WO2020138733A1 - Blockchain system for providing anonymity of private information and method for providing anonymity of private information in blockchain - Google Patents

Blockchain system for providing anonymity of private information and method for providing anonymity of private information in blockchain Download PDF

Info

Publication number
WO2020138733A1
WO2020138733A1 PCT/KR2019/016472 KR2019016472W WO2020138733A1 WO 2020138733 A1 WO2020138733 A1 WO 2020138733A1 KR 2019016472 W KR2019016472 W KR 2019016472W WO 2020138733 A1 WO2020138733 A1 WO 2020138733A1
Authority
WO
WIPO (PCT)
Prior art keywords
certificate
blockchain
transaction
personal information
authentication
Prior art date
Application number
PCT/KR2019/016472
Other languages
French (fr)
Korean (ko)
Inventor
김호원
김명길
박찬희
Original Assignee
부산대학교 산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 부산대학교 산학협력단 filed Critical 부산대학교 산학협력단
Publication of WO2020138733A1 publication Critical patent/WO2020138733A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/42Anonymization, e.g. involving pseudonyms

Definitions

  • the present invention relates to a blockchain system that provides anonymity of personal information and a method of providing anonymity of personal information on a blockchain, and more specifically, a signature for protecting personal information included in a transaction on a blockchain platform. And verification technology.
  • Blockchain is a concept that was put to practical use in Bitcoin, which appeared in 2009, and is a database technology that stores data while preventing hacking through a shared ledger on a P2P network.
  • the authentication method for the existing user is mainly used by a third-party authentication authority and an X.509-based authentication method.
  • a third-party certification authority the attributes necessary for verification must be explicitly set, and there is a disadvantage that it causes a bottleneck for the system.
  • X.509-based certificates the authentication process is performed without the aid of a Certificate Authority, but there is a problem in that the entire signed attributes must be disclosed according to another Verifier request. .
  • the present invention is to solve the above problems, and an object of the present invention is to provide a signature and verification technology for protecting personal information included in a transaction in a blockchain platform.
  • the present invention is a block that provides anonymity of personal information to protect the personal information of a node by providing anonymity using a Zero-Knowledge-based certificate on a permissioned blockchain network.
  • the purpose is to provide a method for providing anonymity of personal information in the chain system and blockchain.
  • the present invention provides anonymity of personal information to enable efficient network configuration by resolving the system bottleneck of the authentication module generated in the authentication process by dividing the protocol for generating, issuing, signing, revoking, and verifying certificates to each participating node.
  • the purpose is to provide a blockchain system and a method for providing anonymity of personal information in the blockchain.
  • a blockchain system that provides anonymity of personal information according to the present invention for achieving the above object includes an authentication module for generating a first certificate; A node generating a second certificate to which personal information is omitted and zero-knowledge applied and a transaction including the second certificate using the first certificate generated by the authentication module; And it characterized in that it comprises a verification module for verifying the transaction generated at the node.
  • the authentication module is characterized in that by generating a public key and an authentication secret key using a random digital signature (Randomizable Digital Signature), and generating the first certificate by signing with the authentication secret key using a BBS signature protocol can do.
  • a random digital signature Randomizable Digital Signature
  • the node may be characterized by generating a second certificate to which zero knowledge is applied using the BBS signature protocol.
  • it may be characterized in that it further comprises an audit module for tracking the transaction using the public key for audit and the secret key for audit.
  • it may be characterized in that it further comprises a discarding module that discards the second certificate that needs to be discarded and transmits the fact of discarding the second certificate to the node.
  • a method for providing anonymity of personal information in the blockchain according to the present invention for achieving the above object comprises: (A) generating a first certificate by the authentication module; (B) the node using the first certificate, personal information is omitted, and zero-knowledge (Zero-Knowledge) is applied to the second certificate and the second certificate generating a transaction that includes; And (C) verifying the transaction by the verification module.
  • the (A) step using a random digital signature (Randomizable Digital Signature) generating an authentication public key and an authentication secret key; And generating the first certificate by signing with the authentication secret key using the BBS signing protocol.
  • a random digital signature Randomizable Digital Signature
  • step (B) may be characterized in that a BBS signature protocol is used when generating the second certificate.
  • the node's personal information can be protected.
  • 1 is a view showing the structure of a blockchain block.
  • FIG. 2 is a diagram showing a block structure of Hyperledger-Fabric.
  • FIG. 3 is a block diagram of a blockchain system that provides anonymity of personal information according to an embodiment of the present invention.
  • FIG. 4 is a diagram showing the process of issuing a zero-knowledge certificate and generating a transaction between an authentication module and a node.
  • FIG. 5 is a diagram more specifically illustrating a process of generating a transaction providing anonymity using a zero-knowledge certificate.
  • FIG. 6 is a diagram illustrating a process in which the audit module tracks a transaction.
  • FIG. 7 is a view showing the relationship between the authentication module, the revocation module, and the node revoking the certificate.
  • FIG. 8 is a flow chart showing the operation protocol of another embodiment applied to the blockchain.
  • FIG. 9 is a flowchart of a method for providing anonymity of personal information in a blockchain according to an embodiment of the present invention.
  • FIG. 10 is a diagram showing source code (a) for generating a certificate for which all attributes are not disclosed and source code (b) for verifying the generated certificate.
  • FIG. 11 is a view showing a result of verifying a certificate generated from the source code of FIG. 10(a).
  • FIG. 13 is a view showing a result of verifying the source code (a) generating a certificate that only the ProofOfAge is published among the attributes and the generated certificate.
  • a block of a blockchain is a unit that provides final data, and is composed of a header and a body. Of the blocks, only blocks that are approved through the validation and consensus algorithm are registered on the blockchain.
  • the data structure defined for each blockchain platform is different, but in general, the block header includes information about the block, such as the hash value of the previous block, the Merkle Root Hash (MRH) value, and information necessary for verification, and Contains necessary information for the network.
  • the block body contains transactions.
  • Blockchain is a technology that allows network participants to store the block containing the transaction in a distributed data storage environment in the form of a chain created by P2P method, and is a database technology that provides immortality that is impossible to tamper with.
  • Blockchain structure can be divided into Permissioned and Permissionless.
  • the permission structure is a public structure blockchain that anyone can freely participate in the network. It is a completely decentralized structure where non-validated nodes can participate in transaction creation, verification, and consensus algorithms to store data on the blockchain. In order for the blockchain network to be activated, it must be a structure that voluntarily participates in the network's consensus algorithm. In general, it uses a consensus algorithm based on PoW (Proof of Work) and PoS (Proof of Stake) as a method of maintaining the block generation time algorithmically in the network itself for network reliability while providing tokens such as cryptocurrency. do. Bitcoin and Ethereum are examples.
  • the non-permission structure is a blockchain of a consortium structure or a private structure, where only limitedly verified nodes verify transaction validity and perform consensus algorithms.
  • the verified nodes perform consensus algorithms at equal positions.
  • a single enterprise Enterprise
  • the transaction processing speed is superior to the public structure.
  • Representative examples include R3 Corda and Hyperledger-Fabric.
  • the consensus algorithm is the process of consensus who will have authority over the block in the shared ledger to store transaction data on the blockchain.
  • the peer selected by the consensus algorithm registers the block it creates in its ledger and propagates it to other peers. Peers that have received the new block perform validation on the block and, if valid, reflect it in the ledger.
  • Typical consensus algorithms include Proof of Work (PoW), Proof of Stake (PoS), Delegated Proof of Stake (DPoS), and Practical Byzantine Fault Tolerance (PBFT).
  • Smart contract is a concept proposed by Nick Szabo in 1994. It is written in digital commands, and can execute contract contents according to conditions. This has a limitation that although the contract result according to the conditions is clear, it can be manipulated due to the nature of digital commands. However, as the result of the smart contract operation is reflected in the blockchain as it is fused with the blockchain, it becomes impossible to operate, and thus it has become a core technology of the blockchain.
  • the smart contract serves as a logic layer of the platform that provides blockchain-based services in that it provides Turing completeness while performing contract contents according to conditions and can perform processes based on blockchain. .
  • DApp is a blockchain-based decentralized application.
  • the resources used for the service are distributed and stored in the blockchain network, and in the case of highly reliable data registered in the blockchain, forgery and alteration is impossible once stored.
  • the DApp service performs a process on the blockchain through a smart contract, and provides services by combining multiple smart contract functions.
  • the service response time which is the most important element of the application, is affected by the transaction processing speed of the blockchain network, so it is necessary to select the appropriate blockchain network structure according to the application needs.
  • Blockchain platforms including the concept of smart contracts, support tools that support interworking interfaces.
  • Hyperledger is a project aimed at implementing standard blockchain technology supported by the Linux Foundation.
  • Fabric is an enterprise blockchain framework, and is a blockchain platform with permission structure based on membership service. It is possible to write smart contracts based on go and java languages called chaincode, and there are several components in the network, including peers, orderers, and MSPs (Membership Service Providers).
  • a block includes a header, data, and metadata.
  • Header has three variables in total. It is the Number variable that stores the index of the block, the PreviousHash variable that is the hash value of the previous block header, and the DataHash variable that is the Merkle Root Hash (MRH) value for data (transactions).
  • MSH Merkle Root Hash
  • Data consists simply of an array of transactions, and each transaction is Type, Version, Timestamp, Channel ID, TxID, Epoch, Chaincode info, Creator Identity, Endorser Identity, Status, Read Set, Write Set, Key value, etc. It consists of.
  • Metadata consists of orderer identity, creator identity, and flag information for each transaction.
  • Peers are essential elements of the blockchain network, and are classified into Endorser and Comitter according to the role of Peer in Hyperledger-Fabric.
  • Endorser is a concept that includes a committer, and additionally performs an endorse function from the client's request. It executes the chaincode requested from the user (User, node), and goes through an endorsement process of signing the resulting state with the endorser's private key. It performs the function of returning the endorsement, which is the result of the subsequent process, to the user.
  • the Committer has a Ledger and an Event-hub.
  • Ledger is a shared ledger consisting of a blockchain and a local database
  • Event-hub is an interface used to request functions from a committer and receive a response. After the function (read) that returns the contents of the ledger to the client by the query command requested from the client, and after validating the block received from the orderer It performs the function of saving in the Ledger.
  • Ledger In Hyperledger-Fabric, Ledger consists of an existing blockchain and a state database that tracks and stores the state of the blockchain. As with existing blockchains, Ledger provides immortality that cannot be forged and contains information about transactions and networks.
  • the State Database is a LevelDB-based database composed of key-value-based pairs, and has the function of recording and tracking the latest state stored in the blockchain. This reduces the time to search for state information in the blockchain by not searching the entire blockchain to know the current state of the ledger.
  • the orderer receives the endorsement from the client and performs a function for storing it in the blockchain.
  • the blockchain organizes the order of the endorsement to perform registration. Thereafter, a packaging process is performed to convert to a block form for storage in a blockchain.
  • Peers transferor, committer
  • the orderer that performs the above functions is an essential element of the channel of the Hyperledger-Fabric network, and multiple orderers can exist in one channel. Orderers) decide the creation authority for the block through the consensus process.
  • MSP Membership Service Provider
  • the network MSP controls the authority to perform network management (channel creation, etc.).
  • the channel MSP controls authority for peers in a channel.
  • the peer MSP controls the authority for the peer in the same way as the channel MSP, but is applied only to the peer.
  • the orderer MSP controls the authority for the orderer.
  • Fabric-CA is an element that plays the role of a certification authority in a Hyperledger-Fabric network and can be used selectively. It works in conjunction with MSP to issue and manage certificates requested by peers, and provides two types of certificates.
  • Ecert Enrollment Certificate
  • Tcert Transaction Certificate
  • Channel is a basic network unit of Hyperledger-Fabric, and each channel has an independent blockchain shared ledger and chaincode.
  • Channel creation is possible only for users with authority to the system in the network MSP, and basically consists of an organization including a peer, an orderer, and an MSP. That is, each channel is a sub-network having a file system independent of the other channels in one entire network.
  • the chaincode of Hyperledger-Fabric is a smart contract concept based on go and java languages. However, unlike Ethereum's smart contract, where binary source code is registered on the blockchain, verified peers registered on the blockchain network have a chaincode.
  • Chaincode is divided into system chaincode and general chaincode.
  • the system chaincode is a chaincode that performs the network system process and can be registered when the network is created, and cannot be changed after the network is activated.
  • the general chaincode is a chaincode that provides services, and is performed in the form of a transaction through an endorser at the request of users. It is possible to create, modify, etc., and is maintained in a channel unit. The result of executing the general chaincode is a transaction.
  • the chaincode proposed by the client is executed and verified (signed) by the endorser, and transmitted to the client in the form of an endorsement. Then, the client checks the endorsement policy, which is the execution condition of the transaction, and sends it to the orderer. Transactions that are the result of the transmitted chaincode go through the ordering and packaging process by the orderer, and the generated blocks are sent to the endorser and committer for validation. ) After performing the process, it is reflected in the Ledger.
  • the consensus algorithm in Hyperledger-Fabric refers to the process of endorsement, ordering and validation for a transaction. That is, the transaction requested from the client is verified by the peer, and through the ordering and packaging process by the orderer who creates the block through the consensus process, it is stored in the ledger. Refers to the overall transaction execution process for performing validation.
  • the endorsement is the result of the peer executing, verifying and signing the requested transaction.
  • Ordering is the process of deciding the order to register approved transactions received from multiple clients in a block (consensus algorithm applied).
  • Validation is a process performed by a peer with a ledger, and is a process of validating a block received from an orderer.
  • Fabric-SDK is a tool supported by Hyperledger-Fabric, and provides an interface that connects DApp and Chaincode to provide blockchain services. It supports go, node.js, and java languages. Services such as the ability to obtain access to an application through MSP, and the ability to propose a transaction (Chaincode) are available.
  • Hyperledger-Fabric's DApp operation process and blockchain interworking structure are similar to existing blockchain platforms. It uses HTTP-based protocol, and develops and distributes services in DApp based on the functions provided by Chaincode through SDK tools.
  • Zero-Knowledge is a protocol that guarantees anonymity, and it is a way to prove that a certifier has confidential information even if it does not disclose its own confidential information. That is, it is possible to perform validation of the user's personal information even if the user's personal information is not disclosed.
  • the following three basic conditions must be met for zero knowledge. Completeness means that if a sentence is true, an honest Certifier must be able to convince the honest Verifier. Stability should not convince any honest Certifier that this sentence is true if any sentence is false.
  • Zero-knowledge means that if a sentence is true, the Verifier must know nothing other than the true/false of the sentence.
  • CL Chipish-Lysyanskaya
  • BBS Buth-Boyen-Shacham
  • the CL (Camenish-Lysyanskaya) signature was proposed based on the initial Strong Diffie-Hellman (SDH). It has since been improved in terms of efficiency and is now based on the LRSW (Lysyanskaya-Rivest-Sahai- Wolf) assumption. Unlike the SDH assumption, LRSW supports independent discrete-logarithm according to the attributes of the message, which makes it more flexible.
  • the CL signature can prove that the user has the secret key by providing the calculated value required by the verifier without going through the authentication process in which the user sends the message signed with the secret key.
  • the BBS (Boneh-Boyen-Shacham) signature is a proposed signature technique based on a new assumption of Declination LINear (DLIN). This is a zero-knowledge-based signature technique that is identical to the CL signature, providing anonymity.
  • the Proof of Knowledge protocol which verifies the presence or absence of information, has a more efficient feature than CL signature.
  • Randomizable digital signature is a signature technique that always consists of two elements regardless of the number of messages. Unlike digital signatures, random digital signatures must use the type-3 pairing method of bilinear groups unconditionally. However, several protocols based on CL signatures are more efficient while providing the same security and features as CL signatures, because they use type-3 pairing of bilinear groups for efficiency and security reasons.
  • the randomizable digital signature is a method of creating a new signature using an existing signature rather than creating a new signature according to each message m in the CL signature.
  • Signature for message m When present, random Select a value, By calculating, we create a new signature to provide randomness.
  • the blockchain system 100 that provides anonymity of personal information is a technology for a blockchain platform capable of providing anonymity. This embodiment provides anonymity for transactions containing personal information on a permissioned blockchain platform.
  • This embodiment proposes a method of applying a zero-knowledge-based signature technique to solve the anonymity problem of the blockchain network.
  • a key generation protocol of randomizable digital signature is used, and a protocol of BBS signature is applied to Proof of Knowledge.
  • This embodiment is connected to the blockchain network and performs functions such as creating, signing, issuing, revoking, tracking, etc., which contain the personal information of the node 110, and Attributes, which are personal information in the certificate. ).
  • this embodiment includes an authentication module 120 for generating a first certificate; A node 110 for generating a transaction including a second certificate and a second certificate to which personal information is omitted and zero-knowledge is applied using the first certificate generated by the authentication module 120; It includes a verification module 140 for verifying the transaction generated by the node 110.
  • the certification module (Certificate Authority, 120) is a verified object that issues a certificate. Generate a public key and an authentication secret key based on a randomizable digital signature and use this to issue a certificate.
  • the issued certificate has a flexible feature by applying the concept of zero knowledge.
  • the node 110 is a participating node 110 of the blockchain that receives a certificate and provides its own attribute through it. Based on the issued certificate, a BBS (Boneh-Boyen-Shacham) signature-based signature is generated, and a transaction including only information on some attributes is generated.
  • BBS Bit-Boyen-Shacham
  • the node 110 may be implemented in various ways. If this embodiment is applied to the Internet of Things (IoT) environment, the node 110 may be an individual IoT sensor device.
  • IoT Internet of Things
  • the verification module (Verifier, 140) verifies the certificate of the node 110 using the public key of the authentication module (120).
  • the revocation authority (180) is a component that performs revocation of a certificate. A request for disposal is performed, and a process of passing the results to the node 110 and the verification module 140 is performed. As another embodiment, the authentication module 120 may perform this role in addition to issuing a certificate.
  • the following structure is defined to provide anonymity to ensure that the transaction creator has the information without disclosing the private information of the transaction creator in the blockchain platform.
  • the authentication module 120 uses a randomizable digital signature when generating the authentication public key and the authentication secret key.
  • Node 110 generates a first public key and a first secret key using a random digital signature.
  • the authentication module 120 generates a first certificate by signing with an authentication secret key using the BBS signature protocol.
  • the node 110 uses the first certificate together to generate a first public key.
  • the node 110 generates a second certificate in which part or all of personal information is omitted when creating a transaction.
  • the second certificate is generated by applying zero knowledge using the BBS signature protocol.
  • the node 110 generates a second public key and a second secret key to generate a second certificate.
  • Other nodes can confirm the contents of the second certificate using the second public key.
  • Each transaction contains the certificate of the creator (node). Certificates created based on a zero-knowledged signature technique can provide anonymity to personal information even when included in a transaction.
  • the transaction When creating a transaction, the transaction must include a certificate of the node 110. However, when the first certificate is included in the transaction, there is a problem that all attributes are disclosed.
  • a new signature that is, a second certificate is generated and provided to the verification module 140 so that the verification module 140 can check only the attributes that are selectively disclosed.
  • the second certificate provided to the verification module 140 includes only personal information permitted by the node 110 to be disclosed, personal information is not exposed during verification.
  • the verification module 140 verifies the second certificate included in the transaction using the authentication public key generated by the authentication module 120.
  • FIG. 5 shows the audit (Auditor (Inspector)) process.
  • the structure of FIG. 5 may acquire personal information of the node 110 by tracing each distributed transaction and collecting attribute information.
  • an audit module 160 that performs a tracking function for a transaction may be additionally configured.
  • the audit module 160 is a verified object with read permission for transactions within the blockchain network.
  • the audit module 160 has a public key for auditing and a secret key for auditing to perform transaction tracking authority.
  • the audit module 160 may be selectively used by configuring it as a participating node 110 of the blockchain network.
  • the key generated by the audit module 160 may be applied with an existing asymmetric key encryption technique, to which the zero-knowledge concept is not applied.
  • the revocation module 180 For the revocation process, the revocation module 180 first generates a public key and a secret key to prove that the object has revocation authority. Subsequently, the node 110 that needs to discard the certificate transmits a request for revocation to the revocation module 180. The revocation module 180 checks whether the corresponding node 110 is authorized, and notifies the nodes 110 connected to the network that the certificate of the corresponding node 110 is revoked using its key signature.
  • the certificate revocation request is only possible for the authentication module 120, revocation module 180, and node 110 of the corresponding certificate.
  • the verification module 140 does not have permission to request revocation.
  • FIG. 8 is a flow chart showing the operation protocol of another embodiment applied to the blockchain.
  • the peer of this embodiment is a function that requests the authentication module 120 to register (or revoke) a certificate, and a block that requests the authentication service providing module 122 for signing and verifying a transaction It is the participating node 110 of the chain.
  • the authentication module 120 is an object that performs the same function as the authentication module 120 of the above-described embodiment.
  • the certification service provider module 122 transmits the signature and verification request received from the peer to the encryption unit.
  • the authentication service providing module 122 simultaneously functions as a verification module 140 and a signer.
  • Crypto Library Module (124) is a library module that provides functions for key generation, signing, issuing, proof, revocation, tracking, etc. based on Zero-Knowledge.
  • the peer requests registration with the authentication module 120.
  • the authentication module 120 generates and registers a certificate of the peer based on the generated authentication key.
  • the blockchain network performs functions for transactions.
  • the peer requests transaction signature or verification from the authentication service providing module 122.
  • the authentication service providing module 122 performs signature or verification using the peer's certificate.
  • the authentication module 120 generates a first certificate (S120 ), and the node 110 uses the first certificate to omit personal information and zero-knowledge And generating a transaction including the applied second certificate and the second certificate (S140), and the verification module 140 verifying the transaction (S160).
  • step S120 in detail, generating an authentication public key and an authentication secret key using a randomizable digital signature (S122) and generating a first certificate by signing with an authentication secret key using the BBS signing protocol. It may include (S124).
  • Step S140 uses the BBS signature protocol when generating the second certificate.
  • the actual blockchain system 100 was built, and it was confirmed whether normal operation is possible while maintaining anonymity.
  • the source code of FIG. 10( a) performs a function of generating a new signature (certificate) in which all attributes are not disclosed.
  • FIG. 10(b) confirms whether the Proof of Knowledge protocol works by performing verification on the generated signature.
  • FIG. 11 is a result of verifying the certificate generated from the source code of FIG. 10(a). As shown, it was found that the information of uID, Name, Birthday, City, Country, and ProofOfAge included in the Attributes is not displayed in the certificate.
  • Signature generation is performed whenever node 110 generates a transaction. This is closely related to the transaction bottleneck. Referring to FIG. 12, the creation and verification of one new signature consumes an additional time cost of about 92.77 ms. The signature generation process and the verification process have a disadvantage of delaying the service response speed required for one transaction to be processed.
  • ProofOfAge is an attribute that can confirm whether or not an adult is 18 years of age or older, and using this embodiment can provide a service that only adults, such as voting, can participate without disclosing personal information.
  • FIG. 13(b) it can be seen that only ProofOfAge information has been released. As a result, it can be seen that when the configuration of the node 110, the authentication module 120, and the verification module 140 of this embodiment is utilized, it is possible to provide anonymity for personal information in a transaction generated in the blockchain network. .
  • the present invention relates to a blockchain system that provides anonymity of personal information and a method of providing anonymity of personal information on a blockchain, and more specifically, a signature for protecting personal information included in a transaction on a blockchain platform. And verification technology.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The present invention relates to a signature and verification technology for protecting private information included in a transaction on a blockchain platform, the technology comprising: an authentication module for generating a first certificate; a node for generating a second certificate in which private information is omitted by using the first certificate generated in the authentication module and to which zero-knowledge is applied, and a transaction including the second certificate; and a verification module for verifying the transaction generated in the node.

