CN111125741B - Zero knowledge verification method based on block chain - Google Patents
Zero knowledge verification method based on block chain Download PDFInfo
- Publication number
- CN111125741B CN111125741B CN201911408636.9A CN201911408636A CN111125741B CN 111125741 B CN111125741 B CN 111125741B CN 201911408636 A CN201911408636 A CN 201911408636A CN 111125741 B CN111125741 B CN 111125741B
- Authority
- CN
- China
- Prior art keywords
- identifier
- blockchain
- private
- database
- display terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1458—Management of the backup or restore process
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
- G06F2201/80—Database-specific techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Business, Economics & Management (AREA)
- Health & Medical Sciences (AREA)
- Software Systems (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Automation & Control Theory (AREA)
- Finance (AREA)
- Mathematical Physics (AREA)
- Quality & Reliability (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention provides a zero knowledge verification method based on a block chain, which comprises the steps of obtaining a receiving identifier from a provider by the block chain, wherein the receiving identifier corresponds to the access of a block chain authentication provider; the blockchain acquires a second identifier, wherein the second identifier corresponds to a receiving identifier, and the receiving identifier is different from the second identifier; accessing, by the blockchain, a secure database containing the stored private identifier, wherein the stored private ID is a combination of the received identifier and the retrieved second identifier. By employing a secure database containing the stored private ID accessed by the blockchain, wherein the stored private ID is a combination of the received identifier and the retrieved second identifier, and wherein the secure database comprises data related to, such that a password of said private ID has a higher security performance.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to a zero knowledge verification method based on a block chain.
Background
The problems to be solved by the zero knowledge proof are: you are shown that an assertion is correct, provided that no information of the assertion is revealed. Taking a money transaction as an example, trying to prove that the transaction is legal under the premise of not telling you who the payer and the payee are, and not telling you how much. Therefore, the block chain application has the functions of protecting the privacy of transaction and practically guaranteeing the information safety of traders.
For example, CN108335106A prior art discloses a zero-knowledge multi-account exchange transfer method based on blockchain, and in some scenarios, it is necessary to implement multi-account transfer operation under the condition that it can be proved that transfer transactions of multiple accounts are in a preset legal exchange rate domain, but a third party cannot know a specific exchange rate, and then this existing privacy transaction encryption/decryption algorithm cannot implement this privacy transaction in blockchain technical scenario. Turning to the prior art, CN110581768A discloses a block-chain zero-knowledge proof-based login system, which is premised on collecting personal information of a user, and the personal information of the user belongs to a privacy domain, and the user does not want to be collected by a third party, because this may cause information leakage, and the information leakage events occur frequently, which causes great trouble to the user. The existing scheme is through the mobile phone number and the mailbox of the user, but is not the best scheme in terms of safety, so that the private information of the user is easily leaked, and the user does not want to give out the private information.
The invention is made in order to solve the problems that the personal privacy is not safe, the transaction privacy is easy to be changed and the like in the field.
Disclosure of Invention
The invention aims to provide a block chain-based zero knowledge verification method aiming at the defects of the current block chain zero knowledge verification.
In order to overcome the defects of the prior art, the invention adopts the following technical scheme:
a zero knowledge verification method based on block chains comprises the following steps:
obtaining a receive identifier from a provider by a blockchain, wherein the receive identifier corresponds to access by a blockchain authentication provider;
the blockchain obtains a second identifier, the second identifier corresponding to the receive identifier, the receive identifier being different from the second identifier;
accessing, by the blockchain, a secure database containing stored private identifiers, wherein the stored private identifiers are a combination of the received identifiers and the retrieved second identifiers, the secure database comprising a blockchain search secure database that obtains corresponding search results based on input received from a display terminal;
and the block chain sends the search result to a display terminal and displays the search result on the display terminal.
Optionally, generating, by the blockchain, the corresponding second identifier based on the received identifier, the blockchain generating a private identifier based on the received identifier and the corresponding generated second identifier; the blockchain stores the generated private identifier in a secure database, the generation of the private identifier by the blockchain based on the received identifier and the correspondingly generated second identifier being achieved by using a forgetting pseudorandom function.
Optionally, the block chain searches the secure database based on the input received from the display terminal to obtain the search result, and further includes at least one of: a key value of an input received from the display terminal is identified.
Optionally, the key value includes: corresponding to a private identifier in a secure database; a verification password from the display terminal receiving the input and one or more input verification passwords corresponding to the private identifiers in the secure database are determined.
Optionally, searching the secure database for a search result based on an input received by a display terminal is accomplished by using a private blockchain set intersection function through the blockchain.
