CN114640468A - Block chain privacy protection method based on online and offline attribute encryption - Google Patents

Block chain privacy protection method based on online and offline attribute encryption Download PDF

Info

Publication number
CN114640468A
CN114640468A CN202210255503.8A CN202210255503A CN114640468A CN 114640468 A CN114640468 A CN 114640468A CN 202210255503 A CN202210255503 A CN 202210255503A CN 114640468 A CN114640468 A CN 114640468A
Authority
CN
China
Prior art keywords
user
ciphertext
chain
data
offline
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210255503.8A
Other languages
Chinese (zh)
Other versions
CN114640468B (en
Inventor
高丹
欧君
李高俊
范玮
季小艳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Vocational And Technical College Of Anshun
Original Assignee
Vocational And Technical College Of Anshun
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Vocational And Technical College Of Anshun filed Critical Vocational And Technical College Of Anshun
Priority to CN202210255503.8A priority Critical patent/CN114640468B/en
Publication of CN114640468A publication Critical patent/CN114640468A/en
Application granted granted Critical
Publication of CN114640468B publication Critical patent/CN114640468B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a block chain privacy protection method based on online and offline attribute encryption, which relates to a block chain system and a plurality of entity modules, wherein the entity modules comprise a data owner DO, a data user DU, a group manager GM, an offline encryption agency OEA, an offline decryption agency ODE, a alliance chain AC and a shared chain EST; the block chain system is used for providing a distributed and credible data storage cloud server system for the entity module, and the implementation mode of the block chain system comprises the following processes of a system initialization stage, a user registration stage, an encryption stage, a group signature authentication stage, a data user decryption stage and a responsibility pursuing stage. By adopting the protection method, the data owner and the verifier can be traced back in two directions, and the safety of numerical control is improved.