Description

개인정보의 익명성을 제공하는 블록체인 시스템 및 블록체인에서 개인정보의 익명성을 제공하는 방법Blockchain system that provides anonymity of personal information and how to provide anonymity of personal information on blockchain
본 발명은 개인정보의 익명성을 제공하는 블록체인 시스템 및 블록체인에서 개인정보의 익명성을 제공하는 방법에 관한 것으로, 더욱 상세하게는 블록체인 플랫폼에서 트랜잭션에 포함된 개인정보를 보호하기 위한 서명 및 검증 기술에 관한 것이다.The present invention relates to a blockchain system that provides anonymity of personal information and a method of providing anonymity of personal information on a blockchain, and more specifically, a signature for protecting personal information included in a transaction on a blockchain platform. And verification technology.
블록체인은 2009년 등장한 비트코인에서 실용화된 개념으로, P2P 네트워크상에서 공유 원장을 통해 해킹을 방지하면서 데이터를 저장하는 데이터베이스 기술이다.Blockchain is a concept that was put to practical use in Bitcoin, which appeared in 2009, and is a database technology that stores data while preventing hacking through a shared ledger on a P2P network.
이후, 이더리움이 기존의 디지털 명령어인 스마트 컨트랙트와 이것을 기반으로 서비스를 제공하는 DApp 개념을 제시하면서, 블록체인 기술은 플랫폼 영역으로 확장되기 시작하였다.Later, as Ethereum proposed the concept of existing digital commands, smart contracts, and DApps that provide services based on these, blockchain technology began to expand into the platform area.
다수의 블록체인 플랫폼은 개인(Private) 정보와 같이 민감한 데이터를 안전하게 관리하기 위한 별도의 장치가 없다. 분산 원장의 기술 특성상 블록체인 상에 저장되는 트랜잭션의 경우, 네트워크 참여자에게 모두 공유된다. 따라서 블록체인 기술이 사물인터넷과 같은 환경에 적용되는 경우, 사물인터넷 기기의 개인 정보에 대한 익명성을 보장 받지 못한다.Many blockchain platforms do not have a separate device to safely manage sensitive data such as private information. Due to the technical characteristics of the distributed ledger, transactions stored on the blockchain are shared with all network participants. Therefore, when the blockchain technology is applied to an environment such as the Internet of Things, the anonymity of personal information of the IoT device is not guaranteed.
기존의 사용자에 대한 인증 기법은 제3의 인증기관을 통한 인증 방법과, X.509 기반의 증명서 방법이 주로 이용되고 있다. 제3의 인증기관의 경우 검증에 필요한 속성을 명시적으로 정해두어야 하고, 시스템에 대한 병목현상을 유발한다는 단점이 있다. X.509 기반의 증명서의 경우 인증 과정에 인증장치(Certificate Authority)의 도움 없이 인증 과정을 수행하지만, 이후 다른 입증(Verifier) 요청에 따라 서명된 속성(Attributes)의 전체를 공개해야만 하는 문제가 있다.The authentication method for the existing user is mainly used by a third-party authentication authority and an X.509-based authentication method. In the case of a third-party certification authority, the attributes necessary for verification must be explicitly set, and there is a disadvantage that it causes a bottleneck for the system. In the case of X.509-based certificates, the authentication process is performed without the aid of a Certificate Authority, but there is a problem in that the entire signed attributes must be disclosed according to another Verifier request. .
본 발명은 상기와 같은 문제를 해결하기 위한 것으로, 본 발명의 목적은 블록체인 플랫폼에서 트랜잭션에 포함된 개인정보를 보호하기 위한 서명 및 검증 기술을 제공함에 있다.The present invention is to solve the above problems, and an object of the present invention is to provide a signature and verification technology for protecting personal information included in a transaction in a blockchain platform.
본 발명은 퍼미션 구조(Permissioned)의 블록체인 네트워크 상에 영지식(Zero-Knowledge) 기반 증명서를 이용하여 익명성을 제공하면 노드의 개인 정보를 보호할 수 있도록 한 개인정보의 익명성을 제공하는 블록체인 시스템 및 블록체인에서 개인정보의 익명성을 제공하는 방법을 제공하는데 그 목적이 있다.The present invention is a block that provides anonymity of personal information to protect the personal information of a node by providing anonymity using a Zero-Knowledge-based certificate on a permissioned blockchain network. The purpose is to provide a method for providing anonymity of personal information in the chain system and blockchain.
본 발명은 증명서 생성, 발급, 서명 생성, 폐기 및 검증 프로토콜을 각 참여 노드에게 분할함으로 인증과정에서 발생되는 인증모듈의 시스템 병목현상이 해소되어 효율적인 네트워크 구성이 가능하도록 한 개인정보의 익명성을 제공하는 블록체인 시스템 및 블록체인에서 개인정보의 익명성을 제공하는 방법을 제공하는데 그 목적이 있다.The present invention provides anonymity of personal information to enable efficient network configuration by resolving the system bottleneck of the authentication module generated in the authentication process by dividing the protocol for generating, issuing, signing, revoking, and verifying certificates to each participating node. The purpose is to provide a blockchain system and a method for providing anonymity of personal information in the blockchain.
상기와 같은 목적을 달성하기 위한 본 발명에 따른 개인정보의 익명성을 제공하는 블록체인 시스템은 제1증명서를 생성하는 인증모듈; 상기 인증모듈에서 생성된 제1증명서를 이용하여 개인정보가 생략되며 영지식(Zero-Knowledge)이 적용된 제2증명서 및 상기 제2증명서가 포함된 트랜잭션을 생성하는 노드; 및 상기 노드에서 생성된 트랜잭션을 검증하는 검증모듈을 포함하는 것을 특징으로 한다.A blockchain system that provides anonymity of personal information according to the present invention for achieving the above object includes an authentication module for generating a first certificate; A node generating a second certificate to which personal information is omitted and zero-knowledge applied and a transaction including the second certificate using the first certificate generated by the authentication module; And it characterized in that it comprises a verification module for verifying the transaction generated at the node.
또한, 상기 인증모듈은 무작위 디지털 서명(Randomizable Digital Signature)을 이용하여 인증 공개 키 및 인증 비밀 키를 생성하고, BBS서명 프로토콜을 이용하여 상기 인증 비밀 키로 서명함으로써 상기 제1증명서를 생성하는 것을 특징으로 할 수 있다.In addition, the authentication module is characterized in that by generating a public key and an authentication secret key using a random digital signature (Randomizable Digital Signature), and generating the first certificate by signing with the authentication secret key using a BBS signature protocol can do.
또한, 상기 노드는 BBS서명 프로토콜을 이용하여 영지식이 적용된 제2증명서를 생성하는 것을 특징으로 할 수 있다.In addition, the node may be characterized by generating a second certificate to which zero knowledge is applied using the BBS signature protocol.
또한, 상기 트랜잭션을 감사용 공개 키 및 감사용 비밀 키를 이용하여 추적하는 감사모듈을 더 포함하는 것을 특징으로 할 수 있다.In addition, it may be characterized in that it further comprises an audit module for tracking the transaction using the public key for audit and the secret key for audit.
또한, 폐기가 필요한 상기 제2증명서를 폐기하고, 상기 제2증명서의 폐기 사실을 노드에 전달하는 폐기모듈을 더 포함하는 것을 특징으로 할 수 있다.In addition, it may be characterized in that it further comprises a discarding module that discards the second certificate that needs to be discarded and transmits the fact of discarding the second certificate to the node.
한편, 상기와 같은 목적을 달성하기 위한 본 발명에 따른 블록체인에서 개인정보의 익명성을 제공하는 방법은 (A)인증모듈이 제1증명서를 생성하는 단계; (B)노드가 상기 제1증명서를 이용하여 개인정보가 생략되며 영지식(Zero-Knowledge)이 적용된 제2증명서 및 상기 제2증명서가 포함된 트랜잭션을 생성하는 단계; 및 (C)검증모듈이 상기 트랜잭션을 검증하는 단계를 포함하는 것을 특징으로 한다.On the other hand, a method for providing anonymity of personal information in the blockchain according to the present invention for achieving the above object comprises: (A) generating a first certificate by the authentication module; (B) the node using the first certificate, personal information is omitted, and zero-knowledge (Zero-Knowledge) is applied to the second certificate and the second certificate generating a transaction that includes; And (C) verifying the transaction by the verification module.
또한, 상기 (A) 단계는, 무작위 디지털 서명(Randomizable Digital Signature)을 이용하여 인증 공개 키 및 인증 비밀 키를 생성하는 단계; 및 상기 BBS서명 프로토콜을 이용하여 상기 인증 비밀 키로 서명함으로써 상기 제1증명서를 생성하는 단계를 포함하는 것을 특징으로 할 수 있다.In addition, the (A) step, using a random digital signature (Randomizable Digital Signature) generating an authentication public key and an authentication secret key; And generating the first certificate by signing with the authentication secret key using the BBS signing protocol.
또한, 상기 (B) 단계는, 상기 제2증명서 생성 시 BBS서명 프로토콜을 이용하는 것을 특징으로 할 수 있다.In addition, step (B) may be characterized in that a BBS signature protocol is used when generating the second certificate.
본 발명의 실시예에 의한 개인정보의 익명성을 제공하는 블록체인 시스템 및 블록체인에서 개인정보의 익명성을 제공하는 방법에 따르면,According to a blockchain system for providing anonymity of personal information according to an embodiment of the present invention and a method for providing anonymity of personal information in a blockchain,
첫째, 퍼미션 구조(Permissioned)의 블록체인 네트워크 상에 영지식(Zero-Knowledge) 기반 증명서를 이용하여 익명성을 제공하면 노드의 개인 정보를 보호할 수 있게 된다.First, if anonymity is provided using a Zero-Knowledge-based certificate on a Permissioned Blockchain network, the node's personal information can be protected.
둘째, 증명서 생성, 발급, 서명 생성, 폐기 및 검증 프로토콜을 각 참여 노드에게 분할함으로 인증과정에서 발생되는 인증모듈의 시스템 병목현상이 해소되어 효율적인 네트워크 구성이 가능하게 된다.Second, by dividing the certificate creation, issuance, signature generation, revocation, and verification protocols to each participating node, the system bottleneck of the authentication module generated in the authentication process is resolved, thereby enabling efficient network configuration.
도 1은 블록체인 블록의 구조를 나타낸 도면.1 is a view showing the structure of a blockchain block.
도 2는 하이퍼레져-패브릭(Hyperledger-Fabric)의 블록 구조를 나타낸 도면.2 is a diagram showing a block structure of Hyperledger-Fabric.
도 3은 본 발명의 실시예에 따른 개인정보의 익명성을 제공하는 블록체인 시스템의 구성도.3 is a block diagram of a blockchain system that provides anonymity of personal information according to an embodiment of the present invention.
도 4는 인증모듈과 노드 간의 영지식 증명서 발급과 트랜잭션 생성 과정을 나타낸 도면.4 is a diagram showing the process of issuing a zero-knowledge certificate and generating a transaction between an authentication module and a node.
도 5는 영지식 증명서를 이용하여 익명성을 제공하는 트랜잭션을 생성하는 과정을 보다 구체적으로 나타낸 도면.5 is a diagram more specifically illustrating a process of generating a transaction providing anonymity using a zero-knowledge certificate.
도 6은 감사모듈이 트랜잭션을 추적하는 과정을 나타낸 도면.6 is a diagram illustrating a process in which the audit module tracks a transaction.
도 7은 인증모듈, 폐기모듈, 노드가 증명서를 폐기하는 관계를 나타낸 도면.7 is a view showing the relationship between the authentication module, the revocation module, and the node revoking the certificate.
도 8은 블록체인에 적용된 다른 실시예의 동작 프로토콜을 나타내는 순서도.8 is a flow chart showing the operation protocol of another embodiment applied to the blockchain.
도 9는 본 발명의 실시예에 따른 블록체인에서 개인정보의 익명성을 제공하는 방법의 순서도.9 is a flowchart of a method for providing anonymity of personal information in a blockchain according to an embodiment of the present invention.
도 10은 모든 속성이 공개되지 않는 증명서를 생성하는 소스코드(a) 및 생성된 증명서를 검증하는 소스코드(b)를 나타낸 도면.10 is a diagram showing source code (a) for generating a certificate for which all attributes are not disclosed and source code (b) for verifying the generated certificate.
도 11은 도 10(a)의 소스코드에서 생성된 증명서를 검증한 결과를 나타낸 도면.FIG. 11 is a view showing a result of verifying a certificate generated from the source code of FIG. 10(a).
도 12는 증명서의 생성과 검증에 소요되는 시간을 나타내는 그래프.12 is a graph showing the time required to generate and verify a certificate.
도 13은 속성 중 ProofOfAge만 공개하는 증명서를 생성하는 소스코드(a) 및 생성된 증명서를 검증한 결과를 나타낸 도면.FIG. 13 is a view showing a result of verifying the source code (a) generating a certificate that only the ProofOfAge is published among the attributes and the generated certificate.
이하 첨부된 도면을 참조하여 본 발명에 따른 개인정보의 익명성을 제공하는 블록체인 시스템 및 블록체인에서 개인정보의 익명성을 제공하는 방법의 바람직한 실시예를 상세히 설명한다.Hereinafter, a preferred embodiment of a blockchain system providing anonymity of personal information and a method of providing anonymity of personal information in a blockchain will be described in detail with reference to the accompanying drawings.
