基于属性加密的区块链组织交易可控可监管隐私保护方案

doi:10.3969/j.issn.1671-1122.2023.12.010

信息网络安全 ›› 2023, Vol. 23 ›› Issue (12): 103-112.doi: 10.3969/j.issn.1671-1122.2023.12.010

基于属性加密的区块链组织交易可控可监管隐私保护方案

李家辉¹, 秦素娟¹(), 高飞¹, 孙东旭²

1.北京邮电大学网络与交换技术国家重点实验室，北京 100876
2.中国石油数字和信息化管理部，北京 100007

收稿日期:2023-04-23 出版日期:2023-12-10 发布日期:2023-12-13
通讯作者: 秦素娟 E-mail:qsujuan@bupt.edu.cn
作者简介:李家辉（1999—），男，山东，硕士研究生，主要研究方向为区块链与隐私保护技术|秦素娟（1979—）女，北京，教授，博士，CCF会员，主要研究方向为信息与网络安全|高飞（1980—）男，北京，教授，博士，主要研究方向为密码学|孙东旭（1988—），男，吉林，高级工程师，硕士，主要研究方向为通信工程、信息基础设施和网络安全
基金资助:
国家重点研发计划(2020YFB1005900)

Controllable and Supervised Privacy Protection Scheme for Blockchain Organization Transaction Based on Attribute Encryption

LI Jiahui¹, QIN Sujuan¹(), GAO Fei¹, SUN Dongxu²

1. State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China
2. CNPC Digital and Information Management Department, Beijing 100007, China

Received:2023-04-23 Online:2023-12-10 Published:2023-12-13

摘要/Abstract

摘要：

区块链技术具有广泛的应用前景，金融行业、供应链和数字资产等领域已实现广泛部署。但在实际应用中，由于区块链数据是公开的，在某些情况下可能会泄露隐私信息，区块链中的隐私保护仍然存在一些挑战。在以组织为单位的区块链系统中，为满足组织内或组织间的合作，在隐私保护的同时需要对交易内容进行访问控制，实现可控的隐私保护。然而在保护用户隐私的同时，区块链也需要进行监管，以保护数据的合法性和安全性。为此，文章提出一种基于属性加密的区块链多组织交易可控可监管隐私保护方案。该方案不依赖特定的隐私保护方法，使用属性基加密对隐私保护陷门进行访问控制，可以作为一个独立的模块使用。该方案允许交易组织自行控制隐私保护的范围，同时监管部门可以根据不同的交易组织分配不同的监管者。实验分析表明，该方案实现了区块链中多组织交易的可控隐私保护和多监管者分级监管，同时具有较高的安全性和较好的性能。

关键词: 区块链, 隐私保护, 监管, 属性基加密

Abstract:

Blockchain technology has broad application prospects, and has been widely deployed in the financial industry, supply chain, and digital assets. However, in practical applications, since the blockchain data is public, private information may be leaked in some cases, and there are still some challenges in privacy protection in the blockchain. In an organization-based blockchain system, in order to meet the cooperation within or between organizations, it is necessary to control access to transaction content while protecting privacy to achieve controllable privacy protection. While protecting user privacy, blockchain also needs to be supervised to protect the legality and security of data. Therefore, this paper proposed a controllable and supervised privacy protection scheme for blockchain multi-organization transactions based on attribute encryption. The scheme did not rely on a specific privacy protection method, and used attribute-based encryption to control access to privacy protection trapdoors, which could be used as an independent module. This scheme allowed trading organizations to control the scope of privacy protection on their own, and the supervisory department could assign different supervisors according to different trading organizations. Experimental analysis shows that the scheme realizes the controllable privacy protection and multi-regulator hierarchical supervision of multi-organization transactions in the blockchain, and has high security and high performance at the same time.

Key words: blockchain, privacy protection, supervision, attribute-based encryption

中图分类号:

TP309

李家辉, 秦素娟, 高飞, 孙东旭. 基于属性加密的区块链组织交易可控可监管隐私保护方案[J]. 信息网络安全, 2023, 23(12): 103-112.

LI Jiahui, QIN Sujuan, GAO Fei, SUN Dongxu. Controllable and Supervised Privacy Protection Scheme for Blockchain Organization Transaction Based on Attribute Encryption[J]. Netinfo Security, 2023, 23(12): 103-112.

图/表 7

图1

图2

表1

图3

图4

图5

图6

参考文献 21

[1]	FENG Qi, HE Debiao, ZEADALLY S, et al. A Survey on Privacy Protection in Blockchain System[J]. Journal of Network and Computer Applications, 2019, 126: 45-58. doi: 10.1016/j.jnca.2018.10.020
[2]	ZHU Liehuang, GAO Feng, SHEN Meng, et al. Survey on Privacy Preserving Techniques for Blockchain Technology[J]. Journal of Computer Research and Development, 2017, 54(10): 2170-2186.
	祝烈煌, 高峰, 沈蒙, 等. 区块链隐私保护研究综述[J]. 计算机研究与发展, 2017, 54(10): 2170-2186.
[3]	WANG Chenxu, CHENG Jiacheng, SANG Xinxin, et al. Data Privacy-Preserving for Blockchain: State of the Art and Trends[J]. Journal of Computer Research and Development, 2021, 58(10): 2099-2119.
	王晨旭, 程加成, 桑新欣, 等. 区块链数据隐私保护:研究现状与展望[J]. 计算机研究与发展, 2021, 58(10): 2099-2119.
[4]	MAO Xiangke, LI Xinhang, GUO Suwei. A Blockchain Architecture Design that Takes into Account Privacy Protection and Regulation[C]// Springer. International Conference on Web Information Systems and Applications. Berlin:Springer, 2021: 311-319.
[5]	XUE Zhiyuan, WANG Miao, ZHANG Qiuyue, et al. A Regulatable Blockchain Transaction Model with Privacy Protection[J]. International Journal of Computational Intelligence Systems, 2021, 14(1): 1642-1652. doi: 10.2991/ijcis.d.210528.001 URL
[6]	SONG Jingwen, ZHANG Dawei, HAN Xu, et al. Supervised Identity Privacy Protection Scheme in Blockchain[J]. Journal of Software, 2022: 1-21.
	宋靖文, 张大伟, 韩旭, 等. 区块链中可监管的身份隐私保护方案[J]. 软件学报, 2022: 1-21.
[7]	LIANG Wei, YANG Yang, YANG Ce, et al. PDPChain: A Consortium Blockchain-Based Privacy Protection Scheme for Personal Data[J]. IEEE Transactions on Reliability, 2022: 1-13.
[8]	ZHANG Jianxiong, GUO Bing, DING Xuefeng, et al. Distributed Supervision Model for Enterprise Data Asset Trading Based on Blockchain Multi-Channel in Industry Alliance[J]. Sensors, 2022, 22(20): 7842-7853. doi: 10.3390/s22207842 URL
[9]	LIN Chao. Research on Technology of Privacy Protection in Blockchain Systems and Its Applications[D]. Wuhan: Wuhan University, 2020.
	林超. 面向区块链系统的隐私保护技术及其应用研究[D]. 武汉: 武汉大学, 2020.
[10]	GÜR K D, POLYAKOV Y, ROHLOFF K, et al. Practical Applications of Improved Gaussian Sampling for Trapdoor Lattices[J]. IEEE Transactions on Computers, 2019, 68(4): 570-584. doi: 10.1109/TC.2018.2874479 URL
[11]	WANG Xiaoyun, LIU Mingjie. Survey of Lattice-Based Cryptography[J]. Journal of Cryptologic Research, 2014, 1 (1): 13-27.
	王小云, 刘明洁. 格密码学研究[J]. 密码学报, 2014, 1(1): 13-27. doi: 10.13868/j.cnki.jcr.000002
[12]	MICCIANCIO D, REGEV O. Worst-Case to Average-Case Reductions Based on Gaussian Measures[J]. SIAM Journal on Computing, 2007, 3(1): 267-302.
[13]	LYUBASHEVSKY V, PEIKERT C, REGEV O. On Ideal Lattices and Learning with Errors over Rings[C]// Springer. EUROCRYPT 2010. Berlin:Springer, 2010: 1-23.
[14]	BANSARKHANI R E, BUCHMANN J. Improvement and Efficient Implementation of a Lattice-Based Signature Scheme[C]// Springer. Selected Areas in Cryptography 2013. Berlin:Springer, 2014: 48-67.
[15]	MICCIANCIO D, PEIKERT C. Trapdoors for Lattices: Simpler, Tighter, Faster, Smaller[C]// Springer. EUROCRYPT 2012. Berlin:Springer, 2012: 700-718.
[16]	SAHAI A, WATERS B. Fuzzy Identity-Based Encryption[C]// Springer. EUROCRYPT 2005. Berlin:Springer, 2005: 457-473.
[17]	GOYAL V, PANDEY O, SAHAI A, et al. Attribute-Based Encryption for Fine-Grained Access Control of Encrypted Data[C]// ACM. 13th ACM Conference on Computer and Communications Security. New York: ACM, 2006: 89-98.
[18]	WANG Yue, FAN Kai. Effective CP-ABE with Hidden Access Policy[J]. Journal of Computer Research and Development, 2019, 56(10): 2151-2159.
	王悦, 樊凯. 隐藏访问策略的高效CP-ABE方案[J]. 计算机研究与发展, 2019, 56(10): 2151-2159.
[19]	FENG Dengguo, CHEN Cheng. Research on Attribute-Based Cryptography[J]. Journal of Cryptologic Research, 2014, 1 (1): 1-12.
	冯登国, 陈成. 属性密码学研究[J]. 密码学报, 2014, 1(1): 1-12. doi: 10.13868/j.cnki.jcr.000001
[20]	ZHANG Jiang, ZHANG Zhenfeng, GE Aijun. Ciphertext Policy Attribute-Based Encryption from Lattices[C]// ACM. 7th ACM Symposium on Information, Computer and Communications Security. New York: ACM, 2012: 16-17.
[21]	RUAN Pingcheng, KANZA Y, OOI B C, et al. LedgerView: Access-Control Views on Hyperledger Fabric[C]// ACM. 2022 International Conference on Management of Data. New York: ACM, 2022: 2218-2231.