Description

Block chain privacy protection method based on online and offline attribute encryption
Technical Field
The invention relates to the technical field of block chains, in particular to a block chain privacy protection method based on online and offline attribute encryption.
Background
The blockchain is a credible distributed data storage technology realized based on a P2P network and a cryptography technology, and the blockchain is increasingly favored by people and widely applied in various scenes as a decentralized distributed accounting system based on the characteristics of non-repudiation, consensus and transparency, non-falsification and the like. However, the conventional blockchain realizes the transparency and traceability of data, and the privacy security of the user is threatened to a certain extent. How to protect the privacy security of users while realizing the advantages of transparent traceability of the blockchain becomes a research hotspot.
For the problem of traceability and user privacy leakage of block chain data, in order to protect user privacy security, through retrieval, reference 1 ("adaptive security outsourcing attribute-based encryption scheme with keyword search", goulipt, jonqin, computer application, 2021, 41 (11): 3266-. Reference 3 ("block chain supervised privacy protection scheme based on group signature and attribute encryption", li, duhuna, billo, computer engineering: 1-9 [ 2022-01-04 ]. DOI: 10.19678/j.issn.1000-3428.0062464) proposes a block chain privacy protection scheme with a double-chain structure, which effectively protects the private information of a user through a group signature technology and an attribute encryption technology. However, only one verifier in the scheme cannot effectively prevent collusion between the verifier and the user, cannot effectively ensure authenticity and transparency of information, and cannot be well applied to equipment with limited computing resources. Reference 4 ("block chain privacy protection scheme certified safe based on SM9 algorithm", yang chars, caichuliang, zhuan wei, characterization, software report, 2019, 30 (06): 1692-1704. DOI: 10.13328/j.cnki.jos.005745) proposes a privacy protection scheme mainly applied to a federation chain, and through the setting of verifier groups (i.e., federation chains), privacy information of users is effectively protected. However, the scheme is mainly applied to a alliance chain, cannot be well applied to a double-chain structure, and cannot be well applied to equipment with limited computing resources.
In combination with the features of references 1 to 4, in order to be applicable to devices with limited computing resources, while implementing fine-grained user privacy protection, the protection scheme can also trace responsibility for owners and signers of data, and improve the security of the data, thereby providing a protection scheme based on online and offline attributes.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a privacy protection method aiming at the problems in the background technology and aiming at protecting the privacy security of a user, the user calculation overhead is reduced and the fine-grained user access control is realized through an online and offline attribute encryption algorithm, and the two-way tracing of the user and a verifier is realized through double-chain design and group signature verification, so that the data security is improved, in particular to a block chain privacy protection method based on online and offline attribute encryption.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows: a block chain privacy protection method based on online and offline attribute encryption relates to a block chain system and a plurality of entity modules, wherein the entity modules comprise a data owner DO, a data user DU, a group administrator GM, an offline encryption agency OEA, an offline decryption agency ODE, a union chain AC and a shared chain EST; the block chain system is used for providing a distributed and credible data storage cloud server system for the entity module, and the implementation mode of the block chain system comprises the following processes of a system initialization stage, a user registration stage, an encryption stage, a group signature authentication stage, a data user decryption stage and a responsibility pursuing stage.
Furthermore, the block chain privacy protection method based on online and offline attribute encryption provided by the invention has the advantages that through the online and offline attribute encryption algorithm, the block chain is combined with the offline encryption mechanism and the offline decryption mechanism, the calculation overhead of a user is reduced, meanwhile, the fine-grained user access control is realized, through the double-chain control of the sharing chain and the alliance chain, the single-point fault problem is prevented, collusion between the user and a verifier is prevented, meanwhile, through group signature verification, the bidirectional tracing of a data owner and the verifier is realized, and the numerical control safety is increased; the specific implementation mode comprises the following processes that a data owner DO sends an access structure to an offline encryption mechanism ODE, the offline encryption mechanism calculates an intermediate ciphertext based on a time period tree and the access structure and returns the intermediate ciphertext to the data owner DO, and the data owner DO encrypts data by using the intermediate ciphertext and sends the ciphertext to a cloud server system in a block chain system; a data user searches keywords through a cloud server system and obtains a matched ciphertext; the data user DU sends the ciphertext to the offline decryption mechanism ODE, the offline decryption mechanism ODE partially decrypts the ciphertext based on the attribute and the secret key of the data user DO to obtain a converted ciphertext, and the converted ciphertext is returned to the data user DO; and the data user DO decrypts the converted ciphertext by using the conversion key to obtain the data.
Further, the block chain privacy protection method based on online and offline attribute encryption described in the present invention, wherein the specific implementation manner of the system initialization stage is:
(1) in the system initialization phase, determining the system initialization related attributes: data owner runs a system setup algorithm SystemSetup (1)λ) → (PK, MSK), i.e. inputting a safety factor lambda, the system generates the public key PK, said
Figure BDA0003548678810000031
MSK=(α,a,γ);
Wherein, G1 and G2 are prime p-order cyclic groups, and G is a generator of G1; e is a bilinear map: g1 XG 1 → G2; random number alpha, a, beta ∈ Zp(ii) a j represents the number of attributes; select j random numbers hj∈G1(ii) a Hash function H0: {0,1} → G1, H1: {0,1} → G2, H2: {0,1} → G2;
(2) group administrator GM initialization: the group administrator runs a system establishment algorithm GMetup (PK) → (GMKey, GMPK, GMSK), inputs a public key PK, and the system generates a GMKey of each group administrator GM, a group public key GMPK and a group tracking key GMSK;
GMKey=γi
Figure BDA0003548678810000041
GMSK=(δ12),
Figure BDA0003548678810000042
wherein i represents the number of group administrators; gamma rayiRepresents i random numbers; g1 is the generator of G1; random number delta12∈Zp;u,v∈G1
(3) Initialization of a alliance chain AC: ACSetup (PK, id) → (SignPK ), inputting the public key PK, and generating a federation chain signature master key SignPK and each node signature private key SignPK by the system; in the alliance chain, the alliance chain is divided into a main node and a secondary node, wherein the main node is responsible for maintaining the block chain and distributing id and a signature private key for a newly added block;
Figure BDA0003548678810000043
T=H1(id||hid,N)+ks;
wherein k represents the number of key generation centers AAk in the alliance chain; ks, kek is the random number of the key generation center, and ks, kek∈[1,N-1]Kek are held by k key generation centers respectively, and N is a finite field; p2 is the generator of G2, P1 is the generator of G1; id is a unique identifier of each secondary node in the alliance chain and is a string of random numbers issued by the primary node; hid denotes concealment.
