deposits card method and system | |
| Mauri et al. | A Comparative Analysis of Current Cryptocurrencies. | |
| Lucas et al. | Consensus algorithm for a private blockchain | |
| CN116192405A (en) | Electronic voting method and related device | |
| Wang et al. | Housing rental scheme based on redactable blockchain | |
| Sel et al. | Towards solving the data availability problem for sharded ethereum | |
| Werbach | The Siren song: algorithmic governance by blockchain | |
| EP4030329A1 (en) | A blockchain transaction generation module | |
| Shen et al. | Verifiable and redactable blockchains with fully editing operations | |
| Gaikwad | Overview of blockchain | |
| CN117236954A (en) | One-time modification editable blockchain system based on condition limitation and working method | |
| KR20210073724A (en) | Smart contract-based security system and method | |
| De Troch | dPACE, a decentralized privacy-preserving, yet accountable car sharing environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |