CN113674077A - Consumption credit risk prevention method, system, equipment and storage medium - Google Patents

Abstract

The invention relates to the technical field of consumer credit risk prevention, in particular to a consumer credit risk prevention method, comprising the following steps: applying for creating a customer distributed unique identification DID on a blockchain platform; each financial institution generates a homomorphic key, saves it In the trusted key storage device; the customer's loan information is encrypted by the homomorphic key to form a ciphertext; when the customer applies for a loan in a financial institution, the financial institution uses the customer's unique identification DID to identify the customer separately in each financial institution. query the ciphertext of the loan information obtained from the query; perform homomorphic operation on the ciphertext of the loan information of each financial institution obtained by the query and obtain the ciphertext sum; decrypt the obtained ciphertext sum and obtain the customer’s The overall situation of institutional loans; the present invention can timely, quickly and effectively profile customers on the premise of not leaking customer loan information, thereby greatly reducing lending risks.

Description

Consumption credit risk prevention method, system, equipment and storage medium

Technical Field

The invention belongs to the technical field of consumption credit risk prevention, and particularly relates to a consumption credit risk prevention method, a system, equipment and a storage medium.

Background

In the field of consumption finance, malicious clients often apply for loans at a plurality of financial institutions, long debts are malicious and unrelieved, and heavy pressure is brought to the wind control of the consumption financial institutions.

At present, the traditional methods for checking the client loan mainly comprise the following two methods:

firstly, the financial institution inquires client credit through a credit investigation system of the people's bank, and refuses loan to the users with poor credit or reduces the loan amount.

And secondly, combining financial institutions in multiple industries to form a customer blacklist, and determining whether to deposit money for the customer according to the customer blacklist.

However, the conventional method for checking the client loan has the following disadvantages:

the credit investigation data of people's banks has the problems of low data reporting frequency, poor real-time performance, incomplete data sources and the like, if a client does not make a malicious loan in a plurality of institutions at the same time, because of the time difference between credit investigation data reporting and inquiring, the risk is still difficult to find in advance and the loan is refused;

and secondly, accurate portrait is difficult to realize only through a client blacklist, and accurate marketing and intelligent wind control cannot be realized.

Disclosure of Invention

The invention aims to provide a consumption credit risk prevention method aiming at the defects in the prior art, which can rapidly and effectively figure a client in time on the premise of not revealing client loan information, rapidly identify malicious loan behaviors of malicious clients and greatly reduce loan risks;

the invention also provides a consumption credit risk prevention system, an electronic device and a storage medium.

In order to achieve the above object, the present invention provides a method for preventing a credit consumption risk, comprising the steps of:

s1: applying for creating a client distributed unique identification DID on a block chain platform;

s2: each financial institution generates a homomorphic key and stores the homomorphic key in the trusted key storage device;

s3: when the client completes loan at each financial institution, the financial institution takes out the homomorphic key from the credible key storage equipment;

s4: the financial institution encrypts loan information of a client through a homomorphic key to form a ciphertext, links the formed ciphertext and associates the formed ciphertext with a unique identification DID (binary identification) of the client, wherein the loan information comprises loan data and repayment data;

s5: when a client applies for loan at a financial institution, the financial institution queries the ciphertext of the loan-related information of the client at each financial institution respectively through the unique identification DID of the client;

s6: homomorphic operation is carried out on the ciphertexts which are obtained by inquiry and respectively related to loan information of each financial institution, and the total of the ciphertexts is obtained;

s7: decrypting the obtained ciphertext sum to obtain the total loan condition of the client in each financial institution;

s8: and judging whether to approve the loan according to the general condition of the loan of the client in each financial institution.

In a further improvement of the above solution, the step S1 includes the following steps:

s11: the client fills in registration information, wherein the registration information comprises one or more of client name, client certificate type, client identity card number, client mobile phone number, client academic calendar and client academic certificate number;

s12: the financial institution receives, verifies and verifies the registration information filled by the client;

s13: the financial institution applies for creating a unique customer identification DID and a certificate from the blockchain platform;

s14: the block chain platform queries whether the unique identification DID and the certificate of the current client exist or not;

s15: if the unique identification DID and the certificate of the current client exist, the block chain platform searches the corresponding client DID and the certificate and returns the unique identification DID and the certificate of the client;

s16: and if the unique identification DID and the certificate of the current client do not exist, the block chain platform creates the unique identification DID of the client, generates a public key, a secret key and a signature, and returns the unique identification DID and the certificate of the client.

In a further improvement of the above solution, the step S2 includes the following steps:

s21: and generating a homomorphic key by using a multi-key homomorphic encryption method NTRU so as to support homomorphic encryption operation among a plurality of financial institutions. The homomorphic secret key comprises a homomorphic public key PK and a homomorphic private key SK, and the values of the homomorphic public key PK and the homomorphic private key SK adopt an NTRU method as follows:

let polynomial ring R ═ Z [ x]/<xⁿ+1>，Z[x]Representing a univariate polynomial with coefficients being positive integers with respect to an indefinite element x, xⁿ+1 is an ideal ring R, which is modulo xⁿ+1 residual quasi-ring Z [ x ]]Taking a Gaussian distribution X from the ring R, and then randomly taking an integer B and an odd prime number q from the Gaussian distribution X, so that q/2>2nB²(2nB +1) (2B +1) randomly selecting a polynomial f ', g, wherein the coefficients of the polynomial are selected from a gaussian distribution X, each coefficient of the polynomial is smaller than B, wherein f requires the function to be invertible and if not invertible, reselecting, calculating a new polynomial f ═ 2 f' +1, SK ═ f, PK ═ 2gf^-1]_q. Said [.]_qAfter the polynomial representation modulo q, each coefficient is within the set range { -q/2.,. q/2}, where q/2 is rounded down.

S22: generating a key storage structure by using a trusted computing module (TPM), and storing a root key (SRK) and an Endorsement Key (EK);

s23: encrypting the homomorphic public key PK generated in the step S21 by using an efficient, safe and independently controllable national secret asymmetric encryption algorithm SM2 by taking the SRK as a root key to generate an encrypted homomorphic public key PK1, and storing the encrypted homomorphic public key PK in a key slot;

s24: encrypting the homomorphic private key SK by taking PK1 as a parent key to generate an encrypted homomorphic private key SK1, and storing the encrypted homomorphic private key SK in a key slot;

s25: the signature generated in step S16 is encrypted with SK1 as a parent key, stored in a key slot, and the construction of a key tree is completed.

In a further improvement of the above solution, the client applies for a loan at any one of the financial institutions, including the steps of:

s51: the client applies for loan from the financial institution;

s52: the financial institution receives the application and carries out auditing;

s53: the financial institution carries out credit investigation on the client;

s54: the financial institution sends a request for inquiring the total loan condition of the client on the chain;

s55: the block chain platform receives the request and verifies the validity, initiates a query request of the loan information of the client in each financial institution, and queries the ciphertext of the loan condition of the client in each financial institution;

s56: the agent node obtains a root secret key SRK from a trusted computing module TPM in a trusted execution environment TEE, and obtains a homomorphic public key set { PK ] encrypted by each organization according to the SRK₁,PK₂,……,PK_i}, { PK₁,PK₂,……,PK_iDeciphering homomorphic private key Set (SK) of each mechanism₁,SK₂,……,SK_nMultiplication SK is carried out on the homomorphic private key set₁*SK₂*……*SK_iObtaining an aggregation private key SK', wherein i represents the number of mechanisms participating in encryption and decryption;

s57: the financial institution takes SK 'out of the TEE, calculates the searched cryptograph related to loan information of each financial institution respectively, multiplies SK' to obtain the cryptograph sum, the cryptograph sum comprises the cryptograph mu of the credit line sum, the product type, the used line sum, the usable line sum, the arrearage sum, the overdue times and the total times of the marked blacklist of the clients using various types of loans in each financial institution, and calculates [ mu mod q ] mod 2 to obtain the sum plaintext m;

s58: the financial institution judges whether to approve the loan according to the general condition m of the loan of the client in each financial institution, and the method for judging the general condition is to input the sum plaintext m obtained in the step S57 into a wind control system of the financial institution to carry out operation and output the approval result of the credit granting;

s59: if agreeing to release, generating release information, wherein the release information comprises a loan contract and a client repayment plan;

s510: the financial institution obtains the root secret key SRK in the trusted computing module TPM, decrypts the homomorphic public key PK, homomorphic encrypts the loan information generated in the step S59 and completes the uplink, and the homomorphic encryption method is that c ═ PK × S +2e + m]_qS and e are a polynomial randomly selected from the distribution X, the coefficients of the polynomial being required to be much smaller than q, q being the odd prime number q selected in step S21.

In a further improvement of the above solution, the step of the customer repayment of the loan at any one of the financial institutions comprises the steps of:

s61: the customer repays the loan to the financial institution;

s62: the financial institution inquires loan information of a client in the current financial institution, and the group signature hides and initiates human signature information;

s63: if the payment is successful, generating payment information, wherein the payment information comprises current payment data and residual payment data;

s64: and encrypting the generated repayment information to form a ciphertext, and linking the formed ciphertext and associating the formed ciphertext with the unique identification DID of the client.

A spending credit risk prevention system comprising:

the client terminal is used for inputting information, inquiry and request by a client;

the financial institution application layer server is used for sending a request to the blockchain platform to call a service interface provided by the blockchain platform and receiving a result returned by the blockchain platform;

and the block chain platform is used for creating a client unique identification DID, encrypting the loan information of the client in each financial institution respectively and forming a ciphertext, chaining the formed ciphertext and associating the unique identification DID with the client, inquiring the ciphertext of the client in each financial institution related to the loan information respectively, homomorphically encrypting the ciphertexts obtained by inquiry and related to the loan information of each financial institution respectively, and decrypting the sum of the obtained ciphertexts.

In a further improvement of the above solution, the blockchain platform includes:

the consensus node is used for receiving a data interaction request sent by the financial institution application layer server and broadcasting the signed and encrypted data interaction request to other consensus nodes in the block chain network;

the proxy node is used for receiving a data interaction request sent by the financial institution application layer server and packaging data interaction;

and the authentication node is used for providing identity authentication and certificate issuing services for the consensus node and the proxy node.

In a further improvement of the above solution, the consensus node includes:

the consensus encryption module is used for encrypting, decrypting, signing and verifying data interaction, homomorphic addition of encrypted ciphertext, application and management of various certificates and keys and calculation of a hash value;

the consensus module is used for carrying out consensus operation on the data interaction request together with the consensus modules of other consensus nodes in the same block chain network according to the selected consensus algorithm;

the intelligent contract module is used for verifying the consensus result;

the consensus communication module is used for carrying out data interaction with other nodes;

the consensus storage module is used for storing the blocks generated by the verification nodes and the data of the cross-correlation of the data into a database;

the proxy node includes:

the agent encryption module is used for encrypting, decrypting, signing and verifying data interaction, applying and managing homomorphic encryption keys and calculating a hash value;

the agent communication module is used for carrying out data interaction with other nodes;

the proxy storage module is used for storing the blocks generated by the verification nodes and the data cross-correlation data into a database;

the system comprises a trusted key storage module (TPM) used for secretly storing a homomorphic public key PK and a homomorphic private key SK of a financial institution, an endorsement key EK bound with storage equipment hardware and used for verifying the reliability of the storage equipment, a root key SRK used for encrypting and decrypting the homomorphic key, a generated key tree and stored in external equipment.

And the trusted execution environment module (TEE) is used for safely acquiring homomorphic public keys and private keys of financial institutions to which the ciphertext data belong in a chain in a trusted environment before performing the homomorphic operation of the ciphertext, performing aggregation operation on the private keys and outputting results, and calculating the aggregation keys without revealing keys of all institutions for homomorphic operation.

An electronic device, the electronic device comprising: a processor and a memory storing computer program instructions;

the processor, when executing the computer program instructions, implements a method of containment of credit risk as in any of the above-described embodiments.

A computer storage medium having computer program instructions stored thereon, the computer program instructions when executed by a processor implementing a method of credit risk containment as claimed in any preceding claim.

The invention also provides a consumption credit risk prevention method, which comprises the following steps:

s1: applying for creating a client distributed unique identification DID on a block chain platform;

s2: each financial institution generates a homomorphic key and stores the homomorphic key in the trusted key storage device;

s3: when the client completes loan at each financial institution, the financial institution takes out the homomorphic key from the credible key storage equipment;

s4: the financial institution encrypts loan information of a client through a homomorphic key to form a ciphertext, links the formed ciphertext and associates the formed ciphertext with a unique identification DID (binary identification) of the client, wherein the loan information comprises loan data and repayment data;

s5: when a client applies for loan at a financial institution, the financial institution queries the ciphertext of the loan-related information of the client at each financial institution respectively through the unique identification DID of the client;

s6: homomorphic operation is carried out on the ciphertexts which are obtained by inquiry and respectively related to loan information of each financial institution, and the total of the ciphertexts is obtained;

s7: decrypting the obtained ciphertext sum to obtain the total loan condition of the client in each financial institution;

s8: judging whether to approve the loan according to the general conditions of the loan of the client in each financial institution;

the invention discloses a consumption credit risk prevention method, which at least has the following beneficial effects:

compared with the traditional method for checking the client loan, the method has the advantages that the financial institutions share the account book through the block chain technology, the block chain has the property of being not falsifiable, the shared account book is guaranteed, and the conditions of total assets and total liabilities of the clients in the financial institutions can be known quickly through the shared account book, so that the clients can be portrayed quickly and effectively in time, malicious loan behaviors of malicious clients can be identified quickly, and loan risks are greatly reduced;

compared with the method of sharing client identity data through direct plaintext, the method applies for creating the unique identity identification DID (distributed digital identity identifier) of the client on the block chain platform, and can anonymously and selectively disclose the client identity authentication information and the verifiable certificate of the electronic identity of the client through the distributed identity authentication technology, so that the problem of privacy data leakage caused by uploading the client information through the direct plaintext can be solved, and the safety factor is higher;

compared with the method that loan information of a client related to each financial institution is directly linked, the method has the advantages that the loan information of the client in each financial institution is encrypted and ciphertext is formed, the formed ciphertext is linked and is related to the unique identification DID of the client, ciphertext calculation is carried out through a homomorphic encryption technology of safe multi-party calculation, the total liability condition of the client can be obtained without exposing detailed data of the client in each financial institution, accordingly, the privacy information of the client can be protected from being abused by the financial institutions, the client can be rapidly and effectively represented in time without sharing detailed data of the client related to asset liability in each financial institution, and the safety coefficient is higher.

Compared with the existing homomorphic encryption method, the invention uses the homomorphic encryption algorithm with multiple keys, thereby avoiding the mechanism from decrypting the ciphertext information of other mechanisms on the chain through a single homomorphic key and protecting the privacy data of the mechanism. The homomorphic public key and the private key are stored in the trusted key storage device for encryption, the device only stores the endorsement key and the root key, and the endorsement key is bound with the trusted key storage device and can be verified with a remote server, so that the device is ensured not to be maliciously tampered or controlled. The root key is used for encrypting the homomorphic public key, the private key and the signature, the key and the signature are encrypted to generate the key tree, the key tree can be stored in external equipment and is not limited by the storage space of the trusted key storage equipment, meanwhile, the security of the key is ensured, and the security coefficient of an encryption system is higher. The aggregation private key used by the cryptograph homomorphic operation is calculated and extracted in a trusted execution environment, homomorphic operation is completed on the premise that private keys of all mechanisms are not leaked, private data of the mechanisms are not leaked, and a safety system of an operation system is higher.

Drawings

FIG. 1 is a flow chart of the method of the present invention for risk prevention of credit spending.

Fig. 2 is a flow chart of the invention for creating a client distributed unique identification DID.

FIG. 3 is a flow chart of generating a homomorphic key according to the present invention.

Fig. 4 is a flow chart of the loan application of the present invention.

Fig. 5 is a flow chart of loan repayment according to the present invention.

Fig. 6 is a block diagram of the credit consumption risk prevention system of the present invention.

Fig. 7 is a structural diagram of a consensus node of the present invention.

Fig. 8 is a structural diagram of a proxy node of the present invention.

Detailed Description

The invention will be further described with reference to the accompanying drawings.

As shown in fig. 1, a credit consumption risk prevention method of the present invention includes the steps of:

s1: applying for creating a client distributed unique identification DID on a block chain platform;

s2: each financial institution generates a homomorphic key and stores the homomorphic key in the trusted key storage device;

s3: when the client completes loan at each financial institution, the financial institution takes out the homomorphic key from the credible key storage equipment;

s4: the financial institution encrypts loan information of a client through a homomorphic key to form a ciphertext, links the formed ciphertext and associates the formed ciphertext with a unique identification DID (binary identification) of the client, wherein the loan information comprises loan data and repayment data;

s5: when a client applies for loan at a financial institution, the financial institution queries the ciphertext of the loan-related information of the client at each financial institution respectively through the unique identification DID of the client;

s6: homomorphic operation is carried out on the ciphertexts which are obtained by inquiry and respectively related to loan information of each financial institution, and the total of the ciphertexts is obtained;

s7: decrypting the obtained ciphertext sum to obtain the total loan condition of the client in each financial institution;

s8: and judging whether to approve the loan according to the general condition of the loan of the client in each financial institution.

In one embodiment of the present invention, as shown in fig. 2, the step S1 of applying for creating a client distributed unique identification DID on the blockchain platform specifically includes the following sub-steps:

s11: the client fills in registration information, wherein the registration information comprises one or more of client name, client certificate type, client identity card number, client mobile phone number, client academic calendar and client academic certificate number;

s12: the application layer server of the financial institution receives, verifies and verifies the registration information filled by the client;

s13: the financial institution applies for creating a unique identification DID and a certificate of the client from the blockchain platform;

s14: the block chain platform queries whether the unique identification DID and the certificate of the current client exist or not;

s15: if the unique identification DID and the certificate of the current client exist, the block chain platform searches the unique identification DID and the certificate of the corresponding client, returns the unique identification DID and the certificate of the client, then prompts the client to apply for the created unique identification DID and prompts whether the client is authorized to be used by the institution or not, and if the client agrees to authorize the institution, the client can perform subsequent business operations such as loan application and the like;

s16: if the unique identification DID and the certificate of the current client do not exist, the block chain platform creates the unique identification DID of the client and generates a public key, a secret key and a signature, the unique identification DID and the certificate of the client are returned, the unique identification DID system verifies and signs information of various certificates, an application layer server of a financial institution stores the association relation between the client identity and the unique identification DID, a client escrow key and the client certificate, the client identity and the client certificate are returned to the client and displayed on a page of a client terminal, and the client can perform subsequent business operations such as loan application and the like.

