CN110059494A - A kind of method for secret protection and block catenary system of block chain transaction data - Google Patents

A kind of method for secret protection and block catenary system of block chain transaction data Download PDF

Info

Publication number
CN110059494A
CN110059494A CN201910310361.9A CN201910310361A CN110059494A CN 110059494 A CN110059494 A CN 110059494A CN 201910310361 A CN201910310361 A CN 201910310361A CN 110059494 A CN110059494 A CN 110059494A
Authority
CN
China
Prior art keywords
block
attached
node
transaction
sender
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910310361.9A
Other languages
Chinese (zh)
Other versions
CN110059494B (en
Inventor
邵俊
蔡庆丰
赵亮
吴昊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Mingtai Hengtong Information Technology Co.,Ltd.
Original Assignee
Shenzhen Luyun District Chain Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Luyun District Chain Network Technology Co Ltd filed Critical Shenzhen Luyun District Chain Network Technology Co Ltd
Priority to CN201910310361.9A priority Critical patent/CN110059494B/en
Publication of CN110059494A publication Critical patent/CN110059494A/en
Application granted granted Critical
Publication of CN110059494B publication Critical patent/CN110059494B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Abstract

The present embodiments relate to block chain technical fields, disclose the method for secret protection and block catenary system of a kind of block chain transaction data.The wherein method for secret protection of the block chain transaction data; applied to block catenary system; the described method includes: the private key association for each user in the block catenary system generates the attached key pair with additive homomorphism attribute; account balance and transaction amount are encrypted by the attached public key of the attached cipher key pair; encrypted ciphertext write-in block chain will be carried out to transaction amount, and corresponding account balance ciphertext in State Tree is updated by this ciphertext according to additive homomorphism algorithm.Transaction data is saved by way of passing through ciphertext on block chain and State Tree, the embodiment of the present invention solves the technical issues of secret protection dependence third party's trust authority of current block chain, protects customer transaction data-privacy.

