WO2021135694A1 - 一种适用于区块链的验证方法及装置 - Google Patents
一种适用于区块链的验证方法及装置 Download PDFInfo
- Publication number
- WO2021135694A1 WO2021135694A1 PCT/CN2020/129481 CN2020129481W WO2021135694A1 WO 2021135694 A1 WO2021135694 A1 WO 2021135694A1 CN 2020129481 W CN2020129481 W CN 2020129481W WO 2021135694 A1 WO2021135694 A1 WO 2021135694A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- ciphertext
- encryption
- sub
- encrypted
- mod
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Definitions
- the invention relates to the field of financial technology (Fintech) and the field of blockchain (Blockchain), and in particular to a verification method and device suitable for blockchain.
- the Elgamal encryption algorithm (asymmetric encryption algorithm based on Diffie-Hellman key exchange) is a commonly used encryption method.
- the current Elgamal encryption algorithm is encrypted, only one ciphertext can be obtained, but the correctness of the ciphertext can not be verified; this is a problem that needs to be solved urgently.
- the embodiments of the present application provide a verification method and device suitable for blockchain, which solves the problem that the encryption correctness of ciphertext cannot be verified in the prior art.
- the embodiment of the application provides a verification method suitable for blockchain: the encryption node treats different generators in the q-th order cyclic group through the master public key, N encryption interference values, and different generators in the q-order cyclic group according to a preset encryption algorithm.
- the encrypted information is encrypted to obtain an encrypted ciphertext; the encrypted ciphertext includes N+1 sub-ciphertexts; the master public key is determined according to the private key of each decryption node; the master public key and the generator record In the blockchain; q is a prime number; N is a positive integer; the encryption node determines the alternative encryption information of the information to be encrypted and the N alternative encryption interference values corresponding to the N encryption interference values; the According to the encryption algorithm, the encryption node encrypts the substitution encryption information through the N substitution encryption interference values and the generator to obtain a substitution encryption ciphertext, and the substitution encryption ciphertext includes N+1 substitution subtypes.
- Ciphertext the encryption node performs a hash operation on the N+1 replacement sub-ciphertexts according to a preset hash algorithm to obtain an initial verification value; the encryption node for each replacement sub-ciphertext, according to the The initial verification value, the substitute sub-ciphertext, the encryption interference value corresponding to the substitute sub-ciphertext, and the sub-ciphertext corresponding to the substitute sub-ciphertext generate a sub-verification value of the substitute sub-ciphertext; the encryption node Upload the encrypted ciphertext and the ciphertext format certificate to the blockchain, the ciphertext format certificate includes the initial verification value and the sub-verification value of each replacement sub-ciphertext; the ciphertext format certificate is used for verification Encryption correctness of the encrypted ciphertext.
- the encryption node encrypts the message to be encrypted according to the encryption algorithm, the N encryption interference values, the master public key, and the generator to obtain the encrypted ciphertext ,include:
- E is the encrypted ciphertext
- C1, C2...Cn+1 are N+1 sub-ciphertexts
- m is the information to be encrypted
- r1, r2...rn are the N An encrypted interference value.
- the encryption node performs a hash operation on the N+1 substitute sub-ciphertexts according to a preset hash algorithm to obtain an initial verification value, which includes:
- c is the initial verification value
- t1_p, t2_p...tn+1_p are the N+1 substitution sub-ciphertexts
- a is the substitution encryption message
- b1, b2...bn are the N substitutions Encryption interference value
- Hash is the hash algorithm.
- the encryption node, for each substitute sub-ciphertext is based on the initial verification value, the substitute sub-ciphertext, the encryption interference value corresponding to the substitute sub-ciphertext, and the substitute sub-ciphertext.
- the sub-ciphertext corresponding to the ciphertext generates the sub-verification value of the replacement sub-ciphertext, including:
- Z1, Z2, Z3...Zn+1 are the sub-verification values of the replacement sub-ciphertext; r1, r2, r3...rn are the N replacement encryption interference values.
- N is 1.
- the present application provides a verification device suitable for blockchain, including: an encryption module, which is used to pass the master public key, N encryption interference values, and q-order cyclic groups according to a preset encryption algorithm.
- the generator encrypts the information to be encrypted to obtain an encrypted ciphertext; the encrypted ciphertext includes N+1 sub-ciphertexts; the master public key is determined according to the private key of each decryption node; the master public key and the The generator is recorded in the blockchain; q is a prime number; N is a positive integer; a determining module is used to determine the alternative encryption information of the information to be encrypted and the N alternative encryption interferences corresponding to the N encryption interference values Value; the encryption module is further configured to encrypt the alternative encryption information according to the encryption algorithm through the N alternative encryption interference values and the generator to obtain alternative encryption ciphertext, the alternative encryption encryption
- the text includes N+1 replacement sub-ciphertexts; a processing module for performing a hash operation on the N+1 replacement sub-ciphertexts according
- the encryption module is specifically configured to: obtain each sub-ciphertext and the encrypted ciphertext by using the following formula:
- E is the encrypted ciphertext
- C1, C2...Cn+1 are N+1 sub-ciphertexts
- m is the information to be encrypted
- r1, r2...rn are the N An encrypted interference value.
- t1_p (a*G1+(b 1+b2+ whil+bn)*H)mod q;
- c is the initial verification value
- t1_p, t2_p...tn+1_p are the N+1 substitution sub-ciphertexts
- a is the substitution encryption message
- b1, b2...bn are the N substitutions Encryption interference value
- Hash is the hash algorithm.
- processing module is specifically configured to:
- Z1, Z2, Z3...Zn+1 are the sub-verification values of the replacement sub-ciphertext; r1, r2, r3...rn are the N replacement encryption interference values.
- N is 1.
- an embodiment of the present application provides a computer device, including a program or instruction, when the program or instruction is executed, it is used to execute the method of the first aspect and the embodiments of the first aspect.
- an embodiment of the present application provides a storage medium including a program or instruction, and when the program or instruction is executed, the method of the foregoing first aspect and each embodiment of the first aspect is executed.
- the embodiment of the application provides a verification method and device used in the blockchain.
- the encryption node treats different generators in the q-th order cyclic group through the master public key, N encryption interference values and different generators in the q-order cyclic group according to a preset encryption algorithm.
- the encrypted information is encrypted, and after the encrypted ciphertext is obtained, the alternative encrypted information of the to-be-encrypted information and the N alternative encrypted interference values corresponding to the N encrypted interference values are determined.
- the encryption algorithm pass the N substitution encryption interference values and the generator encrypt the substitution encryption information to obtain another substitution encryption ciphertext with the same operation, and generate it based on the N+1 substitution sub-ciphertexts of the substitution encryption ciphertext Initial verification value, and then generate the sub-verification value of each substitute sub-ciphertext, so as to prove through the ciphertext format, the encryption of the encrypted ciphertext can be verified without exposing the information to be encrypted and the N substitute encryption interference values. Correctness.
- Figure 1 is a schematic diagram of the structure of the blockchain
- FIG. 2 is a schematic diagram of the process flow of a verification method suitable for blockchain according to an embodiment of the application
- FIG. 3 is a schematic structural diagram of a verification device suitable for blockchain according to an embodiment of the application.
- Block chain As shown in Figure 1, a block chain is a chain composed of a series of blocks. In addition to recording the data of this block, each block also records the hash value of the previous block. In this way, a block is formed. chain.
- Node Each participant in the network is a node, and the node participates in network formation and data exchange.
- a node refers to a participant with a unique identity.
- the node has a complete copy of the ledger and has the ability to participate in the consensus of the blockchain network and the maintenance of the ledger.
- Zero-knowledge proof means that the prover can convince the verifier that a certain assertion is correct without providing any useful information to the verifier.
- Zero-knowledge proof is essentially an agreement involving two or more parties, that is, a series of steps that two or more parties need to take to complete a task. The prover proves to the verifier and makes it believe that he knows or possesses a certain message, but the certification process cannot disclose any information about the certified message to the verifier.
- this application provides a verification method suitable for blockchain.
- Step 201 The encryption node encrypts the to-be-encrypted information through the master public key, N encryption interference values, and different generators in the q-order cyclic group according to a preset encryption algorithm to obtain an encrypted ciphertext.
- Step 202 The encryption node determines alternative encryption information of the information to be encrypted and N alternative encryption interference values corresponding to the N encryption interference values.
- Step 203 According to the encryption algorithm, the encryption node encrypts the substitution encryption information by using the N substitution encryption interference values and the generator to obtain a substitution encryption ciphertext.
- the substitute encrypted ciphertext includes N+1 substitute sub-ciphertexts.
- Step 204 The encryption node performs a hash operation on the N+1 replacement sub-ciphertexts according to a preset hash algorithm to obtain an initial verification value.
- Step 205 The encryption node, for each replacement sub-ciphertext, according to the initial verification value, the replacement sub-ciphertext, the encryption interference value corresponding to the replacement sub-ciphertext, and the sub-cipher text corresponding to the replacement sub-ciphertext.
- the ciphertext generates the sub-verification value of the substitute sub-ciphertext.
- Step 206 The encryption node uploads the encrypted ciphertext and the ciphertext format certificate to the blockchain, and the ciphertext format certificate includes the initial verification value and the sub-verification value of each replacement sub-ciphertext.
- the ciphertext format certificate is used to verify the encryption correctness of the encrypted ciphertext.
- the encrypted ciphertext includes N+1 sub-ciphertexts; the master public key is determined according to the private key of each decryption node; the master public key and the generator are recorded in the blockchain In; q is a prime number; N is a positive integer. Among them, if in order to ensure that there are enough integers in q, so as not to be prone to repetitions when randomly fetching numbers, q can be a large prime number, which refers to a prime number of the order of 2 ⁇ 256 bits.
- the q-order cyclic group may be the q-order elliptic curve cyclic group.
- the N encryption interference values may be randomly selected.
- step 201 the following initialization process may be performed:
- All decryption nodes have an elliptic curve cyclic group G of order q, where q is a large prime number, and the cyclic group G can be regarded as a set of q elliptic curve points.
- each decryption node needs to randomly choose a number from ⁇ 1,2,...q-1 ⁇ as its own sub-ciphertext x_i; each decryption node calculates (x_i*G2)mod q, as Part of the master public key H is sent to the blockchain.
- q is the modulo operation.
- x_i*G represents the dot product operation of the scalar x_i and any point G2 of the q-order elliptic curve.
- All decryption nodes publish public keys: G1, G2, H, and retain the sub-ciphertext x_i as the private key of each decryption node.
- step 201 may specifically be:
- E is the encrypted ciphertext
- C1, C2...Cn+1 are N+1 sub-ciphertexts
- m is the information to be encrypted
- r1, r2...rn are the N An encrypted interference value.
- N encryption interference values are a random number r
- the above-mentioned optional implementation manner may be:
- the encryption node P determines the message m to be encrypted.
- the encryption node P selects a random number r from ⁇ 1,2,...q-1 ⁇ .
- G1 and G2 are q in the initialization process
- Two generators of the order cyclic group G, H is the master public key in the initialization process.
- N+1 replacement sub-ciphertexts that replace the encrypted ciphertext can be obtained by the following formula:
- t1_p (a*G1+(b1+b2+ whil+bn)*H)mod q;
- t1_p, t2_p...tn+1_p are the N+1 replacement sub-ciphertexts; a is the replacement encryption message; b1, b2...bn are the N replacement encryption interference values; Hash is the hash algorithm.
- N 1
- N alternative encryption interference values are random numbers b
- the above-mentioned optional implementation manners are:
- t1_p (a*G1+b*H)mod q
- t2_p (b*G2)mod q.
- the foregoing embodiment is applicable to a scenario where the encryption node P uses a ciphertext format certification generation algorithm to generate a ciphertext format certification format_proof for the encrypted ciphertext.
- G1, G2, H, y1, and y2 are public parameters. It can be expressed as: (y1,y2,G1,G2,H) ⁇ (format_proof); where (input) ⁇ (output): indicates that the input of the function or algorithm is input and the output is output.
- step 204 may specifically be:
- t1_p (a*G1+(b1+b2+ whil+bn)*H)mod q;
- c is the initial verification value
- t1_p, t2_p...tn+1_p are the N+1 substitution sub-ciphertexts
- a is the substitution encryption message
- b1, b2...bn are the N substitutions Encryption interference value
- Hash is the hash algorithm.
- step 205 may specifically be:
- Z1, Z2, Z3...Zn+1 are the sub-verification values of the replacement sub-ciphertext; r1, r2, r3...rn are the N replacement encryption interference values.
- N 1
- the above-mentioned embodiment may specifically be:
- the encryption node uploads the encrypted ciphertext and the ciphertext format certificate to the blockchain, so as to realize safe and reliable public multi-party storage of user data. Therefore, it can support the decryption node under the premise of ensuring data privacy. Verify the ciphertext on the blockchain.
- a situation can be that the encryption node publishes the encryption result E and the discrete logarithmic ciphertext format zero-knowledge proof format_proof on the blockchain, and all decryption nodes can verify the ciphertext format under the premise of ensuring the privacy of the message m. Correctness.
- the verifier queries the blockchain to obtain the ciphertext E and the zero-knowledge ciphertext format proof format_proof, and verifies the ciphertext format proof format_proof published by the encryptor through the ciphertext format proof verification algorithm. It can be expressed as (y1, y2, G1, G2, H, format_proof) ⁇ (bool).
- the decryption node verification method is as follows, and the following verification values are constructed: t1_v, t2_v, t3_v...tn+1_v.
- t1_v c*C1+z1*G1+(z2+z3+ whil+zn+1)*H;
- t2_v c*C2+z2*G2;
- t3_v c*C3+z3*G2;
- tn+1_v c*Cn+1+zn+1*G2.
- t1_v c*C1+z1*G1+z2*H;
- Test c ? Hash(t1_v,t2_v).
- the present application provides a verification device suitable for blockchain, including: an encryption module 301, which is used to pass the master public key, N encryption interference values, and q-order cyclic group according to a preset encryption algorithm.
- the different generators in the encrypted information are encrypted to obtain an encrypted ciphertext; the encrypted ciphertext includes N+1 sub-ciphertexts; the master public key is determined according to the private key of each decryption node; the master public key And the generator is recorded in the blockchain; q is a prime number; N is a positive integer; the determining module 302 is used to determine the alternative encryption information of the information to be encrypted and the N corresponding to the N encryption interference values
- the encryption module 301 is further configured to encrypt the alternative encryption information according to the encryption algorithm through the N alternative encryption interference values and the generator to obtain the alternative encryption ciphertext,
- the substitute encrypted ciphertext includes N+1 substitute sub-ciphertexts; the processing module 303 is configured to perform a hash operation on the N+1 substitute sub-cip
- the encryption module 301 is specifically configured to: obtain each sub-ciphertext and the encrypted ciphertext by using the following formula:
- E is the encrypted ciphertext
- C1, C2...Cn+1 are N+1 sub-ciphertexts
- m is the information to be encrypted
- r1, r2...rn are the N An encrypted interference value.
- t1_p (a*G1+(b1+b2+ whil+bn)*H)mod q;
- c is the initial verification value
- t1_p, t2_p...tn+1_p are the N+1 substitution sub-ciphertexts
- a is the substitution encryption message
- b1, b2...bn are the N substitutions Encryption interference value
- Hash is the hash algorithm.
- processing module 303 is specifically configured to:
- Z1, Z2, Z3...Zn+1 are the sub-verification values of the replacement sub-ciphertext; r1, r2, r3...rn are the N replacement encryption interference values.
- N is 1.
- An embodiment of the application provides a computer device, including a program or instruction, when the program or instruction is executed, it is used to execute a verification method and any optional method suitable for blockchain provided by the embodiment of the application .
- the embodiment of the application provides a storage medium, including a program or instruction, when the program or instruction is executed, it is used to execute a verification method and any optional method applicable to the blockchain provided by the embodiment of the application .
- this application can be provided as methods, systems, or computer program products. Therefore, this application may adopt the form of a complete hardware embodiment, a complete software embodiment, or an embodiment combining software and hardware. Moreover, this application may adopt the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, optical storage, etc.) containing computer-usable program codes.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
一种适用于区块链的验证方法及装置,其中方法为:加密节点按照预设的加密算法,通过主公钥、N个加密干扰值和q阶循环群中不同的生成元对待加密信息进行加密,得到加密密文(201);所述加密节点按照所述加密算法,通过所述N个替代加密干扰值和所述生成元对所述替代加密信息进行加密,得到替代加密密文(203),所述加密节点将所述加密密文和密文格式证明上传至区块链(206)。上述方法应用于金融科技(Fintech)时,从而通过密文格式证明,可以在不暴露待加密信息和N个替代加密干扰值的基础上,即可验证加密密文的加密正确性。
Description
相关申请的交叉引用
本申请要求在2019年12月30日提交中国专利局、申请号为201911404391.2、申请名称为“一种适用于区块链的验证方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
本发明涉及金融科技(Fintech)领域和区块链(Blockchain)领域,尤其涉及一种适用于区块链的验证方法及装置。
随着计算机技术的发展,越来越多的技术应用在金融领域,传统金融业正在逐步向金融科技(Fintech)转变,但由于金融行业的安全性、实时性要求,也对技术提出的更高的要求。目前,金融数据的安全至关重要,所以在传输过程中需要对金融数据进行加密。
现有技术中,Elgamal加密算法(基于迪菲-赫尔曼密钥交换的非对称加密算法)是一种常用的加密方法。但是,目前的Elgamal加密算法加密后,仅能得到一条密文,但却不能对密文的加密正确性验证;这是一个亟待解决的问题。
发明内容
本申请实施例提供一种适用于区块链的验证方法及装置,解决了现有技术中不能对密文的加密正确性验证的问题。
第一方面,本申请实施例提供一种适用于区块链的验证方法:加密节点按照预设的加密算法,通过主公钥、N个加密干扰值和q阶循环群中不同的生成元对待加密信息进行加密,得到加密密文;所述加密密文包括N+1个子密文; 所述主公钥是根据各解密节点的私钥确定的;所述主公钥和所述生成元记录于所述区块链中;q为素数;N为正整数;所述加密节点确定所述待加密信息的替代加密信息及所述N个加密干扰值对应的N个替代加密干扰值;所述加密节点按照所述加密算法,通过所述N个替代加密干扰值和所述生成元对所述替代加密信息进行加密,得到替代加密密文,所述替代加密密文包括N+1个替代子密文;所述加密节点按照预设的哈希算法对所述N+1个替代子密文进行哈希运算,得到初始验证值;所述加密节点针对每个替代子密文,根据所述初始验证值、所述替代子密文、所述替代子密文对应的加密干扰值和所述替代子密文对应的子密文生成所述替代子密文的子验证值;所述加密节点将所述加密密文和密文格式证明上传至区块链,所述密文格式证明包括所述初始验证值和每个替代子密文的子验证值;所述密文格式证明用于验证所述加密密文的加密正确性。
一种可选实施方式中,所述N个加密干扰值为从1至q-1的q-1个整数中随机选择的N个不同的整数;所述生成元包括q阶椭圆曲线上的两个生成元G1和G2;所述主公钥H=Σx_i*G2,x_i为第i个解密节点的私钥;i为正整数。
一种可选实施方式中,所述加密节点按照所述加密算法,根据所述N个加密干扰值、主公钥和所述生成元,对所述待加密消息进行加密获得所述加密密文,包括:
通过如下公式获得每个子密文和所述加密密文:
C1=(m*G1+(r1+r2+……+rn)*H)mod q;
C2=(r1*G2)mod q;
……
Cn+1=(rn*G2)mod q;
E=(C1,C2,……Cn+1);
其中,mod表示取模运算,E为所述加密密文;C1、C2……Cn+1为N+1个子密文;m为所述待加密信息;r1、r2……rn为所述N个加密干扰值。
一种可选实施方式中,所述加密节点按照预设的哈希算法对所述N+1个替 代子密文进行哈希运算,得到初始验证值,包括:
c=Hash(t1_p,t2_p,……tn+1_p);其中,t1_p=(a*G1+(b1+b2+……+bn)*H)mod q;
t2_p=(b1*G2)mod q;
t3_p=(b2*G2)mod q;
……
tn+1_p=(bn*G2)mod q;
其中,c为所述初始验证值;t1_p、t2_p……tn+1_p为所述N+1个替代子密文;a为所述替代加密消息;b1、b2……bn为所述N个替代加密干扰值;Hash为所述哈希算法。
一种可选实施方式中,所述加密节点针对每个替代子密文,根据所述初始验证值、所述替代子密文、所述替代子密文对应的加密干扰值和所述替代子密文对应的子密文生成所述替代子密文的子验证值,包括:
Z1=(a-c*m)mod q;
Z2=(b1-c*r1)mod q;
Z3=(b2-c*r2)mod q;
……
Zn+1=(bn-c*rn)mod q;
其中,Z1、Z2、Z3……Zn+1为所述替代子密文的子验证值;r1、r2、r3……rn为所述N个替代加密干扰值。
一种可选实施方式中,N为1。
第二方面,本申请提供一种适用于区块链的验证装置,包括:加密模块,用于按照预设的加密算法,通过主公钥、N个加密干扰值和q阶循环群中不同的生成元对待加密信息进行加密,得到加密密文;所述加密密文包括N+1个子密文;所述主公钥是根据各解密节点的私钥确定的;所述主公钥和所述生成元记录于所述区块链中;q为素数;N为正整数;确定模块,用于确定所述待加密信息的替代加密信息及所述N个加密干扰值对应的N个替代加密干扰值; 所述加密模块,还用于按照所述加密算法,通过所述N个替代加密干扰值和所述生成元对所述替代加密信息进行加密,得到替代加密密文,所述替代加密密文包括N+1个替代子密文;处理模块,用于按照预设的哈希算法对所述N+1个替代子密文进行哈希运算,得到初始验证值;所述处理模块,还用于针对每个替代子密文,根据所述初始验证值、所述替代子密文、所述替代子密文对应的加密干扰值和所述替代子密文对应的子密文生成所述替代子密文的子验证值;将所述加密密文和密文格式证明上传至区块链,所述密文格式证明包括所述初始验证值和每个替代子密文的子验证值;所述密文格式证明用于验证所述加密密文的加密正确性。
一种可选实施方式中,所述N个加密干扰值为从1至q-1的q-1个整数中随机选择的N个不同的整数;所述生成元包括q阶椭圆曲线上的两个生成元G1和G2;所述主公钥H=Σx_i*G2,x_i为第i个解密节点的私钥;i为正整数。
一种可选实施方式中,所述加密模块具体用于:通过如下公式获得每个子密文和所述加密密文:
C1=(m*G1+(r1+r2+……+rn)*H)mod q;
C2=(r1*G2)mod q;
……
Cn+1=(rn*G2)mod q;
E=(C1,C2,……Cn+1);
其中,mod表示取模运算,E为所述加密密文;C1、C2……Cn+1为N+1个子密文;m为所述待加密信息;r1、r2……rn为所述N个加密干扰值。
一种可选实施方式中,所述处理模块具体用于:c=Hash(t1_p,t2_p,……tn+1_p);其中,
t1_p=(a*G1+(b 1+b2+……+bn)*H)mod q;
t2_p=(b1*G2)mod q;
t3_p=(b2*G2)mod q;
……
tn+1_p=(bn*G2)mod q;
其中,c为所述初始验证值;t1_p、t2_p……tn+1_p为所述N+1个替代子密文;a为所述替代加密消息;b1、b2……bn为所述N个替代加密干扰值;Hash为所述哈希算法。
一种可选实施方式中,所述处理模块具体用于:
Z1=(a-c*m)mod q;
Z2=(b1-c*r1)mod q;
Z3=(b2-c*r2)mod q;
……
Zn+1=(bn-c*rn)mod q;
其中,Z1、Z2、Z3……Zn+1为所述替代子密文的子验证值;r1、r2、r3……rn为所述N个替代加密干扰值。
一种可选实施方式中,N为1。
第三方面,本申请实施例提供一种计算机设备,包括程序或指令,当所述程序或指令被执行时,用以执行上述第一方面及第一方面各个实施例的方法。
第四方面,本申请实施例提供一种存储介质,包括程序或指令,当所述程序或指令被执行时,用以执行上述第一方面及第一方面各个实施例的方法。
本申请实施例提供一种是用于区块链的验证方法及装置中,加密节点按照预设的加密算法,通过主公钥、N个加密干扰值和q阶循环群中不同的生成元对待加密信息进行加密,得到加密密文后,又确定所述待加密信息的替代加密信息及所述N个加密干扰值对应的N个替代加密干扰值,同样再按照所述加密算法,通过所述N个替代加密干扰值和所述生成元对所述替代加密信息进行加密,得到另一份做了同样运算的替代加密密文,并根据替代加密密文的N+1个替代子密文生成初始验证值,进而生成每个替代子密文的子验证值,从而通过密文格式证明,可以在不暴露待加密信息和N个替代加密干扰值的基础上,即可验证加密密文的加密正确性。
图1为区块链的结构示意图;
图2为本申请实施例提供的一种适用于区块链的验证方法的步骤流程示意图;
图3为本申请实施例提供的一种适用于区块链的验证装置的结构示意图。
为了更好的理解上述技术方案,下面将结合说明书附图及具体的实施方式对上述技术方案进行详细的说明,应当理解本申请实施例以及实施例中的具体特征是对本申请技术方案的详细的说明,而不是对本申请技术方案的限定,在不冲突的情况下,本申请实施例以及实施例中的技术特征可以相互结合。
下面首先解释本申请实施例中出现的名词。
区块链:如图1所示,区块链是由一系列区块组成的一条链,每个块上除了记录本块的数据还会记录上一块的哈希值,通过这种方式组成一条链。区块链的核心理念有两个,一个是密码学技术,另一个是去中心化思想,基于这两个理念做到区块链上的历史信息无法被篡改。
节点:网络中的每一个参与者就是一个节点,节点参与网络组建和数据交换。在区块链网络中,一个节点是指一个具有唯一身份的参与者,该节点具有一份完整的账本拷贝,具有参与区块链网络共识和账本维护的能力。
零知识证明:零知识证明指的是证明者能够在不向验证者提供任何有用的信息的情况下,使验证者相信某个论断是正确的。零知识证明实质上是一种涉及两方或更多方的协议,即两方或更多方完成一项任务所需采取的一系列步骤。证明者向验证者证明并使其相信自己知道或拥有某一消息,但证明过程不能向验证者泄漏任何关于被证明消息的信息。
在金融机构(银行机构、保险机构或证券机构)在进行业务(如银行的贷款业务、存款业务等)运转过程中,金融数据的安全至关重要,所以在传 输过程中需要对金融数据进行加密。目前的Elgamal加密算法加密后,仅能得到一条密文,但却不能对密文的加密正确性验证。这种情况不符合银行等金融机构的需求,无法保证金融机构各项业务的高效运转。
为此,如图2所示,根据零知识证明的性质,本申请提供一种适用于区块链的验证方法。
步骤201:加密节点按照预设的加密算法,通过主公钥、N个加密干扰值和q阶循环群中不同的生成元对待加密信息进行加密,得到加密密文。
步骤202:所述加密节点确定所述待加密信息的替代加密信息及所述N个加密干扰值对应的N个替代加密干扰值。
步骤203:所述加密节点按照所述加密算法,通过所述N个替代加密干扰值和所述生成元对所述替代加密信息进行加密,得到替代加密密文。
所述替代加密密文包括N+1个替代子密文。
步骤204:所述加密节点按照预设的哈希算法对所述N+1个替代子密文进行哈希运算,得到初始验证值。
步骤205:所述加密节点针对每个替代子密文,根据所述初始验证值、所述替代子密文、所述替代子密文对应的加密干扰值和所述替代子密文对应的子密文生成所述替代子密文的子验证值。
步骤206:所述加密节点将所述加密密文和密文格式证明上传至区块链,所述密文格式证明包括所述初始验证值和每个替代子密文的子验证值。
所述密文格式证明用于验证所述加密密文的加密正确性。
步骤201中,所述加密密文包括N+1个子密文;所述主公钥是根据各解密节点的私钥确定的;所述主公钥和所述生成元记录于所述区块链中;q为素数;N为正整数。其中,如果为了保证q中的整数足够多,不至于随机取数时容易出现重复,q可以为大素数,大素数指2^256位的数量级的素数。q阶循环群可以为q阶椭圆曲线循环群。
所述N个加密干扰值可以为随机取值,在一种可选实施方式中,所述N个加密干扰值为从1至q-1的q-1个整数中随机选择的N个不同的整数;所述生成元 包括q阶椭圆曲线上的两个生成元G1和G2;所述主公钥H=Σx_i*G2,x_i为第i个解密节点的私钥;i为正整数。
具体来说,可以在步骤201之前,进行如下初始化流程:
(1)所有解密节点拥有一个q阶椭圆曲线循环群G,其中q为大素数,循环群G可看作q个椭圆曲线点的集合。
(2)所有解密节点需要在循环群G中随机选择两个独立的椭圆曲线点作为生成元G1、G2。
(3)所以每个解密节点都需要从{1,2,…q-1}中随机选择一个数,作为自己的一个子密文x_i;每个解密节点计算(x_i*G2)mod q,作为主公钥H的一部分,发送到区块链。其中,q为取模运算。其中,x_i*G:表示标量x_i与q阶椭圆曲线的任一点G2的点乘运算。
(4)所以主公钥H需组合构造,即每个解密节点计算(Σx_i*G2)mod q=(x*G2)mod q=H,其中主秘密x为所有子密文x_i之和。
(5)所有解密节点公布公钥:G1、G2、H,保留子密文x_i作为每个解密节点的私钥。
步骤201的一种可选实施方式中,步骤201具体可以为:
通过如下公式获得每个子密文和所述加密密文:
C1=(m*G1+(r1+r2+……+rn)*H)mod q;
C2=(r1*G2)mod q;
……
Cn+1=(rn*G2)mod q;
E=(C1,C2,……Cn+1);
其中,mod表示取模运算,E为所述加密密文;C1、C2……Cn+1为N+1个子密文;m为所述待加密信息;r1、r2……rn为所述N个加密干扰值。
特别地,当N取1时,N个加密干扰值为一个随机数r,上述可选实施方式可以为:
(1)加密节点P确定待加密消息m。
(2)加密节点P从{1,2,…q-1}中选择随机数r。
(3)加密节点P利用Elgamal加密算法加密待加密消息m得到加密密文E=(C1,C2)=(m*G1+r*H,r*G2),其中G1、G2为初始化流程中q阶循环群G的两个生成元,H为初始化流程中的主公钥。
步骤203的一种可选实施方式中,可以通过如下公式得到替代加密密文的N+1个替代子密文:
t1_p=(a*G1+(b1+b2+……+bn)*H)mod q;
t2_p=(b1*G2)mod q;
t3_p=(b2*G2)mod q;
……
tn+1_p=(bn*G2)mod q;
t1_p、t2_p……tn+1_p为所述N+1个替代子密文;a为所述替代加密消息;b1、b2……bn为所述N个替代加密干扰值;Hash为所述哈希算法。
特别地,N为1时,N个替代加密干扰值为随机数b,上述可选实施方式为:
t1_p=(a*G1+b*H)mod q,t2_p=(b*G2)mod q。
上述实施方式适用于加密节点P利用密文格式证明生成算法对加密密文生成密文格式证明format_proof的情景。其中format_proof的内容为“密文E中y1=m*G1+r*H中的r和y2=r*G2中的r是相等的”。即加密节点需证明y=m*G1+r1*H+r2*G2中的m、r1、r2满足关系0*m+r1-r2=0。其中G1,G2,H,y1,y2为公开参数。可表示为:(y1,y2,G1,G2,H)→(format_proof);其中(input)→(output):表示函数或算法输入为input,输出为output。
因此,步骤204的一种可选实施方式中,步骤204具体可以为:
c=Hash(t1_p,t2_p,……tn+1_p);其中,
t1_p=(a*G1+(b1+b2+……+bn)*H)mod q;
t2_p=(b1*G2)mod q;
t3_p=(b2*G2)mod q;
……
tn+1_p=(bn*G2)mod q;
其中,c为所述初始验证值;t1_p、t2_p……tn+1_p为所述N+1个替代子密文;a为所述替代加密消息;b1、b2……bn为所述N个替代加密干扰值;Hash为所述哈希算法。
步骤205的一种可选实施方式中,步骤205具体可以为:
Z1=(a-c*m)mod q;
Z2=(b1-c*r1)mod q;
Z3=(b2-c*r2)mod q;
……
Zn+1=(bn-c*rn)mod q;
其中,Z1、Z2、Z3……Zn+1为所述替代子密文的子验证值;r1、r2、r3……rn为所述N个替代加密干扰值。
特别地,N为1时,上述实施方式具体可以为:
Z1=a-c*m,Z2=b-c*r。
密文格式证明具体可以为format_proof=(c,Z1,Z2)。
步骤206中,加密节点将所述加密密文和密文格式证明上传至区块链,从而实现对用户数据安全可信的公开多方保存,因此,可以支持在保证数据隐私的前提下,解密节点对区块链上的密文进行验证。
具体来说,一种情形可以为加密节点将加密结果E及离散对数密文格式零知识证明format_proof公布于区块链上,在保证消息m隐私的前提下供所有解密节点验证密文格式的正确性。
具体来说,验证者在区块链上查询得到密文E及零知识密文格式证明format_proof,通过密文格式证明验证算法验证加密者公布的密文格式证明format_proof。可以表示为(y1,y2,G1,G2,H,format_proof)→(bool),具体来说,解密节点验证的方式如下,构造以下验证值:t1_v,t2_v,t3_v……tn+1_v。
t1_v=c*C1+z1*G1+(z2+z3+……+zn+1)*H;
t2_v=c*C2+z2*G2;
t3_v=c*C3+z3*G2;
……
tn+1_v=c*Cn+1+zn+1*G2。
检验c=?Hash(t1_v,t2_v,t3_v……tn+1_v);其中,=?表示判断是否相等,c为所述初始验证值,若相等,则确定加密密文是按照预设的加密算法,通过主公钥、N个加密干扰值和q阶循环群中不同的生成元对待加密信息进行加密得到的。
特殊地,当N为1时,上述实施方式具体为:
t1_v=c*C1+z1*G1+z2*H;
t2_v=c*C2+z1*G2。
检验c=?Hash(t1_v,t2_v)。
如图3所示,本申请提供一种适用于区块链的验证装置,包括:加密模块301,用于按照预设的加密算法,通过主公钥、N个加密干扰值和q阶循环群中不同的生成元对待加密信息进行加密,得到加密密文;所述加密密文包括N+1个子密文;所述主公钥是根据各解密节点的私钥确定的;所述主公钥和所述生成元记录于所述区块链中;q为素数;N为正整数;确定模块302,用于确定所述待加密信息的替代加密信息及所述N个加密干扰值对应的N个替代加密干扰值;所述加密模块301,还用于按照所述加密算法,通过所述N个替代加密干扰值和所述生成元对所述替代加密信息进行加密,得到替代加密密文,所述替代加密密文包括N+1个替代子密文;处理模块303,用于按照预设的哈希算法对所述N+1个替代子密文进行哈希运算,得到初始验证值;所述处理模块303,还用于针对每个替代子密文,根据所述初始验证值、所述替代子密文、所述替代子密文对应的加密干扰值和所述替代子密文对应的子密文生成所述替代子密文的子验证值;将所述加密密文和密文格式证明上传至区块链,所述密文格式证明包括所述初始验证值和每个替代子密文的子验证值;所述密文格式证明用于验证所述加密密文的加密正确性。
一种可选实施方式中,所述N个加密干扰值为从1至q-1的q-1个整数中随机 选择的N个不同的整数;所述生成元包括q阶椭圆曲线上的两个生成元G1和G2;所述主公钥H=Σx_i*G2,x_i为第i个解密节点的私钥;i为正整数。
一种可选实施方式中,所述加密模块301具体用于:通过如下公式获得每个子密文和所述加密密文:
C1=(m*G1+(r1+r2+……+rn)*H)mod q;
C2=(r1*G2)mod q;
……
Cn+1=(rn*G2)mod q;
E=(C1,C2,……Cn+1);
其中,mod表示取模运算,E为所述加密密文;C1、C2……Cn+1为N+1个子密文;m为所述待加密信息;r1、r2……rn为所述N个加密干扰值。
一种可选实施方式中,所述处理模块303具体用于:c=Hash(t1_p,t2_p,……tn+1_p);其中,
t1_p=(a*G1+(b1+b2+……+bn)*H)mod q;
t2_p=(b1*G2)mod q;
t3_p=(b2*G2)mod q;
……
tn+1_p=(bn*G2)mod q;
其中,c为所述初始验证值;t1_p、t2_p……tn+1_p为所述N+1个替代子密文;a为所述替代加密消息;b1、b2……bn为所述N个替代加密干扰值;Hash为所述哈希算法。
一种可选实施方式中,所述处理模块303具体用于:
Z1=(a-c*m)mod q;
Z2=(b1-c*r1)mod q;
Z3=(b2-c*r2)mod q;
……
Zn+1=(bn-c*rn)mod q;
其中,Z1、Z2、Z3……Zn+1为所述替代子密文的子验证值;r1、r2、r3……rn为所述N个替代加密干扰值。
一种可选实施方式中,N为1。
本申请实施例提供一种计算机设备,包括程序或指令,当所述程序或指令被执行时,用以执行本申请实施例提供的一种适用于区块链的验证方法及任一可选方法。
本申请实施例提供一种存储介质,包括程序或指令,当所述程序或指令被执行时,用以执行本申请实施例提供的一种适用于区块链的验证方法及任一可选方法。
最后应说明的是:本领域内的技术人员应明白,本申请的实施例可提供为方法、系统、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、光学存储器等)上实施的计算机程序产品的形式。
显然,本领域的技术人员可以对本申请进行各种改动和变型而不脱离本申请的范围。这样,倘若本申请的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本申请也意图包含这些改动和变型在内。
Claims (10)
- 一种适用于区块链的验证方法,其特征在于,包括:加密节点按照预设的加密算法,通过主公钥、N个加密干扰值和q阶循环群中不同的生成元对待加密信息进行加密,得到加密密文;所述加密密文包括N+1个子密文;所述主公钥是根据各解密节点的私钥确定的;所述主公钥和所述生成元记录于所述区块链中;q为素数;N为正整数;所述加密节点确定所述待加密信息的替代加密信息及所述N个加密干扰值对应的N个替代加密干扰值;所述加密节点按照所述加密算法,通过所述N个替代加密干扰值和所述生成元对所述替代加密信息进行加密,得到替代加密密文,所述替代加密密文包括N+1个替代子密文;所述加密节点按照预设的哈希算法对所述N+1个替代子密文进行哈希运算,得到初始验证值;所述加密节点针对每个替代子密文,根据所述初始验证值、所述替代子密文、所述替代子密文对应的加密干扰值和所述替代子密文对应的子密文生成所述替代子密文的子验证值;所述加密节点将所述加密密文和密文格式证明上传至区块链,所述密文格式证明包括所述初始验证值和每个替代子密文的子验证值;所述密文格式证明用于验证所述加密密文的加密正确性。
- 如权利要求1所述的方法,其特征在于,所述N个加密干扰值为从1至q-1的q-1个整数中随机选择的N个不同的整数;所述生成元包括q阶椭圆曲线上的两个生成元G1和G2;所述主公钥H=Σx_i*G2,x_i为第i个解密节点的私钥;i为正整数。
- 如权利要求2所述的方法,其特征在于,所述加密节点按照所述加密算法,根据所述N个加密干扰值、主公钥和所述生成元,对所述待加密消息进行加密获得所述加密密文,包括:通过如下公式获得每个子密文和所述加密密文:C1=(m*G1+(r1+r2+……+rn)*H)mod q;C2=(r1*G2)mod q;……Cn+1=(rn*G2)mod q;E=(C1,C2,……Cn+1);其中,mod表示取模运算,E为所述加密密文;C1、C2……Cn+1为N+1个子密文;m为所述待加密信息;r1、r2……rn为所述N个加密干扰值。
- 如权利要求3所述的方法,其特征在于,所述加密节点按照预设的哈希算法对所述N+1个替代子密文进行哈希运算,得到初始验证值,包括:c=Hash(t1_p,t2_p,……tn+1_p);其中,t1_p=(a*G1+(b1+b2+……+bn)*H)mod q;t2_p=(b1*G2)mod q;t3_p=(b2*G2)mod q;……tn+1_p=(bn*G2)mod q;其中,c为所述初始验证值;t1_p、t2_p……tn+1_p为所述N+1个替代子密文;a为所述替代加密消息;b1、b2……bn为所述N个替代加密干扰值;Hash为所述哈希算法。
- 如权利要求4所述的方法,其特征在于,所述加密节点针对每个替代子密文,根据所述初始验证值、所述替代子密文、所述替代子密文对应的加密干扰值和所述替代子密文对应的子密文生成所述替代子密文的子验证值,包括:Z1=(a-c*m)mod q;Z2=(b1-c*r1)mod q;Z3=(b2-c*r2)mod q;……Zn+1=(bn-c*rn)mod q;其中,Z1、Z2、Z3……Zn+1为所述替代子密文的子验证值;r1、r2、r3……rn为所述N个替代加密干扰值。
- 如权利要求1-5任一所述的方法,其特征在于,N为1。
- 一种适用于区块链的验证装置,其特征在于,包括:加密模块,用于按照预设的加密算法,通过主公钥、N个加密干扰值和q阶循环群中不同的生成元对待加密信息进行加密,得到加密密文;所述加密密文包括N+1个子密文;所述主公钥是根据各解密节点的私钥确定的;所述主公钥和所述生成元记录于所述区块链中;q为素数;N为正整数;确定模块,用于确定所述待加密信息的替代加密信息及所述N个加密干扰值对应的N个替代加密干扰值;所述加密模块,还用于按照所述加密算法,通过所述N个替代加密干扰值和所述生成元对所述替代加密信息进行加密,得到替代加密密文,所述替代加密密文包括N+1个替代子密文;处理模块,用于按照预设的哈希算法对所述N+1个替代子密文进行哈希运算,得到初始验证值;所述处理模块,还用于针对每个替代子密文,根据所述初始验证值、所述替代子密文、所述替代子密文对应的加密干扰值和所述替代子密文对应的子密文生成所述替代子密文的子验证值;将所述加密密文和密文格式证明上传至区块链,所述密文格式证明包括所述初始验证值和每个替代子密文的子验证值;所述密文格式证明用于验证所述加密密文的加密正确性。
- 如权利要求7所述的装置,其特征在于,所述N个加密干扰值为从1至q-1的q-1个整数中随机选择的N个不同的整数;所述生成元包括q阶椭圆曲线上的两个生成元G1和G2;所述主公钥H=Σx_i*G2,x_i为第i个解密节点的私钥;i为正整数。
- 一种计算机设备,其特征在于,包括程序或指令,当所述程序或指令被执行时,如权利要求1至6中任意一项所述的方法被执行。
- 一种存储介质,其特征在于,包括程序或指令,当所述程序或指令被执行时,如权利要求1至6中任意一项所述的方法被执行。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911404391.2A CN111159745B (zh) | 2019-12-30 | 2019-12-30 | 一种适用于区块链的验证方法及装置 |
CN201911404391.2 | 2019-12-30 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2021135694A1 true WO2021135694A1 (zh) | 2021-07-08 |
Family
ID=70559558
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2020/129481 WO2021135694A1 (zh) | 2019-12-30 | 2020-11-17 | 一种适用于区块链的验证方法及装置 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN111159745B (zh) |
WO (1) | WO2021135694A1 (zh) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114785511A (zh) * | 2022-02-25 | 2022-07-22 | 蚂蚁区块链科技(上海)有限公司 | 证明生成方法及装置、电子设备、存储介质 |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111159745B (zh) * | 2019-12-30 | 2023-04-07 | 深圳前海微众银行股份有限公司 | 一种适用于区块链的验证方法及装置 |
CN111738857B (zh) * | 2020-06-28 | 2021-07-06 | 深圳前海微众银行股份有限公司 | 应用于区块链的隐匿支付证明的生成与验证方法及装置 |
CN113972984B (zh) * | 2020-07-24 | 2024-03-19 | 中国移动通信集团浙江有限公司 | ElGamal密文等价判断方法及装置 |
CN112541197A (zh) * | 2020-12-28 | 2021-03-23 | 深圳前海微众银行股份有限公司 | 一种结果验证方法及装置 |
CN113904869B (zh) * | 2021-11-10 | 2024-04-19 | 深圳前海微众银行股份有限公司 | 一种区块链中恶意节点的检测方法及区块链 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108898475A (zh) * | 2018-05-08 | 2018-11-27 | 众安信息技术服务有限公司 | 基于属性加密的联盟区块链实现信贷方法及系统 |
CN109559117A (zh) * | 2018-11-14 | 2019-04-02 | 北京科技大学 | 基于属性基加密的区块链合约隐私保护方法与系统 |
US20190213821A1 (en) * | 2018-01-11 | 2019-07-11 | Mastercard International Incorporated | Method and system for public elections on a moderated blockchain |
CN111159745A (zh) * | 2019-12-30 | 2020-05-15 | 深圳前海微众银行股份有限公司 | 一种适用于区块链的验证方法及装置 |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP5985123B1 (ja) * | 2015-10-09 | 2016-09-06 | 三菱電機株式会社 | 秘匿検索システム、管理装置、秘匿検索方法及び秘匿検索プログラム |
US10063529B2 (en) * | 2016-03-28 | 2018-08-28 | Accenture Global Solutions Limited | Secure 3D model sharing using distributed ledger |
CN107666388B (zh) * | 2016-07-28 | 2019-11-01 | 郑珂威 | 基于完全同态加密方法的区块链信息加密方法 |
CN108768988B (zh) * | 2018-05-17 | 2021-01-05 | 深圳前海微众银行股份有限公司 | 区块链访问控制方法、设备及计算机可读存储介质 |
-
2019
- 2019-12-30 CN CN201911404391.2A patent/CN111159745B/zh active Active
-
2020
- 2020-11-17 WO PCT/CN2020/129481 patent/WO2021135694A1/zh active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20190213821A1 (en) * | 2018-01-11 | 2019-07-11 | Mastercard International Incorporated | Method and system for public elections on a moderated blockchain |
CN108898475A (zh) * | 2018-05-08 | 2018-11-27 | 众安信息技术服务有限公司 | 基于属性加密的联盟区块链实现信贷方法及系统 |
CN109559117A (zh) * | 2018-11-14 | 2019-04-02 | 北京科技大学 | 基于属性基加密的区块链合约隐私保护方法与系统 |
CN111159745A (zh) * | 2019-12-30 | 2020-05-15 | 深圳前海微众银行股份有限公司 | 一种适用于区块链的验证方法及装置 |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114785511A (zh) * | 2022-02-25 | 2022-07-22 | 蚂蚁区块链科技(上海)有限公司 | 证明生成方法及装置、电子设备、存储介质 |
Also Published As
Publication number | Publication date |
---|---|
CN111159745B (zh) | 2023-04-07 |
CN111159745A (zh) | 2020-05-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2021135694A1 (zh) | 一种适用于区块链的验证方法及装置 | |
JP7202358B2 (ja) | 閾ボールトを生成する、コンピュータにより実施される方法 | |
WO2021135695A1 (zh) | 一种适用于区块链的验证方法及装置 | |
WO2019101134A1 (zh) | 一种多分布式的sm9解密方法与介质及密钥生成方法 | |
JP2020502856A5 (zh) | ||
WO2013031533A1 (ja) | 情報処理装置、情報処理方法、及びプログラム | |
JP4932168B2 (ja) | 新しいフェア・ブラインド署名プロセス | |
CN110011781A (zh) | 一种用于交易金额加密且支持零知识证明的同态加密方法 | |
WO2013031414A1 (ja) | 署名検証装置、署名検証方法、プログラム、及び記録媒体 | |
CN109547209A (zh) | 一种两方sm2数字签名生成方法 | |
CN109639439A (zh) | 一种基于两方协同的ecdsa数字签名方法 | |
CN111010285B (zh) | 一种适用于轻量级客户端的sm2两方协同签名方法及介质 | |
Nguyen-Van et al. | Scalable distributed random number generation based on homomorphic encryption | |
TWI511517B (zh) | Information processing apparatus, information processing method, program and recording medium | |
WO2023056763A1 (zh) | 一种隐私数据共享方法及装置 | |
CN112039883A (zh) | 一种区块链的数据分享方法及装置 | |
TW202318833A (zh) | 臨界簽章方案 | |
JP5029358B2 (ja) | 鍵発行方法、グループ署名システム | |
WO2013129084A1 (ja) | 情報処理装置、情報処理方法、及びプログラム | |
WO2013129119A1 (ja) | 情報処理装置、情報処理方法、及びプログラム | |
JP5314449B2 (ja) | 電子署名検証システム、電子署名装置、検証装置、電子署名検証方法、電子署名方法、検証方法、電子署名プログラム、検証プログラム | |
JP2012244232A (ja) | 情報共有システム、方法、装置及びプログラム | |
Au et al. | Electronic cash with anonymous user suspension | |
JP2013041055A (ja) | 情報処理装置、署名生成装置、情報処理方法、署名生成方法、及びプログラム | |
WO2013031420A1 (ja) | 情報処理装置、署名生成装置、署名検証装置、情報処理方法、署名生成方法、及び署名検証方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 20910153 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 20910153 Country of ref document: EP Kind code of ref document: A1 |