ZKFERP:计算成本恒定的通用高效范围证明方案  

作　　者：李一聪 周宽久[1] 王梓仲 徐琳 LI Yi-cong;ZHOU Kuan-jiu;WANG Zi-zhong;XU Lin(School of Software,Dalian University of Technology,Dalian,Liaoning 116024,China)

机构地区：[1]大连理工大学软件学院,辽宁大连116024

出　　处：《计算机科学》2022年第10期335-343,共9页Computer Science

基　　金：科技部重点研发计划(2019YFD1101104)。

摘　　要：区块链去中心化的特性易导致交易层用户隐私泄露,引发信息安全问题。零知识范围证明的目的是在不透露交易数据的同时,机密验证数据属于合法正整数区间,有效解决了区块链隐私保护问题。现有的区块链范围证明方案在证明速度、验证速度及计算成本等方面仍有较大的优化空间;并且,现有方案无法处理浮点数问题,因此限制了范围证明的应用领域。基于此,提出了一种计算成本恒定且浮点数、整数通用的高效范围证明方案——ZKFERP。ZKFERP在Bulletproofs的基础上改进零知识协议,优化证明结构,并设计了一种拉格朗日内积向量生成方法,使见证生成时间恒定,最后利用浮点数范围关系式构造承诺,实现浮点数范围证明。ZKFERP仅依赖于离散对数假设,无需第三方可信。实验结果表明,ZKFERP的通信成本和时间复杂度均恒定,且与已知最先进的范围证明方案相比,ZKFERP的证明时间缩短了40.0%,验证时间缩短了29.8%。The decentralization of blockchain can easily lead to the leakage of users’ private data at the transaction layer, which in turn leads to information security issues.The zero-knowledge range proof is designed to confidentially verify that the transaction data belongs to a legal positive integer range without revealing the transaction data.It effectively solves the problem of blockchain privacy leakage.The existing blockchain range proof scheme can still be further optimized in terms of proof speed, verification speed and calculation cost.In addition, the existing solutions cannot handle the floating-point number problem, thus limiting the application fields of range proofs.This paper proposes an efficient range proof scheme with constant computational cost and universal for floating-point numbers and integers, ZKFERP.It improves the zero-knowledge protocol based on Bulletproofs to optimize the proof structure, and a Lagrangian inner product vector generation method is designed to make the witness generation time constant and the commitment is constructed according to the floating-point number range relationship to implement floating-point range proof.ZKFERP only relies on the discrete logarithm assumption, and third-party credibility is not required.The communication cost and time complexity of ZKFERP are constant.Experimental results show that, compared with the most advanced known range proof scheme, ZKFERP’s proof speed is increased by 40.0%,and the verification speed is increased by 29.8%.

关 键 词：区块链 隐私保护 零知识证明 范围证明 向量内积承诺 

分 类 号：TP399[自动化与计算机技术—计算机应用技术]