Search

CN-121462207-B - Identity tracing method and device for ring signature in transaction process

CN121462207BCN 121462207 BCN121462207 BCN 121462207BCN-121462207-B

Abstract

The invention discloses an identity tracing method and device for ring signatures in a transaction process. The method comprises the steps of constructing a blockchain system comprising a plurality of blockchains and a notary node independent of each blockchain, enabling a user to randomly select a first blockchain, enabling the user and a key generation center to conduct information interaction with the notary node respectively to Verify identities, enabling the user to initiate a first request for accessing data nodes in a second blockchain through the first blockchain, enabling a first cross-chain agent node to check the first request and conduct signature operation on the first request by using a Sign signature algorithm and a user private key when the first cross-chain agent node monitors that the first request is located at the head of a queue of a task, enabling the second blockchain to Verify the received first request of the first signature by using a verity algorithm, and enabling the notary node to track and trace the signature operation regularly. The invention can track malicious signatures on the basis of resisting quantum attack.

Inventors

  • LIU JIAN
  • WANG YITING
  • HUO SHANSHAN
  • LI YANJUN
  • DONG JINGJING
  • YANG LONG
  • LIU CHEN
  • SUN QI

Assignees

  • 中国电子科技集团公司第十五研究所

Dates

Publication Date
20260508
Application Date
20251011

Claims (9)

  1. 1. An identity tracing method for ring signatures in a transaction process is characterized by comprising the following steps: step S1, constructing a blockchain system comprising a plurality of blockchains and a notary node independent of each blockchain, wherein the blockchain comprises a cross-chain agent node and a plurality of data nodes; Step S2, a user randomly selects a first blockchain in a blockchain system, and the user and a key generation center respectively interact with notary nodes to verify identities; S3, a user initiates a first request for accessing a data node in a second blockchain through a first blockchain, and a first cross-chain proxy node of the first blockchain registers the first request to a task queue; the first cross-link agent node sends an access request corresponding to the first request to the notary node, and when the first cross-link agent node monitors that the first request is positioned at the head of a queue of the task queue, the first request is audited, signature operation is carried out on the first request by using a Sign signature algorithm and a user private key, and the first request with the first signature is recorded in the notary node; the notary node sends an authorization message and an authorization signature to a second cross-chain agent node of a second blockchain, and sends a first request with a first signature to the second blockchain; Step S4, the second blockchain verifies the received first request and authorization message of the first signature by using a Verify algorithm, after verification, the second blockchain establishes an information channel between the second blockchain and a user through a key generation center, encrypts the content in the data node based on a private key of the user and sends the content to the user; and S5, periodically tracking and tracing the signature operation by the notary node.
  2. 2. The method as claimed in claim 1, wherein in the step S1, the key generating center generates the user public-private key pair based on the blockchain system public parameter and the blockchain system public-private key pair, including: step S11, a key generation center generates a public parameter of a blockchain system and a public and private key pair of the blockchain system, and the step S11 comprises the following steps: key generation center random generation matrix Selecting a random key vector After uniform sampling , wherein, Respectively represent Dimension and sum Polynomial vector, set Is a finite set, a set Comprises [ All integers in ] Tuple, set Comprises [ All integers in ] The set of tuples is composed of a set of tuples, All of which are included X is the vector, and, Is an integer ring, d is a parameter; Step S12, selecting two hash functions by the key generation center , , Is that Is a subset of the set of (c), Is a mould A polynomial ring of the type described above, Is that Dimension mould A polynomial ring; Step S13, the key generation center generates the public parameters of the blockchain system Public and private key pair of block chain system Wherein the blockchain system private key Block chain system public key , , Is that A dimension matrix; And S14, the key generation center generates a user public and private key pair based on the public parameters of the blockchain system, the public and private key pair of the blockchain system and the user identity.
  3. 3. The method of claim 2, wherein step S14, the key generation center generating a user public-private key pair based on the blockchain system public parameter, the blockchain system public-private key pair, and the user identity, comprises: The key generation center selects a random key vector And uniformly sampling the random key vector Calculating Will be Split into the following forms: , in the case of the first split component, As a matter of course of the parameters of the solution, Is a second split component; based on user identity Calculation of Generating a public and private key pair of a user User private key , Is the identity of the user I is the subscript of the user identity, Wherein i is an integer, and wherein, For ring member number, user public key 。
  4. 4. The method as claimed in claim 3, wherein in step S3, when the first cross-link proxy node monitors that the first request is located at the head of the task queue, auditing the first request and performing a signature operation on the first request using a Sign signature algorithm and a user private key includes: step S31, when the first cross-link agent node monitors that the first request is positioned at the head of the task queue, checking the first request, and after the checking is passed, entering step S32; step S32, calculating the label of the user public key binding event , , Is an event; Calculation of , , , As a result of the first hash value being a first hash value, For a message to be signed, Is that Dimension mould A polynomial ring of the type described above, As a result of the first intermediate value being, In the second intermediate value of the value, For users Identity (identity) Is a hash value of (2); Traceable label Step S33, in Equal to When the step S331 is performed, in Equal to In any one of them, step S332 is executed; step S331 random sampling polynomial mask vector Calculation of Is a polynomial mask vector Is used in the range of (a), A user public key set for a signer in the ring, Is a vector of a mask of polynomials, Equal to the blockchain system public key, based on polynomial mask vector Determination of Based on Determination of ; Step S34 is entered; step S332 random sampling Calculation of , Calculation of The parameters obtained for random sampling are based on Determination of And a y-group, and the y-group, In order to calculate the third intermediate value obtained, For the corresponding value in the signature generated by hash calculation based on the public key of user i, Is an AND matrix Key vector Related to The vector of dimensions is used to determine, In order to calculate the fourth intermediate value obtained, In order for the tag to be traceable, For calculating the hash value, based on Determination of ; Step S34 is entered; step S34, calculating If (if) , Is that Is used for the coefficient of (a), To challenge set in hash function Output signature based on the parameters in (a) If not, the signature fails, and the signature value is recalculated.
  5. 5. The method of claim 4, wherein in step S4, the second blockchain verifies the received first request, authorization message of the first signature using a Verify algorithm, wherein the Verify algorithm includes: Step S41 obtaining the first signature As a coefficient of (2) Hash function challenge set in first request As a parameter in (a) Partial signature of authorized signatures ; Step S42, in When calculating , For the following : Calculation of , Calculation of Verification Equal to Whether the verification is established or not, if so, the verification is passed, and if not, the verification is not passed.
  6. 6. The method according to any one of claims 4-5, wherein the step S5 of the notary node periodically tracking and tracing the signature operation comprises: step S51, periodically acquiring the stored first signature and the traceable label corresponding to the first signature by the notary node, and calculating: , , , Wherein, the In order to calculate the intermediate value that is to be obtained, Is a message to be signed; step S52, if Judging that the result is a compliant cross-chain access; If it is The judgment result is that the non-compliance cross-link access is performed, and then the first is obtained Public key of individual user According to The signer identity is traced back to the information in (a).
  7. 7. An identity traceability device for ring signatures in a transaction process, comprising: the system comprises an initialization module, a key generation center, a public key generation center and a public key generation module, wherein the initialization module is configured to construct a blockchain system comprising a plurality of blockchains and a notary node independent of each blockchain; The request initiating module is configured to enable a user to randomly select a first blockchain in the blockchain system, and the user and the key generating center respectively conduct information interaction with a notary node to verify identity; The signature module is configured to initiate a first request for accessing a data node in a second blockchain by a user through a first blockchain, and the first request is registered to a task queue by a first cross-chain agent node of the first blockchain; the first cross-link agent node sends an access request corresponding to the first request to the notary node, and when the first cross-link agent node monitors that the first request is positioned at the head of a queue of the task queue, the first request is audited, signature operation is carried out on the first request by using a Sign signature algorithm and a user private key, and the first request with the first signature is recorded in the notary node; the notary node sends an authorization message and an authorization signature to a second cross-chain agent node of a second blockchain, and sends a first request with a first signature to the second blockchain; The verification module is configured to Verify the received first request and authorization message of the first signature by the second blockchain through a Verify algorithm, establish an information channel between the second blockchain and the user through a key generation center after the verification is passed, encrypt the content in the data node based on the private key of the user and send the content to the user; and the traceability module is configured to trace and trace the signature operation regularly by the notary node.
  8. 8. A computer readable storage medium having stored therein a plurality of instructions for loading and executing the method of any one of claims 1-6 by a processor.
  9. 9. An electronic device, the electronic device comprising: a processor for executing a plurality of instructions; a memory for storing a plurality of instructions; wherein the plurality of instructions are for storage by the memory and loading and executing by the processor the method of any of claims 1-6.

Description

Identity tracing method and device for ring signature in transaction process Technical Field The invention relates to the technical field of computer encryption, in particular to an identity tracing method and device for ring signatures in a transaction process. Background Along with the development of the post quantum technology, the post quantum cryptography threatens the traditional public key cryptography, for example, the Shor algorithm can solve the problems of integer decomposition and discrete logarithm in polynomial time, and thoroughly breaks most public key cryptosystems such as the existing RSA. Meanwhile, most of the traditional digital signature technologies rely on traditional number theory assumptions, and are difficult to resist quantum attack, so that limitations of the traditional digital signature technologies are gradually revealed. The ring signature has unconditional anonymity as a special digital signature technology, while the existing lattice-based ring signature technology has high calculation cost, high communication overhead and risk of anonymity misuse, so that an actual signer cannot be traced, and the complete anonymity of the actual signer can be improperly utilized in the transaction process. Disclosure of Invention In view of the above, the present invention provides an identity tracing method and apparatus for ring signature in transaction process, which can solve the above technical problems. The present invention is so implemented as to solve the above-mentioned technical problems. An identity tracing method for ring signatures in a transaction process, comprising: step S1, constructing a blockchain system comprising a plurality of blockchains and a notary node independent of each blockchain, wherein the blockchain comprises a cross-chain agent node and a plurality of data nodes; Step S2, a user randomly selects a first blockchain in a blockchain system, and the user and a key generation center respectively interact with notary nodes to verify identities; S3, a user initiates a first request for accessing a data node in a second blockchain through a first blockchain, and a first cross-chain proxy node of the first blockchain registers the first request to a task queue; the first cross-link agent node sends an access request corresponding to the first request to the notary node, and when the first cross-link agent node monitors that the first request is positioned at the head of a queue of the task queue, the first request is audited, signature operation is carried out on the first request by using a Sign signature algorithm and a user private key, and the first request with the first signature is recorded in the notary node; the notary node sends an authorization message and an authorization signature to a second cross-chain agent node of a second blockchain, and sends a first request with a first signature to the second blockchain; Step S4, the second blockchain verifies the received first request and authorization message of the first signature by using a Verify algorithm, after verification, the second blockchain establishes an information channel between the second blockchain and a user through a key generation center, encrypts the content in the data node based on a private key of the user and sends the content to the user; and S5, periodically tracking and tracing the signature operation by the notary node. Preferably, in the step S1, the key generating center generates a public-private key pair of the user based on the public parameter of the blockchain system and the public-private key pair of the blockchain system, including: step S11, a key generation center generates a public parameter of a blockchain system and a public and private key pair of the blockchain system, and the step S11 comprises the following steps: key generation center random generation matrix Selecting a random key vectorAfter uniform sampling, wherein,Respectively representDimension and sumPolynomial vector, setIs a finite set, a setComprises [All integers in ]Tuple, setComprises [All integers in ]The set of tuples is composed of a set of tuples,All of which are includedX is the vector, and,Is an integer ring, d is a parameter; Step S12, selecting two hash functions by the key generation center ,,Is thatIs a subset of the set of (c),Is a mouldA polynomial ring of the type described above,Is thatDimension mouldA polynomial ring; Step S13, the key generation center generates the public parameters of the blockchain system Public and private key pair of block chain systemWherein the blockchain system private keyBlock chain system public key,,Is thatA dimension matrix; And S14, the key generation center generates a user public and private key pair based on the public parameters of the blockchain system, the public and private key pair of the blockchain system and the user identity. Preferably, in step S14, the key generation center generates a user public and private key pair based on the blockc