WO2019071458A1 - Method and system for tracking user public key in cryptocurrency conditions - Google Patents

Method and system for tracking user public key in cryptocurrency conditions Download PDF

Info

Publication number
WO2019071458A1
WO2019071458A1 PCT/CN2017/105649 CN2017105649W WO2019071458A1 WO 2019071458 A1 WO2019071458 A1 WO 2019071458A1 CN 2017105649 W CN2017105649 W CN 2017105649W WO 2019071458 A1 WO2019071458 A1 WO 2019071458A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
public key
transaction
tracking
party
Prior art date
Application number
PCT/CN2017/105649
Other languages
French (fr)
Chinese (zh)
Inventor
张鹏
喻建平
任浩
申屠青春
Original Assignee
深圳大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳大学 filed Critical 深圳大学
Priority to PCT/CN2017/105649 priority Critical patent/WO2019071458A1/en
Publication of WO2019071458A1 publication Critical patent/WO2019071458A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present invention relates to domain information security technologies, and more particularly to a method and system for conditionally tracking a user's public key in a cryptocurrency.
  • Digital cryptocurrency is an application form of blockchain. It is a digital currency trading platform developed on the basis of decoupling, open source, trust, collective maintenance, and reliable data. Bitcoin is one of the most successful digital cryptocurrencies, but since all transactions are public and any transaction can be traced to its originators and recipients, Bitcoin is not traceable and due to big data analysis, The application of data mining and other technologies, the user's relevance to the transaction is easy to expose, Bitcoin does not have non-connectability.
  • the CryptoNote protocol uses a one-time public key technology to achieve non-connectability between users and transactions, and uses one-time ring signature technology to achieve untrackability of transactions.
  • the cryptocurrency based on CryptoNote protocol is easy to become a hotbed of criminal activities such as money laundering and extortion.
  • the main object of the present invention is to provide a method and system for conditionally tracking a user's public key in a cryptocurrency, aiming at solving the problem of money laundering, extortion, etc. due to lack of effective supervision when using a one-time public key transaction in the prior art.
  • a first aspect of the present invention provides a method for conditionally tracking a user's public key in a cryptocurrency, the method comprising:
  • the sender client obtains the receiver public key and the tracking party public key respectively, and calculates the target key and the transaction key according to the sender private key selected by the sender, the receiver public key, and the tracking party public key, and attaches Disclosed in the transaction, the recipient public key includes a first public key and a second public key, and the first public key is obtained based on a point on a predefined elliptic curve and a recipient private key selected by the receiver;
  • the tracking party client obtains the target key and the transaction key, and recovers the location of the recipient public key according to the target key, the transaction key, and the tracking party private key selected by the tracking party.
  • the first public key is described, so that the tracking party client uses the first public key obtained by the recovery to achieve tracking of the transaction destination.
  • a second aspect of the present invention provides a system for conditionally tracking a user's public key in a cryptocurrency, the system comprising:
  • the sender client is configured to obtain the receiver public key and the tracking party public key respectively, and calculate the target key and the transaction secret according to the sender private key selected by the sender, the receiver public key, and the tracking party public key.
  • the key is additionally disclosed in the transaction, the recipient public key includes a first public key and a second public key, the first public key being a point based on a predefined elliptic curve and a recipient private key selected by the receiver owned;
  • a tracking party client configured to acquire the target key and the transaction key, and recover the recipient public key according to the target key, the transaction key, and a tracking party private key selected by a tracking party The first public key in the tracking, so that the tracking party client uses the restored first public key to achieve tracking of the transaction destination.
  • the invention provides a method for conditionally tracking a user public key in a cryptocurrency, the method comprising: a sender client obtaining a receiver public key and a tracking party public key, and generating a target key and a transaction key in combination with the sender private key And publicly, the recipient public key includes a first public key and a second public key, and the first public key is obtained based on a point on a predefined elliptic curve and a recipient private key selected by the receiver, and the tracking client obtains The target key and the transaction key are combined with the tracking party private key to recover the first public key of the recipient. Generate The target key and the transaction key are one-time, so the sender and the receiver are based on a one-time public key transaction.
  • each transaction has non-connectability; and because the target key and The transaction key generation uses the tracking party public key and the receiver public key indirectly or directly, so the tracking party client can recover the first public key of the receiver by acquiring the target key and the transaction key, thereby tracking the reception.
  • Fang solves the technical problem of using a one-time public key transaction in traditional transactions because of the lack of effective supervision and easy to become a hotbed of criminal activities such as money laundering and extortion.
  • FIG. 1 is a schematic diagram of a transaction system in a first embodiment of the present invention
  • FIG. 2 is a schematic flow chart of a method for conditionally tracking a user public key in a cryptocurrency according to a second embodiment of the present invention
  • FIG. 3 is a schematic flowchart of a method for a conditionally trackable user public key in a cryptocurrency according to a third embodiment of the present invention
  • FIG. 4 is a schematic structural diagram of a system for a conditionally trackable user public key in a cryptocurrency according to a fourth embodiment of the present invention.
  • the present invention proposes a method and system for conditionally tracking a user's public key in a cryptocurrency, and the generated target key and transaction key are one-time, so the sender and the receiver are based on one-time
  • the sender and the receiver are based on one-time
  • the tracking party can recover the first public key of the receiver by acquiring the target key and the transaction key, thereby tracking the receiver, and solving the problem of using the one-time public key transaction in the traditional transaction due to lack of effective supervision, and easily becoming money laundering Technical issues of hotbeds such as extortion and criminal activities.
  • FIG. 1 is a schematic diagram of a transaction system in a first embodiment of the present invention.
  • the transaction system includes a sender, a receiver, and a tracker.
  • the table shows:
  • the transaction key (R A , R T ) and the recipient public key (A, A T ) are composed of two parts.
  • the receiver public key (A, A T ) is divided into a receiver first public key A and a receiver second public key A T .
  • the meaning of all the parameters in the formula is as shown in the parameters in the table.
  • FIG. 2 is a schematic flowchart of a method for a conditionally trackable user public key in a cryptographic currency according to a second embodiment of the present invention, the method includes:
  • Step 201 The sender client obtains the receiver public key and the tracking party public key respectively, and calculates the target key and the transaction secret according to the sender private key selected by the sender, the receiver public key, and the tracking party public key.
  • the key is additionally disclosed in the transaction, the recipient public key includes a first public key and a second public key, the first public key being a point based on a predefined elliptic curve and a recipient private key selected by the receiver owned;
  • the tracking party client calculates and displays the tracking party public key T according to the tracking party private key t selected by the tracking party, and the receiving client obtains the tracking party public key T and calculates and receives the receiving party private key a.
  • the public key (A, A T ) is disclosed, and the sender client obtains the tracking party public key T and the receiver public key (A, A T ), and combines the sender private key r to calculate the target key P and the transaction secret.
  • the key (R A , R T ) is appended to the transaction.
  • the receiver public key (A, A T ) disclosed by the receiver client includes two parts, which are respectively referred to as the receiver first public key A and the receiver second public key A T .
  • the first public key A of the receiver is obtained based on the point G on the predefined elliptic curve and the recipient private key a selected by the receiver, and the second public key A T of the receiver is based on the tracking public key T and the receiving private Key a.
  • Session key (R A, R T) comprises two parts sender client output, referred to as a first session key and the second session key R A R T.
  • the first transaction key R A is obtained based on the sender private key r and the recipient first public key A
  • the second transaction key R T is obtained based on the sender private key r and the tracking party public key T.
  • Step 202 The tracking client obtains the target key and the transaction key, and recovers the recipient public key according to the target key, the transaction key, and the tracking party private key selected by the tracking party.
  • the first public key in the tracking so that the tracking party client uses the restored first public key to achieve tracking of the transaction destination.
  • the target key P and the transaction key (R A , R T ) are disclosed by the sender client in the transaction.
  • the tracking party private key t is randomly selected by the party that is in the transaction to track the whereabouts of the transaction.
  • the tracking party client obtains the target key P and the transaction key (R A , R T ) attached by the sender client in the transaction, and the tracking party private key t is calculated to obtain the recipient's first public key A, through which the receiving The first public key A is tracked to the recipient to track the whereabouts of the transaction.
  • the sender client obtains the receiver public key and the tracking party public key, generates a target key and a transaction key in combination with the sender private key, and exposes the tracking client to obtain the target key and the transaction secret.
  • the key is combined with the tracking party private key to recover the first public key of the recipient.
  • the generated target key and transaction key are one-time, so the sender and the receiver are based on one-time public key transactions.
  • each transaction has non-connectability; and because the target key
  • the tracking party public key and the receiver public key are used indirectly or directly with the generation of the transaction key, so the tracking party client can recover the first public key of the receiver by acquiring the target key and the transaction key, thereby tracking
  • the receiver has solved the technical problem of using a one-time public key transaction in traditional transactions because of the lack of effective supervision and easy to become a hotbed of criminal activities such as money laundering and extortion.
  • FIG. 3 is a schematic flowchart of a method for a conditionally trackable user public key in a cryptographic currency according to a third embodiment of the present invention, the method includes:
  • Step 301 The tracking party client obtains the tracking party public key by using the tracking party private key and discloses it;
  • the tracking party public key T is based on a point G and a tracking party selected in advance on the elliptic curve.
  • the tracking party private key t is calculated.
  • the tracking party public key is obtained according to the following formula:
  • Step 302 The receiving client obtains the tracking party public key, and obtains the receiving public key by using the receiving private key and the tracking party public key and discloses the public key;
  • the receiver public key (A, A T ) includes two parts, namely, the receiver first public key A and the receiver second public key A T .
  • the first public key A of the receiver is obtained based on the point G defined in advance on the elliptic curve and the recipient private key a selected by the receiver.
  • the second public key A T of the receiver is based on the tracking party public key T and the receiver.
  • the private key a is obtained.
  • the receiver public key (A, A T ) is obtained by the following formula:
  • Step 303 The sender client obtains the receiver public key and the tracking party public key respectively, and obtains the target key and the transaction key according to the preset formula.
  • the transaction key (R A , R T ) is composed of two parts, namely a first transaction key R A and a second transaction key R T , and the first transaction key R A is based on sending
  • the second transaction key R T is obtained based on the sender private key r and the tracking party public key T, obtained by the party private key r and the recipient's first public key A.
  • the target key P and the transaction key (R A , R T ) are obtained as follows:
  • H represents a predefined hash function
  • G represents a point on a predefined elliptic curve
  • a T represents the recipient's second public key
  • Step 304 The sender client attaches the target key and the transaction key to the transaction and discloses it;
  • Step 305 The receiver client obtains the target key and the transaction key, calculates a one-time public key by using a preset formula, and determines whether the one-time public key is equal to the target key.
  • the one-time public key P′ generated by the receiver client is used to determine whether the target key P disclosed by the sender client is equal, thereby determining whether the transaction is established.
  • the one-time public key P' can be obtained according to the following formula:
  • a represents the recipient private key
  • G represents a point on the predefined elliptic curve
  • l represents the prime order of the predefined point G
  • H represents a predefined hash function
  • R T represents the second transaction key in the transaction key
  • A represents the recipient's first public key in the recipient public key.
  • a T aT, indicating the recipient's second public key in the recipient's public key.
  • Step 306 If the one-time public key is equal to the target key, the receiving client calculates the one-time private key by using a preset formula, so that the receiver signs the transaction by using the one-time private key;
  • the one-time private key p is obtained by the following formula:
  • a represents the recipient private key
  • G represents a point on the predefined elliptic curve
  • l represents the prime order of the predefined point G
  • R T represents the second transaction key
  • Step 307 The tracking party client obtains the target key and the transaction key, and uses the preset formula to recover the first public key in the recipient public key in combination with the tracking party private key.
  • the tracking client obtains the target key P and the transaction key (R A , R T ), and recovers the first public key A of the receiver in combination with the tracking private key t.
  • Key A is part of the recipient's public key (A, A T ), and the recipient's first public key A is used to enable the tracker to track the whereabouts of the transaction, ie, to the recipient.
  • the tracking party client restores the recipient's first public key A according to the following formula:
  • G represents a point on a predefined elliptic curve
  • R A represents the first transaction key
  • H represents a predefined hash function
  • Key r denotes the sender's private key
  • t denotes the tracking party's private key
  • G represents a point on a predefined elliptic curve
  • H represents a predefined hash function.
  • the target key and the transaction key generated by the sender client are one-time, so the sender and the receiver are based on the one-time public key transaction, and because the one-time public key is random, Each transaction is not connectable; the recipient signing the agreement uses the one-time private key generated by the receiving client to ensure the anonymity of the transaction; because the target key and the transaction key are generated indirectly or directly using the tracking party.
  • the public key and the recipient public key so the tracking client can recover the first public key of the receiver by acquiring the target key and the transaction key, thereby tracking the recipient, and solving the one-time public key in the traditional transaction. Due to the lack of effective supervision during trading, it is easy to become a hotbed of criminal activities such as money laundering and extortion.
  • FIG. 4 is a schematic structural diagram of a system for conditionally trackable user public key in a cryptocurrency according to a fourth embodiment of the present invention.
  • the system includes a sender client 401, a receiver client 402, and a tracker client 403, the system including:
  • the tracking party client 403 is configured to obtain the tracking party public key by using the tracking party private key and disclose the public key;
  • the receiving client 402 is configured to obtain the tracking party public key, and obtain the receiving public key by using the receiving private key and the tracking party public key and disclose the public key;
  • the sender client 401 is configured to respectively obtain the receiver public key and the tracking party public key, and calculate the target key according to the sender private key selected by the sender, the receiver public key, and the tracking party public key, and attach the information to the transaction. ;
  • the receiving client 402 is further configured to acquire a target key and a transaction key, generate a one-time public key, and determine whether the generated one-time public key and the target key are equal. If the judgment is equal, generate a one-time private key. In order for the recipient to sign the agreement using the generated one-time private key;
  • the tracking party client 403 is further configured to acquire the target key and the transaction key, and recover the first public key in the recipient public key according to the target key, the transaction key, and the tracking party private key, so as to track the client 403.
  • the tracking of the transaction destination is achieved by using the first public key obtained by the recovery.
  • the system is an interactive system, and the arrow indicates that a message disclosed by the client (including each public key, target key, and transaction key) can be acquired by another client.
  • the target key and transaction key generated by the sender client are one-time, so the sender and receiver are the base.
  • each transaction has non-connectability due to the randomness of the one-time public key; and the tracking party public key and the receiver public key are used indirectly or directly due to the generation of the target key and the transaction key. Therefore, the tracking client can recover the first public key of the receiver by acquiring the target key and the transaction key, thereby tracking the receiver, and solving the lack of effective supervision when using the one-time public key transaction in the traditional transaction. It is easy to become a hotbed of criminal activities such as money laundering and extortion.