Description

A kind of method for secret protection and block catenary system of block chain transaction data
Technical field
The present invention relates to block chain technical fields, a kind of method for secret protection more particularly to block chain transaction data and Block catenary system.
Background technique
Block chain (Blockchain) is the distributed data base system participated in jointly by different nodes, is open Account book system (ledger);It is the data block generated by a string according to cryptography method or data packet group into i.e. block (block), timestamp is covered to each block data information automatically, to calculate a data encrypted value, that is, is breathed out Uncommon value (hash).Each block includes the cryptographic Hash of a upper block, the chain since original block (genesis block) (chain) is met to current region, to form block chain.In the world of block chain, nodes all over the world participate in jointly The book keeping operation of this network.Such as: for bit coin by proof of work mechanism, miner solves Hash mystery to the block generated is packaged Topic, and result is committed to network, wait other node verifications and confirms block.Nodes indicate their body by public key Part, and the right oneself transferred accounts is exercised by private key.
No matter in bit coin or ether mill, and in the various public chains that occur later, all transaction data It is all to be disclosed in clear-text way on block chain.Although can not judge a person's identity only by public key, transaction The disclosure of data, so that account tracking is provided with certain feasibility, to can not also protect the trading activity privacy of account.
Currently, the secret protection of block chain usually introduces third party's trust authority, since third party's trust authority is grasped The private key of entire account book, so that block chain loses the characteristic of decentralization.If mechanism private key loses or leakage, entire area Block chain will paralyse forever.If user does not know necessary mechanism application inquiry in the case where remaining sum, substantially increasing user makes Use cost.
Summary of the invention
The embodiment of the present invention is intended to provide the method for secret protection and block catenary system of a kind of block chain transaction data, passes through The technical issues of mode for hiding transaction amount, which solve the secret protection of current block chain dependence third party's trust authorities, Protect customer transaction data-privacy.
In order to solve the above technical problems, the embodiment of the present invention the following technical schemes are provided:
In a first aspect, the embodiment of the present invention provides a kind of method for secret protection of block chain transaction data, it is applied to block Catenary system, the block catenary system include ordinary node, miner's node and verifying node, which comprises
Step S1 generates attached key pair (PAh, SAh) according to the private key SA of the sender A of transaction association respectively, and Attached key pair (PBh, SBh) is generated according to the private key SB of recipient B association;
Step S2, sender A send intention of transferring accounts to recipient B, and the intention of transferring accounts includes: A account balance, trade gold Volume, sender A are using private key SA to the signature for the intention of transferring accounts and the attached public key PAh of sender A;
Step S3, recipient B transfer accounts intention described in receiving, and send Transaction Information, the Transaction Information to miner's node It include: the signature and recipient B of the intention of transferring accounts, B account balance, recipient B of sender A transmission using private key SB to transaction Attached public key PBh;
Step S4 after miner's node receives the Transaction Information, is distinguished by the attached public key PAh of the sender A A account balance and transaction amount are encrypted, and, by the attached public key PBh of the recipient B respectively to more than B account Volume and transaction amount are encrypted, and after verifying to the Transaction Information, the Transaction Information is added in block;
Step S5, verifying node verify the block, and block chain is written in the Transaction Information after being proved to be successful;
Step S6, ordinary node receive the block, and update the State Tree of itself.
In some embodiments, the step S1 is generated according to the private key SA of the sender A of transaction association attached close respectively Key generates attached key pair (PBh, SBh) to (PAh, SAh), and according to the private key SB of recipient B association, specifically includes:
The attached with additive homomorphism cryptographic attributes of the sender A is generated to the private key SA association of the sender A Key pair (PAh, SAh), and adding with additive homomorphism for the recipient B, is generated to the private key SB association of the recipient B The attached key pair (PBh, SBh) of close attribute.
In some embodiments, sender A described in the step S2 sends intention of transferring accounts to recipient B, further includes:
An account C is created in State Tree;
The account C is sent by the transaction amount in the intention of transferring accounts for needing to be sent to recipient B by sender A, and Its whole remaining sum is sent to by account C the account of recipient B.
In some embodiments, the Transaction Information is verified described in the step S4, is specifically included:
Judge that the attached public key PAh of sender A carries out A account in encrypted ciphertext and State Tree to A account balance Whether remaining sum ciphertext consistent and the attached public key PBh of recipient B carries out encrypted ciphertext and State Tree to B account balance Whether the remaining sum ciphertext of middle B account is consistent;
Judge whether transaction amount is positive, and whether transaction amount is not more than A account balance;
Sender A is verified using private key SA to the signature for the intention of transferring accounts by the public key PA of sender A, and, by connecing The public key PB verifying recipient B of receipts person B is using private key SB to the signature of transaction.
In some embodiments, the Transaction Information is added in block described in the step S4, is specifically included:
The attached public key PAh of sender A is subjected to encrypted ciphertext and the attached public key of recipient B to transaction amount PBh carries out encrypted ciphertext to transaction amount, is added in block as Transaction Information.
In some embodiments, verifying node described in the step S5 verifies the block, specifically includes:
The legitimacy of the All Activity in the block is verified, and,
The proof of work of miner's node is verified.
In some embodiments, before ordinary node described in the step S5 receives the block, the method is also Include:
According to Byzantine failure tolerance agreement, verifies and verify whether the number of signatures of node is more than threshold value in the block, if so, Then receive the block.
In some embodiments, ordinary node described in the step S6 receives the block, and updates the shape of itself State tree, specifically includes:
Encrypted ciphertext is carried out to transaction amount by the attached public key PAh of sender A, A account balance is carried out same State addition updates A account balance;
Encrypted ciphertext is carried out to transaction amount by the attached public key PBh of recipient B, B account balance is carried out same State addition updates B account balance.
In some embodiments, unique mark of the user in the block catenary system by the public key of itself as identity Know, also, the block catenary system is the attached key pair of private key association generation of each user, each attached key pair is equal Including attached public key and attached private key, the attached private key is for decrypting the ciphertext after its corresponding attached public key encryption.
Second aspect, the embodiment of the present invention provide a kind of block catenary system, using the hidden of above-mentioned block chain transaction data Private guard method, the block catenary system include: ordinary node, miner's node and verifying node, wherein the block linkwork System is that the private key association of each node generates attached key pair.
The beneficial effect of the embodiment of the present invention is: being in contrast to the prior art down, provided in an embodiment of the present invention one The method for secret protection of kind block chain transaction data, is applied to block catenary system, the block catenary system includes ordinary node, mine Work node and verifying node, which comprises step S1 is associated with according to the private key SA of the sender A of transaction generates respectively Attached key pair (PAh, SAh), and attached key pair (PBh, SBh) is generated according to the private key SB of recipient B association;Step S2, sender A transfer accounts intention to recipient B transmission, and the intention of transferring accounts includes: that A account balance, transaction amount, sender A make With private key SA to the signature for the intention of transferring accounts and the attached public key PAh of sender A;Step S3, recipient B transfer accounts meaning described in receiving To, and to miner's node send Transaction Information, the Transaction Information include: sender A send intention of transferring accounts, B account balance, Recipient B is using private key SB to the signature of transaction and the attached public key PBh of recipient B;Step S4, miner's node receive institute After stating Transaction Information, A account balance and transaction amount are encrypted respectively by the attached public key PAh of the sender A, with And B account balance and transaction amount are encrypted respectively by the attached public key PBh of the recipient B, and to the transaction After information is verified, the Transaction Information is added in block;Step S5, verifying node verify the block, Block chain is written into the Transaction Information after being proved to be successful;Step S6, ordinary node receive the block, and update the shape of itself State tree.By the above-mentioned means, the secret protection that the embodiment of the present invention is able to solve current block chain relies on third party's trust authority The technical issues of, protect customer transaction data-privacy.
Detailed description of the invention
One or more embodiments are illustrated by the picture in corresponding attached drawing, these exemplary theorys The bright restriction not constituted to embodiment, the element in attached drawing with same reference numbers label are expressed as similar element, remove Non- to have special statement, composition does not limit the figure in attached drawing.
Fig. 1 is a kind of configuration diagram of block catenary system provided in an embodiment of the present invention;
Fig. 2 is a kind of flow diagram of the method for secret protection of block chain transaction data provided in an embodiment of the present invention;
Fig. 3 is a kind of schematic diagram for generating attached key pair provided in an embodiment of the present invention;
Fig. 4 is a kind of flow diagram of transaction provided in an embodiment of the present invention;
Fig. 5 is the workflow schematic diagram of existing PBFT algorithm provided in an embodiment of the present invention;
Fig. 6 is the update flow diagram of State Tree provided in an embodiment of the present invention.
Specific embodiment
In order to make the object, technical scheme and advantages of the embodiment of the invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, technical scheme in the embodiment of the invention is clearly and completely described, it is clear that described embodiment is A part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art Every other embodiment obtained without making creative work, shall fall within the protection scope of the present invention.
In addition, as long as technical characteristic involved in the various embodiments of the present invention described below is each other not Constituting conflict can be combined with each other.
Block catenary system has the characteristics that decentralization, is different from conventional center server, since block catenary system does not have There is centralization node, the mechanism that needs to know together maintains normal operation, for example, common recognition mechanism includes proof of work algorithm (Proof Of Work, POW), i.e. POW algorithm is based on POW algorithm, and block catenary system can be realized the common recognition verifying of block.
POW algorithm is a kind of strategy of a kind of reply Denial of Service attack and other service abuses, a proof of work Refer to that a data for meeting specified conditions calculate, it is relatively difficult to generate correct result, but it is simpler to verify correct result It is single.The generation of correct result can only carry out verifying trial and error by constantly enumerating random number, to eventually find correct option. Wherein, which realized using Hash (hash) algorithm.Hash algorithm is a kind of one-way Hash algorithm, calculates Kazakhstan The process of uncommon value is fairly simple, but to obtain satisfactory cryptographic Hash, then can only be carried out by enumerating trial and error.
In some virtual encryption money-systems, when carrying out random hash operation, POW algorithm is introduced to some spy The scanning work of definite value, for example, at SHA-256, random hash value with one or more 0 start, with 0 quantity gradually Increase, traversing out workload required for solution corresponding with the random hash value in the case of this will be exponentially increased, and to result It tests, only needs a random hash operation.
A random number (Nonce) is augmented in the block of some virtual encryption money-systems, which needs to meet So that there is the condition of required specified quantity 0 in the cryptographic Hash of given block.It, can only due to the irreversible property of Hash operation The random number of the condition of satisfaction is traversed out by making repeated attempts.
As long as block chain node traverses go out to meet the random number of condition, which just completes the card of workload It is bright, to obtain the packing book keeping operation power of block.
In the world of block chain, nodes all over the world take part in the book keeping operation of block chain network jointly.Such as bit For coin by proof of work mechanism, miner solves Hash puzzle to the block generated is packaged, and result is committed to network, waits Other node verifications simultaneously confirm block.Nodes indicate their identity by public key, and exercise oneself by private key and transfer accounts Right.
No matter in bit coin or ether mill, and in the various public chains that occur later, all transaction data It is all to be disclosed in clear-text way on block chain.Although can not judge a person's identity only by public key, transaction The disclosure of data, so that account tracking is provided with certain feasibility, to can not also protect the trading activity privacy of account.
In the design of ChainStack block chain, using the common recognition mechanism of the certainty POW of original creation, in this common recognition In mechanism, there are two kinds of roles of miner and verifier.Miner needs to carry out Hash calculation and solves difficult math question, and verifiers then pass through Practical Byzantine failure tolerance common recognition algorithm verifies the block of miner, and is finally committed in network.Other nodes connect A block can be received by only being needed to verify the signature of verifier by block, and such receiving be it is deterministic, Rather than probabilistic confirmation as bit coin.
In ChainStack block chain, invention introduces a kind of secret protection methods of block chain transaction data, make Obtain the transaction data for saving user in a manner of ciphertext on block chain.
Referring to Fig. 1, Fig. 1 is a kind of configuration diagram of block catenary system provided in an embodiment of the present invention;Such as Fig. 1 institute Show, which includes: ordinary node 11, miner's node 12 and verifying 13 3 kinds of block chain nodes of node.Wherein, Whole block chain nodes in the block catenary system all have the function of ordinary node, i.e., whole block chain nodes can be with As the sender of transaction, the recipient of transaction can also be become.
Point-to- point communication is supported between any two node in ordinary node 11, miner's node 12 and verifying node 13 (Point to point communication, P2P), also, ordinary node 11, miner's node 12 and verifying node 13 all may be used To undertake different responsibilities in each leisure block catenary system, safeguard block jointly as the block chain node in block catenary system Work, stabilization and the safety of catenary system.
Ordinary node 11 holds the electronic money of circulation, and the right of vote by ballot is possessed in block catenary system.Common section Point 11 can carry out relationship trading operation, but the not packing book keeping operation power of block.Ordinary node 11 can only be packaged note from possessing Synchronous recording block data at the interdependent node of account power.The ordinary node 11 can be the sender of transaction, be also possible to hand over Easy recipient.
Miner's node 12 is responsible for calculating Hash problem, finds out block.Wherein, which is based on meeting preset condition The block of generating random number.In some embodiments, block uses proof of work algorithm (Proof of by miner's node 12 Work, POW) generate, also target cryptographic Hash is less than namely based on the calculated cryptographic Hash to be verified of the random number of block. Wherein, miner's node 12 opens digging mine mode by ordinary node 11 and is transformed.
Node 13 is verified for verifying block of knowing together, and the block being verified is recorded on block chain.Wherein, described It verifies node 13 and application for registration is submitted by ordinary node 11, and generated after being elected to by ballot.
It is understood that above-mentioned ordinary node 11, miner's node 12 and verifying node 13 can be a physical services A logical server made of device or multiple physical servers are virtual.Server be also possible to it is multiple can interconnected communication clothes The server zone of business device composition, and each functional module can be respectively distributed on each server in server zone.
Referring to Fig. 2, Fig. 2 is a kind of stream of the method for secret protection of block chain transaction data provided in an embodiment of the present invention Journey schematic diagram;
As shown in Fig. 2, the method for secret protection of the block chain transaction data, is applied to block catenary system, the block chain System includes ordinary node, miner's node and verifying node, which comprises
Step S1: generating attached key pair (PAh, SAh) according to the private key SA of the sender A of transaction association respectively, and Attached key pair (PBh, SBh) is generated according to the private key SB of recipient B association;
Specifically, whole block chain nodes in the block catenary system generate key by elliptic curve encryption algorithm Right, the key pair includes public key and private key, wherein whole nodes or whole users in the block catenary system pass through itself Unique identification of the public key as identity, and signed by the private key of itself to transaction, and other in block catenary system Node or user, which then sign to it by using the public key of user, to be verified.
In embodiments of the present invention, the block catenary system is whole block chain nodes (packet in the block catenary system Include ordinary node, miner's node and verifying node) private key association generate attached key pair, each attached key pair is equal Including attached public key and attached private key, the attached public key is for encrypting account balance and transaction amount, the attached private key For decrypting the ciphertext after its corresponding attached public key encryption, to generate the corresponding plaintext of ciphertext.
It is a kind of schematic diagram for generating attached key pair provided in an embodiment of the present invention referring again to Fig. 3, Fig. 3;
As shown in figure 3, the private key of all block chain nodes in block catenary system is attached by the generation of additive homomorphism algorithm Key pair, and private key signs to the intention of transferring accounts for a certain node or user, remaining node or use in block catenary system The signature is verified by the node or user's corresponding public key at family.
Specifically, the step S1, generates attached key pair according to the private key SA of the sender A of transaction association respectively (PAh, SAh), and attached key pair (PBh, SBh) is generated according to the private key SB of recipient B association, it specifically includes:
The attached with additive homomorphism cryptographic attributes of the sender A is generated to the private key SA association of the sender A Key pair (PAh, SAh), and adding with additive homomorphism for the recipient B, is generated to the private key SB association of the recipient B The attached key pair (PBh, SBh) of close attribute, so that the attached key pair (PAh, SAh) of the sender A and recipient B Attached key pair (PBh, SBh) meets additive homomorphism characteristic, that is, meets PAh (X+Y)=PAh (X)+PAh (Y) and PBh (X+Y) =PBh (X)+PBh (Y).In embodiments of the present invention, Pailliers key pair is generated by Pailliers algorithm, it is described Pailliers key pair has additive homomorphism, that is, meets for any plaintext X1 and X2, and PAh (X1+X2)=PAh (X1)+ PAh (X2) and PBh (X1+X2)=PBh (X1)+PBh (X2).Wherein, the attached public key PAh of the sender A is used for miner Node encrypts A account balance and transaction amount;The attached public key PBh of the recipient B is for miner's node to B account Remaining sum and transaction amount are encrypted.
Specifically, described be based on additive homomorphism algorithm, the sender A is generated to the private key SA association of the sender A Attached key pair (PAh, SAh) and the attached key pair of the recipient B is generated to the private key SB of recipient B association (PBh, SBh), specifically includes:
Hash is carried out to the private key SA of the sender A, to generate the first seed, by described in first seed generation The attached key pair (PAh, SAh) of sender A;Hash is carried out to the private key SA of the recipient B, to generate second seed, is led to Cross the attached key pair (PBh, SBh) that the second seed generates the recipient B.Due to the generation of Pailliers key pair Dependent on Big prime, unique Big prime is generated by seed, attached key pair is generated at random to realize, due to randomness In the presence of, attached key pair is generated by way of seed, any information of private key can't be revealed, thus ensure that sender and The personal secrets of recipient.
Step S2: sender A sends intention of transferring accounts to recipient B, and the intention of transferring accounts includes: A account balance, trade gold Volume, sender A are using private key SA to the signature for the intention of transferring accounts and the attached public key PAh of sender A;
Specifically, due to including A account balance and trade gold into the intention of transferring accounts that recipient B is sent in sender A Volume, when sender A is not intended to recipient B to know its account balance, in order to further ensure the personal secrets of sender A, because Sender A described in this described step S2 sends intention of transferring accounts to recipient B, specifically includes:
An account C is created in State Tree, by sender A by the friendship in the intention of transferring accounts for needing to be sent to recipient B The easy amount of money is sent to the account C, and sends its whole remaining sum to by account C the account of recipient B.Wherein, the account C For holding account, the account C is the account temporarily generated in State Tree, and the account C is for the transaction in the intention that will transfer accounts The amount of money is forwarded to recipient B, and due to the forwarding by holding account C, recipient B not will recognize that the account balance of sender A, To ensure that the privacy information of sender A is not leaked.Wherein, the account C is receiving turning for the sender A transmission After transaction amount in account intention, the account balance of the account C will become transaction amount from 0, it is to be understood that trade After the completion, the account C will be cleared, also, the account C can be deleted from State Tree at this time, to remove State Tree Redundant data.
Wherein, unique identification of the sender A by the public key PA of itself as identity, and by the private key SA of itself to institute The intention of transferring accounts is stated to sign.
Step S3: recipient B receive described in transfer accounts intention, and send Transaction Information, the Transaction Information to miner's node It include: the signature and recipient B of the intention of transferring accounts, B account balance, recipient B of sender A transmission using private key SB to transaction Attached public key PBh;
Specifically, the recipient B receives the intention of transferring accounts that sender A is sent, alternatively, the recipient B is received temporarily The intention of transferring accounts that account C is sent, and Transaction Information is sent to miner's node, wherein miner's node is entered by ordinary node It is generated after digging mine mode, miner's node is used to receive the Transaction Information that the recipient B is sent.
It is a kind of flow diagram of transaction provided in an embodiment of the present invention referring again to Fig. 4, Fig. 4;
As shown in figure 4, sender A sends intention of transferring accounts to recipient B, the intention of transferring accounts includes: A account balance, hands over The easy amount of money, sender A using private key SA to the signature for the intention of transferring accounts and the attached public key PAh of sender A, such as: the account of A Remaining sum is 20 yuan, A wants to transfer accounts to B 5 yuan, this be the signature of A, A attached public key be X;
Wherein, after the recipient B receives the intention of transferring accounts that the sender A is sent, the sender A is sent Intention of transferring accounts and the information package of itself are sent to miner's node at Transaction Information, wherein the Transaction Information includes: hair Intention of transferring accounts that the person of sending A is sent, B account balance, recipient B are using private key SB to the attached of the signature of transaction and recipient B Public key PBh, such as: the intention of transferring accounts that the sender A is sent are as follows: the account balance of A is 20 yuan, A wants to transfer accounts to B 5 yuan, this be The signature of A, the attached public key of A are X, the B account information are as follows: the account balance of B is 8 yuan, this is the attached public affairs of the signature of B, B Key is Y.
Step S4: after miner's node receives the Transaction Information, distinguished by the attached public key PAh of the sender A A account balance and transaction amount are encrypted, and, by the attached public key PBh of the recipient B respectively to more than B account Volume and transaction amount are encrypted, and after verifying to the Transaction Information, the Transaction Information is added in block;
Wherein, the chain structure that block chain is made of block one by one, and each block is then by block head and block Body two parts composition.The most important component of block body is exactly to trade, and miner's node can will be various in network Transaction is packaged and is written in block body, is then written to the transaction of block body by the cryptographic Hash that certain mode is composed in series In block head.
Specifically, passing through the sender A's in the Transaction Information after miner's node receives the Transaction Information Attached public key PAh encrypts A account balance and transaction amount, generates the ciphertext and transaction amount of A account balance respectively Ciphertext, and, B account amount of money and transaction amount are carried out by the attached public key PBh of the recipient B in the Transaction Information Encryption, respectively generate B account balance ciphertext and transaction amount ciphertext, it should be noted that the A account balance and B account balance is respectively the current balance of A account and B account, that is, the account balance traded before not yet completing, the sender The transaction amount in intention of transferring accounts that A is sent is then respectively by the attached public key PAh of sender A and the attached public key of recipient B PBh is encrypted.
Specifically, the Transaction Information is added in block described in the step S4, specifically include:
The attached public key PAh of sender A is subjected to encrypted ciphertext and the attached public key of recipient B to transaction amount PBh carries out encrypted ciphertext to transaction amount, is added in the block body of block as Transaction Information.Specifically, the mine After work node encrypts transaction amount by the attached public key PAh of the sender A, it is corresponding close to generate transaction amount Text, also, after miner's node encrypts transaction amount by the attached public key PBh of the recipient B, generate transaction The corresponding ciphertext of the amount of money is equivalent to the transaction amount and has been encrypted twice, and the difference of the two is, is to pass through sender respectively The attached public key PBh of the attached public key PAh and recipient B of A are encrypted, and reason is: account balance of the State Tree to A It needs to carry out homomorphism addition using the encrypted ciphertext of attached public key PAh by A when variation, and State Tree is to B Account balance need when changed to carry out homomorphism addition using the encrypted ciphertext of attached public key PBh by B.
Specifically, miner's node verifies the Transaction Information, specifically include:
Judge that the attached public key PAh of sender A carries out A account in encrypted ciphertext and State Tree to A account balance Whether remaining sum ciphertext consistent and the attached public key PBh of recipient B carries out encrypted ciphertext and State Tree to B account balance Whether the remaining sum ciphertext of middle B account is consistent;
Judge whether transaction amount is positive, and whether transaction amount is not more than A account balance;
Sender A is verified using private key SA to the signature for the intention of transferring accounts by the public key PA of sender A, and, by connecing The public key PB verifying recipient B of receipts person B is using private key SB to the signature of transaction.
Specifically, by judging that the attached public key PAh of sender A carries out encrypted ciphertext and state to A account balance Whether the remaining sum ciphertext of A account is consistent in tree, since the account balance of A account in State Tree is saved in the form of ciphertext, Its cipher mode is encrypted again by the attached public key of sender A, therefore the attached public key by judging sender A Whether PAh carries out encrypted ciphertext to A account balance consistent with the remaining sum ciphertext of A account in State Tree, is able to verify that A account Current balance, if inconsistent, miner is to the authentication failed of the transaction, then the transaction is not written in block by miner;
Similarly, by judging that the attached public key PBh of recipient B carries out encrypted ciphertext and State Tree to B account balance Whether the remaining sum ciphertext of middle B account is consistent, since the account balance of B account in State Tree is saved in the form of ciphertext, Cipher mode is encrypted again by the attached public key of recipient B, therefore the attached public key PBh by judging recipient B It is whether consistent with the remaining sum ciphertext of B account in State Tree that encrypted ciphertext carried out to B account balance, is able to verify that B account Current balance, if inconsistent, miner is to the authentication failed of the transaction, then the transaction is not written in block by miner;
By judging whether transaction amount is positive, and whether transaction amount is not more than A account balance, determines the transaction It whether is rationally to trade, if the transaction amount is not positive, alternatively, the transaction amount is greater than the A account balance, it is determined that The transaction is queasy transaction, then authentication failed, and miner's node the transaction is not written on block;
Sender A is verified using private key SA to the signature for the intention of transferring accounts by the public key PA of sender A, and, by connecing The public key PB verifying recipient B of receipts person B, to the signature of transaction, is by sender's A sheet so as to determining transaction using private key SB Human hair goes out, and, determine that transaction is received by recipient B, if verifying sender A by the public key PA of sender A uses private key SA fails to the signature for the intention of transferring accounts, alternatively, verifying recipient B using private key SB to transaction by the public key PB of recipient B Signature failure, it is determined that object exception of transferring accounts, authentication failed, miner's node the transaction are not written on the block at this time.
Miner's node is after receiving transaction, by multiple-authentication, such as: judge the attached public key PAh of sender A to A Account balance carries out whether encrypted ciphertext consistent with the remaining sum ciphertext of A account in State Tree and the attached public affairs of recipient B Whether key PBh carries out encrypted ciphertext to B account balance consistent with the remaining sum ciphertext of B account in State Tree;Judge trade gold Whether volume is positive, and whether transaction amount is not more than A account balance;Sender A is verified by the public key PA of sender A to use Private key SA to the signature of the intention of transferring accounts, and, recipient B is verified using private key SB to transaction by the public key PB of recipient B Signature, if there is any one verification step there is a situation where authentication failed, miner's node is abandoned writing the transaction Enter on block, if whole verification steps is correct, which is added on block, to guarantee the validity of transaction.
In embodiments of the present invention, described that the transaction is added in block, specifically include: miner's node will be described Transaction is added in the block body of the block, and is packaged together with the transaction qualified with other verifyings, specifically, the miner saves The transaction and other more transaction are also packaged jointly into the same block by point after receiving transaction, and to the area The Hash that block executes proof of work proves that miner's node, which sends the block to after solving Hash puzzle, to be tested Card node is verified.Wherein, the transaction that miner's node is added in the block body does not include the sender A and connects The attached public key of receipts person B, but by the attached public key PAh of the sender A to transaction amount carry out encrypted ciphertext and The attached public key PBh of recipient B carries out encrypted ciphertext storage into the block body to transaction amount, to guarantee block The All Activity amount of money in chain is ciphertext form, guarantees node or the information security of user.
It is understood that the attached public key PAh of the sender A to A account balance carry out encrypted ciphertext and The attached public key PBh of recipient B, which carries out encrypted ciphertext to B account balance, to be saved within a block, and is stored in area It in the State Tree of block chain node, and is constantly updated according to the continuous cumulative of the transaction in block, to guarantee block catenary system Stable operation.
Step S5: verifying node verifies the block, and block chain is written in the Transaction Information after being proved to be successful;
Specifically, the block is submitted to verifying node and is tested after transaction is written to block by miner's node Card, the verifying node common recognition verifying block, and the block being proved to be successful is recorded on block chain.
Specifically, the verifying node verifies the block, specifically include:
The legitimacy of the All Activity in the block is verified, and, the proof of work that miner's node is submitted It is verified.
Specifically, the legitimacy of the All Activity in the verifying block, comprising:
Check the signature of All Activity, the signature includes: the signature of sender and the signature of recipient, also, is examined The legitimacy of the block is looked into, whether Merkel's root is correct.
Specifically, the proof of work submitted to miner's node is verified, comprising: according to Byzantine failure tolerance Algorithm, common recognition verifying block.
Wherein, the verifying node passes through certainty proof of work algorithm (Deterministic Proof of Work, DPoW) block of miner's node generation is verified, DPoW is by proof of work algorithm (Proof of Work, POW) and two ranks of practical Byzantine failure tolerance algorithm (Practical Byzantine Fault Tolerance, PBFT) Duan Zucheng combines the safety of the two.POW ensure that miner can pay computing capability and just generate legal block, PBFT then ensure that the consistency of network processes result, and the block that miner's node generates finally will be by verifying node PBFT common recognition Inspection could be received by block chain network.
Wherein, practical Byzantine failure tolerance algorithm (Practical Byzantine Fault Tolerance, PBFT) is one Kind of state machine copy replication algorithm, i.e. service are modeled as state machine, state machine distributed system different nodes into Row copy replication.The copy of each state machine saves the state of service, while also achieving the operation of service.It will be all The set of copy composition is indicated using capital R, is arrived using 0 | R | each copy of -1 integer representation.For the side of description Just, it is assumed that | R |=3f+1, f is possible to the maximum number of the copy of failure here.Although there may be secondary more than 3f+1 This, but additional copy cannot improve reliability other than reducing performance.
All copies are referred to as rotation process (the succession of of view (View) at one Configuration running in).In some view, a copy is as host node (primary), other copy conducts It backs up (backups).The integer that view is continuously numbered for.Host node is by formula p=v mod | R | it is calculated, v is view here Figure number, p are copy numbers, | R | it is the number of copy set.Just need to start view replacement when host node failure (view change) process.
Based on Byzantium's general's problem, PBFT consistency ensures to be broadly divided into these three stages: pre-preparation (pre- Prepare), prepare (prepare) and confirmation (commit).
In the following, combination of embodiment of the present invention Fig. 5 elaborates PBFT main working process:
In Fig. 5, C is to send request end, and 0123 is server-side, and 3 be the server-side of delay machine, the specific steps are as follows:
1.Request: it sends request end C and transmit a request to any one node, be 0 here.
2.Pre-Prepare: server-side 0 is broadcasted after receiving the request of C, diffuses to server-side 1,2 and 3.
3.Prepare: server-side 1,2 and 3 receive after record and broadcast again, 1- > 023,2- > 013,3 because delay machine and It can not broadcast.
4.Commit: 0123 node of server-side is in the Prepare stage, if receiving more than a certain number of same requests, Into the Commit stage, Commit request is broadcasted.
5.Reply: 0123 node of server-side is in the Commit stage, if receiving more than a certain number of same requests, to C It is fed back.
When the number of nodes of server-side is greater than 100, network bandwidth pressure can be increasing, therefore, simple PBFT common recognition It is to be unable to satisfy many publicly-owned chain networks of number of nodes.
In embodiments of the present invention, before the verifying node verifies the block, the method also includes:
Several verifying nodes are chosen, the block that each verifying node is used to generate miner's node is verified. After the block that each verifying node generates miner's node is verified, then the verifying node is to described Block is signed, if verifying does not pass through, the verifying node will not sign to the block.
When the verifying node to the block be proved to be successful by after, the verifying node is by the Transaction Information Block chain is written, such as: block chain is written into A account balance and B account balance.Wherein, more than the A account balance and B account Volume is stored on block chain with ciphertext form, and the ciphertext of the A account balance is the attached public key that miner's node passes through A account PAh carries out encrypted ciphertext to A account balance, and the ciphertext of the B account balance is the attached public affairs that miner's node passes through B account Key PBh carries out encrypted ciphertext to B account balance.By way of ciphertext, the user on block chain can not know other use The account balance at family, protects the privacy of user, also, since can to decrypt its corresponding attached for the attached private key of attached key pair Ciphertext after belonging to public key encryption therefore, can be on block chain when user forgets or want the account balance of inquiry itself The account balance for knowing itself is capable of the demand of further satisfaction user under the premise of guaranteeing privacy.
Step S6: ordinary node receives the block, and updates the State Tree of itself.
Specifically, then new transaction generates after block chain increases block newly, whole block chain nodes in block catenary system The State Tree for needing to update itself will be performed the following operations when ordinary node receives new block:
(1), according to Byzantine failure tolerance agreement, whether the number of signatures for verifying the verifying node of the block has reached described The 2/3 of the verifying node total number of block catenary system, receives the block if reaching.Specifically, being assisted according to Byzantine failure tolerance View is verified and verifies whether the number of signatures of node is more than threshold value in the block, if so, receiving the block, wherein described Threshold value is the 2/3 of the quantity of the verifying node, if the block is by the verifying of verifying node, the verifying node will be right The block is signed, ordinary node judge number of signatures that the verifying node signs to the block whether be more than 2/3rds of the quantity of node are all verified in the block catenary system, if so, receiving the block.
(2), according to the transaction in block, using additive homomorphism, the remaining of the relevant account of transaction described in State Tree is updated Volume ciphertext, the remaining sum ciphertext of remaining sum ciphertext and recipient including sender.Such as: if B account balance is in State Tree X1, the amount of money ciphertext that receives of B account is X2 in the transaction of block chain, then the remaining sum ciphertext of B account is updated to X1+X2.
In embodiments of the present invention, the ordinary node receives the block, and updates the State Tree of itself, specific to wrap It includes:
Encrypted ciphertext is carried out to transaction amount by the attached public key PAh of sender A, A account balance is carried out same State addition updates A account balance;
Encrypted ciphertext is carried out to transaction amount by the attached public key PBh of recipient B, B account balance is carried out same State addition updates B account balance.
Specifically, the account balance of all block chain nodes saves in the form of remaining sum ciphertext, example in State Tree Such as: the account balance of sender A and recipient B pass through remaining sum ciphertext and save, and the account balance of sender A is corresponding Remaining sum ciphertext is A remaining sum ciphertext, and the corresponding remaining sum ciphertext of the account balance of the account balance B of recipient B is B remaining sum ciphertext.By The remaining sum ciphertext of all block chain nodes in State Tree passes through additive homomorphism algorithm and generates, with additive homomorphism Property, therefore homomorphism addition can be carried out to remaining sum ciphertext, the remaining sum ciphertext is updated, that is, updating the account balance.
Specifically, referring to Fig. 6, Fig. 6 is the update flow diagram of State Tree provided in an embodiment of the present invention;
As shown in fig. 6, after block chain node receives block, according to the sender and recipients of the transaction in block, And transaction amount, wherein the transaction amount is encrypted by attached public key, is stored on block in the form of ciphertext, Wherein, there are two the transaction amount can save, the attached public key PAh of respectively sender A encrypts transaction amount The attached public key PBh of ciphertext and recipient B afterwards carries out encrypted ciphertext to transaction amount.Specifically, working as ordinary node After receiving block, by according to the ciphertext of the both sides of transaction and transaction amount, it is based on additive homomorphism, updates the state of itself Tree.After transaction is published on block chain, all block chain nodes on block catenary system can each self refresh itself shape State tree, by additive homomorphism, if a certain block chain node does not update the State Tree of itself, State Tree and other nodes State Tree data are inconsistent, may result in the error in data of block chain node sending, to not recognized by the whole network.
As shown in fig. 6, the Transaction Information for including in the block are as follows: the transaction amount that A is transmitted to B is MIWEN, when block chain After node receives the block, the State Tree of itself will be updated according to the Transaction Information, such as: the State Tree is more Before new are as follows: A account balance is MIWENA, and B account balance is MIWENB, after receiving the block, is believed according to the transaction Breath: the transaction amount that A is transmitted to B is MIWEN, and the A account balance is updated to MIWENA-MIWEN, and by B account balance It is updated to MIWENB+MIWEN, to maintain the real-time of State Tree, guarantees that block chain node can legally participate in business.
It is understood that the transaction in block provided in an embodiment of the present invention is only one, it is in practical situations, described Transaction in block can be it is multiple, when the transaction in the block is multiple, mode of operation is same as above, equally also in this hair Within bright protection scope.
It is understood that although the data in data and State Tree on block chain carry out all by way of ciphertext It saves, but miner's node and verifying node still can verify the legitimacy of transaction, to will not influence common recognition agreement just Often operation.
In embodiments of the present invention, block chain node includes one or more processing and memory.Wherein, processor and Memory can be connected by bus or other modes.
Memory as a kind of non-volatile computer readable storage medium storing program for executing, can be used for storing non-volatile software program, Non-volatile computer executable program and module.Processor is by running non-volatile software journey stored in memory Sequence, instruction and module, thereby executing various function application and data processing.
Memory may include high-speed random access memory, can also include nonvolatile memory, for example, at least one A disk memory, flush memory device or other non-volatile solid state memory parts.In some embodiments, memory is optional Including the memory remotely located relative to processor, these remote memories can pass through network connection to processor.It is above-mentioned The example of network includes but is not limited to internet, intranet, local area network, mobile radio communication and combinations thereof.
The block chain node of the embodiment of the present invention exists in a variety of forms, including but not limited to:
(1) tower server
General tower server cabinet and our common PC machine casees are similar, and large-scale tower case will be coarse Very much, generally speaking outer dimension does not have fixed standard.
(2) rack-mount server
Rack-mount server is the dense deployment due to meeting enterprise, formation using 19 inch racks as normal width Type of server, height is then from 1U to several U.Server is placed into rack, daily maintenance and pipe are not merely conducive to Reason, it is also possible to avoid unexpected failure.Firstly, placing server is not take up excessive space.Rack server is fitly arranged It is placed in rack, it will not wasting space.Secondly, connecting line etc. also can be in fitly folding and unfolding to rack.Power supply line and LAN line etc. All can in cabinet the good line of cloth, it is possible to reduce connecting line on the ground is accumulated, to prevent foot from kicking the accidents such as electric wire off Occur.Defined size is the width (48.26cm=19 inches) and height (multiple of 4.445cm) of server.Since width is 19 English It is very little, so will also meet this defined rack sometimes is known as " 19 inch rack ".
(3) blade server
Blade server is a kind of the low of HAHD (High Availability High Density, High Availabitity high density) Cost service device platform is to design exclusively for special applications industry and high density computer environment, wherein each piece " blade " An actually block system motherboard is similar to independent server one by one.In such a mode, each motherboard is run certainly Oneself system, serves different specified user groups, and is not associated between each other.System software but can be used by these mothers Plate assembles a server cluster.Under cluster mode, all motherboards can connect the network environment of offer high speed, It can be serve the same user group with shared resource.
(4) Cloud Server
Cloud Server (Elastic Compute Service, ECS) be one kind be simple and efficient, securely and reliably, processing capacity Can elastic telescopic calculating service.Its way to manage is more simple and efficient than physical server, and user is without purchasing hardware in advance, i.e., Any more Cloud Servers can be created or discharged rapidly.The distributed storage of Cloud Server is used to a large amount of Server Consolidations be one Platform supercomputer provides a large amount of data storage and processing service.Distributed file system, distributed data base allow to access Common storage resource is realized shared using the IO of data file.Virtual machine can break through the limitation of single physical machine, dynamic to provide Source adjustment eliminates server with distribution and stores the Single Point of Faliure of equipment, realizes high availability.
The embodiment of the invention also provides a kind of nonvolatile computer storage media, the computer storage medium storage There are computer executable instructions, which is executed by one or more processors.
In embodiments of the present invention, by a kind of method for secret protection of block chain transaction data of offer, it is applied to area Block catenary system, the block catenary system include ordinary node, miner's node and verifying node, which comprises step S1, Attached key pair (PAh, SAh), and the private according to recipient B are generated according to the private key SA of the sender A of transaction association respectively Key SB association generates attached key pair (PBh, SBh);Step S2, sender A send intention of transferring accounts to recipient B, described to transfer accounts Intention include: A account balance, transaction amount, sender A using private key SA to the attached of the signature of the intention of transferring accounts and sender A Belong to public key PAh;Step S3, recipient B transfer accounts intention described in receiving, and send Transaction Information to miner's node, and the transaction is believed Breath include: sender A send intention of transferring accounts, B account balance, recipient B is using signature and reception of the private key SB to transaction The attached public key PBh of person B;Step S4 after miner's node receives the Transaction Information, passes through the attached public affairs of the sender A Key PAh respectively encrypts A account balance and transaction amount, and, distinguished by the attached public key PBh of the recipient B B account balance and transaction amount are encrypted, and after being verified to the Transaction Information, the Transaction Information is added to In block;Step S5, verifying node verify the block, and block chain is written in the Transaction Information after being proved to be successful; Step S6, ordinary node receive the block, and update the State Tree of itself.Due to the transaction amount and state on block chain Account balance in tree is ciphertext storage, ensure that safety and the privacy of transaction, and the privacy for solving current block chain is protected Shield relies on the technical issues of third party's trust authority, protects customer transaction data-privacy.
Device or apparatus embodiments described above is only schematical, wherein it is described as illustrated by the separation member Unit module may or may not be physically separated, and the component shown as modular unit can be or can also Not to be physical unit, it can it is in one place, or may be distributed on multiple network module units.It can basis It is actual to need that some or all of the modules therein is selected to achieve the purpose of the solution of this embodiment.
Through the above description of the embodiments, those skilled in the art can be understood that each embodiment can It is realized by the mode of software plus general hardware platform, naturally it is also possible to pass through hardware.Based on this understanding, above-mentioned technology Scheme substantially in other words can be embodied in the form of software products the part that the relevant technologies contribute, the computer Software product may be stored in a computer readable storage medium, such as ROM/RAM, magnetic disk, CD, including some instructions are with directly To computer equipment (can be personal computer, server or the network equipment etc.) execute each embodiment or Method described in certain parts of embodiment.
Finally, it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;At this It under the thinking of invention, can also be combined between the technical characteristic in above embodiments or different embodiment, step can be with It is realized with random order, and there are many other variations of different aspect present invention as described above, for simplicity, they do not have Have and is provided in details;Although the present invention is described in detail referring to the foregoing embodiments, the ordinary skill people of this field Member is it is understood that it is still possible to modify the technical solutions described in the foregoing embodiments, or to part of skill Art feature is equivalently replaced;And these are modified or replaceed, each reality of the application that it does not separate the essence of the corresponding technical solution Apply the range of a technical solution.

Claims (10)

1. a kind of method for secret protection of block chain transaction data is applied to block catenary system, the block catenary system includes general Logical node, miner's node and verifying node, which is characterized in that the described method includes:
Step S1, respectively according to the attached key pair (PAh, SAh) of the private key SA of the sender A of transaction association generation, and according to The private key SB association of recipient B generates attached key pair (PBh, SBh);
Step S2, sender A transfer accounts intention to recipient B transmission, the intention of transferring accounts include: A account balance, transaction amount, Sender A is using private key SA to the signature for the intention of transferring accounts and the attached public key PAh of sender A;
Step S3, recipient B transfer accounts intention described in receiving, and send Transaction Information to miner's node, and the Transaction Information includes: Intention of transferring accounts that sender A is sent, B account balance, recipient B are using private key SB to the attached of the signature of transaction and recipient B Belong to public key PBh;
Step S4, after miner's node receives the Transaction Information, by the attached public key PAh of the sender A respectively to A account Family remaining sum and transaction amount are encrypted, and, by the attached public key PBh of the recipient B respectively to B account balance and friendship The easy amount of money is encrypted, and after verifying to the Transaction Information, the Transaction Information is added in block;
Step S5, verifying node verify the block, and block chain is written in the Transaction Information after being proved to be successful;
Step S6, ordinary node receive the block, and update the State Tree of itself.
2. the method according to claim 1, wherein the step S1, respectively according to the private of the sender A of transaction Key SA association generates attached key pair (PAh, SAh), and generates attached key pair according to the private key SB of recipient B association (PBh, SBh), specifically includes:
The attached key with additive homomorphism cryptographic attributes of the sender A is generated to the private key SA association of the sender A Belonging to additive homomorphism encryption for the recipient B is generated to (PAh, SAh), and to the private key SB association of the recipient B The attached key pair (PBh, SBh) of property.
3. the method according to claim 1, wherein sender A described in the step S2 is sent out to recipient B Send the intention of transferring accounts, further includes:
An account C is created in State Tree;
The account C is sent by the transaction amount in the intention of transferring accounts for needing to be sent to recipient B by sender A, and by account Family C sends its whole remaining sum to the account of recipient B.
4. the method according to claim 1, wherein being carried out described in the step S4 to the Transaction Information Verifying, specifically includes:
Judge that the attached public key PAh of sender A carries out the remaining sum of A account in encrypted ciphertext and State Tree to A account balance Whether ciphertext consistent and the attached public key PBh of recipient B carries out B account in encrypted ciphertext and State Tree to B account balance Whether the remaining sum ciphertext at family is consistent;
Judge whether transaction amount is positive, and whether transaction amount is not more than A account balance;
Sender A is verified using private key SA to the signature for the intention of transferring accounts by the public key PA of sender A, and, pass through recipient B Public key PB verifying recipient B using private key SB to the signature of transaction.
5. the method according to claim 1, wherein the Transaction Information is added described in the step S4 Into block, specifically include:
The attached public key PAh of sender A is subjected to encrypted ciphertext and the attached public key PBh of recipient B to transaction amount Encrypted ciphertext is carried out to transaction amount, is added in block as Transaction Information.
6. the method according to claim 1, wherein verifying node described in the step S5 is to the block It is verified, is specifically included:
The legitimacy of the All Activity in the block is verified, and,
The proof of work submitted to miner's node is verified.
7. the method according to claim 1, wherein ordinary node described in the step S5 receives the area Before block, the method also includes:
According to Byzantine failure tolerance agreement, verifies and verify whether the number of signatures of node is more than threshold value in the block, if so, connecing Receive the block.
8. the method according to claim 1, wherein ordinary node described in the step S6 receives the area Block, and the State Tree of itself is updated, it specifically includes:
Encrypted ciphertext is carried out to transaction amount by the attached public key PAh of sender A, homomorphism is carried out to A account balance and is added Method updates A account balance;
Encrypted ciphertext is carried out to transaction amount by the attached public key PBh of recipient B, homomorphism is carried out to B account balance and is added Method updates B account balance.
9. method according to claim 1-8, which is characterized in that the user in the block catenary system passes through certainly Unique identification of the public key of body as identity, also, the block catenary system is attached close for the private key association generation of each user Key pair, each attached key pair include attached public key and attached private key, and the attached private key is for decrypting its correspondence Attached public key encryption after ciphertext.
10. a kind of block catenary system, which is characterized in that application such as the described in any item block chain transaction data of claim 1-9 Method for secret protection, the block catenary system include: ordinary node, miner's node and verifying node, wherein the block Catenary system is that the private key association of each node generates attached key pair.
CN201910310361.9A 2019-04-17 2019-04-17 Privacy protection method for block chain transaction data and block chain system Active CN110059494B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910310361.9A CN110059494B (en) 2019-04-17 2019-04-17 Privacy protection method for block chain transaction data and block chain system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910310361.9A CN110059494B (en) 2019-04-17 2019-04-17 Privacy protection method for block chain transaction data and block chain system

Publications (2)

Publication Number Publication Date
CN110059494A true CN110059494A (en) 2019-07-26
CN110059494B CN110059494B (en) 2020-11-03

Family

ID=67319243

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910310361.9A Active CN110059494B (en) 2019-04-17 2019-04-17 Privacy protection method for block chain transaction data and block chain system

Country Status (1)

Country Link
CN (1) CN110059494B (en)

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110490003A (en) * 2019-08-09 2019-11-22 杭州安存网络科技有限公司 User's trust data generation method, acquisition methods, apparatus and system
CN110569309A (en) * 2019-09-17 2019-12-13 上海保险交易所股份有限公司 Apparatus, method, system, and medium for implementing blockchains
CN110599163A (en) * 2019-08-20 2019-12-20 江苏大学 Transaction record outsourcing method facing block chain transaction supervision
CN110766407A (en) * 2019-10-22 2020-02-07 全链通有限公司 Transaction verification method, accounting node and medium based on block chain
CN110766400A (en) * 2019-10-22 2020-02-07 全链通有限公司 Transaction record processing method based on block chain, accounting node and medium
CN111213135A (en) * 2019-08-27 2020-05-29 阿里巴巴集团控股有限公司 System and method for blockchain based notification
CN111461682A (en) * 2020-03-18 2020-07-28 必成汇(成都)科技有限公司 Financial system and digital currency trusteeship system that has it
CN111510450A (en) * 2020-04-13 2020-08-07 西安电子科技大学 Block chain link point identity verification method
CN111526217A (en) * 2020-07-03 2020-08-11 支付宝(杭州)信息技术有限公司 Consensus method and system in block chain
CN111915302A (en) * 2020-08-05 2020-11-10 腾讯科技(深圳)有限公司 Associated data processing method and device, electronic equipment and computer readable medium
CN111988290A (en) * 2020-08-05 2020-11-24 上海交通大学 Transaction deletion method and system under user balance privacy protection and authorization supervision
CN112184433A (en) * 2020-08-31 2021-01-05 武汉市果壳璐网络科技有限公司 Block chain system
CN112926967A (en) * 2021-03-18 2021-06-08 上海能链众合科技有限公司 Metering and paying method for block chain platform
WO2021109718A1 (en) * 2019-12-05 2021-06-10 深圳前海微众银行股份有限公司 Verification method and apparatus based on block chain system
CN112990903A (en) * 2021-03-10 2021-06-18 中国联合网络通信集团有限公司 Telephone charge transfer method based on block chain, transfer node and demand node
CN113094733A (en) * 2021-04-25 2021-07-09 永旗(北京)科技有限公司 Block chain data privacy protection method and system
CN113132078A (en) * 2019-12-31 2021-07-16 航天信息股份有限公司 Block chain privacy protection method based on homomorphic commitment and block chain system
CN113128999A (en) * 2019-12-31 2021-07-16 航天信息股份有限公司 Block chain privacy protection method and device
CN113570373A (en) * 2021-09-23 2021-10-29 北京理工大学 Responsibility pursuing transaction method and system based on block chain
CN117236959A (en) * 2023-11-10 2023-12-15 金网络(北京)数字科技有限公司 Blockchain transaction method and device with privacy protection function and storage medium
CN117294429A (en) * 2023-09-23 2023-12-26 南京市公共资源交易中心江北新区分中心 Public resource transaction data encryption and decryption method, system and medium based on blockchain

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106549749A (en) * 2016-12-06 2017-03-29 杭州趣链科技有限公司 A kind of block chain method for secret protection encrypted based on additive homomorphism
CN106845960A (en) * 2017-01-24 2017-06-13 上海亿账通区块链科技有限公司 Method for secure transactions and system based on block chain
CN109040014A (en) * 2018-06-13 2018-12-18 湖南搜云网络科技股份有限公司 Block chain processing method and processing device, block chain node and storage medium
CN109086585A (en) * 2018-07-10 2018-12-25 众安信息技术服务有限公司 History data processing method, system and computer readable storage medium
US20190074968A1 (en) * 2017-09-06 2019-03-07 Alibaba Group Holding Limited Method, apparatus and system for data encryption and decryption

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106549749A (en) * 2016-12-06 2017-03-29 杭州趣链科技有限公司 A kind of block chain method for secret protection encrypted based on additive homomorphism
CN106845960A (en) * 2017-01-24 2017-06-13 上海亿账通区块链科技有限公司 Method for secure transactions and system based on block chain
US20190074968A1 (en) * 2017-09-06 2019-03-07 Alibaba Group Holding Limited Method, apparatus and system for data encryption and decryption
CN109040014A (en) * 2018-06-13 2018-12-18 湖南搜云网络科技股份有限公司 Block chain processing method and processing device, block chain node and storage medium
CN109086585A (en) * 2018-07-10 2018-12-25 众安信息技术服务有限公司 History data processing method, system and computer readable storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王宗慧等: "区块链数据隐私保护研究", 《物联网学报》 *

Cited By (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110490003A (en) * 2019-08-09 2019-11-22 杭州安存网络科技有限公司 User's trust data generation method, acquisition methods, apparatus and system
CN110599163A (en) * 2019-08-20 2019-12-20 江苏大学 Transaction record outsourcing method facing block chain transaction supervision
CN111213135A (en) * 2019-08-27 2020-05-29 阿里巴巴集团控股有限公司 System and method for blockchain based notification
CN111213135B (en) * 2019-08-27 2023-11-21 创新先进技术有限公司 System and method for blockchain-based notification
CN110569309A (en) * 2019-09-17 2019-12-13 上海保险交易所股份有限公司 Apparatus, method, system, and medium for implementing blockchains
CN110569309B (en) * 2019-09-17 2023-06-20 上海保险交易所股份有限公司 Apparatus, method, system, and medium for implementing blockchain
CN110766407A (en) * 2019-10-22 2020-02-07 全链通有限公司 Transaction verification method, accounting node and medium based on block chain
CN110766400A (en) * 2019-10-22 2020-02-07 全链通有限公司 Transaction record processing method based on block chain, accounting node and medium
CN110766400B (en) * 2019-10-22 2023-01-13 全链通有限公司 Transaction record processing method based on block chain, accounting node and medium
WO2021109718A1 (en) * 2019-12-05 2021-06-10 深圳前海微众银行股份有限公司 Verification method and apparatus based on block chain system
CN113128999B (en) * 2019-12-31 2024-04-12 航天信息股份有限公司 Block chain privacy protection method and device
CN113132078A (en) * 2019-12-31 2021-07-16 航天信息股份有限公司 Block chain privacy protection method based on homomorphic commitment and block chain system
CN113128999A (en) * 2019-12-31 2021-07-16 航天信息股份有限公司 Block chain privacy protection method and device
CN111461682A (en) * 2020-03-18 2020-07-28 必成汇(成都)科技有限公司 Financial system and digital currency trusteeship system that has it
CN111510450A (en) * 2020-04-13 2020-08-07 西安电子科技大学 Block chain link point identity verification method
CN111526217A (en) * 2020-07-03 2020-08-11 支付宝(杭州)信息技术有限公司 Consensus method and system in block chain
CN111526217B (en) * 2020-07-03 2020-10-09 支付宝(杭州)信息技术有限公司 Consensus method and system in block chain
US11265173B2 (en) 2020-07-03 2022-03-01 Alipay (Hangzhou) Information Technology Co., Ltd. Methods and systems for consensus in blockchains
CN111988290A (en) * 2020-08-05 2020-11-24 上海交通大学 Transaction deletion method and system under user balance privacy protection and authorization supervision
CN111915302A (en) * 2020-08-05 2020-11-10 腾讯科技(深圳)有限公司 Associated data processing method and device, electronic equipment and computer readable medium
CN112184433A (en) * 2020-08-31 2021-01-05 武汉市果壳璐网络科技有限公司 Block chain system
CN112990903A (en) * 2021-03-10 2021-06-18 中国联合网络通信集团有限公司 Telephone charge transfer method based on block chain, transfer node and demand node
CN112990903B (en) * 2021-03-10 2023-06-09 中国联合网络通信集团有限公司 Block chain-based telephone charge transfer method, transferable node and demand node
CN112926967B (en) * 2021-03-18 2024-02-02 上海零数众合信息科技有限公司 Metering and payment method for blockchain platform
CN112926967A (en) * 2021-03-18 2021-06-08 上海能链众合科技有限公司 Metering and paying method for block chain platform
CN113094733A (en) * 2021-04-25 2021-07-09 永旗(北京)科技有限公司 Block chain data privacy protection method and system
CN113570373A (en) * 2021-09-23 2021-10-29 北京理工大学 Responsibility pursuing transaction method and system based on block chain
CN117294429A (en) * 2023-09-23 2023-12-26 南京市公共资源交易中心江北新区分中心 Public resource transaction data encryption and decryption method, system and medium based on blockchain
CN117294429B (en) * 2023-09-23 2024-04-19 南京市公共资源交易中心江北新区分中心 Public resource transaction data encryption and decryption method, system and medium based on blockchain
CN117236959A (en) * 2023-11-10 2023-12-15 金网络(北京)数字科技有限公司 Blockchain transaction method and device with privacy protection function and storage medium
CN117236959B (en) * 2023-11-10 2024-02-09 金网络(北京)数字科技有限公司 Blockchain transaction method and device with privacy protection function and storage medium

Also Published As

Publication number Publication date
CN110059494B (en) 2020-11-03

Similar Documents

Publication Publication Date Title
CN110059494A (en) A kind of method for secret protection and block catenary system of block chain transaction data
US11088850B2 (en) Retrieving public data for blockchain networks using highly available trusted execution environments
AU2019207312B2 (en) Distributed key management for trusted execution environments
CN108009917B (en) Transaction verification and registration method and system for digital currency
CN107240017B (en) Block chain transaction management system and method
CN106503098B (en) Block chain cloud service framework system built in Paas service layer
Needham et al. Using encryption for authentication in large networks of computers
CN107769922B (en) Block chain safety management system and method
Fumy et al. Principles of key management
CN1871810B (en) Authentication system, and remotely distributed storage system
CN107819753B (en) Block chain transaction system and method without complete anonymity
AU2019204708A1 (en) Retrieving public data for blockchain networks using highly available trusted execution environments
US8290161B2 (en) Incorporating shared randomness into distributed cryptography
US20020076052A1 (en) Incorporating shared randomness into distributed cryptography
He et al. A novel cryptocurrency wallet management scheme based on decentralized multi-constrained derangement
Zhai et al. BPKI: A secure and scalable blockchain-based public key infrastructure system for web services
CN110912688B (en) Anti-quantum-computation private key backup, loss reporting and recovery method and system based on alliance chain
CN112187802A (en) Bus system and communication method
Montagut et al. Traceability and integrity of execution in distributed workflow management systems
Zhang et al. An efficient proactive secret sharing scheme for cloud storage
CN111506667A (en) Calculation capacity transaction information data storage method based on partition authentication technology
Yung et al. Zero-Knowledge to the Rescue: Consistent Redundant Backup of Keys Generated for Critical Financial Services
JP2020058007A (en) Digital asset management system
De Santis Sudia et al.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20200908

Address after: 518000 block D, Central Avenue, intersection of Xixiang Avenue and Baoyuan Road, labor community, Xixiang street, Bao'an District, Shenzhen City, Guangdong Province

Applicant after: Shenzhen Qiyuan Information Service Co.,Ltd.

Address before: 518100 Yujingwan Garden, Xin'an Sixth Road, Xixiang Street, Baoan District, Shenzhen City, Guangdong Province, 101, 201A, 301, 401 4th floor 401-03

Applicant before: Shenzhen Luyun District Chain Network Technology Co.,Ltd.

GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20230403

Address after: No. 4145, Building 4, Yard 10, Xixiaoying South Ring Road, Sujiatuo Town, Haidian District, Beijing, 100194

Patentee after: Beijing Mingtai Hengtong Information Technology Co.,Ltd.

Address before: 518000, 13C, Block D, Central Avenue, intersection of Xixiang Avenue and Baoyuan Road, Labor Community, Xixiang Street, Bao'an District, Shenzhen, Guangdong Province

Patentee before: Shenzhen Qiyuan Information Service Co.,Ltd.