WO2019105407A1 - Procédé de preuve de connaissance nulle approprié pour la protection de la confidentialité de chaîne de blocs, et support - Google Patents

Procédé de preuve de connaissance nulle approprié pour la protection de la confidentialité de chaîne de blocs, et support Download PDF

Info

Publication number
WO2019105407A1
WO2019105407A1 PCT/CN2018/118131 CN2018118131W WO2019105407A1 WO 2019105407 A1 WO2019105407 A1 WO 2019105407A1 CN 2018118131 W CN2018118131 W CN 2018118131W WO 2019105407 A1 WO2019105407 A1 WO 2019105407A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
proof
phase
random number
zero
Prior art date
Application number
PCT/CN2018/118131
Other languages
English (en)
Chinese (zh)
Inventor
邓燚
马顺利
何德彪
张江
陈泌文
谢翔
李升林
孙立林
Original Assignee
云图有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 云图有限公司 filed Critical 云图有限公司
Publication of WO2019105407A1 publication Critical patent/WO2019105407A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/405Establishing or using transaction specific rules
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • H04L9/3221Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Definitions

  • the invention relates to a privacy protection technology of a blockchain, in particular to a zero-knowledge proof method in blockchain privacy protection.
  • the blockchain system acts as a public account book, which solves the consensus problem established by the trust of all parties. Every participant is able to get a complete data backup, all transaction data is open and transparent, the advantages of this blockchain, but on the other hand, for many blockchain applications, this feature is fatal of. Because many times, not only users themselves want their account privacy and transaction information to be protected, many business accounts and transaction information are important assets and trade secrets of these organizations, and they do not want to be shared publicly with their peers, especially sensitive. Data needs to balance privacy protection and compliance regulation. For business scenarios involving a large number of trade secrets and benefits, data exposure does not meet business rules and regulatory requirements.
  • a smart contract is a piece of code that runs on a blockchain that controls and manages the database.
  • the assets of each account are stored in the database of the smart contract, and the data in the database can be operated by the smart contract under certain conditions.
  • the balance of each account and the operation of the balance are recorded and performed in a smart contract.
  • an inter-node transfer operation is performed by broadcasting a message between all nodes and executing a smart contract.
  • the balance of each node is private information, and each node wants its balance to be invisible to other nodes.
  • the transfer content is also private information, so changes in the balance in the broadcast message do not want other nodes to be visible.
  • it is necessary to support the change operation of the balance in the smart contract and everyone can operate the balance.
  • a consistent public ledger is maintained between the nodes.
  • the ledger records the balance information of each node, and the nodes operate on the common ledger through a certain consensus mechanism.
  • the transaction information of all users in the book, including other information recorded in the blockchain is exposed, and the user's privacy protection problem arises.
  • the system needs to realize the characteristics of the blockchain transaction verifiable and historically checkable while ensuring the privacy of the user, and ensure the validity of the transaction.
  • Bitcoin's solution to privacy protection is to achieve anonymity by blocking the association between the transaction address and the address holder's true identity. So although you can see the address of the sender and recipient of each transfer record, it does not correspond to a specific person in the real world. However, such protection is very weak.
  • the association between the account and the transaction can be traced through the address ID, IP information, and the like.
  • CoinJoin The idea of the principle of the coin is to split the relationship between the input address and the output address. In a transaction, if there are a lot of people involved, including a lot of input and output, it will be more difficult to find the corresponding pair of each person in the input and output, so that the connection between input and output is actually split. . It is better to mix coins and small amounts of coins each time. Although this method is highly anonymous, its risk assessment is not in place and must be trusted by anonymous third parties.
  • the balance on the public ledger is directly encrypted. Only the node itself or the relevant party that gives the right can view the transaction information, and the remaining nodes cannot operate the data, and the account information is difficult to maintain consistency.
  • Chinaledger proposed a scheme based on the Central Counterparty (CCP).
  • the transaction initiator uses the CCP's public key to encrypt the transaction. After signing, it is submitted to the CCP.
  • the CCP realizes decryption, checks the signature, checks the balance, and if it is valid, realizes the transfer of the transfer amount. .
  • the remaining nodes can only endorse the transaction, but cannot endorse the balance.
  • this scheme protects the privacy of the node user, it is too centralized, and the whole system relies on the reputation transaction of the CCP.
  • Ring Signature A ring signature is a simplified group signature, which is named because a signature consists of a certain rule.
  • a signature consists of a certain rule.
  • one member of the ring uses his private key and the public key of other members to sign, but does not need permission from other members, and the verifier only knows that the signature comes from this ring, but I don’t know who is The real signer.
  • Ring signatures solve the problem of full anonymity for signers, which allows a member to sign on behalf of a group of people without revealing the signer's information.
  • the ring signature technology only solves the issue of the anonymity of the trader and cannot protect the privacy of the transaction.
  • Homomorphic Encryption is a method that can perform calculations without prior decryption of encrypted data.
  • homomorphic encryption By using homomorphic encryption to store data on the blockchain, a perfect balance can be achieved without any major changes to the blockchain attributes.
  • the blockchain is still a public blockchain.
  • the data on the blockchain will be encrypted, thus taking care of the privacy of the public blockchain.
  • the homomorphic encryption technique makes the public blockchain have the privacy effect of the private blockchain.
  • the addition homomorphic encryption technique can be used to hide the transaction finance and user balance on the blockchain, and to ensure the remaining users' operations on the balance on the public accounts.
  • homomorphic encryption cannot confirm the consistency of the transaction and lacks the verification link for the validity of the transaction.
  • Zero-knowledge proof is a cryptographic technique, a kind of zero-knowledge proof that proves certain data operations without revealing the data itself, allowing both parties (certifiers and verifiers) to prove A proposal is real and does not need to reveal any information other than it is true.
  • cryptocurrency and blockchain this usually refers to transactional information data.
  • Zcash by introducing zero-knowledge proof technology zk-SNARKs, achieves zero-knowledge-level anonymous cryptocurrency. When using Zcash for trading, neither the transaction address nor the transaction amount is exposed, but Zcash uses The scenario is more limited. ZCash only targets the UTXO model of Bitcoin. It cannot be extended to the balance model such as Ethereum, and it does not support smart contracts very well.
  • Zcash In terms of performance, Zcash needs circuit conversion and computation for consumption when generating proof.
  • the resources and time are very large, so Zcash's light nodes do not use SNARK technology when initiating transactions, but only the whole node uses SNARK technology; when generating system parameters, Zcash must have one or more strong centers to generate system parameters.
  • the trapping gates that control the entire system are also hidden in the system parameters; and the usage scenarios are relatively simple, and the SNARK technology in Zcash has no other applications at present.
  • the object of the present invention is to solve the above problems, and provide a zero-knowledge proof method and medium suitable for blockchain privacy protection, which can support bitcoin UTXO and Ethereum balance model, and can be well combined with smart contracts.
  • a zero-knowledge proof method and medium suitable for blockchain privacy protection which can support bitcoin UTXO and Ethereum balance model, and can be well combined with smart contracts.
  • the technical solution of the present invention is as follows:
  • the present invention discloses a zero-knowledge proof method suitable for blockchain privacy protection, including:
  • the proof generation phase the balance ciphertext of the attestation node and the transfer amount ciphertext respectively using the attestation node and the verification node public key encryption are generated, and the node is generated to generate random parameters and the system parameters obtained in the initialization phase are used as general inputs, and the relevant proof is obtained.
  • the certification node sends ⁇ to the verification node, and the verification node combines the system parameters, parses the ⁇ to verify whether the condition is met, and if so, allows the transaction.
  • the party performing the transaction during the user configuration phase uses the paillier encryption system.
  • the proof generation phase when the user A having the balance t A transfers the amount to the user B as t, the following operations are performed:
  • Step 1 User A gets the ciphertext of t A from the ledger: Where r is a random number and N A is the public key of user A;
  • Step 2 To get Evidence The way to generate parameters includes steps (1) to (3):
  • N A is the public key of user A
  • N B is the public key of user B
  • r t For the generated random number, l is the random number used in the pederson promise
  • ⁇ and ⁇ are two parameters representing the plain space of the scheme.
  • Step 3 Use system parameter PP as a general input and A use private input Generate evidence that proves the above assertion, and the way to generate the proof includes the following steps:
  • H is the hash function in cryptography.
  • the proof generation phase when the user A having the balance t A transfers the amount to the user B as t, the following operations are performed:
  • Step 1 User A gets the ciphertext of t A from the ledger: Where r is a random number and N A is the public key of user A;
  • Step 2 To get Evidence The way to generate parameters includes steps (1) to (3):
  • N A is the public key of user A
  • N B is the public key of user B
  • r t For the generated random number, l is the random number used in the pederson promise
  • ⁇ and ⁇ are two parameters representing the plain space of the scheme.
  • Step 3 Use system parameter PP as a general input and A use private input Generate evidence that proves the above assertion, and the way to generate the proof includes the following steps:
  • the extractor in the process of user A obtaining the ciphertext of t A from the ledger, if user A does not know the value of the random number r, the extractor is used.
  • the algorithm obtains the random number r through the plaintext t A and the private key ⁇ A .
  • the proof generation phase the balance ciphertext of the attestation node and the transfer amount ciphertext respectively using the attestation node and the verification node public key encryption are generated, and the node is generated to generate random parameters and the system parameters obtained in the initialization phase are used as general inputs, and the relevant proof is obtained.
  • the certification node sends ⁇ to the verification node, and the verification node combines the system parameters, parses the ⁇ to verify whether the condition is met, and if so, allows the transaction.
  • the invention also discloses an embodiment of a computer readable storage medium.
  • the present invention also discloses an embodiment of a computer readable storage medium in which a participant in a user configuration phase of a computer program runs a paillier encryption system.
  • the present invention also discloses an embodiment of a computer readable storage medium.
  • the user A having the balance t A performs the following operations when transferring the amount to the user B as t:
  • Step 1 User A gets the ciphertext of t A from the ledger: Where r is a random number and N A is the public key of user A;
  • Step 2 To get Evidence The way to generate parameters includes steps (1) to (3):
  • N A is the public key of user A
  • N B is the public key of user B
  • r t For the generated random number, l is the random number used in the pederson promise
  • ⁇ and ⁇ are two parameters representing the plain space of the scheme.
  • Step 3 Use system parameter PP as a general input and A use private input Generate evidence that proves the above assertion, and the way to generate the proof includes the following steps:
  • H represents a hash function in cryptography
  • the present invention also discloses an embodiment of a computer readable storage medium.
  • the user A having the balance t A performs the following operations when transferring the amount to the user B as t:
  • Step 1 User A gets the ciphertext of t A from the ledger: Where r is a random number and N A is the public key of user A;
  • Step 2 To get Evidence The way to generate parameters includes steps (1) to (3):
  • N A is the public key of user A
  • N B is the public key of user B
  • r t For the generated random number, l is the random number used in the pederson promise
  • ⁇ and ⁇ are two parameters representing the plain space of the scheme.
  • Step 3 Use system parameter PP as a general input and A use private input Generate evidence that proves the above assertion, and the way to generate the proof includes the following steps:
  • the present invention also discloses a computer readable storage medium according to an embodiment, the user A obtained from the cipher text books of t A in the process, if the user A does not know the value of the random number r, the algorithm using the plaintext decimator t A and the private key ⁇ A get the random number r.
  • the present invention also discloses an embodiment of a computer readable storage medium.
  • the present invention also discloses an embodiment of a computer readable storage medium.
  • the method of the present invention includes an initialization phase system parameter (including a parameter generation process and meaning), and a specific process of generating a zero-knowledge proof in the generation phase (including the ciphertext generated in the process, The formulas and parameters involved, as well as the verification phase (including the formulas and conditions for verification, etc.).
  • the zero-knowledge proof scheme suitable for blockchain privacy protection of the present invention protects the transaction amount by combining the homomorphic encryption algorithm.
