WO2021137391A1 - Blockchain generation method using secret sharing - Google Patents

Blockchain generation method using secret sharing Download PDF

Info

Publication number
WO2021137391A1
WO2021137391A1 PCT/KR2020/012719 KR2020012719W WO2021137391A1 WO 2021137391 A1 WO2021137391 A1 WO 2021137391A1 KR 2020012719 W KR2020012719 W KR 2020012719W WO 2021137391 A1 WO2021137391 A1 WO 2021137391A1
Authority
WO
WIPO (PCT)
Prior art keywords
secret
identifier
block chain
participants
value
Prior art date
Application number
PCT/KR2020/012719
Other languages
French (fr)
Korean (ko)
Inventor
신상호
유수빈
박윤하
김대수
전재현
김지성
조정화
손애선
Original Assignee
재단법인 경주스마트미디어센터
주식회사 우경정보기술
주식회사 엘토브
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 재단법인 경주스마트미디어센터, 주식회사 우경정보기술, 주식회사 엘토브 filed Critical 재단법인 경주스마트미디어센터
Publication of WO2021137391A1 publication Critical patent/WO2021137391A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords

Definitions

  • the present invention relates to a method of creating a block chain using secret sharing in a multi-participant environment.
  • block chain As a data storage technology in a distributed ledger environment, block chain provides high transparency and reliability to users in terms of data management because it is impossible to forge or falsify data stored in a specific block using a hash function. Since the connected blocks are distributed and stored, there is no need for a central administrator, and the maintenance cost for safe data storage and management is relatively low.
  • the existing block chain creation method is performed through widely known cryptographic techniques and distributed consensus.
  • the encryption technique mainly uses a cryptographic hash function in which a secret key exists or a public key infrastructure (PKI).
  • PKI public key infrastructure
  • PKI mainly uses digital signature and public key cryptographic algorithms such as DSA, RSA, ECC, or EC-DSA.
  • DSA digital signature and public key cryptographic algorithms
  • RSA public key cryptographic algorithms
  • ECC electronic circuitry
  • EC-DSA public key cryptographic algorithms
  • the speed and the amount of computation are increasing exponentially. If the capacity of the data stored in the block increases, the time and amount of computation required for the operation increase accordingly, and as a result, separate software or hardware must be newly developed and constructed in the related field, thereby increasing the cost to solve this problem. will do
  • ECC there is a disadvantage that it cannot be used for storing nodes in the block chain right away because it has only recently entered the commercialization stage and checked various safety.
  • the existing block chain node creation technique can check the data stored in the block chain by using the participant's private key. However, if a participant loses the secret key or is attacked by a malicious attacker, sensitive information stored in the block chain node may be exposed as it is. Moreover, if the stored data in the block chain is a secret, managing it fundamentally depending on the secret key has a problem in that the cost of construction and maintenance in terms of the system increases.
  • the present invention provides a method of creating a block chain using secret sharing, which has no restrictions on participants using secret sharing, does not require management of a private key (or public key) for each participant, and can reduce block chain creation time and computational amount aim to do
  • the number of participants (n) related to the block data to be stored in the block chain, the identifiers of the participants (P i , 1 ⁇ i ⁇ n), and the irreducible polynomial (f() x)) a pre-processing step to set;
  • the identifier (P i ) is input into the reduced polynomial (f(x) ) to generate a secret fragment value (f(P i )), and the identifier (P i ) and the secret fragment value (f(P i )) Distributing the ordered pair (P i , f(P i )) to the participants, respectively, and an additional identifier (P n+1 ) and an additional secret fragment value (f(P n+1 )) other than the identifiers of the participants. and a secret sharing step of storing the ordered pair (P n+1 , f(P n+1 )) in the node.
  • the ordered pair (P i , f(P i )) of the identifier (P i ) and the secret fragment value (f(P i )) is calculated using Lagrange information.
  • the method may further include a proof-of-work step of performing proof-of-work by comparing (f'(P n+1 )) with an additional secret fragment value f(P n+1 ) stored in the node.
  • the irreducible polynomial (f(x)) may be defined by the following equation (1).
  • t is the threshold
  • a j is the coefficient value inserted in bits after binarizing and parsing the original data as a part of the block data to be inserted into the block chain
  • mod is the remainder to obtain the remainder of arbitrary division.
  • GF is a polynomial belonging to Galois feild
  • k means the number of bits
  • the block chain generation method using secret sharing In the block chain generation method using secret sharing according to an embodiment of the present invention, at least a part of block data to be inserted into the block chain cannot be inserted as a coefficient value (a j ) in the irreducible polynomial (f(x)). In this case, by additionally setting another irreducible polynomial (g(x), h(x), ...), the above secret sharing step can be performed repeatedly until all transformed binary data are inserted as coefficient values. have.
  • the irreducible polynomial (f'(x)) may be defined by the following Equation (2).
  • the additional identifier (P n+1 ) is at least one of a nonce and a time stamp in the block chain system. It can be specified according to the operation policy of the blockchain system.
  • a threshold (t) for starting the proof-of-work step is set in the pre-processing step, and the threshold value (t) or more among n participants is collusion
  • proof-of-work can be performed by submitting the ordered pair (P i , f(P i )) of its identifier (P i ) and the secret fragment value (f(P i )) to the blockchain system.
  • the threshold value t may be set to a higher stake for a certain participant than other participants.
  • the present invention is a finite body coupled with a computing device, and input values are the number of participants (n) related to block data to be stored in the block chain, the identifiers of the participants (P i , 1 ⁇ i ⁇ n), and the identifiers of the participants.
  • the identifier (P i ) is input into the reduced polynomial (f(x) ) to generate a secret fragment value (f(P i )), and the identifier (P i ) and the secret fragment value (f(P i )) Distributing the ordered pair (P i , f(P i )) to the participants, respectively, and an additional identifier (P n+1 ) and an additional secret fragment value (f(P n+1 )) other than the identifiers of the participants.
  • the additional secret fragment value (f'(P n+1 )) generated by inputting the additional identifier (P n+1 ) to the derived irreducible polynomial (f'(x)) and the additional secret fragment stored in the node
  • it may be implemented as a computer program stored in a computer-readable recording medium.
  • the time required and the amount of computation increase in proportion to the number of participants, but in the block chain generation method using secret sharing according to the embodiment of the present invention, According to the report, using secret sharing and finite-body operation, the required time and amount of computation are constant regardless of the number of participants, so it is very efficient when creating a block chain node in a multi-participant environment, It has an excellent effect. In addition, there is an effect that separate key management is not required.
  • FIG. 1 is a block diagram illustrating a block chain system according to an embodiment of the present invention.
  • FIG. 2 is a flowchart illustrating a block chain generation method using secret sharing according to an embodiment of the present invention.
  • FIG. 3 is a diagram for explaining a process in which coefficient values a j of the irreducible polynomial (f(x)) are generated from original data in the step of performing secret sharing according to an embodiment of the present invention.
  • FIG. 4 is an identifier (P i ) of the identifier (P i ) and the secret fragment value (f(P i )) by inputting the identifier (P i ) into the irreducible polynomial (f(x)) in the step of performing secret sharing according to an embodiment of the present invention; It is a diagram for explaining the process of distributing the ordered pairs (P i , f(P i )) to the participants, respectively.
  • FIG. 5 is a diagram for explaining a work proof step according to an embodiment of the present invention.
  • FIG. 6 is a diagram illustrating a computing device according to an embodiment of the present invention.
  • FIG. 1 is a block diagram showing a block chain system.
  • the block chain system may be a decentralized network 100 system composed of a plurality of nodes 200 .
  • the nodes 200 constituting the decentralized network 100 may be electronic devices having an arithmetic function, a communication function, a storage function, etc., such as a computer, a server, and a mobile terminal.
  • the decentralized network 100 can store and refer to information commonly known to all participating nodes in a connected bundle of blocks called a block chain.
  • the plurality of nodes 200 can communicate with each other and can be divided into a full node that stores, manages, and propagates the block chain and a light node that can simply participate in transactions.
  • Each block connected to the block chain contains block data to be stored in the block chain.
  • the block data may be transaction details within a certain period, that is, a transaction.
  • the nodes 200 manage transactions by creating, storing, or verifying a block chain according to their respective roles.
  • a transaction may represent various types of transactions.
  • a transaction may correspond to a financial transaction for indicating the ownership status of virtual currency and its change.
  • the transaction may correspond to a physical transaction for indicating the ownership status of the object and its change.
  • a transaction may be a work jointly created by a plurality of participants.
  • FIG. 2 is a flowchart illustrating a block chain generation method using secret sharing according to an embodiment of the present invention.
  • the method for generating a block chain using secret sharing includes a pre-processing step (S100) and a secret sharing step (S200). ), a proof-of-work step (S300), and a block chain storage step (S400).
  • the above steps ( S100 to S400 ) may be performed by a computing device that performs an arithmetic function, which will be described later with reference to FIG. 6 .
  • the number of participants (n) related to the block data to be stored in the blockchain the identifiers of the participants (P i ⁇ P n ), the irreducible polynomial in the finite field (f(x)), and the proof of work Set a threshold value (t) for
  • “participant” may mean a participant terminal.
  • the block data is a joint work by a plurality of participants
  • the number of participants (n) who participated in the joint work is set.
  • a participant's unique identifier (P i ⁇ P n ) is set.
  • the identifiers P i to P n may be set to an arbitrary number.
  • the minimum number of participants required for work proof is set as the threshold value (t).
  • the threshold value t may be set to 5.
  • a particular participant may have a higher stake than another participant. That is, a general participant is counted as 1, while a specific participant may be counted as 2 or more.
  • a finite field is a field that has only a finite number of elements and forms an algebraic structure. It means a field in which the result of operation (addition, multiplication, etc.) of elements in a finite field set is again within the set.
  • An irreducible polynomial is a polynomial that cannot be factored any further.
  • the reduced polynomial (f(x)) on the finite field set in this step is, for example, the following equation (1).
  • t is a threshold value
  • mod is a remainder function that finds the remainder of an arbitrary division
  • GF is a polynomial belonging to Galois feild.
  • k means the number of bits, generally 8 or 16 is selected, and up to 64 can be selected depending on the amount of data to be stored in the block chain.
  • an identifier (P i ) is input into the reduced polynomial (f(x)) of Equation (1 ) to generate a secret fragment value (f(P i )), and an identifier (P i ) and its corresponding secret Secret sharing is performed by distributing ordered pairs (P i , f(P i )) of the fragment values (f(P i )) to the participants, respectively.
  • secret sharing means a state in which the secret fragment value f(P i ) is distributed to several participants, respectively.
  • the identifier (Pi) performs a function similar to a kind of public key
  • the secret fragment value (f(Pi)) performs a function similar to the private key (or private key).
  • the existing private key is exposed for various reasons, the corresponding block data may be hacked, but even if the secret fragment value f(Pi) of the present invention is exposed, since the secret is shared among the participants, Hacking is impossible and block data can be hacked only when t or more of the secret fragment value (f(P i )) are exposed.
  • the secret fragment value (f(P i )) is the threshold value of t t pieces. Since there is almost no case of abnormal exposure, the secret sharing method is superior to the existing public key or symmetric key in terms of safety.
  • the coefficient value of the polynomial a j (j is 0 ⁇ t-1) is a part of the block data to be inserted into the actual block chain.
  • the coefficient value a j insert into The predetermined unit may be, for example, 8 bits or 16 bits, and may be the k size of GF(2 k ) in Equation (1).
  • the original data can be obtained by summing all the coefficient values a j .
  • FIG. 3 is a diagram for explaining a process in which coefficient values a j of the irreducible polynomial (f(x)) are generated from original data in the step of performing secret sharing according to an embodiment of the present invention.
  • original data is converted into binary data by the computing device of the present invention.
  • the converted binary data is divided into a certain bit unit, and this is inserted as a coefficient value a j of the reduced polynomial (f(x)).
  • All the converted binary data is divided into a predetermined bit unit and inserted as a coefficient value a j of the reduced polynomial (f(x)). Therefore, if all coefficient values a j are summed, it can become binary data of the original data, and the original data can be extracted by transforming it again.
  • a secret piece value (f(P i )) is generated by inputting an identifier (P i ) consisting of a random number into the reduced polynomial (f(x)) of Equation (1).
  • identifier P i
  • f (P i ) the secret piece value generated as (f (P i)) to the input of identifiers (P i) and the pair with ordered pairs (P i, f (P i )), the ordered pairs (P i, f (P i )) is distributed to the participants (participant terminals) of the corresponding identifier (P i ).
  • the identifier (P i ) is input to the irreducible polynomial (f(x)) in this secret sharing step, and an ordered pair (P i , f( ) of the identifier (P i ) and the secret fragment value (f(P i )) The process of distributing P i )) to each participant is shown.
  • a secret fragment value (f(P n+1 )) to be temporarily stored in the blockchain node is additionally created.
  • the secret fragment value (f(P n+1 )) temporarily stored in the node is called the additional secret fragment value.
  • the additional secret piece value f(P n+1 ) is generated by inputting the additional identifier P n+1 into equation (1).
  • the additional identifier (P n+1 ) uses values such as nonce and time stamp within the block chain system and may be separately specified according to the operation policy of the block chain system.
  • the additional secret fragment value f(P n+1 ) is stored in the node for proof-of-work in the proof-of-work step to be described later.
  • This step is the process of verifying the data through proof of work of the additional secret fragment value (f(P n+1 )) temporarily stored in the blockchain node.
  • the proof-of-work step will be described with reference to FIG. 5 .
  • 5 is a diagram for explaining a work proof step according to an embodiment of the present invention.
  • Proof-of-work is a collusion of more than a threshold (t) among n participants, and an ordered pair (P i , f(P i )) of its own identifier (P i ) and secret fragment value (f(P i )) is created in the blockchain system. , and the blockchain system automatically initiates the proof-of-work process when more than the threshold of t people are colluded.
  • the process of proof-of-work is the same as the restoration process of shared secret, and is performed using Lagrange interpolation.
  • the interpolation method is a method of estimating the value of the interval using discrete data
  • the Lagrange interpolation method is a method of creating an nth-order polynomial with (n+1) coordinates.
  • x is the variable of the polynomial f'(x)
  • x o is the identifier (P o )
  • x j is the identifier (P j )
  • y j is the secret fragment value (f(P j ))
  • is a function that means product.
  • the additional secret fragment value (f'(P n+1 )) by inputting the additional identifier (P n+1 ) stored in the node in step S200 into the reduced polynomial (f'(x)) derived through Equation (2) create Next, when the same, by comparing the added value of the newly generated secret piece (f '(P n + 1 )) and adding a secret piece of value (f (P n + 1) ) stored in the node exit the proof-of-work. (See Fig. 5B)
  • the binary data of the original data is created by summing all the coefficient values a j , and the original data can be extracted by transforming it again. (See Fig. 5C)
  • SHA-3 is a cryptographic hash function announced in August 2015 by the US National Institute of Standards and Technology to replace SHA-2.
  • the hash value of the node before the block chain to generate a block in the form of a chain In addition to the additional secret fragment value (f(P n+1 )) stored temporarily to generate as a hash value, the hash value of the node before the block chain to generate a block in the form of a chain, a Nonce (or time stamp), and other block chains
  • various values that are policy-specified within the blockchain system are designated as input to SHA-3. This completes the process of creating a new type of block chain using secret sharing.
  • step S200 is not completed with the coefficient values in one reduced polynomial (f(x)), another reduced polynomial (g(x), h( x), ...) are additionally set, and the secret sharing operation step (S200) is repeatedly performed until all the converted binary data are inserted as coefficient values.
  • step S200 is completed while additional secret fragment values g(P n+1 ), h(P n+1 ), ...) are stored in the node as many as the number of reduced polynomials.
  • the block chain generation method using secret sharing when using a hash function or PKI having a key to create an existing block chain, the time required and the amount of computation are proportional to the number of participants. Unlike this increase, using secret sharing and finite-body operation, the required time and amount of computation are constant regardless of the number of participants, so it is very efficient when creating a block chain node in a multi-participant environment, and space and It has an excellent effect in terms of time. In addition, there is an effect that separate key management is not required.
  • the computing device TN100 of FIG. 6 may be a computing device that performs operations S100 to S400 described above.
  • the computing device TN100 may include at least one processor TN110 , a transceiver device TN120 , and a memory TN130 .
  • the computing device TN100 may further include a storage device TN140 , an input interface device TN150 , an output interface device TN160 , and the like.
  • Components included in the computing device TN100 may be connected by a bus TN170 to communicate with each other.
  • the processor TN110 may execute a program command stored in at least one of the memory TN130 and the storage device TN140.
  • the processor TN110 may mean a central processing unit (CPU), a graphics processing unit (GPU), or a dedicated processor on which methods according to an embodiment of the present invention are performed.
  • the processor TN110 may be configured to implement procedures, functions, methods, and the like described in connection with an embodiment of the present invention.
  • the processor TN110 may control each component of the computing device TN100 .
  • Each of the memory TN130 and the storage device TN140 may store various information related to the operation of the processor TN110 .
  • Each of the memory TN130 and the storage device TN140 may be configured as at least one of a volatile storage medium and a non-volatile storage medium.
  • the memory TN130 may include at least one of a read only memory (ROM) and a random access memory (RAM).
  • the transceiver TN120 may transmit or receive a wired signal or a wireless signal.
  • the transceiver TN120 may be connected to a network to perform communication.
  • the present invention may be implemented as a computer program.
  • the present invention may be implemented as a computer program stored in a computer-readable recording medium in order to execute the block chain generation method using secret sharing according to the present invention in combination with hardware.
  • the methods according to the embodiment of the present invention may be implemented in the form of a program readable by various computer means and recorded in a computer readable recording medium.
  • the recording medium may include a program command, a data file, a data structure, etc. alone or in combination.
  • the program instructions recorded on the recording medium may be specially designed and configured for the present invention, or may be known and available to those skilled in the art of computer software.
  • the recording medium includes magnetic media such as hard disks, floppy disks and magnetic tapes, optical recording media such as CDROMs and DVDs, and magneto-optical media such as floppy disks. optical media), and hardware devices specially configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like.
  • Examples of program instructions may include not only machine language such as generated by a compiler, but also a high-level language that can be executed by a computer using an interpreter or the like.
  • Such hardware devices may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.

Abstract

The present invention relates to a blockchain generation method using secret sharing in a multiple-participant environment. Unlike the conventional manner in which a running time and an operation increase in proportion to the number of participants when a PKI or a hash function having a key is used to generate a blockchain, according to the blockchain generation method using secret sharing according to an embodiment of the present invention, the use of the secret sharing and finite field operation allows the running time and the operation to be maintained constant regardless of the number of participants. Accordingly, a blockchain node can be very efficiently generated in a multiple-participant environment, and an excellent effect in a spatial and a temporal aspect in hardware manufacturing can be also achieved in the future. In addition, separate key management is not required.

Description

비밀 공유를 이용한 블록 체인 생성 방법How to Create a Blockchain Using Secret Sharing
본 발명은 다수 참여자 환경에서의 비밀 공유를 이용한 블록 체인 생성 방법에 관한 것이다.The present invention relates to a method of creating a block chain using secret sharing in a multi-participant environment.
블록 체인(Block chain)은 분산 원장 환경에서의 데이터 저장 기술로서 해시 함수를 이용하여 특정 블록 내 저장된 데이터의 위·변조가 불가능하므로 데이터 관리 측면에서 사용자에게 높은 투명성과 신뢰성을 제공하고, 체인 형태로 연결된 블록을 분산 저장하기 때문에 중앙 관리자의 필요성이 없으며, 안전한 데이터의 보관과 관리를 위한 유지보수 비용이 상대적으로 저렴하다. As a data storage technology in a distributed ledger environment, block chain provides high transparency and reliability to users in terms of data management because it is impossible to forge or falsify data stored in a specific block using a hash function. Since the connected blocks are distributed and stored, there is no need for a central administrator, and the maintenance cost for safe data storage and management is relatively low.
기존의 블록 체인 생성 방법은 널리 알려진 암호화 기법과 분산 합의를 통해 수행된다. 암호화 기법은 비밀키(Secret key)가 존재하는 암호학적 해시 함수(Cryptographic hash function) 또는 공개키 구조(Public Key Infrastructure, PKI) 등을 주로 사용한다. The existing block chain creation method is performed through widely known cryptographic techniques and distributed consensus. The encryption technique mainly uses a cryptographic hash function in which a secret key exists or a public key infrastructure (PKI).
이로 인해 발생하는 문제점은 다음과 같다. The problems caused by this are as follows.
첫째, PKI 사용 시 다량의 연산량이 필요한 문제이다. PKI는 디지털 서명과 공개키 암호 알고리듬인 DSA, RSA, ECC 또는 EC-DSA 등을 주로 사용하지만 최근 해당 알고리듬의 안전성을 문제로 비밀키(Secret Key)의 길이가 증가하면서, 암호화 또는 복호화 시 소요되는 속도와 연산량이 기하급수적으로 증가하는 추세이다. 블록 내 저장하는 데이터의 용량이 증가할 경우 이에 따라 연산에 소요되는 시간과 연산량이 증가하고 이로 인해 관련 분야에서는 별도의 소프트웨어 또는 하드웨어를 새롭게 개발 및 구축하여야 하기 때문에 이를 해결하기 위해 소요되는 비용이 증가하게 된다. 아울러 ECC의 경우 최근에서야 상용화 단계에 접어들어 다양한 안전성을 확인하고 있기 때문에 블록 체인의 노드 저장에 당장 사용할 수 없다는 단점이 존재한다.First, it is a problem that requires a large amount of computation when using PKI. PKI mainly uses digital signature and public key cryptographic algorithms such as DSA, RSA, ECC, or EC-DSA. The speed and the amount of computation are increasing exponentially. If the capacity of the data stored in the block increases, the time and amount of computation required for the operation increase accordingly, and as a result, separate software or hardware must be newly developed and constructed in the related field, thereby increasing the cost to solve this problem. will do In addition, in the case of ECC, there is a disadvantage that it cannot be used for storing nodes in the block chain right away because it has only recently entered the commercialization stage and checked various safety.
둘째, 각종 키(key) 관리에 대한 문제이다. 비밀키가 존재하는 해시 함수 또는 PKI를 통해 블록 체인 내 데이터를 저장할 경우 참여한 사용자에 대한 새로운 비밀키(필요에 따라 공개키도 발급하여야 함)를 발행하고, 사용자에게 안전하게 분배하여야 하며, 사용자가 이를 분실 또는 기타 사항이 발생한 경우 이를 적절하게 해결할 수 있는 키 관리 정책과 시스템이 필요하다. 특히, 비밀키가 존재하는 해시 함수의 경우 특정 블록 체인 노드에 대한 인가된 사용자마다 비밀키가 존재하여야 하기 때문에 블록 체인 노드와 인가된 사용자가 늘어날 경우 이에 대한 키 역시 기하급수적으로 증가할 수밖에 없게 되고, 이에 대한 키 관리 시스템의 추가 소요와 함께 좀 더 복잡한 형태의 키 관리 정책이 도입되어야 하므로 이를 해결하기 위한 비용이 증가하게 된다. PKI 역시 디지털 서명과 공개키 암호 기반으로 수행되기 때문에 키관리가 매우 중요하고, 시스템 설계 시 이에 대한 보안책을 반드시 마련하여야 한다. Second, it is a problem of managing various keys. When data in the block chain is stored through a hash function or PKI in which a private key exists, a new private key (a public key must also be issued if necessary) for participating users must be issued and safely distributed to users, and users must A key management policy and system that can properly address the loss or other issues are needed. In particular, in the case of a hash function in which a secret key exists, a secret key must exist for each authorized user for a specific block chain node. Therefore, if the number of block chain nodes and authorized users increases, the corresponding key will inevitably increase exponentially. , since a more complex type of key management policy must be introduced along with the additional requirement of a key management system, the cost to solve this problem increases. Since PKI is also performed based on digital signature and public key cryptography, key management is very important, and security measures must be prepared for this when designing a system.
셋째, 블록 체인 내 저장된 데이터의 노출 문제이다. 기존의 블록 체인 노드 생성 기법은 참여자의 비밀키를 이용하여 블록 체인 내 저장된 데이터를 확인할 수 있다. 그러나 참여자가 비밀키를 분실하거나 악의적인 공격자에 의해 공격을 당한 경우 블록 체인 노드 내 저장된 민감 정보가 그대로 노출될 경우가 발생한다. 더욱이 블록 체인 내 저장된 데이터가 비밀에 해당하는 경우 이를 원천적으로 비밀키에 의존하여 관리한다는 것이 시스템 측면에서의 구축 비용과 유지보수의 비용이 증가하게 되는 문제가 있다.Third, there is the issue of exposure of data stored in the blockchain. The existing block chain node creation technique can check the data stored in the block chain by using the participant's private key. However, if a participant loses the secret key or is attacked by a malicious attacker, sensitive information stored in the block chain node may be exposed as it is. Moreover, if the stored data in the block chain is a secret, managing it fundamentally depending on the secret key has a problem in that the cost of construction and maintenance in terms of the system increases.
본 발명은 비밀 공유를 이용하여 참여자의 제한이 없고, 참여자 별로 비밀키(또는 공개키)의 관리가 필요없으며, 블록 체인 생성 시간과 연산량을 감소시킬 수 있는 비밀 공유를 이용한 블록 체인 생성 방법을 제공하는 것을 목적으로 한다.The present invention provides a method of creating a block chain using secret sharing, which has no restrictions on participants using secret sharing, does not require management of a private key (or public key) for each participant, and can reduce block chain creation time and computational amount aim to do
본 발명의 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법은,A block chain generation method using secret sharing according to an embodiment of the present invention,
블록 체인 내에 저장할 블록 데이터와 관련된 참여자들의 수(n)와 참여자들의 식별자(Pi, 1≤i≤n)와 상기 참여자들의 식별자를 입력값으로 하는 유한체(Finite Field) 상의 기약 다항식(f(x))을 설정하는 전처리 단계; 상기 식별자(Pi)를 상기 기약 다항식(f(x))에 입력하여 비밀 조각값(f(Pi))을 생성하고, 상기 식별자(Pi) 및 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 상기 참여자들에게 각각 분배하고, 상기 참여자들의 식별자 이외의 추가 식별자(Pn+1) 및 추가 비밀 조각값(f(Pn+1))의 순서쌍(Pn+1, f(Pn+1))을 노드에 저장하는 비밀 공유 수행 단계;를 포함한다.The number of participants (n) related to the block data to be stored in the block chain, the identifiers of the participants (P i , 1≤i≤n), and the irreducible polynomial (f() x)) a pre-processing step to set; The identifier (P i ) is input into the reduced polynomial (f(x) ) to generate a secret fragment value (f(P i )), and the identifier (P i ) and the secret fragment value (f(P i )) Distributing the ordered pair (P i , f(P i )) to the participants, respectively, and an additional identifier (P n+1 ) and an additional secret fragment value (f(P n+1 )) other than the identifiers of the participants. and a secret sharing step of storing the ordered pair (P n+1 , f(P n+1 )) in the node.
본 발명의 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법에 있어서, 상기 식별자(Pi) 및 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 라그랑주 보간식을 이용한 수식에 입력하여 기약 다항식(f'(x))을 도출하고, 도출된 기약 다항식(f'(x))에 상기 추가 식별자(Pn+1)를 입력하여 생성된 추가 비밀 조각값(f'(Pn+1))과 상기 노드에 저장된 추가 비밀 조각값(f(Pn+1))을 비교하여 작업 증명을 수행하는 작업 증명 단계를 더 포함할 수 있다.In the method of generating a block chain using secret sharing according to an embodiment of the present invention, the ordered pair (P i , f(P i )) of the identifier (P i ) and the secret fragment value (f(P i )) is calculated using Lagrange information. An additional secret fragment value generated by inputting a snack-based formula to derive a reduced polynomial (f'(x)), and inputting the additional identifier (P n+1 ) to the derived reduced polynomial (f'(x)) The method may further include a proof-of-work step of performing proof-of-work by comparing (f'(P n+1 )) with an additional secret fragment value f(P n+1 ) stored in the node.
본 발명의 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법에 있어서, 상기 기약 다항식(f(x))은 하기 식 (1)로 정의될 수 있다.In the block chain generation method using secret sharing according to an embodiment of the present invention, the irreducible polynomial (f(x)) may be defined by the following equation (1).
식 (1) :
Figure PCTKR2020012719-appb-I000001
Formula (1):
Figure PCTKR2020012719-appb-I000001
(여기서, t는 임계값이고, aj는 블록 체인 내에 삽입될 블록 데이터의 일부로서 원본 데이터를 이진화하여 파싱한 후, 비트 단위로 삽입된 계수값이며, mod는 임의의 나눗셈의 나머지를 구하는 나머지 함수이고, GF는 갈로아필드(Galois feild)에 속하는 다항식이며, k는 비트수를 의미함)(Here, t is the threshold, a j is the coefficient value inserted in bits after binarizing and parsing the original data as a part of the block data to be inserted into the block chain, and mod is the remainder to obtain the remainder of arbitrary division. function, GF is a polynomial belonging to Galois feild, and k means the number of bits)
본 발명의 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법에 있어서, 블록 체인 내에 삽입될 블록 데이터의 적어도 일부가, 상기 기약 다항식(f(x)) 내의 계수값(aj)으로 삽입되지 못하는 경우, 다른 기약 다항식(g(x), h(x), ...)을 추가로 설정하여, 모든 변환된 이진 데이터가 계수값으로 삽입될 때까지 반복하여 상기 비밀 공유 수행 단계를 수행할 수 있다.In the block chain generation method using secret sharing according to an embodiment of the present invention, at least a part of block data to be inserted into the block chain cannot be inserted as a coefficient value (a j ) in the irreducible polynomial (f(x)). In this case, by additionally setting another irreducible polynomial (g(x), h(x), ...), the above secret sharing step can be performed repeatedly until all transformed binary data are inserted as coefficient values. have.
본 발명의 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법에 있어서, 상기 기약 다항식(f'(x))은 하기 식 (2)로 정의될 수 있다.In the block chain generation method using secret sharing according to an embodiment of the present invention, the irreducible polynomial (f'(x)) may be defined by the following Equation (2).
식 (2) :
Figure PCTKR2020012719-appb-I000002
Equation (2):
Figure PCTKR2020012719-appb-I000002
(여기서, x는 다항식 f’(x)의 변수이며, xo는 식별자(Po)이고, xj는 식별자(Pj)이며, yj는 비밀 조각값(f(Pj))이고, Π는 곱(Product)을 의미하는 함수임)(where x is the variable of the polynomial f'(x), x o is the identifier (P o ), x j is the identifier (P j ), y j is the secret fragment value (f(P j )), Π is a function that means product)
본 발명의 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법에 있어서, 상기 추가 식별자(Pn+1)는, 블록 체인 시스템 내에서 난스(Nonce), 타임 스탬프(Time stamp) 중 적어도 어느 하나를 이용하여 블록 체인 시스템의 운영 정책에 따라 지정될 수 있다.In the block chain generation method using secret sharing according to an embodiment of the present invention, the additional identifier (P n+1 ) is at least one of a nonce and a time stamp in the block chain system. It can be specified according to the operation policy of the blockchain system.
본 발명의 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법에 있어서, 상기 전처리 단계에서 상기 작업 증명 단계 개시를 위한 임계값(t)을 설정하고, n명의 참여자 중 임계값(t) 이상이 공모하여 자신의 식별자(Pi)와 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 블록 체인 시스템에 제출함으로써, 작업 증명을 수행할 수 있다.In the block chain generation method using secret sharing according to an embodiment of the present invention, a threshold (t) for starting the proof-of-work step is set in the pre-processing step, and the threshold value (t) or more among n participants is collusion Thus, proof-of-work can be performed by submitting the ordered pair (P i , f(P i )) of its identifier (P i ) and the secret fragment value (f(P i )) to the blockchain system.
본 발명의 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법에 있어서, 상기 임계값(t)은 어느 특정 참여자에게 다른 참여자 보다 높은 지분으로 설정될 수 있다.In the method of generating a block chain using secret sharing according to an embodiment of the present invention, the threshold value t may be set to a higher stake for a certain participant than other participants.
본 발명은, 컴퓨팅 장치와 결합되며, 블록 체인 내에 저장할 블록 데이터와 관련된 참여자들의 수(n)와 참여자들의 식별자(Pi, 1≤i≤n)와 상기 참여자들의 식별자를 입력값으로 하는 유한체(Finite Field) 상의 기약 다항식(f(x))을 설정하는 전처리 단계; 상기 식별자(Pi)를 상기 기약 다항식(f(x))에 입력하여 비밀 조각값(f(Pi))을 생성하고, 상기 식별자(Pi) 및 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 상기 참여자들에게 각각 분배하고, 상기 참여자들의 식별자 이외의 추가 식별자(Pn+1) 및 추가 비밀 조각값(f(Pn+1))의 순서쌍(Pn+1, f(Pn+1))을 노드에 저장하는 비밀 공유 수행 단계; 상기 식별자(Pi) 및 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 라그랑주 보간식을 이용한 수식에 입력하여 기약 다항식(f'(x))을 도출하고, 도출된 기약 다항식(f'(x))에 상기 추가 식별자(Pn+1)를 입력하여 생성된 추가 비밀 조각값(f'(Pn+1))과 상기 노드에 저장된 추가 비밀 조각값(f(Pn+1))을 비교하여 작업 증명을 수행하는 작업 증명 단계를 실행시키기 위하여 컴퓨터가 판독 가능한 기록매체에 저장된 컴퓨터 프로그램으로 구현될 수 있다.The present invention is a finite body coupled with a computing device, and input values are the number of participants (n) related to block data to be stored in the block chain, the identifiers of the participants (P i , 1≤i≤n), and the identifiers of the participants. A preprocessing step of setting the irreducible polynomial (f(x)) on (Finite Field); The identifier (P i ) is input into the reduced polynomial (f(x) ) to generate a secret fragment value (f(P i )), and the identifier (P i ) and the secret fragment value (f(P i )) Distributing the ordered pair (P i , f(P i )) to the participants, respectively, and an additional identifier (P n+1 ) and an additional secret fragment value (f(P n+1 )) other than the identifiers of the participants. A secret sharing step of storing the ordered pair (P n+1 , f(P n+1 )) in the node; By inputting the ordered pair (P i , f(P i )) of the identifier (P i ) and the secret fragment value (f(P i )) into the equation using the Lagrange interpolation equation, the reduced polynomial (f'(x)) is derived. and the additional secret fragment value (f'(P n+1 )) generated by inputting the additional identifier (P n+1 ) to the derived irreducible polynomial (f'(x)) and the additional secret fragment stored in the node In order to execute the proof-of-work step of performing proof-of-work by comparing the values f(P n+1 ), it may be implemented as a computer program stored in a computer-readable recording medium.
기존의 블록 체인 생성을 위해 키가 존재하는 해시 함수 또는 PKI를 사용할 경우 참여자의 수에 비례하여 소요시간과 연산량이 증가하는 것과 달리, 본 발명의 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법에 의하면, 비밀 공유와 유한체 연산을 이용하여 참여자의 수에 관계없이 소요시간과 연산량은 일정하기 때문에 다수 참여자 환경에서의 블록 체인 노드 생성시 매우 효율적이고, 향후 하드웨어 제조시에도 공간과 시간적인 측면에서 우수하다는 효과가 있다. 아울러 별도의 키 관리가 필요없다는 효과가 있다.When using a hash function or PKI in which a key exists to create an existing block chain, the time required and the amount of computation increase in proportion to the number of participants, but in the block chain generation method using secret sharing according to the embodiment of the present invention, According to the report, using secret sharing and finite-body operation, the required time and amount of computation are constant regardless of the number of participants, so it is very efficient when creating a block chain node in a multi-participant environment, It has an excellent effect. In addition, there is an effect that separate key management is not required.
도 1은 본 발명의 일 실시예에 따른 블록체인 시스템이 도시된 블록도이다.1 is a block diagram illustrating a block chain system according to an embodiment of the present invention.
도 2는 본 발명의 일 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법이 도시된 순서도이다.2 is a flowchart illustrating a block chain generation method using secret sharing according to an embodiment of the present invention.
도 3은 본 발명의 일 실시예에 따른 비밀 공유 수행 단계에서 원본 데이터로부터 기약 다항식(f(x))의 계수값 aj가 생성되는 과정을 설명하기 위한 도면이다.FIG. 3 is a diagram for explaining a process in which coefficient values a j of the irreducible polynomial (f(x)) are generated from original data in the step of performing secret sharing according to an embodiment of the present invention.
도 4는 본 발명의 일 실시예에 따른 비밀 공유 수행 단계에서 식별자(Pi)를 기약 다항식(f(x))에 입력하여 식별자(Pi) 및 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 참여자들에게 각각 분배하는 과정을 설명하기 위한 도면이다. 4 is an identifier (P i ) of the identifier (P i ) and the secret fragment value (f(P i )) by inputting the identifier (P i ) into the irreducible polynomial (f(x)) in the step of performing secret sharing according to an embodiment of the present invention; It is a diagram for explaining the process of distributing the ordered pairs (P i , f(P i )) to the participants, respectively.
도 5는 본 발명의 일 실시예에 따른 작업 증명 단계를 설명하기 위한 도면이다.5 is a diagram for explaining a work proof step according to an embodiment of the present invention.
도 6은 본 발명의 실시예에 따른, 컴퓨팅 장치를 나타내는 도면이다.6 is a diagram illustrating a computing device according to an embodiment of the present invention.
본 발명은 다양한 변환을 가할 수 있고 여러 가지 실시예를 가질 수 있는 바, 특정 실시예를 예시하고 상세한 설명에 상세하게 설명하고자 한다. 그러나, 이는 본 발명을 특정한 실시 형태에 대해 한정하려는 것이 아니며, 본 발명의 사상 및 기술 범위에 포함되는 모든 변환, 균등물 내지 대체물을 포함하는 것으로 이해되어야 한다.Since the present invention can apply various transformations and can have various embodiments, specific embodiments are illustrated and described in detail in the detailed description. However, this is not intended to limit the present invention to specific embodiments, and it should be understood to include all modifications, equivalents, and substitutes included in the spirit and scope of the present invention.
본 발명에서 사용한 용어는 단지 특정한 실시예를 설명하기 위해 사용된 것으로, 본 발명을 한정하려는 의도가 아니다. 단수의 표현은 문맥상 명백하게 다르게 뜻하지 않는 한, 복수의 표현을 포함한다. 본 발명에서, '포함하다' 또는 '가지다' 등의 용어는 명세서상에 기재된 특징, 숫자, 단계, 동작, 구성요소, 부품 또는 이들을 조합한 것이 존재함을 지정하려는 것이지, 하나 또는 그 이상의 다른 특징들이나 숫자, 단계, 동작, 구성요소, 부품 또는 이들을 조합한 것들의 존재 또는 부가 가능성을 미리 배제하지 않는 것으로 이해되어야 한다. 이하, 도면을 참조하여 본 발명의 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법을 설명한다.The terms used in the present invention are only used to describe specific embodiments, and are not intended to limit the present invention. The singular expression includes the plural expression unless the context clearly dictates otherwise. In the present invention, terms such as 'comprising' or 'having' are intended to designate that the features, numbers, steps, operations, components, parts, or combinations thereof described in the specification exist, but one or more other features It should be understood that this does not preclude the existence or addition of numbers, steps, operations, components, parts, or combinations thereof. Hereinafter, a block chain generation method using secret sharing according to an embodiment of the present invention will be described with reference to the drawings.
도 1은 블록 체인 시스템이 도시된 블록도이다.1 is a block diagram showing a block chain system.
도 1을 참조하면, 블록 체인 시스템은 복수의 노드들(200)로 이루어진 분권형 네트워크(decentralized network, 100) 시스템일 수 있다. 분권형 네트워크(100)를 구성하는 노드들(200)은 컴퓨터, 서버, 이동 단말기 등 연산 기능, 통신 기능, 저장 기능 등을 구비한 전자 장치일 수 있다.Referring to FIG. 1 , the block chain system may be a decentralized network 100 system composed of a plurality of nodes 200 . The nodes 200 constituting the decentralized network 100 may be electronic devices having an arithmetic function, a communication function, a storage function, etc., such as a computer, a server, and a mobile terminal.
분권형 네트워크(100)는 블록 체인(block chain)이라 불리는 블록(block)의 연결 묶음 내에 모든 참여 노드에 공통으로 알려진 정보를 저장하고 참조할 수 있다. 복수의 노드들(200)은 상호간 통신이 가능하며 블록 체인을 저장, 관리 및 전파를 담당하는 완전 노드(full node)와 단순하게 트랜잭션에만 참여할 수 있는 간이 노드(light node)로 구분될 수 있다.The decentralized network 100 can store and refer to information commonly known to all participating nodes in a connected bundle of blocks called a block chain. The plurality of nodes 200 can communicate with each other and can be divided into a full node that stores, manages, and propagates the block chain and a light node that can simply participate in transactions.
블록 체인에 연결되어 있는 각 블록(block)들은 블록 체인 내에 저장할 블록 데이터를 포함한다. 블록 데이터는 일정 기간 내의 거래 내역, 즉 트랜잭션(transaction)일 수 있다. 노드들(200)은 각각 역할에 따라 블록 체인을 생성, 저장 또는 검증하여 트랜잭션들을 관리한다. Each block connected to the block chain contains block data to be stored in the block chain. The block data may be transaction details within a certain period, that is, a transaction. The nodes 200 manage transactions by creating, storing, or verifying a block chain according to their respective roles.
트랜잭션은 다양한 형태의 거래를 나타낼 수 있다. 예를 들어, 트랜잭션은 가상 화폐의 소유 상태 및 그 변동을 나타내기 위한 금융 거래에 해당할 수 있다. 또한, 다른 예에서 트랜잭션은 물건의 소유 상태 및 그 변동을 나타내기 위한 실물 거래에 해당할 수 있다. 또한, 트랜잭션은 복수의 참여자에 의해 공동으로 작성된 저작물일 수 있다. 이들은 예시일 뿐, 블록 데이터의 종류는 이에 한정되지 않는다. A transaction may represent various types of transactions. For example, a transaction may correspond to a financial transaction for indicating the ownership status of virtual currency and its change. Also, in another example, the transaction may correspond to a physical transaction for indicating the ownership status of the object and its change. In addition, a transaction may be a work jointly created by a plurality of participants. These are only examples, and the type of block data is not limited thereto.
도 2는 본 발명의 일 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법이 도시된 순서도이다.2 is a flowchart illustrating a block chain generation method using secret sharing according to an embodiment of the present invention.
도 2에 도시된 바와 같이, 본 발명의 일 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법(이하, “블록 체인 생성 방법”이라고도 함)은, 전처리 단계(S100), 비밀 공유 수행 단계(S200), 작업 증명 단계(S300), 블록 체인 저장 단계(S400)를 포함한다. 상기의 단계들(S100 ~ S400)은 연산 기능을 수행하는 컴퓨팅 장치에 의해 수행될 수 있으며, 컴퓨팅 장치에 대해서는 도 6을 참조하여 후술한다.As shown in FIG. 2 , the method for generating a block chain using secret sharing according to an embodiment of the present invention (hereinafter also referred to as a “block chain generating method”) includes a pre-processing step (S100) and a secret sharing step (S200). ), a proof-of-work step (S300), and a block chain storage step (S400). The above steps ( S100 to S400 ) may be performed by a computing device that performs an arithmetic function, which will be described later with reference to FIG. 6 .
S100 : 전처리 단계S100: pre-processing step
먼저, 전처리 단계에서는 블록 체인 내에 저장할 블록 데이터와 관련된 참여자들의 수(n), 참여자들의 식별자(Pi ~ Pn), 유한체(Finite Field) 상의 기약 다항식(f(x)), 작업 증명을 위한 임계값(t) 등을 설정한다. 이하의 설명에서 “참여자”는 참여자 단말기를 의미할 수 있다.First, in the preprocessing stage, the number of participants (n) related to the block data to be stored in the blockchain, the identifiers of the participants (P i ~ P n ), the irreducible polynomial in the finite field (f(x)), and the proof of work Set a threshold value (t) for In the following description, “participant” may mean a participant terminal.
예를 들어, 블록 데이터가 복수의 참여자들에 의한 공동 저작물인 경우, 공동 저작물에 참여한 참여자의 수(n)를 설정한다. For example, if the block data is a joint work by a plurality of participants, the number of participants (n) who participated in the joint work is set.
그리고, 각각의 참여자에 대해 참여자 고유의 식별자(Pi ~ Pn)를 설정한다. 식별자(Pi ~ Pn)는 임의의 수(number)로 설정될 수 있다. And, for each participant, a participant's unique identifier (P i ~ P n ) is set. The identifiers P i to P n may be set to an arbitrary number.
그리고, 후술하는 작업 증명 단계(S300)에서 작업 증명을 위해 필요한 최소의 참여자 수를 임계값(t)으로 설정한다. 예를 들어, 참여자 수 n이 10인 경우, 임계값(t)은 5로 설정될 수 있다. 또는, 어느 특정 참여자는 다른 참여자 보다 높은 지분을 가질 수 있다. 즉, 일반 참여자는 1로 카운트되는 반면, 어느 특정 참여자는 2 이상으로 카운트될 수 있다.Then, in the work proof step (S300) to be described later, the minimum number of participants required for work proof is set as the threshold value (t). For example, when the number of participants n is 10, the threshold value t may be set to 5. Alternatively, a particular participant may have a higher stake than another participant. That is, a general participant is counted as 1, while a specific participant may be counted as 2 or more.
그리고, 유한체(Finite Field) 상의 임의의 기약 다항식(f(x))을 설정한다. Then, an arbitrary irreducible polynomial (f(x)) on a finite field is set.
유한체(Finite Field)란, 유한개 원소만을 갖고 대수적 구조를 형성하는 체(Field)로서, 유한체 집합 내 원소의 연산(뎃셈, 곱셈 등) 결과가 다시 그 집합 내에 있게 되는 체를 의미한다.A finite field is a field that has only a finite number of elements and forms an algebraic structure. It means a field in which the result of operation (addition, multiplication, etc.) of elements in a finite field set is again within the set.
기약 다항식(Irreducible polynomial)이란, 더 이상 인수분해되지 않는 다항식을 의미한다. 유한체 범위에 따라 기약 다항식은 달라질 수 있다. 예를 들어, f(x) = x2 - 2, g(x) = x2 + 2에서 유한체가 유리수 집합인 경우, f(x)와 g(x)는 인수분해되지 않으므로 기약 다항식이 된다. 유한체가 실수 집합인 경우, f(x) = x2 - 2는 f(x) = (x - √2)(x + √2)로 인수분해되므로, f(x)는 기약 다항식이 되지 못하고, g(x)는 기약 다항식이 된다.An irreducible polynomial is a polynomial that cannot be factored any further. Depending on the finite field range, the reduced polynomial can be different. For example, if f(x) = x 2 - 2 and g(x) = x 2 + 2, if the finite body is a set of rational numbers, then f(x) and g(x) are irreducible polynomials because they are not factored. If the finite body is a set of real numbers, f(x) = x 2 - 2 is factored into f(x) = (x - √2)(x + √2), so f(x) cannot be a reduced polynomial, g(x) becomes a reduced polynomial.
본 단계에서 설정되는 유한체(Finite Field) 상의 기약 다항식(f(x))은, 예를 들어 다음 식 (1)과 같다.The reduced polynomial (f(x)) on the finite field set in this step is, for example, the following equation (1).
식 (1) :
Figure PCTKR2020012719-appb-I000003
Formula (1):
Figure PCTKR2020012719-appb-I000003
여기서, t는 임계값이고, mod는 임의의 나눗셈의 나머지를 구하는 나머지 함수이며, GF는 갈로아필드(Galois feild)에 속하는 다항식이다. k는 비트수를 의미하는 것으로, 일반적으로 8 또는 16을 선택하고, 블록 체인 내 저장할 데이터의 양에 따라 최대 64까지 선택이 가능하다. Here, t is a threshold value, mod is a remainder function that finds the remainder of an arbitrary division, and GF is a polynomial belonging to Galois feild. k means the number of bits, generally 8 or 16 is selected, and up to 64 can be selected depending on the amount of data to be stored in the block chain.
S200 : 비밀 공유 수행 단계S200: Steps to perform secret sharing
본 단계에서는, 식별자(Pi)를 식 (1)의 기약 다항식(f(x))에 입력하여 비밀 조각값(f(Pi))을 생성하고, 식별자(Pi)와 이에 대응하는 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 참여자들에게 각각 분배하여 비밀 공유를 수행한다. 여기서, “비밀 공유”의 의미는, 비밀 조각값(f(Pi))이 여러 참여자에게 각각 분배된 상태를 의미한다.In this step, an identifier (P i ) is input into the reduced polynomial (f(x)) of Equation (1 ) to generate a secret fragment value (f(P i )), and an identifier (P i ) and its corresponding secret Secret sharing is performed by distributing ordered pairs (P i , f(P i )) of the fragment values (f(P i )) to the participants, respectively. Here, “secret sharing” means a state in which the secret fragment value f(P i ) is distributed to several participants, respectively.
식별자(Pi)는 일종의 공개키와 유사한 기능을 수행하고, 비밀 조각값(f(Pi))은 개인키(또는 비밀키)와 유사한 기능을 수행한다. 다만, 기존의 개인키가 여러가지 이유로 노출되는 경우, 해당 블록 데이터가 해킹될 수 있으나, 본 발명의 비밀 조각값(f(Pi))이 노출되더라도, 참여자 사이에 비밀이 공유되어 있으므로 해당 블록 데이터의 해킹이 불가능하고, 비밀 조각값(f(Pi))이 임계값인 t개 이상 노출되어야 블록 데이터의 해킹이 가능하나 실제 환경에서는 비밀 조각값(f(Pi))이 임계값인 t개 이상 노출되는 경우가 거의 없기 때문에 기존의 공개키 혹은 대칭키에 비해 비밀 공유 방식이 안전성 측면에서 우수하다.The identifier (Pi) performs a function similar to a kind of public key, and the secret fragment value (f(Pi)) performs a function similar to the private key (or private key). However, if the existing private key is exposed for various reasons, the corresponding block data may be hacked, but even if the secret fragment value f(Pi) of the present invention is exposed, since the secret is shared among the participants, Hacking is impossible and block data can be hacked only when t or more of the secret fragment value (f(P i )) are exposed. However, in the real environment, the secret fragment value (f(P i )) is the threshold value of t t pieces. Since there is almost no case of abnormal exposure, the secret sharing method is superior to the existing public key or symmetric key in terms of safety.
식 (1)에서 다항식의 계수값인 aj(j는 0 ~ t-1)는 실제 블록 체인 내에 삽입하려는 블록 데이터의 일부로서, 원본 데이터를 이진화하여 파싱한 후, 일정 단위로 계수값 aj에 삽입한다. 일정 단위는, 예를 들어 8비트 또는 16비트일 수 있으며, 식 (1)의 GF(2k)의 k 크기일 수 있다. 계수값 aj를 모두 합하면 원본 데이터가 될 수 있다.In Equation (1), the coefficient value of the polynomial a j (j is 0 ~ t-1) is a part of the block data to be inserted into the actual block chain. After binarizing and parsing the original data, the coefficient value a j insert into The predetermined unit may be, for example, 8 bits or 16 bits, and may be the k size of GF(2 k ) in Equation (1). The original data can be obtained by summing all the coefficient values a j .
계수값인 aj와 관련하여, 도 3을 참조하여 설명한다. 도 3은 본 발명의 일 실시예에 따른 비밀 공유 수행 단계에서 원본 데이터로부터 기약 다항식(f(x))의 계수값 aj가 생성되는 과정을 설명하기 위한 도면이다.The coefficient value a j will be described with reference to FIG. 3 . FIG. 3 is a diagram for explaining a process in which coefficient values a j of the irreducible polynomial (f(x)) are generated from original data in the step of performing secret sharing according to an embodiment of the present invention.
도 3에 도시된 바와 같이, 원본 데이터(original data)는 본 발명의 컴퓨팅 장치에 의해 이진 데이터(binary data)로 변환된다. 변환된 이진 데이터를 일정 비트 단위로 분할하고, 이를 기약 다항식(f(x))의 계수값 aj로 삽입한다. 모든 변환된 이진 데이터는 일정 비트 단위로 분할되어 기약 다항식(f(x))의 계수값 aj로 삽입된다. 따라서, 계수값 aj를 모두 합하면 원본 데이터의 이진 데이터가 될 수 있고, 이를 다시 변환하여 원본 데이터를 추출할 수 있다.As shown in FIG. 3 , original data is converted into binary data by the computing device of the present invention. The converted binary data is divided into a certain bit unit, and this is inserted as a coefficient value a j of the reduced polynomial (f(x)). All the converted binary data is divided into a predetermined bit unit and inserted as a coefficient value a j of the reduced polynomial (f(x)). Therefore, if all coefficient values a j are summed, it can become binary data of the original data, and the original data can be extracted by transforming it again.
원본 데이터로부터 계수값 aj가 결정되면, 임의의 수로 이루어진 식별자(Pi)를 식 (1)의 기약 다항식(f(x))에 입력하여 비밀 조각값(f(Pi))을 생성할 수 있다. 이와 같이 생성된 비밀 조각값(f(Pi))을 그 입력값인 식별자(Pi)와 페어링하여 순서쌍(Pi, f(Pi))을 만들고, 이 순서쌍(Pi, f(Pi))을 해당 식별자(Pi)의 참여자(참여자 단말기)에게 분배한다. (도 4 참조)When the coefficient value a j is determined from the original data, a secret piece value (f(P i )) is generated by inputting an identifier (P i ) consisting of a random number into the reduced polynomial (f(x)) of Equation (1). can Create and this secret piece value generated as (f (P i)) to the input of identifiers (P i) and the pair with ordered pairs (P i, f (P i )), the ordered pairs (P i, f (P i )) is distributed to the participants (participant terminals) of the corresponding identifier (P i ). (See Fig. 4)
도 4에는 본 비밀 공유 수행 단계에서 식별자(Pi)를 기약 다항식(f(x))에 입력하여 식별자(Pi) 및 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 참여자들에게 각각 분배하는 과정이 도시되어 있다.In Figure 4, the identifier (P i ) is input to the irreducible polynomial (f(x)) in this secret sharing step, and an ordered pair (P i , f( ) of the identifier (P i ) and the secret fragment value (f(P i )) The process of distributing P i )) to each participant is shown.
마지막으로, 본 단계에서는 블록 체인 노드 내에 임시 저장할 비밀 조각값(f(Pn+1))을 추가로 생성한다. 노드에 임시 저장되는 비밀 조각값(f(Pn+1))을 추가 비밀 조각값이라 한다. 추가 비밀 조각값(f(Pn+1))은 추가 식별자(Pn+1)를 식 (1)에 입력하여 생성된다. 추가 식별자(Pn+1)는 블록 체인 시스템 내에서 난스(Nonce), 타임 스탬프(Time stamp) 등의 값을 사용하는 것으로 블록 체인 시스템의 운영 정책에 따라 별도로 지정될 수 있다.Finally, in this step, a secret fragment value (f(P n+1 )) to be temporarily stored in the blockchain node is additionally created. The secret fragment value (f(P n+1 )) temporarily stored in the node is called the additional secret fragment value. The additional secret piece value f(P n+1 ) is generated by inputting the additional identifier P n+1 into equation (1). The additional identifier (P n+1 ) uses values such as nonce and time stamp within the block chain system and may be separately specified according to the operation policy of the block chain system.
추가 비밀 조각값(f(Pn+1))은 후술하는 작업 증명 단계에서의 작업 증명을 위해 노드에 저장된다.The additional secret fragment value f(P n+1 ) is stored in the node for proof-of-work in the proof-of-work step to be described later.
S300 : 작업 증명 단계S300 : Proof of work step
본 단계는 블록 체인 노드 내에 임시 저장한 추가 비밀 조각값(f(Pn+1))을 작업 증명을 통해 데이터를 검증하는 과정이다. 도 5를 참조하여 작업 증명 단계를 설명한다. 도 5는 본 발명의 일 실시예에 따른 작업 증명 단계를 설명하기 위한 도면이다.This step is the process of verifying the data through proof of work of the additional secret fragment value (f(P n+1 )) temporarily stored in the blockchain node. The proof-of-work step will be described with reference to FIG. 5 . 5 is a diagram for explaining a work proof step according to an embodiment of the present invention.
작업 증명은 n명의 참여자 중 임계값(t) 이상이 공모하여 자신의 식별자(Pi)와 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 블록 체인 시스템에 제출하고, 블록 체인 시스템은 임계값 t명 이상이 공모될 경우, 자동으로 작업 증명 과정을 개시한다.Proof-of-work is a collusion of more than a threshold (t) among n participants, and an ordered pair (P i , f(P i )) of its own identifier (P i ) and secret fragment value (f(P i )) is created in the blockchain system. , and the blockchain system automatically initiates the proof-of-work process when more than the threshold of t people are colluded.
작업 증명의 과정은 비밀 공유의 복원 과정과 동일하고, 라그랑주 보간법(Lagrange interpolation)을 이용하여 수행된다. 보간법은 불연속적인 데이터를 이용하여 사이 구간의 값을 추정하는 방법이고, 라그랑주 보간법은 (n+1)개의 좌표로 n차 다항식을 만드는 방법이다.The process of proof-of-work is the same as the restoration process of shared secret, and is performed using Lagrange interpolation. The interpolation method is a method of estimating the value of the interval using discrete data, and the Lagrange interpolation method is a method of creating an nth-order polynomial with (n+1) coordinates.
t명의 참여자가 공모하여 t개의 순서쌍(Pi, f(Pi))이 블록 체인 시스템에 제출되면, 라그랑주 보간식을 이용한 다음 식 (2)를 통해 기약 다항식 f'(x)를 도출한다. (도 5의 A 참조)When t participants conspire and t ordered pairs (P i , f(P i )) are submitted to the blockchain system, the reduced polynomial f'(x) is derived through the following equation (2) using Lagrange interpolation. (See Fig. 5A)
식 (2) :
Figure PCTKR2020012719-appb-I000004
Equation (2):
Figure PCTKR2020012719-appb-I000004
여기서, x는 다항식 f’(x)의 변수이며, xo는 식별자(Po)이고, xj는 식별자(Pj)이며, yj는 비밀 조각값(f(Pj))이고, Π는 곱(Product)을 의미하는 함수이다.where x is the variable of the polynomial f'(x), x o is the identifier (P o ), x j is the identifier (P j ), y j is the secret fragment value (f(P j )), Π is a function that means product.
식 (2)를 통해 도출된 기약 다항식(f'(x))에, S200 단계에서 노드에 저장된 추가 식별자(Pn+1)를 입력하여 추가 비밀 조각값(f'(Pn+1))을 생성한다. 그 다음, 새로 생성된 추가 비밀 조각값(f'(Pn+1))과 노드에 저장된 추가 비밀 조각값(f(Pn+1))을 비교하여, 동일하면 작업 증명을 종료한다. (도 5의 B 참조)The additional secret fragment value (f'(P n+1 )) by inputting the additional identifier (P n+1 ) stored in the node in step S200 into the reduced polynomial (f'(x)) derived through Equation (2) create Next, when the same, by comparing the added value of the newly generated secret piece (f '(P n + 1 )) and adding a secret piece of value (f (P n + 1) ) stored in the node exit the proof-of-work. (See Fig. 5B)
만약, 새로 생성된 추가 비밀 조각값(f'(Pn+1))과 노드에 저장된 추가 비밀 조각값(f(Pn+1))이 다른 경우, 악의적인 공격자에 의해 블록 체인 내에 저장된 값이 변경되었거나 공모된 참여자의 순서쌍(Pi, f(Pi))이 올바르지 않음을 검출한다. If the newly created additional secret fragment value (f'(P n+1 )) and the additional secret fragment value stored in the node (f(P n+1 )) are different, the value stored in the block chain by a malicious attacker Detects that the ordered pair (P i , f(P i )) of this altered or collusive participant is not correct.
작업 증명이 종료되면, 계수값 aj를 모두 합하여 원본 데이터의 이진 데이터를 작성하고, 이를 다시 변환하여 원본 데이터를 추출할 수 있다. (도 5의 C 참조)When the proof-of-work is finished, the binary data of the original data is created by summing all the coefficient values a j , and the original data can be extracted by transforming it again. (See Fig. 5C)
S400 : 블록 체인 저장 단계S400: Blockchain storage phase
작업 증명이 완료된 다음, 블록 체인 내 임시 저장된 추가 비밀 조각값(f(Pn+1))에 대해 SHA-3를 이용하여 해시값을 생성하고, 이를 블록 체인 노드 내 저장한다. SHA-3은 SHA-2를 대체하기 위해 미국 국립표준기술연구소가 2015년 8월에 발표한 암호화 해시 함수이다.After the proof of work is completed, a hash value is generated using SHA-3 for the additional secret fragment value (f(P n+1 )) temporarily stored in the block chain, and it is stored in the block chain node. SHA-3 is a cryptographic hash function announced in August 2015 by the US National Institute of Standards and Technology to replace SHA-2.
해시값으로 생성하기 위해 임시 저장된 추가 비밀 조각값(f(Pn+1)) 뿐만 아니라, 체인 형태의 블록을 생성하기 위해 블록 체인 이전 노드의 해시값, Nonce(또는 Time stamp), 기타 블록 체인 유지를 위해 블록 체인 시스템 내에서 정책적으로 지정된 다양한 값들을 SHA-3의 입력으로 지정한다. 이를 통해 비밀 공유를 이용한 새로운 형태의 블록 체인 생성 과정이 완료된다.In addition to the additional secret fragment value (f(P n+1 )) stored temporarily to generate as a hash value, the hash value of the node before the block chain to generate a block in the form of a chain, a Nonce (or time stamp), and other block chains For maintenance, various values that are policy-specified within the blockchain system are designated as input to SHA-3. This completes the process of creating a new type of block chain using secret sharing.
만약, 블록 체인 내에 저장할 블록 데이터의 양이 많아서 하나의 기약 다항식(f(x)) 내의 계수값으로 비밀 공유 수행 단계(S200)가 완료되지 않을 경우, 다른 기약 다항식(g(x), h(x), ...)을 추가로 설정하여, 모든 변환된 이진 데이터가 계수값으로 삽입될 때까지 반복하여 비밀 공유 수행 단계(S200)을 수행한다. 이 경우, 노드에는 기약 다항식의 개수만큼 추가 비밀 조각값(g(Pn+1), h(Pn+1), ...)이 저장되면서 S200 단계가 완료된다.If, because the amount of block data to be stored in the block chain is large, the secret sharing operation step S200 is not completed with the coefficient values in one reduced polynomial (f(x)), another reduced polynomial (g(x), h( x), ...) are additionally set, and the secret sharing operation step (S200) is repeatedly performed until all the converted binary data are inserted as coefficient values. In this case, step S200 is completed while additional secret fragment values g(P n+1 ), h(P n+1 ), ...) are stored in the node as many as the number of reduced polynomials.
상기와 같은 본 발명의 일 실시예에 따른 비밀 공유를 이용한 블록 체인 생성 방법에 의하면, 기존의 블록 체인 생성을 위해 키가 존재하는 해시 함수 또는 PKI를 사용할 경우 참여자의 수에 비례하여 소요시간과 연산량이 증가하는 것과 달리, 비밀 공유와 유한체 연산을 이용하여 참여자의 수에 관계없이 소요시간과 연산량은 일정하기 때문에 다수 참여자 환경에서의 블록 체인 노드 생성시 매우 효율적이고, 향후 하드웨어 제조시에도 공간과 시간적인 측면에서 우수하다는 효과가 있다. 아울러 별도의 키 관리가 필요없다는 효과가 있다.According to the block chain generation method using secret sharing according to an embodiment of the present invention as described above, when using a hash function or PKI having a key to create an existing block chain, the time required and the amount of computation are proportional to the number of participants. Unlike this increase, using secret sharing and finite-body operation, the required time and amount of computation are constant regardless of the number of participants, so it is very efficient when creating a block chain node in a multi-participant environment, and space and It has an excellent effect in terms of time. In addition, there is an effect that separate key management is not required.
도 6은 본 발명의 실시예에 따른, 컴퓨팅 장치를 나타내는 도면이다. 도 6의 컴퓨팅 장치(TN100)는 전술한 단계들(S100 ~ S400)의 연산을 수행하는 컴퓨팅 장치일 수 있다. 6 is a diagram illustrating a computing device according to an embodiment of the present invention. The computing device TN100 of FIG. 6 may be a computing device that performs operations S100 to S400 described above.
도 6의 실시예에서, 컴퓨팅 장치(TN100)는 적어도 하나의 프로세서(TN110), 송수신 장치(TN120), 및 메모리(TN130)를 포함할 수 있다. 또한, 컴퓨팅 장치(TN100)는 저장 장치(TN140), 입력 인터페이스 장치(TN150), 출력 인터페이스 장치(TN160) 등을 더 포함할 수 있다. 컴퓨팅 장치(TN100)에 포함된 구성 요소들은 버스(bus)(TN170)에 의해 연결되어 서로 통신을 수행할 수 있다.In the embodiment of FIG. 6 , the computing device TN100 may include at least one processor TN110 , a transceiver device TN120 , and a memory TN130 . In addition, the computing device TN100 may further include a storage device TN140 , an input interface device TN150 , an output interface device TN160 , and the like. Components included in the computing device TN100 may be connected by a bus TN170 to communicate with each other.
프로세서(TN110)는 메모리(TN130) 및 저장 장치(TN140) 중에서 적어도 하나에 저장된 프로그램 명령(program command)을 실행할 수 있다. 프로세서(TN110)는 중앙 처리 장치(CPU: central processing unit), 그래픽 처리 장치(GPU: graphics processing unit), 또는 본 발명의 실시예에 따른 방법들이 수행되는 전용의 프로세서를 의미할 수 있다. 프로세서(TN110)는 본 발명의 실시예와 관련하여 기술된 절차, 기능, 및 방법 등을 구현하도록 구성될 수 있다. 프로세서(TN110)는 컴퓨팅 장치(TN100)의 각 구성 요소를 제어할 수 있다.The processor TN110 may execute a program command stored in at least one of the memory TN130 and the storage device TN140. The processor TN110 may mean a central processing unit (CPU), a graphics processing unit (GPU), or a dedicated processor on which methods according to an embodiment of the present invention are performed. The processor TN110 may be configured to implement procedures, functions, methods, and the like described in connection with an embodiment of the present invention. The processor TN110 may control each component of the computing device TN100 .
메모리(TN130) 및 저장 장치(TN140) 각각은 프로세서(TN110)의 동작과 관련된 다양한 정보를 저장할 수 있다. 메모리(TN130) 및 저장 장치(TN140) 각각은 휘발성 저장 매체 및 비휘발성 저장 매체 중에서 적어도 하나로 구성될 수 있다. 예를 들어, 메모리(TN130)는 읽기 전용 메모리(ROM: read only memory) 및 랜덤 액세스 메모리(RAM: random access memory) 중에서 적어도 하나로 구성될 수 있다. Each of the memory TN130 and the storage device TN140 may store various information related to the operation of the processor TN110 . Each of the memory TN130 and the storage device TN140 may be configured as at least one of a volatile storage medium and a non-volatile storage medium. For example, the memory TN130 may include at least one of a read only memory (ROM) and a random access memory (RAM).
송수신 장치(TN120)는 유선 신호 또는 무선 신호를 송신 또는 수신할 수 있다. 송수신 장치(TN120)는 네트워크에 연결되어 통신을 수행할 수 있다. The transceiver TN120 may transmit or receive a wired signal or a wireless signal. The transceiver TN120 may be connected to a network to perform communication.
한편, 본 발명은 컴퓨터프로그램으로 구현될 수도 있다. 본 발명은 하드웨어와 결합되어, 본 발명에 따른 비밀 공유를 이용한 블록 체인 생성 방법을 실행시키기 위하여, 컴퓨터가 판독 가능한 기록매체에 저장된 컴퓨터 프로그램으로 구현될 수 있다.Meanwhile, the present invention may be implemented as a computer program. The present invention may be implemented as a computer program stored in a computer-readable recording medium in order to execute the block chain generation method using secret sharing according to the present invention in combination with hardware.
본 발명의 실시예에 따른 방법들은 다양한 컴퓨터수단을 통하여 판독 가능한 프로그램 형태로 구현되어 컴퓨터로 판독 가능한 기록매체에 기록될 수 있다. 여기서, 기록매체는 프로그램 명령, 데이터 파일, 데이터구조 등을 단독으로 또는 조합하여 포함할 수 있다. The methods according to the embodiment of the present invention may be implemented in the form of a program readable by various computer means and recorded in a computer readable recording medium. Here, the recording medium may include a program command, a data file, a data structure, etc. alone or in combination.
기록매체에 기록되는 프로그램 명령은 본 발명을 위하여 특별히 설계되고 구성된 것들이거나 컴퓨터 소프트웨어 당업자에게 공지되어 사용 가능한 것일 수도 있다. The program instructions recorded on the recording medium may be specially designed and configured for the present invention, or may be known and available to those skilled in the art of computer software.
예컨대 기록매체는 하드 디스크, 플로피 디스크 및 자기 테이프와 같은 자기 매체(magnetic media), CDROM, DVD와 같은 광 기록 매체(optical media), 플롭티컬 디스크(floptical disk)와 같은 자기-광 매체(magneto-optical media), 및 롬(ROM), 램(RAM), 플래시 메모리 등과 같은 프로그램 명령을 저장하고 수행하도록 특별히 구성된 하드웨어 장치를 포함한다. For example, the recording medium includes magnetic media such as hard disks, floppy disks and magnetic tapes, optical recording media such as CDROMs and DVDs, and magneto-optical media such as floppy disks. optical media), and hardware devices specially configured to store and execute program instructions, such as ROM, RAM, flash memory, and the like.
프로그램 명령의 예에는 컴파일러에 의해 만들어지는 것과 같은 기계어뿐만 아니라 인터프리터 등을 사용해서 컴퓨터에 의해서 실행될 수 있는 고급 언어를 포함할 수 있다. Examples of program instructions may include not only machine language such as generated by a compiler, but also a high-level language that can be executed by a computer using an interpreter or the like.
이러한 하드웨어 장치는 본 발명의 동작을 수행하기 위해 하나 이상의 소프트웨어 모듈로서 작동하도록 구성될 수 있으며, 그 역도 마찬가지이다.Such hardware devices may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.
이상, 본 발명의 일 실시예에 대하여 설명하였으나, 해당 기술 분야에서 통상의 지식을 가진 자라면 특허청구범위에 기재된 본 발명의 사상으로부터 벗어나지 않는 범위 내에서, 구성 요소의 부가, 변경, 삭제 또는 추가 등에 의해 본 발명을 다양하게 수정 및 변경시킬 수 있을 것이며, 이 또한 본 발명의 권리범위 내에 포함된다고 할 것이다.In the above, although an embodiment of the present invention has been described, those of ordinary skill in the art can add, change, delete or add components within the scope that does not depart from the spirit of the present invention described in the claims. The present invention may be variously modified and changed by, etc., and this will also be included within the scope of the present invention.

Claims (9)

  1. 컴퓨팅 장치에 의해 수행되며, 복수의 노드들로 구성되는 블록 체인 생성 방법으로,A method of creating a block chain that is performed by a computing device and consists of a plurality of nodes,
    블록 체인 내에 저장할 블록 데이터와 관련된 참여자들의 수(n)와 참여자들의 식별자(Pi, 1≤i≤n)와 상기 참여자들의 식별자를 입력값으로 하는 유한체(Finite Field) 상의 기약 다항식(f(x))을 설정하는 전처리 단계;The number of participants (n) related to the block data to be stored in the block chain, the identifiers of the participants (P i , 1≤i≤n), and the irreducible polynomial (f() x)) a pre-processing step to set;
    상기 식별자(Pi)를 상기 기약 다항식(f(x))에 입력하여 비밀 조각값(f(Pi))을 생성하고, 상기 식별자(Pi) 및 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 상기 참여자들에게 각각 분배하고, 상기 참여자들의 식별자 이외의 추가 식별자(Pn+1) 및 추가 비밀 조각값(f(Pn+1))의 순서쌍(Pn+1, f(Pn+1))을 노드에 저장하는 비밀 공유 수행 단계;The identifier (P i ) is input into the reduced polynomial (f(x) ) to generate a secret fragment value (f(P i )), and the identifier (P i ) and the secret fragment value (f(P i )) Distributing the ordered pair (P i , f(P i )) to the participants, respectively, and an additional identifier (P n+1 ) and an additional secret fragment value (f(P n+1 )) other than the identifiers of the participants. A secret sharing step of storing the ordered pair (P n+1 , f(P n+1 )) in the node;
    를 포함하는 비밀 공유를 이용한 블록 체인 생성 방법.A method of creating a blockchain using secret sharing, including
  2. 청구항 1에 있어서,The method according to claim 1,
    상기 식별자(Pi) 및 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 라그랑주 보간식을 이용한 수식에 입력하여 기약 다항식(f'(x))을 도출하고,By inputting the ordered pair (P i , f(P i )) of the identifier (P i ) and the secret fragment value (f(P i )) into the equation using the Lagrange interpolation equation, the reduced polynomial (f'(x)) is derived. and,
    도출된 기약 다항식(f'(x))에 상기 추가 식별자(Pn+1)를 입력하여 생성된 추가 비밀 조각값(f'(Pn+1))과 상기 노드에 저장된 추가 비밀 조각값(f(Pn+1))을 비교하여 작업 증명을 수행하는 작업 증명 단계The additional secret fragment value (f'(P n+1 )) generated by inputting the additional identifier (P n+1 ) into the derived irreducible polynomial (f'(x)) and the additional secret fragment value stored in the node ( A proof-of-work step that performs proof-of-work by comparing f(P n+1 ))
    를 더 포함하는 비밀 공유를 이용한 블록 체인 생성 방법.A method of creating a block chain using secret sharing further comprising a.
  3. 청구항 1에 있어서,The method according to claim 1,
    상기 기약 다항식(f(x))은 하기 식 (1)로 정의되는 비밀 공유를 이용한 블록 체인 생성 방법.The irreducible polynomial (f(x)) is a block chain generation method using secret sharing, which is defined by the following equation (1).
    식 (1) :
    Figure PCTKR2020012719-appb-I000005
    Formula (1):
    Figure PCTKR2020012719-appb-I000005
    (여기서, t는 임계값이고, aj는 블록 체인 내에 삽입될 블록 데이터의 일부로서 원본 데이터를 이진화하여 파싱한 후, 비트 단위로 삽입된 계수값이며, mod는 임의의 나눗셈의 나머지를 구하는 나머지 함수이고, GF는 갈로아필드(Galois feild)에 속하는 다항식이며, k는 비트수를 의미함)(Here, t is the threshold, a j is the coefficient value inserted in bits after binarizing and parsing the original data as a part of the block data to be inserted into the block chain, and mod is the remainder to obtain the remainder of arbitrary division. function, GF is a polynomial belonging to Galois feild, and k means the number of bits)
  4. 청구항 3에 있어서,4. The method according to claim 3,
    블록 체인 내에 삽입될 블록 데이터의 적어도 일부가, 상기 기약 다항식(f(x)) 내의 계수값(aj)으로 삽입되지 못하는 경우, 다른 기약 다항식(g(x), h(x), ...)을 추가로 설정하여, 모든 변환된 이진 데이터가 계수값으로 삽입될 때까지 반복하여 상기 비밀 공유 수행 단계를 수행하는When at least a part of block data to be inserted into the block chain cannot be inserted as a coefficient value (a j ) in the reduced polynomial (f(x)), other reduced polynomials (g(x), h(x), .. .) to perform the secret sharing step repeatedly until all transformed binary data are inserted as coefficient values.
    비밀 공유를 이용한 블록 체인 생성 방법.How to create a blockchain using secret sharing.
  5. 청구항 2에 있어서,3. The method according to claim 2,
    상기 기약 다항식(f'(x))은 하기 식 (2)로 정의되는 비밀 공유를 이용한 블록 체인 생성 방법.The irreducible polynomial (f'(x)) is a block chain generation method using secret sharing, which is defined by the following equation (2).
    식 (2) :
    Figure PCTKR2020012719-appb-I000006
    Equation (2):
    Figure PCTKR2020012719-appb-I000006
    (여기서, x는 다항식 f’(x)의 변수이며, xo는 식별자(Po)이고, xj는 식별자(Pj)이며, yj는 비밀 조각값(f(Pj))이고, Π는 곱(Product)을 의미하는 함수임)(where x is the variable of the polynomial f'(x), x o is the identifier (P o ), x j is the identifier (P j ), y j is the secret fragment value (f(P j )), Π is a function that means product)
  6. 청구항 1에 있어서,The method according to claim 1,
    상기 추가 식별자(Pn+1)는, 블록 체인 시스템 내에서 난스(Nonce), 타임 스탬프(Time stamp) 중 적어도 어느 하나를 이용하여 블록 체인 시스템의 운영 정책에 따라 지정되는 The additional identifier (P n+1 ) is specified according to the operation policy of the block chain system using at least one of a nonce and a time stamp in the block chain system.
    비밀 공유를 이용한 블록 체인 생성 방법.How to create a blockchain using secret sharing.
  7. 청구항 1에 있어서, The method according to claim 1,
    상기 전처리 단계에서 상기 작업 증명 단계 개시를 위한 임계값(t)을 설정하고, n명의 참여자 중 임계값(t) 이상이 공모하여 자신의 식별자(Pi)와 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 블록 체인 시스템에 제출함으로써, 작업 증명을 수행하는 In the pre-processing step, a threshold value (t) for starting the proof-of-work step is set, and the threshold value (t) or more among n participants is collusive, so that the identifier (P i ) and the secret fragment value (f(P i )) ) by submitting the ordered pair (P i , f(P i )) to the blockchain system to perform proof-of-work.
    비밀 공유를 이용한 블록 체인 생성 방법.How to create a blockchain using secret sharing.
  8. 청구항 7에 있어서,8. The method of claim 7,
    상기 임계값(t)은 어느 특정 참여자에게 다른 참여자 보다 높은 지분으로 설정되는 The threshold value (t) is set to a higher stake than other participants for a specific participant.
    비밀 공유를 이용한 블록 체인 생성 방법.How to create a blockchain using secret sharing.
  9. 컴퓨팅 장치와 결합되며, coupled to the computing device;
    블록 체인 내에 저장할 블록 데이터와 관련된 참여자들의 수(n)와 참여자들의 식별자(Pi, 1≤i≤n)와 상기 참여자들의 식별자를 입력값으로 하는 유한체(Finite Field) 상의 기약 다항식(f(x))을 설정하는 전처리 단계;The number of participants (n) related to the block data to be stored in the block chain, the identifiers of the participants (P i , 1≤i≤n), and the irreducible polynomial (f() x)) a pre-processing step to set;
    상기 식별자(Pi)를 상기 기약 다항식(f(x))에 입력하여 비밀 조각값(f(Pi))을 생성하고, 상기 식별자(Pi) 및 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 상기 참여자들에게 각각 분배하고, 상기 참여자들의 식별자 이외의 추가 식별자(Pn+1) 및 추가 비밀 조각값(f(Pn+1))의 순서쌍(Pn+1, f(Pn+1))을 노드에 저장하는 비밀 공유 수행 단계;The identifier (P i ) is input into the reduced polynomial (f(x) ) to generate a secret fragment value (f(P i )), and the identifier (P i ) and the secret fragment value (f(P i )) Distributing the ordered pair (P i , f(P i )) to the participants, respectively, and an additional identifier (P n+1 ) and an additional secret fragment value (f(P n+1 )) other than the identifiers of the participants. A secret sharing step of storing the ordered pair (P n+1 , f(P n+1 )) in the node;
    상기 식별자(Pi) 및 비밀 조각값(f(Pi))의 순서쌍(Pi, f(Pi))을 라그랑주 보간식을 이용한 수식에 입력하여 기약 다항식(f'(x))을 도출하고, 도출된 기약 다항식(f'(x))에 상기 추가 식별자(Pn+1)를 입력하여 생성된 추가 비밀 조각값(f'(Pn+1))과 상기 노드에 저장된 추가 비밀 조각값(f(Pn+1))을 비교하여 작업 증명을 수행하는 작업 증명 단계By inputting the ordered pair (P i , f(P i )) of the identifier (P i ) and the secret fragment value (f(P i )) into the equation using the Lagrange interpolation equation, the reduced polynomial (f'(x)) is derived. and the additional secret fragment value (f'(P n+1 )) generated by inputting the additional identifier (P n+1 ) to the derived irreducible polynomial (f'(x)) and the additional secret fragment stored in the node A proof-of-work step that performs proof-of-work by comparing values (f(P n+1 )).
    를 실행시키기 위하여 컴퓨터가 판독 가능한 기록매체에 저장된 컴퓨터 프로그램.A computer program stored in a computer-readable recording medium to execute the computer program.
PCT/KR2020/012719 2019-12-30 2020-09-21 Blockchain generation method using secret sharing WO2021137391A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2019-0178748 2019-12-30
KR20190178748 2019-12-30

Publications (1)

Publication Number Publication Date
WO2021137391A1 true WO2021137391A1 (en) 2021-07-08

Family

ID=76686838

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2020/012719 WO2021137391A1 (en) 2019-12-30 2020-09-21 Blockchain generation method using secret sharing

Country Status (1)

Country Link
WO (1) WO2021137391A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114553887A (en) * 2022-01-24 2022-05-27 浙江数秦科技有限公司 Block chain network point-to-point data transmission method
CN114567596A (en) * 2022-01-24 2022-05-31 浙江数秦科技有限公司 Data fast exchange method for block chain

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20190085106A (en) * 2016-11-24 2019-07-17 알리바바 그룹 홀딩 리미티드 METHODS, SYSTEMS AND DEVICES FOR DATA ACCESS
KR20190138645A (en) * 2017-04-07 2019-12-13 엔체인 홀딩스 리미티드 Method and system for secure data record distribution using blockchain

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20190085106A (en) * 2016-11-24 2019-07-17 알리바바 그룹 홀딩 리미티드 METHODS, SYSTEMS AND DEVICES FOR DATA ACCESS
KR20190138645A (en) * 2017-04-07 2019-12-13 엔체인 홀딩스 리미티드 Method and system for secure data record distribution using blockchain

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
SAMIR SHERIF M.; MOHAMED HODA K.; SAID HAZEM: "Compact aggregate short-lived signatures for consortium consensus protocols", 2019 14TH INTERNATIONAL CONFERENCE ON COMPUTER ENGINEERING AND SYSTEMS (ICCES), IEEE, 17 December 2019 (2019-12-17), pages 261 - 268, XP033756334, DOI: 10.1109/ICCES48960.2019.9068157 *
SOLTANI REZA; NGUYEN UYEN TRANG; AN AIJUN: "Practical Key Recovery Model for Self-Sovereign Identity Based Digital Wallets", 2019 IEEE INTL CONF ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING, INTL CONF ON PERVASIVE INTELLIGENCE AND COMPUTING, INTL CONF ON CLOUD AND BIG DATA COMPUTING, INTL CONF ON CYBER SCIENCE AND TECHNOLOGY CONGRESS (DASC/PICOM/CBDCOM/CYBERSCITECH), IEEE, 5 August 2019 (2019-08-05), pages 320 - 325, XP033659616, DOI: 10.1109/DASC/PiCom/CBDCom/CyberSciTech.2019.00066 *
YANG CHING-NUNG; LI JIAN-MING; WU SONG-YU; LIN SHIN-SHANG: "Secret Image Sharing with Public Reconstruction over Distributed Cloud Network", 2018 INTERNATIONAL CONFERENCE ON CLOUD COMPUTING, BIG DATA AND BLOCKCHAIN (ICCBB), IEEE, 15 November 2018 (2018-11-15), pages 1 - 8, XP033576321, DOI: 10.1109/ICCBB.2018.8756467 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114553887A (en) * 2022-01-24 2022-05-27 浙江数秦科技有限公司 Block chain network point-to-point data transmission method
CN114567596A (en) * 2022-01-24 2022-05-31 浙江数秦科技有限公司 Data fast exchange method for block chain
CN114567596B (en) * 2022-01-24 2024-04-05 浙江数秦科技有限公司 Data quick exchange method for block chain
CN114553887B (en) * 2022-01-24 2024-04-05 浙江数秦科技有限公司 Block chain network point-to-point data transmission method

Similar Documents

Publication Publication Date Title
US11475150B2 (en) Methods and apparatus for implementing state proofs and ledger identifiers in a distributed database
WO2019093574A1 (en) Block chain system and method employing hash-based signature scheme
WO2017192007A2 (en) Block chain for supporting plurality of one-way functions for verification of blocks
US20210344500A1 (en) Computer-implemented system and method for transferring access to digital resource
WO2019045209A1 (en) Block window module having agreement algorithm for limiting mining, management server, and virtual money trading system and method
WO2021137391A1 (en) Blockchain generation method using secret sharing
WO2021036522A1 (en) Method, apparatus and device for verifying block chain cross-link transaction, and block chain system
WO2020005034A1 (en) Multi-signature security account control system
CN109120573B (en) Transmission key generation method, terminal and server
WO2020246705A1 (en) Document information management apparatus enabling management of document information on basis of blockchain, and operation method thereof
CN109547193B (en) Block chain-based quantum computer attack resistant electronic voting method
US11258771B2 (en) Systems and methods for sending user data from a trusted party to a third party using a distributed registry
WO2021137396A1 (en) Zero-knowledge proof-based certificate service method using blockchain network, certification support server using same, and user terminal using same
CN110224984A (en) A kind of multi-party authorization method and device based on block chain technology
US8923519B2 (en) Method of efficient secure function evaluation using resettable tamper-resistant hardware tokens
CN111476573A (en) Account data processing method, device, equipment and storage medium
JP2002529778A (en) Incorporating shared randomness into distributed encryption
WO2020158973A1 (en) Hypothesis acceptance protocol-2 mode blockchain consensus system and method
CN111737708B (en) Verifiable deleting method and system supporting efficient update of outsourced data
KR20210058784A (en) Method for providing virtual asset service based on dicentralized identity and virtual asset service providing server using them
US20220278843A1 (en) Computer implemented method and system for knowledge proof in blockchain transactions
WO2023149660A1 (en) Group signature-based federated learning method and system, and recording medium for performing same
JP6939313B2 (en) Distributed authentication system
WO2021137392A1 (en) Blockchain-based video asset management method
WO2017213321A1 (en) Method and system for protecting sharing information

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20908943

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20908943

Country of ref document: EP

Kind code of ref document: A1