Further, the block chain privacy protection method based on online and offline attribute encryption described in the present invention, wherein the specific implementation manner of the user registration stage is as follows:
(1) the user acquires a user private key fragment UKeyi: GMKeyGen (PK) → UKeyi; the user submits a registration application Aply to a group administrator GM, if the group administrator GM agrees, i group administrators respectively generate corresponding user private key fragments UKeyi for the user and send the user private key fragments UKeyi to the user; in the block chain, the users can be subdivided into data owners DO and data users DU;
Figure BDA0003548678810000044
wherein, the random number x belongs to Zp
(2) And (3) calculating by the user: GMKeyGen (PK, S, UKeyi) → (UKey, IDU, CPA _ SK); a user calculates a user private key UKey and a user identification IDU of the user through an algorithm, and submits a user attribute set AS { a1, a 2.., aj } to a group manager to obtain an attribute encryption key CPA _ SK and an offline verification key VK;
Figure BDA0003548678810000051
CPA_SK=(gαhd,z,TK),
Figure BDA0003548678810000052
VK=(g1/(β+μ),μ);
vj is the weight value of each attribute in the user attribute set AS; TK is a ciphertext conversion key with encrypted attributes; d, Z is a random number, and d, Z, mu ∈ Zp
Further, the block chain privacy protection method based on online and offline attribute encryption described in the present invention, wherein the specific implementation manner of the encryption stage is as follows:
(1) the offline encryption mechanism OEA carries out offline encryption: OEA _ Enc (PK) → IC, and the data owner DO selects a secret s and passes it to the offline encryption mechanism; the off-line encryption mechanism calculates an intermediate ciphertext IC through the secret value s and sends the intermediate ciphertext IC to the data owner DO;
Figure BDA0003548678810000053
wherein the secret value s ∈ Zp(ii) a Random number epsilon, y epsilon, Zp
(2) The data owner DO encrypts: DO _ Enc (PK, IC, VK, Message) → CT. The data owner DO finally encrypts the plaintext Message through the access structure AC and the intermediate ciphertext IC to obtain an attribute encrypted ciphertext CT;
Figure BDA0003548678810000054
C1=gμ/(β+μ),gβ·gμ,H1(e(g,g)μ,R·H1(Message),
Figure BDA0003548678810000057
wherein,
Figure BDA0003548678810000056
for the mapping of the attribute aj in the access structure AC ═ M, ρ (x), θ is the secret share of aj in the mapping function ρ (x); r is a random ciphertext parameter, and R belongs to G2(ii) a M is a mapping matrix, and each row in M corresponds to one attribute.
Further, the block chain privacy protection method based on online and offline attribute encryption described in the present invention, wherein the specific implementation manner of the group signature authentication stage is as follows:
(1) and (3) signing the ciphertext CT by the AC secondary node A of the alliance chain: AC _ Sign (CT, SignMK, SignPk) → (SignCT, DO _ Verify). And the federation chain secondary node A signs the ciphertext CT, and the secondary node A in the federation chain performs signature operation through the signature main key SignMK and the signature private key SignPK of the secondary node A to obtain the group signature SignCT of the secondary node in the federation chain on the ciphertext CT and the source verification value DO _ Verify.
Figure BDA0003548678810000061
Figure BDA0003548678810000062
Figure BDA0003548678810000063
Figure BDA0003548678810000064
Figure BDA0003548678810000065
Wherein, the random number r1,r2∈[1,N-1](ii) a idA represents the id of the secondary node A; τ, χ are random numbers, and τ, χ ∈ Zp(ii) a Selecting a random blinding factor b1,b2,b3,b4,b5∈Zp
(2) And (3) a federation chain AC authentication phase: AC _ verify (SignCT) → 1/0. The alliance chain receives the ciphertext CT and the corresponding group signature SignCT, and verifies the group signature through an algorithm. If the signature is proved to be generated by a certain node in the alliance chain, outputting 1; otherwise, 0 is output, and the ciphertext CT is discarded;
and (3) calculating: u shape1=e(SS·SignAG),U2=e(SS·SignPKA);
Verification U1=U2If the two are equal, carrying out next verification; if not, discarding the ciphertext CT;
from the received SignCT:
Figure BDA0003548678810000066
the verification is carried out by the user,
Figure BDA0003548678810000067
if the CT is equal to the CT, the CT is sent to a sharing chain for sharing; otherwise, discarding the ciphertext CT; the verification can prove that the ciphertext CT passes the verification of the alliance chain signature;
(3) and (3) an uplink stage: adopting a UTXO form to uplink, sending the Number of the last transaction, the hash value HLast of the last transaction and the group signature SignCT of the current transaction to a main node V of the alliance chain by a secondary node A, generating a New block New _ block by the main node V, verifying the information in the block, merging the New block New _ block into a sharing chain if the verification is passed, and otherwise, discarding the block;
in the authentication phase of the alliance chain AC, each node in the alliance chain searches the last transaction information associated with the new block in the shared chain, compares whether the input value of the new block is the same as the output value of the last transaction, and if the input value of the new block is the same as the output value of the last transaction, the main node incorporates the new block into the shared chain, otherwise, discards the new block.
Further, the block chain privacy protection method based on online and offline attribute encryption described in the present invention, wherein the specific implementation manner of the data user decryption stage is as follows:
(1) the off-line decryption mechanism ODA performs partial decryption: ODA _ Dec (AC, CT, TK) → PC, and the data user DU transmits the ciphertext CT and the ciphertext transformation key TK to the offline decryption mechanism ODA; the off-line encryption mechanism ODA firstly checks whether the attribute set AS of the data user meets the requirement of accessing the structure AC, if so, partial decryption is carried out on the ciphertext CT and partial decrypted ciphertext PC is sent to the data user DU; otherwise, 0 is output;
PC=(AC,MM,R·e(g,g)αs,gs,e(g,g)daθ/z,C1);
(2) decrypting the data user DU: DU _ Dec (PC, CPA _ SK) → R; the data user DU decrypts the partial ciphertext PC through the attribute encryption key CPA _ SK to obtain a random ciphertext parameter R;
R=R·e(g,g)αs/(e(gs,gαhd)/e(g,g)das);
Figure BDA0003548678810000071
further, the block chain privacy protection method based on online and offline attribute encryption described in the present invention, wherein the tracing phase is specifically implemented as follows:
(1) accountability data owner DO: DO _ Accountability (DO _ Verify, GMSK) → idDO. If the group administrator votes to ask for tracing the data owner, the id of the data owner can be calculated and obtained through the source verification value DO _ Verify and the group tracing key GMSK;
it is known that
Figure BDA0003548678810000072
Then
Figure BDA0003548678810000073
(2) Accountant signer a: a _ Accountability (SignCT, SignPK) → idA; in the process of chain loading, by adopting a group signature verification method and a chain loading mode of UTXO, if a group administrator commits to require the data owner to be traced, the main node can find the initial address to trace the responsibility by a mode of tracing the source chain by chain for the transaction; and extracting the IDA hash value HID of the signer A through the group signature SignCT and the signature private key SignP, and finding the IDA of the signer by comparing the HID values corresponding to the ids of the sub-nodes one by the main node.