Abstract

Disclosed in the present invention are a method and a system for tracking a user public key in cryptocurrency conditions, the method comprising: a sending party client terminal acquires a receiving party public key and a tracking party public key, incorporates a sending party private key to generate a target key and a transaction key, and publishes same, the receiving party public key comprising a first public key and a second public key, and the first public key being obtained on the basis of a point on a predefined elliptic curve and the prime order of said point; the tracking party client terminal acquires the target key and the transaction key and incorporates a tracking party private key to recover the first public key of the receiving party. The generated target key and transaction key belong to a one-time public key and are random, so that each transaction is not connectable, and the tracking party client can recover the first public key of the receiving party and track the receiving party, thereby solving the technical problem of traditional transactions becoming a hotbed of criminal activity such as money laundering and extortion when using a one-time public key due to the lack of effective supervision.

Description

加密货币中条件可追踪用户公钥的方法和系统Method and system for conditional tracking user public key in cryptocurrency 技术领域Technical field
本发明涉及领域信息安全技术,尤其涉及一种加密货币中条件可追踪用户公钥的方法和系统。The present invention relates to domain information security technologies, and more particularly to a method and system for conditionally tracking a user's public key in a cryptocurrency.
背景技术Background technique
数字加密货币是区块链的一种应用形式,是在区块链去中心化、开源、去信任、集体维护、可靠数据等特点基础上,发展而形成的数字货币交易平台。比特币是一种最成功的数字加密货币,但是由于所有的交易是公开的,且任意一笔交易可追踪到其发起人与接收人,比特币不具备不可追踪性,同时由于大数据分析、数据挖据等技术的应用,用户与交易的关联性易暴露,比特币不具备不可连接性。Digital cryptocurrency is an application form of blockchain. It is a digital currency trading platform developed on the basis of decoupling, open source, trust, collective maintenance, and reliable data. Bitcoin is one of the most successful digital cryptocurrencies, but since all transactions are public and any transaction can be traced to its originators and recipients, Bitcoin is not traceable and due to big data analysis, The application of data mining and other technologies, the user's relevance to the transaction is easy to expose, Bitcoin does not have non-connectability.
为了实现加密货币的不可追踪性与不可连接性,CryptoNote协议被提出。CryptoNote协议采用一次性公钥技术实现用户与交易的不可连接性,采用一次性环签名技术实现交易的不可追踪性。然而,去中心化与完全匿名性等特点使得交易缺乏有效监管,基于CryptoNote协议的加密货币易成为洗钱、敲诈等犯罪活动的温床。In order to achieve the untrackability and non-connectability of cryptocurrency, the CryptoNote protocol was proposed. The CryptoNote protocol uses a one-time public key technology to achieve non-connectability between users and transactions, and uses one-time ring signature technology to achieve untrackability of transactions. However, the characteristics of decentralization and complete anonymity make the transaction lack effective supervision. The cryptocurrency based on CryptoNote protocol is easy to become a hotbed of criminal activities such as money laundering and extortion.
发明内容Summary of the invention
本发明的主要目的在于提供一种加密货币中条件可追踪用户公钥的方法和系统,旨在解决现有技术中采用一次性公钥交易时,由于缺乏有效的监管,易成为洗钱、敲诈等犯罪活动的温床的技术问题。 The main object of the present invention is to provide a method and system for conditionally tracking a user's public key in a cryptocurrency, aiming at solving the problem of money laundering, extortion, etc. due to lack of effective supervision when using a one-time public key transaction in the prior art. Technical issues of the hotbed of criminal activity.
为实现上述目的,本发明第一方面提供了一种加密货币中条件可追踪用户公钥的方法,所述方法包括:To achieve the above object, a first aspect of the present invention provides a method for conditionally tracking a user's public key in a cryptocurrency, the method comprising:
发送方客户端分别获取接收方公钥和追踪方公钥,根据发送方选择的发送方私钥、所述接收方公钥及所述追踪方公钥计算得到目标密钥与交易密钥并附加在交易中公开,所述接收方公钥包含第一公钥和第二公钥,所述第一公钥为基于预先定义的椭圆曲线上的点及接收方选择的接收方私钥得到的;The sender client obtains the receiver public key and the tracking party public key respectively, and calculates the target key and the transaction key according to the sender private key selected by the sender, the receiver public key, and the tracking party public key, and attaches Disclosed in the transaction, the recipient public key includes a first public key and a second public key, and the first public key is obtained based on a point on a predefined elliptic curve and a recipient private key selected by the receiver;
追踪方客户端获取所述目标密钥和所述交易密钥,根据所述目标密钥、所述交易密钥及追踪方选择的追踪方私钥,恢复出所述接收方公钥中的所述第一公钥,以便所述追踪方客户端利用恢复得到的所述第一公钥实现对交易去向的追踪。The tracking party client obtains the target key and the transaction key, and recovers the location of the recipient public key according to the target key, the transaction key, and the tracking party private key selected by the tracking party. The first public key is described, so that the tracking party client uses the first public key obtained by the recovery to achieve tracking of the transaction destination.
为实现上述目的,本发明第二方面提供了一种加密货币中条件可追踪用户公钥的系统,所述系统包括:To achieve the above object, a second aspect of the present invention provides a system for conditionally tracking a user's public key in a cryptocurrency, the system comprising:
发送方客户端,用于分别获取接收方公钥和追踪方公钥,根据发送方选择的发送方私钥、所述接收方公钥及所述追踪方公钥计算得到目标密钥与交易密钥并附加在交易中公开,所述接收方公钥包含第一公钥和第二公钥,所述第一公钥为基于预先定义的椭圆曲线上的点及接收方选择的接收方私钥得到的;The sender client is configured to obtain the receiver public key and the tracking party public key respectively, and calculate the target key and the transaction secret according to the sender private key selected by the sender, the receiver public key, and the tracking party public key. The key is additionally disclosed in the transaction, the recipient public key includes a first public key and a second public key, the first public key being a point based on a predefined elliptic curve and a recipient private key selected by the receiver owned;
追踪方客户端,用于获取所述目标密钥和所述交易密钥,根据所述目标密钥、所述交易密钥及追踪方选择的追踪方私钥,恢复出所述接收方公钥中的所述第一公钥,以便所述追踪方客户端利用恢复得到的所述第一公钥实现对交易去向的追踪。a tracking party client, configured to acquire the target key and the transaction key, and recover the recipient public key according to the target key, the transaction key, and a tracking party private key selected by a tracking party The first public key in the tracking, so that the tracking party client uses the restored first public key to achieve tracking of the transaction destination.
本发明提供了一种加密货币中条件可追踪用户公钥的方法,该方法包括:发送方客户端获取接收方公钥和追踪方公钥,结合发送方私钥生成目标密钥和交易密钥并公开,该接收方公钥包括第一公钥和第二公钥并且第一公钥是基于预先定义的椭圆曲线上的点及接收方选择的接收方私钥得到的,追踪方客户端获取该目标密钥和交易密钥并结合追踪方私钥恢复出接收方的第一公钥。生成 的目标密钥与交易密钥是一次性的,因此发送方与接收方是基于一次性公钥交易的,由于一次性公钥具有随机性,各交易具有不可连接性;又由于目标密钥与交易密钥的生成间接或直接使用了追踪方公钥和接收方公钥,因此追踪方客户端可以通过获取目标密钥和交易密钥来恢复出接收方的第一公钥,从而追踪到接收方,解决了传统交易中采用一次性公钥交易时由于缺乏有效的监管,易成为洗钱、敲诈等犯罪活动的温床的技术问题。The invention provides a method for conditionally tracking a user public key in a cryptocurrency, the method comprising: a sender client obtaining a receiver public key and a tracking party public key, and generating a target key and a transaction key in combination with the sender private key And publicly, the recipient public key includes a first public key and a second public key, and the first public key is obtained based on a point on a predefined elliptic curve and a recipient private key selected by the receiver, and the tracking client obtains The target key and the transaction key are combined with the tracking party private key to recover the first public key of the recipient. Generate The target key and the transaction key are one-time, so the sender and the receiver are based on a one-time public key transaction. Because the one-time public key is random, each transaction has non-connectability; and because the target key and The transaction key generation uses the tracking party public key and the receiver public key indirectly or directly, so the tracking party client can recover the first public key of the receiver by acquiring the target key and the transaction key, thereby tracking the reception. Fang, solves the technical problem of using a one-time public key transaction in traditional transactions because of the lack of effective supervision and easy to become a hotbed of criminal activities such as money laundering and extortion.
附图说明DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only It is a certain embodiment of the present invention, and those skilled in the art can obtain other drawings according to these drawings without any creative work.