도 1을 참조하면, 블록체인의 블록은 최종 데이터를 제공하는 하나의 단위로, 헤더(Header)와 바디(Body)로 구성된다. 블록 중 유효성 검증 및 합의 알고리즘을 거쳐 허가된 블록만이 블록체인에 등록된다. 각 블록체인 플랫폼마다 정의된 데이터 구조는 상이하지만, 일반적으로 블록 헤더(Header)에는 이전 블록의 해쉬(Hash)값, MRH(Merkle Root Hash)값 등과 같이 블록에 대한 정보, 검증에 필요한 정보, 및 네트워크에 필요한 정보들을 담고 있다. 블록 바디(Body)는 트랜잭션이 담겨져 있다.Referring to FIG. 1, a block of a blockchain is a unit that provides final data, and is composed of a header and a body. Of the blocks, only blocks that are approved through the validation and consensus algorithm are registered on the blockchain. The data structure defined for each blockchain platform is different, but in general, the block header includes information about the block, such as the hash value of the previous block, the Merkle Root Hash (MRH) value, and information necessary for verification, and Contains necessary information for the network. The block body contains transactions.
블록체인은 네트워크 참여자들이 트랜잭션이 담긴 블록을 P2P 방식으로 생성된 체인 형태의 분산 데이터 저장 환경에 저장하는 기술로, 블록에 대한 위변조가 불가능한 불멸성을 제공하는 데이터베이스 기술이다. 로직수준(Logic Level)의 스마트 컨트랙트와 애플리케이션 수준(Application Level)의 DApp 개념이 블록체인에 포함되면서 데이터베이스 기능에 더하여 서비스 개발, 배포, 관리가 가능한 플랫폼 영역의 기술로 발전하였다.Blockchain is a technology that allows network participants to store the block containing the transaction in a distributed data storage environment in the form of a chain created by P2P method, and is a database technology that provides immortality that is impossible to tamper with. As the concept of logic level smart contracts and application level DApps are included in the blockchain, it has developed into a platform area technology that enables service development, distribution, and management in addition to database functions.
블록체인 구조는 퍼미션 구조(Permissioned)와, 비퍼미션 구조(Permissionless)로 구분될 수 있다.Blockchain structure can be divided into Permissioned and Permissionless.
퍼미션 구조는 공개(Public) 구조의 블록체인으로 누구나 자유롭게 네트워크에 참여할 수 있는 구조이다. 비검증 노드들이 트랜잭션을 생성, 검증, 합의 알고리즘에 참여해 블록체인에 데이터를 저장할 수 있는 완전 탈중앙화 구조이다. 블록체인 네트워크가 활성화되기 위해서는 자발적으로 네트워크의 합의 알고리즘에 참여하는 구조가 되어야 한다. 일반적으로 암호화폐와 같은 토큰(Token)을 제공하면서 네트워크 신뢰성을 위해 블록 생성 시간을 네트워크 자체에서 알고리즘상으로 유지하는 방식으로서 PoW(Proof of Work), PoS(Proof of Stake) 기반의 합의 알고리즘을 사용한다. 비트코인, 이더리움 등이 해당된다.The permission structure is a public structure blockchain that anyone can freely participate in the network. It is a completely decentralized structure where non-validated nodes can participate in transaction creation, verification, and consensus algorithms to store data on the blockchain. In order for the blockchain network to be activated, it must be a structure that voluntarily participates in the network's consensus algorithm. In general, it uses a consensus algorithm based on PoW (Proof of Work) and PoS (Proof of Stake) as a method of maintaining the block generation time algorithmically in the network itself for network reliability while providing tokens such as cryptocurrency. do. Bitcoin and Ethereum are examples.
비퍼미션 구조는 컨소시엄(Consortium) 구조 또는 개인(Private) 구조의 블록체인으로, 제한적으로 검증된 노드만이 트랜잭션 유효성을 검증하고, 합의 알고리즘을 수행하는 구조이다. 컨소시엄 구조의 경우 검증된 노드들이 동등한 위치에서 합의 알고리즘을 수행한다. 개인(Private) 구조의 경우 하나의 집단(Enterprise)이 모든 것을 담당하는 완전 중앙집중식 구조이다. 개인(Private) 구조는 합의 알고리즘에 참여하는 노드의 수가 적고, 검증된 노드들만이 참여할 수 있기 때문에, 공개(Public) 구조보다 트랜잭션 처리 속도가 월등히 뛰어나다. 대표적으로는 R3 Corda, Hyperledger-Fabric 등이 있다.The non-permission structure is a blockchain of a consortium structure or a private structure, where only limitedly verified nodes verify transaction validity and perform consensus algorithms. In the case of a consortium structure, the verified nodes perform consensus algorithms at equal positions. In the case of a private structure, a single enterprise (Enterprise) takes care of everything. In the private structure, since the number of nodes participating in the consensus algorithm is small and only verified nodes can participate, the transaction processing speed is superior to the public structure. Representative examples include R3 Corda and Hyperledger-Fabric.
합의 알고리즘은 블록체인에 트랜잭션 데이터를 저장하기 위해 공유 원장(Ledger)에 누가 블록에 대한 권한을 가질 것인지 합의하는 과정이다. 합의 알고리즘에 의해 선택된 피어(Peer)는 자신이 생성한 블록을 자신의 원장에 등록하고 다른 피어들에게 이를 전파한다. 새로운 블록을 전달받은 피어들은 블록에 대한 유효성 검증을 수행하고, 유효하다면 이를 원장에 반영한다. 대표적인 합의 알고리즘은 PoW(Proof of Work), PoS(Proof of Stake), DPoS(Delegated Proof of Stake), PBFT(Practical Byzantine Fault Tolerance) 등이 있다. The consensus algorithm is the process of consensus who will have authority over the block in the shared ledger to store transaction data on the blockchain. The peer selected by the consensus algorithm registers the block it creates in its ledger and propagates it to other peers. Peers that have received the new block perform validation on the block and, if valid, reflect it in the ledger. Typical consensus algorithms include Proof of Work (PoW), Proof of Stake (PoS), Delegated Proof of Stake (DPoS), and Practical Byzantine Fault Tolerance (PBFT).
스마트 컨트랙트는 1994년 Nick Szabo가 제안한 개념으로, 디지털 명령어로 작성되어, 조건에 따라 계약 내용을 실행할 수 있다. 이는 조건에 따른 계약 결과가 명확하지만 디지털 명령어의 특성상 조작 가능하다는 한계점이 있었다. 하지만 블록체인과 융합되면서 스마트 컨트랙트 동작 결과가 블록체인에 반영되어 조작이 불가능하게 되면서 블록체인의 핵심 기술로 자리 잡았다. 스마트 컨트랙트는 조건에 따라 계약 내용을 수행하면서 튜링 완전성을 제공하고, 블록체인을 기반으로 프로세스를 수행할 수 있다는 점에서 블록체인 기반의 서비스를 제공하는 플랫폼의 로직 레이어(Logic Layer) 역할을 수행한다.Smart contract is a concept proposed by Nick Szabo in 1994. It is written in digital commands, and can execute contract contents according to conditions. This has a limitation that although the contract result according to the conditions is clear, it can be manipulated due to the nature of digital commands. However, as the result of the smart contract operation is reflected in the blockchain as it is fused with the blockchain, it becomes impossible to operate, and thus it has become a core technology of the blockchain. The smart contract serves as a logic layer of the platform that provides blockchain-based services in that it provides Turing completeness while performing contract contents according to conditions and can perform processes based on blockchain. .
DApp은 블록체인 기반의 탈중앙화 애플리케이션이다. 서비스에 사용되는 자원이 블록체인 네트워크에 분산되어 저장되며, 블록체인에 등록되는 고신뢰 데이터의 경우, 한 번 저장되면 위변조가 불가능하다는 특징을 가지고 있다. DApp 서비스는 스마트 컨트랙트를 통해 블록체인에 대한 프로세스를 수행하며, 여러 개의 스마트 컨트랙트 기능을 조합하여 서비스를 제공한다. 애플리케이션의 가장 중요한 요소인 서비스 응답 시간의 경우 블록체인 네트워크의 트랜잭션 처리 속도에 영향을 받기 때문에, 필요한 애플리케이션의 용도에 따라 적합한 블록체인 네트워크 구조를 선택해야 한다.DApp is a blockchain-based decentralized application. The resources used for the service are distributed and stored in the blockchain network, and in the case of highly reliable data registered in the blockchain, forgery and alteration is impossible once stored. The DApp service performs a process on the blockchain through a smart contract, and provides services by combining multiple smart contract functions. The service response time, which is the most important element of the application, is affected by the transaction processing speed of the blockchain network, so it is necessary to select the appropriate blockchain network structure according to the application needs.
DApp 서비스 개발을 위해서는 스마트 컨트랙트를 애플리케이션에서 호출하기 위한 인터페이스가 요구된다. 스마트 컨트랙트 개념을 포함하는 블록체인 플랫폼들은 연동 인터페이스를 지원하는 도구들을 지원한다.In order to develop a DApp service, an interface for calling a smart contract from an application is required. Blockchain platforms, including the concept of smart contracts, support tools that support interworking interfaces.
하이퍼레져(Hyperledger)는 리눅스 재단(Linux Foundation)에서 지원하는 표준 블록체인 기술 구현을 목적으로 하는 프로젝트다. 그 중 Fabric은 기업용 블록체인 프레임워크로, 멤버쉽 서비스(Membership Service) 기반 퍼미션 구조의 블록체인 플랫폼이다. 체인코드(Chaincode)라고 불리는 go, java 언어 기반의 스마트 컨트랙트 작성이 가능하며, 네트워크에는 피어(Peer), 주문자(Orderer), MSP(Membership Service Provider) 등 여러 구성 요소들이 있다.Hyperledger is a project aimed at implementing standard blockchain technology supported by the Linux Foundation. Among them, Fabric is an enterprise blockchain framework, and is a blockchain platform with permission structure based on membership service. It is possible to write smart contracts based on go and java languages called chaincode, and there are several components in the network, including peers, orderers, and MSPs (Membership Service Providers).
도 2를 참조하면, 블록은 헤더(Header), 데이터(Data), 메타데이터(Metadata)를 포함한다.Referring to FIG. 2, a block includes a header, data, and metadata.
헤더(Header)는 총 3가지 변수를 가지고 있다. 블록의 색인(Index)을 저장하는 Number 변수, 이전 블록 헤더(Header)의 해쉬(Hash)값인 PreviousHash 변수, 데이터(트랜잭션들)에 대한 MRH(Merkle Root Hash)값인 DataHash 변수이다.Header has three variables in total. It is the Number variable that stores the index of the block, the PreviousHash variable that is the hash value of the previous block header, and the DataHash variable that is the Merkle Root Hash (MRH) value for data (transactions).
데이터(Data)는 단순히 트랜잭션들의 배열로 구성되며, 각각의 트랜잭션은 Type, Version, Timestamp, Channel ID, TxID, Epoch, Chaincode info, Creator Identity, Endorser Identity, Status, Read Set, Write Set, Key value 등으로 구성되어 있다.Data consists simply of an array of transactions, and each transaction is Type, Version, Timestamp, Channel ID, TxID, Epoch, Chaincode info, Creator Identity, Endorser Identity, Status, Read Set, Write Set, Key value, etc. It consists of.
메타데이터(Metadata)는 주문자 신원(Orderer Identity), 제작자 신원(Creator Identity), 및 각 트랜잭션에 대한 플래그(Flag) 정보로 구성되어 있다.Metadata consists of orderer identity, creator identity, and flag information for each transaction.
피어(Peer)는 블록체인 네트워크의 필수 요소로, 하이퍼레져-패브릭(Hyperledger-Fabric)에서 피어(Peer)의 역할에 따라 양도인(Endorser), 커미터(Committer)로 구분된다.Peers are essential elements of the blockchain network, and are classified into Endorser and Comitter according to the role of Peer in Hyperledger-Fabric.
양도인(Endorser)은 커미터(Committer)를 포함하는 개념으로, 추가적으로 클라이언트의 요청으로부터 보증(Endorse) 기능을 수행한다. 유저(User, 노드)로부터 요청받은 체인코드(Chaincode)를 실행하고, 이에 대한 결과 상태(State)를 양도인(Endorser)의 개인 키로 서명하는 보증(endorse) 과정을 거친다. 이후 과정에 따른 결과인 보증서(endorsement)를 유저에게 반환하는 기능을 수행한다.Endorser is a concept that includes a committer, and additionally performs an endorse function from the client's request. It executes the chaincode requested from the user (User, node), and goes through an endorsement process of signing the resulting state with the endorser's private key. It performs the function of returning the endorsement, which is the result of the subsequent process, to the user.
커미터(Committer)는 원장(Ledger)과 이벤트허브(Event-hub)를 가지고 있다. 원장(Ledger)은 블록체인과 로컬데이터베이스(Local Database)로 이루어진 공유 원장이며, 이벤트허브(Event-hub)는 커미터(Committer)로부터 기능을 요청하고, 응답을 받을 때 사용하는 인터페이스(Interface)이다. 클라이언트(Client)로부터 요청받은 쿼리(Query) 명령에 의해 원장(Ledger)의 콘텐츠를 클라이언트(Client)로 반환해주는 기능(read)과, 주문자(Orderer)로부터 전달받은 블록에 대해 유효성 검증을 수행한 후 원장(Ledger)에 저장하는 기능을 수행한다. The Committer has a Ledger and an Event-hub. Ledger is a shared ledger consisting of a blockchain and a local database, and Event-hub is an interface used to request functions from a committer and receive a response. After the function (read) that returns the contents of the ledger to the client by the query command requested from the client, and after validating the block received from the orderer It performs the function of saving in the Ledger.
하이퍼레져-패브릭(Hyperledger-Fabric)에서 원장(Ledger)은 기존의 블록체인과 블록체인의 상태를 추적, 저장하는 State Database로 이루어져 있다. 기존의 블록체인과 동일하게, 위변조가 불가능한 불멸성을 제공하는 원장(Ledger)으로 트랜잭션과 네트워크에 대한 정보를 담고 있다. 상태 데이터베이스(State Database)는 키값(key-value) 기반의 페어(pair)로 구성된 LevelDB 기반의 데이터베이스로, 블록체인에 저장되는 최근 상태(State)를 기록하고 추적하는 기능을 가진다. 이는 원장의 현재 상태(State)를 알기 위해 전체 블록체인을 탐색하지 않도록 하여 블록체인 내에서 상태 정보 검색 시간을 줄인다.In Hyperledger-Fabric, Ledger consists of an existing blockchain and a state database that tracks and stores the state of the blockchain. As with existing blockchains, Ledger provides immortality that cannot be forged and contains information about transactions and networks. The State Database is a LevelDB-based database composed of key-value-based pairs, and has the function of recording and tracking the latest state stored in the blockchain. This reduces the time to search for state information in the blockchain by not searching the entire blockchain to know the current state of the ledger.
주문자(Orderer)는 클라이언트(Client)로부터 보증서(endorsement)를 전달받고, 이를 블록체인에 저장하기 위한 기능을 수행한다. 먼저, 블록체인은 트랜잭션의 순서에 따라 다음 블록의 헤더(Header) 정보가 달라지기 때문에, 등록을 수행할 보증서(endorsement)의 순서를 정리(Ordering)한다. 이후, 블록체인에 저장하기 위해 블록의 형태로 변환하는 패키징(Packaging) 과정을 수행한다. 마지막으로 만들어진 블록을 해당되는 채널(Channel)의 원장(Ledger)에 반영하기 위해 원장(Ledger)를 가진 피어(Peer)들(양도인, 커미터)에게 생성된 블록을 전달하는 역할을 수행한다. 위 기능을 수행하는 주문자(Orderer)는 하이퍼레져-패브릭(Hyperledger-Fabric) 네트워크의 채널(Channel) 필수 요소로, 한 채널(Channel)에 여러 개의 주문자(Orderer)가 존재할 수 있으며, 이 때 주문자(Orderer)들은 합의 과정을 통해 블록에 대한 생성 권한을 결정한다.The orderer receives the endorsement from the client and performs a function for storing it in the blockchain. First, since the header information of the next block varies according to the order of the transaction, the blockchain organizes the order of the endorsement to perform registration. Thereafter, a packaging process is performed to convert to a block form for storage in a blockchain. In order to reflect the last created block in the Ledger of the corresponding channel, it plays a role of delivering the generated block to Peers (transferor, committer) with the Ledger. The orderer that performs the above functions is an essential element of the channel of the Hyperledger-Fabric network, and multiple orderers can exist in one channel. Orderers) decide the creation authority for the block through the consensus process.
MSP(Membership Service Provider)는 하이퍼레져-패브릭(Hyperledger-Fabric) 네트워크에서 접근 권한 제어를 수행하는 핵심 요소이다. 네트워크, 채널(Channel), 피어(Peer), 주문자(Orderer) 등 필요 역할에 따라 개념적으로 4가지로 구분되며, 증명서 기반의 권한을 통한 접근 제어 기능을 제공한다. 네트워크MSP는 네트워크 관리 수행(채널 생성 등) 권한을 제어한다. 채널MSP는 채널(Channel) 내의 피어(Peer)에 대한 권한을 제어한다. 피어MSP는 채널MSP와 동일하게 피어(Peer)에 대한 권한을 제어하지만, 해당 피어(Peer)에 대해서만 적용된다. 주문자MSP는 주문자(Orderer)에 대한 권한을 제어한다.Membership Service Provider (MSP) is a key element in controlling access authority in a Hyperledger-Fabric network. It is conceptually divided into 4 types according to required roles such as network, channel, peer, and orderer, and provides access control function through certificate-based authority. The network MSP controls the authority to perform network management (channel creation, etc.). The channel MSP controls authority for peers in a channel. The peer MSP controls the authority for the peer in the same way as the channel MSP, but is applied only to the peer. The orderer MSP controls the authority for the orderer.
Fabric-CA는 하이퍼레져-패브릭(Hyperledger-Fabric) 네트워크에서 인증장치(Certificate Authority) 역할을 수행하는 요소로, 선택적으로 사용할 수 있다. MSP와 연동되어 피어(Peer)가 요청한 증명서(Certificate)를 발급 및 관리하는 역할을 수행하며, 2가지의 증명서(Certificate)를 제공한다. Ecert(Enrollment Certificate)는 피어(Peer)의 식별자(Identity)로, 지속적으로 사용된다. Tcert(Transaction Certificate)는 트랜잭션 검증에 사용되며, 일회용이다.Fabric-CA is an element that plays the role of a certification authority in a Hyperledger-Fabric network and can be used selectively. It works in conjunction with MSP to issue and manage certificates requested by peers, and provides two types of certificates. Ecert (Enrollment Certificate) is an identifier of a peer, and is used continuously. Tcert (Transaction Certificate) is used for transaction verification and is disposable.
채널(Channel)은 하이퍼레져-패브릭(Hyperledger-Fabric)의 기본 네트워크 단위로, 각 채널(Channel)은 독립된 블록체인 공유 원장과 체인코드(Chaincode)를 가진다. 채널(Channel) 생성은 네트워크MSP에서 시스템에 대한 권한이 있는 사용자만이 가능하며, 기본적으로 피어(Peer)를 포함한 조직(Organization), 주문자(Orderer) 및 MSP로 구성되어 있다. 즉, 각 채널(Channel)은 하나의 전체 네트워크 내에서 다른 채널(Channel)과는 독립된 파일 시스템을 가진 서브 네트워크이다.Channel is a basic network unit of Hyperledger-Fabric, and each channel has an independent blockchain shared ledger and chaincode. Channel creation is possible only for users with authority to the system in the network MSP, and basically consists of an organization including a peer, an orderer, and an MSP. That is, each channel is a sub-network having a file system independent of the other channels in one entire network.
하이퍼레져-패브릭(Hyperledger-Fabric)의 체인코드(Chaincode)는 경우 go, java 언어 기반의 스마트 컨트랙트 개념이다. 하지만 블록체인 위에 바이너리 소스코드(Binary Source Code)가 등록되는 이더리움의 스마트 컨트랙트와는 다르게, 블록체인 네트워크에 등록된 검증된 피어(Peer)들이 체인코드(Chaincode)를 가지고 있다. 체인코드(Chaincode)는 시스템 체인코드와 일반 체인코드로 구분된다. 시스템 체인코드는 네트워크 시스템 프로세스를 수행하는 체인코드(Chaincode)로 네트워크 생성 때 등록할 수 있으며, 네트워크가 활성화된 이후 변경이 불가능하다. 일반 체인코드는 서비스를 제공하는 체인코드(Chaincode)로, 사용자들의 요청에 따라 양도인(Endorser)를 통해 트랜잭션의 형태로 수행된다. 생성, 수정 등이 가능하며, 채널(Channel) 단위로 유지된다. 일반 체인코드의 실행 결과는 하나의 트랜잭션이다. 클라이언트(Client)가 제안한 체인코드(Chaincode)는 양도인(Endorser)에 의해 실행 및 검증(서명)되고, 보증서(endorsement) 형태로 클라이언트(Client)에게 전송된다. 이후 클라이언트(Client)는 트랜잭션의 실행 조건인 보증정책(Endorsement Policy)를 확인하고 주문자(Orderer)에게 전송한다. 전송된 체인코드(Chaincode)의 결과 상태인 트랜잭션은 주문자(Orderer)에 의해 정리(Ordering), 패키징(Packaging) 과정을 거치고 생성된 블록은 양도인(Endorser), 커미터(Committer)에게 전송되어 확인(Validation) 과정을 수행 후 원장(Ledger)에 반영된다.The chaincode of Hyperledger-Fabric is a smart contract concept based on go and java languages. However, unlike Ethereum's smart contract, where binary source code is registered on the blockchain, verified peers registered on the blockchain network have a chaincode. Chaincode is divided into system chaincode and general chaincode. The system chaincode is a chaincode that performs the  network system process and can be registered when the network is created, and cannot be changed after the network is activated. The general chaincode is a chaincode that provides services, and is performed in the form of a transaction through an endorser at the request of users. It is possible to create, modify, etc., and is maintained in a channel unit. The result of executing the general chaincode is a transaction. The chaincode proposed by the client is executed and verified (signed) by the endorser, and transmitted to the client in the form of an endorsement. Then, the client checks the endorsement policy, which is the execution condition of the transaction, and sends it to the orderer. Transactions that are the result of the transmitted chaincode go through the ordering and packaging process by the orderer, and the generated blocks are sent to the endorser and committer for validation. ) After performing the process, it is reflected in the Ledger.
하이퍼레져-패브릭(Hyperledger-Fabric)에서의 합의 알고리즘은 트랜잭션에 대한 보증서(endorsement)와 정리(Ordering), 확인(Validation) 과정을 뜻한다. 즉, 클라이언트로부터 요청된 트랜잭션이 피어(Peer)에게 검증받고, 합의 과정을 통해 블록을 생성하는 주문자(Orderer)에 의해 정리(Ordering), 패키징(Packaging) 과정을 거치고, 원장(Ledger)에 저장되기 위해 확인(Validation)을 수행하는 전반적인 트랜잭션 수행 과정을 뜻한다. 보증서(endorsement)는 요청된 트랜잭션에 대해 피어(Peer)가 실행, 검증 및 서명을 수행한 결과이다.The consensus algorithm in Hyperledger-Fabric refers to the process of endorsement, ordering and validation for a transaction. That is, the transaction requested from the client is verified by the peer, and through the ordering and packaging process by the orderer who creates the block through the consensus process, it is stored in the ledger. Refers to the overall transaction execution process for performing validation. The endorsement is the result of the peer executing, verifying and signing the requested transaction.
정리(Ordering)는 여러 클라이언트(Client)로부터 전송받은 승인된 트랜잭션들을 블록에 등록할 순서를 결정하는 과정이다(합의 알고리즘 적용).Ordering is the process of deciding the order to register approved transactions received from multiple clients in a block (consensus algorithm applied).
확인(Validation)는 원장(Ledger)를 가지고 있는 피어에서 수행되는 과정으로, 주문자(Orderer)로부터 전송받은 블록에 대한 유효성 검증 과정이다.Validation is a process performed by a peer with a ledger, and is a process of validating a block received from an orderer.
Fabric-SDK는 하이퍼레져-패브릭(Hyperledger-Fabric)에서 지원하는 도구로, 블록체인 서비스를 제공하기 위해 DApp과 체인코드(Chaincode)를 연결해주는 인터페이스를 제공한다. go, node.js, java 언어를 지원하며, MSP를 통해 애플리케이션에 대한 접근 권한을 획득하는 기능부터, 트랜잭션(Chaincode)을 제안하는 기능 등의 서비스가 가능하다.Fabric-SDK is a tool supported by Hyperledger-Fabric, and provides an interface that connects DApp and Chaincode to provide blockchain services. It supports go, node.js, and java languages. Services such as the ability to obtain access to an application through MSP, and the ability to propose a transaction (Chaincode) are available.
하이퍼레져-패브릭(Hyperledger-Fabric)의 DApp의 동작 과정 및 블록체인 연동 구조는 기존의 블록체인 플랫폼과 유사하다. HTTP 기반의 프로토콜을 사용하며, SDK tool을 통해 체인코드(Chaincode)에서 제공하는 기능을 기반으로 DApp에서 서비스를 개발, 배포한다.Hyperledger-Fabric's DApp operation process and blockchain interworking structure are similar to existing blockchain platforms. It uses HTTP-based protocol, and develops and distributes services in DApp based on the functions provided by Chaincode through SDK tools.
영지식(Zero-Knowledge)은 익명성을 보장하는 프로토콜로, 증명자(Certifier)가 자신이 가진 비밀 정보를 공개하지 않더라도, 비밀 정보를 가지고 있다는 것을 증명하는 방법이다. 즉, 사용자의 개인 정보를 공개하지 않더라도 사용자의 개인 정보에 대한 유효성 검증을 수행할 수 있다. 영지식은 다음의 3가지 기본 조건이 충족되어야 한다. 완전성(Completeness)은 어떤 문장이 참이면, 정직한 증명자(Certifier)는 정직한 검증장치(Verifier)에게 이 사실을 납득시킬 수 있어야 한다. 안정성(Soundness)는 어떤 문장이 거짓이면, 어떠한 부정직한 증명자(Certifier)라도 정직한 검증장치(Verifier)에게 이 문장이 사실이라고 납득시킬 수 없어야 한다. 영지식은 어떤 문장이 참이면, 검증장치(Verifier)는 문장의 참/거짓 이외에는 아무것도 알 수 없어야 한다.Zero-Knowledge is a protocol that guarantees anonymity, and it is a way to prove that a certifier has confidential information even if it does not disclose its own confidential information. That is, it is possible to perform validation of the user's personal information even if the user's personal information is not disclosed. The following three basic conditions must be met for zero knowledge. Completeness means that if a sentence is true, an honest Certifier must be able to convince the honest Verifier. Stability should not convince any honest Certifier that this sentence is true if any sentence is false. Zero-knowledge means that if a sentence is true, the Verifier must know nothing other than the true/false of the sentence.
영지식은 사용자 인증 정보의 해쉬(Hash) 값을 전송하는 기존의 시스템과 다르게, 사용자 인증 정보를 네트워크 통신상에 포함하지 않고도 정보가 올바르게 있다는 것을 증명 가능하다.Unlike the existing system that transmits a hash value of user authentication information, zero knowledge can prove that the information is correct without including the user authentication information on the network communication.
영지식 기반의 익명성을 제공하는 서명(Signature) 프로토콜은 대표적으로 CL(Camenish-Lysyanskaya)서명과 BBS(Boneh-Boyen-Shacham)서명 2가지가 있다. 둘 모두 bilinear groups를 이용한 기법이다. 위 서명(Signature)들은 비밀 키로 서명된 메시지를 전송하지 않고, 검증장치(Verifier)가 요구하는 계산된 값을 제공함으로 사용자가 비밀 키를 가지고 있다는 것을 증명해 낼 수 있다. There are two signature protocols that provide anonymity based knowledge: CL (Camenish-Lysyanskaya) signature and BBS (Boneh-Boyen-Shacham) signature. Both are techniques using bilinear groups. The above signatures can prove that the user has a secret key by not providing a message signed with the secret key, but by providing the calculated value required by the verifier.
CL(Camenish-Lysyanskaya)서명은 초기 SDH(Strong Diffie-Hellman) 기반으로 제안되었다. 이후 효율적인 측면에서 개선되어 현재는 LRSW(Lysyanskaya-Rivest-Sahai- Wolf) 가정을 기반으로 한다. LRSW는 SDH 가정과는 다르게, 메시지의 속성(Attributes)에 따라 독립적인 이상대수(discrete-logarithm)을 지원하여, 더욱 유연하다는 특징을 가지고 있다. CL서명은 사용자가 비밀 키로 서명된 메시지를 전송하는 인증 과정을 거치지 않고, 검증장치(Verifier)가 요구하는 계산된 값을 제공함으로 사용자가 비밀 키를 가지고 있다는 것을 증명해 낼 수 있다. The CL (Camenish-Lysyanskaya) signature was proposed based on the initial Strong Diffie-Hellman (SDH). It has since been improved in terms of efficiency and is now based on the LRSW (Lysyanskaya-Rivest-Sahai- Wolf) assumption. Unlike the SDH assumption, LRSW supports independent discrete-logarithm according to the attributes of the message, which makes it more flexible. The CL signature can prove that the user has the secret key by providing the calculated value required by the verifier without going through the authentication process in which the user sends the message signed with the secret key.
BBS(Boneh-Boyen-Shacham)서명은 DLIN(Decision LINear)이라는 새로운 가정을 기반으로 제안된 서명(Signature) 기법이다. CL서명과 동일한 영지식 기반의 서명 기법으로, 익명성을 제공한다. 정보에 대한 유무를 검증하는 지식증명(Proof of Knowledge) 프로토콜에서는 CL서명보다 더 효율적인 특징이 있다.The BBS (Boneh-Boyen-Shacham) signature is a proposed signature technique based on a new assumption of Declination LINear (DLIN). This is a zero-knowledge-based signature technique that is identical to the CL signature, providing anonymity. The Proof of Knowledge protocol, which verifies the presence or absence of information, has a more efficient feature than CL signature.
무작위 디지털 서명(Randomizable Digital Signature)은 메시지 수에 상관없이 항상 두 개의 요소로 구성된 서명(Signature) 기법이다. 무작위 디지털 서명은 CL서명과는 다르게 bilinear groups의 type-3 페어링 방식을 무조건 사용해야만 한다. 하지만 최근 CL서명 기반의 여러 프로토콜들은 효율성과 보안상의 이유로 bilinear groups의 type-3 페어링 방식을 사용하기 때문에, CL서명과 동일한 보안성과 특징을 제공하면서도 더욱 효율적이다.Randomizable digital signature is a signature technique that always consists of two elements regardless of the number of messages. Unlike digital signatures, random digital signatures must use the type-3 pairing method of bilinear groups unconditionally. However, several protocols based on CL signatures are more efficient while providing the same security and features as CL signatures, because they use type-3 pairing of bilinear groups for efficiency and security reasons.
무작위 디지털 서명(Randomizable Digital Signature)은 CL서명에서 각각의 메시지 m에 따라 각각의 서명을 새로 만드는 것이 아니라, 기존의 서명을 이용해 새로운 서명을 만드는 방법이다. 메시지 m에 대한 서명
Figure PCTKR2019016472-appb-img-000001
이 존재할 때, 랜덤(random)한
Figure PCTKR2019016472-appb-img-000002
값을 선택하고,
Figure PCTKR2019016472-appb-img-000003
을 계산함으로 새로운 서명을 만들어서 임의성(Randomizability)를 제공한다.The randomizable digital signature is a method of creating a new signature using an existing signature rather than creating a new signature according to each message m in the CL signature. Signature for message m
Figure PCTKR2019016472-appb-img-000001
When present, random
Figure PCTKR2019016472-appb-img-000002
Select a value,
Figure PCTKR2019016472-appb-img-000003
By calculating, we create a new signature to provide randomness.
본 발명의 실시예에 따른 개인정보의 익명성을 제공하는 블록체인 시스템(100)은 익명성 제공이 가능한 블록체인 플랫폼에 관한 기술이다. 이 실시예는 퍼미션 구조(Permissioned)의 블록체인 플랫폼상에서 개인정보가 담긴 트랜잭션에 대한 익명성을 제공한다.The blockchain system 100 that provides anonymity of personal information according to an embodiment of the present invention is a technology for a blockchain platform capable of providing anonymity. This embodiment provides anonymity for transactions containing personal information on a permissioned blockchain platform.
이 실시예는 블록체인 네트워크의 익명성 문제점을 해결하기 위해 영지식 기반의 서명 기법을 적용하는 방법을 제안한다. 트랜잭션 생성에 대한 효율적인 처리를 위하여, 무작위 디지털 서명(Randomizable Digital Signature)의 키 생성 프로토콜을 사용하고, 지식증명(Proof of Knowledge)에는 BBS서명의 프로토콜을 적용한다.This embodiment proposes a method of applying a zero-knowledge-based signature technique to solve the anonymity problem of the blockchain network. For efficient processing of transaction generation, a key generation protocol of randomizable digital signature is used, and a protocol of BBS signature is applied to Proof of Knowledge.
이 실시예는 블록체인 네트워크와 연결되어 노드(110)의 개인 정보를 담는 증명서(Certificate) 생성, 서명, 발급, 폐기, 추적 등의 기능을 수행하며, 증명서(Certificate) 내의 개인 정보인 속성(Attributes)에 대한 익명성을 제공한다.This embodiment is connected to the blockchain network and performs functions such as creating, signing, issuing, revoking, tracking, etc., which contain the personal information of the node 110, and Attributes, which are personal information in the certificate. ).
도 3을 참조하면, 이 실시예는 제1증명서를 생성하는 인증모듈(120); 인증모듈(120)에서 생성된 제1증명서를 이용하여 개인정보가 생략되며 영지식(Zero-Knowledge)이 적용된 제2증명서 및 제2증명서가 포함된 트랜잭션을 생성하는 노드(110); 노드(110)에서 생성된 트랜잭션을 검증하는 검증모듈(140)을 포함한다.Referring to FIG. 3, this embodiment includes an authentication module 120 for generating a first certificate; A node 110 for generating a transaction including a second certificate and a second certificate to which personal information is omitted and zero-knowledge is applied using the first certificate generated by the authentication module 120; It includes a verification module 140 for verifying the transaction generated by the node 110.
인증모듈(Certificate Authority, 120)은 증명서(Certificate)를 발급하는 검증된 객체다. 무작위 디지털 서명(Randomizable Digital Signature) 기반의 인증 공개 키 및 인증 비밀 키를 생성하고 이것을 이용해 증명서를 발급한다. 발급된 증명서는 영지식 개념이 적용되어 유연한 특징을 가진다.The certification module (Certificate Authority, 120) is a verified object that issues a certificate. Generate a public key and an authentication secret key based on a randomizable digital signature and use this to issue a certificate. The issued certificate has a flexible feature by applying the concept of zero knowledge.
노드(110)는 증명서(Certificate)를 발급받고 이를 통해 자신의 속성(Attribute)을 제공하는 블록체인의 참여 노드(110)이다. 발급 받은 증명서를 기반으로 BBS(Boneh-Boyen-Shacham)서명 기반의 서명을 거쳐, 일부 속성(Attribute)에 대한 정보만을 포함하는 트랜잭션을 생성한다.The node 110 is a participating node 110 of the blockchain that receives a certificate and provides its own attribute through it. Based on the issued certificate, a BBS (Boneh-Boyen-Shacham) signature-based signature is generated, and a transaction including only information on some attributes is generated.
노드(110)는 다양하게 실시될 수 있다. 이 실시예가 IoT(Internet of Thing) 환경에 적용된다면, 노드(110)는 개별 IoT센서장치가 될 수 있다.The node 110 may be implemented in various ways. If this embodiment is applied to the Internet of Things (IoT) environment, the node 110 may be an individual IoT sensor device.
검증모듈(Verifier, 140)은 인증모듈(120)의 공개 키(Public Key)를 이용하여 노드(110)의 증명서를 검증한다.The verification module (Verifier, 140) verifies the certificate of the node 110 using the public key of the authentication module (120).
폐기모듈(Revocation Authority, 180)은 증명서(Certificate)의 폐기를 수행하는 구성이다. 폐기에 대한 요청을 수행하고, 결과를 노드(110)와 검증모듈(140)에게 전달하는 과정을 수행한다. 다른 실시예로서, 인증모듈(120)이 증명서(Certificate) 발급과 더불어 이 역할을 병행할 수 있다.The revocation authority (180) is a component that performs revocation of a certificate. A request for disposal is performed, and a process of passing the results to the node 110 and the verification module 140 is performed. As another embodiment, the authentication module 120 may perform this role in addition to issuing a certificate.
도 4를 참조하면, 블록체인 플랫폼에서 트랜잭션 생성자의 개인(Private) 정보를 공개하지 않으면서 그 정보를 가지고 있음을 보장해주기 위한 익명성 제공을 위해 다음의 구조를 정의한다.Referring to FIG. 4, the following structure is defined to provide anonymity to ensure that the transaction creator has the information without disclosing the private information of the transaction creator in the blockchain platform.
인증모듈(120)은 효율성을 높이기 위해 인증 공개 키 및 인증 비밀 키 생서 시 무작위 디지털 서명(Randomizable Digital Signature)을 이용한다.In order to increase efficiency, the authentication module 120 uses a randomizable digital signature when generating the authentication public key and the authentication secret key.
노드(110)는 무작위 디지털 서명을 이용하여 제1 공개 키 및 제1 비밀 키를 생성한다. Node 110 generates a first public key and a first secret key using a random digital signature.
인증모듈(120)은 BBS서명 프로토콜을 이용하여 인증 비밀 키로 서명함으로써 제1증명서를 생성한다. 노드(110)는 제1증명서를 함께 이용하여 제1 공개 키를 생성한다.The authentication module 120 generates a first certificate by signing with an authentication secret key using the BBS signature protocol. The node 110 uses the first certificate together to generate a first public key.
노드(110)는 트랜잭션 생성 시 개인정보가 일부 또는 전체 생략된 제2증명서를 생성한다. 제2증명서는 BBS서명 프로토콜을 이용해 영지식이 적용되어 생성된다. 노드(110)는 제2증명서의 생성을 위해, 제2 공개 키 및 제2 비밀 키를 생성한다. 다른 노드는 제2 공개 키를 이용하여 제2증명서의 내용을 확인할 수 있게 된다.The node 110 generates a second certificate in which part or all of personal information is omitted when creating a transaction. The second certificate is generated by applying zero knowledge using the BBS signature protocol. The node 110 generates a second public key and a second secret key to generate a second certificate. Other nodes can confirm the contents of the second certificate using the second public key.
각 트랜잭션에는 생성자(노드)의 증명서(Certificate)가 포함된다. 영지식이 적용된 서명 기법을 기반으로 작성된 증명서(Certificate)는 트랜잭션에 포함되더라도 개인 정보에 대해 익명성을 제공할 수 있다.Each transaction contains the certificate of the creator (node). Certificates created based on a zero-knowledged signature technique can provide anonymity to personal information even when included in a transaction.
도 5는 트랜잭션 생성 및 검증 과정을 나타낸 것이다. 인증모듈(120)에서 발급된 제1증명서에는 노드(110)의 개인(Private) 정보가 속성(Attributes)에 모두 담겨있다.5 shows a process of creating and verifying a transaction. In the first certificate issued by the authentication module 120, all of the personal information of the node 110 is contained in attributes.
트랜잭션 생성 시 트랜잭션에는 노드(110)의 증명서(Certificate)가 포함되어야 한다. 하지만, 제1증명서가 트랜잭션에 포함되면 속성(Attributes)이 모두 공개되는 문제가 있다.When creating a transaction, the transaction must include a certificate of the node 110. However, when the first certificate is included in the transaction, there is a problem that all attributes are disclosed.
따라서 선택적으로 공개를 원하는 속성(Attributes)만 검증모듈(140)이 확인할 수 있도록 새로운 서명(Signature), 즉 제2증명서를 생성하여 검증모듈(140)에 제공한다.Accordingly, a new signature, that is, a second certificate is generated and provided to the verification module 140 so that the verification module 140 can check only the attributes that are selectively disclosed.
검증모듈(140)에 제공되는 제2증명서에는 노드(110)가 공개를 허용한 개인 정보만 포함되어 있으므로, 검증 시 개인정보가 노출되는 것이 방지된다.Since the second certificate provided to the verification module 140 includes only personal information permitted by the node 110 to be disclosed, personal information is not exposed during verification.
검증모듈(140)은 인증모듈(120)에서 생성된 인증 공개 키를 이용하여 트랜잭션에 포함된 제2증명서를 검증한다.The verification module 140 verifies the second certificate included in the transaction using the authentication public key generated by the authentication module 120.
도 6은 감사(Auditor(Inspector)) 과정을 나타낸 것이다. 도 5의 구조는 분산된 각 트랜잭션들을 추적하여 속성(Attribute) 정보들을 수집하면 노드(110)의 개인 정보를 획득할 수도 있다.Figure 6 shows the audit (Auditor (Inspector)) process. The structure of FIG. 5 may acquire personal information of the node 110 by tracing each distributed transaction and collecting attribute information.
이러한 만약의 문제 방지하기 위해, 트랜잭션에 대한 추적 기능을 수행하는 감사모듈(160)이 추가로 구성될 수 있다. 감사모듈(160)은 블록체인 네트워크 내에서 트랜잭션에 대한 읽기 권한을 가진 검증된 객체이다. 감사모듈(160)은 트랜잭션 추적 권한 수행을 위한 감사용 공개 키와 감사용 비밀 키를 가지고 있다. 감사모듈(160)은 블록체인 네트워크의 참여 노드(110)로 구성하여 선택적으로 이용될 수 있다. 감사모듈(160)에서 생성되는 키는 영지식 개념이 적용되지 않은, 기존의 비대칭 키 암호 기법이 적용되는 것도 가능하다.In order to prevent such a problem, an audit module 160 that performs a tracking function for a transaction may be additionally configured. The audit module 160 is a verified object with read permission for transactions within the blockchain network. The audit module 160 has a public key for auditing and a secret key for auditing to perform transaction tracking authority. The audit module 160 may be selectively used by configuring it as a participating node 110 of the blockchain network. The key generated by the audit module 160 may be applied with an existing asymmetric key encryption technique, to which the zero-knowledge concept is not applied.
도 7은 폐기(Revocation) 과정을 나타낸 것이다. 증명서(Certificate)의 속성(Attribute)이 변경되거나, 전체 속성(Attribute)이 포함된 증명서가 유출되는 경우, 증명서가 더 이상 사용되지 못하도록 폐기하는 과정이 필요하다.7 shows a revocation process. When the attribute of a certificate is changed or a certificate containing the entire attribute is leaked, a process of revoking the certificate is no longer required.
폐기 과정을 위해, 폐기모듈(180)은 먼저 폐기 권한을 가진 객체임을 증명하기 위한 공개 키 및 비밀 키를 생성한다. 이후, 증명서 폐기가 필요한 노드(110)가 폐기모듈(180)에 폐기 요청을 전달한다. 폐기모듈(180)은 해당 노드(110)가 권한이 있는지 확인하고, 자신의 키 서명을 이용하여 해당 노드(110)의 증명서가 폐기됨을 네트워크에 연결된 노드(110)들에게 알린다.For the revocation process, the revocation module 180 first generates a public key and a secret key to prove that the object has revocation authority. Subsequently, the node 110 that needs to discard the certificate transmits a request for revocation to the revocation module 180. The revocation module 180 checks whether the corresponding node 110 is authorized, and notifies the nodes 110 connected to the network that the certificate of the corresponding node 110 is revoked using its key signature.
증명서 폐기 요청은 인증모듈(120), 폐기모듈(180), 해당 증명서(Certificate)의 노드(110)만이 가능하다. 검증모듈(140)은 폐기에 대한 요청 권한이 없다.The certificate revocation request is only possible for the authentication module 120, revocation module 180, and node 110 of the corresponding certificate. The verification module 140 does not have permission to request revocation.
블록체인 플랫폼 적용을 위해서는 이 실시예에 대해 적합한 블록체인 구조를 설계해야 한다. 특히 암호 라이브러리 모듈과의 연동을 위해 트랜잭션을 생성하는 노드(110)에 대한 증명서(Certificate) 및 키를 관리하는 객체가 필요하다.In order to apply the blockchain platform, it is necessary to design a suitable blockchain structure for this embodiment. In particular, an object that manages a certificate and a key for the node 110 that generates a transaction is needed for interworking with the cryptographic library module.
도 8은 블록체인에 적용된 다른 실시예의 동작 프로토콜을 나타내는 순서도이다.8 is a flow chart showing the operation protocol of another embodiment applied to the blockchain.
이 실시예의 피어(Peer)는 증명서(Certificate)를 등록(또는 폐기)하기 위해 인증모듈(120)로 요청하는 기능과, 트랜잭션에 대해 서명 및 검증을 위해 증명 서비스 제공모듈(122)로 요청하는 블록체인의 참여 노드(110)이다.The peer of this embodiment is a function that requests the authentication module 120 to register (or revoke) a certificate, and a block that requests the authentication service providing module 122 for signing and verifying a transaction It is the participating node 110 of the chain.
인증모듈(120)은 앞서 설명된 실시예의 인증모듈(120)과 동일한 기능을 수행하는 객체이다.The authentication module 120 is an object that performs the same function as the authentication module 120 of the above-described embodiment.
증명 서비스 제공모듈(Certificate Service Provider, 122)는 피어로부터 전송 받은 서명 및 검증 요청을 암호화부에 전달한다. 증명 서비스 제공모듈(122)은 검증모듈(140)의 기능과 서명자(Signer)의 역할을 동시에 수행한다.The certification service provider module 122 transmits the signature and verification request received from the peer to the encryption unit. The authentication service providing module 122 simultaneously functions as a verification module 140 and a signer.
암호화모듈(Crypto Library Module, 124)은 영지식(Zero-Knowledge) 기반의 키 생성, 서명, 발행, 증명, 폐기, 추적 등에 대한 기능을 제공하는 라이브러리 모듈이다.Crypto Library Module (124) is a library module that provides functions for key generation, signing, issuing, proof, revocation, tracking, etc. based on Zero-Knowledge.
도면을 참조하여 블록체인 플랫폼 적용 단계부터 익명성 제공 단계까지의 동작 프로토콜에 대해 설명한다.The operation protocol from the application stage of the blockchain platform to the provision of anonymity will be described with reference to the drawings.
먼저, 피어와 인증모듈(120) 및 증명 서비스 제공모듈(122)이 노드(110)로서 참여하는 블록체인 네트워크를 구축한다.First, a blockchain network in which the peer and the authentication module 120 and the authentication service providing module 122 participate as a node 110 is built.
블록체인 네트워크 구축 시 인증모듈(120)에서 이용하는 영지식 기반의 인증 키(공개 키, 비밀 키)를 생성한다.When building a blockchain network, it generates a zero-knowledge based authentication key (public key, secret key) used by the authentication module 120.
이어서, 피어는 인증모듈(120)에 등록을 요청한다. 인증모듈(120)은 생성된 인증 키를 기반으로 피어의 증명서를 생성 및 등록한다.Subsequently, the peer requests registration with the authentication module 120. The authentication module 120 generates and registers a certificate of the peer based on the generated authentication key.
블록체인 네트워크는 트랜잭션에 대한 기능을 수행한다. 피어는 증명 서비스 제공모듈(122)에 트랜잭션 서명 또는 검증을 요청한다. 증명 서비스 제공모듈(122)은 피어의 증명서를 이용하여 서명 또는 검증을 실시한다.The blockchain network performs functions for transactions. The peer requests transaction signature or verification from the authentication service providing module 122. The authentication service providing module 122 performs signature or verification using the peer's certificate.
이어서, 본 발명의 실시예에 따른 블록체인에서 개인정보의 익명성을 제공하는 방법을 설명한다.Next, a method for providing anonymity of personal information in a blockchain according to an embodiment of the present invention will be described.
도 9를 참조하면, 이 실시예는 인증모듈(120)이 제1증명서를 생성하는 단계(S120), 노드(110)가 제1증명서를 이용하여 개인정보가 생략되며 영지식(Zero-Knowledge)이 적용된 제2증명서 및 제2증명서가 포함된 트랜잭션을 생성하는 단계(S140), 검증모듈(140)이 트랜잭션을 검증하는 단계(S160)를 포함한다.Referring to FIG. 9, in this embodiment, the authentication module 120 generates a first certificate (S120 ), and the node 110 uses the first certificate to omit personal information and zero-knowledge And generating a transaction including the applied second certificate and the second certificate (S140), and the verification module 140 verifying the transaction (S160).
S120 단계는 세부적으로, 무작위 디지털 서명(Randomizable Digital Signature)을 이용하여 인증 공개 키 및 인증 비밀 키를 생성하는 단계(S122) 및 BBS서명 프로토콜을 이용하여 인증 비밀 키로 서명함으로써 제1증명서를 생성하는 단계(S124)를 포함할 수 있다.In step S120, in detail, generating an authentication public key and an authentication secret key using a randomizable digital signature (S122) and generating a first certificate by signing with an authentication secret key using the BBS signing protocol. It may include (S124).
S140 단계는 제2증명서 생성 시 BBS서명 프로토콜을 이용한다.Step S140 uses the BBS signature protocol when generating the second certificate.
다음은 본 발명의 실시예를 이용하여 실제 블록체인 시스템(100)을 구축하고, 익명성이 유지되면서도 정상적인 동작이 가능한지 확인하였다.Next, using the embodiment of the present invention, the actual blockchain system 100 was built, and it was confirmed whether normal operation is possible while maintaining anonymity.
실험.Experiment.
도 10(a)의 소스코드는 모든 속성(Attributes)이 공개되지 않는 새로운 서명(증명서)을 생성하는 기능을 수행한다. 도 10(b)는 생성된 서명에 대해 검증을 수행함으로써, 지식증명(Proof of Knowledge) 프로토콜의 동작 여부를 확인하였다.The source code of FIG. 10( a) performs a function of generating a new signature (certificate) in which all attributes are not disclosed. FIG. 10(b) confirms whether the Proof of Knowledge protocol works by performing verification on the generated signature.
도 11은 도 10(a)의 소스코드에서 생성된 증명서를 검증한 결과이다. 도시된 바와 같이, 증명서에 속성(Attributes)에 포함된 uID, Name, Birthday, City, Country, ProofOfAge의 정보가 표시되지 않는 것으로 나타났다.FIG. 11 is a result of verifying the certificate generated from the source code of FIG. 10(a). As shown, it was found that the information of uID, Name, Birthday, City, Country, and ProofOfAge included in the Attributes is not displayed in the certificate.
서명 생성은 노드(110)가 트랜잭션을 생성할 때마다 수행된다. 이는 트랜잭션 병목과 밀접한 연관을 가지게 된다. 도 12를 참조하면, 한 개의 새로운 서명의 생성 및 검증에는 약 92.77ms의 추가적인 시간 비용이 소모된다. 서명 생성 과정과 검증 과정은 하나의 트랜잭션이 처리되기까지 소요되는 서비스 응답 속도를 지연시키는 단점이 있다.Signature generation is performed whenever node 110 generates a transaction. This is closely related to the transaction bottleneck. Referring to FIG. 12, the creation and verification of one new signature consumes an additional time cost of about 92.77 ms. The signature generation process and the verification process have a disadvantage of delaying the service response speed required for one transaction to be processed.
따라서 속성(Attributes)의 개수를 n이라 할 때,
Figure PCTKR2019016472-appb-img-000004
만큼의 서명 배열을 선언하여 Map 또는 Index 자료 구조 기반의 메모리를 소모하되, 중복 요청되는 속성(Attributes)에 대한 서명을
Figure PCTKR2019016472-appb-img-000005
시간 복잡도에 찾아갈 수 있도록 구현한다.Therefore, when the number of attributes is n,
Figure PCTKR2019016472-appb-img-000004
Declare as many signature arrays as consuming memory based on Map or Index data structure, but signing the requested attributes.
Figure PCTKR2019016472-appb-img-000005
It is implemented so that it can go to time complexity.
도 13을 참조하면, 속성(Attributes)의 정보 중 ProofOfAge만을 확인할 수 있는 서명을 생성하였다. ProofOfAge는 18세 이상의 성인인지 아닌지 확인할 수 있는 속성(Attributes)로서, 이 실시예를 이용하면 개인 정보를 공개하지 않더라도 투표와 같은 성인만 참여 가능한 서비스를 제공할 수 있다. 도 13(b)를 참조하면, ProofOfAge 정보만이 공개된 것을 확인할 수 있다. 이로써 이 실시예의 노드(110), 인증모듈(120), 검증모듈(140) 등의 구성을 활용하면 블록체인 네트워크에서 생성되는 트랜잭션 내의 개인 정보들에 대해 익명성을 제공할 수 있음을 알 수 있다.Referring to FIG. 13, a signature that can verify only ProofOfAge among information of attributes is generated. ProofOfAge is an attribute that can confirm whether or not an adult is 18 years of age or older, and using this embodiment can provide a service that only adults, such as voting, can participate without disclosing personal information. Referring to FIG. 13(b), it can be seen that only ProofOfAge information has been released. As a result, it can be seen that when the configuration of the node 110, the authentication module 120, and the verification module 140 of this embodiment is utilized, it is possible to provide anonymity for personal information in a transaction generated in the blockchain network. .
이상에서 본 발명은 실시예를 참조하여 상세히 설명되었으나, 본 발명이 속하는 기술분야에서 통상의 지식을 가진 자라면 상기에서 설명된 기술적 사상을 벗어나지 않는 범위 내에서 여러 가지 치환, 부가 및 변형이 가능할 것임은 당연하며, 이와 같은 변형된 실시 형태들 역시 아래에 첨부한 특허청구범위에 의하여 정하여지는 본 발명의 보호 범위에 속하는 것으로 이해되어야 할 것이다.In the above, the present invention has been described in detail with reference to examples, but those skilled in the art to which the present invention pertains will be capable of various substitutions, additions, and modifications without departing from the technical spirit described above. Of course, it should be understood that these modified embodiments also belong to the protection scope of the present invention as defined by the appended claims.
본 발명은 개인정보의 익명성을 제공하는 블록체인 시스템 및 블록체인에서 개인정보의 익명성을 제공하는 방법에 관한 것으로, 더욱 상세하게는 블록체인 플랫폼에서 트랜잭션에 포함된 개인정보를 보호하기 위한 서명 및 검증 기술에 관한 것이다.The present invention relates to a blockchain system that provides anonymity of personal information and a method of providing anonymity of personal information on a blockchain, and more specifically, a signature for protecting personal information included in a transaction on a blockchain platform. And verification technology.