Compared with the prior art, the block chain privacy protection method based on online and offline attribute encryption has the beneficial effects that: by means of an online and offline attribute encryption algorithm, the block chain is combined with the offline encryption mechanism and the offline decryption mechanism, fine-grained user access control is achieved while computing overhead of a user is reduced, the method is suitable for equipment with limited computing resources, single-point failure is prevented through double-chain control of a sharing chain and a coalition chain, collusion between the user and a verifier is prevented, meanwhile, bidirectional tracing of a data owner and the verifier is achieved through group signature verification, and numerical control safety is improved.
Drawings
The present invention will be described in further detail with reference to the accompanying drawings.
FIG. 1 is a diagram illustrating a corresponding structure of an access structure control tree and an LSSS matrix according to the present invention;
FIG. 2 is a schematic diagram of a physical module according to the present invention;
fig. 3 is a schematic block diagram of a protection method according to the present invention.
Detailed Description
To further illustrate the concept of the present invention, embodiments of the present invention are described in further detail below with reference to the accompanying drawings and examples. The following detailed description of the embodiments and the accompanying drawings are provided to illustrate the principles of the invention and are not intended to limit the scope of the invention, i.e., the invention is not limited to the described embodiments.
The block chain privacy protection method based on online and offline attribute encryption is characterized in that an application scene needs to be designed, a doctor-patient communication platform based on a cloud service platform is assumed to exist, a user B is a patient registered on the internet, a doctor wants to be consulted on the cloud service platform and a treatment suggestion is obtained, but the user B does not reveal own diagnosis and treatment information while obtaining a diagnosis and treatment list, and a commitment can be provided to ensure that the diagnosis and treatment list is from a regular registered doctor and can trace the doctor and verifier for diagnosis and treatment when a medical accident occurs at a later stage. The traditional scheme can not be well applied to the scenes, and in order to solve the problems, the block chain privacy protection scheme based on online and offline attribute encryption is provided. Meanwhile, in order to facilitate understanding of the technical scheme of the present invention, the following description will be made with reference to the access structure and bilinear map, which relate to the knowledge of the access structure and bilinear map:
accessing a structure: suppose there is oneA non-empty set of user attributes a, a ═ { a1, a 2.., An }; there is a non-empty access control set S, S ═ S1, S2.., Sk }; if A and S satisfy
Figure BDA0003548678810000091
The set A is called an authorization set under the access control S; otherwise, the set a is called an unauthorized set under the access control S. In CP-ABE, if a is an authorization set, there is a matrix AA and a function ρ (x) exists, so that each row in the matrix AA can be mapped with an attribute in S one by one, the matrix AA is called LSSS matrix, and the row number of the LSSS matrix is equal to the number of leaf nodes on the access control tree, i.e. the number of attributes. The access structure control tree and LSSS matrix map shown in fig. 1.
Bilinear mapping: g1, G2 and G3 are prime p-order cyclic groups; there is a mapping e: g1 XG 2 → G3, if e is a bilinear pair, then:
A. bilinear: any a, b ∈ Zp, all have
Figure BDA0003548678810000092
B. Non-degeneration: there is one G1, G2, such that e (G1, G2) ≠ 1;
C. calculability: there is one efficient algorithm to compute e (G1, G2).
Aiming at the application scene, the fine-grained user privacy protection is realized, simultaneously, the responsibility tracing can be carried out on the owner and the signer of the data, the bidirectional tracing back on the user and the verifier is realized, and the data security is improved, so that the block chain privacy protection method based on the online and offline attribute encryption is provided, and the detailed design scheme of the protection method is as follows:
a block chain privacy protection method based on online and offline attribute encryption relates to a block chain system and a plurality of entity modules, the structural model of which is shown in FIG. 2, wherein the entity modules comprise a data owner DO, a data user DU, a group manager GM, an offline encryption agency OEA, an offline decryption agency ODE, a federation chain AC and a shared chain EST; the block chain system is used for providing a distributed and credible data storage cloud server system for the entity module, and the implementation mode of the block chain system comprises the following processes of a system initialization stage, a user registration stage, an encryption stage, a group signature authentication stage, a data user decryption stage and a responsibility tracing stage; the specific operation flow is shown in fig. 3, and specifically includes the following processes that a data owner DO sends an access structure to an offline encryption mechanism ODE, the offline encryption mechanism calculates an intermediate ciphertext based on a time period tree and the access structure and returns the intermediate ciphertext to the data owner DO, and the data owner DO encrypts data by using the intermediate ciphertext and sends the ciphertext to a cloud server system in a block chain system; a data user searches keywords through a cloud server system and obtains a matched ciphertext; the data user DU sends the ciphertext to the offline decryption mechanism ODE, the offline decryption mechanism ODE partially decrypts the ciphertext based on the attribute and the secret key of the data user DO to obtain a converted ciphertext, and the converted ciphertext is returned to the data user DO; and the data user DO decrypts the converted ciphertext by using the conversion key to obtain the data.
1. A system initialization stage:
(1) firstly, the system initialization related attributes are determined: data owner runs a system setup algorithm SystemSetup (1)λ) → (PK, MSK), i.e. inputting a safety factor lambda, the system generates the public key PK, said
Figure BDA0003548678810000101
MSK=(α,a,γ);
Wherein, G1 and G2 are prime p-order cyclic groups, and G is a generator of G1; e is a bilinear map: g1 XG 1 → G2; random number alpha, a, beta ∈ Zp(ii) a j represents the number of attributes; j random numbers h are selectedj∈G1(ii) a Hash function H0: {0,1} → G1, H1: {0,1} → G2, H2: {0,1} → G2;
(2) secondly, the group administrator GM is initialized: the group administrator runs a system establishment algorithm GMetup (PK) → (GMKey, GMPK, GMSK), inputs a public key PK, and generates a secret key GMKey, a group public key GMPK and a group tracking secret key GMSK of each group administrator GM;
GMKey=γi
Figure BDA0003548678810000102
GMSK=(δ12),
Figure BDA0003548678810000103
wherein i represents the number of group administrators; gamma rayiRepresents i random numbers; g1 is the generator of G1; random number delta12∈Zp;u,v∈G1
(3) Finally, initializing the alliance chain AC: ACSetup (PK, id) → (SignPK ), inputting the public key PK, and generating a federation chain signature master key SignPK and each node signature private key SignPK by the system; in the alliance chain, the alliance chain is divided into a main node and a secondary node, wherein the main node is responsible for maintaining the block chain and distributing id and a signature private key for a newly added block;
Figure BDA0003548678810000111
T=H1(id||hid,N)+ks;