图1为本发明第一实施例中交易系统的示意图;1 is a schematic diagram of a transaction system in a first embodiment of the present invention;
图2为本发明第二实施例提供的一种加密货币中条件可追踪用户公钥的方法的流程示意图;2 is a schematic flow chart of a method for conditionally tracking a user public key in a cryptocurrency according to a second embodiment of the present invention;
图3为本发明第三实施例提供的一种加密货币中条件可追踪用户公钥的方法的流程示意图;3 is a schematic flowchart of a method for a conditionally trackable user public key in a cryptocurrency according to a third embodiment of the present invention;
图4为本发明第四实施例提供的一种加密货币中条件可追踪用户公钥的系统的结构示意图。FIG. 4 is a schematic structural diagram of a system for a conditionally trackable user public key in a cryptocurrency according to a fourth embodiment of the present invention.
具体实施方式Detailed ways
为使得本发明的发明目的、特征、优点能够更加的明显和易懂,下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而非全部实施例。基于本发明中的实施例,本领域技术人员在没有做出创造性劳动前提下所获得的 所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described in conjunction with the drawings in the embodiments of the present invention. The embodiments are merely a part of the embodiments of the invention, and not all of the embodiments. Based on the embodiments of the present invention, those obtained by those skilled in the art without creative efforts All other embodiments are within the scope of the invention.
由于现有技术中采用一次性公钥交易时,缺乏有效的监管,易成为洗钱、敲诈等犯罪活动的温床的技术问题。Due to the lack of effective supervision when using one-time public key transactions in the prior art, it is easy to become a hotbed of criminal activities such as money laundering and extortion.
为了解决上述技术问题,本发明提出了一种加密货币中条件可追踪用户公钥的方法和系统,生成的目标密钥与交易密钥是一次性的,因此发送方与接收方是基于一次性公钥交易的,由于一次性公钥具有随机性,各交易具有不可连接性;又由于目标密钥与交易密钥的生成间接或直接使用了追踪方公钥和接收方公钥,因此追踪方客户端可以通过获取目标密钥和交易密钥来恢复出接收方的第一公钥,从而追踪到接收方,解决了传统交易中采用一次性公钥交易时由于缺乏有效的监管,易成为洗钱、敲诈等犯罪活动的温床的技术问题。In order to solve the above technical problem, the present invention proposes a method and system for conditionally tracking a user's public key in a cryptocurrency, and the generated target key and transaction key are one-time, so the sender and the receiver are based on one-time For public key transactions, because the one-time public key is random, each transaction is not connectable; and because the target key and the transaction key are generated indirectly or directly using the tracking party public key and the receiver public key, the tracking party The client can recover the first public key of the receiver by acquiring the target key and the transaction key, thereby tracking the receiver, and solving the problem of using the one-time public key transaction in the traditional transaction due to lack of effective supervision, and easily becoming money laundering Technical issues of hotbeds such as extortion and criminal activities.
请参阅图1,为本发明第一实施例中交易系统的示意图,该交易系统包括发送方、接收方和追踪方,为了更系统的理解技术方案,在该交易系统中所使用的参数汇总如下表所示:1 is a schematic diagram of a transaction system in a first embodiment of the present invention. The transaction system includes a sender, a receiver, and a tracker. For a more systematic understanding of the technical solution, the parameters used in the transaction system are summarized as follows. The table shows:
Figure PCTCN2017105649-appb-000001
Figure PCTCN2017105649-appb-000001
在本发明实施例中,交易密钥(RA,RT)与接收方公钥(A,AT)均由两部分组成。交易密钥(RA,RT)是发送方客户端按照公式RA=rA,RT=rT计算得到的,RA为第一交易密钥,RT为第二交易密钥。接收方公钥(A,AT)分为接收方第一公钥A和接收方第二公钥AT。目标密钥P是发送方客户端按照公式P=H(rAT)G+A来计算得到的,一次性公钥P'是接收方客户端按照公式P'=H(aRT)G+A来计算得到的,一次性私钥p是接收方客户端按照公式p=H(aRT)+a来计算得到的。其中公式中所有参数的意义均如表中参数所示。In the embodiment of the present invention, the transaction key (R A , R T ) and the recipient public key (A, A T ) are composed of two parts. The transaction key (R A , R T ) is calculated by the sender client according to the formula R A = rA, R T = rT, R A is the first transaction key, and R T is the second transaction key. The receiver public key (A, A T ) is divided into a receiver first public key A and a receiver second public key A T . The target key P is calculated by the sender client according to the formula P=H(rA T )G+A, and the one-time public key P′ is the receiver client according to the formula P′=H(aR T )G+A To calculate, the one-time private key p is calculated by the receiver client according to the formula p=H(aR T )+a. The meaning of all the parameters in the formula is as shown in the parameters in the table.
基于第一实施例,请参阅图2,为本发明第二实施例提供的一种加密货币中条件可追踪用户公钥的方法的流程示意图,该方法包括:Based on the first embodiment, referring to FIG. 2, which is a schematic flowchart of a method for a conditionally trackable user public key in a cryptographic currency according to a second embodiment of the present invention, the method includes:
步骤201:发送方客户端分别获取接收方公钥和追踪方公钥,根据发送方选择的发送方私钥、所述接收方公钥及所述追踪方公钥计算得到目标密钥与交易密钥并附加在交易中公开,所述接收方公钥包含第一公钥和第二公钥,所述第一公钥为基于预先定义的椭圆曲线上的点及接收方选择的接收方私钥得到的;Step 201: The sender client obtains the receiver public key and the tracking party public key respectively, and calculates the target key and the transaction secret according to the sender private key selected by the sender, the receiver public key, and the tracking party public key. The key is additionally disclosed in the transaction, the recipient public key includes a first public key and a second public key, the first public key being a point based on a predefined elliptic curve and a recipient private key selected by the receiver owned;
如图1所示,追踪方客户端根据追踪方选择的追踪方私钥t计算得到追踪方公钥T并公开,接收方客户端获取追踪方公钥T并结合接收方私钥a计算得到接收方公钥(A,AT)并公开,发送方客户端获取追踪方公钥T与接收方公钥(A,AT),并结合发送方私钥r计算得到目标密钥P与交易密钥(RA,RT)并附加在交易中公开。As shown in FIG. 1, the tracking party client calculates and displays the tracking party public key T according to the tracking party private key t selected by the tracking party, and the receiving client obtains the tracking party public key T and calculates and receives the receiving party private key a. The public key (A, A T ) is disclosed, and the sender client obtains the tracking party public key T and the receiver public key (A, A T ), and combines the sender private key r to calculate the target key P and the transaction secret. The key (R A , R T ) is appended to the transaction.
其中,接收方客户端公开的接收方公钥(A,AT)包含两部分,分别称为接收方第一公钥A和接收方第二公钥AT。接收方第一公钥A为基于预先定义的椭圆曲线上的点G及接收方选择的接收方私钥a得到的,接收方第二公钥AT为基于追踪方公钥T与接收方私钥a得到的。发送方客户端输出的交易密钥(RA,RT)包括两部分,分别称为第一交易密钥RA和第二交易密钥RT。第一交易密钥RA为 基于发送方私钥r和接收方第一公钥A得到的,第二交易密钥RT是基于发送方私钥r与追踪方公钥T得到的。The receiver public key (A, A T ) disclosed by the receiver client includes two parts, which are respectively referred to as the receiver first public key A and the receiver second public key A T . The first public key A of the receiver is obtained based on the point G on the predefined elliptic curve and the recipient private key a selected by the receiver, and the second public key A T of the receiver is based on the tracking public key T and the receiving private Key a. Session key (R A, R T) comprises two parts sender client output, referred to as a first session key and the second session key R A R T. The first transaction key R A is obtained based on the sender private key r and the recipient first public key A, and the second transaction key R T is obtained based on the sender private key r and the tracking party public key T.
步骤202:追踪方客户端获取所述目标密钥和所述交易密钥,根据所述目标密钥、所述交易密钥及追踪方选择的追踪方私钥,恢复出所述接收方公钥中的所述第一公钥,以便所述追踪方客户端利用恢复得到的所述第一公钥实现对交易去向的追踪。Step 202: The tracking client obtains the target key and the transaction key, and recovers the recipient public key according to the target key, the transaction key, and the tracking party private key selected by the tracking party. The first public key in the tracking, so that the tracking party client uses the restored first public key to achieve tracking of the transaction destination.
在本发明实施例中,目标密钥P和交易密钥(RA,RT)是发送方客户端附加在交易中公开的。追踪方私钥t是在交易中处于监督追踪交易去向的一方随机选择的。追踪方客户端获取发送方客户端附加在交易中公开的目标密钥P和交易密钥(RA,RT)结合追踪方私钥t经过计算得到接收方第一公钥A,通过该接收方第一公钥A追踪到接收方,从而追踪到交易的去向。In an embodiment of the invention, the target key P and the transaction key (R A , R T ) are disclosed by the sender client in the transaction. The tracking party private key t is randomly selected by the party that is in the transaction to track the whereabouts of the transaction. The tracking party client obtains the target key P and the transaction key (R A , R T ) attached by the sender client in the transaction, and the tracking party private key t is calculated to obtain the recipient's first public key A, through which the receiving The first public key A is tracked to the recipient to track the whereabouts of the transaction.
在本发明实施例中,发送方客户端获取接收方公钥和追踪方公钥,结合发送方私钥生成目标密钥和交易密钥并公开,追踪方客户端获取该目标密钥和交易密钥并结合追踪方私钥恢复出接收方的第一公钥。生成的目标密钥与交易密钥是一次性的,因此发送方与接收方是基于一次性公钥交易的,由于一次性公钥具有随机性,各交易具有不可连接性;又由于目标密钥与交易密钥的生成间接或直接使用了追踪方公钥和接收方公钥,因此追踪方客户端可以通过获取目标密钥和交易密钥来恢复出接收方的第一公钥,从而追踪到接收方,解决了传统交易中采用一次性公钥交易时由于缺乏有效的监管,易成为洗钱、敲诈等犯罪活动的温床的技术问题。In the embodiment of the present invention, the sender client obtains the receiver public key and the tracking party public key, generates a target key and a transaction key in combination with the sender private key, and exposes the tracking client to obtain the target key and the transaction secret. The key is combined with the tracking party private key to recover the first public key of the recipient. The generated target key and transaction key are one-time, so the sender and the receiver are based on one-time public key transactions. Because the one-time public key is random, each transaction has non-connectability; and because the target key The tracking party public key and the receiver public key are used indirectly or directly with the generation of the transaction key, so the tracking party client can recover the first public key of the receiver by acquiring the target key and the transaction key, thereby tracking The receiver has solved the technical problem of using a one-time public key transaction in traditional transactions because of the lack of effective supervision and easy to become a hotbed of criminal activities such as money laundering and extortion.
基于第一实施例,请参阅图3,为本发明第三实施例提供的一种加密货币中条件可追踪用户公钥的方法的流程示意图,该方法包括:Based on the first embodiment, referring to FIG. 3, which is a schematic flowchart of a method for a conditionally trackable user public key in a cryptographic currency according to a third embodiment of the present invention, the method includes:
步骤301:追踪方客户端利用追踪方私钥得到追踪方公钥并公开;Step 301: The tracking party client obtains the tracking party public key by using the tracking party private key and discloses it;
其中,追踪方公钥T是基于预先定义在椭圆曲线上的点G及追踪方选择的 追踪方私钥t经过计算得到的,具体的,追踪方公钥按照如下公式得到:Wherein, the tracking party public key T is based on a point G and a tracking party selected in advance on the elliptic curve. The tracking party private key t is calculated. Specifically, the tracking party public key is obtained according to the following formula:
T=tG。T = tG.
步骤302:接收方客户端获取追踪方公钥,并利用接收方私钥与追踪方公钥得到接收方公钥并公开;Step 302: The receiving client obtains the tracking party public key, and obtains the receiving public key by using the receiving private key and the tracking party public key and discloses the public key;
其中,接收方公钥(A,AT)包含两部分,分别为接收方第一公钥A和接收方第二公钥AT。接收方第一公钥A是基于预先定义在椭圆曲线上的点G及接收方选择的接收方私钥a得到的,接收方第二公钥AT是基于追踪方公钥T和该接收方私钥a得到的。具体的,接收方公钥(A,AT)按照如下公式得到:The receiver public key (A, A T ) includes two parts, namely, the receiver first public key A and the receiver second public key A T . The first public key A of the receiver is obtained based on the point G defined in advance on the elliptic curve and the recipient private key a selected by the receiver. The second public key A T of the receiver is based on the tracking party public key T and the receiver. The private key a is obtained. Specifically, the receiver public key (A, A T ) is obtained by the following formula:
(A,AT)=(aG,aT)。(A, A T ) = (aG, aT).
步骤303:发送方客户端分别获取接收方公钥和追踪方公钥,并按照预置公式得到目标密钥及交易密钥;Step 303: The sender client obtains the receiver public key and the tracking party public key respectively, and obtains the target key and the transaction key according to the preset formula.
在本发明实施例中,交易密钥(RA,RT)由两部分组成,分别为第一交易密钥RA和第二交易密钥RT,第一交易密钥RA是基于发送方私钥r和接收方第一公钥A得到的,第二交易密钥RT是基于发送方私钥r和追踪方公钥T得到的。目标密钥P和交易密钥(RA,RT)按照如下公式得到:In the embodiment of the present invention, the transaction key (R A , R T ) is composed of two parts, namely a first transaction key R A and a second transaction key R T , and the first transaction key R A is based on sending The second transaction key R T is obtained based on the sender private key r and the tracking party public key T, obtained by the party private key r and the recipient's first public key A. The target key P and the transaction key (R A , R T ) are obtained as follows:
P=H(rAT)G+A,(RA,RT)=(rA,rT)P=H(rA T )G+A,(R A ,R T )=(rA,rT)
其中,H表示预先定义的哈希函数,G表示预先定义的椭圆曲线上的点,AT表示接收方第二公钥。Where H represents a predefined hash function, G represents a point on a predefined elliptic curve, and A T represents the recipient's second public key.
步骤304:发送方客户端将目标密钥与交易密钥附加在交易上并公开;Step 304: The sender client attaches the target key and the transaction key to the transaction and discloses it;
步骤305:接收方客户端获取目标密钥与交易密钥,利用预置公式计算得到一次性公钥并判断一次性公钥与目标密钥是否相等;Step 305: The receiver client obtains the target key and the transaction key, calculates a one-time public key by using a preset formula, and determines whether the one-time public key is equal to the target key.
在本发明实施中,接收方客户端生成的一次性公钥P'是用于判断与发送方客户端公开的目标密钥P是否相等的,以此来判断交易是否成立。具体的,一次性公钥P'可按照如下公式得到:In the implementation of the present invention, the one-time public key P′ generated by the receiver client is used to determine whether the target key P disclosed by the sender client is equal, thereby determining whether the transaction is established. Specifically, the one-time public key P' can be obtained according to the following formula:
P'=H(aRT)G+A P'=H(aR T )G+A
其中,a∈[1,l-1],a表示接收方私钥,G表示预先定义的椭圆曲线上的一点,l表示预先定义的点G的素数阶,H表示预先定义的哈希函数,RT表示交易密钥中的第二交易密钥,A表示接收方公钥中的接收方第一公钥。Where a ∈ [1, l-1], a represents the recipient private key, G represents a point on the predefined elliptic curve, l represents the prime order of the predefined point G, and H represents a predefined hash function, R T represents the second transaction key in the transaction key, and A represents the recipient's first public key in the recipient public key.
为了更好理解本发明实施例中接收方客户端生成的一次性公钥P'是否与发送方客户端公开的目标密钥P相等,以便判断交易是否成立,下面进行一个在交易双方均无差错的情况下的简短推导:In order to better understand whether the one-time public key P′ generated by the receiver client in the embodiment of the present invention is equal to the target key P disclosed by the sender client, in order to determine whether the transaction is established, the following one is performed without error on both sides of the transaction. Short deduction in the case of:
在本发明实施例中,发送方客户端公开的目标密钥是P=H(rAT)G+A,接收方客户端生成的一次性公钥为P'=H(aRT)G+A,具体判断为:In the embodiment of the present invention, the target key disclosed by the sender client is P=H(rA T )G+A, and the one-time public key generated by the receiver client is P′=H(aR T )G+A. The specific judgment is:
P'=H(aRT)G+AP'=H(aR T )G+A
=H(arT)G+A=H(arT)G+A
=(raT)G+A=(raT)G+A
=H(rAT)+A=H(rA T )+A
=P=P
其中,RT=rT表示交易密钥中的第二交易密钥。AT=aT,表示接收方公钥中的接收方第二公钥。由此可以得出在交易双方均无差错的情况下,接收方客户端生成的一次性公钥P'与发送方客户端公开的目标密钥P是相等的,交易是成立的。在交易双方存在差错的情况下,参数发生变化,判断得出的结论是不相等的,交易不成立。Where R T =rT represents the second transaction key in the transaction key. A T = aT, indicating the recipient's second public key in the recipient's public key. It can be concluded that in the case that there is no error in both parties of the transaction, the one-time public key P′ generated by the receiver client is equal to the target key P disclosed by the sender client, and the transaction is established. In the case of errors in both sides of the transaction, the parameters change, and the conclusions drawn are not equal, and the transaction is not established.
步骤306:若一次性公钥与目标密钥相等,则接收方客户端利用预置公式计算得到一次性私钥,以便接收方使用一次性私钥签署交易;Step 306: If the one-time public key is equal to the target key, the receiving client calculates the one-time private key by using a preset formula, so that the receiver signs the transaction by using the one-time private key;
在本发明实施例中,接收方客户端利用预置公式P'=H(aRT)G+A计算得到一次性公钥P'并判断一次性公钥P'与目标密钥P是否相等,在判断为相等的情况下,接收方客户端生成一次性私钥p,该一次性私钥p是用于签署协议的。一次性私钥p按照如下公式得到:In the embodiment of the present invention, the receiver client calculates the one-time public key P′ by using the preset formula P′=H(aR T )G+A and determines whether the one-time public key P′ is equal to the target key P. In the case of being judged to be equal, the receiving client generates a one-time private key p, which is used to sign the protocol. The one-time private key p is obtained by the following formula:
p=H(aRT)+a p=H(aR T )+a
其中,a∈[1,l-1],a表示接收方私钥,G表示预先定义的椭圆曲线上的一点,l表示预先定义的点G的素数阶,RT表示第二交易密钥。Where a ∈ [1, l-1], a represents the recipient private key, G represents a point on the predefined elliptic curve, l represents the prime order of the predefined point G, and R T represents the second transaction key.
步骤307:追踪方客户端获取目标密钥和交易密钥,结合追踪方私钥利用预置公式恢复接收方公钥中的第一公钥。Step 307: The tracking party client obtains the target key and the transaction key, and uses the preset formula to recover the first public key in the recipient public key in combination with the tracking party private key.
在本发明实施例中,追踪方客户端获取目标密钥P与交易密钥(RA,RT),结合追踪方私钥t恢复出接收方第一公钥A,该接收方第一公钥A是接收方公钥(A,AT)中的一部分,利用该接收方第一公钥A使得追踪方能够追踪到交易的去向,即追踪到接收方。追踪方客户端按照如下公式恢复接收方第一公钥A:In the embodiment of the present invention, the tracking client obtains the target key P and the transaction key (R A , R T ), and recovers the first public key A of the receiver in combination with the tracking private key t. Key A is part of the recipient's public key (A, A T ), and the recipient's first public key A is used to enable the tracker to track the whereabouts of the transaction, ie, to the recipient. The tracking party client restores the recipient's first public key A according to the following formula:
A=P-H(tRA)GA=PH(tR A )G
其中G表示预先定义的椭圆曲线上的一点,RA表示第一交易密钥,H表示预先定义的哈希函数。Where G represents a point on a predefined elliptic curve, R A represents the first transaction key, and H represents a predefined hash function.
为了更好理解本发明实施例中的技术方案,下面将对追踪方客户端恢复接收方第一公钥A进行一个推导:In order to better understand the technical solution in the embodiment of the present invention, a tracking of the first public key A of the receiving party is resumed in the following:
A=P-H(tRA)GA=PH(tR A )G
=H(rAT)+A-H(tRA)G=H(rA T )+AH(tR A )G
=H(raT)G+A-H(trA)G=H(raT)G+A-H(trA)G
=H(ratG)G+A-H(traG)G=H(ratG)G+A-H(traG)G
=A=A
其中,发送方客户端公开的目标密钥是P=H(rAT)G+A,RA=rA为发送方客户端公开的交易密钥(RA,RT)中的第一交易密钥,r表示发送方私钥,AT=aT表示接收方第二公钥,A=aG表示接收方第一公钥,T=tG表示追踪方公钥,t表示追踪方私钥,a表示接收方私钥,G表示预先定义的椭圆曲线上的点,H表示预先定义的哈希函数。The target key disclosed by the sender client is P=H(rA T )G+A, and R A =rA is the first transaction secret in the transaction key (R A , R T ) disclosed by the sender client. Key, r denotes the sender's private key, A T = aT denotes the receiver's second public key, A = aG denotes the receiver's first public key, T = tG denotes the tracking party's public key, t denotes the tracking party's private key, and a denotes Receiver private key, G represents a point on a predefined elliptic curve, and H represents a predefined hash function.
在本发明实施例中,发送方客户端生成的目标密钥与交易密钥是一次性的,因此发送方与接收方是基于一次性公钥交易的,又由于一次性公钥具有随机性, 各交易具有不可连接性;接收方签署协议使用的是接收方客户端所生成的一次性私钥,保障了交易的匿名性;因为目标密钥与交易密钥的生成间接或直接使用了追踪方公钥和接收方公钥,因此追踪方客户端可以通过获取目标密钥和交易密钥来恢复出接收方的第一公钥,从而追踪到接收方,解决了传统交易中采用一次性公钥交易时由于缺乏有效的监管,易成为洗钱、敲诈等犯罪活动的温床的技术问题。In the embodiment of the present invention, the target key and the transaction key generated by the sender client are one-time, so the sender and the receiver are based on the one-time public key transaction, and because the one-time public key is random, Each transaction is not connectable; the recipient signing the agreement uses the one-time private key generated by the receiving client to ensure the anonymity of the transaction; because the target key and the transaction key are generated indirectly or directly using the tracking party The public key and the recipient public key, so the tracking client can recover the first public key of the receiver by acquiring the target key and the transaction key, thereby tracking the recipient, and solving the one-time public key in the traditional transaction. Due to the lack of effective supervision during trading, it is easy to become a hotbed of criminal activities such as money laundering and extortion.
请参阅图4,为本发明第四实施例提供的一种加密货币中条件可追踪用户公钥的系统的结构示意图。该系统包括发送方客户端401、接收方客户端402和追踪方客户端403,该系统包括:Please refer to FIG. 4 , which is a schematic structural diagram of a system for conditionally trackable user public key in a cryptocurrency according to a fourth embodiment of the present invention. The system includes a sender client 401, a receiver client 402, and a tracker client 403, the system including:
追踪方客户端403,用于利用追踪方私钥得到追踪方公钥并公开;The tracking party client 403 is configured to obtain the tracking party public key by using the tracking party private key and disclose the public key;
接收方客户端402,用于获取追踪方公钥,并利用接收方私钥与追踪方公钥得到接收方公钥并公开;The receiving client 402 is configured to obtain the tracking party public key, and obtain the receiving public key by using the receiving private key and the tracking party public key and disclose the public key;
发送方客户端401,用于分别获取接收方公钥和追踪方公钥,根据发送方选择的发送方私钥、接收方公钥与追踪方公钥计算得到目标密钥并附加在交易中公开;The sender client 401 is configured to respectively obtain the receiver public key and the tracking party public key, and calculate the target key according to the sender private key selected by the sender, the receiver public key, and the tracking party public key, and attach the information to the transaction. ;
接收方客户端402,还用于获取目标密钥与交易密钥,生成一次性公钥并判断所生成的一次性公钥与目标密钥是否相等,若判断为相等,则生成一次性私钥,以便接收方使用生成的一次性私钥签署协议;The receiving client 402 is further configured to acquire a target key and a transaction key, generate a one-time public key, and determine whether the generated one-time public key and the target key are equal. If the judgment is equal, generate a one-time private key. In order for the recipient to sign the agreement using the generated one-time private key;
追踪方客户端403,还用于获取目标密钥与交易密钥,根据目标密钥、交易密钥及追踪方私钥恢复出接收方公钥中的第一公钥,以便追踪方客户端403利用恢复得到的该第一公钥实现对交易去向的追踪。The tracking party client 403 is further configured to acquire the target key and the transaction key, and recover the first public key in the recipient public key according to the target key, the transaction key, and the tracking party private key, so as to track the client 403. The tracking of the transaction destination is achieved by using the first public key obtained by the recovery.
本发明实施例中,该系统为交互式系统,箭头的指向表示一种客户端所公开的消息(包括各公钥、目标密钥与交易密钥)能够被另一客户端所获取。发送方客户端生成的目标密钥与交易密钥是一次性的,因此发送方与接收方是基 于一次性公钥交易的,由于一次性公钥具有随机性,各交易具有不可连接性;又由于目标密钥与交易密钥的生成间接或直接使用了追踪方公钥和接收方公钥,因此追踪方客户端可以通过获取目标密钥和交易密钥来恢复出接收方的第一公钥,从而追踪到接收方,解决了传统交易中采用一次性公钥交易时由于缺乏有效的监管,易成为洗钱、敲诈等犯罪活动的温床的技术问题。In the embodiment of the present invention, the system is an interactive system, and the arrow indicates that a message disclosed by the client (including each public key, target key, and transaction key) can be acquired by another client. The target key and transaction key generated by the sender client are one-time, so the sender and receiver are the base. For one-time public key transactions, each transaction has non-connectability due to the randomness of the one-time public key; and the tracking party public key and the receiver public key are used indirectly or directly due to the generation of the target key and the transaction key. Therefore, the tracking client can recover the first public key of the receiver by acquiring the target key and the transaction key, thereby tracking the receiver, and solving the lack of effective supervision when using the one-time public key transaction in the traditional transaction. It is easy to become a hotbed of criminal activities such as money laundering and extortion.
需要说明的是,对于前述的各实施例,仅为本发明的较佳实施例,并不用以限制发明,但是本领域技术人员应该知悉,本发明并不受所描述的动作顺序的限制,因为依据本发明,某些步骤可以采用其它顺序或者同时进行。凡在本发明的精神和原则之内所作的任何修改、等同替换和改进等,均应包含在本发明的保护范围之内。It should be noted that the foregoing embodiments are merely preferred embodiments of the present invention, and are not intended to limit the invention, but those skilled in the art should understand that the present invention is not limited by the described order of actions. In accordance with the present invention, certain steps may be performed in other sequences or concurrently. Any modifications, equivalent substitutions and improvements made within the spirit and scope of the invention are intended to be included within the scope of the invention.
在上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述的部分,可以参见其它实施例的相关描述。In the above embodiments, the descriptions of the various embodiments are all focused, and the parts that are not detailed in a certain embodiment can be referred to the related descriptions of other embodiments.
以上为对本发明所提供的一种加密货币中条件可追踪用户公钥的方法和系统的描述,对于本领域的技术人员,依据本发明实施例的思想,在具体实施方式及应用范围上均会有改变之处,综上,本说明书内容不应理解为对本发明的限制。 The above is a description of a method and a system for conditionally tracking a user's public key in a cryptocurrency provided by the present invention. For those skilled in the art, according to the idea of the embodiment of the present invention, the specific implementation manner and application range are In view of the above, the contents of this specification are not to be construed as limiting the invention.

Claims (10)

  1. 一种加密货币中条件可追踪用户公钥的方法,其特征在于,所述方法包括:A method for conditionally tracking a user's public key in a cryptographic currency, the method comprising:
    发送方客户端分别获取接收方公钥和追踪方公钥,根据发送方选择的发送方私钥、所述接收方公钥及所述追踪方公钥计算得到目标密钥与交易密钥并附加在交易中公开,所述接收方公钥包含第一公钥和第二公钥,所述第一公钥为基于预先定义的椭圆曲线上的点及接收方选择的接收方私钥得到的;The sender client obtains the receiver public key and the tracking party public key respectively, and calculates the target key and the transaction key according to the sender private key selected by the sender, the receiver public key, and the tracking party public key, and attaches Disclosed in the transaction, the recipient public key includes a first public key and a second public key, and the first public key is obtained based on a point on a predefined elliptic curve and a recipient private key selected by the receiver;
    追踪方客户端获取所述目标密钥和所述交易密钥,根据所述目标密钥、所述交易密钥及追踪方选择的追踪方私钥,恢复出所述接收方公钥中的所述第一公钥,以便所述追踪方客户端利用恢复得到的所述第一公钥实现对交易去向的追踪。The tracking party client obtains the target key and the transaction key, and recovers the location of the recipient public key according to the target key, the transaction key, and the tracking party private key selected by the tracking party. The first public key is described, so that the tracking party client uses the first public key obtained by the recovery to achieve tracking of the transaction destination.
  2. 根据权利要求1所述的方法,其特征在于,所述方法还包括:The method of claim 1 further comprising:
    所述追踪方客户端利用所述追踪方私钥得到所述追踪方公钥并公开;The tracking party client obtains the tracking party public key by using the tracking party private key and discloses the public key;
    所述接收方客户端获取所述追踪方公钥,并利用所述接收方私钥与所述追踪方公钥得到所述接收方公钥并公开;The recipient client obtains the tracking party public key, and obtains the recipient public key by using the receiver private key and the tracking party public key and discloses the public key;
    其中,所述追踪方客户端按照如下公式得到所述追踪方公钥:The tracking party client obtains the tracking party public key according to the following formula:
    T=tGT=tG
    其中,t∈[1,l-1],t表示所述追踪方私钥,G表示预先定义的椭圆曲线上的点,l表示预先定义的所述点G的素数阶,T表示所述追踪方公钥;Where t ∈ [1, l-1], t represents the tracking party private key, G represents a point on a predefined elliptic curve, l represents a pre-defined prime order of the point G, and T represents the tracking Public key
    其中,所述接收方客户端按照如下公式得到所述接收方公钥:The receiver client obtains the receiver public key according to the following formula:
    (A,AT)=(aG,aT)(A, A T )=(aG, aT)
    其中,a∈[1,l-1],a表示所述接收方私钥,G表示预先定义的椭圆曲线上的点,l表示预先定义的所述点G的素数阶,T表示所述追踪方公钥,(A,AT)表示所述接收方公钥,A表示接收方公钥中的第一公钥,AT表示所述接收方公钥中的第二公钥。 Where a ∈ [1, l-1], a represents the recipient private key, G represents a point on a predefined elliptic curve, l represents a pre-defined prime order of the point G, and T represents the tracking The party public key, (A, A T ) represents the recipient public key, A represents the first public key in the recipient public key, and A T represents the second public key in the recipient public key.
  3. 根据权利要求1或2所述的方法,其特征在于,所述发送方客户端分别获取接收方公钥和追踪方公钥,根据发送方选择的发送方私钥、所述接收方公钥及所述追踪方公钥计算得到目标密钥与交易密钥并附加在交易中公开的步骤包括:The method according to claim 1 or 2, wherein the sender client obtains the receiver public key and the tracking party public key respectively, according to the sender private key selected by the sender, the receiver public key, and The step of calculating the target key and the transaction key by the tracking party public key and attaching it to the transaction includes:
    所述发送方客户端分别获取所述接收方公钥和所述追踪方公钥,并按照如下公式得到所述目标密钥及所述交易密钥:The sender client obtains the receiver public key and the tracking party public key respectively, and obtains the target key and the transaction key according to the following formula:
    P=H(rAT)G+A,(RA,RT)=(rA,rT)P=H(rA T )G+A,(R A ,R T )=(rA,rT)
    其中,r∈[1,l-1],r表示所述发送方私钥,G表示预先定义的椭圆曲线上的一点,l表示预先定义的所述点G的素数阶,T表示所述追踪方公钥,H表示预先定义的哈希函数,A表示所述接收方公钥中的第一公钥,AT表示所述接收方公钥中的第二公钥,P表示所述目标密钥,(RA,RT)表示所述交易密钥,RA表示所述交易密钥中的第一交易密钥,RT表示所述交易密钥中的第二交易密钥;Where r ∈ [1, l-1], r represents the sender private key, G represents a point on a predefined elliptic curve, l represents a pre-defined prime order of the point G, and T represents the tracking Party public key, H represents a predefined hash function, A represents the first public key in the recipient public key, A T represents the second public key in the recipient public key, and P represents the target secret a key, (R A , R T ) represents the transaction key, R A represents a first transaction key in the transaction key, and R T represents a second transaction key in the transaction key;
    所述发送方客户端将所述目标密钥与所述交易密钥附加在交易上并公开。The sender client attaches the target key and the transaction key to the transaction and discloses it.
  4. 根据权利要求1或2所述的方法,其特征在于,所述追踪方客户端获取所述目标密钥和所述交易密钥,根据所述目标密钥、所述交易密钥及追踪方选择的追踪方私钥,恢复出所述接收方公钥中的所述第一公钥步骤包括:The method according to claim 1 or 2, wherein the tracking party client acquires the target key and the transaction key, and selects according to the target key, the transaction key and the tracking party The tracking party private key, the step of recovering the first public key in the recipient public key includes:
    所述追踪方客户端获取所述目标密钥和所述交易密钥,结合所述追踪方私钥利用如下公式恢复所述接收方公钥中的第一公钥:The tracker client acquires the target key and the transaction key, and combines the tracker private key to restore the first public key in the recipient public key by using the following formula:
    A=P-H(tRA)GA=PH(tR A )G
    其中t∈[1,l-1],t表示所述追踪方私钥,G表示预先定义的椭圆曲线上的一点,l表示预先定义的所述点G的素数阶,P表示所述目标密钥,RA表示所述交易密钥中的第一交易密钥,H表示预先定义的哈希函数,A表示所述接收方公钥中的第一公钥。Where t ∈ [1, l-1], t represents the tracking party private key, G represents a point on a predefined elliptic curve, l represents a pre-defined prime order of the point G, and P represents the target secret The key, R A represents the first transaction key in the transaction key, H represents a predefined hash function, and A represents the first public key in the recipient public key.
  5. 根据权利要求1或2所述的方法,其特征在于,所述方法还包括: The method according to claim 1 or 2, wherein the method further comprises:
    所述接收方客户端获取所述目标密钥与所述交易密钥,利用如下公式计算得到一次性公钥并判断所述一次性公钥与所述目标密钥是否相等:The recipient client obtains the target key and the transaction key, calculates a one-time public key by using the following formula, and determines whether the one-time public key is equal to the target key:
    P'=H(aRT)G+AP'=H(aR T )G+A
    其中,a∈[1,l-1],a表示所述接收方私钥,G表示预先定义的椭圆曲线上的一点,l表示预先定义的所述点G的素数阶,H表示预先定义的哈希函数,RT表示所述交易密钥中的第二交易密钥,A表示所述接收方公钥中的第一公钥,P'表示所述一次性公钥;Where a ∈ [1, l-1], a represents the recipient private key, G represents a point on a predefined elliptic curve, l represents a pre-defined prime order of the point G, and H represents a predefined a hash function, R T represents a second transaction key in the transaction key, A represents a first public key in the recipient public key, and P′ represents the one-time public key;
    若所述一次性公钥与所述目标密钥相等,则所述接收方客户端利用如下公式计算得到一次性私钥,以便所述接收方使用所述一次性私钥签署交易:If the one-time public key is equal to the target key, the recipient client calculates a one-time private key using the following formula, so that the recipient signs the transaction using the one-time private key:
    p=H(aRT)+ap=H(aR T )+a