Optionally, the sending, by the blockchain, the search result further includes at least one of: returning a conflict value to a display terminal in response to or identifying an incoming duplicate security database received from the provider corresponding to the private identifier in the provider;
in response to or identifying a received incoming authentication password from the display terminal, the incoming authentication password corresponding to the one or more entries in the secure database for the private identifier, a "yes" value is returned to the display terminal.
Optionally, one or more inputs corresponding to the private identifier in the secure database are used in response to or without identifying a duplication of an input received from the display terminal corresponding to the private identifier in the secure database and in response to or without identifying an authentication password from the received input from the provider.
Optionally, the blockchain updates the secure database to include an input received from the display terminal corresponding to the private identifier.
Optionally, the method further includes identifying an authentication password received from the display terminal by using one or more inputs corresponding to the private identifier, and further includes: querying a reference database comprising a pre-populated verification password table for one or more verification passwords, matching further keys relating to inputs provided by the display terminal and generating and storing corresponding statements in the secure database.
The beneficial effects obtained by the invention are as follows:
1. accessing a secure database containing a stored private ID by employing a blockchain, wherein the stored private ID is a combination of a received identifier and a retrieved second identifier, and wherein the secure database includes data related thereto such that a password for the private ID has a higher security performance;
2. the two parties can perform safe calculation by adopting the messy code circuit, wherein the two untrusted parties can perform common evaluation through private input of the two untrusted parties under the condition that a trusted third party does not exist, so that the transaction on the block chain is effectively guaranteed to be safely protected;
3. the programming instruction of the generating module is adopted to ensure that the verification step is more standard, and in addition, the verification operation is uniformly verified by a processor, so that errors cannot occur in the verification process;
4. by adopting the micro-service which is a software development technology, the application program can be constructed into a group of loosely coupled services, the modularity is improved, the application program is easier to understand, develop or test, and the system structure erosion can be resisted better;
5. the transaction information is protected by adopting a plurality of databases, and the two databases are mutually redundant, so that the databases still keep working under the attacked state;
6. receiving the verification channel number by adopting a receiving module of the order database host server, and carrying out identity verification on an operator before accessing the order database host server, wherein safety measures are taken to protect the safety of the second database when the opportunity of the current order and the information of potential adverse reactions exists;
7. by using an authentication module, the system database can be authenticated against the restrictions of how many queries can be made, and the system database is allowed to store the order and the standard encoded transaction conditions for each, and to enter a trust relationship between the user name and password, the ID and access code issued by the system, the license number of the system database or any other such combination of private identifiers providing a level known to a person skilled in the art, and possibly to obtain historical orders about the operator, ensuring a high security of the process of operating the transaction.
Drawings
The invention will be further understood from the following description in conjunction with the accompanying drawings. The components in the figures are not necessarily to scale, emphasis instead being placed upon illustrating the principles of the embodiments. Like reference numerals designate corresponding parts throughout the different views.
Fig. 1 is a control block diagram of the secure database and the private ID.
Fig. 2 is a control block diagram when a conflict occurs in the search result.
Fig. 3 is a control block diagram of the search result.
Fig. 4 is a control block diagram of a path of verification of the private ID.
FIG. 5 is a block diagram of the scrambling code microservice.
Detailed Description
In order to make the objects and advantages of the present invention more apparent, the present invention will be further described in detail with reference to the following embodiments; it should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention. Other systems, methods, and/or features of the present embodiments will become apparent to those skilled in the art upon review of the following detailed description. It is intended that all such additional systems, methods, features and advantages be included within this description, be within the scope of the invention, and be protected by the accompanying claims. Additional features of the disclosed embodiments are described in, and will be apparent from, the detailed description that follows.
The same or similar reference numerals in the drawings of the embodiments of the present invention correspond to the same or similar components; in the description of the present invention, it should be understood that if there is an orientation or positional relationship indicated by the terms "upper" and "lower" and "left" and "right" etc., it is only for convenience of description and simplification of the description based on the orientation or positional relationship shown in the drawings, but it is not indicated or implied that the device or assembly referred to must have a specific orientation.