wherein k represents the number of key generation centers AAk in the alliance chain; ks, kek is the random number of the key generation center, and ks, kek∈[1,N-1]Kek are held by k key generation centers respectively, and N is a finite field; p2 is the generator of G2, P1 is the generator of G1; id is a unique identifier of each secondary node in the alliance chain and is a string of random numbers issued by the primary node; hid denotes concealment.
2. A user registration stage:
(1) the user acquires a user private key fragment UKeyi: gmkeygen (pk) → UKeyi; the user submits a registration application Aply to a group administrator GM, if the group administrator GM agrees, i group administrators respectively generate corresponding user private key fragments UKeyi for the user and send the user private key fragments UKeyi to the user; in the block chain, the users can be subdivided into data owners DO and data users DU;
Figure BDA0003548678810000112
wherein, the random number x belongs to Zp
(2) And (3) calculating by the user: GMKeyGen (PK, S, UKeyi) → (UKey, IDU, CPA _ SK); a user calculates a user private key UKey and a user identification IDU of the user through an algorithm, and submits a user attribute set AS { a1, a 2.., aj } to a group manager to obtain an attribute encryption key CPA _ SK and an offline verification key VK;
Figure BDA0003548678810000113
CPA_SK=(gαhd,z,TK),
Figure BDA0003548678810000114
VK=(g1/(β+μ),μ);
vj is the weight value of each attribute in the user attribute set AS; TK is a ciphertext conversion key for attribute encryption; d, Z is a random number, and d, Z, mu ∈ Zp
3. And an encryption stage:
(1) the offline encryption mechanism OEA carries out offline encryption: OEA _ Enc (PK) → IC, data owner DO selecting a secret s to pass to an offline encryption mechanism; the off-line encryption mechanism calculates an intermediate ciphertext IC through the secret value s and sends the intermediate ciphertext IC to the data owner DO;
Figure BDA0003548678810000121
wherein the secret value s ∈ Zp(ii) a Random number epsilon, y epsilon, Zp
(2) The data owner DO encrypts: DO _ Enc (PK, IC, VK, Message) → CT. The data owner DO finally encrypts the plaintext Message through the access structure AC and the intermediate ciphertext IC to obtain an attribute encrypted ciphertext CT;
Figure BDA0003548678810000122
C1=gμ/(β+μ),gβ·gμ,H1(e(g,g)μ,R·H1(Message),MM=H1(Message)⊕H1(R);
wherein,
Figure BDA0003548678810000123
for the mapping of the attribute aj in the access structure AC ═ M, ρ (x), θ is the secret share of aj in the mapping function ρ (x); r is a random ciphertext parameter, and R belongs to G2(ii) a M is a mapping matrix, and each row in M corresponds to one attribute.
4. And (3) group signature authentication:
(1) and (3) signing the ciphertext CT by the AC secondary node A of the alliance chain: AC _ Sign (CT, SignMK, SignPk) → (SignCT, DO _ Verify). And the federation chain secondary node A signs the ciphertext CT, and makes the secondary node A in the federation chain perform signature operation through the signature main key SignMK and the signature private key SignPK of the secondary node A to obtain the group signature SignCT and the source verification value DO _ Verify of the ciphertext CT by the secondary node in the federation chain.
Figure BDA0003548678810000124
Figure BDA0003548678810000125
Figure BDA0003548678810000126
Figure BDA0003548678810000127
Figure BDA0003548678810000128
Wherein, the random number r1,r2∈[1,N-1](ii) a idA represents the id of the secondary node A; τ, χ are random numbers, and τ, χ ∈ Zp(ii) a Selecting a random blinding factor b1,b2,b3,b4,b5∈Zp
(2) And (3) a federation chain AC authentication phase: AC _ verify (SignCT) → 1/0. The alliance chain receives the ciphertext CT and the corresponding group signature SignCT, and verifies the group signature through an algorithm. If the signature is proved to be generated by a certain node in the alliance chain, outputting 1, and; otherwise, 0 is output, and the ciphertext CT is discarded;
and (3) calculating: u shape1=e(SS·SignAG),U2=e(SS·SignPKA);
Verification U1=U2If the two are equal, carrying out next verification; if not, discarding the ciphertext CT;
from the received SignCT:
Figure BDA0003548678810000131
the verification is carried out by the user,
Figure BDA0003548678810000132
if the CT is equal to the CT, the CT is sent to a sharing chain for sharing; otherwise, discarding the ciphertext CT; the ciphertext CT passes the verification of the alliance chain signature through verification;
(3) and (3) an uplink stage: adopting a UTXO form to uplink, sending the Number of the last transaction, the hash value HLast of the last transaction and the group signature SignCT of the current transaction to a main node V of the alliance chain by a secondary node A, generating a New block New _ block by the main node V, verifying the information in the block, merging the New block New _ block into a sharing chain if the verification is passed, and otherwise, discarding the block;
in the authentication phase of the alliance chain AC, each node in the alliance chain searches the last transaction information associated with the new block in the shared chain, compares whether the input value of the new block is the same as the output value of the last transaction, and if the input value of the new block is the same as the output value of the last transaction, the main node incorporates the new block into the shared chain, otherwise, discards the new block.
5. Data user decryption stage:
(1) the off-line decryption mechanism ODA performs partial decryption: ODA _ Dec (AC, CT, TK) → PC, and the data user DU transmits the ciphertext CT and the ciphertext conversion key TK to the offline decryption mechanism ODA; the off-line encryption mechanism ODA firstly checks whether the attribute set AS of the data user meets the requirement of accessing the structure AC, if so, partially decrypts the ciphertext CT and sends the partially decrypted ciphertext PC to the data user DU; otherwise, 0 is output;
PC=(AC,MM,R·e(g,g)αs,gs,e(g,g)daθ/z,C1);
(2) decrypting the data user DU: DU _ Dec (PC, CPA _ SK) → R; the data user DU decrypts the partial ciphertext PC through the attribute encryption key CPA _ SK to obtain a random ciphertext parameter R;
R=R·e(g,g)αs/(e(gs,gαhd)/e(g,g)das);
Figure BDA0003548678810000141
6. and (3) a responsibility following stage:
(1) data owner DO is accountable: DO _ Accountability (DO _ Verify, GMSK) → idDO. If the group administrator votes to ask for tracing the data owner, the id of the data owner can be calculated and obtained through the source verification value DO _ Verify and the group tracing key GMSK;
it is known that
Figure BDA0003548678810000142
Then
Figure BDA0003548678810000143
(2) Accountant signer a: a _ Accountability (SignCT, SignPK) → idA; in the process of chain loading, by adopting a group signature verification method and a chain loading mode of UTXO, if a group administrator commits to require the data owner to be traced, the main node can find the initial address to trace the responsibility by a mode of tracing the source chain by chain for the transaction; and extracting the idA hash value HID of the signer A through the group signature SignCT and the signature private key SignP, and comparing the HID values corresponding to the ids of the sub nodes one by the main node to find the idA of the signer.
By adopting the block chain privacy protection method, the block chain is combined with the offline encryption mechanism and the offline decryption mechanism through the online offline attribute encryption algorithm, the calculation overhead of a user is reduced, fine-grained user access control is realized, the block chain privacy protection method is suitable for equipment with limited calculation resources, the single-point fault problem is prevented through double-chain control of a sharing chain and a alliance chain, collusion between the user and a verifier is prevented, meanwhile, through group signature verification, bidirectional tracing of a data owner and the verifier is realized, and the safety of numerical control is improved.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art, and any modifications, equivalents, improvements, etc. made by using the present invention should be included in the protection scope of the present invention.

Claims (8)

1. A block chain privacy protection method based on online and offline attribute encryption is characterized in that: the protection method relates to a block link system and a plurality of entity modules, wherein the entity modules comprise a data owner DO, a data user DU, a group manager GM, an offline encryption agency OEA, an offline decryption agency ODE, an alliance link AC and a shared link EST; the block chain system is used for providing a distributed and credible data storage cloud server system for the entity module, and the implementation mode of the block chain system comprises the following processes of a system initialization stage, a user registration stage, an encryption stage, a group signature authentication stage, a data user decryption stage and a responsibility pursuing stage.
2. The method of claim 1, wherein the method for blockchain privacy protection based on online and offline attribute encryption comprises: the protection method has the advantages that through an online and offline attribute encryption algorithm, the block chain is combined with the offline encryption mechanism and the offline decryption mechanism, the calculation overhead of a user is reduced, meanwhile, fine-grained user access control is realized, through double-chain control of a sharing chain and a alliance chain, the problem of single-point failure is prevented, collusion between the user and a verifier is prevented, meanwhile, through group signature verification, bidirectional tracing of a data owner and the verifier is realized, and the safety of numerical control is improved; the specific implementation mode comprises the following processes that a data owner DO sends an access structure to an offline encryption mechanism ODE, the offline encryption mechanism calculates an intermediate ciphertext based on a time period tree and the access structure and returns the intermediate ciphertext to the data owner DO, and the data owner DO encrypts data by using the intermediate ciphertext and sends the ciphertext to a cloud server system in a block chain system; a data user searches keywords through a cloud server system and obtains a matched ciphertext; the data user DU sends the ciphertext to the offline decryption mechanism ODE, the offline decryption mechanism ODE partially decrypts the ciphertext based on the attribute and the secret key of the data user DO to obtain a converted ciphertext, and the converted ciphertext is returned to the data user DO; and the data user DO decrypts the converted ciphertext by using the conversion key to obtain the data.
3. The method according to claim 1, wherein the system initialization stage is implemented in a specific manner as follows:
(1) in the system initialization phase, determining the system initialization related attributes: data owner runs a system setup algorithm SystemSetup (1)λ) → (PK, MSK), i.e. entering a safety factor λ, the system generates the public key PK, said
Figure FDA0003548678800000011
MSK=(α,a,γ);
Wherein, G1 and G2 are prime p-order cyclic groups, and G is a generator of G1; e is a bilinear map: g1 XG 1 → G2;random number alpha, a, beta ∈ Zp(ii) a j represents the number of attributes; select j random numbers hj∈G1(ii) a Hash function H0: {0,1} → G1, H1: {0,1} → G2, H2: {0,1} → G2;
(2) group administrator GM initialization: the group administrator runs a system establishment algorithm GMetup (PK) → (GMKey, GMPK, GMSK), inputs a public key PK, and the system generates a GMKey of each group administrator GM, a group public key GMPK and a group tracking key GMSK;
GMKey=γi
Figure FDA0003548678800000012
GMSK=(δ12),
Figure FDA0003548678800000013
wherein i represents the number of group administrators; gamma rayiRepresents i random numbers; g1 is the generator of G1; random number delta12∈Zp;u,v∈G1
(3) Initialization of a alliance chain AC: ACSetup (PK, id) → (SignPK ), inputting a public key PK, and generating a federation chain signature master key SignPK and a signature private key SignPK of each node by the system; in the alliance chain, the alliance chain is divided into a main node and a secondary node, wherein the main node is responsible for maintaining the block chain and distributing id and a signature private key for a newly added block;
Figure FDA0003548678800000021
T=H1(id||hid,N)+ks;
wherein k represents the number of key generation centers AAk in the alliance chain; ks, kek is the random number of the key generation center, and ks, kek∈[1,N-1]Kek are held by k key generation centers respectively, and N is a finite field; p2 is the generator of G2, P1 is the generator of G1; id is a unique identifier of each secondary node in the alliance chain and is a string of random numbers issued by the primary node; hid denotes concealment.
4. The blockchain privacy protection method based on online and offline attribute encryption according to claim 1, wherein a specific implementation manner of the user registration stage is as follows:
(1) the user acquires a user private key fragment UKeyi: gmkeygen (pk) → UKeyi; the user submits a registration application Aply to a group administrator GM, if the group administrator GM agrees, i group administrators respectively generate corresponding user private key fragments UKeyi for the user and send the user private key fragments UKeyi to the user; in the block chain, the users can be subdivided into data owners DO and data users DU;
Figure FDA0003548678800000022
wherein, the random number x belongs to Zp
(2) And (3) user calculation: GMKeyGen (PK, S, UKeyi) → (UKey, IDU, CPA _ SK); a user calculates a user private key UKey and a user identification IDU of the user through an algorithm, and submits a user attribute set AS { a1, a2, a.., aj } to a group manager to obtain an attribute encryption key CPA _ SK and an offline verification key VK;
Figure FDA0003548678800000023
VK=(g1/(β+μ),μ);
wherein vj is the weight value of each attribute in the user attribute set AS; TK is a ciphertext conversion key for attribute encryption; d, Z is a random number, and d, Z, mu ∈ Zp
5. The blockchain privacy protection method based on online and offline attribute encryption according to claim 1, wherein the encryption stage is specifically implemented as follows:
(1) the offline encryption mechanism OEA carries out offline encryption: OEA _ enc (pk) → IC, the data owner DO selects a secret value s to pass to the off-line encryption mechanism; the off-line encryption mechanism calculates an intermediate ciphertext IC through the secret value s and sends the intermediate ciphertext IC to the data owner DO;
