基于DLIN加密的可监管联盟链隐私保护方案  被引量：3

作　　者：何建江 陈玉玲 HE Jianjiang;CHEN Yuling(State Key Laboratory of Public Big Data,School of Computer Science and Technology,Guizhou University,Guiyang 550025,China)

机构地区：[1]贵州大学计算机科学与技术学院公共大数据国家重点实验室,贵阳550025

出　　处：《计算机工程》2023年第6期170-179,共10页Computer Engineering

基　　金：国家自然科学基金(61962009);贵州省教育厅自然科学研究科技拔尖人才项目(黔教技[2022]073号);广西密码学与信息安全重点实验室研究课题(GCIS202118)。

摘　　要：作为去中心化的分布式数据库,区块链凭借其独特的共识机制允许节点不依赖第三方建立点对点的价值转移,因此被广泛应用于金融、数字版权等领域。然而,区块链中账本数据公开透明存储的特性导致交易数据存在严重的隐私泄露风险,现有的隐私保护方案难以在用户隐私保护与数据追溯监管性之间达到平衡。为此,基于决策线性(DLIN)加密算法、Pedersen承诺、双密钥隐地址协议(DKSAP)、非交互式零知识(NIZK)证明,提出一种可监管的联盟链隐私保护方案。将实际交易金额隐藏于承诺中,并生成对应的NIZK证明信息用以保证解密监管密文得到的金额与实际交易金额相等,从而实现对隐藏金额的监管。基于分层确定性的DKSAP,利用DLIN加密算法生成身份验证及监管密文,结合子公钥生成算法实现对交易接收方身份的追溯。理论分析与仿真结果表明,该方案在保证交易数据隐私性并实现可追溯监管性的同时,能够取得较低的计算和通信开销,相比于可监管的隐私保护方案Traceable-Monero,其监管密文解密时间平均下降52.25%。As a decentralized distributed database,blockchain,with its unique consensus mechanism,allows nodes to establish point-to-point value transfer without relying on third parties.Therefore,it is widely used in finance,digital rights,and other fields.However,the characteristics of open and transparent storage of ledger data in the blockchain leads to serious risk of transaction data disclosure,and the existing privacy-preserving scheme has difficulty in achieving a balance between user privacy protection and data traceability supervision.To this end,an auditable privacy-preserving scheme for consortium blockchain is proposed based on Decisional Linear(DLIN)encryption algorithm,Pedersen commitment,Dual-Key Stealth Address Protocol(DKSAP),and Non-Interactive Zero-Knowledge(NIZK)proof.The actual transaction amount is hidden in the commitment,and the corresponding NIZK proof information is generated to ensure that the amount obtained by decrypting the regulatory ciphertext is equal to the actual transaction amount,thus realizing the verification of the hidden amount.Based on the hierarchical deterministic DKSAP,the DLIN encryption algorithm is used to generate authentication and regulatory ciphertext,and the sub-public key generation algorithm is used to trace the identity of the transaction recipient.The theoretical analysis and simulation results show that this scheme can achieve lower computational and communication costs while ensuring the privacy of transaction data,achieving traceability and supervision.Compared to the auditable privacy-preserving scheme Traceable-Monero,the regulatory ciphertext decryption time is reduced on average by 52.25%.

关 键 词：联盟链 决策线性加密算法 双密钥隐地址协议 Pedersen承诺 非交互式零知识证明 

分 类 号：TP391[自动化与计算机技术—计算机应用技术]