Claims (8)

  1. 제1증명서를 생성하는 인증모듈;An authentication module for generating a first certificate;
    상기 인증모듈에서 생성된 제1증명서를 이용하여 개인정보가 생략되며 영지식(Zero-Knowledge)이 적용된 제2증명서 및 상기 제2증명서가 포함된 트랜잭션을 생성하는 노드; 및A node generating a second certificate to which personal information is omitted and zero-knowledge applied and a transaction including the second certificate using the first certificate generated by the authentication module; And
    상기 노드에서 생성된 트랜잭션을 검증하는 검증모듈을 포함하는 것을 특징으로 하는 개인정보의 익명성을 제공하는 블록체인 시스템.A blockchain system that provides anonymity of personal information, comprising a verification module that verifies transactions generated at the node.
  2. 제1항에 있어서,According to claim 1,
    상기 인증모듈은 무작위 디지털 서명(Randomizable Digital Signature)을 이용하여 인증 공개 키 및 인증 비밀 키를 생성하고, BBS서명 프로토콜을 이용하여 상기 인증 비밀 키로 서명함으로써 상기 제1증명서를 생성하는 것을 특징으로 하는 개인정보의 익명성을 제공하는 블록체인 시스템.The authentication module generates an authentication public key and an authentication secret key using a randomizable digital signature, and generates the first certificate by signing with the authentication secret key using a BBS signature protocol. Blockchain system that provides information anonymity.
  3. 제2항에 있어서,According to claim 2,
    상기 노드는 BBS서명 프로토콜을 이용하여 영지식이 적용된 제2증명서를 생성하는 것을 특징으로 하는 개인정보의 익명성을 제공하는 블록체인 시스템.The node is a blockchain system that provides anonymity of personal information characterized by generating a second certificate to which zero knowledge is applied using a BBS signature protocol.
  4. 제3항에 있어서,According to claim 3,
    상기 트랜잭션을 감사용 공개 키 및 감사용 비밀 키를 이용하여 추적하는 감사모듈을 더 포함하는 것을 특징으로 하는 개인정보의 익명성을 제공하는 블록체인 시스템.A blockchain system that provides anonymity of personal information, further comprising an audit module that tracks the transaction using a public key for auditing and a secret key for auditing.
  5. 제3항에 있어서,According to claim 3,
    폐기가 필요한 상기 제2증명서를 폐기하고, 상기 제2증명서의 폐기 사실을 노드에 전달하는 폐기모듈을 더 포함하는 것을 특징으로 하는 개인정보의 익명성을 제공하는 블록체인 시스템.A blockchain system that provides anonymity of personal information, further comprising a discard module that discards the second certificate that needs to be discarded and transmits the fact that the second certificate is discarded to a node.
  6. (A) 인증모듈이 제1증명서를 생성하는 단계;(A) the authentication module generating a first certificate;
    (B) 노드가 상기 제1증명서를 이용하여 개인정보가 생략되며 영지식(Zero-Knowledge)이 적용된 제2증명서 및 상기 제2증명서가 포함된 트랜잭션을 생성하는 단계; 및(B) the node using the first certificate to create a transaction that includes the second certificate and the second certificate to which personal information is omitted and zero-knowledge is applied; And
    (C) 검증모듈이 상기 트랜잭션을 검증하는 단계를 포함하는 것을 특징으로 하는 블록체인에서 개인정보의 익명성을 제공하는 방법.(C) A method for providing anonymity of personal information in a blockchain, wherein the verification module includes verifying the transaction.
  7. 제6항에 있어서, 상기 (A) 단계는,The method of claim 6, wherein (A) step,
    무작위 디지털 서명(Randomizable Digital Signature)을 이용하여 인증 공개 키 및 인증 비밀 키를 생성하는 단계; 및Generating an authentication public key and an authentication secret key using a randomizable digital signature; And
    상기 BBS서명 프로토콜을 이용하여 상기 인증 비밀 키로 서명함으로써 상기 제1증명서를 생성하는 단계를 포함하는 것을 특징으로 하는 블록체인에서 개인정보의 익명성을 제공하는 방법.And generating the first certificate by signing the authentication secret key using the BBS signature protocol.
  8. 제7항에 있어서, 상기 (B) 단계는,The method of claim 7, wherein (B) step,
    상기 제2증명서 생성 시 BBS서명 프로토콜을 이용하는 것을 특징으로 하는 블록체인에서 개인정보의 익명성을 제공하는 방법.A method for providing anonymity of personal information in a blockchain, characterized by using a BBS signature protocol when generating the second certificate.
PCT/KR2019/016472 2018-12-27 2019-11-27 Blockchain system for providing anonymity of private information and method for providing anonymity of private information in blockchain WO2020138733A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2018-0171237 2018-12-27
KR1020180171237A KR20200081101A (en) 2018-12-27 2018-12-27 Blockchain system for providing anonymity of privacy information and method for providing anonymity of privacy information in a blockchain

Publications (1)

Publication Number Publication Date
WO2020138733A1 true WO2020138733A1 (en) 2020-07-02

Family

ID=71125832

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2019/016472 WO2020138733A1 (en) 2018-12-27 2019-11-27 Blockchain system for providing anonymity of private information and method for providing anonymity of private information in blockchain

Country Status (2)

Country Link
KR (1) KR20200081101A (en)
WO (1) WO2020138733A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115051807A (en) * 2022-06-02 2022-09-13 昆明理工大学 Zero-knowledge identity authentication method based on super book Fabric

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102346880B1 (en) * 2020-09-01 2022-01-03 김바올 The Method and Apparatus for Managing Adult Authentication Information Based on Block Chain
KR102620822B1 (en) * 2020-10-08 2024-01-04 한국과학기술원 Method and System for Enhancing Trust of Supply Chain Using Blockchain Platform with Robust Data Model and Verification Mechanisms

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100199087A1 (en) * 2003-12-22 2010-08-05 Guardtime As System and method for generating a digital certificate
US20120144459A1 (en) * 2010-12-07 2012-06-07 Microsoft Corporation Revoking delegatable anonymous credentials
US20160292672A1 (en) * 2015-03-31 2016-10-06 Nasdaq, Inc. Systems and methods of blockchain transaction recordation
US20180331832A1 (en) * 2015-11-05 2018-11-15 Allen Pulsifer Cryptographic Transactions System

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101837169B1 (en) 2016-12-29 2018-03-09 주식회사 코인플러그 Method for providing secret electronic voting service on the basis of blockchain with merkle tree structure by using zero knowledge proof algorithm, and voting coin minter server, voting token distributor server and voting supporting server using the same

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100199087A1 (en) * 2003-12-22 2010-08-05 Guardtime As System and method for generating a digital certificate
US20120144459A1 (en) * 2010-12-07 2012-06-07 Microsoft Corporation Revoking delegatable anonymous credentials
US20160292672A1 (en) * 2015-03-31 2016-10-06 Nasdaq, Inc. Systems and methods of blockchain transaction recordation
US20180331832A1 (en) * 2015-11-05 2018-11-15 Allen Pulsifer Cryptographic Transactions System

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
ZHOU, SUJING ET AL.: "Unlinkable Randomizable Signature and Its application in Group Signature", August 2007 (2007-08-01), pages 2, XP061002505, Retrieved from the Internet <URL:https://www.researchgate.net/publication/220334514_Unlinkable_Randomizable_Signature_and_Its_Application_in_Group_Signature> [retrieved on 20200227] *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115051807A (en) * 2022-06-02 2022-09-13 昆明理工大学 Zero-knowledge identity authentication method based on super book Fabric
CN115051807B (en) * 2022-06-02 2024-05-24 昆明理工大学 Zero-knowledge identity authentication method based on super account book Fabric

Also Published As

Publication number Publication date
KR20200081101A (en) 2020-07-07

Similar Documents

Publication Publication Date Title
TWI725655B (en) Method, apparatus and system for program execution and data proof for executing a sub-logic code within a trusted execution environment
RU2325693C2 (en) Methods of authentication of potentials members, which were invited to join the group
Adams et al. Understanding PKI: concepts, standards, and deployment considerations
Chen et al. XAuth: Efficient privacy-preserving cross-domain authentication
WO2020138733A1 (en) Blockchain system for providing anonymity of private information and method for providing anonymity of private information in blockchain
US20100154040A1 (en) Method, apparatus and system for distributed delegation and verification
KR20210027332A (en) Blockchain system for providing anonymity of privacy information and method for providing anonymity of privacy information in a blockchain
Jia et al. Redactable blockchain from decentralized chameleon hash functions
KR20200080441A (en) Distributed device authentication protocol in internet of things blockchain environment
Chalaemwongwan et al. A practical national digital ID framework on blockchain (NIDBC)
WO2022177204A1 (en) Did-based decentralized system for storing and sharing user data
WO2019125041A1 (en) Authentication system using separation, then distributed storage of personal information using blockchain
WO2015030553A1 (en) Lattice-based certificateless signature system and method
WO2019125069A1 (en) Authentication system using separation, then combination of personal information using blockchain
CN114868359B (en) Multi-block inter-chain light communication protocol device and method
WO2020113546A1 (en) Privacy protection and identity management method and system for multi-mode identifier network
Khurana et al. Reasoning about joint administration of access policies for coalition resources
Lv et al. A highly reliable cross-domain identity authentication protocol based on blockchain in edge computing environment
Ozcelik et al. Cryptorevocate: A cryptographic accumulator based distributed certificate revocation list
Dumas et al. LocalPKI: An interoperable and IoT friendly PKI
WO2023095967A1 (en) Remote-interaction large document access system in which blockchain-based did service, ipfs-based data sharing technology and private key distributed storage technology are combined
CN115622812A (en) Digital identity verification method and system based on block chain intelligent contract
Li et al. Blockchain-based portable authenticated data transmission for mobile edge computing: a universally composable secure solution
Dumas et al. LocalPKI: A user-centric formally proven alternative to PKIX
Ullah et al. Enabling parity authenticator-based public auditing with protection of a valid user revocation in cloud

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19905360

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19905360

Country of ref document: EP

Kind code of ref document: A1