基于区块链的隐私信用数据受限共享技术研究

doi:10.3969/j.issn.1671-1122.2022.05.007

摘要/Abstract

摘要：

随着当前信用体系的发展,信用数据数字化是推动社会信用建设的必然选择。当前用户信用数据主要是以明文形式存储在中心化的信用机构中,存在共享难、安全性差的问题。由于区块链具有可追溯、不可篡改的特性,这为信用领域提供了一种新型的分布式存储解决方案。文章结合区块链、同态加密算法、访问控制算法和非对称算法,提出了一个数据受限共享与隐私保护的区块链模型,模型中通过调用ECC非对称算法对信用数据进行加密后发送到云服务器中;在云端引入SEAL库中的CKKS算法进行同态加密,解决了密文计算开销大的痛点;以区块链证书颁发中心作为可信第三方,完成改进后的访问控制算法CP-ABE的初始化、密钥生成与分发;然后将信用数据存证在区块链上。本文模型实现的系统可确保用户权限的细粒度访问控制与隐私保护。功能和性能评测表明,文章所提方法在数字信用领域中的隐私保护、信用存证、访问控制等方面具有重要的参考意义与应用价值,应用系统吞吐量及区块链TPS能够满足实际应用性能需要。

关键词: 数字信用, 区块链, 同态加密, 访问控制, 非对称加密

Abstract:

With the development of credit system, the digitization of credit data is an inevitable choice to promote the construction of social credit. At present, user credit data is mainly stored in clear text in centralized credit institutions, which has the problems of difficult sharing and poor security. Thanks to the traceability and non tamperability of blockchain, it provides a new distributed storage solution for the credit field. Combined with blockchain, homomorphic encryption algorithm, access control algorithm and asymmetric algorithm, this paper proposed a blockchain model of limited data sharing and privacy protection. In the model, the credit data was encrypted by calling ECC asymmetric algorithm and sent to the cloud server. CKKS algorithm in seal database was introduced into the cloud for homomorphic encryption, which solved the pain point of high overhead in ciphertext calculation. Took the blockchain certificate issuing center as the trusted third party to complete the initialization, key generation and distribution of the improved access control algorithm CP-ABE. Finally, deposit the credit data on the blockchain. The system implemented by this model can ensure fine-grained access control and privacy protection of user rights. The function and performance evaluation shows that the method proposed in this paper has good reference significance and application value in the field of privacy protection, credit deposit and access control in the field of digital credit. The application system throughput and blockchain TPS can meet the needs of practical application performance.

Key words: digital credit, blockchain, homomorphic encryption, access control, asymmetric encryption

中图分类号:

TP309

刘嘉微, 马兆丰, 王姝爽, 罗守山. 基于区块链的隐私信用数据受限共享技术研究[J]. 信息网络安全, 2022, 22(5): 54-63.

LIU Jiawei, MA Zhaofeng, WANG Shushuang, LUO Shoushan. Research on the Restricted Sharing Technology of Private Credit Data Based on Blockchain[J]. Netinfo Security, 2022, 22(5): 54-63.

图/表 15

图1

图2

图3

图4

图5

表1

图6

图7

表2

图8

表3

图9

图10

图11

图12

参考文献 20

[1]	YANG Jing, LUIS G, JIN Xiang, et al. Quality Credit Evaluation in the Internet Company: A System Based on the Analytic Hierarchy Process[J]. Journal of Business Economics and Management, 2020, 21(2): 344-372. doi: 10.3846/jbem.2020.11409 URL
[2]	ONAY C, ÖZTÜRK E. A Review of Credit Scoring Research in the Age of Big Data[J]. Financial Regul Compliance, 2018, 2(6): 382-405.
[3]	QIAO Pengcheng. Research on the Nature of Return to Finance, Internet Financial Innovation and“e Rent Treasure”[J]. The Theory and Practice of Finance and Economics, 2018, 39(1): 19-26.
[4]	CAI Ning, STEVEN K. Econometrics with Privacy Preservation[J]. Operations Research, 2019, 67(4): 905-926. doi: 10.1287/opre.2018.1834
[5]	NAKAMOTO S. Bitcoin: A Peer-to-Peer Electronic Cash System[EB/OL]. [2021-12-27]. https://courses.cs.washington.edu/courses/csep552/18wi/papers/nakamoto-bitcoin.pdf.
[6]	KOLB J, ABDEL B M, KATZ R H, et al. Core Concepts, Challenges, and Future Directions in Blockchain: A Centralized Tutorial[J]. ACM Computing Surveys(CSUR), 2020, 53(1): 1-39.
[7]	BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-Policy Attribute-Based Encryption[C]// IEEE. 2007 IEEE Symposium on Security and Privacy(SP'07). New York: IEEE, 2007: 321-334.
[8]	QIAO Yucheng, MA Chaoqun, LAN Qiujun, et al. Inventory Financing Model Based on Blockchain Technology[EB/OL]. [2021-12-29]. https://www.researchgate.net/publication/337963786_Inventory_Financing_Model_Based_on_Blockchain_Technology.
[9]	LIU Jianxing, FAN Kai, LI Hui, et al. A Blockchain-Based Privacy Preservation Scheme in Multimedia Network[J]. Multimedia Tools and Applications, 2021(2): 1-15.
[10]	HASSIJA V, BANSAL G, CHAMOLA V, et al. Secure Lending: Blockchain and Prospect Theory-Based Decentralized Credit Scoring Model[J]. IEEE Transactions on Network Science and Engineering, 2020, 7(4): 2566-2575. doi: 10.1109/TNSE.2020.2982488 URL
[11]	LI Xiaoqi, JIANG Peng, CHEN Ting, et al. A Survey on the Security of Blockchain Systems-Science Direct[J]. Future Generation Computer Systems, 2020, 107: 841-853. doi: 10.1016/j.future.2017.08.020 URL
[12]	YANG Cheng, LIU Yue. The Application of Blockchain Technology in the Construction of Social Credit System[J]. China Xintong, 2020, 22(24): 102-103.
	杨程, 刘玥. 区块链技术在社会信用体系建设中的应用[J]. 中国新通, 2020, 22(24):102-103.
[13]	LIU Guogang. China's Personal Credit Industry Development Practice and Expectation under the Background Internet Finance[J]. Exploration of Financial Theory, 2018, 22(4): 99-101.
[14]	ZHU Huaqiang. The Application Prospect of Financial Technology in the Field of Market-Oriented Personal Credit Reporting[J]. Finan Comput, 2018(12): 41-44.
[15]	FRANKS P C. Implications of Blockchain Distributed Ledger Technology for Records Management and Information Governance Programs[EB/OL]. [2021-12-30]. https://www.emerald.com/insight/content/doi/10.1108/RMJ-08-2019-0047/full/html.
[16]	LIANG Gang, SUDARSHAN S C. Privacy-Preserving Inter-Database Operations[EB/OL]. [2021-12-21]. https://link.springer.com/chapter/10.1007/978-3-540-25952-7_6.
[17]	TA Lin, LI Menggang. An Analysis of the Prospects for Application of Blockchain Technology in Internet Financial Credit[J]. Journal of Northeastern University(Social Science), 2018, 20(4): 66-74.
[18]	MAO Dianhui, WANG Fan, HAO Zhihao, et al. Credit Evaluation System Based on Blockchain for Multiple Stakeholders in the Food Supply Chain[J]. International Journal of Environmental Research& Public Health, 2018, 15(8): 16-27.
[19]	WANG Rui, LIN Zhangxi, LUO Hang. Blockchain, Bank Credit and SME Financing[J]. Quality & Quantity: International Journal of Methodology, 2019, 53: 1127-1140.
[20]	ZHANG Jiansai, LYU Tingjie, LI Riyang. A Study on SMIE Credit Evaluation Model Based on Blockchain Technology[J]. Procedia CIRP, 2019, 83: 616-623. doi: 10.1016/j.procir.2019.05.003 URL

符号	符号定义
$P{{K}_{C}}$	信用系统（Credit System）公钥
$M{{K}_{C}}$	信用系统主密钥
$\lambda $	信用系统安全参数
$P$	素数域
$lis{{t}_{auth}}$	权限撤销列表,记录用户权限是否被取消
$prime$	用户唯一的素数
${{U}_{Gid}}$	用户Gid,由CA提供,保证用户全局唯一性
${{U}_{att}}$	用户的相应属性
${{S}_{att}}$	用户的属性集
${{M}_{C}}$	待加密的信用明文
$AC{{S}_{P}}$	系统用户访问策略的访问控制结构
${{C}_{C}}$	基于CP-ABE属性的加密密文
$U{{K}_{C}}$	信用系统用户密钥
$DO$	信用数据拥有者

符号	符号定义
$E{{p}_{\left( a,b \right)}}$	椭圆曲线,其中p会取一个相当大的数
$k$	用户的私有密钥,是椭圆曲线上的点
$G$	椭圆曲线上的基点
$K$	用户的公开密钥,由私钥生成
$M$	信用数据编码后所得数据
$r$	编码后产生的随机数
${{C}_{n}}$	编码数据使用椭圆曲线加密算法加密所得

用户数/个	接收/tps	带宽/MB
100	254,387	100
500	252,463	100
1000	254,257	100