    其中,a∈[1,l-1],a表示所述接收方私钥,G表示预先定义的椭圆曲线上的一点,l表示预先定义的所述点G的素数阶,p表示所述接收方签署协议时的一次性私钥。Where a ∈ [1, l-1], a represents the recipient private key, G represents a point on a predefined elliptic curve, l represents a pre-defined prime order of the point G, and p represents the reception A one-time private key when the party signs the agreement.
  6. 一种加密货币中条件可追踪用户公钥的系统,其特征在于,所述系统包括:A system for conditionally tracking a user's public key in a cryptographic currency, characterized in that the system comprises:
    发送方客户端,用于分别获取接收方公钥和追踪方公钥,根据发送方选择的发送方私钥、所述接收方公钥及所述追踪方公钥计算得到目标密钥与交易密钥并附加在交易中公开,所述接收方公钥包含第一公钥和第二公钥,所述第一公钥为基于预先定义的椭圆曲线上的点及接收方选择的接收方私钥得到的;The sender client is configured to obtain the receiver public key and the tracking party public key respectively, and calculate the target key and the transaction secret according to the sender private key selected by the sender, the receiver public key, and the tracking party public key. The key is additionally disclosed in the transaction, the recipient public key includes a first public key and a second public key, the first public key being a point based on a predefined elliptic curve and a recipient private key selected by the receiver owned;
    追踪方客户端,用于获取所述目标密钥和所述交易密钥,根据所述目标密钥、所述交易密钥及追踪方选择的追踪方私钥,恢复出所述接收方公钥中的所述第一公钥,以便所述追踪方客户端利用恢复得到的所述第一公钥实现对交易去向的追踪。a tracking party client, configured to acquire the target key and the transaction key, and recover the recipient public key according to the target key, the transaction key, and a tracking party private key selected by a tracking party The first public key in the tracking, so that the tracking party client uses the restored first public key to achieve tracking of the transaction destination.
  7. 根据权利要求6所述的系统,其特征在于:The system of claim 6 wherein:
    所述追踪方客户端,还用于利用所述追踪方私钥得到所述追踪方公钥并公 开;The tracking party client is further configured to obtain the tracking party public key by using the tracking party private key open;
    接收方客户端,用于获取所述追踪方公钥,并利用所述接收方私钥与所述追踪方公钥得到所述接收方公钥并公开;a receiving client, configured to obtain the tracking party public key, and obtain the public key of the receiving party by using the recipient private key and the tracking public key;
    其中,所述追踪方客户端按照如下公式得到所述追踪方公钥:The tracking party client obtains the tracking party public key according to the following formula:
    T=tGT=tG
    其中,t∈[1,l-1],t表示所述追踪方私钥,G表示预先定义的椭圆曲线上的点,l表示预先定义的所述点G的素数阶,T表示所述追踪方公钥;Where t ∈ [1, l-1], t represents the tracking party private key, G represents a point on a predefined elliptic curve, l represents a pre-defined prime order of the point G, and T represents the tracking Public key
    其中,所述接收方客户端按照如下公式得到所述接收方公钥:The receiver client obtains the receiver public key according to the following formula:
    (A,AT)=(aG,aT)(A, A T )=(aG, aT)
    其中,a∈[1,l-1],a表示所述接收方私钥,G表示预先定义的椭圆曲线上的点,l表示预先定义的所述点G的素数阶,T表示所述追踪方公钥,(A,AT)表示所述接收方公钥,A表示接收方公钥中的第一公钥,AT表示所述接收方公钥中的第二公钥。Where a ∈ [1, l-1], a represents the recipient private key, G represents a point on a predefined elliptic curve, l represents a pre-defined prime order of the point G, and T represents the tracking The party public key, (A, A T ) represents the recipient public key, A represents the first public key in the recipient public key, and A T represents the second public key in the recipient public key.
  8. 根据权利要求6或7所述的系统,其特征在于,所述发送方客户端还用于A system according to claim 6 or claim 7 wherein said sender client is further
    分别获取所述接收方公钥和所述追踪方公钥,并按照如下公式得到所述目标密钥及所述交易密钥:Obtaining the receiver public key and the tracking party public key respectively, and obtaining the target key and the transaction key according to the following formula:
    P=H(rAT)G+A,(RA,RT)=(rA,rT)P=H(rA T )G+A,(R A ,R T )=(rA,rT)
    其中,r∈[1,l-1],r表示所述发送方私钥,G表示预先定义的椭圆曲线上的一点,l表示预先定义的所述点G的素数阶,T表示所述追踪方公钥,H表示预先定义的哈希函数,A表示所述接收方公钥中的第一公钥,AT表示所述接收方公钥中的第二公钥,P表示所述目标密钥,(RA,RT)表示所述交易密钥,RA表示所述交易密钥中的第一交易密钥,RT表示所述交易密钥中的第二交易密钥;Where r ∈ [1, l-1], r represents the sender private key, G represents a point on a predefined elliptic curve, l represents a pre-defined prime order of the point G, and T represents the tracking Party public key, H represents a predefined hash function, A represents the first public key in the recipient public key, A T represents the second public key in the recipient public key, and P represents the target secret a key, (R A , R T ) represents the transaction key, R A represents a first transaction key in the transaction key, and R T represents a second transaction key in the transaction key;
    将所述目标密钥与所述交易密钥附加在交易上并公开。 The target key and the transaction key are attached to the transaction and published.
  9. 根据权利要求6或7所述的系统,其特征在于,所述追踪方客户端还用于获取所述目标密钥和所述交易密钥,结合所述追踪方私钥利用如下公式恢复所述接收方公钥中的第一公钥:The system according to claim 6 or 7, wherein the tracking party client is further configured to acquire the target key and the transaction key, and use the following formula to recover the The first public key in the recipient's public key:
    A=P-H(tRA)GA=PH(tR A )G
    其中t∈[1,l-1],t表示所述追踪方私钥,G表示预先定义的椭圆曲线上的一点,l表示预先定义的所述点G的素数阶,P表示所述目标密钥,RA表示所述交易密钥中的第一交易密钥,H表示预先定义的哈希函数,A表示所述接收方公钥中的第一公钥。Where t ∈ [1, l-1], t represents the tracking party private key, G represents a point on a predefined elliptic curve, l represents a pre-defined prime order of the point G, and P represents the target secret The key, R A represents the first transaction key in the transaction key, H represents a predefined hash function, and A represents the first public key in the recipient public key.
  10. 根据权利要求6或7所述的系统,其特征在于:A system according to claim 6 or claim 7 wherein:
    所述接收方客户端,还用于获取所述目标密钥与所述交易密钥,利用如下公式计算得到一次性公钥并判断所述一次性公钥与所述目标密钥是否相等:The receiving client is further configured to acquire the target key and the transaction key, calculate a one-time public key by using the following formula, and determine whether the one-time public key is equal to the target key:
    P'=H(aRT)G+AP'=H(aR T )G+A
    其中,a∈[1,l-1],a表示所述接收方私钥,G表示预先定义的椭圆曲线上的一点,l表示预先定义的所述点G的素数阶,H表示预先定义的哈希函数,RT表示所述交易密钥中的第二交易密钥,A表示所述接收方公钥中的第一公钥,P'表示所述一次性公钥;Where a ∈ [1, l-1], a represents the recipient private key, G represents a point on a predefined elliptic curve, l represents a pre-defined prime order of the point G, and H represents a predefined a hash function, R T represents a second transaction key in the transaction key, A represents a first public key in the recipient public key, and P′ represents the one-time public key;
    所述接收方客户端,还用于若所述一次性公钥与所述目标密钥相等,则所述接收方客户端利用如下公式计算得到一次性私钥,以便所述接收方使用所述一次性私钥签署交易:The receiving client is further configured to: if the one-time public key is equal to the target key, the receiving client calculates a one-time private key by using a formula, so that the receiving party uses the Sign the transaction with a one-time private key:
    p=H(aRT)+ap=H(aR T )+a
    其中,a∈[1,l-1],a表示所述接收方私钥,G表示预先定义的椭圆曲线上的一点,l表示预先定义的所述点G的素数阶,p表示所述接收方签署协议时的一次性私钥。 Where a ∈ [1, l-1], a represents the recipient private key, G represents a point on a predefined elliptic curve, l represents a pre-defined prime order of the point G, and p represents the reception A one-time private key when the party signs the agreement.
PCT/CN2017/105649 2017-10-11 2017-10-11 Method and system for tracking user public key in cryptocurrency conditions WO2019071458A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/105649 WO2019071458A1 (en) 2017-10-11 2017-10-11 Method and system for tracking user public key in cryptocurrency conditions

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/105649 WO2019071458A1 (en) 2017-10-11 2017-10-11 Method and system for tracking user public key in cryptocurrency conditions

Publications (1)

Publication Number Publication Date
WO2019071458A1 true WO2019071458A1 (en) 2019-04-18

Family

ID=66100321

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/105649 WO2019071458A1 (en) 2017-10-11 2017-10-11 Method and system for tracking user public key in cryptocurrency conditions

Country Status (1)

Country Link
WO (1) WO2019071458A1 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11251937B2 (en) 2018-01-21 2022-02-15 CipherTrace, Inc. Distributed security mechanism for blockchains and distributed ledgers
US11438175B2 (en) 2020-12-29 2022-09-06 CipherTrace, Inc. Systems and methods for correlating cryptographic addresses between blockchain networks
US11546373B2 (en) 2018-11-20 2023-01-03 CipherTrace, Inc. Cryptocurrency based malware and ransomware detection systems and methods
US11836718B2 (en) 2018-05-31 2023-12-05 CipherTrace, Inc. Systems and methods for crypto currency automated transaction flow detection

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7835978B2 (en) * 2005-12-23 2010-11-16 International Business Machines Corporation Method and system for linking an anonymous electronic trade order to an identity of a trader
CN103577983A (en) * 2013-11-25 2014-02-12 成都中联信通科技股份有限公司 Load method of electronic currency for off-line consumption
CN104320262A (en) * 2014-11-05 2015-01-28 中国科学院合肥物质科学研究院 User public key address binding, searching and verifying method and system based on crypto currency open account book technology

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7835978B2 (en) * 2005-12-23 2010-11-16 International Business Machines Corporation Method and system for linking an anonymous electronic trade order to an identity of a trader
CN103577983A (en) * 2013-11-25 2014-02-12 成都中联信通科技股份有限公司 Load method of electronic currency for off-line consumption
CN104320262A (en) * 2014-11-05 2015-01-28 中国科学院合肥物质科学研究院 User public key address binding, searching and verifying method and system based on crypto currency open account book technology

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11251937B2 (en) 2018-01-21 2022-02-15 CipherTrace, Inc. Distributed security mechanism for blockchains and distributed ledgers
US11836718B2 (en) 2018-05-31 2023-12-05 CipherTrace, Inc. Systems and methods for crypto currency automated transaction flow detection
US11546373B2 (en) 2018-11-20 2023-01-03 CipherTrace, Inc. Cryptocurrency based malware and ransomware detection systems and methods
US11888892B2 (en) 2018-11-20 2024-01-30 CipherTrace, Inc. Cryptocurrency based malware and ransomware detection systems and methods
US11438175B2 (en) 2020-12-29 2022-09-06 CipherTrace, Inc. Systems and methods for correlating cryptographic addresses between blockchain networks

Similar Documents

Publication Publication Date Title
CA3040601C (en) System and method for information protection
KR102157452B1 (en) Performing a recovery process for network nodes in a distributed system
WO2019071458A1 (en) Method and system for tracking user public key in cryptocurrency conditions
JP6745004B1 (en) Method and device for efficiently implementing a distributed database in a network
US20200258339A1 (en) System and method for information protection
KR102139897B1 (en) System and method for information protection
JP2020507222A (en) System and method for information protection
KR101786132B1 (en) Low-latency peer session establishment
US20230344619A1 (en) Method for signing a new block in a decentralized blockchain consensus network
US10484168B2 (en) Methods and systems for obfuscating data and computations defined in a secure distributed transaction ledger
US20240064008A1 (en) Computer implemented method and system for transferring control of a digital asset
US7890757B2 (en) Receiver non-repudiation
US20180336553A1 (en) Facilitating a fund transfer between user accounts
US20080144836A1 (en) Distributed encryption authentication methods and systems
Au et al. Privacy-preserving personal data operation on mobile cloud—Chances and challenges over advanced persistent threat
GB2560434A (en) Securely transferring user information between applications
US20080137868A1 (en) Distributed encryption methods and systems
JP2020516102A (en) Accelerating Transaction Delivery in Blockchain Networks Using Acceleration Nodes
JP7414795B2 (en) Computer-implemented system and method for asset blending
CN113393225B (en) Digital currency encryption payment method and system
CN107769920B (en) Method and system for tracking user public key by condition in encrypted currency
US8423656B2 (en) Push gateway systems and methods
TW201801491A (en) Public key certificate method can generate updated key pair matching the information security requirements without updating the digital certificate
EP3769463A1 (en) Decentralised communication system and method
US20210297397A1 (en) Computer-implemented system and methods for off-chain exchange of transactions pertaining to a distributed ledger

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17928448

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 25/09/2020)

122 Ep: pct application non-entry in european phase

Ref document number: 17928448

Country of ref document: EP

Kind code of ref document: A1