方案	可监管隐私保护	隐私保护范围可控	分级监管	访问策略可更新
文献[4]方案	√	√	×	×
文献[5]方案	√	×	×	×
文献[6]方案	√	×	×	×
文献[7]方案	×	√	×	×
本文方案	√	√	√	√

基于属性加密的区块链组织交易可控可监管隐私保护方案

Controllable and Supervised Privacy Protection Scheme for Blockchain Organization Transaction Based on Attribute Encryption

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 7

参考文献 21

相关文章 15

编辑推荐

Metrics

本文评价

[1]	公鹏飞, 谢四江, 程安东. 基于HotStuff改进的多主节点共识算法[J]. 信息网络安全, 2023, 23(9): 108-117.
[2]	刘芹, 王卓冰, 余纯武, 王张宜. 面向云安全的基于格的高效属性基加密方案[J]. 信息网络安全, 2023, 23(9): 25-36.
[3]	周权, 陈民辉, 卫凯俊, 郑玉龙. 基于SM9的属性加密的区块链访问控制方案[J]. 信息网络安全, 2023, 23(9): 37-46.
[4]	赵佳豪, 蒋佳佳, 张玉书. 基于动态默克尔哈希树的跨链数据一致性验证模型[J]. 信息网络安全, 2023, 23(9): 95-107.
[5]	邵震哲, 蒋佳佳, 赵佳豪, 张玉书. 面向跨链的改进加权拜占庭容错算法[J]. 信息网络安全, 2023, 23(8): 109-120.
[6]	覃思航, 代炜琦, 曾海燕, 顾显俊. 基于区块链的电力应用数据安全共享研究[J]. 信息网络安全, 2023, 23(8): 52-65.
[7]	俞惠芳, 乔一凡, 孟茹. 面向区块链金融的抗量子属性基门限环签密方案[J]. 信息网络安全, 2023, 23(7): 44-52.
[8]	石润华, 谢晨露. 云边缘环境中基于属性加密的可验证EMR外包解决方案[J]. 信息网络安全, 2023, 23(7): 9-21.
[9]	唐雨, 张驰. 一种基于Intel SGX的信息中心网络隐私保护方案[J]. 信息网络安全, 2023, 23(6): 55-65.
[10]	李莉, 朱江文, 杨春艳. 基于属性加密的可撤销机制研究综述[J]. 信息网络安全, 2023, 23(4): 39-50.
[11]	杜卫东, 李敏, 韩益亮, 王绪安. 基于密文转换的高效通用同态加密框架[J]. 信息网络安全, 2023, 23(4): 51-60.
[12]	尹曙, 陈兴蜀, 朱毅, 曾雪梅. 基于字符空间构造的域名匿名化算法[J]. 信息网络安全, 2023, 23(4): 80-89.
[13]	郭瑞, 魏鑫, 陈丽. 工业物联网环境下可外包的策略隐藏属性基加密方案[J]. 信息网络安全, 2023, 23(3): 1-12.
[14]	李春晓, 王耀飞, 徐恩亮, 赵钰. 基于双线性映射的区块链安全范围搜索技术研究[J]. 信息网络安全, 2023, 23(3): 22-34.
[15]	李晓华, 王苏杭, 李凯, 徐剑. 一种支持隐私保护的传染病人际传播分析模型[J]. 信息网络安全, 2023, 23(3): 35-44.