Figure FDA0003548678800000031
wherein the secret value s ∈ Zp(ii) a Random number epsilon, y epsilon, Zp
(2) The data owner DO encrypts: DO _ Enc (PK, IC, VK, Message) → CT;
the data owner DO finally encrypts the plaintext Message through the access structure AC and the intermediate ciphertext IC to obtain an attribute encryption ciphertext CT;
Figure FDA0003548678800000032
Figure FDA0003548678800000033
wherein,
Figure FDA0003548678800000034
for the mapping of the attribute aj in the access structure AC ═ M, ρ (x), θ is the secret share of aj in the mapping function ρ (x); r is a random ciphertext parameter, and R belongs to G2(ii) a M is a mapping matrix, and each row in M corresponds to one attribute.
6. The method for blockchain privacy protection based on online and offline attribute encryption according to claim 1, wherein the specific implementation manner of the group signature authentication stage is as follows:
(1) and (3) signing the ciphertext CT by the AC secondary node A of the alliance chain: AC _ Sign (CT, SignMK, SignPK) → (sigct, DO _ Verify);
the federation chain secondary node A signs the ciphertext CT, and the secondary node A in the federation chain carries out signature operation through a signature main key SignMK and a signature private key SignPK of the secondary node A to obtain a group signature SignCT and a source verification value DO _ Verify of the secondary node in the federation chain on the ciphertext CT;
Figure FDA0003548678800000035
Figure FDA0003548678800000036
Figure FDA0003548678800000037
Figure FDA0003548678800000038
Figure FDA0003548678800000039
wherein, the random number r1,r2∈[1,N-1](ii) a idA represents the id of the secondary node A; τ, χ are random numbers, and τ, χ ∈ Zp
Selecting a random blinding factor b1,b2,b3,b4,b5∈Zp
(2) And (3) a federation chain AC authentication phase: AC _ verify (signct) → 1/0;
the alliance chain receives the ciphertext CT and the corresponding group signature SignCT, and verifies the group signature through an algorithm;
if the signature is proved to be generated by a certain node in the alliance chain, outputting 1, and; otherwise, 0 is output, and the ciphertext CT is discarded;
and (3) calculating: u shape1=e(SS·SignAG),U2=e(SS·SignPKA);
Verification U1=U2If the two are equal, carrying out next verification; if not, discarding the ciphertext CT;
from the received SignCT:
Figure FDA0003548678800000041
the verification is carried out by the user,
Figure FDA0003548678800000042
if the CT is equal to the CT, the CT is sent to a sharing chain for sharing; otherwise, discarding the ciphertext CT; the verification can prove that the ciphertext CT passes the verification of the alliance chain signature;
(3) and (3) an uplink stage: adopting a UTXO form to uplink, sending the Number of the last transaction, the hash value HLast of the last transaction and the group signature SignCT of the current transaction to a main node V of the alliance chain by a secondary node A, generating a New block New _ block by the main node V, verifying the information in the block, merging the New block New _ block into a sharing chain if the verification is passed, and otherwise, discarding the block;
in the authentication phase of the alliance chain AC, each node in the alliance chain searches the last transaction information associated with the new block in the shared chain, compares whether the input value of the new block is the same as the output value of the last transaction, and if the input value of the new block is the same as the output value of the last transaction, the main node incorporates the new block into the shared chain, otherwise, discards the new block.
7. The method according to claim 1, wherein the data consumer decryption stage is implemented in a manner that:
(1) the off-line decryption mechanism ODA performs partial decryption: ODA _ Dec (AC, CT, TK) → PC, and the data user DU transmits the ciphertext CT and the ciphertext conversion key TK to the offline decryption mechanism ODA; the off-line encryption mechanism ODA firstly checks whether the attribute set AS of the data user meets the requirement of accessing the structure AC, if so, partial decryption is carried out on the ciphertext CT and partial decrypted ciphertext PC is sent to the data user DU; otherwise, 0 is output;
PC=(AC,MM,R·e(g,g)αs,gs,e(g,g)daθ/z,C1);
(2) decrypting the data user DU: DU _ Dec (PC, CPA _ SK) → R; the data user DU decrypts the partial ciphertext PC through the attribute encryption key CPA _ SK to obtain a random ciphertext parameter R;
R=R·e(g,g)αs/(e(gs,gαhd)/e(g,g)das);
Figure FDA0003548678800000043
8. the method according to claim 1, wherein the tracing phase is implemented in a specific manner as follows:
(1) accountability data owner DO: DO _ Accountability (DO _ Verify, GMSK) → idDO;
if the group administrator commits to require to pursue the data owner, the id of the data owner can be calculated and obtained through the source verification value DO _ Verify and the group tracking key GMSK;
it is known that
Figure FDA0003548678800000051
Then the
Figure FDA0003548678800000052
(2) Accountability signer a: a _ Accountability (SignCT, SignPK) → idA; in the process of chain loading, by adopting a group signature verification method and a chain loading mode of UTXO, if a group administrator commits to require the data owner to be traced, the main node can find the initial address to trace the responsibility by a mode of tracing the source chain by chain for the transaction; and extracting the IDA hash value HID of the signer A through the group signature SignCT and the signature private key SignP, and finding the IDA of the signer by comparing the HID values corresponding to the ids of the sub-nodes one by the main node.
CN202210255503.8A 2022-03-16 2022-03-16 A blockchain privacy protection method based on online and offline attribute encryption Active CN114640468B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210255503.8A CN114640468B (en) 2022-03-16 2022-03-16 A blockchain privacy protection method based on online and offline attribute encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210255503.8A CN114640468B (en) 2022-03-16 2022-03-16 A blockchain privacy protection method based on online and offline attribute encryption

