WO2020211075A1 - Decentralized secure multi-party data processing method and device, and storage medium - Google Patents

Decentralized secure multi-party data processing method and device, and storage medium Download PDF

Info

Publication number
WO2020211075A1
WO2020211075A1 PCT/CN2019/083427 CN2019083427W WO2020211075A1 WO 2020211075 A1 WO2020211075 A1 WO 2020211075A1 CN 2019083427 W CN2019083427 W CN 2019083427W WO 2020211075 A1 WO2020211075 A1 WO 2020211075A1
Authority
WO
WIPO (PCT)
Prior art keywords
contract
computing
calculation
data
node
Prior art date
Application number
PCT/CN2019/083427
Other languages
French (fr)
Chinese (zh)
Inventor
李升林
黄高峰
陈元丰
张军
孙立林
Original Assignee
云图有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 云图有限公司 filed Critical 云图有限公司
Priority to PCT/CN2019/083427 priority Critical patent/WO2020211075A1/en
Publication of WO2020211075A1 publication Critical patent/WO2020211075A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules

Definitions

  • This specification relates to the field of blockchain technology, in particular to a decentralized multi-party secure data processing method, device and storage medium.
  • Secure Multi-Party Computation refers to multiple parties holding their own private data to jointly execute a data calculation logic and obtain processing results, so as to realize the joint operation while ensuring the security of each party’s private data. Use the private data of all parties to achieve specific effects, so as to give full play to the value of the data.
  • the existing multi-party secure computing solutions generally have a centralized management module (such as a key management center or a node information configuration management module, etc.). Therefore, how to eliminate the dependence of multi-party secure computing on centralization has become an urgent technical problem to be solved.
  • a centralized management module such as a key management center or a node information configuration management module, etc.
  • the purpose of the embodiments of this specification is to provide a decentralized multi-party secure data processing method, device, and storage medium, so as to reduce or eliminate the dependence of multi-party secure computing on centralization.
  • the embodiments of this specification provide a decentralized multi-party secure data processing method, the method includes:
  • the computing task carries a contract identifier and the public key of the data requester, and the privacy contract corresponding to the contract identifier is pre-deployed on the blockchain node;
  • the public key encrypts the calculation result, and uploads the ciphertext calculation result to the blockchain node.
  • the embodiment of this specification also provides a computing node, and the computing node includes:
  • the calculation task receiving module is used to receive the calculation task provided by the blockchain node; the calculation task carries the contract identification and the public key of the data requester, and the privacy contract corresponding to the contract identification is pre-deployed on the blockchain node on;
  • a private data acquisition module which is used to acquire private data from a local data node in response to the computing task
  • the multi-party collaborative calculation module is used to perform collaborative calculations with other computing nodes agreed in the privacy contract based on the privacy data and the calculation logic agreed in the privacy contract to obtain the calculation result; so that the privacy contract agreed One of the computing nodes of, encrypting the calculation result with the public key, and uploading the ciphertext calculation result to the blockchain node.
  • the embodiments of this specification also provide a computer storage medium on which a computer program is stored, and when the computer program is executed by a processor, the following steps are implemented:
  • the computing task carries a contract identifier and the public key of the data requester, and the privacy contract corresponding to the contract identifier is pre-deployed on the blockchain node;
  • the public key encrypts the calculation result, and uploads the ciphertext calculation result to the blockchain node.
  • the embodiment of this specification also provides another decentralized multi-party secure data processing method, which is applied to any blockchain node in a distributed network, and at least one privacy policy is pre-deployed on the blockchain node.
  • Contract the method includes:
  • the calculation transaction request carries the contract identifier and the public key of the data requester;
  • the computing task carries the contract identifier and the public key of the data requester;
  • the embodiment of this specification also provides a blockchain node, at least one privacy contract is pre-deployed on the blockchain node, and the blockchain node includes:
  • the calculation transaction request receiving module is used to receive the calculation transaction request initiated by the data demander; the calculation transaction request carries the contract identifier and the public key of the data demander;
  • the privacy contract loading module is used to load the target privacy contract corresponding to the contract identifier
  • a computing task sending module is used to send a computing task to the computing node agreed in the target privacy contract; the computing task carries the contract identifier and the public key of the data requester;
  • the calculation result storage module is used to save the ciphertext calculation result returned by one of the computing nodes agreed in the target privacy contract in the target privacy contract, and use the ciphertext calculation result as the Public key encryption.
  • the embodiment of this specification also provides another computer storage medium on which a computer program is stored, and the computer program is applied to any blockchain node in a distributed network, and the blockchain node At least one privacy contract is pre-deployed, and when the computer program is executed by the processor, the following steps are implemented:
  • the calculation transaction request carries the contract identifier and the public key of the data requester;
  • the computing task carries the contract identifier and the public key of the data requester;
  • the privacy data required by the computing nodes during collaborative computing is kept locally on the data provider and not leaked to other data providers, thus ensuring data privacy Sex and safety.
  • the computing task provided by the blockchain node triggers the computing node to perform collaborative calculation, and the settlement result of the collaborative calculation is one of the computing nodes agreed in the privacy contract, which is encrypted with the public key of the data requester After the chain is connected to the blockchain node network. Therefore, the entire collaborative computing process does not need to rely on any trusted third party, and has better decentralization characteristics.
  • Figure 1 is a schematic diagram of the system architecture of a decentralized multi-party secure data processing system in some embodiments of this specification;
  • FIG. 2 is a schematic diagram of interaction of the decentralized multi-party secure data processing system in some embodiments of this specification
  • FIG. 3 is a structural block diagram of an MPC node in some embodiments of this specification.
  • Figure 4 is a block diagram of the block chain node in some embodiments of this specification.
  • FIG. 5 is a flowchart of a decentralized multi-party secure data processing method on the MPC node side in some embodiments of this specification;
  • Fig. 6 is a flowchart of a decentralized multi-party secure data processing method on the side of a blockchain node in some embodiments of this specification.
  • MPC technology plays an important role in user credit investigations, joint data analysis of research institutions, electronic elections, electronic voting, electronic auctions, secret sharing, threshold signatures and other scenarios.
  • existing multi-party secure computing solutions generally have a centralized management module (such as a key management center or a node information configuration management module, etc.).
  • the existence of these centralized management modules may easily lead to problems such as low security, cumbersome transaction processes, and resource consuming.
  • some embodiments of this specification provide a decentralized multi-party secure data processing system as shown in FIG. 1.
  • the system may include MPC computing group and blockchain node network.
  • the MPC computing group can be a distributed network, which can include multiple MPC nodes, each MPC node corresponds to a data provider, and each MPC node is connected to a blockchain node in the blockchain node network on.
  • the multiple MPC nodes may jointly participate in multi-party secure computing based on the private data obtained separately (that is, the multiple MPC nodes may perform multi-party secure computing collaborative computing based on the private data obtained separately).
  • the MPC node can be used to receive the computing task provided by the blockchain node; the computing task carries the contract identifier and the public key of the data requester, and the privacy contract corresponding to the contract identifier is pre-deployed on the blockchain node; In response to the computing task, obtain private data from a local data node; based on the private data and the calculation logic agreed in the privacy contract, perform collaborative calculation with other computing nodes agreed in the privacy contract to obtain a calculation result; In order to make one of the computing nodes agreed in the privacy contract encrypt the calculation result with the public key, and upload the ciphertext calculation result to the blockchain node.
  • the blockchain node in the blockchain node network can be used to receive a calculation transaction request initiated by a data demander; the calculation transaction request carries the contract identifier and the public key of the data demander; loading corresponds to the contract identifier
  • the privacy contract ; send the calculation task to the computing node agreed in the privacy contract; when receiving the ciphertext calculation result returned by one of the computing nodes agreed in the privacy contract, save it to the privacy contract
  • the data requester can temporarily generate a pair of public and private keys before initiating a calculation transaction request. The private key is retained by itself, and the public key is sent to the blockchain with the calculation transaction request.
  • the private data required for each MPC node's calculation is kept locally on the data provider and not leaked to other data providers, thus ensuring the privacy of data And safety.
  • the blockchain node triggers the MPC node agreed in the privacy contract to perform collaborative calculations, and the settlement result of the collaborative calculation is one of the MPC nodes agreed in the privacy contract (specifically, it can be agreed in the privacy contract ), after being encrypted with the public key of the data requester, it is uploaded to the blockchain node network. Therefore, the entire collaborative computing process does not need to rely on any trusted third party, and has better decentralization characteristics.
  • each MPC node may correspond to one or more data nodes as needed.
  • the data provider can configure different data nodes for different privacy contracts.
  • This kind of privacy data isolation can help improve the privacy data security of the data provider.
  • the data node needs to register with the local MPC node in advance to wait to participate in the calculation.
  • the privacy contract is executed, the data node is responsible for providing the locally stored private data to the local MPC node. Before the MPC node performs collaborative calculations, it needs to obtain the calculation logic specified in the privacy contract to facilitate calculations in accordance with the calculation logic.
  • the MPC node can carry the contract identifier in the calculation task to match the calculation logic specified in the corresponding privacy contract from the blockchain node.
  • the MPC node may also obtain the calculation logic specified in the privacy contract in other ways.
  • the calculation task carries the calculation logic corresponding to the contract identifier, etc.; this specification does not limit this, and the specific method can be selected according to needs.
  • both the MPC node and the data node may be deployed locally on the data provider, so as to further improve the privacy data security of the data provider.
  • each MPC node may be preloaded with a multi-party secure computing virtual machine (Virtual Machine, VM for short) to provide a runtime environment corresponding to the multi-party secure computing logic in the privacy contract.
  • VM Virtual Machine
  • the MPC node can be configured with N corresponding virtual machines.
  • the multi-party secure computing virtual machine may be, for example, a Low Level Virtual Machine (LLVM for short), which can execute LLVM IR bytecode.
  • LLVM Low Level Virtual Machine
  • the developer (or data provider) entrusted by the data provider can compile the MPC calculation function written in the high-level language into LLVM IR bytecode (that is, compile the high-level language program into a bytecode file), Then set parameters in combination with computing participants (ie MPC nodes), charging rules, etc., and finally can be compiled into a blockchain smart contract (ie, the aforementioned privacy contract).
  • the calculation logic stored in the privacy contract can be a bytecode file.
  • the MPC node performs collaborative computing, it can call the Just In Time Compilation (JIT compiler for short) of the virtual machine to convert the bytecode file containing the multi-party secure computing logic into executable code.
  • JIT compiler Just In Time Compilation
  • the circuit file is extremely large and it is difficult to customize the algorithm (ie, the calculation logic), so it is not suitable for distributed application (Decentralized Application, referred to as DAPP) development scenarios.
  • DAPP distributed Application
  • the MPC node may request the local data node for private data corresponding to the specified calculation parameter according to the specified calculation parameter carried in the calculation task.
  • the designated calculation parameter indicates the result demand of the data demander. Therefore, the specified calculation parameter can be a result parameter or data index value.
  • the designated calculation parameter designated by the data demander may be the average sales price of a 5-carat diamond ring in 2018.
  • the specified calculation parameter specified by the data demander may be the health index of the target population, and so on.
  • the privacy contract generally stipulates that there are multiple MPC nodes participating in the calculation. Therefore, for any one of the MPC nodes, it can be performed together with other computing nodes agreed in the privacy contract. Collaborative computing to jointly complete a multi-party secure computing task. In order to prevent repeated submission of calculation results, one of the MPC nodes may be agreed as the calculation result submission node in the privacy contract, and each MPC node may perform peer-to-peer communication to facilitate collaborative calculations.
  • the calculation result submission node After the calculation result submission node obtains the calculation result, it can first encrypt the calculation result with the public key of the data requester to obtain the ciphertext calculation result; then construct a blockchain transaction to upload the ciphertext calculation result to the chain through the transaction To the blockchain node so that the blockchain node can save it in the corresponding privacy contract.
  • each blockchain node in the blockchain node network when each blockchain node in the blockchain node network discovers a calculation transaction request, it can load the corresponding privacy contract according to the contract identifier carried in the calculation transaction request, and check the local connection Whether the MPC node is a computing participant of the privacy contract; if the locally connected MPC node is a computing participant of the privacy contract, the corresponding computing task is generated and provided to the locally connected MPC node to trigger the locally connected MPC node to perform multi-party Safe calculation.
  • any blockchain node in the blockchain node network receives the ciphertext calculation result returned for the calculation task, it can be synchronized to all the blockchain nodes in the blockchain node network.
  • the data requester can send a calculation result query request to any blockchain node in the blockchain node network through a visual operation terminal (such as a smart phone, a computer, etc.).
  • a visual operation terminal such as a smart phone, a computer, etc.
  • the blockchain node may provide the ciphertext calculation result to the data demander.
  • the data requester obtains the ciphertext calculation result, it needs to decrypt the ciphertext calculation result with the private key corresponding to the public key, so that the plaintext calculation result can be obtained.
  • the interaction between various nodes may be as shown in FIG. 2.
  • the MPC node may include a computing task receiving module 31, a privacy data acquiring module 32, and a multi-party collaborative computing module 33. among them:
  • the computing task receiving module 31 can be used to receive computing tasks provided by blockchain nodes; the computing tasks carry the contract identifier and the public key of the data requester, and the privacy contract corresponding to the contract identifier is pre-deployed in the block On the chain node;
  • the private data acquisition module 32 may be used to acquire private data from a local data node in response to the computing task;
  • the multi-party collaborative computing module 33 can be used to perform collaborative calculations with other computing nodes agreed in the privacy contract based on the privacy data and the calculation logic agreed in the privacy contract to obtain a calculation result; so that the privacy contract One of the computing nodes agreed in the, encrypts the calculation result with the public key, and uploads the ciphertext calculation result to the blockchain node.
  • the MPC node may further include a virtual machine loading module 30.
  • the virtual machine loading module 30 can be used to pre-load the target virtual machine to provide a runtime environment of the computing logic.
  • the blockchain node may include a calculation transaction request receiving module 41, a privacy contract loading module 42, a calculation task sending module 43, and a calculation result saving module 44. among them:
  • the calculation transaction request receiving module 41 may be used to receive a calculation transaction request initiated by a data demander; the calculation transaction request carries the contract identifier and the public key of the data demander;
  • the privacy contract loading module 42 can be used to load the target privacy contract corresponding to the contract identifier
  • the computing task sending module 43 can be used to send computing tasks to the computing nodes agreed in the target privacy contract; the computing tasks carry the contract identifier and the public key of the data requester;
  • the calculation result storage module 44 may be used to save the ciphertext calculation result returned by one of the computing nodes agreed in the target privacy contract in the target privacy contract, and the ciphertext calculation result is used The public key encryption.
  • the blockchain node may further include a calculation result providing module 45.
  • the calculation result providing module 45 may be used to provide the ciphertext calculation result to the data requester when the calculation result query request from the data requester is received.
  • the aforementioned nodes may be desktop computers, tablet computers, notebook computers, smart phones, digital assistants, smart wearable devices, and so on.
  • smart wearable devices may include smart bracelets, smart watches, smart glasses, smart helmets, and so on.
  • the node is not limited to the aforementioned electronic device with a certain entity, and it can also be software running in the aforementioned electronic device.
  • the decentralized multi-party secure data processing method on the MPC node side may include the following steps:
  • S501 Receive a computing task provided by a blockchain node; the computing task carries a contract identifier and a public key of a data requester, and a privacy contract corresponding to the contract identifier is pre-deployed on the blockchain node.
  • the decentralized multi-party secure data processing method on the blockchain node side may include the following steps:
  • These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device.
  • the device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
  • These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment.
  • the instructions provide steps for implementing functions specified in a flow or multiple flows in the flowchart and/or a block or multiple blocks in the block diagram.
  • the computing device includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
  • processors CPU
  • input/output interfaces network interfaces
  • memory volatile and non-volatile memory
  • the memory may include non-permanent memory in computer readable media, random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of computer readable media.
  • RAM random access memory
  • ROM read-only memory
  • flash RAM flash memory
  • Computer-readable media include permanent and non-permanent, removable and non-removable media, and any method or technology can be used to store information.
  • the information can be computer-readable instructions, data structures, program modules, or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical storage, Magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices or any other non-transmission media can be used to store information that can be accessed by computing devices. According to the definition in this article, computer-readable media does not include transitory media, such as modulated data signals and carrier waves.
  • this specification can be provided as methods, systems or computer program products. Therefore, this specification may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, this specification can take the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes.
  • computer-usable storage media including but not limited to disk storage, CD-ROM, optical storage, etc.
  • program modules include routines, programs, objects, components, data structures, etc. that perform specific tasks or implement specific abstract data types.
  • This specification can also be practiced in distributed computing environments, in which tasks are performed by remote processing devices connected through a communication network.
  • program modules can be located in local and remote computer storage media including storage devices.

Abstract

Embodiments of the present specification provide a decentralized secure multi-party data processing method and device and a storage medium. The method comprises: receiving a computation task provided by a blockchain node, wherein the computation task carries a contract identifier and a public key of a data requester, and a private contract corresponding to the contract identifier is pre-deployed on the blockchain node; obtaining, in response to the computation task, private data from a local data node; and performing collaborative computing, on the basis of the private data and a computation logic agreed upon in the private contract, with other computation nodes agreed upon in the private contract, and obtaining a computation result, such that one of the computation nodes agreed upon in the private contract encrypts the computation result by means of the public key, and uploads a ciphertext computation result to the blockchain node. The embodiments of the specification can reduce or eliminate the dependence of multi-party secure computation on centralization.

Description

去中心化多方安全数据处理方法、装置及存储介质Decentralized multi-party secure data processing method, device and storage medium 技术领域Technical field
本说明书涉及区块链技术领域,尤其是涉及一种去中心化多方安全数据处理方法、装置及存储介质。This specification relates to the field of blockchain technology, in particular to a decentralized multi-party secure data processing method, device and storage medium.
背景技术Background technique
多方安全计算(Secure Multi-Party Computation,简称MPC)是指多个持有各自私有数据的参与方,共同执行一个数据计算逻辑并获得处理结果,以实现在保证各方私有数据安全的同时,联合使用各方私有数据来达到特定的效果,从而充分发挥数据的价值。Secure Multi-Party Computation (MPC) refers to multiple parties holding their own private data to jointly execute a data calculation logic and obtain processing results, so as to realize the joint operation while ensuring the security of each party’s private data. Use the private data of all parties to achieve specific effects, so as to give full play to the value of the data.
然而,现有的多方安全计算方案一般都存在中心化管理模块(例如key管理中心或节点的信息配置管理模块等)。因此,如何消除多方安全计算对中心化的依赖已成为目前亟待解决的技术问题。However, the existing multi-party secure computing solutions generally have a centralized management module (such as a key management center or a node information configuration management module, etc.). Therefore, how to eliminate the dependence of multi-party secure computing on centralization has become an urgent technical problem to be solved.
发明内容Summary of the invention
本说明书实施例的目的在于提供一种去中心化多方安全数据处理方法、装置及存储介质,以降低或消除多方安全计算对中心化的依赖。The purpose of the embodiments of this specification is to provide a decentralized multi-party secure data processing method, device, and storage medium, so as to reduce or eliminate the dependence of multi-party secure computing on centralization.
为达到上述目的,一方面,本说明书实施例提供了一种去中心化多方安全数据处理方法,所述方法包括:To achieve the above objective, on the one hand, the embodiments of this specification provide a decentralized multi-party secure data processing method, the method includes:
接收区块链节点提供的计算任务;所述计算任务中携带合约标识及数据需求方的公钥,所述合约标识对应的隐私合约预先部署于所述区块链节点上;Receiving a computing task provided by a blockchain node; the computing task carries a contract identifier and the public key of the data requester, and the privacy contract corresponding to the contract identifier is pre-deployed on the blockchain node;
响应于所述计算任务,从本地数据节点获取隐私数据;In response to the computing task, obtaining private data from a local data node;
基于所述隐私数据及所述隐私合约中约定的计算逻辑,与所述隐私合约中约定的其他计算节点进行协同计算,获得计算结果;以使所述隐私合约中约定的计算节点之一,用所述公钥加密所述计算结果,并将密文计算结果上链至所述区块链节点。Based on the privacy data and the calculation logic agreed in the privacy contract, perform collaborative calculations with other computing nodes agreed in the privacy contract to obtain the calculation results; so that one of the calculation nodes agreed in the privacy contract is used The public key encrypts the calculation result, and uploads the ciphertext calculation result to the blockchain node.
另一方面,本说明书实施例还提供了一种计算节点,所述计算节点包括:On the other hand, the embodiment of this specification also provides a computing node, and the computing node includes:
计算任务接收模块,用于接收区块链节点提供的计算任务;所述计算任务中携带合约标识及数据需求方的公钥,所述合约标识对应的隐私合约预先部署于所述区块链节点上;The calculation task receiving module is used to receive the calculation task provided by the blockchain node; the calculation task carries the contract identification and the public key of the data requester, and the privacy contract corresponding to the contract identification is pre-deployed on the blockchain node on;
隐私数据获取模块,用于响应于所述计算任务,从本地数据节点获取隐私数据;A private data acquisition module, which is used to acquire private data from a local data node in response to the computing task;
多方协同计算模块,用于基于所述隐私数据及所述隐私合约中约定的计算逻辑,与所述隐私合约中约定的其他计算节点进行协同计算,获得计算结果;以使所述隐私合约中约定的计算节点之一,用所述公钥加密所述计算结果,并将密文计算结果上链至所述区块链节点。The multi-party collaborative calculation module is used to perform collaborative calculations with other computing nodes agreed in the privacy contract based on the privacy data and the calculation logic agreed in the privacy contract to obtain the calculation result; so that the privacy contract agreed One of the computing nodes of, encrypting the calculation result with the public key, and uploading the ciphertext calculation result to the blockchain node.
另一方面,本说明书实施例还提供了一种计算机存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现以下步骤:On the other hand, the embodiments of this specification also provide a computer storage medium on which a computer program is stored, and when the computer program is executed by a processor, the following steps are implemented:
接收区块链节点提供的计算任务;所述计算任务中携带合约标识及数据需求方的公钥,所述合约标识对应的隐私合约预先部署于所述区块链节点上;Receiving a computing task provided by a blockchain node; the computing task carries a contract identifier and the public key of the data requester, and the privacy contract corresponding to the contract identifier is pre-deployed on the blockchain node;
响应于所述计算任务,从本地数据节点获取隐私数据;In response to the computing task, obtaining private data from a local data node;
基于所述隐私数据及所述隐私合约中约定的计算逻辑,与所述隐私合约中约定的其他计算节点进行协同计算,获得计算结果;以使所述隐私合约中约定的计算节点之一,用所述公钥加密所述计算结果,并将密文计算结果上链至所述区块链节点。Based on the privacy data and the calculation logic agreed in the privacy contract, perform collaborative calculations with other computing nodes agreed in the privacy contract to obtain the calculation results; so that one of the calculation nodes agreed in the privacy contract is used The public key encrypts the calculation result, and uploads the ciphertext calculation result to the blockchain node.
另一方面,本说明书实施例还提供了另一种去中心化多方安全数据处理方法,应用于分布式网络的任意一个区块链节点上,所述区块链节点上预先部署有至少一个隐私合约,所述方法包括:On the other hand, the embodiment of this specification also provides another decentralized multi-party secure data processing method, which is applied to any blockchain node in a distributed network, and at least one privacy policy is pre-deployed on the blockchain node. Contract, the method includes:
接收数据需求方发起的计算交易请求;所述计算交易请求中携带合约标识及所述数据需求方的公钥;Receiving a calculation transaction request initiated by a data requester; the calculation transaction request carries the contract identifier and the public key of the data requester;
加载与所述合约标识对应的目标隐私合约;Load the target privacy contract corresponding to the contract identifier;
向所述目标隐私合约中约定的计算节点发送计算任务;所述计算任务中携带合约标识及数据需求方的公钥;Sending a computing task to the computing node agreed in the target privacy contract; the computing task carries the contract identifier and the public key of the data requester;
在收到所述目标隐私合约中约定的计算节点之一返回的密文计算结果时,将其保存至所述目标隐私合约中,所述密文计算结果用所述公钥加密。When receiving the ciphertext calculation result returned by one of the computing nodes agreed in the target privacy contract, save it in the target privacy contract, and the ciphertext calculation result is encrypted with the public key.
另一方面,本说明书实施例还提供了一种区块链节点,所述区块链节点上预先部署有至少一个隐私合约,所述区块链节点包括:On the other hand, the embodiment of this specification also provides a blockchain node, at least one privacy contract is pre-deployed on the blockchain node, and the blockchain node includes:
计算交易请求接收模块,用于接收数据需求方发起的计算交易请求;所述计算交易请求中携带合约标识及所述数据需求方的公钥;The calculation transaction request receiving module is used to receive the calculation transaction request initiated by the data demander; the calculation transaction request carries the contract identifier and the public key of the data demander;
隐私合约加载模块,用于加载与所述合约标识对应的目标隐私合约;The privacy contract loading module is used to load the target privacy contract corresponding to the contract identifier;
计算任务发送模块,用于向所述目标隐私合约中约定的计算节点发送计算任务;所述计算任务中携带合约标识及数据需求方的公钥;A computing task sending module is used to send a computing task to the computing node agreed in the target privacy contract; the computing task carries the contract identifier and the public key of the data requester;
计算结果保存模块,用于在收到所述目标隐私合约中约定的计算节点之一返回的密 文计算结果时,将其保存至所述目标隐私合约中,所述密文计算结果用所述公钥加密。The calculation result storage module is used to save the ciphertext calculation result returned by one of the computing nodes agreed in the target privacy contract in the target privacy contract, and use the ciphertext calculation result as the Public key encryption.
另一方面,本说明书实施例还提供了另一种计算机存储介质,其上存储有计算机程序,所述计算机程序应用于分布式网络的任意一个区块链节点上,所述区块链节点上预先部署有至少一个隐私合约,所述计算机程序被处理器执行时实现以下步骤:On the other hand, the embodiment of this specification also provides another computer storage medium on which a computer program is stored, and the computer program is applied to any blockchain node in a distributed network, and the blockchain node At least one privacy contract is pre-deployed, and when the computer program is executed by the processor, the following steps are implemented:
接收数据需求方发起的计算交易请求;所述计算交易请求中携带合约标识及所述数据需求方的公钥;Receiving a calculation transaction request initiated by a data requester; the calculation transaction request carries the contract identifier and the public key of the data requester;
加载与所述合约标识对应的目标隐私合约;Load the target privacy contract corresponding to the contract identifier;
向所述目标隐私合约中约定的计算节点发送计算任务;所述计算任务中携带合约标识及数据需求方的公钥;Sending a computing task to the computing node agreed in the target privacy contract; the computing task carries the contract identifier and the public key of the data requester;
在收到所述目标隐私合约中约定的计算节点之一返回的密文计算结果时,将其保存至所述目标隐私合约中,所述密文计算结果用所述公钥加密。When receiving the ciphertext calculation result returned by one of the computing nodes agreed in the target privacy contract, save it in the target privacy contract, and the ciphertext calculation result is encrypted with the public key.
由以上本说明书实施例提供的技术方案可见,本说明书实施例中,计算节点协同计算时所需的隐私数据都保持在数据提供方本地,没有泄露给其他数据提供方,因此保证了数据的隐私性及安全性。同时,在隐私合约执行时,区块链节点提供的计算任务触发计算节点进行协同计算,且协同计算的结算结果是由隐私合约中约定的计算节点之一,在用数据需求方的公钥加密后上链至区块链节点网络的。因此,整个协同计算过程不需要依赖任何可信第三方,具备较佳的去中心化特点。It can be seen from the technical solutions provided in the above embodiments of this specification that, in the embodiments of this specification, the privacy data required by the computing nodes during collaborative computing is kept locally on the data provider and not leaked to other data providers, thus ensuring data privacy Sex and safety. At the same time, when the privacy contract is executed, the computing task provided by the blockchain node triggers the computing node to perform collaborative calculation, and the settlement result of the collaborative calculation is one of the computing nodes agreed in the privacy contract, which is encrypted with the public key of the data requester After the chain is connected to the blockchain node network. Therefore, the entire collaborative computing process does not need to rely on any trusted third party, and has better decentralization characteristics.
附图说明Description of the drawings
为了更清楚地说明本说明书实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本说明书中记载的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。在附图中:In order to more clearly explain the technical solutions in the embodiments of this specification or the prior art, the following will briefly introduce the drawings that need to be used in the description of the embodiments or the prior art. Obviously, the drawings in the following description are only These are some embodiments described in this specification. For those of ordinary skill in the art, other drawings can be obtained based on these drawings without creative labor. In the attached picture:
图1为本说明书一些实施例中的去中心化多方安全数据处理系统的系统架构示意图;Figure 1 is a schematic diagram of the system architecture of a decentralized multi-party secure data processing system in some embodiments of this specification;
图2为本说明书一些实施例中的去中心化多方安全数据处理系统的交互示意图;FIG. 2 is a schematic diagram of interaction of the decentralized multi-party secure data processing system in some embodiments of this specification;
图3为本说明书一些实施例中MPC节点的结构框图;Figure 3 is a structural block diagram of an MPC node in some embodiments of this specification;
图4为本说明书一些实施例中区块链节点的结构框图;Figure 4 is a block diagram of the block chain node in some embodiments of this specification;
图5为本说明书一些实施例中MPC节点侧的去中心化多方安全数据处理方法的流程图;Figure 5 is a flowchart of a decentralized multi-party secure data processing method on the MPC node side in some embodiments of this specification;
图6为本说明书一些实施例中区块链节点侧的去中心化多方安全数据处理方法的流程图。Fig. 6 is a flowchart of a decentralized multi-party secure data processing method on the side of a blockchain node in some embodiments of this specification.
具体实施方式detailed description
为了使本技术领域的人员更好地理解本说明书中的技术方案,下面将结合本说明书实施例中的附图,对本说明书实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本说明书一部分实施例,而不是全部的实施例。基于本说明书中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都应当属于本说明书保护的范围。In order to enable those skilled in the art to better understand the technical solutions in this specification, the technical solutions in the embodiments of this specification will be clearly and completely described below in conjunction with the drawings in the embodiments of this specification. Obviously, the described The embodiments are only a part of the embodiments in this specification, rather than all the embodiments. Based on the embodiments in this specification, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of this specification.
目前MPC技术在用户征信联合调查、研究机构联合数据分析、在电子选举、电子投票、电子拍卖、秘密共享、门限签名等场景中有着重要的作用。然而,针对多方安全计算的数据隐私问题,现有的多方安全计算方案一般都存在中心化管理模块(例如key管理中心或节点的信息配置管理模块等)。这些中心化管理模块的存在可能容易导致安全性较低、交易过程繁琐和耗费资源等问题。At present, MPC technology plays an important role in user credit investigations, joint data analysis of research institutions, electronic elections, electronic voting, electronic auctions, secret sharing, threshold signatures and other scenarios. However, in view of the data privacy problem of multi-party secure computing, existing multi-party secure computing solutions generally have a centralized management module (such as a key management center or a node information configuration management module, etc.). The existence of these centralized management modules may easily lead to problems such as low security, cumbersome transaction processes, and resource consuming.
为降低或消除多方安全计算对中心化的依赖,本说明书一些实施例中提供了如图1所示的去中心化多方安全数据处理系统。该系统可包括MPC计算群和区块链节点网络。In order to reduce or eliminate the dependence of multi-party secure computing on centralization, some embodiments of this specification provide a decentralized multi-party secure data processing system as shown in FIG. 1. The system may include MPC computing group and blockchain node network.
MPC计算群可以为一个分布式网络,该分布式网络中可以包括多个MPC节点,每个MPC节点对应一个数据提供方,每个MPC节点连接到区块链节点网络中的一个区块链节点上。所述多个MPC节点可以基于各自获取的隐私数据,共同参与多方安全计算(即所述多个MPC节点可以基于各自获取的隐私数据进行多方安全计算协同计算)。MPC节点可以用于接收区块链节点提供的计算任务;所述计算任务中携带合约标识及数据需求方的公钥,所述合约标识对应的隐私合约预先部署于所述区块链节点上;响应于所述计算任务,从本地数据节点获取隐私数据;基于所述隐私数据及所述隐私合约中约定的计算逻辑,与所述隐私合约中约定的其他计算节点进行协同计算,获得计算结果;以使所述隐私合约中约定的计算节点之一,用所述公钥加密所述计算结果,并将密文计算结果上链至所述区块链节点。The MPC computing group can be a distributed network, which can include multiple MPC nodes, each MPC node corresponds to a data provider, and each MPC node is connected to a blockchain node in the blockchain node network on. The multiple MPC nodes may jointly participate in multi-party secure computing based on the private data obtained separately (that is, the multiple MPC nodes may perform multi-party secure computing collaborative computing based on the private data obtained separately). The MPC node can be used to receive the computing task provided by the blockchain node; the computing task carries the contract identifier and the public key of the data requester, and the privacy contract corresponding to the contract identifier is pre-deployed on the blockchain node; In response to the computing task, obtain private data from a local data node; based on the private data and the calculation logic agreed in the privacy contract, perform collaborative calculation with other computing nodes agreed in the privacy contract to obtain a calculation result; In order to make one of the computing nodes agreed in the privacy contract encrypt the calculation result with the public key, and upload the ciphertext calculation result to the blockchain node.
区块链节点网络中的区块链节点可以用于接收数据需求方发起的计算交易请求;所述计算交易请求中携带合约标识及所述数据需求方的公钥;加载与所述合约标识对应的隐私合约;向所述隐私合约中约定的计算节点发送所述计算任务;在收到所述隐私合约中约定的计算节点之一返回的密文计算结果时,将其保存至所述隐私合约中,以便于数 据需求方查询。其中,为了提高数据安全,数据需求方在发起计算交易请求前,可以临时生成一对公私钥,私钥自己保留,公钥随计算交易请求发到区块链上。The blockchain node in the blockchain node network can be used to receive a calculation transaction request initiated by a data demander; the calculation transaction request carries the contract identifier and the public key of the data demander; loading corresponds to the contract identifier The privacy contract; send the calculation task to the computing node agreed in the privacy contract; when receiving the ciphertext calculation result returned by one of the computing nodes agreed in the privacy contract, save it to the privacy contract In order to facilitate the query of the data demand side. Among them, in order to improve data security, the data requester can temporarily generate a pair of public and private keys before initiating a calculation transaction request. The private key is retained by itself, and the public key is sent to the blockchain with the calculation transaction request.
由此可见,在上述去中心化多方安全数据处理系统中,每个MPC节点计算时所需的隐私数据都保持在数据提供方本地,没有泄露给其他数据提供方,因此保证了数据的隐私性及安全性。同时,在隐私合约执行时,由区块链节点触发隐私合约中约定的MPC节点进行协同计算,且协同计算的结算结果是由隐私合约中约定的MPC节点之一(具体可以在隐私合约中约定),在用数据需求方的公钥加密后上链至区块链节点网络的。因此,整个协同计算过程不需要依赖任何可信第三方,具备较佳的去中心化特点。It can be seen that in the above-mentioned decentralized multi-party secure data processing system, the private data required for each MPC node's calculation is kept locally on the data provider and not leaked to other data providers, thus ensuring the privacy of data And safety. At the same time, when the privacy contract is executed, the blockchain node triggers the MPC node agreed in the privacy contract to perform collaborative calculations, and the settlement result of the collaborative calculation is one of the MPC nodes agreed in the privacy contract (specifically, it can be agreed in the privacy contract ), after being encrypted with the public key of the data requester, it is uploaded to the blockchain node network. Therefore, the entire collaborative computing process does not need to rely on any trusted third party, and has better decentralization characteristics.
在本说明书一些实施例中,根据需要,每个MPC节点可以对应有一个或多个数据节点。例如,当同一数据提供方签约了不同的隐私合约时,该数据提供方可以针对不同的隐私合约配置不同的数据节点,如此通过这种隐私数据隔离,可利于提高数据提供方的隐私数据安全。其中,数据节点需要预先向本地MPC节点注册,以等待参与计算。在隐私合约执行时,数据节点负责将本地保存的隐私数据提供给本地MPC节点。MPC节点在进行协同计算前,需要获得隐私合约中指定的计算逻辑,以便于按照计算逻辑进行计算。在一些实施例中,MPC节点可以通过计算任务中携带合约标识,从区块链节点上匹配到对应隐私合约中指定的计算逻辑。在另一些实施例中,MPC节点也可以通过其他方式获得隐私合约中指定的计算逻辑。例如,计算任务中携带有合约标识对应的计算逻辑,等等;本说明书对此不作限制,具体可以根据需要选择合适的方式。In some embodiments of this specification, each MPC node may correspond to one or more data nodes as needed. For example, when the same data provider signs up with different privacy contracts, the data provider can configure different data nodes for different privacy contracts. This kind of privacy data isolation can help improve the privacy data security of the data provider. Among them, the data node needs to register with the local MPC node in advance to wait to participate in the calculation. When the privacy contract is executed, the data node is responsible for providing the locally stored private data to the local MPC node. Before the MPC node performs collaborative calculations, it needs to obtain the calculation logic specified in the privacy contract to facilitate calculations in accordance with the calculation logic. In some embodiments, the MPC node can carry the contract identifier in the calculation task to match the calculation logic specified in the corresponding privacy contract from the blockchain node. In other embodiments, the MPC node may also obtain the calculation logic specified in the privacy contract in other ways. For example, the calculation task carries the calculation logic corresponding to the contract identifier, etc.; this specification does not limit this, and the specific method can be selected according to needs.
需要指出的是,本说明书提及的隐私合约是指隐私智能合约,即进行了隐私保护的智能合约,以免敏感信息被暴露。在本说明书一些实施例中,MPC节点和数据节点均可以部署于数据提供方本地,以利于进一步提高数据提供方的隐私数据安全。It should be pointed out that the privacy contract mentioned in this manual refers to a privacy smart contract, that is, a smart contract with privacy protection to prevent sensitive information from being exposed. In some embodiments of this specification, both the MPC node and the data node may be deployed locally on the data provider, so as to further improve the privacy data security of the data provider.
在本说明书一些实施例中,每个MPC节点可以预先加载有多方安全计算虚拟机(Virtual Machine,简称VM),以提供对应隐私合约中多方安全计算逻辑的运行时环境。当一个MPC节点所对应的数据提供方同时签约有N个私智能合约时,该MPC节点可以配置有N个对应的虚拟机。在一些示例性实施例中,所述多方安全计算虚拟机例如可以是底层虚拟机(Low Level Virtual Machine,简称LLVM),其可以执行LLVM IR字节码。在隐私合约上链前,受数据提供方委托的开发者(或数据提供方)可以将高级语言编写的MPC计算函数编译成LLVM IR字节码(即将高级语言程序编译成字节码文件),然后结合计算参与方(即MPC节点)、计费规则等设置参数,最终可以编译成区块链的智能合约(即上述的隐私合约)。由此可见,隐私合约中保存的计算逻辑可以为字节码 文件。相应的,MPC节点在进行协同计算时,可以调用虚拟机的即时编译器(Just In Time Compilation,简称JIT编译器),以将包含多方安全计算逻辑的字节码文件转换成可执行代码。In some embodiments of this specification, each MPC node may be preloaded with a multi-party secure computing virtual machine (Virtual Machine, VM for short) to provide a runtime environment corresponding to the multi-party secure computing logic in the privacy contract. When the data provider corresponding to an MPC node has signed N private smart contracts at the same time, the MPC node can be configured with N corresponding virtual machines. In some exemplary embodiments, the multi-party secure computing virtual machine may be, for example, a Low Level Virtual Machine (LLVM for short), which can execute LLVM IR bytecode. Before the privacy contract is chained, the developer (or data provider) entrusted by the data provider can compile the MPC calculation function written in the high-level language into LLVM IR bytecode (that is, compile the high-level language program into a bytecode file), Then set parameters in combination with computing participants (ie MPC nodes), charging rules, etc., and finally can be compiled into a blockchain smart contract (ie, the aforementioned privacy contract). It can be seen that the calculation logic stored in the privacy contract can be a bytecode file. Correspondingly, when the MPC node performs collaborative computing, it can call the Just In Time Compilation (JIT compiler for short) of the virtual machine to convert the bytecode file containing the multi-party secure computing logic into executable code.
由于现有多方安全计算技术使用MPC BOOL电路作为计算脚本,导致电路文件极大,难定制算法(即计算逻辑),因而不适合分布式应用(Decentralized Application,简称DAPP)开发场景。而在本说明书实施例中,不再需要编写复杂的MPC电路,而是采用高级语言编写MPC计算函数,并编译成LLVM IR字节码;且MPC节点可以调用预先配置的虚拟机的JIT编译器,将包含MPC计算函数的字节码文件转换成可执行代码。因此,在本说明书实施例中,通过高级语言编程可以方便地定制计算逻辑,从而可以更好的丰富DAPP开发场景。Because the existing multi-party secure computing technology uses the MPC BOOL circuit as the calculation script, the circuit file is extremely large and it is difficult to customize the algorithm (ie, the calculation logic), so it is not suitable for distributed application (Decentralized Application, referred to as DAPP) development scenarios. In the embodiment of this specification, it is no longer necessary to write a complicated MPC circuit, but a high-level language is used to write the MPC calculation function and compile it into LLVM IR bytecode; and the MPC node can call the JIT compiler of the pre-configured virtual machine , Convert the bytecode file containing MPC calculation functions into executable code. Therefore, in the embodiments of this specification, the calculation logic can be conveniently customized through high-level language programming, so that the DAPP development scenario can be better enriched.
在本说明书一些实施例中,MPC节点可以根据所述计算任务中携带的指定计算参数,向所述本地数据节点请求与所述指定计算参数对应的隐私数据。其中,指定计算参数指示数据需求方的结果需求。因此,指定计算参数可以为一个结果参数或数据索引值。例如,在一示例性场景下,数据需求方指定的指定计算参数可以为2018年5克拉钻戒的销售均价。再如,在另一示例性场景下,数据需求方指定的指定计算参数可以为目标人群的健康指数,等等。In some embodiments of this specification, the MPC node may request the local data node for private data corresponding to the specified calculation parameter according to the specified calculation parameter carried in the calculation task. Among them, the designated calculation parameter indicates the result demand of the data demander. Therefore, the specified calculation parameter can be a result parameter or data index value. For example, in an exemplary scenario, the designated calculation parameter designated by the data demander may be the average sales price of a 5-carat diamond ring in 2018. For another example, in another exemplary scenario, the specified calculation parameter specified by the data demander may be the health index of the target population, and so on.
在本说明书一些实施例中,隐私合约中一般会约定有多个参与计算的MPC节点,因此,对于其中的任何一个MPC节点而言,其可以与所述隐私合约中约定的其他计算节点一起进行协同计算,从而共同完成一个多方安全计算任务。为了防止计算结果重复提交,所述隐私合约中可以约定其中的一个MPC节点作为计算结果提交节点,各个MPC节点之间可以进行点对点通信,以便于进行协同计算。计算结果提交节点在得到计算结果后,可以先用数据请求方的公钥对计算结果进行加密,获得密文计算结果;然后构造一个区块链交易,以通过该交易把密文计算结果上链至所述区块链节点,以便于所述区块链节点可以将其保存至对应的隐私合约中。In some embodiments of this specification, the privacy contract generally stipulates that there are multiple MPC nodes participating in the calculation. Therefore, for any one of the MPC nodes, it can be performed together with other computing nodes agreed in the privacy contract. Collaborative computing to jointly complete a multi-party secure computing task. In order to prevent repeated submission of calculation results, one of the MPC nodes may be agreed as the calculation result submission node in the privacy contract, and each MPC node may perform peer-to-peer communication to facilitate collaborative calculations. After the calculation result submission node obtains the calculation result, it can first encrypt the calculation result with the public key of the data requester to obtain the ciphertext calculation result; then construct a blockchain transaction to upload the ciphertext calculation result to the chain through the transaction To the blockchain node so that the blockchain node can save it in the corresponding privacy contract.
在本说明书一些实施例中,区块链节点网络中的每个区块链节点在发现计算交易请求时,可以根据计算交易请求中携带的合约标识,加载相应的隐私合约,并检查本地连接的MPC节点是否为该隐私合约的计算参与方;如果本地连接的MPC节点是该隐私合约的计算参与方,则生成相应的计算任务提供给本地连接的MPC节点,以触发本地连接的MPC节点进行多方安全计算。当区块链节点网络中的任意一个区块链节点在收到针对所述计算任务返回的密文计算结果后,可同步至区块链节点网络中所有区块链节点。相 应的,数据需求方可以通过可视化操作终端(例如智能手机、电脑等)向区块链节点网络中的任意一个区块链节点发送计算结果查询请求。在收到数据需求方的计算结果查询请求时,区块链节点可以向所述数据需求方提供所述密文计算结果。数据需求方获得密文计算结果时需要用与所述公钥对应的私钥解密所述密文计算结果,从而可以获得明文计算结果。In some embodiments of this specification, when each blockchain node in the blockchain node network discovers a calculation transaction request, it can load the corresponding privacy contract according to the contract identifier carried in the calculation transaction request, and check the local connection Whether the MPC node is a computing participant of the privacy contract; if the locally connected MPC node is a computing participant of the privacy contract, the corresponding computing task is generated and provided to the locally connected MPC node to trigger the locally connected MPC node to perform multi-party Safe calculation. When any blockchain node in the blockchain node network receives the ciphertext calculation result returned for the calculation task, it can be synchronized to all the blockchain nodes in the blockchain node network. Correspondingly, the data requester can send a calculation result query request to any blockchain node in the blockchain node network through a visual operation terminal (such as a smart phone, a computer, etc.). Upon receiving the calculation result query request from the data demander, the blockchain node may provide the ciphertext calculation result to the data demander. When the data requester obtains the ciphertext calculation result, it needs to decrypt the ciphertext calculation result with the private key corresponding to the public key, so that the plaintext calculation result can be obtained.
在本说明书一些实施例中,上述去中心化多方安全数据处理系统中,各个节点之间的交互可以如图2所示。In some embodiments of this specification, in the aforementioned decentralized multi-party secure data processing system, the interaction between various nodes may be as shown in FIG. 2.
结合图3所示,在本说明书一些实施例中,MPC节点可以包括计算任务接收模块31、隐私数据获取模块32和多方协同计算模块33。其中:As shown in FIG. 3, in some embodiments of this specification, the MPC node may include a computing task receiving module 31, a privacy data acquiring module 32, and a multi-party collaborative computing module 33. among them:
计算任务接收模块31,可以用于接收区块链节点提供的计算任务;所述计算任务中携带合约标识及数据需求方的公钥,所述合约标识对应的隐私合约预先部署于所述区块链节点上;The computing task receiving module 31 can be used to receive computing tasks provided by blockchain nodes; the computing tasks carry the contract identifier and the public key of the data requester, and the privacy contract corresponding to the contract identifier is pre-deployed in the block On the chain node;
隐私数据获取模块32,可以用于响应于所述计算任务,从本地数据节点获取隐私数据;The private data acquisition module 32 may be used to acquire private data from a local data node in response to the computing task;
多方协同计算模块33,可以用于基于所述隐私数据及所述隐私合约中约定的计算逻辑,与所述隐私合约中约定的其他计算节点进行协同计算,获得计算结果;以使所述隐私合约中约定的计算节点之一,用所述公钥加密所述计算结果,并将密文计算结果上链至所述区块链节点。The multi-party collaborative computing module 33 can be used to perform collaborative calculations with other computing nodes agreed in the privacy contract based on the privacy data and the calculation logic agreed in the privacy contract to obtain a calculation result; so that the privacy contract One of the computing nodes agreed in the, encrypts the calculation result with the public key, and uploads the ciphertext calculation result to the blockchain node.
在本说明书另一些实施例中,所述MPC节点还可以包括虚拟机加载模块30。该虚拟机加载模块30可以用于预先加载目标虚拟机,以提供所述计算逻辑的运行时环境。In some other embodiments of this specification, the MPC node may further include a virtual machine loading module 30. The virtual machine loading module 30 can be used to pre-load the target virtual machine to provide a runtime environment of the computing logic.
结合图4所示,在本说明书一些实施例中,区块链节点可以包括计算交易请求接收模块41、隐私合约加载模块42、计算任务发送模块43和计算结果保存模块44。其中:As shown in FIG. 4, in some embodiments of this specification, the blockchain node may include a calculation transaction request receiving module 41, a privacy contract loading module 42, a calculation task sending module 43, and a calculation result saving module 44. among them:
计算交易请求接收模块41,可以用于接收数据需求方发起的计算交易请求;所述计算交易请求中携带合约标识及所述数据需求方的公钥;The calculation transaction request receiving module 41 may be used to receive a calculation transaction request initiated by a data demander; the calculation transaction request carries the contract identifier and the public key of the data demander;
隐私合约加载模块42,可以用于加载与所述合约标识对应的目标隐私合约;The privacy contract loading module 42 can be used to load the target privacy contract corresponding to the contract identifier;
计算任务发送模块43,可以用于向所述目标隐私合约中约定的计算节点发送计算任务;所述计算任务中携带合约标识及数据需求方的公钥;The computing task sending module 43 can be used to send computing tasks to the computing nodes agreed in the target privacy contract; the computing tasks carry the contract identifier and the public key of the data requester;
计算结果保存模块44,可以用于在收到所述目标隐私合约中约定的计算节点之一返回的密文计算结果时,将其保存至所述目标隐私合约中,所述密文计算结果用所述公钥加密。The calculation result storage module 44 may be used to save the ciphertext calculation result returned by one of the computing nodes agreed in the target privacy contract in the target privacy contract, and the ciphertext calculation result is used The public key encryption.
在本说明书另一些实施例中,区块链节点还可以包括计算结果提供模块45。该计算结果提供模块45可以用于在收到所述数据需求方的计算结果查询请求时,向所述数据需求方提供所述密文计算结果。In some other embodiments of this specification, the blockchain node may further include a calculation result providing module 45. The calculation result providing module 45 may be used to provide the ciphertext calculation result to the data requester when the calculation result query request from the data requester is received.
在本说明书一些实施例中,上述各节点可以为台式电脑、平板电脑、笔记本电脑、智能手机、数字助理、智能可穿戴设备等。其中,智能可穿戴设备可以包括智能手环、智能手表、智能眼镜、智能头盔等。当然,所述节点并不限于上述具有一定实体的电子设备,其还可以为运行于上述电子设备中的软体。In some embodiments of this specification, the aforementioned nodes may be desktop computers, tablet computers, notebook computers, smart phones, digital assistants, smart wearable devices, and so on. Among them, smart wearable devices may include smart bracelets, smart watches, smart glasses, smart helmets, and so on. Of course, the node is not limited to the aforementioned electronic device with a certain entity, and it can also be software running in the aforementioned electronic device.
为了描述的方便,描述以上节点时以功能分为各种单元分别描述。当然,在实施本说明书时可以把各单元的功能在同一个或多个软件和/或硬件中实现。For the convenience of description, when describing the above nodes, the functions are divided into various units and described separately. Of course, when implementing this specification, the functions of each unit can be implemented in the same or multiple software and/or hardware.
参考图5所示,MPC节点侧的去中心化多方安全数据处理方法可以包括以下步骤:As shown in FIG. 5, the decentralized multi-party secure data processing method on the MPC node side may include the following steps:
S501、接收区块链节点提供的计算任务;所述计算任务中携带合约标识及数据需求方的公钥,所述合约标识对应的隐私合约预先部署于所述区块链节点上。S501. Receive a computing task provided by a blockchain node; the computing task carries a contract identifier and a public key of a data requester, and a privacy contract corresponding to the contract identifier is pre-deployed on the blockchain node.
S502、响应于所述计算任务,从本地数据节点获取隐私数据。S502. In response to the computing task, obtain private data from a local data node.
S503、基于所述隐私数据及所述隐私合约中约定的计算逻辑,与所述隐私合约中约定的其他计算节点进行协同计算,获得计算结果;以使所述隐私合约中约定的计算节点之一,用所述公钥加密所述计算结果,并将密文计算结果上链至所述区块链节点。S503. Based on the privacy data and the calculation logic agreed in the privacy contract, perform collaborative calculation with other computing nodes agreed in the privacy contract to obtain a calculation result; so that one of the calculation nodes agreed in the privacy contract , Encrypting the calculation result with the public key, and uploading the ciphertext calculation result to the blockchain node.
参考图6所示,区块链节点侧的去中心化多方安全数据处理方法可以包括以下步骤:As shown in Fig. 6, the decentralized multi-party secure data processing method on the blockchain node side may include the following steps:
S601、接收数据需求方发起的计算交易请求;所述计算交易请求中携带合约标识及所述数据需求方的公钥。S601. Receive a calculation transaction request initiated by a data demander; the calculation transaction request carries a contract identifier and the public key of the data demander.
S602、加载与所述合约标识对应的目标隐私合约。S602. Load the target privacy contract corresponding to the contract identifier.
S603、向所述目标隐私合约中约定的计算节点发送计算任务;所述计算任务中携带合约标识及数据需求方的公钥。S603. Send a computing task to the computing node agreed in the target privacy contract; the computing task carries the contract identifier and the public key of the data requester.
S604、在收到所述目标隐私合约中约定的计算节点之一返回的密文计算结果时,将其保存至所述目标隐私合约中,所述密文计算结果用所述公钥加密。S604: When receiving the ciphertext calculation result returned by one of the computing nodes agreed in the target privacy contract, save it in the target privacy contract, and the ciphertext calculation result is encrypted with the public key.
虽然上文描述的过程流程包括以特定顺序出现的多个操作,但是,应当清楚了解,这些过程可以包括更多或更少的操作,这些操作可以顺序执行或并行执行(例如使用并行处理器或多线程环境)。Although the process flow described above includes multiple operations appearing in a specific order, it should be clearly understood that these processes may include more or fewer operations, and these operations may be executed sequentially or in parallel (for example, using parallel processors or Multi-threaded environment).
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些 计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention is described with reference to flowcharts and/or block diagrams of methods, devices (systems), and computer program products according to embodiments of the present invention. It should be understood that each process and/or block in the flowchart and/or block diagram, and the combination of processes and/or blocks in the flowchart and/or block diagram can be implemented by computer program instructions. These computer program instructions can be provided to the processor of a general-purpose computer, a special-purpose computer, an embedded processor, or other programmable data processing equipment to generate a machine, so that the instructions executed by the processor of the computer or other programmable data processing equipment are generated It is a device that realizes the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions can also be stored in a computer-readable memory that can guide a computer or other programmable data processing equipment to work in a specific manner, so that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction device. The device implements the functions specified in one process or multiple processes in the flowchart and/or one block or multiple blocks in the block diagram.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded on a computer or other programmable data processing equipment, so that a series of operation steps are executed on the computer or other programmable equipment to produce computer-implemented processing, so as to execute on the computer or other programmable equipment. The instructions provide steps for implementing functions specified in a flow or multiple flows in the flowchart and/or a block or multiple blocks in the block diagram.
在一个典型的配置中,计算设备包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存。In a typical configuration, the computing device includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
内存可能包括计算机可读介质中的非永久性存储器,随机存取存储器(RAM)和/或非易失性内存等形式,如只读存储器(ROM)或闪存(flash RAM)。内存是计算机可读介质的示例。The memory may include non-permanent memory in computer readable media, random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of computer readable media.
计算机可读介质包括永久性和非永久性、可移动和非可移动媒体可以使任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带,磁带磁磁盘存储或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括暂存电脑可读媒体(transitory media),如调制的数据信号和载波。Computer-readable media include permanent and non-permanent, removable and non-removable media, and any method or technology can be used to store information. The information can be computer-readable instructions, data structures, program modules, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical storage, Magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices or any other non-transmission media can be used to store information that can be accessed by computing devices. According to the definition in this article, computer-readable media does not include transitory media, such as modulated data signals and carrier waves.
还需要说明的是,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素 的过程、方法或者设备中还存在另外的相同要素。It should also be noted that the terms "including", "including" or any other variants thereof are intended to cover non-exclusive inclusion, so that a process, method, or device including a series of elements not only includes those elements, but also includes no Other elements clearly listed, or they also include elements inherent to the process, method, or equipment. If there are no more restrictions, the element defined by the sentence "including a..." does not exclude the existence of other same elements in the process, method, or device that includes the element.
本领域技术人员应明白,本说明书的实施例可提供为方法、系统或计算机程序产品。因此,本说明书可采用完全硬件实施例、完全软件实施例或结合软件和硬件方面的实施例的形式。而且,本说明书可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of this specification can be provided as methods, systems or computer program products. Therefore, this specification may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, this specification can take the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program codes.
本说明书可以在由计算机执行的计算机可执行指令的一般上下文中描述,例如程序模块。一般地,程序模块包括执行特定任务或实现特定抽象数据类型的例程、程序、对象、组件、数据结构等等。也可以在分布式计算环境中实践本说明书,在这些分布式计算环境中,由通过通信网络而被连接的远程处理设备来执行任务。在分布式计算环境中,程序模块可以位于包括存储设备在内的本地和远程计算机存储介质中。This specification may be described in the general context of computer-executable instructions executed by a computer, such as program modules. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform specific tasks or implement specific abstract data types. This specification can also be practiced in distributed computing environments, in which tasks are performed by remote processing devices connected through a communication network. In a distributed computing environment, program modules can be located in local and remote computer storage media including storage devices.
本说明书中的各个实施例均采用递进的方式描述,各个实施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。尤其,对于方法实施例而言,由于其基本相似于系统实施例,所以描述的比较简单,相关之处参见系统实施例的部分说明即可。The various embodiments in this specification are described in a progressive manner, and the same or similar parts between the various embodiments can be referred to each other, and each embodiment focuses on the differences from other embodiments. In particular, as for the method embodiment, since it is basically similar to the system embodiment, the description is relatively simple, and for related parts, please refer to the partial description of the system embodiment.
以上所述仅为本说明书的实施例而已,并不用于限制本说明书。对于本领域技术人员来说,本说明书可以有各种更改和变化。凡在本说明书的精神和原理之内所作的任何修改、等同替换、改进等,均应包含在本说明书的权利要求范围之内。The above descriptions are only examples of this specification and are not intended to limit this specification. For those skilled in the art, this specification can have various modifications and changes. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of this specification shall be included in the scope of the claims of this specification.

Claims (18)

  1. 一种去中心化多方安全数据处理方法,其特征在于,所述方法包括:A decentralized multi-party secure data processing method, characterized in that the method includes:
    接收区块链节点提供的计算任务;所述计算任务中携带合约标识及数据需求方的公钥,所述合约标识对应的隐私合约预先部署于所述区块链节点上;Receiving a computing task provided by a blockchain node; the computing task carries a contract identifier and the public key of the data requester, and the privacy contract corresponding to the contract identifier is pre-deployed on the blockchain node;
    响应于所述计算任务,从本地数据节点获取隐私数据;In response to the computing task, obtaining private data from a local data node;
    基于所述隐私数据及所述隐私合约中约定的计算逻辑,与所述隐私合约中约定的其他计算节点进行协同计算,获得计算结果;以使所述隐私合约中约定的计算节点之一,用所述公钥加密所述计算结果,并将密文计算结果上链至所述区块链节点。Based on the privacy data and the calculation logic agreed in the privacy contract, perform collaborative calculations with other computing nodes agreed in the privacy contract to obtain the calculation results; so that one of the calculation nodes agreed in the privacy contract is used The public key encrypts the calculation result, and uploads the ciphertext calculation result to the blockchain node.
  2. 如权利要求1所述的去中心化多方安全数据处理方法,其特征在于,所述计算任务由所述区块链节点依据收到的计算交易请求生成,所述计算交易请求由所述数据需求方发起。The decentralized multi-party secure data processing method according to claim 1, wherein the calculation task is generated by the blockchain node according to a received calculation transaction request, and the calculation transaction request is determined by the data request Party initiated.
  3. 如权利要求1所述的去中心化多方安全数据处理方法,其特征在于,所述从本地数据节点获取隐私数据,包括:The decentralized multi-party secure data processing method according to claim 1, wherein said obtaining private data from a local data node comprises:
    根据所述计算任务中携带的指定计算参数,向所述本地数据节点请求与所述指定计算参数对应的隐私数据。According to the specified calculation parameter carried in the calculation task, request the local data node for private data corresponding to the specified calculation parameter.
  4. 如权利要求1所述的去中心化多方安全数据处理方法,其特征在于,所述本地数据节点为预先注册的本地数据节点。The decentralized multi-party secure data processing method of claim 1, wherein the local data node is a pre-registered local data node.
  5. 如权利要求1所述的去中心化多方安全数据处理方法,其特征在于,还包括:The decentralized multi-party secure data processing method of claim 1, further comprising:
    预先加载目标虚拟机,以提供所述计算逻辑的运行时环境。The target virtual machine is preloaded to provide a runtime environment of the computing logic.
  6. 如权利要求5所述的去中心化多方安全数据处理方法,其特征在于,所述计算逻辑为字节码文件,且所述字节码文件对应的源代码为高级语言程序;The decentralized multi-party secure data processing method according to claim 5, wherein the calculation logic is a bytecode file, and the source code corresponding to the bytecode file is a high-level language program;
    相应的,在进行协同计算时,调用所述目标虚拟机的即时编译器,以将所述计算逻辑转换成可执行代码。Correspondingly, when performing collaborative calculations, the just-in-time compiler of the target virtual machine is invoked to convert the calculation logic into executable code.
  7. 一种计算节点,其特征在于,所述计算节点包括:A computing node, characterized in that the computing node includes:
    计算任务接收模块,用于接收区块链节点提供的计算任务;所述计算任务中携带合约标识及数据需求方的公钥,所述合约标识对应的隐私合约预先部署于所述区块链节点上;The calculation task receiving module is used to receive the calculation task provided by the blockchain node; the calculation task carries the contract identification and the public key of the data requester, and the privacy contract corresponding to the contract identification is pre-deployed on the blockchain node on;
    隐私数据获取模块,用于响应于所述计算任务,从本地数据节点获取隐私数据;A private data acquisition module, which is used to acquire private data from a local data node in response to the computing task;
    多方协同计算模块,用于基于所述隐私数据及所述隐私合约中约定的计算逻辑,与所述隐私合约中约定的其他计算节点进行协同计算,获得计算结果;以使所述隐私合约 中约定的计算节点之一,用所述公钥加密所述计算结果,并将密文计算结果上链至所述区块链节点。The multi-party collaborative calculation module is used to perform collaborative calculations with other computing nodes agreed in the privacy contract based on the privacy data and the calculation logic agreed in the privacy contract to obtain the calculation result; so that the privacy contract agreed One of the computing nodes of, encrypting the calculation result with the public key, and uploading the ciphertext calculation result to the blockchain node.
  8. 如权利要求7所述的计算节点,其特征在于,所述计算任务由所述区块链节点依据收到的计算交易请求生成,所述计算交易请求由所述数据需求方发起。8. The computing node of claim 7, wherein the computing task is generated by the blockchain node according to a received computing transaction request, and the computing transaction request is initiated by the data demander.
  9. 如权利要求7所述的计算节点,其特征在于,所述从本地数据节点获取隐私数据,包括:The computing node according to claim 7, wherein the obtaining private data from a local data node comprises:
    根据所述计算任务中携带的指定计算参数,向所述本地数据节点请求与所述指定计算参数对应的隐私数据。According to the specified calculation parameter carried in the calculation task, request the local data node for private data corresponding to the specified calculation parameter.
  10. 如权利要求7所述的计算节点,其特征在于,所述本地数据节点为预先注册的本地数据节点。8. The computing node of claim 7, wherein the local data node is a pre-registered local data node.
  11. 如权利要求7所述的计算节点,其特征在于,还包括:8. The computing node of claim 7, further comprising:
    虚拟机加载模块,用于预先加载目标虚拟机,以提供所述计算逻辑的运行时环境。The virtual machine loading module is used to preload the target virtual machine to provide the runtime environment of the computing logic.
  12. 如权利要求11所述的计算节点,其特征在于,所述计算逻辑为字节码文件,且所述字节码文件对应的源代码为高级语言程序;11. The computing node of claim 11, wherein the computing logic is a bytecode file, and the source code corresponding to the bytecode file is a high-level language program;
    相应的,所述多方协同计算模块在进行协同计算时,调用所述目标虚拟机的即时编译器,以将所述计算逻辑转换成可执行代码。Correspondingly, when the multi-party collaborative computing module performs collaborative computing, it calls the just-in-time compiler of the target virtual machine to convert the computing logic into executable code.
  13. 一种计算机存储介质,其上存储有计算机程序,其特征在于,所述计算机程序被处理器执行时实现以下步骤:A computer storage medium, on which a computer program is stored, characterized in that the following steps are implemented when the computer program is executed by a processor:
    接收区块链节点提供的计算任务;所述计算任务中携带合约标识及数据需求方的公钥,所述合约标识对应的隐私合约预先部署于所述区块链节点上;Receiving a computing task provided by a blockchain node; the computing task carries a contract identifier and the public key of the data requester, and the privacy contract corresponding to the contract identifier is pre-deployed on the blockchain node;
    响应于所述计算任务,从本地数据节点获取隐私数据;In response to the computing task, obtaining private data from a local data node;
    基于所述隐私数据及所述隐私合约中约定的计算逻辑,与所述隐私合约中约定的其他计算节点进行协同计算,获得计算结果;以使所述隐私合约中约定的计算节点之一,用所述公钥加密所述计算结果,并将密文计算结果上链至所述区块链节点。Based on the privacy data and the calculation logic agreed in the privacy contract, perform collaborative calculations with other computing nodes agreed in the privacy contract to obtain the calculation results; so that one of the calculation nodes agreed in the privacy contract is used The public key encrypts the calculation result, and uploads the ciphertext calculation result to the blockchain node.
  14. 一种去中心化多方安全数据处理方法,其特征在于,应用于分布式网络的任意一个区块链节点上,所述区块链节点上预先部署有至少一个隐私合约,所述方法包括:A decentralized multi-party secure data processing method, characterized in that it is applied to any blockchain node in a distributed network, at least one privacy contract is pre-deployed on the blockchain node, and the method includes:
    接收数据需求方发起的计算交易请求;所述计算交易请求中携带合约标识及所述数据需求方的公钥;Receiving a calculation transaction request initiated by a data requester; the calculation transaction request carries the contract identifier and the public key of the data requester;
    加载与所述合约标识对应的目标隐私合约;Load the target privacy contract corresponding to the contract identifier;
    向所述目标隐私合约中约定的计算节点发送计算任务;所述计算任务中携带合约标 识及数据需求方的公钥;Send a computing task to the computing node agreed in the target privacy contract; the computing task carries the contract identifier and the public key of the data requester;
    在收到所述目标隐私合约中约定的计算节点之一返回的密文计算结果时,将其保存至所述目标隐私合约中,所述密文计算结果用所述公钥加密。When receiving the ciphertext calculation result returned by one of the computing nodes agreed in the target privacy contract, save it in the target privacy contract, and the ciphertext calculation result is encrypted with the public key.
  15. 如权利要求14所述的去中心化多方安全数据处理方法,其特征在于,还包括:The method for decentralized multi-party secure data processing according to claim 14, characterized in that it further comprises:
    在收到所述数据需求方的计算结果查询请求时,向所述数据需求方提供所述密文计算结果。When receiving a calculation result query request from the data demander, the ciphertext calculation result is provided to the data demander.
  16. 一种区块链节点,其特征在于,所述区块链节点上预先部署有至少一个隐私合约,所述区块链节点包括:A block chain node, characterized in that at least one privacy contract is pre-deployed on the block chain node, and the block chain node includes:
    计算交易请求接收模块,用于接收数据需求方发起的计算交易请求;所述计算交易请求中携带合约标识及所述数据需求方的公钥;The calculation transaction request receiving module is used to receive the calculation transaction request initiated by the data demander; the calculation transaction request carries the contract identifier and the public key of the data demander;
    隐私合约加载模块,用于加载与所述合约标识对应的目标隐私合约;The privacy contract loading module is used to load the target privacy contract corresponding to the contract identifier;
    计算任务发送模块,用于向所述目标隐私合约中约定的计算节点发送计算任务;所述计算任务中携带合约标识及数据需求方的公钥;A computing task sending module is used to send a computing task to the computing node agreed in the target privacy contract; the computing task carries the contract identifier and the public key of the data requester;
    计算结果保存模块,用于在收到所述目标隐私合约中约定的计算节点之一返回的密文计算结果时,将其保存至所述目标隐私合约中,所述密文计算结果用所述公钥加密。The calculation result storage module is used to save the ciphertext calculation result returned by one of the computing nodes agreed in the target privacy contract in the target privacy contract, and use the ciphertext calculation result as the Public key encryption.
  17. 如权利要求16所述的区块链节点,其特征在于,还包括:The blockchain node of claim 16, further comprising:
    计算结果提供模块,用于在收到所述数据需求方的计算结果查询请求时,向所述数据需求方提供所述密文计算结果。The calculation result providing module is configured to provide the ciphertext calculation result to the data requester when the calculation result query request from the data requester is received.
  18. 一种计算机存储介质,其上存储有计算机程序,其特征在于,所述计算机程序应用于分布式网络的任意一个区块链节点上,所述区块链节点上预先部署有至少一个隐私合约,所述计算机程序被处理器执行时实现以下步骤:A computer storage medium having a computer program stored thereon, wherein the computer program is applied to any blockchain node of a distributed network, and at least one privacy contract is pre-deployed on the blockchain node, When the computer program is executed by the processor, the following steps are implemented:
    接收数据需求方发起的计算交易请求;所述计算交易请求中携带合约标识及所述数据需求方的公钥;Receiving a calculation transaction request initiated by a data requester; the calculation transaction request carries the contract identifier and the public key of the data requester;
    加载与所述合约标识对应的目标隐私合约;Load the target privacy contract corresponding to the contract identifier;
    向所述目标隐私合约中约定的计算节点发送计算任务;所述计算任务中携带合约标识及数据需求方的公钥;Sending a computing task to the computing node agreed in the target privacy contract; the computing task carries the contract identifier and the public key of the data requester;
    在收到所述目标隐私合约中约定的计算节点之一返回的密文计算结果时,将其保存至所述目标隐私合约中,所述密文计算结果用所述公钥加密。When receiving the ciphertext calculation result returned by one of the computing nodes agreed in the target privacy contract, save it in the target privacy contract, and the ciphertext calculation result is encrypted with the public key.
PCT/CN2019/083427 2019-04-19 2019-04-19 Decentralized secure multi-party data processing method and device, and storage medium WO2020211075A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2019/083427 WO2020211075A1 (en) 2019-04-19 2019-04-19 Decentralized secure multi-party data processing method and device, and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2019/083427 WO2020211075A1 (en) 2019-04-19 2019-04-19 Decentralized secure multi-party data processing method and device, and storage medium

Publications (1)

Publication Number Publication Date
WO2020211075A1 true WO2020211075A1 (en) 2020-10-22

Family

ID=72837978

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/083427 WO2020211075A1 (en) 2019-04-19 2019-04-19 Decentralized secure multi-party data processing method and device, and storage medium

Country Status (1)

Country Link
WO (1) WO2020211075A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112613076A (en) * 2021-01-22 2021-04-06 支付宝(杭州)信息技术有限公司 Privacy-protecting multi-party data processing method, device and system
CN114595483A (en) * 2022-05-10 2022-06-07 富算科技(上海)有限公司 Secure multi-party computing method and device, electronic equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108418680A (en) * 2017-09-05 2018-08-17 矩阵元技术(深圳)有限公司 A kind of block chain key recovery method, medium based on Secure computing technique
CN109241016A (en) * 2018-08-14 2019-01-18 阿里巴巴集团控股有限公司 Secure calculation method and device, electronic equipment
CN109255247A (en) * 2018-08-14 2019-01-22 阿里巴巴集团控股有限公司 Secure calculation method and device, electronic equipment
CN109359470A (en) * 2018-08-14 2019-02-19 阿里巴巴集团控股有限公司 Secure calculation method and device, electronic equipment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108418680A (en) * 2017-09-05 2018-08-17 矩阵元技术(深圳)有限公司 A kind of block chain key recovery method, medium based on Secure computing technique
CN109241016A (en) * 2018-08-14 2019-01-18 阿里巴巴集团控股有限公司 Secure calculation method and device, electronic equipment
CN109255247A (en) * 2018-08-14 2019-01-22 阿里巴巴集团控股有限公司 Secure calculation method and device, electronic equipment
CN109359470A (en) * 2018-08-14 2019-02-19 阿里巴巴集团控股有限公司 Secure calculation method and device, electronic equipment

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112613076A (en) * 2021-01-22 2021-04-06 支付宝(杭州)信息技术有限公司 Privacy-protecting multi-party data processing method, device and system
CN112613076B (en) * 2021-01-22 2021-10-01 支付宝(杭州)信息技术有限公司 Privacy-protecting multi-party data processing method, device and system
CN114595483A (en) * 2022-05-10 2022-06-07 富算科技(上海)有限公司 Secure multi-party computing method and device, electronic equipment and storage medium

Similar Documents

Publication Publication Date Title
JP6892513B2 (en) Off-chain smart contract service based on a reliable execution environment
US10693649B2 (en) Blockchain data processing methods, apparatuses, processing devices, and systems
KR102348768B1 (en) Blockchain Data Protection Using Homomorphic Encryption
CA3041160C (en) Blockchain data protection based on account note model with zero-knowledge proof
JP7012730B2 (en) Parallel execution of transactions in a blockchain network based on a smart contract whitelist
CN110520882B (en) Parallel execution of transactions in a blockchain network
CA3050600C (en) Blockchain data protection based on generic account model and homomorphic encryption
CN109831298B (en) Method for safely updating key in block chain, node and storage medium
EP3779848A1 (en) Blockchain-based transaction method and device, and remitting apparatus
CN110166442B (en) Data processing method and device based on block chain
US20190244195A1 (en) Blockchain system supporting public and private transactions under account models
AU2018347191B2 (en) Managing private transactions on blockchain networks based on workflow
CA3058227C (en) Preventing misrepresentation of input data by participants in a secure multi-party computation
WO2019072300A2 (en) Blockchain data protection based on generic account model and homomorphic encryption
EP3545483A2 (en) Blockchain data protection using homomorphic encryption
CN110162551B (en) Data processing method and device and electronic equipment
CN111475829A (en) Private data query method and device based on block chain account
CN111125727B (en) Confusion circuit generation method, prediction result determination method, device and electronic equipment
US11410081B2 (en) Machine learning with differently masked data in secure multi-party computing
CN110020856B (en) Method, node and storage medium for realizing mixed transaction in block chain
JP2020510906A (en) Smart contract whitelist
CN111131412B (en) Method, system, mobile terminal and cloud server for realizing 5G mobile terminal calculation
TW202103154A (en) Data processing method and apparatus, and electronic device
WO2019085677A1 (en) Garbled circuit-based data calculation method, apparatus, and device
WO2020211075A1 (en) Decentralized secure multi-party data processing method and device, and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19925311

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19925311

Country of ref document: EP

Kind code of ref document: A1