[go: up one dir, main page]

CN105959115B - Disclosure towards multi-party fault-tolerant authorization can verify that big data method of commerce - Google Patents

Disclosure towards multi-party fault-tolerant authorization can verify that big data method of commerce Download PDF

Info

Publication number
CN105959115B
CN105959115B CN201610567942.7A CN201610567942A CN105959115B CN 105959115 B CN105959115 B CN 105959115B CN 201610567942 A CN201610567942 A CN 201610567942A CN 105959115 B CN105959115 B CN 105959115B
Authority
CN
China
Prior art keywords
data
party
transaction
share
authorization
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610567942.7A
Other languages
Chinese (zh)
Other versions
CN105959115A (en
Inventor
彭巧
田有亮
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guizhou University
Original Assignee
Guizhou University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guizhou University filed Critical Guizhou University
Priority to CN201610567942.7A priority Critical patent/CN105959115B/en
Publication of CN105959115A publication Critical patent/CN105959115A/en
Application granted granted Critical
Publication of CN105959115B publication Critical patent/CN105959115B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明提供了一种面向多方容错授权的公开可验证大数据交易方法。本发明引入数字签名的思想,数据提供方对自己提供的数据进行签名、授权,并委托给第三方进行公平、安全的交易;其次,第三方通过对数据进行正确性验证,若验证通过,第三方才会提供数据给需求方,若验证失败,则交易终止;最后,在数据验证通过后,第三方通过(t,n)‑门限公开可验证秘密共享技术对数据进行公平性交易。该方法在保证公平、安全交易的同时,也提高了交易效率,保证了交易双方及第三方的利益,同时,本发明在大数据交易平台上提供了一个便捷,公平且具有容错功能的数据交易方法。

The invention provides a publicly verifiable big data transaction method oriented to multi-party fault-tolerant authorization. The invention introduces the idea of digital signature, the data provider signs and authorizes the data provided by itself, and entrusts the third party to conduct a fair and safe transaction; secondly, the third party verifies the correctness of the data, if the verification is passed, the first The third party will provide the data to the demander. If the verification fails, the transaction will be terminated; finally, after the data verification is passed, the third party will conduct a fair transaction on the data through the (t,n)-threshold publicly verifiable secret sharing technology. The method not only ensures fair and safe transactions, but also improves transaction efficiency and ensures the interests of both parties to the transaction and the third party. At the same time, the present invention provides a convenient, fair and fault-tolerant data transaction on the big data transaction platform. method.

Description

Disclosure towards multi-party fault-tolerant authorization can verify that big data method of commerce
Technical field
The present invention relates to technical field of cryptology, especially a kind of disclosure towards multi-party fault-tolerant authorization can verify that big data Method of commerce.
Background technique
In recent years, becoming more and more active with big data, many big data transaction platforms come into being, however many companies are more It would like to do recessive industry transaction, be unwilling to trade on disclosed data platform.On the one hand, enterprise worries that big data is replicated It causes to be lost;On the other hand, the big data exchange and dealing in the field of business for having formd circle formula, due to lacking the data of specification Shared and transaction channel, is hardly formed that data mutual benefit is shared, and data trade also just becomes urgent need between different industries.Data Authority and data quality be built upon data publicity basis on.Data trade status is covert transaction at present It is lack of standardization, blank of trading on the ground, therefore fully ensuring that on data providing personal secrets and go-between's interests basis, it establishes It is very required for playing the data trade market of specification.
In the process of exchange of big data, revising for data is inevitably encountered, loses and attack problem, if handed over Easy data are not independent from each other, then once there are one of above problem, the transaction of data will be affected, therefore big number Fault-tolerant processing according to transaction is can not be ignored the problem of.The purpose of fault-toleranr technique is to improve in big data process of exchange just The probability of service is really provided.Although fault-toleranr technique is various, there is a common essence, exactly carry out a degree of redundancy It calculates, most basic redundant computation includes time redundancy and spatial redundancy.By being found to existing research work analysis, at present The fault-tolerant strategy of domestic and international existing data trade leads to the number of Fail Transaction mainly using the method towards time redundancy According to needing to re-start task recovery, since its recovery time is greater than the time between previous checkpoint and failure generation moment Interval, so as to cause trading efficiency reduction and the waste of trading resources.
By open Verified secret sharing technology, to guarantee the fault tolerance and open provable security of data trade Property.Using the advantage of (t, n)-threshold secret sharing technology is: t effective data shares are at least provided in data requirements side, Data just can be reconstructed out, and less than t-1 data party in request cooperation can not recover data also and cannot get any of data Information, meanwhile, the generation of single point failure failure is also avoided, even if so that in the case where some shares are lost or are damaged, it is former Beginning data can be still resumed in the state of at least t effectively shares.In addition, using the thought of digital signature, to data The data that provider provides carry out signature authorization, and third party's (transaction platform) is entrusted to be sold to data requirements person.It is handed in data If being related to the calling of sensitive data in easily, real-time data cleansing, technology shielding, audit will be carried out using " desensitization technology " Processing, the data that can finally be provided to party in request will also be provided in completion safety verification and then row.Even if calling successfully, also can After access times are used up or service life expires, permission is withdrawn.A series of this process, it is quick to not only avoid user The outflow for feeling data, has also looked after the convenience of developer's online transaction.
During data trade, third party does not store the data of provider, and only play the part of a transaction platform and The role of service channel, " can just connect when using ", has evaded third party's data supervision risk that may be present well.Number After completing charge according to demander, the use code key of third party and data providing can be obtained.If both parties are to the quality of data Generate dispute, third party by using the polyteny property of multilinear pairing can the quality to data carry out open verifying, if looking into Demonstrate,prove true, third party will terminate the data trade service of both parties, and return data to the seller, the unknown losses generated therebetween It is undertaken by data providing.
Summary of the invention
The object of the present invention is to provide a kind of disclosures towards multi-party fault-tolerant authorization can verify that big data method of commerce, it While time and the Communication cost for ensuring to reduce transaction, the efficiency of transaction can be also improved, guarantees justice, the public affairs of data trade It opens and provable security.
The present invention is implemented as follows: the disclosure towards multi-party fault-tolerant authorization can verify that big data method of commerce, including number According to authorization transaction and the bargain transactions of data;
1) the authorization transaction of data is included the following steps:
1.1) encryption of data: refer to that data set provider signs to data using the private key of oneself, the knot after signature Fruit is transmitted directly to third party;
1.2) verifying of data: referring to that third party utilizes the correctness of the public key verifications data of oneself, if being verified, Otherwise continuous business terminates transaction;
2) bargain transaction of data is included the following steps:
2.1) transaction of the distribution of data and share: data providing signs simultaneously to number using Digital Signature Algorithm Data and signature and its private key are entrusted into third party, meanwhile, when third party has received the expense of data requirements side's purchase data Afterwards, data S and private key SK are divided into n share respectively using open Verified secret sharing technology by third party, and by share To (Si, SKi) it is distributed to n different data requirements persons.
2.2) n data party in request receives the share of third party's transmission to (Si, SKi) after, wherein i=1,2 ..., n, each Data requirements side NdiCalculate PKi=SKiP verifies the validity of share as public key, and with this, if being verified, Share pair is then received, is otherwise refused, and requires to return charge;
2.3) at least t people cooperates to take out effective share to utilizing lagrange-interpolation in n data party in request The data of needs can be reconstructed, to complete to trade.
The related pre-knowledge of this patent application
1. Digital Signature Algorithm
Signature algorithm: Sig (m)=σ is abbreviated as to the signature of message m
The verification algorithm of signature: being abbreviated as Ver (σ) ∈ { 0,1 } to the verifying of σ, if Ver (σ)=1, signature is correct, no Then, signature mistake.
2. multilinear pairing defines
If (G1,+), (G2) it is q rank addition cyclic group and q rank multiplicative cyclic group respectively, wherein q is Big prime.It is then more Linear Mapping en: G1 n→G2There is following property:
Polyteny: to all g1,g2,…,gn∈G1And α12..., αn∈Zq *, there is en1g12g2..., αngn)=en (g1,g2..., gn)α 1,α 2,,α n
Non-degeneracy: if element g ∈ G1It is G1Generation member, then en(g1,g2..., gn) it is G2Generation member.
Computability: to all g1,g2,…,gn∈G1, there are an effective algorithms to calculate en(g1,g2..., gn).If Meet above-mentioned condition, then claims to map en(g1,g2..., gn) it is n rank multilinear pairing.
3. polyteny Diffie-Hellman assumes
N rank polyteny calculates Diffie-Hellman (n-MDCH or n-MDH) problem: in (G1,G2, e) in, wherein G1,G2? It is the group that rank is q, randomly selects α12..., αn∈ZpFor given P, α1P,α2P ..., αnP calculates en(P,P,…,P)α 1 ,α 2,,α n∈G2
MDH hypothesis can be described as: within the probabilistic polynomial time, solve MDH problem with the advantage that can not ignore is algorithm A Difficult.
4. Lagrange's interpolation formula
Give t point (x1,y1),(x2,y2),…,(xt,yt), it can be determining by following interpolation formula and unique true A fixed number is less than t, and the given multinomial of t point on it:
Due to using above technical scheme, present invention introduces the thought of digital signature, data providing provides oneself Data signed, authorized, and third party is entrusted to carry out the transaction of fair safety;Secondly, third party by data into Row verification of correctness, if being verified, third can provide data to party in request just now, if authentication failed, termination of trading;Most Afterwards, after data verification passes through, third party discloses Verified secret sharing technology by (t, n)-thresholding and carries out justice to data Sexual transaction.And using multilinear pairing and open Verified secret sharing technology, knowledge promise is carried out to data, and to distribution Share carries out encryption and decryption operation to guarantee the progress of process of exchange justice, so that proposing the disclosure towards multi-party fault-tolerant authorization can Big data method of commerce is verified, this method also improves trading efficiency, ensure that friendship while guaranteeing justice, Secure Transaction Easy both sides and third-party interests, meanwhile, the present invention provided on big data transaction platform one it is convenient, it is fair and have and hold The data trade method of wrong function.The method of the present invention is simple, easy to implement, low in cost, and using effect is good.
Detailed description of the invention
Fig. 1 is the big data transaction construction figure of the embodiment of the present invention;
It illustrates that data are entrusted to third party by data providing in Fig. 1, data fairness is carried out by third party The process of transaction.With a data providing, for a third party and n data party in request, as at least t in data requirements side A people for holding effective share pair cooperates, then any data requirements person can reconstruct data, is used in conjunction with, and is less than t A data party in request cooperation is unable to get data.Firstly, the n data party in request to trade transfers accounts transaction amount to third Side, while data, signature and private key for signing are entrusted to third party by data providing, having for data of third-party authentication Data requirements side is distributed to after data are divided into n share using open Verified secret sharing technology after effect property;Secondly, number After the validity for disclosing verifying share according to party in request, the effective shares of t are provided to can merely with Lagrange's interpolation formula To reconstruct the private key of data and data providing;Finally, successfully obtaining data receive the transmission of data requirements side After notice, third party transfers accounts the amount of money is bought to data providing, to complete the fair deal of data.
Fig. 2 is flow chart of the invention;
Fig. 2 illustrates data providing commission data to third party, utilizes open Verified secret sharing skill by third party Data are divided into n parts to distribute a n data party in request by art, to complete the process of transaction.Firstly, the n number traded According to party in request Ndi, i=1,2 ..., n, which are determined, to trade, it transfers accounts to third party, meanwhile, data providing utilizes Digital Signature Algorithm It signs to data, data S, signature sigma and the private key SK of oneself is then entrusted into third party, third party calculates PK=SK P is verified as oneself public key using validity of the PK to data, if being verified, third party can be tested using open It demonstrate,proves Secret sharing techniques and data S and private key SK is divided into n share, and by share to (Si,SKi) it is sent to n data requirements Side.Data requirements side NdiShare is received to (Si,SKi) after, calculate PKi=SKiP passes through public key as oneself public key The validity of received share is verified, if being verified, Reserved Quota (RQ) simultaneously reconstructs data, otherwise data providing is required to move back Also expense;Finally, third party transfers accounts, to complete after receiving data requirements side and successfully obtaining the notice of data to the seller Entire process of exchange.
Fig. 3 is the schematic diagram of the prior art of the present invention;
The techniqueflow chart that big data is traded in embodiment is illustrated, mainly includes horizontal and vertical two aspects.
A, from the point of view of longitudinal: firstly, the third party for providing transaction platform announces the commitment value C of data S first0, while with number It is communicated according to party in request, determines trading object number n and threshold value t, and generate session id;Secondly, third party constructs t-1 times Multinomial is calculated using open Verified secret sharing technology and distributes the n share S of data SiWith the code key of data providing The n share SK of SKi, wherein i=1,2 ..., n, calculate and openly to the commitment value C of multinomial coefficienti(i=1,2 ..., t-1); Finally, third party is by share to (S in the case where being suitable for transactioni,SKi) it is sent to n data party in request;
B, from the point of view of laterally: each data requirements side NdiShare is received to (Si,SKi) PK is calculated afterwardsi=SKiP is used as certainly Oneself public key, NdiIt calculates and announces information Yi=yi·(g1(i), g2(i) ..., gm-1(i)), and each data requirements side utilizes SKi, by calculating SKi -1·YiIt can obtain share Si;Then each data requirements side NdiUtilize PKiAnd YiPass through equation e (Yi, P)=e (Si, yi) (2) open verifying share is to (Si,SKi) validity, if being verified, illustrate third party send share Effectively, data requirements side retains, and otherwise, data requirements person initiates session to third party, it is desirable that data providing returns expense;Most Afterwards, t data party in request might as well be set as Nd1, Nd2... ..., NdtIt cooperates and provides respective effective share to (S1,SK1), (S2,SK2) ..., (St,SKt) i.e. using Lagrange's interpolation formulaIt recovers The data S=P needed1,P2,…,Pm-1With the private key SK of data providing, to complete entire process of exchange.
Specific embodiment
The embodiment of the present invention 1: the disclosure towards multi-party fault-tolerant authorization can verify that big data method of commerce
In the present embodiment, DBMS member includes data providing (seller) Pro, n data party in request (buyer) Nds(Nd1, Nd2,…,Ndn) and third party TAP (transaction platform).Enable m-1 dimensional vector S=(P1,P2,…,Pm-1) indicate to trade Data, wherein Pi=biP, bi∈Zq *And i=1,2 ..., m-1, the ID of data are denoted as id;Enable G1, G2Respectively indicate q rank addition Cyclic group and q rank multiplicative cyclic group, wherein q is Big prime.Use suitable public key procedure selection group G1, G2Generation member P, together When assume in group G1, G2Between there are a multilinear pairing e:G1 n→G2;Additionally, there are a hash function H:{ 0,1 }*→ G1.The particular content of each step in the present embodiment is described in detail below:
The technical solution that this patent proposes is broadly divided into the bargain transaction of delegable (2) data of (1) data.Wherein count According to delegable mainly include three steps: step 1: key generate;Second step, the commission of data;Third step, the verifying of data. The bargain transaction of data mainly includes following three step: the first step, the transaction of data share;Second step, the open verifying of share;The Three steps, the recovery of data.This patent the specific implementation process is as follows:
(1) delegable of data: during the commission of data, the encryption of data is by data providing application number label The thought of name, signs to data, the result after signature is transmitted directly to third party.The verifying of data: refer to that third party is logical The correctness for crossing the code key verify data of data providing, if being verified, otherwise continuous business terminates transaction.In main Hold as follows: the first step, the encryption of data;Second step, the verifying of data.Specific design method the following steps are included:
The first step, key generate.Data set provider randomly chooses SK ∈ Zq *As the private key of oneself, secret is kept, so PK=SKP is calculated afterwards as the public key of oneself.Same consigner third party arbitrarily randomly selects random number SK` ∈ Zq *As it Private key, secret are kept, and then calculate PK`=SK`P as its public key.
Second step, data providing Pro quote digital signature thought to data S=(P1,P2,…,Pm-1) sign, it signs Result after name is transmitted directly to third party;Particular content are as follows: in given common parameter (e, P, G1,G2, q, ω, H) condition Under, data are encrypted to obtain signature to be σ=SK (H (ω) idS), wherein ω is the power of attorney of data providing, ω (S, σ, ω, SK) is then sent to consigner the by the range including its authorization, the information such as time limit and the third-party ID of trustee Tripartite;
Third step, the verifying of data.After consigner (third party) receives (S, σ, ω, the SK) that data providing is sent, Under conditions of data-oriented ID id, if e (σ, P)=e (H (ω) idS, PK) and it sets up, then calculate the key of allograph σ '=σ+SK'H (ω) idS, transaction continuation, otherwise, refusal receive its consignment trade termination.
(2) bargain transaction of data mainly includes three steps: the first step, the transaction of data share;Second step, the disclosure of share Verifying;Third step, the recovery of data.The transaction of data share: when third party has received the expense of data requirements side's purchase data Afterwards, the code key SK of data S and data providing is divided into n share pair using Secret sharing techniques, and distributes them to n Different data requirements sides;The open verifying of share refers to: each data requirements side carries out open test to the validity of share pair Card, if being verified, receives, otherwise refuses, and requires to return charge;The recovery of data refers to: in n data demander extremely Few t people, which cooperates to take out effective share, reconstructs the data of needs using lagrange-interpolation, to complete to trade.Tool Body design method is further comprising the following three steps:
The first step, the transaction of data share: third party is in the purchase amount of money and data providing for receiving data requirements side After data, the code key SK of data S and data providing is divided into n share using Secret sharing techniques, each share pair It is denoted as (Si,SKi), wherein n=1,2 ..., n, and distribute them to n different data requirements sides;
Step 2: the open verifying of share: each data requirements person receives from third-party share to (Si,SKi) Afterwards, PK is calculatedi=SKiP utilizes Given information as oneself public key, discloses in conjunction with multilinear pairing and batch verification technique The validity of share pair is verified, if being verified, share is effective, and transaction continues, otherwise, and trading suspension, each data requirements Person can initiate session to third party, it is desirable that data providing returns charge.