Publications (2)

Publication Number Publication Date
CN114640468A true CN114640468A (en) 2022-06-17
CN114640468B CN114640468B (en) 2024-01-26

Family

ID=81948850

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210255503.8A Active CN114640468B (en) 2022-03-16 2022-03-16 A blockchain privacy protection method based on online and offline attribute encryption

Country Status (1)

Country Link
CN (1) CN114640468B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115242398A (en) * 2022-06-24 2022-10-25 蚂蚁区块链科技(上海)有限公司 System, method and device for knowledge question answering based on blockchain
CN119728172A (en) * 2024-12-02 2025-03-28 西北师范大学 Encryption method, decryption method and system
CN119892452A (en) * 2025-01-10 2025-04-25 天津科技大学 Power data privacy security protection system, method and application based on ciphertext policy attribute-based encryption

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106503994A (en) * 2016-11-02 2017-03-15 西安电子科技大学 Block chain private data access control method based on encryption attribute
US20200244634A1 (en) * 2019-01-29 2020-07-30 Mastercard International Incorporated Method and system for general data protection compliance via blockchain
CN113489733A (en) * 2021-07-13 2021-10-08 郑州轻工业大学 Block chain-based content center network privacy protection method
CN113595971A (en) * 2021-06-02 2021-11-02 云南财经大学 Block chain-based distributed data security sharing method, system and computer readable medium
CN113836222A (en) * 2021-08-24 2021-12-24 北京理工大学 A blockchain-based access control method that can hide policies and attributes
CN114065265A (en) * 2021-11-29 2022-02-18 重庆邮电大学 Fine-grained cloud storage access control method, system and equipment based on block chain technology

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106503994A (en) * 2016-11-02 2017-03-15 西安电子科技大学 Block chain private data access control method based on encryption attribute
US20200244634A1 (en) * 2019-01-29 2020-07-30 Mastercard International Incorporated Method and system for general data protection compliance via blockchain
CN113595971A (en) * 2021-06-02 2021-11-02 云南财经大学 Block chain-based distributed data security sharing method, system and computer readable medium
CN113489733A (en) * 2021-07-13 2021-10-08 郑州轻工业大学 Block chain-based content center network privacy protection method
CN113836222A (en) * 2021-08-24 2021-12-24 北京理工大学 A blockchain-based access control method that can hide policies and attributes
CN114065265A (en) * 2021-11-29 2022-02-18 重庆邮电大学 Fine-grained cloud storage access control method, system and equipment based on block chain technology

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115242398A (en) * 2022-06-24 2022-10-25 蚂蚁区块链科技(上海)有限公司 System, method and device for knowledge question answering based on blockchain
CN115242398B (en) * 2022-06-24 2025-02-25 蚂蚁区块链科技(上海)有限公司 System, method and device for knowledge question answering based on blockchain
CN119728172A (en) * 2024-12-02 2025-03-28 西北师范大学 Encryption method, decryption method and system
CN119892452A (en) * 2025-01-10 2025-04-25 天津科技大学 Power data privacy security protection system, method and application based on ciphertext policy attribute-based encryption

Also Published As

Publication number Publication date
CN114640468B (en) 2024-01-26

Similar Documents

Publication Publication Date Title
CN110493347B (en) Block chain-based data access control method and system in large-scale cloud storage
Zhu et al. TBAC: Transaction-based access control on blockchain for resource sharing with cryptographically decentralized authorization
CN114650137B (en) Decryption outsourcing method and system based on block chain and supporting strategy hiding
CN114036539B (en) Secure and auditable IoT data sharing system and method based on blockchain
CN106487506B (en) Multi-mechanism KP-ABE method supporting pre-encryption and outsourcing decryption
CN113434875B (en) A lightweight access method and system based on blockchain
CN104601605A (en) Efficient privacy protection auditing scheme based on chameleon hash function in cloud storage
JPH1041932A (en) Ciphering key recovery method and equipment
CN114640468B (en) A blockchain privacy protection method based on online and offline attribute encryption
CN116418560A (en) An online rapid identity authentication system and method based on blockchain smart contracts
EP4144040A1 (en) Generating shared private keys
CN111274594B (en) Block chain-based secure big data privacy protection sharing method
US12567975B2 (en) Dynamically traceable privacy-preserving distributed threshold signature system and method
WO2023016729A1 (en) Generating digital signature shares
CN119316156B (en) Distributed digital identity authentication method and system with privacy protection and access control
CN118133311A (en) A privacy protection method for federated learning based on improved group signature
CN110519040B (en) Anti-quantum computation digital signature method and system based on identity
CN113868450B (en) Remote sensing image safety retrieval method based on block chain
CN119519987B (en) A searchable encryption method and system with forward and backward security
CN114629640A (en) White-box accountable attribute-based encryption system and method for solving key escrow problem
Lin et al. Leveraging dual‐blockchain collaboration for logistics supply chain supervision
Liu et al. Distributed Digital Identity Parking Authentication System Based on Blockchain
CN118659877A (en) Attribute-based encryption method and system for edge controller
Akshay et al. Dynamic list based data integrity verification in cloud environment
Wu et al. Verified CSAC-based CP-ABE access control of cloud storage in SWIM

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant