Search

CN-121979920-A - Block chain privacy protection query method based on distributed point function

CN121979920ACN 121979920 ACN121979920 ACN 121979920ACN-121979920-A

Abstract

The invention discloses a blockchain privacy protection query method based on a distributed point function, which comprises the following steps of completing system participant definition, threat model setting and preprocessing work of a consensus node end; the query request is generated and distributed through the distributed point function DPF, share evaluation, multi-block processing and parallel optimization are carried out, and the acquisition and verification of the final result are completed. By introducing the privacy query mechanism and the standing-protection mechanism based on the distributed point function, the privacy protection capability of the query keywords in the block chain light node outsourcing query scene is obviously improved, and the correctness and the credibility of the query results are effectively ensured in an untrusted full-node environment. The invention obviously reduces the calculation and communication burden while realizing privacy protection, and can meet the trust premise by only needing a small amount of full-node deployment Intel SGX, thereby obviously reducing the trusted hardware deployment threshold.

Inventors

  • CHENG JINGXIAN
  • ZHAO HAOJIE
  • ZHU YONGHUA
  • ZHAO JUAN

Assignees

  • 长安大学

Dates

Publication Date
20260505
Application Date
20260202

Claims (8)

  1. 1. The block chain privacy protection query method based on the distributed point function is characterized by comprising the following steps of: Step 1, system model presetting and verifiable index construction Finishing the pretreatment work of system participant definition, threat model setting and consensus node end; Step 2, query share generation and distribution based on standing-protection mechanism Generating and distributing a query request through a distributed point function DPF; Step 3, parallelizing all-node share evaluation and result return Performing share evaluation, multi-block processing and parallel optimization; step 4, query result reconstruction and correctness verification And (5) obtaining and checking a final result.
  2. 2. The blockchain privacy protection query method based on the distributed point function as in claim 1, wherein in the step 1, the system model is composed of four types of participants: (1) The consensus node is a full node capable of adding a new block and is responsible for constructing a query index and generating an authenticatable data structure ADS; (2) The inquiring user is a light node, stores the block head and outsources the inquiry to the whole node; (3) The service provider SP is a full node for providing data storage and query service; (4) Guard Garrison, a small subset of full nodes, is a group of SGX enclave equipped nodes.
  3. 3. The blockchain privacy preserving query method based on the distributed point function of claim 1, wherein in step 1, threat model setting includes: The system adopts a common blockchain threat model, namely, the blockchain system is assumed to function normally, namely, more than 51% of consensus nodes are honest; the full node is considered untrusted, may return incomplete or erroneous transactions and snoop query privacy, and the querying user is considered honest, assuming that the hardware security enhancements of Intel SGX cannot be compromised.
  4. 4. The blockchain privacy protection query method based on the distributed point function according to claim 1, wherein in the step 1, the preprocessing work of the consensus node includes: (1a) Constructing an index, namely constructing a query index aiming at each block b; If block b contains n transactions and m different keywords, then construct n M bitmap table First of all Line 1 The bits of the column are in transaction Contains keywords Setting 1, otherwise setting 0; To reduce storage overhead, each row of the bitmap index is replaced with a bloom filter of the corresponding transaction keyword set; (1b) ADS construction, in order to ensure that the result can be verified, the consensus node needs to construct an authenticatable data structure ADS for each column of the index Constructing column vectors And calculates the column label: ; Subsequently, calculate And will And storing the block header of the block b.
  5. 5. The blockchain privacy protection query method based on the distributed point function according to claim 1, wherein in the step 2, the method specifically comprises the following steps: DPF allows a user to function Splitting into multiple shares, any strict subset is not revealed Its generation algorithm Can generate Individual key shares when the light node is in block Up query keywords At the time, set up Corresponding to index No Column, light node execution And call up Generating shares Thereby obtaining "only at the first The column takes a fraction of the point function of value 1 ".
  6. 6. The method of claim 1, wherein the step 2 further comprises introducing a guard mechanism, selecting a small part of all nodes as standing points through a consensus protocol, configuring SGX, selecting a query group containing one or more standing points by light nodes during distribution, and dividing one share And SGX enclave to the stagnation point, and respectively sending the rest shares to different common SPs.
  7. 7. The blockchain privacy protection query method based on the distributed point function as in claim 1, wherein the step 3 specifically includes the following steps: (3a) Share evaluation, namely evaluating indexes locally by selected full nodes, and evaluating columns by the full nodes Sequentially constructing column vectors And calculating: ; Wherein " "Being according to the position and" being the same as the position " "Is bitwise exclusive OR; (3b) Multi-block and parallel processing for time window queries covering multiple blocks Processing all nodes by parallel optimization technology based on the number of system CPUs Dividing the blocks of the query interval into Subinterval, interval length Each CPU is responsible for a section, invokes an MPI interface, performs the share evaluation in parallel, and stores the block results into a Queue according to the block ID sequence; (3c) Result return and VO generation after processing is completed, the ordinary SP returns only the block ID And results And SGX enclave of the standing point needs to additionally return a verification object in order to prove the evaluation accuracy and not reveal specific column information And finally returning the queue to the light node.
  8. 8. The blockchain privacy protection query method based on the distributed point function as in claim 1, wherein the step 4 specifically includes the following steps: (4a) Result reconstruction light node collection Response of individual full nodes Reconstructing the final result column vector by bitwise exclusive-or: ; The vector is the keyword Is a bitmap of all transaction records of a transaction; (4b) Verification of correctness, light node computing local label And checking the return of the standing point Whether or not to contain the A value; Subsequently, use is made of Root hash is computed for all tags in the file And stored in local block header And if the inspection passes, the verification is successful, and the real and effective query result is confirmed.

Description

Block chain privacy protection query method based on distributed point function Technical Field The invention relates to the technical field of blockchains, cryptography and privacy protection query, in particular to a blockchain privacy protection query method based on a distributed point function. Background The blockchain technology has become an important technical means for ensuring data security in a plurality of fields such as digital finance, internet of things, intelligent medical treatment, supply chain management and the like by virtue of the characteristics of decentralization, non-tamper property, transparency, traceability and the like. The national project for the development of trusted data space (2024-2028) explicitly states that blockchains play a key role in promoting the healthy development of digital economies. In a blockchain system, storage and bandwidth overhead required by all nodes are large, and users with limited resources are usually accessed in a light node mode, namely only synchronous block heads and query requests are outsourced to all node processing. However, the full node is generally regarded as an untrusted party, and can infer sensitive information such as real identity of a user by analyzing access modes of outsourced queries, and such privacy disclosure risk not only weakens anonymity advantages of the blockchain, but also significantly limits wide deployment of the blockchain in the sensitive data field. Aiming at the problem, the blockchain privacy protection query method is taken as a key technology for guaranteeing the data retrieval safety in an untrusted environment, and becomes an important means for solving the privacy concern of the light node. The blockchain privacy protection query method is mainly characterized in that query requests of users are split, encrypted or confused through cryptographic primitives or trusted hardware technology, so that specific keywords or contents retrieved by the users cannot be known when query calculation is executed by all nodes. The method can effectively shield the snooping of the full nodes on the query intention of the user, prevent malicious nodes from deducing the identity of the user, and remarkably improve the safety and the user trust degree of the block chain system. However, the existing security query methods on blockchains are mainly divided into two major categories, namely verifiable query for ensuring query integrity and privacy protection query for hiding light node sensitive information, and meanwhile, function secret sharing is widely studied as a general privacy computing technology. The basic idea of the verifiable query scheme is to solve the blockchain query integrity problem by embedding accumulator-based ADS in the block header, combining MB tree with SGX, or combining bloom filter with Merkle tree. The basic idea of the privacy preserving query scheme is to deploy a trusted execution environment on each complete node, and control output leakage by populating query results, utilizing expensive forgetting techniques (e.g., ORAM) to ensure privacy retrieval. The general query technology based on function secret sharing has the basic idea that a query function is split into a plurality of secret fragments, so that a result is recombined under the condition of not revealing the query intention. Matetic et al in the literature "BITE: bitcoin LIGHTWEIGHT CLIENT PRIVACY using trusted execution" propose a BITE system, which is a trusted hardware-based privacy protection scheme requiring that every full node in a blockchain network deploy an SGX enclave, by processing the query request of a light node inside the enclave, in combination with ORAM techniques to ensure that the full node cannot infer the query content through a memory access pattern, and finally by filling the result length to prevent side channel leakage. Zhang et al in document "OblivChain: enabling oblivious queries for blockchain LIGHT CLIENTS WITH malicious security" propose a forgetting query scheme based on a multi-server architecture, which introduces a read-only ORAM algorithm to improve retrieval performance, and utilizes multiple in-chain servers as agents to assist light nodes in completing privacy queries, aiming at protecting access mode privacy of users under a malicious security model. Furthermore, wang et al in document "Splinter: PRACTICAL PRIVATE queries on public data" utilize a distributed point Function (FSS) technique to allow users to split a query into multiple shares and send it to different cloud service providers holding copies of the data, enabling private retrieval of public databases without revealing the query content. However, the above existing methods still have the following disadvantages in the blockchain privacy query process: (1) The existing scheme based on trusted hardware generally requires that each full node in a blockchain network is required to be configured with expensive SGX hardware, and the req