面向联盟链转账隐私保护的^(+)HomElG零知识证明协议  被引量：2

作　　者：景旭[1] 杨少坤 JING Xu;YANG Shaokun(School of Info.Eng.,Northwest A&F Univ.,Yangling 712100,China)

机构地区：[1]西北农林科技大学信息工程学院,陕西杨凌712100

出　　处：《工程科学与技术》2023年第5期272-282,共11页Advanced Engineering Sciences

基　　金：陕西省重点研发计划项目(2019ZDLNY07-02-01);国家重点研发计划项目(2020YFD1100601)。

摘　　要：在联盟链转帐交易中,账本对联盟参与方是透明的,交易隐私保护是面临的最大挑战之一。针对联盟链隐私保护研究中保护账户余额、交易金额存在的交易合法性验证策略不完善、基础加密算法Paillier效率较低的问题,提出了一种面向联盟链转帐隐私保护的^(+)HomElG零知识证明协议。基于PBFT构造了一种联盟链转账隐私保护应用,论述了同态加密的零知识证明的共识交互场景;通过^(+)HomElG算法加密交易金额及账户余额,根据Σ协议设计密文的零知识证明;通过Fiat-Shamir算法的思想,设计了非交互式零知识证明的相等性证明、范围证明中交易的金额大于零和转账方余额不小于零等过程,并在DDH安全前提下证明它们具有正确性、完备性、零知识性。基于Hyperledger Fabric构建了一个联盟链转账隐私保护原型系统,测试结果验证了该协议在非交互式零知识证明条件下能实现保护账户余额、交易金额的密文交易;当密钥长度为3072 bit,测试数据长度为12 bit的十进制整数时,^(+)HomElG算法的效率是150.3 ms,交易金额相等、交易金额大于零以及交易余额不小于零等零知识证明过程的效率(证据生成和验证)分别是482.3、209.3和261.3 ms。测试结果表明,与现有协议相比,该协议的^(+)HomElG算法的效率较高,相等性证明、范围证明等交易合法性验证策略更加完善和高效,满足联盟链转账交易隐私保护需求。In order to solve the problems of imperfect transaction legitimacy verification strategies for protecting account balances and transaction amounts in privacy protection of consortium blockchain,and the low efficiency of the basic encryption algorithm Paillier,a^(+)HomElG zero-know-ledge proof protocol for consortium blockchain transfer privacy protection was proposed.A consortium blockchain transfer privacy protection ap-plication was constructed based on PBFT,which expounded the consensus interaction scenario of zero-knowledge proof of homomorphic encryp-tion.The transaction amount and balance of account were encrypted by the^(+)HomElG algorithm,and the zero-knowledge proof of the ciphertext was designed with theΣprotocol.The non-interactive zero-knowledge was designed through the idea of the Fiat-Shamir algorithm processes such as the proof of equality,the amount of the transaction greater than zero and the balance of the transfer party not less than zero in the proof of range.The protocol was proved to be correct,complete and zero-knowledge under the DDH.A consortium blockchain transfer privacy protection prototype system based on Hyperledger Fabric was constructed.The results verified that the protocol can realize ciphertext transactions to protect balance of account and transaction amount under the condition of non-interactive zero-knowledge proof.When the key length is 3072 bit and the data length is a 12-bit decimal integer,the efficiency of the^(+)HomElG algorithm is 150.3 ms,and the efficiency of the proof of equality,the amount of the transaction greater than zero and the balance of the transfer party not less than zero in the proof of range are 482.3 ms,209.3 ms and 261.3 ms respectively.Compared with the existing protocols,the proposed^(+)HomElG algorithm is more efficient,and its transaction legitimacy verification strategies such as equality proof and range proof are more perfect and efficient.The proposed protocol can meet the privacy protec-tion requirements of consortium blockchain transfer tran

关 键 词：联盟链 零知识证明 隐私保护 同态加密 +HomElG 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]