When a client terminal requests to verify the unique identification DID function, the block chain platform receives the unique identification DID of the client and credential information issued by the unique identification DID system signature, applies for verification of the unique identification DID information, verifies and returns a result, and after verification is passed, the client can perform subsequent business operations such as loan application and the like.

In one embodiment of the present invention, as shown in fig. 3, the step S2 of generating the homomorphic key by each financial institution specifically includes the following sub-steps:

s21: and generating a homomorphic key by using a multi-key homomorphic encryption method NTRU so as to support homomorphic encryption operation among a plurality of financial institutions. The homomorphic secret key comprises a homomorphic public key PK and a homomorphic private key SK, and values of the PK and the SK adopt an NTRU method as follows:

let polynomial ring R ═ Z [ x]/<xⁿ+1>，Z[x]Representing a univariate polynomial with coefficients being positive integers with respect to an indefinite element x, xⁿ+1 is an ideal ring R, which is modulo xⁿ+1 residual quasi-ring Z [ x ]]Taking a Gaussian distribution X from the ring R, and then randomly taking an integer B and an odd prime number q from the Gaussian distribution X, so that q/2>2nB²(2nB +1) (2B +1) randomly selecting a polynomial f ', g, wherein the coefficients of the polynomial are selected from a gaussian distribution X, each coefficient of the polynomial is smaller than B, wherein f requires the function to be invertible and if not invertible, reselecting, calculating a new polynomial f ═ 2 f' +1, SK ═ f, PK ═ 2gf^-1]_q. Said [.]_qAfter the polynomial representation modulo q, each coefficient is within the set range { -q/2.,. q/2}, where q/2 is rounded down.

S22: generating a key storage structure, and storing a root key SRK and an endorsement key EK;

s23: using the SRK as a root key, encrypting the homomorphic public key PK generated by the S21 by using a high-efficiency, safe and independently controllable secret asymmetric encryption algorithm SM2 to generate an encrypted homomorphic public key PK1, and storing the encrypted homomorphic public key PK1 in a key slot;

s24: encrypting the homomorphic private key SK by taking PK1 as a parent key to generate an encrypted homomorphic private key SK1, and storing the encrypted homomorphic private key SK in a key slot;

s25: the signature generated in step S16 is encrypted with SK1 as a parent key, stored in a key slot, and the construction of a key tree is completed.

In one embodiment of the present invention, as shown in fig. 4, a client applies for a loan at any one of the financial institutions, including the following steps:

s51: a client applies for a loan from a financial institution on a client terminal;

s52: an application layer server of a financial institution receives the application and carries out auditing;

s53: the financial institution carries out credit investigation on the client;

s54: an application layer server of a financial institution sends a request for inquiring the total loan condition of a client on a chain to a blockchain platform;

s55: the block chain platform receives the request and verifies the validity, initiates a query request of the loan information of the client in each financial institution, and queries the ciphertext of the loan condition of the client in each financial institution;

s56: homomorphic operation is carried out on the ciphertexts which are obtained by inquiry and respectively related to loan information of each financial institution to obtain a ciphertext sum, wherein the ciphertext sum comprises the ciphertexts of variables such as credit line sum, product type, used line sum, usable line sum, debt total, overdue times, total times of marked blacklists and the like of clients using various types of loans in each financial institution;

s56: the agent node obtains a root key SRK from a trusted computing module TPM in a trusted execution environment, and obtains a homomorphic public key set { PK ] encrypted by each organization according to the root key SRK₁,PK₂,……,PK_i}, { PK₁,PK₂,……,PK_iDeciphering homomorphic private key Set (SK) of each mechanism₁,SK₂,……,SK_iMultiplication SK is carried out on the homomorphic private key set₁*SK₂*……*SK_iObtaining an aggregation private key SK', wherein i represents the number of mechanisms participating in encryption and decryption;

s57: financial institutions take out the private key SK 'from the trusted execution environment, the cipher texts which are obtained by inquiry and respectively related to loan information of each financial institution are operated and multiplied by the private key SK' to obtain the total sum of the cipher texts, wherein the total sum of the cipher texts comprises the cipher texts mu of variables such as the credit line sum of various types of loans used by customers in each financial institution, the used line sum, the debt total, the overdue times, the total times marked with blacklists and the like, and [ mu mod q ] mod 2 is calculated to obtain the total plaintext m;

s58: the financial institution judges whether to approve the loan according to the sum plaintext m of the loan of the customer in each financial institution, and the judgment method is that the sum plaintext m obtained in the step S57 is input into a wind control system of the financial institution to be operated, and a credit approval result is output;

s59: if agreeing to release, generating release information, wherein the release information comprises a loan contract and a client repayment plan;

s510: financial institution in trusted computing modelObtaining a root secret key SRK from the TPM, decrypting a homomorphic public key PK, homomorphic encrypting the loan information generated in the step S59 and completing uplink, wherein the homomorphic encrypting method is that c ═ PK +2e + m]_qS and e are a polynomial randomly selected from the distribution X, the coefficients of the polynomial being required to be much smaller than q, q being the odd prime number q selected in step S21.

In one embodiment of the present invention, as shown in fig. 5, the customer repays the loan at any one of the financial institutions, including the following steps:

s61: the customer repays the loan to the financial institution on the customer terminal;

s62: an application layer server of the financial institution inquires loan information of a client in the current financial institution, and the group signature hides and initiates human signature information;

s63: if the payment is successful, generating payment information, wherein the payment information comprises current payment data and residual payment data;

s64: and encrypting the generated repayment information to form a ciphertext, and linking the formed ciphertext and associating the formed ciphertext with the unique identification DID of the client.

In one embodiment of the present invention, as shown in fig. 6, there is also provided a credit consumption risk prevention system including:

the client terminal is used for inputting information, inquiry and request by a client;

the financial institution application layer server is used for sending a request to the blockchain platform to call a service interface provided by the blockchain platform and receiving a result returned by the blockchain platform, and is responsible for processing business logic outside the blockchain platform;

the block chain platform is used for creating a unique identification DID of the client, encrypting the loan information of the client in each financial institution respectively and forming a ciphertext, chaining the formed ciphertext and associating the DID with the client, inquiring the ciphertext of the client in each financial institution respectively, homomorphically encrypting the ciphertext obtained by inquiry respectively about the loan information of each financial institution, and decrypting the sum of the obtained ciphertexts.

Wherein, the block chain platform includes:

the consensus node is used for receiving a data interaction request sent by the financial institution application layer server and broadcasting the signed and encrypted data interaction request to other consensus nodes in the block chain network;

the proxy node is used for receiving a data interaction request sent by the financial institution application layer server and packaging data interaction;

and the authentication node is used for providing identity authentication and certificate issuing services for the consensus node and the proxy node.

As shown in fig. 7, the consensus node includes:

the consensus encryption module is used for encrypting, decrypting, signing and verifying data interaction, homomorphic addition of encrypted ciphertext, application and management of various certificates and keys and calculation of a hash value;

the consensus module is used for carrying out consensus operation on the data interaction request together with the consensus modules of other consensus nodes in the same block chain network according to the selected consensus algorithm;

the intelligent contract module is used for verifying the consensus result;

the consensus communication module is used for carrying out data interaction with other consensus nodes;

and the consensus storage module is used for storing the data generated by the verification node and the cross-correlation data of the data into a database.

As shown in fig. 8, the proxy node includes:

the agent encryption module is used for encrypting, decrypting, signing and verifying data interaction, applying and managing homomorphic encryption keys and calculating a hash value;

the agent communication module is used for carrying out data interaction with other agent nodes;

the proxy storage module is used for storing the blocks generated by the verification nodes and the data cross-correlation data into a database;

a trusted key storage module (TPM) for securely storing a homomorphic public key PK and a homomorphic private key SK of a financial institution, an endorsement key EK bound with storage device hardware for verifying the reliability of the storage device, a root key SRK for encrypting and decrypting the homomorphic key, a generated key tree stored in an external device;

and the trusted execution environment module (TEE) is used for safely acquiring homomorphic public keys and private keys of financial institutions to which the ciphertext data belong in a chain in a trusted environment before performing the homomorphic operation of the ciphertext, performing aggregation operation on the private keys and outputting results, and calculating the aggregation keys without revealing keys of all institutions for homomorphic operation.

In one embodiment of the present invention, there is also provided an electronic device, including: a processor and a memory storing computer program instructions;

the processor, when executing the computer program instructions, implements the spending credit risk prevention method of the present invention.

In one embodiment of the present invention, there is also provided a storage medium having stored thereon computer program instructions which, when executed by a processor, implement the method of the present invention for spending credit risk prevention.

It is understood that the above description is only a preferred embodiment of the present invention, and all equivalent changes or modifications of the structure, characteristics and principles described in the present application are included in the scope of the present application.

Claims (10)

1. A method of containment of a risk of spending credit comprising the steps of:

s1: applying for creating a client distributed unique identification DID on a block chain platform;

s2: each financial institution generates a homomorphic key and stores the homomorphic key in the trusted key storage device;

s3: when the client finishes loan at each financial institution, the client takes out the homomorphic key from the trusted execution environment and the trusted key storage equipment;

s4: the financial institution encrypts loan information of a client through a homomorphic key to form a ciphertext, links the formed ciphertext and associates the formed ciphertext with a unique identification DID (binary identification) of the client, wherein the loan information comprises loan data and repayment data;

s5: when a client applies for loan at a financial institution, the financial institution queries the ciphertext of the loan-related information of the client at each financial institution respectively through the unique identification DID of the client;

s6: homomorphic operation is carried out on the ciphertexts which are obtained by inquiry and respectively related to loan information of each financial institution, and the total of the ciphertexts is obtained;

s7: decrypting the obtained ciphertext sum to obtain the total loan condition of the client in each financial institution;

s8: and judging whether to approve the loan according to the general condition of the loan of the client in each financial institution.

2. The method as recited in claim 1, wherein the step S1 includes the steps of:

s11: the client fills in registration information, wherein the registration information comprises one or more of client name, client certificate type, client identity card number, client mobile phone number, client academic calendar and client academic certificate number;

s12: the financial institution receives, verifies and verifies the registration information filled by the client;

s13: the financial institution applies for creating a unique identification DID and a certificate of the client from the blockchain platform;

s14: the block chain platform queries whether the unique identification DID and the certificate of the current client exist or not;

s15: if the unique identification DID and the certificate of the current client exist, the block chain platform searches the corresponding unique identification DID and the certificate of the client and returns the unique identification DID and the certificate of the client;

s16: and if the unique identification DID and the certificate of the current client do not exist, the block chain platform creates the unique identification DID of the client, generates a public key, a secret key and a signature, and returns the unique identification DID and the certificate of the client.

3. The method for preventing credit consumption risk according to claim 2, wherein the step S2 includes the steps of:

s21: using a multi-key homomorphic encryption method to generate homomorphic keys, wherein the homomorphic keys comprise homomorphic public keys PK and homomorphic private keys SK, and the values of the homomorphic public keys PK and the homomorphic private keys SK adopt an NTRU method as follows:

let polynomial ring R ═ Z [ x]/<xⁿ+1>Where n is a power of 2, Z [ x ]]Representing a univariate polynomial with coefficients being positive integers with respect to an indefinite element x, xⁿ+1 is an ideal ring R, which is modulo xⁿ+1 residual quasi-ring Z [ x ]]Taking a Gaussian distribution X from the ring R, and then randomly taking an integer B and an odd prime number q from the Gaussian distribution X, so that q/2>2nB²(2nB +1) (2B +1) randomly selecting a polynomial f ', g, wherein the coefficients of the polynomial are selected from a gaussian distribution X, each coefficient of the polynomial is smaller than B, wherein f requires the function to be invertible and if not invertible, reselecting, calculating a new polynomial f ═ 2 f' +1, SK ═ f, PK ═ 2gf^-1]_q(ii) a Said [.]_qAfter the polynomial is expressed to be modulo q, each coefficient is in a set range of { -q/2.,. q/2}, wherein q/2 is rounded down;

s22: generating a key storage structure, and storing a root key SRK and an endorsement key EK;

s23: encrypting the homomorphic public key PK generated by the S21 by using a national secret asymmetric encryption algorithm SM2 by taking the SRK as a root key to generate an encrypted homomorphic public key PK1, and storing the encrypted homomorphic public key PK in a key slot;

s24: encrypting the homomorphic private key SK by taking PK1 as a parent key to generate an encrypted homomorphic private key SK1, and storing the encrypted homomorphic private key SK in a key slot;

s25: and encrypting the signature generated by the S16 by using the homomorphic private key SK1 as a parent key, storing the encrypted signature in a key slot, and completing the construction of a key tree.

4. The method for preventing credit loss risk according to claim 1, wherein the step of S5, when the client applies for a loan from any one of the financial institutions, comprises the steps of:

s51: the client applies for loan from the financial institution;

s52: the financial institution receives the application and carries out auditing;

s53: the financial institution carries out credit investigation on the client;

s54: the financial institution sends a request for inquiring the total loan condition of the client on the chain;

s55: the block chain platform receives the request and verifies the validity, initiates a query request of the loan information of the client in each financial institution, and queries the ciphertext of the loan condition of the client in each financial institution;

s56: the agent node obtains a root secret key SRK in a trusted execution environment, and obtains a homomorphic public key set { PK ] encrypted by each organization according to the root secret key SRK₁,PK₂,……,PK_i}, { PK₁,PK₂,……,PK_iDeciphering homomorphic private key Set (SK) of each mechanism₁,SK₂,……,SK_iMultiplication SK is carried out on the homomorphic private key set₁*SK₂*……*SK_iObtaining an aggregation private key SK', wherein i represents the number of mechanisms participating in encryption and decryption;

s57: the financial institution takes out the polymerization private key SK 'from the credible execution environment, calculates the cipher texts which are obtained by inquiry and respectively related to loan information of each financial institution, multiplies the cipher texts by the polymerization private key SK' to obtain the total sum of the cipher texts, wherein the total sum of the cipher texts comprises the cipher texts mu of the product types of various types of loans used by the client in each financial institution, the sum of credit granting limits, the sum of used limits, the sum of usable limits, the sum of arrears, overdue times and the total times of marked blacklists, and calculates [ mu mod q ] mod 2 to obtain the sum plaintext m;

s58: the financial institution judges whether to approve the loan according to the sum plaintext m of the loan of the customer in each financial institution, and the judgment method is that the sum plaintext m obtained in the step S57 is input into a wind control system of the financial institution to be operated, and a credit approval result is output;

s59: if agreeing to release, generating release information, wherein the release information comprises a loan contract and a client repayment plan;

s510: financial institution acquisitionDecrypting a homomorphic public key PK by using a root secret key SRK, homomorphically encrypting the deposit information generated by the S59 and completing uplink, wherein the homomorphic encryption method is that c is [ PK is +2e + m ═ S ═ m-]_qS and e are a polynomial randomly chosen from the gaussian distribution X with coefficients much smaller than the odd prime number q.

5. The credit consumption risk prevention method according to any one of claims 1-4, wherein the client repays the loan at any one of the financial institutions, comprising the steps of:

s61: the customer repays the loan to the financial institution;

s62: the financial institution inquires loan information of a client in the current financial institution, and the group signature hides and initiates human signature information;

s63: if the payment is successful, generating payment information, wherein the payment information comprises current payment data and residual payment data;

s64: and encrypting the generated repayment information to form a ciphertext, and linking the formed ciphertext and associating the formed ciphertext with the unique identification DID of the client.

6. A credit consumption risk prevention system for implementing the method of any one of claims 1-5, comprising:

the client terminal is used for inputting information, inquiry and request by a client;

the financial institution application layer server is used for sending a request to the blockchain platform to call a service interface provided by the blockchain platform and receiving a result returned by the blockchain platform;

the block chain platform is used for creating unique identification DID of the client, encrypting loan information of the client in each financial institution respectively and forming a ciphertext, chaining the formed ciphertext and associating the unique identification DID of the client, inquiring the ciphertext related to the loan information of the client in each financial institution respectively, homomorphically encrypting the ciphertext related to the loan information of each financial institution respectively and decrypting the sum of the obtained ciphertexts.

7. The credit consumption risk prevention system of claim 6 wherein the blockchain platform comprises:

the consensus node is used for receiving a data interaction request sent by the financial institution application layer server and broadcasting the signed and encrypted data interaction request to other consensus nodes in the block chain network;

the proxy node is used for receiving a data interaction request sent by the financial institution application layer server and packaging data interaction;

and the authentication node is used for providing identity authentication and certificate issuing services for the consensus node and the proxy node.

8. The credit consumption risk prevention system of any of claims 6-7 wherein the consensus node comprises:

the consensus encryption module is used for encrypting, decrypting, signing and verifying data interaction, homomorphic addition of encrypted ciphertext, application and management of various certificates and keys and calculation of a hash value;

the consensus module is used for carrying out consensus operation on the data interaction request together with the consensus modules of other consensus nodes in the same block chain network according to the selected consensus algorithm;

the intelligent contract module is used for verifying the consensus result;

the consensus communication module is used for carrying out data interaction with other consensus nodes;

the consensus storage module is used for storing the blocks generated by the verification nodes and the data of the cross-correlation of the data into a database;

the proxy node includes:

the agent encryption module is used for encrypting, decrypting, signing and verifying data interaction, applying and managing homomorphic encryption keys and calculating a hash value;

the agent communication module is used for carrying out data interaction with other agent nodes;

the proxy storage module is used for storing the blocks generated by the verification nodes and the data cross-correlation data into a database;

a trusted key storage module (TPM) for secretly storing a homomorphic public key PK and a homomorphic private key SK of a financial institution, an endorsement key EK is bound with storage equipment hardware and used for verifying the reliability of the storage equipment, a root key SRK is used for encrypting and decrypting the homomorphic key SK, and a generated key tree is stored in external equipment;

and the trusted execution environment module (TEE) is used for safely acquiring homomorphic public keys and private keys of financial institutions to which the ciphertext data belong in a chain in a trusted environment before performing the homomorphic operation of the ciphertext, performing aggregation operation on the private keys and outputting results, and calculating the aggregation keys without revealing keys of all institutions for homomorphic operation.

9. An electronic device, characterized in that the electronic device comprises: a processor and a memory storing computer program instructions;

the computer program instructions, when executed by the processor, implement the method of claim 1-5.

10. A storage medium having stored thereon computer program instructions which, when executed by a processor, implement the spending credit risk prevention method according to any one of claims 1-5.

Images