WO2021107408A1 - Leaderless blockchain consensus method and device therefor - Google Patents

Leaderless blockchain consensus method and device therefor Download PDF

Info

Publication number
WO2021107408A1
WO2021107408A1 PCT/KR2020/014398 KR2020014398W WO2021107408A1 WO 2021107408 A1 WO2021107408 A1 WO 2021107408A1 KR 2020014398 W KR2020014398 W KR 2020014398W WO 2021107408 A1 WO2021107408 A1 WO 2021107408A1
Authority
WO
WIPO (PCT)
Prior art keywords
block
node
signature
random value
valid
Prior art date
Application number
PCT/KR2020/014398
Other languages
French (fr)
Korean (ko)
Inventor
이춘화
임수양
산티아고 롤던카를로스
Original Assignee
한양대학교 산학협력단
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 한양대학교 산학협력단 filed Critical 한양대학교 산학협력단
Publication of WO2021107408A1 publication Critical patent/WO2021107408A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/24Key scheduling, i.e. generating round keys or sub-keys for block encryption

Definitions

  • the present invention relates to a leaderless blockchain consensus method and apparatus.
  • the present invention is a patent applied for as part of the information communication broadcasting research technology development project of the Ministry of Science and ICT, and related matters are as follows.
  • a blockchain is a list of records called blocks that are linked using encryption. Each block contains a cryptographic hash of the previous block, making the blockchain resistant to modification.
  • the blockchain is an open, decentralized ledger that enables efficient, verifiable, and permanent recording of transactions between two parties.
  • PoW Nakamoto Consensus
  • BoW Proof of Work
  • BFT Byzantine Fault Tolerance
  • PBFT pragmatic Byzantine Fault Tolerance
  • PBFT has excellent performance, Since it has message complexity, it has the disadvantage that it cannot be applied to several block chains of nodes.
  • the present invention is to provide a leaderless blockchain consensus method and apparatus.
  • Another object of the present invention is to provide a leaderless blockchain consensus method and apparatus in which each node can independently select the same block proposer in a single round.
  • the present invention provides even if the number of nodes increases It is to provide a leaderless blockchain consensus method and device that can enable blockchain consensus within.
  • a leaderless blockchain consensus method is provided.
  • (a) calculating a random value for the current round; (b) selecting a block proposal node using the calculated random value; (c) receiving a block generated from the block proposal node; and (d) verifying the received block and, if valid, adding a signature to the header of the block, and transmitting only the block header information to which the signature is added to another node. may be provided.
  • the random value for the current round may be calculated using the random value used in the previous round and the signature of the block generated in the previous round.
  • the method further comprises the step of receiving a shared signature added to the block header from other neighboring nodes, but adding the block to the block chain when a valid signature is greater than or equal to a security threshold by analyzing the shared signature It may further include the step of
  • the security threshold may be set to half of the total number of shard members.
  • Steps (a) to (d) are performed in one round, but may be independently performed at each node.
  • the method may include generating an empty block, signing it, and transmitting it to the other node.
  • step (d) when two valid blocks are received from the block proposal node, only one block is verified and signed, and the other block can be ignored.
  • a device capable of agreeing on a blockchain without a leader.
  • a memory for storing at least one instruction; a processor executing an instruction stored in the memory, the instruction comprising: (a) calculating a random value for a current round; (b) selecting a block proposal node using the calculated random value; (c) receiving a block generated from the block proposal node; and (d) after verifying the received block, if valid, adding a signature to the header of the block, and transmitting only the block header information to which the signature is added to another node may be provided.
  • each node can independently select the same block proposer in a single round.
  • the present invention provides even if the number of nodes increases It can enable blockchain consensus within the
  • FIG. 1 is a flowchart illustrating a branchless blockchain consensus method without a leader according to an embodiment of the present invention.
  • FIG. 2 is a diagram illustrating block verification pseudocode according to an embodiment of the present invention.
  • FIG. 3 is a diagram illustrating a method of selecting a block proposer in each node according to an embodiment of the present invention.
  • FIG. 4 is a diagram illustrating a pseudo code for a block consensus process according to an embodiment of the present invention.
  • FIG. 5 is a block diagram schematically illustrating the configuration of a node according to an embodiment of the present invention.
  • shard members each node independently generate random values in each round, and based on this, any one of the shard members can be independently selected as a block proposer.
  • the block can be added to the block chain as a valid consensus for all shard members.
  • a block is arbitrary data, even if there is no separate description. It goes without saying that data can also be transactional data, and the format of the data itself can vary widely.
  • FIG. 1 is a flowchart illustrating a branchless blockchain consensus method without a leader according to an embodiment of the present invention
  • FIG. 2 is a diagram illustrating block verification pseudocode according to an embodiment of the present invention
  • FIG. 3 is this It is a diagram illustrating a method of selecting a block proposer in each node according to an embodiment of the present invention
  • FIG. 4 is a diagram illustrating a pseudo code for a block consensus process according to an embodiment of the present invention.
  • each node 100 calculates a random value.
  • each node 100 recovers and knows the list of public keys for all shard members.
  • a block proposer is selected in one round, and after the signature and verification of the block generated by the block proposer is completed, it may be added to the block chain. This will be more clearly understood by the following description.
  • Each node 100 has a verification vector ( ) and a private key. , and t is defined as the security threshold.
  • m represents the size of each node (ie, shard member).
  • j represents the shard member index
  • the shared signature generated by the shard member (j) is and j can be verified.
  • each node has the list of public keys sorted from low to high according to the hash value of the public key after recovering the list of public keys of all shard members. .
  • each node 100 may calculate the random value of the current round based on the random value of the previous round. That is, each node 100 may calculate a random value by using the hash value of the random value used in the previous round.
  • each node 100 may calculate a random value to be used in the current round using Equation (2).
  • each node 100 may calculate the random value used in the previous round and the result (hash value) of applying the signature of the previous round to the hash function as a random value.
  • each node 100 selects a block proposer using the calculated random value.
  • each node 100 may select a block proposer using Equation 3 below.
  • mod() represents the remainder operator. That is, each node 100 may select a block proposer by performing a mod operation on a random value using the shard member size.
  • each node 100 calculates a random value by applying the same hash function with the same information and selects a block proposer with an index corresponding to the result of mod operation with the shard member size, the same result is derived (Fig. see 3).
  • each node 100 may independently calculate a random value without a separate interaction.
  • each node 100 since each node 100 already knows the shard member list, each node 100 can select the same block proposer based on the same random value.
  • each node 100 determines whether a valid block is received from the block proposer (block proposal node) within the block waiting time.
  • each node 100 signs the empty block and then erases the block wait time stamp.
  • each node 100 may select a block proposer according to the same operation result. Accordingly, each node 100 already knows information about the selected block proposer.
  • a generation point that is a random number ( ) is set as the random value of the round. In other words, It is assumed that is information of the block proposer.
  • Each node can sign the message using the shared private key after applying the message to the hash function. If this is expressed as an equation, it is the same as in equation (4).
  • Each node (shard member) has a public key ( ), so use it to sign ( ) can be verified. If this is expressed as an equation, it is as in Equation 5.
  • the signature included in the block header received from the block proposer (the signature of the block proposer) and Each node can verify the validity of the block received from the block proposer by judging whether the result derived by applying , the result of each node hashing the message and the result of applying the public key to the verification function are the same.
  • Each node receives t different signatures based on “Lagrage interpolaton” for signature sharing, and can recover the aggregated signatures in the current round. If this is expressed as an equation, it is expressed as equation (6).
  • the result of the aggregated signature is unique. Accordingly, the aggregated signature can be verified using the public key.
  • Equation (7) This can be expressed as Equation (7).
  • each node 100 verifies the block, adds a signature to the block header, and transmits it to a neighboring node.
  • the block proposer (block proposal node) selected by each node creates a block by inserting the block proposer's signature into the block header using the gossip protocol in the Bitcoin P2P network.
  • Any node 100 may receive a block generated from a block proposer (block proposal node).
  • block proposal node the block proposer's signature may be included in the header.
  • the node receiving the block from the block proposer can verify the signature included in the block using the verification vector and the random value (bpp). That is, when a block is received, an honest node can check the validity of the block, including the block proposer's index, a pointer to the previous block, and a list of transactions.
  • each node 100 determines whether a majority consensus on blocks received from the block proposer is completed.
  • each node 100 After verifying the block, each node 100 adds a signature to the block header, and does not randomly transmit it. However, each node 100 shares the block header signature with the neighboring nodes and receives the signature list from the neighboring nodes.
  • each node can transmit the signature list to all neighboring nodes after adding the signature to a list (referred to as a signature list for convenience) when a signature is shared from a neighboring node. That is, when any node receives a signature list from a neighboring node, the signature list may be updated and then transmitted again.
  • a signature list for convenience
  • honest nodes can share more than t signatures from honest shard members (nodes).
  • each node 100 adds a block to the block chain.
  • each node 100 signs an empty block and then resets the time stamp of the signature waiting time.
  • the pseudo code for block verification is shown in FIG. 2 .
  • connection bandwidth between each node is limited to 20Mbps, and the latency of all communication links is 100ms.
  • Each node has 12 neighbors, adding a signature to the block, sending the block along with the description.
  • time Honest nodes within can receive signatures and blocks from other honest nodes.
  • An honest node can restore signatures as a group signature. Time to send group signature becomes Therefore, all 2 time is needed
  • a message can be received from the entire network after about 12 to 15 hops, with a latency of 100 ms on all communication links. It can be seen that it takes about 3 seconds for the block to be agreed upon.
  • each node should be understood as a device constituting a shard network, and may be a computing device having computational power and communication capability.
  • the node 100 includes a communication unit 510 , a memory 515 , and a processor 520 .
  • the communication unit 510 is a means for transmitting and receiving data with other devices (eg, other nodes) through a communication network.
  • the communication unit 510 may receive a block from another node, a block header including a signature, and the like.
  • the communication unit 510 may transmit a block header including its own signature to another node under the control of the processor 520 .
  • the memory 515 stores at least one instruction (program code) necessary to perform the leaderless branchless blockchain consensus method.
  • the processor 520 is a means for controlling components (eg, the communication unit 510 , the memory 515 , etc.) of each node according to an embodiment of the present invention.
  • the instruction executed by the processor 520 may perform each step for the leaderless branchless blockchain consensus method described with reference to FIGS. 1 to 4 .
  • the apparatus and method according to an embodiment of the present invention may be implemented in the form of program instructions that can be executed through various computer means and recorded in a computer-readable medium.
  • the computer-readable medium may include program instructions, data files, data structures, and the like, alone or in combination.
  • the program instructions recorded on the computer readable medium may be specially designed and configured for the present invention, or may be known and available to those skilled in the computer software field.
  • Examples of the computer-readable recording medium include magnetic media such as hard disks, floppy disks and magnetic tapes, optical media such as CD-ROMs and DVDs, and magnetic media such as floppy disks.
  • Examples of program instructions include not only machine language codes such as those generated by a compiler, but also high-level language codes that can be executed by a computer using an interpreter or the like.
  • the hardware devices described above may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

A leaderless blockchain consensus method and a device therefor are disclosed. A leaderless blockchain consensus method comprises the steps of: (a) calculating a random value for a current round; (b) selecting a block proposal node by using the calculated random value; (c) receiving a block generated from the block proposal node; and, (d) after verifying the received block, adding a signature to the header of the block if valid, and transmitting, to another node, only the block header information to which the signature is added.

Description

리더가 없는 블록 체인 합의 방법 및 그 장치Leaderless blockchain consensus method and its device
본 발명은 리더가 없는 블록 체인 합의 방법 및 그 장치에 관한 것이다. The present invention relates to a leaderless blockchain consensus method and apparatus.
본 발명은 과학기술정보통신부의 정보통신방송 연구기술개발사업 일환으로 출원된 특허이며, 관련 사항은 아래와 같다.The present invention is a patent applied for as part of the information communication broadcasting research technology development project of the Ministry of Science and ICT, and related matters are as follows.
관련 사항 Related
연구 사업명: 한국연구재단 부설 정보통신기획평가원 / 정보통신방송 연구개발사업 / 블록체인융합기술개발사업(이지바로)Research project name: Information and Communication Planning and Evaluation Institute affiliated with the National Research Foundation of Korea / Information and Communication Broadcasting R&D Project / Blockchain Convergence Technology Development Project (Easybaro)
부처명: 과학기술정보통신부Department name: Ministry of Science and Technology Information and Communication
연구관리전문기관: 정보통신기획평가원Research management institution: Information and Communication Planning and Evaluation Institute
연구 과제명: 블록체인 확장성 개선을 위한 위임형 비잔틴 합의 알고리즘 개발과 검증Research project name: Delegated Byzantine consensus algorithm development and verification for blockchain scalability improvement
연구기관(주관기관): 한양대학교 산학협력단Research institution (hosted institution): Hanyang University Industry-Academic Cooperation Foundation
과제고유번호: 2019-0-00458-001Assignment identification number: 2019-0-00458-001
연구기간: 2019.04.01 ~ 2020.12.31 Research period: 2019.04.01 ~ 2020.12.31
블록 체인은 암호화를 사용하여 연결되는 블록이라고 하는 레코드 목록이다. 각 블록에는 이전 블록의 암호화 해시가 포함되어있어 블록 체인이 수정에 내성을 가지며, 설계 상 블록 체인은 개방적이고 분산 된 원장으로, 두 당사자 간의 거래를 효율적이고 검증 가능하고 영구적으로 기록 할 수 있다. A blockchain is a list of records called blocks that are linked using encryption. Each block contains a cryptographic hash of the previous block, making the blockchain resistant to modification. By design, the blockchain is an open, decentralized ledger that enables efficient, verifiable, and permanent recording of transactions between two parties.
블록을 블록 체인에 기록하려면 네트워크 다수의 합의를 필요로 한다. 종래의 합의 프로토콜은 주로 두 가지가 이용되고 있다. Writing a block to the blockchain requires the consensus of the majority of the network. Two conventional consensus protocols are mainly used.
첫번째, Nakamoto Consensus 또는 작업 증명(PoW)이다. PoW는 높은 노드 확장 성을 가지나 지연 시간과 처리량이 좋지 않은 단점이 있다. Nakamoto Consensus의 단점을 해결하기 위해, 비잔틴 내결함성(BFT) 프로토콜과 같은 고전적인 컨센서스 프로토콜의 가능성을 모색했다. 실용적 비잔틴 결함 허용(PBFT) 프로토콜은 약한 동기 환경에서 작동하는 Byzantine General's 문제를 해결하기에 효율적인 솔루션이다. The first is Nakamoto Consensus, or Proof of Work (PoW). PoW has high node scalability, but has disadvantages in terms of latency and throughput. To solve the shortcomings of Nakamoto Consensus, we explored the possibility of classical consensus protocols such as Byzantine Fault Tolerance (BFT) protocols. The pragmatic Byzantine Fault Tolerance (PBFT) protocol is an efficient solution to the Byzantine General's problem of operating in a weakly synchronous environment.
그러나, PBFT은 성능은 우수하지만
Figure PCTKR2020014398-appb-I000001
메시지 복잡도를 가지므로 노드의 수개 많은 블록 체인으로 적용할 수 없는 단점을 가지고 있다. However, PBFT has excellent performance,
Figure PCTKR2020014398-appb-I000001
Since it has message complexity, it has the disadvantage that it cannot be applied to several block chains of nodes.
본 발명은 리더가 없는 블록 체인 합의 방법 및 그 장치를 제공하기 위한 것이다. The present invention is to provide a leaderless blockchain consensus method and apparatus.
또한, 본 발명은 각 노드가 싱글 라운드에서 독립적으로 동일한 블록 제안자를 선택할 수 있는 리더가 없는 블록 체인 합의 방법 및 그 장치를 제공하기 위한 것이다. Another object of the present invention is to provide a leaderless blockchain consensus method and apparatus in which each node can independently select the same block proposer in a single round.
또한, 본 발명은 노드 수가 증가하더라도
Figure PCTKR2020014398-appb-I000002
내에 블록 체인 합의가 가능하도록 할 수 있는 리더가 없는 블록 체인 합의 방법 및 그 장치를 제공하기 위한 것이다. In addition, the present invention provides even if the number of nodes increases
Figure PCTKR2020014398-appb-I000002
It is to provide a leaderless blockchain consensus method and device that can enable blockchain consensus within.
본 발명의 일 측면에 따르면, 리더가 없는 블록 체인 합의 방법이 제공된다. According to one aspect of the present invention, a leaderless blockchain consensus method is provided.
본 발명의 일 실시예에 따르면, (a) 현재 라운드에 대한 랜덤값을 계산하는 단계; (b) 상기 계산된 랜덤값을 이용하여 블록 제안 노드를 선택하는 단계; (c) 상기 블록 제안 노드로부터 생성된 블록을 수신하는 단계; 및 (d) 상기 수신된 블록을 검증한 후 유효한 경우 상기 블록의 헤더에 서명을 추가하고, 상기 서명이 추가된 블록 헤더 정보만 다른 노드로 전송하는 단계를 포함하는 리더가 없는 블록 체인 합의 방법이 제공될 수 있다. According to an embodiment of the present invention, (a) calculating a random value for the current round; (b) selecting a block proposal node using the calculated random value; (c) receiving a block generated from the block proposal node; and (d) verifying the received block and, if valid, adding a signature to the header of the block, and transmitting only the block header information to which the signature is added to another node. may be provided.
상기 현재 라운드에 대한 랜덤값은, 이전 라운드에서 이용된 랜덤값과 이전 라운드에서 생성된 블록의 서명을 이용하여 계산될 수 있다. The random value for the current round may be calculated using the random value used in the previous round and the signature of the block generated in the previous round.
상기 (d) 단계 이후에, 이웃한 다른 노드로부터 상기 블록 헤더에 추가된 서명을 공유받는 단계를 더 포함하되, 상기 공유된 서명을 분석하여 유효한 서명이 보안 임계치 이상인 경우 상기 블록을 블록 체인에 추가하는 단계를 더 포함할 수 있다. After step (d), the method further comprises the step of receiving a shared signature added to the block header from other neighboring nodes, but adding the block to the block chain when a valid signature is greater than or equal to a security threshold by analyzing the shared signature It may further include the step of
상기 보안 임계치는, 전체 샤드 구성원 수의 절반으로 설정될 수 있다. The security threshold may be set to half of the total number of shard members.
상기 (a) 단계 내지 상기 (d) 단계는 하나의 라운드에서 수행되되, 각각의 노드에서 독립적으로 수행될 수 있다. Steps (a) to (d) are performed in one round, but may be independently performed at each node.
블록 대기 시간 동안 상기 블록 제안 노드로부터 유효한 블록이 수신되지 않는 경우, 빈 블록을 생성하여 서명한 후 상기 다른 노드로 전송하는 단계를 포함할 수 있다. When a valid block is not received from the block proposal node during the block waiting time, the method may include generating an empty block, signing it, and transmitting it to the other node.
상기 (d) 단계에서, 상기 블록 제안 노드로부터 두개의 유효한 블록이 수신되는 경우, 하나의 블록만 검증하여 서명하고, 다른 블록은 무시할 수 있다. In step (d), when two valid blocks are received from the block proposal node, only one block is verified and signed, and the other block can be ignored.
본 발명의 다른 측면에 따르면, 리더 없이 블록 체인에 합의할 수 있는 장치가 제공된다. According to another aspect of the present invention, there is provided a device capable of agreeing on a blockchain without a leader.
본 발명의 일 실시예에 따르면, 적어도 하나의 명령어를 저장하는 메모리; 상기 메모리에 저장된 명령어를 실행하는 프로세서를 포함하되, 상기 명령어는, (a) 현재 라운드에 대한 랜덤값을 계산하는 단계; (b) 상기 계산된 랜덤값을 이용하여 블록 제안 노드를 선택하는 단계; (c) 상기 블록 제안 노드로부터 생성된 블록을 수신하는 단계; 및 (d) 상기 수신된 블록을 검증한 후 유효한 경우 상기 블록의 헤더에 서명을 추가하고, 상기 서명이 추가된 블록 헤더 정보만 다른 노드로 전송하는 단계를 수행하는 노드가 제공될 수 있다. According to an embodiment of the present invention, a memory for storing at least one instruction; a processor executing an instruction stored in the memory, the instruction comprising: (a) calculating a random value for a current round; (b) selecting a block proposal node using the calculated random value; (c) receiving a block generated from the block proposal node; and (d) after verifying the received block, if valid, adding a signature to the header of the block, and transmitting only the block header information to which the signature is added to another node may be provided.
본 발명의 일 실시예에 따른 리더가 없는 블록 체인 합의 방법 및 그 장치를 제공함으로써, 각 노드가 싱글 라운드에서 독립적으로 동일한 블록 제안자를 선택할 수 있다. By providing a leaderless blockchain consensus method and apparatus according to an embodiment of the present invention, each node can independently select the same block proposer in a single round.
또한, 본 발명은 노드 수가 증가하더라도
Figure PCTKR2020014398-appb-I000003
내에 블록 체인 합의가 가능하도록 할 수 있다. In addition, the present invention provides even if the number of nodes increases
Figure PCTKR2020014398-appb-I000003
It can enable blockchain consensus within the
도 1은 본 발명의 일 실시예에 따른 리더가 없는 무분기 블록체인 합의 방법을 나타낸 순서도.1 is a flowchart illustrating a branchless blockchain consensus method without a leader according to an embodiment of the present invention.
도 2는 본 발명의 일 실시에에 따른 블록 검증 의사코드를 예시한 도면.2 is a diagram illustrating block verification pseudocode according to an embodiment of the present invention;
도 3은 본 발명의 일 실시예에 따른 각 노드에서 블록 제안자를 선정하는 방법을 설명하기 위해 도시한 도면.3 is a diagram illustrating a method of selecting a block proposer in each node according to an embodiment of the present invention.
도 4는 본 발명의 일 실시예에 따른 블록 합의 과정에 대한 의사 코드를 예시한 도면.4 is a diagram illustrating a pseudo code for a block consensus process according to an embodiment of the present invention.
도 5는 본 발명의 일 실시예에 따른 노드의 구성을 개략적으로 도시한 블록도.5 is a block diagram schematically illustrating the configuration of a node according to an embodiment of the present invention.
본 명세서에서 사용되는 단수의 표현은 문맥상 명백하게 다르게 뜻하지 않는 한, 복수의 표현을 포함한다. 본 명세서에서, "구성된다" 또는 "포함한다" 등의 용어는 명세서상에 기재된 여러 구성 요소들, 또는 여러 단계들을 반드시 모두 포함하는 것으로 해석되지 않아야 하며, 그 중 일부 구성 요소들 또는 일부 단계들은 포함되지 않을 수도 있고, 또는 추가적인 구성 요소 또는 단계들을 더 포함할 수 있는 것으로 해석되어야 한다. 또한, 명세서에 기재된 "...부", "모듈" 등의 용어는 적어도 하나의 기능이나 동작을 처리하는 단위를 의미하며, 이는 하드웨어 또는 소프트웨어로 구현되거나 하드웨어와 소프트웨어의 결합으로 구현될 수 있다.As used herein, the singular expression includes the plural expression unless the context clearly dictates otherwise. In this specification, terms such as “consisting of” or “comprising” should not be construed as necessarily including all of the various components or various steps described in the specification, some of which components or some steps are It should be construed that it may not include, or may further include additional components or steps. In addition, terms such as "...unit" and "module" described in the specification mean a unit that processes at least one function or operation, which may be implemented as hardware or software, or a combination of hardware and software. .
본 발명은 리더가 없이 샤드 구성원(각 노드)가 독립적으로 각 라운드에서의 랜덤값을 생성한 후 이를 기반으로 샤드 구성원 중 어느 하나를 독립적으로 블록 제안자로 선정할 수 있다. 또한, 본 발명은 블록 제안자에 의해 생성된 유효 블록에 대해 샤드 구성원(노드) 중 보안 임계치 이상 서명하는 경우 이에 대해 샤드 구성원 전체에 대한 유효한 합의로 간주하여 블록을 블록 체인에 추가하도록 할 수 있다. 또한, 이하에서는 별도의 설명이 없더라도 블록은 임의의 데이터인 것으로 이해되어야 할 것이다. 데이터는 트랜잭션 데이터일 수도 있으며 데이터의 형식 자체는 매우 다양할 수 있음은 당연하다. In the present invention, without a leader, shard members (each node) independently generate random values in each round, and based on this, any one of the shard members can be independently selected as a block proposer. In addition, in the present invention, if a valid block generated by a block proposer is signed by a shard member (node) above the security threshold, the block can be added to the block chain as a valid consensus for all shard members. In the following, it should be understood that a block is arbitrary data, even if there is no separate description. It goes without saying that data can also be transactional data, and the format of the data itself can vary widely.
이하, 첨부된 도면들을 참조하여 본 발명의 실시예를 상세히 설명한다. Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings.
도 1은 본 발명의 일 실시예에 따른 리더가 없는 무분기 블록체인 합의 방법을 나타낸 순서도이고, 도 2는 본 발명의 일 실시에에 따른 블록 검증 의사코드를 예시한 도면이고, 도 3은 본 발명의 일 실시예에 따른 각 노드에서 블록 제안자를 선정하는 방법을 설명하기 위해 도시한 도면이며, 도 4는 본 발명의 일 실시예에 따른 블록 합의 과정에 대한 의사 코드를 예시한 도면이다. 1 is a flowchart illustrating a branchless blockchain consensus method without a leader according to an embodiment of the present invention, FIG. 2 is a diagram illustrating block verification pseudocode according to an embodiment of the present invention, and FIG. 3 is this It is a diagram illustrating a method of selecting a block proposer in each node according to an embodiment of the present invention, and FIG. 4 is a diagram illustrating a pseudo code for a block consensus process according to an embodiment of the present invention.
단계 110에서 각 노드(100)는 랜덤값을 계산한다. In step 110, each node 100 calculates a random value.
우선, 이해와 설명의 편의를 도모하기 위해, 각 노드(100)는 모든 샤드 구성원에 대한 공개키 목록을 복구하여 알고 있는 것을 가정하기로 한다. First, for convenience of understanding and explanation, it is assumed that each node 100 recovers and knows the list of public keys for all shard members.
이에 대해 우선 간략히 설명하기로 한다. This will first be briefly described.
본 발명의 일 실시예에서는 한 라운드에서 블록 제안자가 선택되며, 블록 제안자에 의해 생성된 블록에 대한 서명 및 검증이 완료된 후 블록 체인에 추가될 수 있다. 이에 대해서는 하기의 설명에 의해 보다 명확히 이해될 것이다. In one embodiment of the present invention, a block proposer is selected in one round, and after the signature and verification of the block generated by the block proposer is completed, it may be added to the block chain. This will be more clearly understood by the following description.
각각의 노드(100)는 당해 각 샤드 멤버에 대한 검증 벡터(
Figure PCTKR2020014398-appb-I000004
)와 개인키를 가지고 있는 것을 가정하기로 한다.
Figure PCTKR2020014398-appb-I000005
이며, t는 보안 임계치라고 정의하기로 한다. Each node 100 has a verification vector (
Figure PCTKR2020014398-appb-I000004
) and a private key.
Figure PCTKR2020014398-appb-I000005
, and t is defined as the security threshold.
또한, Joint-Feldman DKG 프로토콜에 따라,
Figure PCTKR2020014398-appb-I000006
로 설정되는 것을 가정하기로 한다. 또한, m은 각 노드(즉, 샤드 구성원)의 크기(size)를 나타낸다. In addition, according to the Joint-Feldman DKG protocol,
Figure PCTKR2020014398-appb-I000006
Assume that it is set to . Also, m represents the size of each node (ie, shard member).
공개키는
Figure PCTKR2020014398-appb-I000007
인 것을 가정하기로 하며,
Figure PCTKR2020014398-appb-I000008
는 서명 검증을 위해 이용될 수 있다. 각 노드(샤드 멤버)의 개인키에 대응하는 공개키(
Figure PCTKR2020014398-appb-I000009
)는 수학식 1에 의해 복구될 수 있다. the public key
Figure PCTKR2020014398-appb-I000007
It is assumed that
Figure PCTKR2020014398-appb-I000008
can be used for signature verification. The public key corresponding to the private key of each node (shard member) (
Figure PCTKR2020014398-appb-I000009
) can be recovered by Equation (1).
Figure PCTKR2020014398-appb-M000001
Figure PCTKR2020014398-appb-M000001
여기서, j는 샤드 멤버 인덱스를 나타내고, 샤드 멤버(j)에 의해 생성된 공유된 서명은
Figure PCTKR2020014398-appb-I000010
와 j에 의해 검증될 수 있다. Here, j represents the shard member index, and the shared signature generated by the shard member (j) is
Figure PCTKR2020014398-appb-I000010
and j can be verified.
이에 따라, 본 발명의 일 실시예에서는 각 노드가 모든 샤드 구성원의 공개 키 목록을 복구 한 후 공개 키의 해시 값에 따라 낮은 순서에서 높은 순서로 공개키 목록을 정렬하여 가지고 있는 것을 가정하기로 한다. Accordingly, in one embodiment of the present invention, it is assumed that each node has the list of public keys sorted from low to high according to the hash value of the public key after recovering the list of public keys of all shard members. .
따라서, 각 노드(100)는 이전 라운드의 랜덤값에 기초하여 현재 라운드의 랜덤값을 계산할 수 있다. 즉, 각각의 노드(100)는 이전 라운드에서 사용된 랜덤값의 해쉬값을 이용하여 랜덤값을 계산할 수 있다. Accordingly, each node 100 may calculate the random value of the current round based on the random value of the previous round. That is, each node 100 may calculate a random value by using the hash value of the random value used in the previous round.
예를 들어, 각 노드(100)는 수학식 2를 이용하여 현재 라운드에서 이용될 랜덤값을 계산할 수 있다. For example, each node 100 may calculate a random value to be used in the current round using Equation (2).
Figure PCTKR2020014398-appb-M000002
Figure PCTKR2020014398-appb-M000002
여기서,
Figure PCTKR2020014398-appb-I000011
는 이전 라운드에서 사용된 랜덤값을 나타내고,
Figure PCTKR2020014398-appb-I000012
는 이전 라운드에서 생성된 블록의 서명을 나타낸다. here,
Figure PCTKR2020014398-appb-I000011
represents the random value used in the previous round,
Figure PCTKR2020014398-appb-I000012
represents the signature of the block generated in the previous round.
따라서, 각 노드(100)는 이전 라운드에서 사용된 랜덤값과 이전 라운드의 서명을 해쉬 함수에 적용한 결과(해시값)을 랜덤값으로 계산할 수 있다.Accordingly, each node 100 may calculate the random value used in the previous round and the result (hash value) of applying the signature of the previous round to the hash function as a random value.
단계 115에서 각 노드(100)는 계산된 랜덤값을 이용하여 블록 제안자를 선택한다. In step 115, each node 100 selects a block proposer using the calculated random value.
예를 들어, 각 노드(100)는 하기 수학식 3을 이용하여 블록 제안자를 선택할 수 있다. For example, each node 100 may select a block proposer using Equation 3 below.
Figure PCTKR2020014398-appb-M000003
Figure PCTKR2020014398-appb-M000003
여기서, mod()는 나머지 연산자를 나타낸다. 즉, 각 노드(100)는 랜덤값을 샤드 구성원 사이즈를 이용하여 mod 연산하여 블록 제안자를 선택할 수 있다. Here, mod() represents the remainder operator. That is, each node 100 may select a block proposer by performing a mod operation on a random value using the shard member size.
각각의 노드(100)는 동일한 정보로 동일한 해시 함수를 적용하여 랜덤값을 계산한 후 이를 샤드 구성원 사이즈로 mod 연산한 결과에 해당하는 인덱스로 블록 제안자를 선택하기 때문에 동일한 결과를 도출하게 된다(도 3 참조).Since each node 100 calculates a random value by applying the same hash function with the same information and selects a block proposer with an index corresponding to the result of mod operation with the shard member size, the same result is derived (Fig. see 3).
다시 정리하면, 이전 라운드에서 사용된 랜덤값과 이전 라운드의 마지막 유효 블록의 샤드 구성원의 서명은 모든 노드에게 알려져 있다. 따라서, 각 노드(100)는 별도의 인터랙션 없이 독립적으로 랜덤값을 각각 계산할 수 있다. 또한, 샤드 멤버 리스트는 이미 각 노드(100)가 알고 있으므로, 각 노드(100)는 동일한 랜덤값을 기반으로 동일한 블록 제안자를 선택할 수 있다. To recap, the random value used in the previous round and the signature of the shard member of the last valid block in the previous round are known to all nodes. Accordingly, each node 100 may independently calculate a random value without a separate interaction. In addition, since each node 100 already knows the shard member list, each node 100 can select the same block proposer based on the same random value.
단계 120에서 각 노드(100)는 블록 대기 시간 이내에 블록 제안자(블록 제안 노드)로부터 유효한 블록이 수신되었는지 여부를 판단한다. In step 120, each node 100 determines whether a valid block is received from the block proposer (block proposal node) within the block waiting time.
블록 대기 시간 동안 유효한 블록이 수신되지 않으면, 단계 125에서 각 노드(100)는 빈 블록에 서명한 후 블록 대기 타임 스탬프를 소거한다. If a valid block is not received during the block wait time, in step 125, each node 100 signs the empty block and then erases the block wait time stamp.
이해와 설명의 편의를 도모하기 위해, 블록을 검증하고, 서명하는 등의 방법에 대해 우선 설명하기로 한다. 이미 전술한 바와 같이, 각 노드(100)는 동일한 연산 결과에 따라 블록 제안자를 선택할 수 있다. 따라서, 각 노드(100)는 선택된 블록 제안자에 대한 정보를 이미 알고 있다. For convenience of understanding and explanation, methods such as verifying and signing a block will be first described. As already described above, each node 100 may select a block proposer according to the same operation result. Accordingly, each node 100 already knows information about the selected block proposer.
두개의 순환 그룹
Figure PCTKR2020014398-appb-I000013
Figure PCTKR2020014398-appb-I000014
를 우선 가정하기로 한다. 여기서,
Figure PCTKR2020014398-appb-I000015
는 이중선형 매핑 함수이다. 공개키는
Figure PCTKR2020014398-appb-I000016
의 엘리먼트이며, 서명은
Figure PCTKR2020014398-appb-I000017
의 엘리먼트인 것을 가정하기로 한다. two cycle groups
Figure PCTKR2020014398-appb-I000013
and
Figure PCTKR2020014398-appb-I000014
is to be assumed first. here,
Figure PCTKR2020014398-appb-I000015
is a bilinear mapping function. the public key
Figure PCTKR2020014398-appb-I000016
is an element of , and the signature is
Figure PCTKR2020014398-appb-I000017
Assume that it is an element of .
임의의 난수(random number)인 생성 포인트(
Figure PCTKR2020014398-appb-I000018
)를 해당 라운드의 랜덤값으로 설정하기로 한다. 즉,
Figure PCTKR2020014398-appb-I000019
가 블록 제안자의 정보인 것으로 가정하기로 한다. A generation point that is a random number (
Figure PCTKR2020014398-appb-I000018
) is set as the random value of the round. In other words,
Figure PCTKR2020014398-appb-I000019
It is assumed that is information of the block proposer.
이미 전술한 바와 같이, 샤드 구성원들은 DKG 실행에 의해 자신의 개인키(
Figure PCTKR2020014398-appb-I000020
), 검증 벡터(
Figure PCTKR2020014398-appb-I000021
) 및 공개키(
Figure PCTKR2020014398-appb-I000022
)를 가지고 있는 것을 가정하기로 한다. As already mentioned above, shard members use their own private key (
Figure PCTKR2020014398-appb-I000020
), the validation vector (
Figure PCTKR2020014398-appb-I000021
) and public key (
Figure PCTKR2020014398-appb-I000022
) is assumed to have
각각의 노드는 메시지를 해시 함수에 적용한 후 공유된 개인키를 이용하여 서명할 수 있다. 이를 수학식으로 나타내면 수학식 4와 같다. Each node can sign the message using the shared private key after applying the message to the hash function. If this is expressed as an equation, it is the same as in equation (4).
Figure PCTKR2020014398-appb-M000004
Figure PCTKR2020014398-appb-M000004
각각의 노드(샤드 구성원)은 각자 개인키에 대응하는 공개키(
Figure PCTKR2020014398-appb-I000023
)를 가지고 있으므로, 이를 이용하여 서명(
Figure PCTKR2020014398-appb-I000024
)을 검증할 수 있다. 이를 수학식으로 나타내면, 수학식 5와 같다. Each node (shard member) has a public key (
Figure PCTKR2020014398-appb-I000023
), so use it to sign (
Figure PCTKR2020014398-appb-I000024
) can be verified. If this is expressed as an equation, it is as in Equation 5.
Figure PCTKR2020014398-appb-M000005
Figure PCTKR2020014398-appb-M000005
예를 들어, 검증 함수에 블록 제안자로부터 수신한 블록 헤더에 포함된 서명(블록 제안자의 서명)과
Figure PCTKR2020014398-appb-I000025
를 적용하여 도출된 결과와 각 노드가 메시지를 해시한 결과와 공개키를 검증 함수에 적용한 결과가 동일한지 여부를 판단하여 각 노드는 블록 제안자로부터 수신한 블록의 유효성을 검증할 수 있다.For example, in the verification function, the signature included in the block header received from the block proposer (the signature of the block proposer) and
Figure PCTKR2020014398-appb-I000025
Each node can verify the validity of the block received from the block proposer by judging whether the result derived by applying , the result of each node hashing the message and the result of applying the public key to the verification function are the same.
각각의 노드(샤드 구성운)은 서명 공유에 대해 "Lagrage interpolaton"을 기반으로 t개의 다른 서명을 수신하고, 현재 라운드에서 집계된 서명을 복구할 수 있다. 이를 수학식으로 나타내면, 나타내면 수학식 6과 같다. Each node (shard constituency) receives t different signatures based on “Lagrage interpolaton” for signature sharing, and can recover the aggregated signatures in the current round. If this is expressed as an equation, it is expressed as equation (6).
Figure PCTKR2020014398-appb-M000006
Figure PCTKR2020014398-appb-M000006
"Lagrage interpolaton"의 속성에 따라 집계된 서명의 결과는 고유(unique)하다. 따라서, 공개키를 이용하여 집계된 서명이 검증될 수 있다. According to the property of "Lagrage interpolaton", the result of the aggregated signature is unique. Accordingly, the aggregated signature can be verified using the public key.
이를 수학식으로 나타내면 수학식 7과 같다. This can be expressed as Equation (7).
Figure PCTKR2020014398-appb-M000007
Figure PCTKR2020014398-appb-M000007
블록 대기 시간 동안 유효한 블록이 수신되면, 단계 130에서 각 노드(100)는 블록을 검증하고, 블록 헤더에 서명을 추가한 후 이웃 노드에게 전송한다. When a valid block is received during the block waiting time, in step 130, each node 100 verifies the block, adds a signature to the block header, and transmits it to a neighboring node.
각 노드에 의해 선택된 블록 제안자(블록 제안 노드)는 비트코인 P2P 네트워크에서 가쉽 프로토콜을 사용하여 블록 헤더에 블록 제안자의 서명을 삽입하여 블록을 생성한다. The block proposer (block proposal node) selected by each node creates a block by inserting the block proposer's signature into the block header using the gossip protocol in the Bitcoin P2P network.
임의의 노드(100)가 블록 제안자(블록 제안 노드)로부터 생성된 블록을 수신할 수 있다. 여기서, 블록은 블록 제안자의 서명이 헤더에 포함될 수 있다. Any node 100 may receive a block generated from a block proposer (block proposal node). Here, for the block, the block proposer's signature may be included in the header.
블록 제안자로부터 블록을 수신한 노드는 검증 벡터와 랜덤값(bpp)을 이용하여 블록에 포함된 서명을 검증할 수 있다. 즉, 블록이 수신되면 정직한 노드는 블록 제안자의 인덱스, 이전 블록에 대한 포인터 및 트랜잭션 리스트를 포함하여 블록의 유효성을 체크할 수 있다. The node receiving the block from the block proposer can verify the signature included in the block using the verification vector and the random value (bpp). That is, when a block is received, an honest node can check the validity of the block, including the block proposer's index, a pointer to the previous block, and a list of transactions.
단계 135에서 각 노드(100)는 블록 제안자로부터 수신된 블록에 대한 과반 이상의 합의가 완료되었는지 여부를 판단한다. In step 135, each node 100 determines whether a majority consensus on blocks received from the block proposer is completed.
각 노드(100)는 블록을 검증한 후 블록 헤더에 서명을 추가하고, 이를 무작위로 전송하지 않는다. 다만, 각 노드(100)는 이웃한 노드들에게 블록 헤더에 대한 서명을 공유하며, 이웃 노드로부터 서명 리스트를 수신한다. After verifying the block, each node 100 adds a signature to the block header, and does not randomly transmit it. However, each node 100 shares the block header signature with the neighboring nodes and receives the signature list from the neighboring nodes.
즉, 각 노드는 이웃 노드로부터 서명이 공유되면, 서명을 리스트(편의상 서명 리스트라 칭하기로 함)에 추가한 후 서명 리스트를 모든 이웃 노드에게 전송할 수 있다. 즉, 임의의 노드가 이웃 노드로부터 서명 리스트를 수신하면, 서명 리스트가 갱신된 후 다시 전송될 수 있다. That is, each node can transmit the signature list to all neighboring nodes after adding the signature to a list (referred to as a signature list for convenience) when a signature is shared from a neighboring node. That is, when any node receives a signature list from a neighboring node, the signature list may be updated and then transmitted again.
예를 들어, 각 노드가 r개의 이웃 노드를 가지고 있다면, 이웃 노드들과
Figure PCTKR2020014398-appb-I000026
라운드 메시지 교환 후에 정직한 노드는 정직한 샤드 구성원(노드)로부터 t 이상의 서명 공유가 가능하다. For example, if each node has r neighbors,
Figure PCTKR2020014398-appb-I000026
After round message exchange, honest nodes can share more than t signatures from honest shard members (nodes).
따라서, 본 발명의 일 실시예에서는 전체 샤드 구성원의 과반 이상이 블록에 서명한 경우, 해당 블록 제안자에 의해 생성된 블록을 블록 체인에 기록하는 것에 샤드 구성원이 합의한 것으로 간주한다. Therefore, in one embodiment of the present invention, when more than half of all shard members have signed a block, it is considered that the shard members have agreed to record the block created by the block proposer in the block chain.
따라서, 각 노드(100)는 이웃 노드들과 서명 리스트 공유를 통해 t개 이상의 서명이 공유된 경우 해당 블록에 대한 합의가 완료된 것으로 판단할 수 있다. 이에 대한 의사 코드는 도 4에 도시된 바와 같다. Accordingly, when t or more signatures are shared by each node 100 through the sharing of the signature list with neighboring nodes, it can be determined that the agreement on the corresponding block is completed. The pseudo code for this is shown in FIG. 4 .
만일 서명 대기 시간 동안 t개 이상의 유효한 서명이 공유되면, 단계 140에서 각 노드(100)는 블록을 블록 체인에 추가한다. If more than t valid signatures are shared during the signature waiting time, in step 140, each node 100 adds a block to the block chain.
그러나, 만일 서명 대기 시간 동안 t개 이상의 유효한 서명이 공유되지 않으면, 단계 145에서 각 노드(100)는 빈 블록에 서명한 후 서명 대기 시간의 타임 스탬프를 재설정한다. However, if t or more valid signatures are not shared during the signature waiting time, in step 145, each node 100 signs an empty block and then resets the time stamp of the signature waiting time.
블록 검증에 대한 의사 코드는 도 2에 도시된 바와 같다. The pseudo code for block verification is shown in FIG. 2 .
비잔틴 결함을 견딜 수 있는 강력한 샤드를 가지기 위해서는 샤드의 크기가 커야 한다. 그러나 작은 크기의 샤드는 거래 속도 측면에서 더 유리하다. 트레이드 오프를 감안하여, 샤드 크기를 400 노드로 설정하며, 보안 임계값은 t=200로 가정하기로 한다. In order to have a strong shard that can withstand Byzantine faults, the size of the shard must be large. However, smaller shards are more advantageous in terms of transaction speed. Considering the trade-off, the shard size is set to 400 nodes, and the security threshold is assumed to be t=200.
각 노드간 연결 대역폭이 20Mbps로 제한되며, 모든 통신 링크의 대기 시간은 100ms라고 가정하기로 한다. It is assumed that the connection bandwidth between each node is limited to 20Mbps, and the latency of all communication links is 100ms.
각 노드에 12개의 이웃 노드가 있고, 블록에 서명을 추가하여 설명과 블록을 함께 전송한다. 시간
Figure PCTKR2020014398-appb-I000027
내에서 정직한 노드는 다른 정직한 노드로부터 서명과 블록을 공유 받을 수 있다. 정직한 노드는 서명들을 하나의 그룹서명으로 복원할 수 있다. 그룹서명을 전송하는 시간은
Figure PCTKR2020014398-appb-I000028
가 된다. 따라서, 전체 2
Figure PCTKR2020014398-appb-I000029
의 시간이 필요하다. Each node has 12 neighbors, adding a signature to the block, sending the block along with the description. time
Figure PCTKR2020014398-appb-I000027
Honest nodes within can receive signatures and blocks from other honest nodes. An honest node can restore signatures as a group signature. Time to send group signature
Figure PCTKR2020014398-appb-I000028
becomes Therefore, all 2
Figure PCTKR2020014398-appb-I000029
time is needed
상술한 내용을 바탕으로 약 12 ~ 15회 홉 후 전체 네트워크에서 메시지를 수신할 수 있으며, 모든 통신 링크에서 100ms의 대기 시간으로
Figure PCTKR2020014398-appb-I000030
가 소요되므로, 블록이 합의되기까지 약 3초의 시간이 소요되는 것을 알 수 있다. Based on the above, a message can be received from the entire network after about 12 to 15 hops, with a latency of 100 ms on all communication links.
Figure PCTKR2020014398-appb-I000030
It can be seen that it takes about 3 seconds for the block to be agreed upon.
도 5는 본 발명의 일 실시예에 따른 노드의 구성을 개략적으로 도시한 블록도이다. 이하에서 각 노드는 샤드 네트워크를 구성하는 장치로 이해되어야 할 것이며, 계산 능력 및 통신 능력을 가지는 컴퓨팅 장치일 수 있다. 5 is a block diagram schematically illustrating the configuration of a node according to an embodiment of the present invention. Hereinafter, each node should be understood as a device constituting a shard network, and may be a computing device having computational power and communication capability.
도 5를 참조하면, 본 발명의 일 실시예에 따르면 노드(100)는 통신부(510), 메모리(515) 및 프로세서(520)를 포함하여 구성된다. Referring to FIG. 5 , according to an embodiment of the present invention, the node 100 includes a communication unit 510 , a memory 515 , and a processor 520 .
통신부(510)는 통신망을 통해 다른 장치(예를 들어, 다른 노드들)과 데이터를 송수신하기 위한 수단이다. The communication unit 510 is a means for transmitting and receiving data with other devices (eg, other nodes) through a communication network.
예를 들어, 통신부(510)는 다른 노드로부터 블록, 서명이 포함된 블록 헤더 등을 수신받을 수 있다.For example, the communication unit 510 may receive a block from another node, a block header including a signature, and the like.
또한, 통신부(510)는 프로세서(520)의 제어에 따라 자신의 서명이 포함된 블록 헤더를 다른 노드로 전송할 수도 있다. Also, the communication unit 510 may transmit a block header including its own signature to another node under the control of the processor 520 .
메모리(515)는 리더가 없는 무분기 블록 체인 합의 방법을 수행하기 위해 필요한 적어도 하나의 명령어(프로그램 코드)를 저장한다. The memory 515 stores at least one instruction (program code) necessary to perform the leaderless branchless blockchain consensus method.
프로세서(520)는 본 발명의 일 실시예에 따른 각 노드의 구성 요소들(예를 들어, 통신부(510), 메모리(515) 등)을 제어하기 위한 수단이다.The processor 520 is a means for controlling components (eg, the communication unit 510 , the memory 515 , etc.) of each node according to an embodiment of the present invention.
또한, 프로세서(520)에 의해 실행된 명령어는 도 1 내지 도 4를 참조하여 설명한 리더가 없는 무분기 블록 체인 합의 방법을 위한 각각의 단계를 수행할 수 있다. In addition, the instruction executed by the processor 520 may perform each step for the leaderless branchless blockchain consensus method described with reference to FIGS. 1 to 4 .
본 발명의 실시 예에 따른 장치 및 방법은 다양한 컴퓨터 수단을 통하여 수행될 수 있는 프로그램 명령 형태로 구현되어 컴퓨터 판독 가능 매체에 기록될 수 있다. 컴퓨터 판독 가능 매체는 프로그램 명령, 데이터 파일, 데이터 구조 등을 단독으로 또는 조합하여 포함할 수 있다. 컴퓨터 판독 가능 매체에 기록되는 프로그램 명령은 본 발명을 위하여 특별히 설계되고 구성된 것들이거나 컴퓨터 소프트웨어 분야 통상의 기술자에게 공지되어 사용 가능한 것일 수도 있다. 컴퓨터 판독 가능 기록 매체의 예에는 하드 디스크, 플로피 디스크 및 자기 테이프와 같은 자기매체(magnetic media), CD-ROM, DVD와 같은 광기록 매체(optical media), 플롭티컬 디스크(floptical disk)와 같은 자기-광 매체(magneto-optical media) 및 롬(ROM), 램(RAM), 플래시 메모리 등과 같은 프로그램 명령을 저장하고 수행하도록 특별히 구성된 하드웨어 장치가 포함된다. 프로그램 명령의 예에는 컴파일러에 의해 만들어지는 것과 같은 기계어 코드뿐만 아니라 인터프리터 등을 사용해서 컴퓨터에 의해서 실행될 수 있는 고급 언어 코드를 포함한다.The apparatus and method according to an embodiment of the present invention may be implemented in the form of program instructions that can be executed through various computer means and recorded in a computer-readable medium. The computer-readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The program instructions recorded on the computer readable medium may be specially designed and configured for the present invention, or may be known and available to those skilled in the computer software field. Examples of the computer-readable recording medium include magnetic media such as hard disks, floppy disks and magnetic tapes, optical media such as CD-ROMs and DVDs, and magnetic media such as floppy disks. - Includes magneto-optical media and hardware devices specially configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like. Examples of program instructions include not only machine language codes such as those generated by a compiler, but also high-level language codes that can be executed by a computer using an interpreter or the like.
상술한 하드웨어 장치는 본 발명의 동작을 수행하기 위해 하나 이상의 소프트웨어 모듈로서 작동하도록 구성될 수 있으며, 그 역도 마찬가지이다.The hardware devices described above may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.
이제까지 본 발명에 대하여 그 실시 예들을 중심으로 살펴보았다. 본 발명이 속하는 기술 분야에서 통상의 지식을 가진 자는 본 발명이 본 발명의 본질적인 특성에서 벗어나지 않는 범위에서 변형된 형태로 구현될 수 있음을 이해할 수 있을 것이다. 그러므로 개시된 실시 예들은 한정적인 관점이 아니라 설명적인 관점에서 고려되어야 한다. 본 발명의 범위는 전술한 설명이 아니라 특허청구범위에 나타나 있으며, 그와 동등한 범위 내에 있는 모든 차이점은 본 발명에 포함된 것으로 해석되어야 할 것이다.So far, the present invention has been looked at focusing on the embodiments thereof. Those of ordinary skill in the art to which the present invention pertains will understand that the present invention can be implemented in modified forms without departing from the essential characteristics of the present invention. Therefore, the disclosed embodiments should be considered in an illustrative rather than a restrictive sense. The scope of the present invention is indicated in the claims rather than the foregoing description, and all differences within the scope equivalent thereto should be construed as being included in the present invention.

Claims (12)

  1. (a) 현재 라운드에 대한 랜덤값을 계산하는 단계;(a) calculating a random value for the current round;
    (b) 상기 계산된 랜덤값을 이용하여 블록 제안 노드를 선택하는 단계;(b) selecting a block proposal node using the calculated random value;
    (c) 상기 블록 제안 노드로부터 생성된 블록을 수신하는 단계;(c) receiving a block generated from the block proposal node;
    (d) 상기 수신된 블록을 검증한 후 유효한 경우 상기 블록의 헤더에 서명을 추가하고, 상기 서명이 추가된 블록 헤더 정보만 다른 노드로 전송하는 단계를 포함하는 리더가 없는 블록 체인 합의 방법.(d) if valid after verifying the received block, adding a signature to the header of the block, and transmitting only the block header information to which the signature is added to another node.
  2. 제1 항에 있어서, According to claim 1,
    상기 현재 라운드에 대한 랜덤값은, The random value for the current round is,
    이전 라운드에서 이용된 랜덤값과 이전 라운드에서 생성된 블록의 서명을 이용하여 계산되는 것을 특징으로 하는 리더가 없는 블록 체인 합의 방법.A leaderless blockchain consensus method, characterized in that it is calculated using the random value used in the previous round and the signature of the block generated in the previous round.
  3. 제1 항에 있어서, According to claim 1,
    상기 (d) 단계 이후에,After step (d),
    이웃한 다른 노드로부터 상기 블록 헤더에 추가된 서명을 공유받는 단계를 더 포함하되, Further comprising the step of receiving a shared signature added to the block header from other neighboring nodes,
    상기 공유된 서명을 분석하여 유효한 서명이 보안 임계치 이상인 경우 상기 블록을 블록 체인에 추가하는 단계를 포함하는 리더가 없는 블록 체인 합의 방법.and analyzing the shared signature and adding the block to the block chain if the valid signature is above a security threshold.
  4. 제3 항에 있어서, 4. The method of claim 3,
    상기 보안 임계치는,The security threshold is
    전체 샤드 구성원 수의 절반으로 설정되는 것을 특징으로 하는 리더가 없는 블록 체인 합의 방법.A leaderless blockchain consensus method characterized by being set to half of the total number of shard members.
  5. 제1 항에 있어서, According to claim 1,
    상기 (a) 단계 내지 상기 (d) 단계는 하나의 라운드에서 수행되되, 각각의 노드에서 독립적으로 수행되는 것을 특징으로 하는 리더가 없는 블록 체인 합의 방법.Steps (a) to (d) are performed in one round, and each node is independently performed in a leaderless blockchain consensus method.
  6. 제1 항에 있어서, According to claim 1,
    블록 대기 시간 동안 상기 블록 제안 노드로부터 유효한 블록이 수신되지 않는 경우, 빈 블록을 생성하여 서명한 후 상기 다른 노드로 전송하는 단계를 포함하는 리더가 없는 블록 체인 합의 방법.and if a valid block is not received from the block proposal node during the block waiting time, generating an empty block, signing it, and transmitting it to the other node.
  7. 제6 항에 있어서, 7. The method of claim 6,
    상기 (d) 단계에서, In step (d),
    상기 블록 제안 노드로부터 두개의 유효한 블록이 수신되는 경우, 하나의 블록만 검증하여 서명하고, 다른 블록은 무시하는 것을 특징으로 하는 리더가 없는 블록 체인 합의 방법.When two valid blocks are received from the block proposal node, only one block is verified and signed, and the other block is ignored.
  8. 리더가 없는 블록 체인 합의 방법을 수행하기 위한 프로그램 코드를 기록한 컴퓨터로 판독 가능한 기록매체에 있어서, In a computer-readable recording medium recording a program code for performing a leaderless blockchain consensus method,
    (a) 현재 라운드에 대한 랜덤값을 계산하는 단계;(a) calculating a random value for the current round;
    (b) 상기 계산된 랜덤값을 이용하여 블록 제안 노드를 선택하는 단계;(b) selecting a block proposal node using the calculated random value;
    (c) 상기 블록 제안 노드로부터 생성된 블록을 수신하는 단계;(c) receiving a block generated from the block proposal node;
    (d) 상기 수신된 블록을 검증한 후 유효한 경우 상기 블록의 헤더에 서명을 추가하고, 상기 서명이 추가된 블록 헤더 정보만 다른 노드로 전송하는 단계를 수행하는 기록매체 제품.(d) after verifying the received block, if valid, adding a signature to the header of the block, and transmitting only the block header information to which the signature is added to another node.
  9. 적어도 하나의 명령어를 저장하는 메모리;a memory storing at least one instruction;
    상기 메모리에 저장된 명령어를 실행하는 프로세서를 포함하되,A processor that executes instructions stored in the memory,
    상기 명령어는, The command is
    (a) 현재 라운드에 대한 랜덤값을 계산하는 단계;(a) calculating a random value for the current round;
    (b) 상기 계산된 랜덤값을 이용하여 블록 제안 노드를 선택하는 단계;(b) selecting a block proposal node using the calculated random value;
    (c) 상기 블록 제안 노드로부터 생성된 블록을 수신하는 단계;(c) receiving a block generated from the block proposal node;
    (d) 상기 수신된 블록을 검증한 후 유효한 경우 상기 블록의 헤더에 서명을 추가하고, 상기 서명이 추가된 블록 헤더 정보만 다른 노드로 전송하는 단계를 수행하는 노드. (d) After verifying the received block, if valid, adding a signature to the header of the block, and transmitting only the block header information to which the signature is added to another node.
  10. 제9 항에 있어서, 10. The method of claim 9,
    상기 현재 라운드에 대한 랜덤값은, The random value for the current round is,
    이전 라운드에서 이용된 랜덤값과 이전 라운드에서 생성된 블록의 서명을 이용하여 계산되는 것을 특징으로 하는 노드.A node characterized in that it is calculated using the random value used in the previous round and the signature of the block generated in the previous round.
  11. 제9 항에 있어서, 10. The method of claim 9,
    상기 (d) 단계 이후에,After step (d),
    이웃한 다른 노드로부터 상기 블록 헤더에 추가된 서명을 공유받는 단계를 더 포함하되, Further comprising the step of receiving a shared signature added to the block header from other neighboring nodes,
    상기 공유된 서명을 분석하여 유효한 서명이 보안 임계치 이상인 경우 상기 블록을 블록 체인에 추가하는 단계를 더 수행하는 노드.A node further performing the step of analyzing the shared signature and adding the block to the block chain if the valid signature is greater than or equal to a security threshold.
  12. 제11 항에 있어서, 12. The method of claim 11,
    상기 보안 임계치는,The security threshold is
    전체 샤드 구성원 수의 절반으로 설정되는 것을 특징으로 하는 노드.A node characterized by being set to half of the total number of shard members.
PCT/KR2020/014398 2019-11-26 2020-10-21 Leaderless blockchain consensus method and device therefor WO2021107408A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020190153426A KR102372422B1 (en) 2019-11-26 2019-11-26 Leaderless block-chain consensus method and device
KR10-2019-0153426 2019-11-26

Publications (1)

Publication Number Publication Date
WO2021107408A1 true WO2021107408A1 (en) 2021-06-03

Family

ID=76129359

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2020/014398 WO2021107408A1 (en) 2019-11-26 2020-10-21 Leaderless blockchain consensus method and device therefor

Country Status (2)

Country Link
KR (1) KR102372422B1 (en)
WO (1) WO2021107408A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115392912B (en) * 2022-10-26 2023-03-14 南方科技大学 Random number generation method, system, device and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20170040079A (en) * 2016-05-03 2017-04-12 안규태 Block chain supporting multiple one-way functions used for verification of blocks
KR20180089670A (en) * 2017-02-01 2018-08-09 주식회사 더루프 Method for generating and verifying an digital signature or message authentication code based on a block chain that does not require key management
WO2019032891A1 (en) * 2017-08-09 2019-02-14 Visa International Service Association Verification of interactions system and method
KR20190093012A (en) * 2018-01-31 2019-08-08 지송학 The method for block generation and validation in block-chain system
KR20190123624A (en) * 2018-04-24 2019-11-01 (주)스마트코인 Block Chain Platform System for Block Generation and Verification in Block Chains and Prevention of Hacking

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102033848B1 (en) 2018-02-21 2019-10-17 이화여자대학교 산학협력단 Randomized mesh blockchain system based on group and identification method of integrity
US11080691B2 (en) * 2018-04-09 2021-08-03 Storecoin Inc. Fork-tolerant consensus protocol
SG11202003719QA (en) 2019-05-31 2020-05-28 Advanced New Technologies Co Ltd System and method for providing privacy and security protection in blockchain-based private transactions

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20170040079A (en) * 2016-05-03 2017-04-12 안규태 Block chain supporting multiple one-way functions used for verification of blocks
KR20180089670A (en) * 2017-02-01 2018-08-09 주식회사 더루프 Method for generating and verifying an digital signature or message authentication code based on a block chain that does not require key management
WO2019032891A1 (en) * 2017-08-09 2019-02-14 Visa International Service Association Verification of interactions system and method
KR20190093012A (en) * 2018-01-31 2019-08-08 지송학 The method for block generation and validation in block-chain system
KR20190123624A (en) * 2018-04-24 2019-11-01 (주)스마트코인 Block Chain Platform System for Block Generation and Verification in Block Chains and Prevention of Hacking

Also Published As

Publication number Publication date
KR102372422B1 (en) 2022-03-07
KR20210064803A (en) 2021-06-03

Similar Documents

Publication Publication Date Title
WO2019093574A1 (en) Block chain system and method employing hash-based signature scheme
WO2019059453A1 (en) Communication device and method using message history-based security key by means of blockchain
KR100479260B1 (en) Method for cryptographing wireless data and apparatus thereof
CN102118387B (en) System and method for secure transaction of data between wireless communication device and server
WO2019083082A1 (en) Ksi-based authentication and communication method for safe smart home environment, and system therefor
CN105873031B (en) Distributed unmanned plane cryptographic key negotiation method based on credible platform
WO2014069778A1 (en) Id-based encryption and decryption method, and apparatus for executing same
WO2018147673A1 (en) Symmetric key-based user authentication method for ensuring anonymity in wireless sensor network environment
WO2017116019A1 (en) Method and server for authenticating and verifying file
WO2014185594A1 (en) Single sign-on system and method in vdi environment
WO2021162341A1 (en) Operation method of blockchain remittance service system, and electronic wallet for remittance
EP4094173A1 (en) Method for providing authentication service by using decentralized identity and server using the same
WO2022177204A1 (en) Did-based decentralized system for storing and sharing user data
WO2019182377A1 (en) Method, electronic device, and computer-readable recording medium for generating address information used for transaction of blockchain-based cryptocurrency
WO2021107408A1 (en) Leaderless blockchain consensus method and device therefor
WO2019221419A1 (en) Hardware security module
WO2020224251A1 (en) Block chain transaction processing method, device, apparatus and storage medium
WO2020138733A1 (en) Blockchain system for providing anonymity of private information and method for providing anonymity of private information in blockchain
WO2015178597A1 (en) System and method for updating secret key using puf
Corin et al. Timed analysis of security protocols
Cao et al. RPRIA: Reputation and PUF-based remote identity attestation protocol for massive IoT devices
WO2021060720A1 (en) Blockchain system supporting change in plain text data included in transaction
WO2018143510A1 (en) Internet of things security module
WO2023149660A1 (en) Group signature-based federated learning method and system, and recording medium for performing same
WO2023074984A1 (en) Zero knowledge proof-based blockchain virtual machine verification system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20894064

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20894064

Country of ref document: EP

Kind code of ref document: A1