The first embodiment is as follows: a zero knowledge verification method based on block chains comprises the following steps:
obtaining a receive identifier from a provider by a blockchain, wherein the receive identifier corresponds to access by a blockchain authentication provider;
the blockchain obtains a second identifier, the second identifier corresponding to the receive identifier, the receive identifier being different from the second identifier;
accessing, by the blockchain, a secure database containing stored private identifiers, wherein the stored private identifiers are a combination of the received identifiers and the retrieved second identifiers, the secure database including a blockchain search secure database that obtains respective search results based on input received from a display terminal; generating, by the blockchain, the corresponding second identifier based on the received identifier, the blockchain generating a private identifier based on the received identifier and the corresponding generated second identifier; the blockchain stores the generated private identifier in a secure database, the generation of the private identifier by the blockchain based on the received identifier and the correspondingly generated second identifier being achieved by using a forgetting pseudorandom function.
Example two: a zero knowledge verification method based on block chains comprises the following steps:
obtaining a receive identifier from a provider by a blockchain, wherein the receive identifier corresponds to access by a blockchain authentication provider;
the blockchain obtains a second identifier, the second identifier corresponding to the receive identifier, the receive identifier being different from the second identifier;
accessing, by the blockchain, a secure database containing stored private identifiers, wherein the stored private identifiers are a combination of the received identifiers and the retrieved second identifiers, the secure database comprising a blockchain search secure database that obtains corresponding search results based on input received from a display terminal;
and the block chain sends the search result to a display terminal and displays the search result on the display terminal. Specifically, in this embodiment, a method for verification is provided, where the method includes: a receive identifier is obtained from the provider by the blockchain, wherein the receive identifier corresponds to the second identifier. The method further comprises the following steps: access by the provider is authenticated by the blockchain and a second identifier is retrieved by the blockchain, wherein the second identifier corresponds to the received identifier, wherein the received identifier and the second identifier are different. The method further comprises the following steps: receiving, by the blockchain, an input from the provider corresponding to the identifier, and accessing, by the blockchain, a secure database containing a stored private ID, wherein the stored private ID is a combination of: the received identifier and the retrieved second identifier, and wherein the secure database includes data related thereto. The method further comprises the following steps: the secure database is searched by the blockchain to obtain search results based on input received from the transaction provider, and the search results are sent by the blockchain to the transaction provider. In addition, in this embodiment, a system for zero knowledge verification is also provided, the system comprising one or more computer devices, each having one or more processors and one or more tangible storage devices. And a program embodied on at least one of the one or more storage devices, the program having a plurality of program instructions for execution by one or more processors. The program instructions implement a method. The method includes program instructions for obtaining, by the blockchain, a received identifier from the provider, wherein the received identifier corresponds to the second identifier. The method further comprises the following steps: access by the provider is authenticated by the blockchain and a second identifier is retrieved by the blockchain, wherein the second identifier corresponds to the received identifier, wherein the received identifier and the second identifier are different. The method further comprises the following steps: receiving, by the blockchain, an input from the provider corresponding to the identifier, and accessing, by the blockchain, a secure database containing a stored private ID, wherein the stored private ID is a combination of: the received identifier and the retrieved second identifier, and wherein the secure database includes data related thereto. The reference database may include stored trade information, such as bad interactions between trade orders, avoid various trade conditions, and additional trade information. In this embodiment, the information stored in the reference database may be organized as an array in which variables such as proposed trade orders may be indexed to determine whether a newly proposed trade order has anything. Bad interaction with existing orders or any existing trade conditions. In this embodiment, an out-of-order microservice is provided in the system, which comprises an instruction set executable by a processor, which may be described using a set of functional blocks. The function module of the messy code microservice comprises a receiving module, an authentication module, a generation module, a search module and a sending module. In this embodiment, the messy code microservice is described as a separate program on the order database host server. In further embodiments, the messy code microservice may be a stand-alone program or contained as a separate program on another server connected to the order database hosting server via a network. The messy code microserver also comprises a messy code circuit which is an encryption protocol and can realize the safe calculation of two parties, wherein two distrusted parties can jointly evaluate functions through the private input of the distrusted parties under the condition that a trusted third party does not exist. Microservice is a software development technique, a variant of the service-oriented architecture style, that constructs applications as a set of loosely coupled services. In the microservice architecture, services are fine-grained and protocols are lightweight. The benefit of breaking an application down into different smaller services is improved modularity and makes the application easier to understand, develop, or test, and more resistant to architectural corrosion. The microservice-based architecture may enable continuous delivery and deployment. The authentication module includes a set of programming instructions in a scrambling code microservice, the set of programming instructions executable by a processor. The authentication module authenticates access to the transaction provider through the blockchain (i.e., the order database host server) (step). The generation module includes a set of programming instructions in an out-of-code microservice. The set of programming instructions is executable by the processor. In the whole operation process, the programming instruction of the generating module makes the verification step more standard, and in addition, the verification operation is carried out by the processor to carry out uniform verification operation, so that no error occurs in the verification process.
The generation module generates a second identifier by the blockchain (i.e., the order database host server) based on the received identifier (step). In this embodiment, the second identifier is a randomly assigned private key (e.g., a combination of characters, numbers, and symbols) corresponding to the received identifier (e.g., a transaction order number). The process of verification is illustrated as an example: the operator needs to view or edit his transaction records. The operator must first create a data holder for the transaction record because this is the first time the operator makes a query. In this way, the operator creates a unique identification string, i.e., the operator's authentication channel number, to enter his provider computing device. A receiving module of the order database host server receives the validation channel number. The operator must be authenticated before accessing the order database host server. Thus, the operator is required to enter a trust relationship between a user name and password, a system issued ID and access code, a license number for a system database or any other such combination of providing a level of private identifier known to those of ordinary skill in the art, and the opportunity to potentially obtain information about the operator's historical orders, current orders and potential adverse reactions. Security measures may be taken to protect the security of the second database. For example, the authentication module may authenticate the system database for the limit of how many queries can be made per one, and allow the system database to store the order and standard encoded transaction conditions for each. Further, the order checking device may be able to store the time/date when the order was placed, the number of transactions, whether it is re-editing, the date of editing, and the like. Once the operator has been authenticated to access the order database host server and provided the data holder's identifier (e.g., verification channel number), the generation module will provide a randomly assigned string (only known) of characters that the password on the order database host server pairs with the data holder's verification channel number. Once the identifier is paired with the private string of the host database, the generation module generates a private ID for storage in the first database on the order database host server. In an exemplary embodiment, the generation of the private ID is completed only once at the time of setting. Thereafter, the order database host server is accessible by both the operator and any other data holder's system database (once authenticated) and performs automated queries or searches for overlap/join of data holder orders. In response to the search, the system database may receive a set of possible yes/no, NULL, or conflict value results.
Generating, by the blockchain, the corresponding second identifier based on the received identifier, the blockchain generating a private identifier based on the received identifier and the corresponding generated second identifier; the blockchain stores the generated private identifier in a secure database, the generation of the private identifier by the blockchain based on the received identifier and the correspondingly generated second identifier being achieved by using a forgetting pseudorandom function. In particular, the generation module further generates a private ID by the blockchain (i.e., the order database host server) based on the received identifier and the generated second identifier (step). In an exemplary embodiment, the generation module generates the private ID by a multi-party computing technique referred to as a forgetting pseudorandom function. Forgetting a pseudorandom function allows two parties with secret inputs to interactively compute a pseudorandom string similar to a hash, but without either party revealing their input to the other. In this way, the generated private key ID is derived by the forget pseudorandom function from the combination of the identifier of the system database (e.g., the validation channel number) and the randomly assigned private key of the order database host.
The blockchain searches the secure database for the search results based on input received from the provider, further comprising at least one of: a key value of an input received from the provider is identified. In particular, the search module may be capable of identifying duplicates of the received input from the transaction provider corresponding to private IDs in a secure database (e.g., the second database). The search module may reveal that the anticipated order to be placed by the operator has been pre-placed and is one of the data holder's active orders to be placed. The operator is not willing to repeat the order, but may choose to see how the status of the transaction information of the data holder improves over time. The search module may be capable of identifying a preference of the received input from the transaction provider with one or more inputs corresponding to a private ID in a secure database (e.g., the second database). The search module may identify a preference of the received input from the transaction provider with one or more inputs corresponding to the private ID by querying a reference database (e.g., a reference database) that includes the pre-populated table. One or more preferences related to the input provided by the provider. The search module may reveal that the operator is going to place the anticipated order and the amount of the order to interact adversely with information on another transaction that the data holder is currently editing. The search module identifies repetitions of received inputs from the transaction provider corresponding to the private IDs in the secure database and identifies preferences from the transaction provider corresponding to the one or more inputs. It is added to the private ID in the secure database by a multi-party computation technique called private set intersection.
The blockchain searches the secure database for the search result based on input received from the display terminal, further comprising at least one of: a key value of an input received from the display terminal is identified. The key values include: corresponding to a private identifier in a secure database; a verification password from the display terminal receiving the input and one or more input verification passwords corresponding to the private identifiers in the secure database are determined. Specifically, the key value is set in the database, and when the private ID is actually used, the operator can keep the private ID, and perform an operation to query or replace the private ID by using the key value, thereby ensuring that the private ID is operated. In addition, the private ID is used for checking the password of the display terminal, so that an operator can inquire the record of the transaction, the private ID can be efficiently checked, the private ID can be continuously updated, and the safety device of the block chain is realized. In addition, searching the secure database for search results based on input received by a display terminal is accomplished using a private blockchain set intersection function through the blockchain. In particular, PSI allows two parties with secret inputs or sets of items to interactively compute the intersection of the two sets without revealing the complete set to each other. In this way, the private block chain set intersection based service allows the authenticated system database to see if an order has been placed. The system database does not know of any other orders and the order database host server does not know what the system database is searching for.
Sending, by the blockchain, the search results, further comprising at least one of: returning a conflict value to a display terminal in response to or identifying an incoming duplicate security database received from the provider corresponding to the private identifier in the provider;
in response to or identifying a received incoming authentication password from the display terminal, the incoming authentication password corresponding to the one or more entries in the secure database for the private identifier, a "yes" value is returned to the display terminal. In particular, the sending module sends a conflict value to the transaction provider in response to identifying a duplication of input received from the transaction provider, the conflict value corresponding to the private ID in the secure database (i.e., the second database). In the case of the above description, the sending module sends a message to the operator (i.e., the transaction provider computing device) with a conflicting value via the network, since the analgesic that the operator proposed to the data holder has been identified as having placed an order to the data holder. In addition, the update security database enables efficient updating of the private ID so that the private ID is not subject to impersonation or theft. Specifically, the generation of the private ID requires information intercommunication and interconnection among the database, the security database, and the block chain update security database, so that the private ID is not falsely used or stolen. In response to the transaction information or the transaction order.
Responsive to or not recognising duplication of input received from the display terminal corresponding to the private identifier in the secure database and responsive to or not recognising a verification password from the received input from the provider, using one or more inputs corresponding to the private identifier in the secure database. The blockchain updates the secure database to include an input received from the display terminal corresponding to the private identifier. In particular, each private ID may separate the interaction with the transaction condition into two tests. The first test may be an interaction with the transaction condition entered by the same system database. The second test may be an interaction with other system database inputs and transaction conditions that the current system database does not necessarily know about. In further embodiments, the second database may be used by the transaction server, or even the system authority of the transaction server, to determine whether there is a deviation, and so on, equating to an actual result. And performing real-time correction according to actual discovery, and performing reaction correction on the conflict result and the transaction information, so that the accurate transaction result can be corrected.
An authentication password for identifying an input received from the display terminal for one or more inputs corresponding to the private identifier, further comprising: querying a reference database comprising a pre-populated verification password table for one or more verification passwords, matching further keys relating to inputs provided by the display terminal and generating and storing corresponding statements in the secure database. Specifically, in the process of verifying the private ID, the private ID is identified through a plurality of input devices or input devices, so that the operation has an efficient security function, and an unsafe transaction or a pirate can be effectively prevented from tampering information of the transaction. In the process of verifying the private ID, the input device and the input equipment generate a verified password in the process of verifying the private ID, the verified password queries a reference database in the query, and the reference database comprises a pre-filled verified password table aiming at one or more verified passwords to check, so that the verified password is checked with the verified password stored in the verified password table and the generated verified password, and the verified password can pass only when the verified passwords of the input device and the input equipment are consistent. And if the inconsistent conditions exist, rejecting the access application or the editing application, recording the access record and storing the access record in the database. When the rejection record in the database exceeds a set threshold value, the client of the application is locked, and the safety performance of the transaction record and the whole system is effectively ensured.
In summary, the block chain-based zero-knowledge verification method of the present invention employs accessing a secure database containing stored private IDs by a block chain, wherein the stored private IDs are a combination of a received identifier and a retrieved second identifier, and wherein the secure database includes related data, such that passwords of the private IDs have higher security performance; the two parties can perform safe calculation by adopting the messy code circuit, wherein the two untrusted parties can perform common evaluation through private input of the two untrusted parties under the condition that a trusted third party does not exist, so that the transaction on the block chain is effectively guaranteed to be safely protected; the programming instruction of the generating module is adopted to ensure that the verification step is more standard, and in addition, the verification operation is uniformly verified by a processor, so that errors cannot occur in the verification process; by adopting the micro-service which is a software development technology, the application program can be constructed into a group of loosely coupled services, the modularity is improved, the application program is easier to understand, develop or test, and the system structure erosion can be resisted better; the transaction information is protected by adopting a plurality of databases, and the two databases are mutually redundant, so that the databases still keep working under the attacked state; receiving the verification channel number by adopting a receiving module of the order database host server, and carrying out identity verification on an operator before accessing the order database host server, wherein safety measures are taken to protect the safety of the second database when the opportunity of the current order and the information of potential adverse reactions exists; by using an authentication module, the system database can be authenticated against the restrictions of how many queries can be made, and the system database is allowed to store the order and the standard encoded transaction conditions for each, and to enter a trust relationship between the user name and password, the ID and access code issued by the system, the license number of the system database or any other such combination of private identifiers providing a level known to a person skilled in the art, and possibly to obtain historical orders about the operator, ensuring a high security of the process of operating the transaction.
Although the invention has been described above with reference to various embodiments, it should be understood that many changes and modifications may be made without departing from the scope of the invention. That is, the methods, systems, and devices discussed above are examples. Various configurations may omit, substitute, or add various procedures or components as appropriate. For example, in alternative configurations, the methods may be performed in an order different than that described, and/or various components may be added, omitted, and/or combined. Moreover, features described with respect to certain configurations may be combined in various other configurations, as different aspects and elements of the configurations may be combined in a similar manner. Further, elements therein may be updated as technology evolves, i.e., many elements are examples and do not limit the scope of the disclosure or claims.
Specific details are given in the description to provide a thorough understanding of the exemplary configurations including implementations. However, configurations may be practiced without these specific details, for example, well-known circuits, processes, algorithms, structures, and techniques have been shown without unnecessary detail in order to avoid obscuring the configurations. The description provides example configurations only, and does not limit the scope, applicability, or configuration of the claims. Rather, the foregoing description of the configurations will provide those skilled in the art with an enabling description for implementing the described techniques. Various changes may be made in the function and arrangement of elements without departing from the spirit or scope of the disclosure.
In conclusion, it is intended that the foregoing detailed description be regarded as illustrative rather than limiting, and that it be understood that it is illustrative only and is not intended to limit the scope of the invention. After reading the description of the present invention, the skilled person can make various changes or modifications to the invention, and these equivalent changes and modifications also fall into the scope of the invention defined by the claims.
Claims (7)
1. A block chain based zero knowledge verification method is characterized by comprising the following steps:
obtaining a receive identifier from a provider by a blockchain, wherein the receive identifier corresponds to access by a blockchain authentication provider;
the blockchain obtains a second identifier, the second identifier corresponding to the receive identifier, the receive identifier being different from the second identifier;
accessing, by the blockchain, a secure database containing stored private identifiers, wherein the stored private identifiers are a combination of the received identifiers and the retrieved second identifiers, the secure database comprising a blockchain search secure database that obtains corresponding search results based on input received from a display terminal;
the block chain sends the search result to a display terminal and displays the search result on the display terminal;
the blockchain searching the secure database for the search result based on input received from the display terminal, further comprising identifying a key value of the input received from the display terminal;
the key values include: corresponding to a private identifier in a secure database; determining an authentication password from the display terminal that receives the input and one or more input authentication passwords corresponding to the private identifiers in the secure database;
input device and input device are in the inspection private identifier's in-process can generate a password of verifying, verify the password can be in inquiry reference database, and reference database includes the verification password table to the pre-filling of one or more verification passwords checks, makes verified password with store in verify password table and the verification password of generation check, only under the condition that the verification password of both appears unanimously, just can pass through, if when the inconsistent situation appears, visit application or edit the application and all be refuted to record the access record, and store in the database, when refute record in the database exceeds the threshold value of settlement, the client of this application will be locked.
2. The method of claim 1, wherein the corresponding second identifier is generated by the blockchain based on the received identifier, and wherein the blockchain generates a private identifier based on the received identifier and the corresponding generated second identifier; the blockchain stores the generated private identifier in a secure database, the generation of the private identifier by the blockchain based on the received identifier and the correspondingly generated second identifier being achieved by using a forgetting pseudorandom function.
3. The method according to claim 1, wherein searching the secure database for a search result based on an input received by a display terminal is accomplished by the blockchain using a private blockchain set intersection function.
4. The blockchain-based zero knowledge verification method according to claim 1, wherein the sending of the search result by the blockchain further comprises at least one of: returning a conflict value to a display terminal in response to or identifying an incoming duplicate security database received from the provider corresponding to the private identifier in the provider;
in response to or identifying a received incoming authentication password from the display terminal, the incoming authentication password corresponding to the one or more entries in the secure database for the private identifier, a "yes" value is returned to the display terminal.
5. A blockchain-based zero knowledge authentication method according to claim 1, wherein in response to or not recognising a repetition of an input received from the display terminal corresponding to the private identifier in the secure database and in response to or not recognising an authentication password of the received input from the provider, one or more inputs corresponding to the private identifier in the secure database are used.
6. The blockchain-based zero knowledge verification method of claim 1, wherein the blockchain updates the secure database to include an input received from the display terminal corresponding to the private identifier.
7. The blockchain-based zero knowledge authentication method of claim 2, wherein the one or more inputs corresponding to the private identifier identify an authentication password of the input received from the display terminal, further comprising: querying a reference database comprising a pre-populated table of validation passwords for one or more validation passwords, matching further keys relating to inputs provided by the display terminal and generating and storing corresponding statements in the secure database.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911408636.9A CN111125741B (en) | 2019-12-31 | 2019-12-31 | Zero knowledge verification method based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911408636.9A CN111125741B (en) | 2019-12-31 | 2019-12-31 | Zero knowledge verification method based on block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111125741A CN111125741A (en) | 2020-05-08 |
| CN111125741B true CN111125741B (en) | 2022-07-01 |
Family
ID=70506200
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911408636.9A Active CN111125741B (en) | 2019-12-31 | 2019-12-31 | Zero knowledge verification method based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111125741B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111708559A (en) * | 2020-06-16 | 2020-09-25 | 四川虹微技术有限公司 | Data updating method and device, electronic equipment and storage medium |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107851281A (en) * | 2015-05-21 | 2018-03-27 | 万事达卡国际股份有限公司 | System and method for the fraud control of the transaction based on block chain |
| KR101837170B1 (en) * | 2016-12-29 | 2018-04-19 | 주식회사 코인플러그 | Method for providing secret electronic voting service on the basis of blockchain by using zero knowledge proof algorithm, and voting coin minter server, voting token distributor server and voting supporting server using the same |
| CN108712264A (en) * | 2018-06-12 | 2018-10-26 | 陈继 | A kind of identity identifying method based on zero-knowledge proof |
| CN109756582A (en) * | 2019-03-15 | 2019-05-14 | 腾讯科技(深圳)有限公司 | Information recording method, device, node and storage medium in block chain network |
| CN109858852A (en) * | 2018-12-26 | 2019-06-07 | 上海源庐加佳信息科技有限公司 | A kind of warehouse receipt verification method based on block chain and zero-knowledge proof |
| CN109981622A (en) * | 2019-03-15 | 2019-07-05 | 智链万源(北京)数字科技有限公司 | Block chain network node permission reverse proxy method and apparatus |
| CN110032883A (en) * | 2019-01-31 | 2019-07-19 | 阿里巴巴集团控股有限公司 | Method, system and the node of secret protection are realized in block chain |
| CN110033368A (en) * | 2018-11-30 | 2019-07-19 | 阿里巴巴集团控股有限公司 | The method of secret protection is realized in block chain |
| CN110224837A (en) * | 2019-06-06 | 2019-09-10 | 西安纸贵互联网科技有限公司 | Zero-knowledge proof method and terminal based on distributed identity |
| CN110324151A (en) * | 2019-06-25 | 2019-10-11 | 北京智涵芯宇科技有限公司 | Safety chip and application method, system and medium based on PUF and zero-knowledge proof |
| CN110321735A (en) * | 2019-04-29 | 2019-10-11 | 山东工商学院 | Business handling method, system and storage medium based on zero-knowledge proof |
| CN110336672A (en) * | 2019-04-29 | 2019-10-15 | 山东工商学院 | Method, system and storage medium for citizen privacy protection based on zero-knowledge proof |
| CN110537195A (en) * | 2017-04-18 | 2019-12-03 | 科因普拉格株式会社 | Use the method that the logical card ID clearance card based on block chain uses and the server for using it |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9525668B2 (en) * | 2014-06-27 | 2016-12-20 | Intel Corporation | Face based secure messaging |
| US20160342989A1 (en) * | 2015-05-21 | 2016-11-24 | Mastercard International Incorporated | Method and system for processing blockchain-based transactions on existing payment networks |
-
2019
- 2019-12-31 CN CN201911408636.9A patent/CN111125741B/en active Active
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107851281A (en) * | 2015-05-21 | 2018-03-27 | 万事达卡国际股份有限公司 | System and method for the fraud control of the transaction based on block chain |
| KR101837170B1 (en) * | 2016-12-29 | 2018-04-19 | 주식회사 코인플러그 | Method for providing secret electronic voting service on the basis of blockchain by using zero knowledge proof algorithm, and voting coin minter server, voting token distributor server and voting supporting server using the same |
| CN110537195A (en) * | 2017-04-18 | 2019-12-03 | 科因普拉格株式会社 | Use the method that the logical card ID clearance card based on block chain uses and the server for using it |
| CN108712264A (en) * | 2018-06-12 | 2018-10-26 | 陈继 | A kind of identity identifying method based on zero-knowledge proof |
| CN110033368A (en) * | 2018-11-30 | 2019-07-19 | 阿里巴巴集团控股有限公司 | The method of secret protection is realized in block chain |
| CN109858852A (en) * | 2018-12-26 | 2019-06-07 | 上海源庐加佳信息科技有限公司 | A kind of warehouse receipt verification method based on block chain and zero-knowledge proof |
| CN110032883A (en) * | 2019-01-31 | 2019-07-19 | 阿里巴巴集团控股有限公司 | Method, system and the node of secret protection are realized in block chain |
| CN109756582A (en) * | 2019-03-15 | 2019-05-14 | 腾讯科技(深圳)有限公司 | Information recording method, device, node and storage medium in block chain network |
| CN109981622A (en) * | 2019-03-15 | 2019-07-05 | 智链万源(北京)数字科技有限公司 | Block chain network node permission reverse proxy method and apparatus |
| CN110321735A (en) * | 2019-04-29 | 2019-10-11 | 山东工商学院 | Business handling method, system and storage medium based on zero-knowledge proof |
| CN110336672A (en) * | 2019-04-29 | 2019-10-15 | 山东工商学院 | Method, system and storage medium for citizen privacy protection based on zero-knowledge proof |
| CN110224837A (en) * | 2019-06-06 | 2019-09-10 | 西安纸贵互联网科技有限公司 | Zero-knowledge proof method and terminal based on distributed identity |
| CN110324151A (en) * | 2019-06-25 | 2019-10-11 | 北京智涵芯宇科技有限公司 | Safety chip and application method, system and medium based on PUF and zero-knowledge proof |
Non-Patent Citations (3)
| Title |
|---|
| Card-Based Physical Zero-Knowledge Proof for Kakuro;Daiki MIYAHARA等;《IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer》;20190901;第E102-A卷(第9期);第1072-1078页 * |
| 区块链原理及其核心技术;蔡晓晴等;《计算机学报》;20191118;第44卷(第1期);第84-131页 * |
| 基于国密算法和区块链的移动端安全eID及认证协议设计;胡卫等;《信息网络安全》;20180710(第7期);第7-15页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111125741A (en) | 2020-05-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12056227B2 (en) | Systems and methods for device and user authorization | |
| CN111429254B (en) | Business data processing method and device and readable storage medium | |
| US20210377254A1 (en) | Federated identity management with decentralized computing platforms | |
| US10565192B2 (en) | Optimizing queries and other retrieve operations in a blockchain | |
| US20200119904A1 (en) | Tamper-proof privileged user access system logs | |
| Lee et al. | Modifiable public blockchains using truncated hashing and sidechains | |
| US20140211944A1 (en) | System and method of protecting, storing and decrypting keys over a computerized network | |
| US12022000B2 (en) | Method for information processing in digital asset certificate inheritance transfer, and related device | |
| US11379616B2 (en) | System and method for providing anonymous validation of a query among a plurality of nodes in a network | |
| US20230259899A1 (en) | Method, participant unit, transaction register and payment system for managing transaction data sets | |
| CN114881469A (en) | Performance assessment and management system and method for enterprise workers | |
| US10320775B2 (en) | Eliminating abuse caused by password reuse in different systems | |
| WO2019144948A1 (en) | Decentralized biometric authentication platform | |
| CN108121904B (en) | Unlocking method, device, electronic equipment and server | |
| CN111932261A (en) | Asset data management method and device based on verifiable statement | |
| CN111125741B (en) | Zero knowledge verification method based on block chain | |
| JP5948472B1 (en) | Information management system and business system | |
| US20230267426A1 (en) | Payment system, coin register, participant unit, transaction register, monitoring register and method for payment with electronic coin data sets | |
| Liu et al. | LoginSoEasy: a System Enabling both Authentication and Protection of Personal Information based on Trusted User Agent | |
| CN115168907B (en) | Data matching method, system, equipment and storage medium for protecting data privacy | |
| CN116112167B (en) | Key management system, method and device | |
| CN113923034B (en) | Networking equipment supervision authentication system and method | |
| US20240422160A1 (en) | Authenticated secure communications across different devices | |
| EP4379631A1 (en) | Digital wallet device and dual offline transaction method thereof | |
| DARAGHMI et al. | INSURECHAIN: A BLOCKCHAIN-BASED SYSTEM FOR SECURE, EFFICIENT AND INTEROPERABLE INSURTECH |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |