融合代理重加密和零知识证明的USBKey联盟链追溯系统  

作　　者：张磊 万昕元 肖超恩 王建新 邓昊东 郑玉崝 Zhang Lei;Wan Xinyuan;Xiao Chaoen;Wang Jianxin;Deng Haodong;Zheng Yuzheng(Department of Electronics and Communications Engineering,Beijing Electronic Science and Technology Institute,Beijing 100070;Department of Cyberspace Security,Beijing Electronic Science and Technology Institute,Beijing 100070)

机构地区：[1]北京电子科技学院电子与通信工程系,北京100070 [2]北京电子科技学院网络空间安全系,北京100070

出　　处：《信息安全研究》2025年第1期81-90,共10页Journal of Information Security Research

基　　金：中央高校基本科研业务费专项资金项目(3282024009,20230051Z0114,20230050Z0114);教育部产学合作协同育人项目(20220163H0211);北京电子科技学院学科建设项目(20230007Z0452,20230010Z0452)。

摘　　要：目前,基于区块链技术的信息追溯系统在物联网领域中得到了广泛应用.但是,基于区块链的追溯系统在追溯数据存储和查询的过程中存在数据及用户隐私泄露的风险.针对此类问题,融合代理重加密和零知识证明技术,设计了基于联盟链构造的USB Key可信追溯解决方案.首先,在区块链上链存储过程中引入了星际文件系统(interplanetary file system,IPFS)和代理重加密技术,为参与双方建立了一个安全、高效的信息存储机制;同时,在数据查询过程中引入了zk-SNARK零知识证明机制,对查询用户进行身份认证和确权操作,确保了追溯数据查询过程中用户身份的私密性;最后,基于上述可信追溯解决方案,利用Hyperledger Fabric分布式账本实现了一个USB Key的信息追溯原型系统.通过实验,证明了该方案切实可行,并有效地保障了USB Key追溯系统中追溯信息的保密性和真实性,以及在实现权限分配的前提下用户身份的隐私性.At present,blockchainbased information traceability solutions are widely applied in the Internet of things(IoT)space.However,during the storage and query processes in blockchainbased traceability solutions,there is a risk of data and user privacy leakage.To address these issues,this paper proposes a trusted traceability solution for USB Keys based on consortium blockchain,integrating proxy reencryption and zeroknowledge proof technologies.Firstly,the Interplanetary File System(IPFS)and proxy reencryption technologies are introduced during the onchain storage process on the blockchain to establish a secure and efficient information storage mechanism for the participating parties.Additionally,during data query,a zk-SNARK zeroknowledge proof mechanism is employed for user identity authentication and rights confirmation,ensuring the privacy of user identities in the traceability data query process.Finally,based on the proposed trusted traceability solution,a USB Key information traceability prototype system is implemented using the Hyperledger Fabric distributed ledger technology.Experiments demonstrate the feasibility of this system,effectively protecting user privacy under the premise of permission allocation and ensuring the confidentiality and authenticity of traceability information in the USB Key system.

关 键 词：USB Key 代理重加密 零知识证明 区块链 信息追溯 

分 类 号：TP311[自动化与计算机技术—计算机软件与理论]