WO2024013923A1 - 証明生成プログラム、証明生成方法、情報処理装置 - Google Patents

証明生成プログラム、証明生成方法、情報処理装置 Download PDF

Info

Publication number
WO2024013923A1
WO2024013923A1 PCT/JP2022/027677 JP2022027677W WO2024013923A1 WO 2024013923 A1 WO2024013923 A1 WO 2024013923A1 JP 2022027677 W JP2022027677 W JP 2022027677W WO 2024013923 A1 WO2024013923 A1 WO 2024013923A1
Authority
WO
WIPO (PCT)
Prior art keywords
cumulative value
supplier
proof
value
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2022/027677
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
剛 宮前
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fujitsu Ltd
Original Assignee
Fujitsu Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fujitsu Ltd filed Critical Fujitsu Ltd
Priority to JP2024533431A priority Critical patent/JPWO2024013923A1/ja
Priority to CN202280096478.1A priority patent/CN119278450A/zh
Priority to PCT/JP2022/027677 priority patent/WO2024013923A1/ja
Priority to EP22951137.3A priority patent/EP4557149A4/en
Publication of WO2024013923A1 publication Critical patent/WO2024013923A1/ja
Priority to US18/938,436 priority patent/US20250062905A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Definitions

  • the present invention relates to a certificate generation program, a certificate generation method, and an information processing device.
  • the present invention aims to prove the validity of a process while keeping trail information secret.
  • a zero-knowledge proof indicating the validity of the cumulative value obtained by accumulating the values of each process from the most upstream process to the above-mentioned process, and information regarding the cumulative value.
  • This is a proof generation program that causes a computer to generate and record the zero-knowledge proof and information regarding the accumulated value on a blockchain.
  • Each of the above-mentioned processes may be implemented as a functional unit or each procedure that implements each of the above-mentioned processes, or may be a computer-readable storage medium that stores a program that causes a computer to execute each process.
  • FIG. 1 is a diagram illustrating an example of a system configuration of a proof generation system.
  • FIG. 3 is a diagram illustrating concealment of trail information and cumulative value.
  • FIG. 2 is a diagram illustrating the hardware configuration of a client node.
  • FIG. 2 is a diagram illustrating the functions of each device included in the certificate generation system.
  • FIG. 2 is a sequence diagram illustrating the operation of the proof generation system.
  • FIG. 2 is a diagram specifically explaining the operation of the proof generation system. It is a figure explaining a proof generation part.
  • FIG. 1 is a diagram showing an example of the system configuration of a certificate generation system.
  • the proof generation system 100 of this embodiment proves the validity of the value of each process even if the trail information for each process of a product in the supply chain for a certain product is hidden.
  • the proof generation system 100 of the present embodiment determines the validity of the value of the referenced parts when distributing the consideration returned for the value of the product to the suppliers of each part included in the product. Prove this while keeping the trail information managed by each supplier confidential.
  • the supply chain in this embodiment refers to a series of processes from procurement of raw materials and parts for products in the manufacturing process to manufacturing, inventory management, sales, and delivery. Further, the value of each part of a product manufactured by the supply chain of this embodiment is an example of the value of a process of manufacturing parts among manufacturing processes included in the supply chain.
  • the value of the parts in this embodiment is an example of the environmental value generated in the manufacturing process of the parts.
  • the environmental value may be, for example, an index indicating the degree of contribution to environmental maintenance or reduction of environmental load.
  • the certificate generation system 100 of this embodiment includes one or more nodes 200-1, 200-2, . . . , 200-n, and one or more client nodes 300-1, 300-2, . Includes 300-n.
  • nodes 200-1, 200-2, ..., 200-n are not distinguished, they will be referred to as node 200, and client nodes 300-1, 300-2, ..., 300-n will be referred to as node 200. If not distinguished, it will be referred to as a client node 300.
  • the node 200 and client node 300 of this embodiment may be general information processing devices.
  • the node 200 and the client node 300 are connected via a network and can communicate with each other.
  • the plurality of nodes 200 are distributed ledger nodes included in the blockchain system, and are each connected in a P2P (Peer to Peer) manner.
  • the client node 300 of this embodiment may be used by each of the suppliers included in the supply chain.
  • the node 200 of this embodiment has a blockchain 220.
  • the blockchain 220 includes a smart contract management section 210, a parts registration smart contract 221, and parts information 222.
  • the smart contract management unit 210 manages smart contracts stored in the blockchain 220.
  • the component registration smart contract 221 of this embodiment stores component information 222 regarding components manufactured by a supplier corresponding to the client node 300 in the blockchain 220 in response to a request from the client node 300.
  • the parts registration smart contract 221 receives a cumulative value proof (zero knowledge) from the client node 300 that proves the validity of the cumulative value of the parts manufactured by the client node 300 and the corresponding supplier (the cumulative value of the supplier). After receiving a registration request for a certificate) and a cumulative value commitment and verifying the cumulative value certificate, the cumulative value certificate and cumulative value commitment are recorded on the blockchain 220 as parts information 222. Details of cumulative value proof and cumulative value commitment will be described later.
  • a process (part) upstream from a certain process (part) is called an upstream process (upstream part), and a process (part) downstream from a certain process (part) is called a downstream process. (downstream parts).
  • FIG. 2 is a diagram illustrating concealment of trail information and cumulative value.
  • supplier SP1, supplier SP2, and supplier SP3 included in a supply chain that manufactures a certain product will be explained as an example.
  • Supplier SP1 and supplier SP2 are suppliers one level upstream of supplier SP3 in the supply chain. Further, supplier SP1 manufactures part A and supplies it to supplier SP3, and supplier SP2 manufactures part B and supplies it to supplier SP3. Furthermore, supplier SP3 manufactures product C from parts A and B.
  • the consideration distributed to supplier SP3 is determined based on the cumulative value of supplier SP3 and the standalone value of supplier SP3.
  • the cumulative value of supplier SP3 is the sum of the unit value of the upstream parts of supplier SP3 and the unit value of supplier SP3.
  • the cumulative value of supplier SP3 is the sum of the unit values of all parts upstream from supplier SP3 and the unit value of supplier SP3.
  • the unit value of each supplier is calculated based on the trail information managed by each supplier on its own client node 300. Therefore, by each supplier publishing trail information on the blockchain 220, the validity of the supplier's unit value and cumulative value is shown.
  • a supplier anonymizes trail information
  • it is recorded on the blockchain 220 together with a cumulative value certificate that proves the validity of the cumulative value calculated by the supplier and a cumulative value commitment. This proves the validity of the cumulative value of the supplier, so even if the supplier hides the trail information, consideration can be appropriately distributed to the supplier.
  • each of supplier SP1, supplier SP2, and supplier SP3 conceals trail information.
  • supplier SP1, supplier SP2, and supplier SP3 need to prove the validity of their respective cumulative values to other suppliers.
  • the supplier whose trail information is kept secret notifies the supplier one downstream of the supplier's cumulative value.
  • FIG. 2 explanation will be given by taking supplier SP3 as an example.
  • the client node 300 of supplier SP3 is notified of cumulative value 173 from client node 300 of supplier SP1, and is notified of cumulative value 68 from client node 300 of supplier SP2.
  • the client node 300 of the supplier SP3 calculates the standalone value of the supplier SP3, and adds the cumulative value 173 of the supplier SP1 and the cumulative value 68 of the supplier SP2 to calculate the cumulative value of the supplier SP3.
  • the supplier SP3 proves the validity of the cumulative value of the supplier SP3 to other suppliers while keeping the trail information, unit value, and cumulative value of the supplier SP3 secret.
  • a cumulative value certificate that proves the validity of the cumulative value of supplier SP3 and information regarding the cumulative value are generated.
  • the information about cumulative value generates a cumulative value commitment for committing cumulative value.
  • the client node 300 of the supplier SP3 transmits the cumulative value certificate and the cumulative value commitment to the node 200 in response to the operation from the supplier SP3.
  • the node 200 Upon receiving the cumulative value certificate and cumulative value commitment from the client node 300, the node 200 causes the smart contract management unit 210 to activate the parts registration smart contract 221.
  • the parts registration smart contract 221 verifies the cumulative value proof, and when the validity of the cumulative value commitment is verified, records the cumulative value proof and the cumulative value commitment on the blockchain 220 as part information 222.
  • the cumulative value proof in this embodiment is, for example, a zero-knowledge proof.
  • a zero-knowledge proof for example, a non-interactive zero-knowledge proof is used.
  • Zero-knowledge proof is a technique that proves that a proposition is true without providing information other than that the proposition is true.
  • the parts registration smart contract 221 does not know the cumulative value of supplier SP3 from the cumulative value certificate and cumulative value commitment generated from information known only to supplier SP3, but the cumulative value commitment of supplier SP is a valid value. Verify that.
  • FIG. 3 is a diagram illustrating the hardware configuration of the client node.
  • the client node 300 of this embodiment includes an input device 31, an output device 32, a drive device 33, an auxiliary storage device 34, a memory device 35, an arithmetic processing device 36, and an interface device 37, which are interconnected by a bus B1. It is an information processing device.
  • the input device 31 is a device for inputting various types of information
  • the output device 32 is a device for outputting various types of information.
  • the interface device 37 includes a LAN card and the like, and is used to connect to a network.
  • the certificate generation program that the client node 300 has is at least a part of the various programs that the client node 300 has.
  • the storage medium 38 on which these programs are recorded may be a storage medium that records information optically, electrically, or magnetically, such as a CD-ROM, flexible disk, or magneto-optical disk, or a ROM, flash memory, or the like.
  • Various types of storage media can be used, such as semiconductor memory that electrically records information on the memory.
  • the certificate generation program is installed from the storage medium 38 to the auxiliary storage device 34 via the drive device 33.
  • the certificate generation program downloaded from the network is installed in the auxiliary storage device 34 via the interface device 37.
  • the auxiliary storage device 34 stores installed programs as well as necessary files, data, etc.
  • the memory device 35 reads and stores various programs from the auxiliary storage device 34 when the client node 300 is started.
  • the arithmetic processing unit 36 implements various processes as described below in accordance with the programs stored in the memory device 35.
  • FIG. 4 is a diagram illustrating the functions of each device included in the certificate generation system.
  • the client node 300 includes a certificate generation processing section 310 and an information storage section 320.
  • the proof generation processing unit 310 is realized, for example, by the arithmetic processing unit 36 of the client node 300 executing a proof generation program stored in the memory device 35 or the like.
  • the information storage unit 320 is realized by, for example, the memory device 35, the auxiliary storage device 34, and the like.
  • the proof generation processing unit 310 includes a unit value calculation unit 311, a cumulative value calculation unit 312, a random number generation unit 313, a commitment generation unit 314, a proof generation unit 315, and an output unit 316.
  • the information storage unit 320 stores unit value 321, cumulative value 322, random number 323, cumulative value commitment 324, cumulative value proof 325, trail information 326, dummy trail information 327, upstream supplier cumulative value 328, and upstream supplier random number 329. be done.
  • the cumulative value commitment 324 and the cumulative value certificate 325 are recorded on the blockchain 220 of the node 200.
  • the cumulative value commitment 324 and the cumulative value certificate 325 are information published on the certificate generation system 100.
  • the cumulative value 322 and the random number 323 are information that is notified only to the client node 300 managed by a supplier one downstream of the supplier managing the client node 300.
  • the unit value 321 and trail information 326 are information managed only by the client node 300.
  • the unit value 321, cumulative value 322, random number 323, and trail information 326 are hidden information.
  • the dummy trail information 327 stored in the information storage unit 320 is information used in the processing of the certificate generation processing unit 310, and is information provided to each client node 300 in advance.
  • the cumulative value 328 of the upstream supplier is the cumulative value 322 of the supplier one upstream, which is notified from the client node 300 managed by the supplier one upstream of the supplier managing the client node 300.
  • the random number 329 of the upstream supplier is the random number 323 of the supplier one upstream, which is notified from the client node 300 managed by the supplier one upstream of the supplier managing the client node 300.
  • the same number of upstream supplier cumulative values 328 and upstream supplier random numbers 329 as the number of suppliers one level upstream of the supplier managing the client node 300 is stored in the information storage unit 320.
  • the upstream supplier's cumulative value 328 and the upstream supplier's random number 329 are the upstream supplier's cumulative value 328 and the upstream supplier's random number 329. It is stored in the storage unit 320.
  • the upstream supplier's cumulative value 328 and the upstream supplier's random number 329 are also not disclosed on the certificate generation system 100.
  • the unit value calculation unit 311 calculates the unit value 321 of the process performed by the supplier that manages the client node 300. Specifically, the unit value calculation unit 311 uses the trail information 326 stored in the information storage unit 320 to calculate the unit value. The unit value 321 is determined in a process performed by the supplier that manages the client node 300. The calculated unit value 321 is stored in the information storage section 320.
  • the trail information 326 of this embodiment will be explained below.
  • the trail information 326 is a trail indicating that a process has been performed.
  • the trail information 326 is, for example, the amount of power consumption reduction for each manufacturing process of parts manufactured by the supplier.
  • the power consumption reduction amount is the power consumption reduced by comparing the power consumption when the part was manufactured last time and the power consumption when the same part was manufactured this time.
  • the amount of power consumption reduction which is the trail information 326 of this embodiment, includes, for example, the electronic signature 326A of the meter that measures power consumption.
  • the trail information 326 includes the electronic signature 326A, thereby proving that the trail information 326 is correct information.
  • the unit value calculation unit 311 calculates the environmental value generated in the part based on the power consumption during the previous manufacturing of the part that includes the electronic signature 326A and the power consumption when manufacturing the same part this time that includes the electronic signature 326A. Calculate and use it as the unit value.
  • trail information 326 is not limited to power consumption.
  • the trail information 326 may be different for each part, and may be, for example, various values measured in each process. Furthermore, in this embodiment, the value used as the trail information 326 is such that the larger the value, the higher the environmental value.
  • the value of parts is environmental value, but it is not limited to this.
  • information indicating the performance, durability, etc. of a component may be used as the trail information 326, and the performance, durability, etc. of the component may be used as the value of the component.
  • the cumulative value calculation unit 312 calculates the cumulative value 322 of the supplier that manages the client node 300 by adding up the unit value 321 stored in the information storage unit 320 and the cumulative value 328 of the upstream supplier.
  • the calculated cumulative value 322 is stored in the information storage unit 320.
  • the random number generation unit 313 generates a random number 323 for the cumulative value 322 to generate the cumulative value commitment 324. Random number 323 is stored in information storage section 320.
  • the commitment generation unit 314 calculates the cumulative value commitment 324, which is the value of the commitment function for the cumulative value 322.
  • the cumulative value commitment 324 is sent to the node 200 along with the cumulative value certificate 325 described below.
  • the cumulative value commitment 324 is generated by combining blockchains, it cannot be changed. Further, the cumulative value commitment 324 is generated before the cumulative value proof 325 is generated, and is used in verifying the cumulative value proof 325.
  • the proof generation unit 315 generates a cumulative value proof 325 that proves that the cumulative value 322 is a valid value.
  • the cumulative value proof 325 is generated using the random number 323, trail information 326, upstream supplier cumulative value 328, and upstream supplier random number 329 stored in the information storage unit 320. Details of the cumulative value proof 325 will be described later.
  • the generated cumulative value certificate 225 is sent to the node 200 together with the cumulative value commitment 324 stored in the information storage unit 320.
  • the certificate generation unit 315 of this embodiment is realized by a program designed in advance so as not to depend on the number of suppliers one level upstream of the supplier that manages the client node 300.
  • the proof generation unit 315 is a program designed not to depend on the number of components one level upstream.
  • the proof generation unit 315 is designed to be able to input a larger number of accumulated values than the number of accumulated values 328 of upstream suppliers stored in the information storage unit 320, , dummy trail information 327 whose cumulative value is "0" is used. Details of the proof generation unit 315 will be described later.
  • the output unit 316 outputs (sends) the cumulative value commitment 324 and cumulative value proof 325 generated by the certificate generation processing unit 310 to the node 200. Further, the output unit 316 transmits the cumulative value 322 and the random number 323 calculated by the certificate generation processing unit 310 to the client node 300 of a supplier one downstream of the supplier that manages the client node 300.
  • FIG. 5 is a sequence diagram illustrating the operation of the proof generation system.
  • client node 300-3 is managed by supplier SP3
  • client node 300-4 is client node 300 managed by a supplier SP one downstream of supplier SP3.
  • the client node 300-3 receives an operation from the supplier SP3, and uses the unit value calculation unit 311 of the certificate generation processing unit 310 to refer to the information storage unit 320 and calculate the unit value 321. is calculated and stored in the information storage unit 320 (step S1).
  • the client node 300-3 uses the cumulative value calculation unit 312 to add up the cumulative value 328 of the upstream supplier stored in the information storage unit 320 and the unit value 321, and calculates the cumulative value of the parts manufactured by the supplier SP3.
  • a value 322 is calculated and stored in the information storage unit 320 (step S2).
  • the client node 300-3 uses the random number generation unit 313 to generate a random number 323 for the cumulative value 322 for generating the cumulative value commitment 324, and stores it in the information storage unit 320 (step S3). Subsequently, client node 300-3 notifies client node 300-4 of accumulated value 322 and random number 323 through output unit 316 (step S4).
  • the client node 300-3 uses the random number 323 to calculate the cumulative value commitment 324, which is the value of the commitment function for the cumulative value 322, by the commitment generation unit 314, and stores it in the information storage unit 320 (step S5 ).
  • the client node 300-3 uses the upstream supplier's cumulative value 328 and the upstream supplier's random number 329 to generate the cumulative value proof 325 by the proof generating unit 315, and stores it in the information storage unit 320 (step S6). .
  • the client node 300-3 transmits the cumulative value certificate 325 and the cumulative value commitment 324 to the node 200 using the output unit 316 (step S7).
  • the node 200 Upon receiving the cumulative value certificate 325 and cumulative value commitment 324 from the client node 300-3, the node 200 causes the smart contract management unit 210 to execute the component registration smart contract 221 (step S8).
  • the parts registration smart contract 221 Upon acquiring the cumulative value certificate 325 and cumulative value commitment 324, the parts registration smart contract 221 verifies the cumulative value certificate 325 (step S9). Subsequently, the parts registration smart contract 221 records the cumulative value certificate 325 and the cumulative value commitment 324 as part information 222 in the blockchain 220 (step S10).
  • FIG. 6 is a diagram specifically explaining the operation of the proof generation system.
  • the suppliers one upstream of supplier SP3 that manages client node 300-3 are supplier SP1 and supplier SP2, client node 300-1 is managed by supplier SP1, and client node 300-2 is managed by supplier SP1. It is assumed that it is managed by SP1.
  • client nodes 300-1 and 300-2 are managed by supplier SP1 and supplier SP2, which perform a process one step upstream from the process performed by supplier SP3.
  • a process that is one step upstream of a certain process is expressed as a process that is performed immediately before the certain process
  • a process that is one step downstream of a certain process is expressed as the process that is performed immediately after the certain process.
  • the client node 300-1 stores the unit value 321-1, cumulative value 322-1, random number 323-1, cumulative value commitment 324-1, cumulative value proof 325-1, trail information 326-1 of the upstream supplier, and the client node 300-1. It holds cumulative value 328-1 and cumulative value 328-1 of upstream suppliers. Note that in FIG. 6, the dummy trail information 327 is not shown.
  • the cumulative value commitment 324-1 and the cumulative value certificate 325-1 are recorded on the blockchain 220 of the node 200. Further, the cumulative value 322-1 and the random number 323-1 are notified to the client node 300-3.
  • the client node 300-2 stores the unit value 321-2, cumulative value 322-2, random number 323-2, cumulative value commitment 324-2, cumulative value proof 325-2, trail information 326-2 of the upstream supplier, and the client node 300-2. It holds cumulative value 328-2 and cumulative value 328-2 of upstream suppliers.
  • the cumulative value commitment 324-2 and the cumulative value certificate 325-2 are recorded on the blockchain 220 of the node 200. Further, the cumulative value 322-1 and the random number 323-1 are notified to the client node 300-3.
  • the client node 300-3 holds the upstream supplier's cumulative value 328-3 and the upstream supplier's random number 329-3.
  • the upstream supplier cumulative value 328-3 includes the upstream supplier cumulative value 328-1 and the upstream supplier cumulative value 328-2.
  • the client node 300-3 executes the process shown in FIG. 5.
  • the client node 300-3 calculates the unit value 321-3 from the trail information 326-3, and calculates the cumulative value 322-3 from the upstream supplier's cumulative value 328-3 and the unit value 321-3. calculate.
  • the client node 300-3 calculates a cumulative value commitment 324-3 from the cumulative value 322-3 and the random number 323-3, and uses the cumulative value 322-3 and the upstream supplier's random number 329-3 to calculate the cumulative value commitment 324-3. -3 is generated.
  • Cumulative value proof 325-3 proves the following proposition. - From the cumulative value 322-1, cumulative value 322-2 (cumulative value calculated in the immediately previous process) and random numbers notified from each of supplier SP1 and supplier SP2, cumulative value commitment 324-1 and cumulative value commitment 324- are calculated. 2 can be generated correctly. - The unit value 321-3 is calculated from the correct trail information 326-3 to which the electronic signature 326A is attached. - The cumulative value 322-3 is calculated correctly from the cumulative value 322-1, cumulative value 322-2, and unit value 321-3. - The cumulative value commitment 324-3 recorded in the blockchain 220 can be correctly generated from the cumulative value 322-3 and the random number 323-3.
  • the cumulative value proof 325-3 is established if the cumulative value commitment 324-1 and the cumulative value commitment 324-2 are correct. Further, the cumulative value commitment 324-1 and the cumulative value commitment 324-2 are guaranteed to be correct by the cumulative value proof 325-1 and the cumulative value proof 325-2, respectively.
  • the component registration smart contract 221 records the cumulative value proof 325-3 in the blockchain 220 when it is verified that the cumulative value proof 325-3 is correct.
  • FIG. 7 is a diagram illustrating the proof generation section.
  • the proof generation unit 315 of this embodiment is a functional unit realized by a program designed in advance, and is a circuit that generates a zero-knowledge proof.
  • the proof generation unit 315 of this embodiment includes, for example, input units 315a, 315b, and 315c. Further, the proof generation unit 315 includes a processing unit 315d.
  • the cumulative value 328 of upstream suppliers held in the information storage unit 320 of the client node 300 having the certificate generation unit 315 is input to each of the input units 315a, 315b, and 315c.
  • the processing unit 315d performs processing to generate a cumulative value certificate 325 based on the cumulative value 328 of upstream suppliers input from the input units 315a, 315b, and 315c.
  • the proof generation unit 315 of this embodiment is designed in advance so that the number of input units is greater than the number of cumulative values 328 of upstream suppliers. Then, the dummy trail information 327 is input to the input section where the upstream supplier's cumulative value 328 is not input, and the processing section 315d is made to process the value of the upstream supplier's cumulative value 328 as "0".
  • the certificate generation unit 315 shown in FIG. 7 is the certificate generation unit 315 included in the client node 300-3.
  • the proof generation unit 315 inputs the cumulative value 328-1 of upstream suppliers of supplier SP1 to the input unit 315a, and inputs the cumulative value 328-2 of upstream suppliers of supplier SP2 to the input unit 315b. Then, the proof generation unit 315 inputs the dummy trail information 327 whose cumulative value is “0” to the input unit 315c.
  • the dummy trail information 327 is information provided to the client node 300 in advance.
  • the proof generation unit 315 is designed to have a number of input units exceeding the number of processes (components) one upstream, and dummy trail information is provided for the surplus input units. Enter 327.
  • the program that implements the certificate generation unit 315 can be provided as a common program to all suppliers included in the supply chain.
  • a common proof generation unit 315 can be provided to suppliers whose upstream components have different numbers of branches, and each supplier does not need to design a proof generation unit 315 for each component.
  • each supplier included in the supply chain can prove the validity of the cumulative value of an upstream component without accessing any information that the upstream component supplier wants to keep secret.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
PCT/JP2022/027677 2022-07-14 2022-07-14 証明生成プログラム、証明生成方法、情報処理装置 Ceased WO2024013923A1 (ja)

Priority Applications (5)

Application Number Priority Date Filing Date Title
JP2024533431A JPWO2024013923A1 (https=) 2022-07-14 2022-07-14
CN202280096478.1A CN119278450A (zh) 2022-07-14 2022-07-14 证明生成程序、证明生成方法、信息处理装置
PCT/JP2022/027677 WO2024013923A1 (ja) 2022-07-14 2022-07-14 証明生成プログラム、証明生成方法、情報処理装置
EP22951137.3A EP4557149A4 (en) 2022-07-14 2022-07-14 EVIDENCE GENERATION PROGRAM, EVIDENCE GENERATION METHOD, AND INFORMATION PROCESSING DEVICE
US18/938,436 US20250062905A1 (en) 2022-07-14 2024-11-06 Computer-readable recording medium storing proof generation program, proof generation method, and information processing apparatus

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2022/027677 WO2024013923A1 (ja) 2022-07-14 2022-07-14 証明生成プログラム、証明生成方法、情報処理装置

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US18/938,436 Continuation US20250062905A1 (en) 2022-07-14 2024-11-06 Computer-readable recording medium storing proof generation program, proof generation method, and information processing apparatus

Publications (1)

Publication Number Publication Date
WO2024013923A1 true WO2024013923A1 (ja) 2024-01-18

Family

ID=89536240

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/027677 Ceased WO2024013923A1 (ja) 2022-07-14 2022-07-14 証明生成プログラム、証明生成方法、情報処理装置

Country Status (5)

Country Link
US (1) US20250062905A1 (https=)
EP (1) EP4557149A4 (https=)
JP (1) JPWO2024013923A1 (https=)
CN (1) CN119278450A (https=)
WO (1) WO2024013923A1 (https=)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20240333509A1 (en) * 2023-03-30 2024-10-03 Logistics and Supply Chain MultiTech R&D Centre Limited Blockchain-Based Traceability System and Method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016134152A (ja) * 2015-01-22 2016-07-25 パナソニックIpマネジメント株式会社 環境負荷情報管理システム、及び、環境負荷情報管理方法
JP2019074910A (ja) 2017-10-16 2019-05-16 株式会社日立製作所 アクセス権管理方法、アクセス権管理システム、および、アクセス権管理装置
JP2020515087A (ja) * 2018-11-07 2020-05-21 アリババ・グループ・ホールディング・リミテッドAlibaba Group Holding Limited ブロックチェーン機密トランザクション内の暗号化されたトランザクション情報の復元
WO2022137834A1 (ja) * 2020-12-23 2022-06-30 株式会社デンソー 情報管理方法、及び情報管理プログラム

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11848917B2 (en) * 2020-07-10 2023-12-19 Toposware, Inc. Blockchain-based anonymous transfers zero-knowledge proofs
US12015715B2 (en) * 2021-04-28 2024-06-18 International Business Machines Corporation Trusted aggregation with data privacy based on zero-knowledge-proofs
CN113411189B (zh) * 2021-06-16 2022-12-02 北京沃东天骏信息技术有限公司 数据处理方法及装置、溯源方法及装置、电子设备

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2016134152A (ja) * 2015-01-22 2016-07-25 パナソニックIpマネジメント株式会社 環境負荷情報管理システム、及び、環境負荷情報管理方法
JP2019074910A (ja) 2017-10-16 2019-05-16 株式会社日立製作所 アクセス権管理方法、アクセス権管理システム、および、アクセス権管理装置
JP2020515087A (ja) * 2018-11-07 2020-05-21 アリババ・グループ・ホールディング・リミテッドAlibaba Group Holding Limited ブロックチェーン機密トランザクション内の暗号化されたトランザクション情報の復元
WO2022137834A1 (ja) * 2020-12-23 2022-06-30 株式会社デンソー 情報管理方法、及び情報管理プログラム

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP4557149A4

Also Published As

Publication number Publication date
EP4557149A1 (en) 2025-05-21
US20250062905A1 (en) 2025-02-20
EP4557149A4 (en) 2025-08-27
JPWO2024013923A1 (https=) 2024-01-18
CN119278450A (zh) 2025-01-07

Similar Documents

Publication Publication Date Title
Wei et al. Efficient and fair data valuation for horizontal federated learning
US11102001B2 (en) Trust management system and trust management method
Malik et al. TradeChain: Decoupling traceability and identity in blockchain enabled supply chains
Grasselli The 4/2 stochastic volatility model: A unified approach for the Heston and the 3/2 model
Babel et al. Enabling end-to-end digital carbon emission tracing with shielded NFTs
US20190116185A1 (en) Access authority management method, access authority management system, and access authority management apparatus
US11880478B2 (en) Distribution management apparatus, distribution management system, and distribution management method
Zhao et al. The impact of forecasting model selection on the value of information sharing in a supply chain
US20190102163A1 (en) System and Method for a Blockchain-Supported Programmable Information Management and Data Distribution System
US20190354968A1 (en) Utilization Management Method, Utilization Management System, and Node
US11151122B2 (en) Distributed ledger data linkage management
Harshavardhan et al. Blockchain technology in cloud computing to overcome security vulnerabilities
US11481762B2 (en) Methods and apparatus for creating, tracking, and redeeming DLT-enabled digitized tokens from electricity generation
WO2024013923A1 (ja) 証明生成プログラム、証明生成方法、情報処理装置
US12301721B2 (en) Storage medium, consideration distribution method, and information management device
Zheng et al. Blockchain-based secure digital asset exchange scheme with QoS-aware incentive mechanism
CN111966971B (zh) 版权产品的收益分配方法、装置、服务器及存储介质
CN114255074A (zh) 基于区块链的评估产品价值的方法及系统
Cekerevac et al. Blockchain technology and application–Smes aspect
Al‐Gwaiz et al. Capacity expansion and cost efficiency improvement in the warehouse problem
Ben Toumia et al. An evaluation of blockchain application requirements and their satisfaction in Hyperledger Fabric: A practical experience report
JP2023015223A (ja) 電子ブロックチェーンに組み込まれる取引の妥当性を確認するシステムと方法
KR20210035480A (ko) 블록체인 네트워크에서 블록도메인 이용에 대한 보상 제공 방법 및 장치
US12267430B2 (en) Computer-readable recording medium storing information concealing program, method of concealing information, and information management apparatus
Toumia et al. Evaluating blockchain application requirements and their satisfaction in Hyperledger Fabric

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22951137

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 202280096478.1

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2024533431

Country of ref document: JP

WWP Wipo information: published in national office

Ref document number: 202280096478.1

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2022951137

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2022951137

Country of ref document: EP

Effective date: 20250214

WWP Wipo information: published in national office

Ref document number: 2022951137

Country of ref document: EP