  • the data in the public ledger of the smart contract is stored using homomorphic encrypted ciphertext, and during the transaction, a non-interactive zero-knowledge proof is generated to verify the legitimacy and validity of the transaction.
  • the solution of the specific algorithm is to consider two transaction participants in the blockchain, the proof node and the verification node.
  • the system first initializes the parameters, the transaction node generates the public-private key pair and defines the encryption mode; then the node obtains the balance ciphertext and the transfer amount ciphertext respectively using the certification node and the verification node public key encryption; the certification node obtains the relevant parameters through calculation.
  • the advantage of the algorithm of the present invention is that it can simultaneously support the bitcoin UTXO model and the Ethereum balance model, but is more suitable for the balance model, and is suitable for intelligent contract design, can be well combined with smart contracts; system parameters can be configured The system parameters include trapdoor information, and the security of the scheme is strictly proved.
  • system parameters can be generated by multi-party security calculation, and in the alliance chain scenario, the supervisory node can generate system parameters;
  • the application scenarios of the solution are numerous, and can be applied to include, but are not limited to, supply chain finance, clearing and settlement, loan scenarios, etc.
  • the solution of the present invention designs a zero-knowledge proof system for a specific algebraic structure of transactions, and consumes less computing resources and time. Even the light node can generate a proof process.
  • FIG. 1 is a flow chart showing an embodiment of a zero-knowledge proof method for cryptographic chain privacy protection of the present invention.
  • an additive homomorphic encryption algorithm is used to encrypt the private data in the blockchain, and a non-interactive zero-knowledge proof is generated in the transaction process to prove the validity of the transaction.
  • the implementation steps of the (non-interactive) zero-knowledge proof method suitable for blockchain privacy protection of this embodiment are as shown in FIG. 1 and include four phases: an initialization phase, a user configuration phase, a certification generation phase, and a verification phase. These four stages are explained separately.
  • N A and N B B's public key may be generated as follows t ciphertext generation mode to:
  • ⁇ and ⁇ are two parameters representing the plain space of the scheme.
  • H represents a hash function in cryptography.
  • Option 2 is:
  • Option 1 (corresponding to scenario 1 of the third phase):
  • the transaction is allowed, and the smart contract on the node automatically modifies the balance of the two nodes of the transaction on the public ledger.
  • the present invention also discloses a computer readable storage medium having stored thereon a computer program executed by a processor, running the method steps as described in the above embodiments.
  • the usable scenarios of the present invention include: when performing asset transfer in the supply chain finance and consistency maintenance of the account information, the balance information of each node is encrypted by using an additive homomorphic encryption algorithm, and is performed between nodes. Broadcast non-interactive zero-knowledge proofs to prove the validity of the transaction; protect customer privacy while improving customer identification efficiency and reduce time cost in clearing and settlement scenarios; encrypted withdrawals and borrower transaction records in lending scenarios And track and protect the effectiveness of the payment process.
  • DSPs digital signal processors
  • ASICs application specific integrated circuits
  • FPGAs field programmable gate arrays
  • Programmable logic devices, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein are implemented or executed.
  • a general purpose processor may be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine.
  • the processor may also be implemented as a combination of computing devices, such as a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
  • a software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
  • An exemplary storage medium is coupled to the processor to enable the processor to read and write information to/from the storage medium.
  • the storage medium can be integrated into the processor.
  • the processor and the storage medium can reside in an ASIC.
  • the ASIC can reside in the user terminal.
  • the processor and the storage medium may reside as a discrete component in the user terminal.
  • the functions described may be implemented in hardware, software, firmware, or any combination thereof. If implemented as a computer program product in software, the functions may be stored on or transmitted as one or more instructions or code on a computer readable medium.
  • Computer readable media includes both computer storage media and communication media including any medium that facilitates transfer of a computer program from one place to another.
  • a storage medium may be any available media that can be accessed by a computer.
  • such computer readable media may comprise RAM, ROM, EEPROM, CD-ROM or other optical disk storage, disk storage or other magnetic storage device, or can be used to carry or store instructions or data structures. Any other medium that is desirable for program code and that can be accessed by a computer.
  • any connection is also properly referred to as a computer readable medium.
  • the software is transmitted from a web site, server, or other remote source using coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL), or wireless technologies such as infrared, radio, and microwave.
  • the coaxial cable, fiber optic cable, twisted pair cable, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of the medium.
  • Disks and discs as used herein include compact discs (CDs), laser discs, optical discs, digital versatile discs (DVDs), floppy discs, and Blu-ray discs, in which disks are often reproduced magnetically. Data, and discs optically reproduce data with a laser. Combinations of the above should also be included within the scope of computer readable media.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Accounting & Taxation (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé de preuve de connaissance nulle approprié pour la protection de la confidentialité de chaîne de blocs, et un support, capable de supporter une sortie de transaction inutilisée (UTX) Bitcoin et un modèle de solde Ethereum et de se combiner convenablement avec un contrat intelligent, de telle sorte que la sécurité de la solution est encore améliorée, la scène d'application de la solution est étendue, et la preuve de connaissance nulle conçue pour une structure algébrique spécifique d'une transaction, même un nœud de lumière peut également générer le processus de preuve. La solution technique est la suivante : le procédé comprend : une phase d'initialisation : générant un paramètre de système, comprenant un processus de génération et la signification du paramètre ; une phase de génération de preuve : un processus spécifique de génération d'une preuve de connaissance nulle, comprenant un texte chiffré généré dans le processus, des formules et paramètres impliqués, etc. ; et une phase de vérification : comprenant une formule de vérification et des conditions, etc.
PCT/CN2018/118131 2017-11-30 2018-11-29 Procédé de preuve de connaissance nulle approprié pour la protection de la confidentialité de chaîne de blocs, et support WO2019105407A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201711241178.5 2017-11-30
CN201711241178.5A CN108418689B (zh) 2017-11-30 2017-11-30 一种适合区块链隐私保护的零知识证明方法和介质

Publications (1)

Publication Number Publication Date
WO2019105407A1 true WO2019105407A1 (fr) 2019-06-06

Family

ID=63125306

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/118131 WO2019105407A1 (fr) 2017-11-30 2018-11-29 Procédé de preuve de connaissance nulle approprié pour la protection de la confidentialité de chaîne de blocs, et support

Country Status (2)

Country Link
CN (1) CN108418689B (fr)
WO (1) WO2019105407A1 (fr)

Cited By (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10680800B2 (en) 2018-12-21 2020-06-09 Alibaba Group Holding Limited Blockchain data protection based on generic account model and homomorphic encryption
US10790987B2 (en) 2018-12-21 2020-09-29 Alibaba Group Holding Limited Blockchain data protection based on generic account model and homomorphic encryption
CN112069262A (zh) * 2020-09-09 2020-12-11 上海万向区块链股份公司 基于区块链智能合约的对账数据上链方法
US11049099B2 (en) * 2018-11-30 2021-06-29 Advanced New Technologies Co., Ltd. Methods for implementing privacy protection in blockchain
CN113822672A (zh) * 2021-11-22 2021-12-21 浙江数秦科技有限公司 一种基于零知识证明的区块链共识方法
US11244306B2 (en) 2018-08-06 2022-02-08 Advanced New Technologies Co., Ltd. Method, apparatus and electronic device for blockchain transactions
US11341492B2 (en) * 2018-08-30 2022-05-24 Advanced New Technologies Co., Ltd. Method, apparatus and electronic device for blockchain transactions
US11341487B2 (en) 2018-12-29 2022-05-24 Advanced New Technologies Co., Ltd. System and method for information protection
US11398911B1 (en) 2020-07-12 2022-07-26 Run Interactive, Inc. System for interacting objects as tokens on a blockchain using a class-based language
US11475365B2 (en) 2020-04-09 2022-10-18 International Business Machines Corporation Verification of stochastic gradient descent
US11575665B2 (en) 2020-12-07 2023-02-07 International Business Machines Corporation Authorizing uses of goods or services using bonding agreement

Families Citing this family (60)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108418689B (zh) * 2017-11-30 2020-07-10 矩阵元技术(深圳)有限公司 一种适合区块链隐私保护的零知识证明方法和介质
CN111768304A (zh) 2018-08-06 2020-10-13 阿里巴巴集团控股有限公司 区块链交易方法及装置、电子设备
CN111899001A (zh) * 2018-08-30 2020-11-06 创新先进技术有限公司 基于区块链的汇款方法及装置
CN110909073B (zh) * 2018-09-14 2023-06-13 宏达国际电子股份有限公司 基于智能合约分享隐私数据的方法及***
CN111833186A (zh) * 2018-09-20 2020-10-27 创新先进技术有限公司 基于区块链的交易方法、装置和节点设备
CN111833057A (zh) * 2018-09-30 2020-10-27 创新先进技术有限公司 基于区块链的交易方法、装置和节点设备
CN109257182B (zh) * 2018-10-24 2021-06-25 杭州趣链科技有限公司 基于同态密码学承诺与零知识范围证明的隐私保护方法
KR102215773B1 (ko) * 2018-11-07 2021-02-17 어드밴스드 뉴 테크놀로지스 씨오., 엘티디. 영-지식 증명을 갖는 계정 노트 모델에 기초한 블록체인 데이터 보호
KR102180991B1 (ko) 2018-11-07 2020-12-17 어드밴스드 뉴 테크놀로지스 씨오., 엘티디. 블록 체인 기밀 거래의 규제
KR102208891B1 (ko) 2018-11-07 2021-01-29 어드밴스드 뉴 테크놀로지스 씨오., 엘티디. 블록체인 기밀 트랜잭션에서 암호화된 트랜잭션 정보 복구
CN109447791B (zh) * 2018-11-09 2021-07-16 北京邮电大学 一种基于区块链的资金交易方法及装置
BR112019007232B1 (pt) 2018-11-27 2022-02-15 Advanced New Technologies Co., Ltd Métodos implementados por computador para proteção da informação, sistemas para proteção da informação e meio de armazenamento legível por computador não transitório
PL3745637T3 (pl) 2018-11-27 2021-11-02 Advanced New Technologies Co., Ltd. System i sposób ochrony informacji
SG11201902778UA (en) 2018-11-27 2019-05-30 Alibaba Group Holding Ltd System and method for information protection
KR102248154B1 (ko) 2018-11-27 2021-05-06 어드밴스드 뉴 테크놀로지스 씨오., 엘티디. 정보 보호를 위한 시스템 및 방법
US10700850B2 (en) 2018-11-27 2020-06-30 Alibaba Group Holding Limited System and method for information protection
RU2735439C2 (ru) 2018-11-27 2020-11-02 Алибаба Груп Холдинг Лимитед Система и способ для защиты информации
CN109614820A (zh) * 2018-12-06 2019-04-12 山东大学 基于零知识证明的智能合约认证数据隐私保护方法
CN109615376B (zh) * 2018-12-10 2020-09-01 北京八分量信息科技有限公司 一种基于零知识证明的交易方法及装置
US11151558B2 (en) * 2018-12-12 2021-10-19 American Express Travel Related Services Company, Inc Zero-knowledge proof payments using blockchain
CN109858281B (zh) * 2019-02-01 2020-09-18 杭州云象网络技术有限公司 一种基于零知识证明的区块链账户模型隐私保护方法
CN110011781B (zh) * 2019-03-04 2020-05-19 华中科技大学 用于交易金额加密且支持零知识证明的同态加密方法和介质
CN109922077B (zh) * 2019-03-27 2021-06-04 北京思源理想控股集团有限公司 一种基于区块链的身份认证方法及其***
CN110311782B (zh) * 2019-04-29 2020-04-14 山东工商学院 个人信息的零知识证明方法、***及存储介质
CN110336672B (zh) * 2019-04-29 2020-07-28 山东工商学院 基于零知识证明的公民隐私保护的方法、***及存储介质
CN110223063B (zh) * 2019-05-07 2023-06-20 平安科技(深圳)有限公司 基于零知识证明的供应链数据管理方法及装置
WO2020233423A1 (fr) * 2019-05-20 2020-11-26 创新先进技术有限公司 Procédé de stockage de reçu et nœud basé sur un type de transaction
CN110263088B (zh) * 2019-05-20 2021-04-02 创新先进技术有限公司 结合代码标注与事件类型的有条件的收据存储方法和节点
CN110189124A (zh) * 2019-05-24 2019-08-30 杭州复杂美科技有限公司 防攻击方法、设备和存储介质
CN110363528B (zh) * 2019-06-27 2022-06-24 矩阵元技术(深圳)有限公司 协同地址的生成、交易签名方法及装置、存储介质
CN110414981B (zh) * 2019-07-04 2023-05-09 华中科技大学 一种支持ZKPs的同态加密方法和区块链交易金额加密方法
CN110473105B (zh) * 2019-08-20 2024-01-16 深圳市迅雷网络技术有限公司 一种区块链交易结算方法、***及相关设备
US10652019B1 (en) 2019-08-28 2020-05-12 Qed-It Systems Ltd. Atomic swap using zero-knowledge proofs, and applications thereof
CN110717755A (zh) * 2019-09-05 2020-01-21 深圳壹账通智能科技有限公司 加密数据零知识校验方法、装置及介质
CN111008836B (zh) * 2019-11-15 2023-09-05 哈尔滨工业大学(深圳) 一种隐私安全转账支付方法、装置、***及存储介质
CN111160909B (zh) * 2019-12-31 2024-01-16 深圳市迅雷网络技术有限公司 区块链供应链交易隐藏静态监管***及方法
CN111079190A (zh) * 2019-12-31 2020-04-28 深圳市网心科技有限公司 区块链供应链交易隐藏动态监管***及方法
CN111277415B (zh) * 2020-01-20 2023-12-19 布比(北京)网络技术有限公司 基于区块链智能合约的隐私保护方法及装置
CN111369251B (zh) * 2020-03-07 2021-09-28 中国人民解放军国防科技大学 一种基于用户二级身份结构的区块链交易监管方法
CN111553792A (zh) * 2020-03-24 2020-08-18 平安科技(深圳)有限公司 基于区块链的数据验证方法及装置
CN111586049A (zh) * 2020-05-08 2020-08-25 国网电子商务有限公司 一种针对移动互联网的轻量级密钥认证方法及装置
CN111724493A (zh) * 2020-05-15 2020-09-29 新大陆数字技术股份有限公司 高速公路车载收费装置、高速公路收费***及方法
CN111950021A (zh) * 2020-07-31 2020-11-17 南京航空航天大学 一种智能合约的数据馈赠中隐私泄露问题的解决方法
CN111931209B (zh) * 2020-08-18 2024-03-22 金网络(北京)数字科技有限公司 基于零知识证明的合同信息验证方法及装置
CN111861480B (zh) * 2020-09-21 2020-12-18 浙江大学 一种流量检测模型交易方法、装置、电子设备及存储介质
CN112241434B (zh) * 2020-09-24 2021-06-22 华中农业大学 一种面向数据隐私保护的联盟区块链***
CN112632636B (zh) * 2020-12-23 2024-06-04 深圳前海微众银行股份有限公司 一种密文数据比较结果的证明与验证方法及装置
CN113222747B (zh) * 2020-12-31 2024-01-26 上海零数众合信息科技有限公司 一种区块链隐私交易方法
CN112765268B (zh) * 2020-12-31 2022-11-04 杭州趣链科技有限公司 基于区块链的数据隐私保护方法、装置及设备
CN112733163B (zh) * 2021-01-04 2023-02-03 北京航空航天大学 基于离散对数相等性证明的可监管零知识证明方法及装置
CN113225189B (zh) * 2021-01-05 2024-02-02 上海零数众合信息科技有限公司 一种基于量子抗性的环形保密业务方法
CN113159762B (zh) * 2021-01-28 2024-04-09 武汉天喻信息产业股份有限公司 基于Paillier和博弈论的区块链交易方法
CN114124406B (zh) * 2021-11-19 2023-08-29 重庆邮电大学 基于条件匿名环签名和隐私计算的联盟链隐私保护方法
CN114257381B (zh) * 2021-12-21 2023-11-21 四川启睿克科技有限公司 基于零知识证明的良品率计算方法
CN114760067B (zh) * 2022-03-30 2023-09-12 西安电子科技大学 一种用零知识证明的区块链群智感知***隐私安全保护方法
CN115567214A (zh) * 2022-08-24 2023-01-03 深圳市沃享科技有限公司 智能合约的执行方法、装置、终端设备及计算机介质
CN115829754B (zh) * 2023-02-16 2023-05-05 之江实验室 一种面向隐私保护区块链的交易监管方法及装置
CN116561789B (zh) * 2023-07-07 2023-09-19 北京天润基业科技发展股份有限公司 隐私数据的处理方法、装置、电子设备及可读存储介质
CN117391726A (zh) * 2023-12-06 2024-01-12 哈尔滨工业大学(深圳)(哈尔滨工业大学深圳科技创新研究院) 一种基于区块链的可信能源数据交易方法
CN117786757B (zh) * 2024-02-26 2024-04-30 成都数据集团股份有限公司 一种隐私计算管理***及方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106982205A (zh) * 2017-03-01 2017-07-25 中钞***产业发展有限公司北京智能卡技术研究院 基于区块链的数字资产处理方法和装置
CN107273759A (zh) * 2017-05-08 2017-10-20 上海点融信息科技有限责任公司 用于保护区块链数据的方法、设备以及计算机可读存储介质
CN107274184A (zh) * 2017-05-11 2017-10-20 上海点融信息科技有限责任公司 基于零知识证明的区块链数据处理
CN108418689A (zh) * 2017-11-30 2018-08-17 矩阵元技术(深圳)有限公司 一种适合区块链隐私保护的零知识证明方法和介质

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104850984B (zh) * 2014-05-13 2018-04-06 电子科技大学 一种离线电子货币支付的安全运行方法
CN104601605B (zh) * 2015-02-28 2018-01-02 北方工业大学 云存储中基于变色龙哈希函数的高效隐私保护审计方法
CN105187212A (zh) * 2015-08-07 2015-12-23 河海大学 一种具有指定可验证性的Schnorr环签名方案
CN106503994B (zh) * 2016-11-02 2020-07-28 西安电子科技大学 基于属性加密的区块链隐私数据访问控制方法
CN106549749B (zh) * 2016-12-06 2019-12-24 杭州趣链科技有限公司 一种基于加法同态加密的区块链隐私保护方法
CN106911470B (zh) * 2017-01-23 2020-07-07 北京航空航天大学 一种比特币交易隐私增强方法
CN107358424B (zh) * 2017-06-26 2020-09-29 中国人民银行数字货币研究所 一种基于数字货币的交易方法和装置
CN108418783B (zh) * 2017-09-01 2021-03-19 矩阵元技术(深圳)有限公司 一种保护区块链智能合约隐私的方法、介质

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106982205A (zh) * 2017-03-01 2017-07-25 中钞***产业发展有限公司北京智能卡技术研究院 基于区块链的数字资产处理方法和装置
CN107273759A (zh) * 2017-05-08 2017-10-20 上海点融信息科技有限责任公司 用于保护区块链数据的方法、设备以及计算机可读存储介质
CN107274184A (zh) * 2017-05-11 2017-10-20 上海点融信息科技有限责任公司 基于零知识证明的区块链数据处理
CN108418689A (zh) * 2017-11-30 2018-08-17 矩阵元技术(深圳)有限公司 一种适合区块链隐私保护的零知识证明方法和介质

Cited By (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11244306B2 (en) 2018-08-06 2022-02-08 Advanced New Technologies Co., Ltd. Method, apparatus and electronic device for blockchain transactions
US11379826B2 (en) 2018-08-06 2022-07-05 Advanced New Technologies Co., Ltd. Method, apparatus and electronic device for blockchain transactions
US11392942B2 (en) 2018-08-30 2022-07-19 Advanced New Technologies Co., Ltd. Method, apparatus and electronic device for blockchain transactions
US11341492B2 (en) * 2018-08-30 2022-05-24 Advanced New Technologies Co., Ltd. Method, apparatus and electronic device for blockchain transactions
US11049099B2 (en) * 2018-11-30 2021-06-29 Advanced New Technologies Co., Ltd. Methods for implementing privacy protection in blockchain
US11063769B2 (en) 2018-12-21 2021-07-13 Advanced New Technologies Co., Ltd. Blockchain data protection based on generic account model and homomorphic encryption
US10790987B2 (en) 2018-12-21 2020-09-29 Alibaba Group Holding Limited Blockchain data protection based on generic account model and homomorphic encryption
US10708039B1 (en) 2018-12-21 2020-07-07 Alibaba Group Holding Limited Blockchain data protection based on generic account model and homomorphic encryption
US10680800B2 (en) 2018-12-21 2020-06-09 Alibaba Group Holding Limited Blockchain data protection based on generic account model and homomorphic encryption
US11416854B2 (en) 2018-12-29 2022-08-16 Advanced New Technologies Co., Ltd. System and method for information protection
US11341487B2 (en) 2018-12-29 2022-05-24 Advanced New Technologies Co., Ltd. System and method for information protection
US11475365B2 (en) 2020-04-09 2022-10-18 International Business Machines Corporation Verification of stochastic gradient descent
US11917066B1 (en) 2020-07-12 2024-02-27 Run Interactive, Inc. System for interacting objects as tokens on a blockchain using a class-based language
US11398911B1 (en) 2020-07-12 2022-07-26 Run Interactive, Inc. System for interacting objects as tokens on a blockchain using a class-based language
CN112069262B (zh) * 2020-09-09 2022-05-24 上海万向区块链股份公司 基于区块链智能合约的对账数据上链方法
CN112069262A (zh) * 2020-09-09 2020-12-11 上海万向区块链股份公司 基于区块链智能合约的对账数据上链方法
US11575665B2 (en) 2020-12-07 2023-02-07 International Business Machines Corporation Authorizing uses of goods or services using bonding agreement
CN113822672A (zh) * 2021-11-22 2021-12-21 浙江数秦科技有限公司 一种基于零知识证明的区块链共识方法

Also Published As

Publication number Publication date
CN108418689B (zh) 2020-07-10
CN108418689A (zh) 2018-08-17

Similar Documents

Publication Publication Date Title
WO2019105407A1 (fr) Procédé de preuve de connaissance nulle approprié pour la protection de la confidentialité de chaîne de blocs, et support
CN108418783B (zh) 一种保护区块链智能合约隐私的方法、介质
Morais et al. A survey on zero knowledge range proofs and applications
Liu et al. Anonymous reputation system for IIoT-enabled retail marketing atop PoS blockchain
JP6873270B2 (ja) ブロックチェーンにおけるスマートコントラクトに基づくトランザクション活動の取扱注意データを保護するための方法及びデバイス
Wang et al. Designated-verifier proof of assets for bitcoin exchange using elliptic curve cryptography
US10833861B2 (en) Protection of confidentiality, privacy and ownership assurance in a blockchain based decentralized identity management system
JP2021529397A (ja) ブロックチェーンアドレスおよび所有者の検証のためのシステムおよび方法
WO2020147568A1 (fr) Procédé et dispositif de stockage de preuves basés sur une chaîne de blocs
Rosenberg Handbook of financial cryptography and security
CN113568946A (zh) 用于管理多个区块链网络中的交易的方法、***和装置
Singh et al. A novel credential protocol for protecting personal attributes in blockchain
CN113595734A (zh) 用于管理多个区块链网络中的交易的方法、***和装置
CN113595733A (zh) 用于管理多个区块链网络中的交易的方法、***和装置
Zhou et al. Distributed bitcoin account management
Wu et al. The survey on the development of secure multi-party computing in the blockchain
Islam A privacy-preserving transparent central bank digital currency system based on consortium blockchain and unspent transaction outputs
Montenegro et al. Secure sealed-bid online auctions using discreet cryptographic proofs
Takaragi et al. Secure revocation features in eKYC-privacy protection in central bank digital currency
Devidas et al. Identity verifiable ring signature scheme for privacy protection in blockchain
CN114866289B (zh) 一种基于联盟链的隐私信用数据安全保护方法
CN111523892B (zh) 一种区块链的跨链交易方法及装置
WO2021139545A1 (fr) Procédés et dispositifs destiné à faciliter le financement scindé de factures
WO2021139605A1 (fr) Procédés et dispositifs de fourniture de vérification d'identité décentralisée
Li et al. A blockchain‐based traceable group loan system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18884126

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18884126

Country of ref document: EP

Kind code of ref document: A1