一种基于群签名的许可区块链匿名背书方案  被引量：3

作　　者：张明武[1,2,3] 夏禹轩 张语荻 陈启祥 杨波[4] ZHANG Ming-Wu;XIA Yu-Xuan;ZHANG Yu-Di;CHEN Qi-Xiang;YANG Bo(School of Computer Science,Hubei University of Technology,Wuhan 430068,China;Xiangyang Industrial Institute of Hubei University of Technology,Xiangyang 441100,China;Guangxi Key Laboratory of Cryptography and Information Security,Guilin 541004,China;School of Computer Science,Shaanxi Normal University,Xi’An 710119,China)

机构地区：[1]湖北工业大学计算机学院,武汉430068 [2]襄阳湖北工业大学产业研究院,襄阳441100 [3]广西密码学与信息安全重点实验室,桂林541004 [4]陕西师范大学计算机科学学院,西安710119

出　　处：《密码学报》2022年第3期496-510,共15页Journal of Cryptologic Research

基　　金：国家自然科学基金委员会-广东联合基金重点项目(U2001205);国家自然科学基金(62072134);湖北省重点研发计划(2021BEA163);广西自然科学基金重点项目(2019JJD170020)。

摘　　要：自比特币问世以来,区块链技术得到迅速发展,其应用领域也不断扩展,包括分布式账本、数字资产与数字存证等.许可区块链作为一种有效的企业区块链应用解决方案,受到各方青睐,其优势在于极大提高了交易共识的执行效率,同时通过访问授权机制实现了适用于企业商业应用的安全性支持.然而,为了提高共识过程的执行效率,现有的许可区块链采用“执行-排序-验证”的背书模式,带来了新的安全隐患,这种背书面临的安全威胁主要体现在:背书节点身份的暴露、背书共识容错率变低、背书策略的泄露等.为了解决许可区块链背书中存在的安全问题,本文提出了一种基于群签名的许可区块链匿名背书方案,实现在背书过程中背书节点身份及背书策略的隐藏,方案中引入中国剩余定理对许可区块链应用中的快速背书节点成员更新提供有效支持.该方案也适用于背书节点权重不对等的情况,同时可以满足区块链应用的溯源要求.本文在Hyperledger Fabric许可区块链上进行了方案的仿真实验,实验样本为2750条独立的交易数据,并将这些数据按50为单位递增分为10组,分别进行交易的执行.实验结果表明,本方案中的匿名背书方法对Fabraic许可区块链的交易执行效率影响较小,整个许可区块链交易在保证背书身份的匿名前提下仍然具有较高的执行效率,同时具有对背书节点集群维护与更新上的灵活性优势.Since the advent of Bitcoin in 2008,blockchain technology provides many vivid applications such as distributed ledger,digital asset and digital evidence,etc.Permissioned blockchain is favored by all parties,which is treated as an effective blockchain solution to enterprise applications,and can greatly improve the efficiency of transaction consensus by using the access authorization mechanism to support the security for enterprise commercial applications.However,in order to improve the efficiency of consensus process,the existing permission blockchain solutions employ the executionsequence-verification endorsement model,which lead to some security risks of endorsement,including the following:(a)the exposure of the identity of the endorsing node,(b)the effect that the error tolerance rate of the endorsement consensus becomes lower,and(c)the leakage of the endorsement strategy.In order to solve the security issues of endorsement in permissioned blockchain,this paper proposes an anonymous endorsement scheme based on group signatures,which realizes the concealment of the endorsement node identity and endorsement strategy in the endorsement process,and uses the Chinese remainder theorem(CRT)to provide the support of fast membership updates for endorsement node of permissioned blockchain.The proposed scheme is also suitable for the scenarios such that the weights of endorsement nodes are unequal to meet the requirement of blockchain applications.Some simulation experiments have been conducted on the well-known Hyperledger Fabric permissioned blockchain platform,and the results indicate that the proposed scheme is efficient and flexible in both the execution efficiency,maintenance and updates of endorsement node clusters.

关 键 词：许可区块链 群签名 匿名背书 中国剩余定理 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]