Step 3: the recovery of data: each data requirements person NdiHold effective share to (Si,SKi), wherein at least t Individual's cooperation provides effective share, and the data and data providing of needs can be reconstructed using lagrange-interpolation Private key, to complete to trade, however data can not be recovered less than t-1 people, also cannot get any information of data.
The particular content of each step in data trade is described in detail below in the present invention:
Wherein, the first step further specifically includes:
A) it after third party is respectively received data and transaction amount from data providing and data providing, calculates simultaneously Public data S=(P1,P2,…,Pm-1) commitment value C0=e (S, rP)=em(P1,P2,…,Pm-1, rP), wherein arbitrarily
B) third party at random fromA element f of middle selection (t-1) × (m-1)i,j, wherein i ∈ { 1,2 ..., t-1 }, j ∈ { 1,2 ..., m-1 }, and it is as follows no more than the multinomial of t-1 to construct m-1 number:
Then, third party calculates bj=gj(0), Pj=gj(0) P, wherein j=1,2 ..., m-1.Therefore, it need to store Data S=(P1,P2,…,Pm-1)=(g1(0)P,g2(0)P,…,gm-1(0)P).To which third party can calculate Si=(g1 (i)P,g2(i)P,…,gm-1(i) P) as transaction data n share Si
According to above-mentioned m-1 equation, client can be abbreviated as m-1 dimensional vector multinomial F (x)=Pg1(x)+P· g2(x)+…+P·gm-1(x)=F0+F1x+…+Ft-1xt-1, wherein data F0=F (0)=S=(b1P,b2P,…,bm-1P), Its coefficient can be referred to as vector F1=(Pf1,1,Pf1,2,…,Pf1,m-1), F2=(Pf2,1,Pf2,2,…,Pf2,m-1) ..., Ft-1= (Pft-1,1,Pft-1,2,…,Pft-1,m-1).In addition, third party at random fromMiddle selection R1,R2,…,Rt-1, and broadcast relevant hold Promise Ci=e (Fi,RiP)=em(Pfi,1,Pfi,2,…,Pfi,m-1,riP) wherein j=1,2 ..., t-1.
Third party randomly chooses multinomial R (x)=r that number is no more than t-10+r1x+…+rt-1xt-1Its coefficient is random It is taken fromAnd r0=SK, third party calculate and openlyWherein i=1,2 ..., n.
Third party is by n share of generation to (Si,SKi) it is sent to n data party in request.
The second step is further specially that data requirements side carries out the validity of the share pair received from third party Open verifying, particular content are as follows:
Each data requirements person NdiShare is received to (Si,SKi) after, NdiUtilize the SK receivediCalculate PKi= SKiP is calculated as the public key of oneself and is announced information Yi=yi·(g1(i),g2(i),…,gm-1(i))。
Each data requirements person NdiUse the private key share SK receivediUsing Given information, then passing through calculation equationIt can be obtained share Si
Each data requirements person NdiUtilize the public key PK of oneselfiPublic information P, Y are utilized by equation (1)iIt can disclose Verify share SiValidity:If equation is set up, the share of data is effective, and transaction continues, no Then, trading suspension, each data requirements can initiate session to third party, it is desirable that data providing returns charge.
Further specially data requirements side recovers data to the third step, so that the process of transaction is completed, it is specific interior Hold as follows:
N data party in request (Nd1,Nd2,…,Ndn) in t people might as well be set as Nd without loss of generality1,Nd2,…,Ndt The share of effect is respectively provided with to (S1,SK1),(S2,SK2),…,(St,SKt), it cooperates in conjunction with lagrange-interpolation Pass through formula Data can be recovered and data provide The private key of side, whereinIt is Lagrange coefficient.Its specific recovery process is as follows:
The private key of data providing SK similar approach can recover).
The fair deal of big data is realized in the present invention using Secret sharing techniques, to propose towards multi-party fault-tolerant The disclosure of authorization can verify that big data method of commerce, and third party is introduced in this method as transaction platform, ensure that data provide Fair deal between side and data party in request, in addition, data requirements side can be real using the polyteny property of multilinear pairing The open verifying of the validity of existing data share pair, in addition, being made using batch verification technique can be complete simultaneously in each validation task At the verifying of multiple shares pair.
The present invention quotes digital signature system and signs to by the big data traded, and entrusts to third party, from And complete the fair deal between data providing and data party in request.In addition, data requirements side obtains from third party in transaction Obtained the share of the private key of data providing, effectively prevent data requirements side after obtaining data to data carry out it is second-hand fall It sells;
The data traded are entrusted to third party using the technology of open Verified secret sharing by the present invention, and more Fair sexual transaction can carry out data after third party has received the transaction amount of data requirements side in a data party in request Process of exchange.In the Restoration stage of data, the sides t or more provide effective shares to can just recover number According to the code key with data providing, and less than t-1 share to the code key that can not recover data and data providing, to have The generation for avoiding single point failure failure of effect.To former even if ensure that in the case where some shares are to loss or damage Beginning data and code key can be still resumed in the state of at least t effectively shares pair, which makes big data counterparty Method has better fault tolerance.
Present invention utilizes the open Verified secret sharing schemes of information rate almost asymptotic optimization, thus are counting greatly According to process of exchange in, due to the data S=(P to trade1,P2,L,Pm-1) size be (m-1) | q | bits, share part Volume is to (Si, SKi) size be (m-1) | q |+| q | bits, therefore, total communication cost only needs in primary transaction task It consumesCommunication efficiency is improved compared with existing big data method of commerce.
Of the present invention to be not limited to embodiment described in specific embodiment, those skilled in the art are according to the present invention Technical solution obtain other embodiments, also belong to the scope of the technical innovation of the present invention.Obvious those skilled in the art Various changes and modifications can be made to the invention by member without departing from the spirit and scope of the present invention.If in this way, of the invention These modifications and variations belong within the scope of the claims in the present invention and its equivalent technologies, then the present invention is also intended to encompass these changes Including modification.

Claims (1)

1. a kind of disclosure towards multi-party fault-tolerant authorization can verify that big data method of commerce, it is characterised in that: awarding including data The bargain transaction of power transaction and data;
1) the authorization transaction of data is included the following steps:
1.1) encryption of data: refer to that data set provider signs to data using the private key of oneself, the result after signature is straight Third party is given in sending and receiving;
1.2) verifying of data: refer to that third party is continued using the correctness of the public key verifications data of oneself if being verified Otherwise transaction terminates transaction;
2) bargain transaction of data is included the following steps:
2.1) transaction of the distribution of data and share: data providing sign and will count to number using Digital Signature Algorithm Third party is entrusted to according to signature and its private key, meanwhile, after third party has received the expense of data requirements side's purchase data, the Data S and private key SK are divided into n share respectively using open Verified secret sharing technology by tripartite, and by share to (Si, SKi) it is distributed to n different data requirements persons;
2.2) n data party in request receives the share of third party's transmission to (Si, SKi) after, wherein i=1,2 ..., n, each data Party in request NdiCalculate PKi=SKiP verifies the validity of share as public key, and with this, if being verified, connects Share pair is received, is otherwise refused, and requires to return charge;
2.3) the personal cooperation of at least t (0 < t≤n) takes out effective share to utilizing Lagrange's interpolation in n data party in request Method can reconstruct the data of needs, to complete to trade.
CN201610567942.7A 2016-07-19 2016-07-19 Disclosure towards multi-party fault-tolerant authorization can verify that big data method of commerce Active CN105959115B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610567942.7A CN105959115B (en) 2016-07-19 2016-07-19 Disclosure towards multi-party fault-tolerant authorization can verify that big data method of commerce

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610567942.7A CN105959115B (en) 2016-07-19 2016-07-19 Disclosure towards multi-party fault-tolerant authorization can verify that big data method of commerce

Publications (2)

Publication Number Publication Date
CN105959115A CN105959115A (en) 2016-09-21
CN105959115B true CN105959115B (en) 2019-05-14

Family

ID=56901209

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610567942.7A Active CN105959115B (en) 2016-07-19 2016-07-19 Disclosure towards multi-party fault-tolerant authorization can verify that big data method of commerce

Country Status (1)

Country Link
CN (1) CN105959115B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107871253A (en) * 2016-09-23 2018-04-03 中兴通讯股份有限公司 A kind of big data method of commerce and system
CN106375097A (en) * 2016-10-12 2017-02-01 贵州大学 Anti-scalping sensitive data transaction method based on proxy blind signature
CN107040519B (en) * 2017-03-10 2021-01-19 上海数据交易中心有限公司 Data circulation method, device and system
CN107346511A (en) * 2017-07-04 2017-11-14 贵州数据宝网络科技有限公司 A kind of big data method for secure transactions
CN110874800B (en) * 2019-11-08 2023-10-20 腾讯科技(深圳)有限公司 Data transfer method, device, electronic equipment and computer readable storage medium
CN110889695A (en) * 2019-11-25 2020-03-17 支付宝(杭州)信息技术有限公司 Method and device for saving and recovering private data based on secure multi-party computing
CN115708339B (en) * 2021-08-20 2024-03-12 清华大学 Data processing method, device and storage medium
CN113821828B (en) * 2021-11-22 2022-02-08 武汉龙津科技有限公司 Data privacy protection method, device, equipment and storage medium

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105096181A (en) * 2015-07-23 2015-11-25 浪潮软件集团有限公司 A big data e-commerce transaction method and e-commerce transaction system

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1521390B1 (en) * 2003-10-01 2008-08-13 Hewlett-Packard Development Company, L.P. Digital signature method and apparatus

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105096181A (en) * 2015-07-23 2015-11-25 浪潮软件集团有限公司 A big data e-commerce transaction method and e-commerce transaction system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
秘密共享与代理签名及其应用研究;周孟创;《中国优秀硕士学位论文全文数据库 信息科技辑》;20130615;第1-45页

Also Published As

Publication number Publication date
CN105959115A (en) 2016-09-21

Similar Documents

Publication Publication Date Title
CN105959115B (en) Disclosure towards multi-party fault-tolerant authorization can verify that big data method of commerce
US6834272B1 (en) Privacy preserving negotiation and computation
Goldwasser et al. Secure computation without agreement
CN111639925B (en) Sealed auction method and system based on block chain
CN110380845A (en) Quantum secret communication alliance chain method of commerce based on group&#39;s pool of symmetric keys, system, equipment
Nojoumian et al. Efficient sealed-bid auction protocols using verifiable secret sharing
CN104754570B (en) Key distribution and reconstruction method and device based on mobile internet
Chen et al. Receipt-free electronic auction schemes using homomorphic encryption
CN116545773B (en) Method, medium and electronic equipment for processing privacy data
CN112771562A (en) Account model-based transaction method, device, system and storage medium
Patra et al. Efficient statistical asynchronous verifiable secret sharing with optimal resilience
Watanabe et al. Reducing the round complexity of a sealed-bid auction protocol with an off-line TTP
Li et al. Secure multi‐unit sealed first‐price auction mechanisms
CN106375097A (en) Anti-scalping sensitive data transaction method based on proxy blind signature
Wu et al. New sealed-bid electronic auction with fairness, security and efficiency
Chenli et al. Fair $^{2} $2 Trade: Digital Trading Platform Ensuring Exchange and Distribution Fairness
CN110519045A (en) Anti- quantum calculation alliance chain method of commerce, system and equipment based on group&#39;s unsymmetrical key pond
Bradford et al. Protocol completion incentive problems in cryptographic Vickrey auctions
Wang et al. Sealed-bid auction scheme based on blockchain and secure multi-party computation
CN111738722B (en) Intelligent contract generation method based on block link and by directory server
CN116342233A (en) Microgrid Data Processing Method and Device Based on Skyline Strategy
CN101325596B (en) Cryptography distributed calculation and step-by-step verification method with fault-tolerant function
Zhang et al. Data exchange for the metaverse with accountable decentralized TTPs and incentive mechanisms
CN113496398A (en) Data processing method, device, equipment and medium based on intelligent contract
WO2001011527A2 (en) Honesty preserving negotiation and computation

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant