ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2020, Vol. 57 ›› Issue (10): 2232-2240.doi: 10.7544/issn1000-1239.2020.20200400

所属专题: 2020密码学与数据隐私保护研究专题

• 信息安全 • 上一篇    下一篇

ACT:可审计的机密交易方案

姜轶涵1,李勇1,朱岩2   

  1. 1(北京交通大学电子信息工程学院 北京 100044);2(北京科技大学计算机与通信工程学院 北京 100083) (16120073@bjtu.edu.cn)
  • 出版日期: 2020-10-01
  • 基金资助: 
    国家重点研发计划项目(2018YFC0832300,2018YFC0832303,2018YFB1402702);国家自然科学基金项目(61972032)

ACT: Auditable Confidential Transaction Scheme

Jiang Yihan1, Li Yong1, Zhu Yan2   

  1. 1(School of Electronic and Information Engineering, Beijing Jiaotong University, Beijing 100044);2(School of Computer & Communication Engineering, University of Science and Technology Beijing, Beijing 100083)
  • Online: 2020-10-01
  • Supported by: 
    This work was supported by the National Key Research and Development Program of China (2018YFC0832300, 2018YFC0832303, 2018YFB1402702) and the National Natural Science Foundation of China (61972032).

摘要: 密码技术是实现区块链隐私保护的重要手段.但是强隐私保护和交易数据审计是区块链相关方有冲突的两个需求.针对隐私性强的密码货币缺乏审计的问题,提出了可审计的机密交易(auditable confidential transaction, ACT)方案.该方案利用数字签名对审计请求进行源认证;使用Bulletproofs聚合范围证明,提高交易生成的效率;使用同态加密,保证审计方只知道一段时间内网络中所有用户的交易总额,保护单个用户的交易金额隐私;通过零知识证明,保证交易数据隐私及其正确性.安全证明表明,ACT方案满足可审计性、审计可靠性和交易金额隐私性.实验表明:使用Bulletproofs提高了交易创建和验证效率,且审计方算法的运行效率较高.

关键词: 可审计, 机密交易, 零知识证明, 同态加密, 签名

Abstract: Cryptographic techniques are important means for blockchain privacy protection. However, strong privacy protection and transaction data audit are two conflicting requirements of stakeholders and organizations in the blockchain. Therefore, considering the lack of auditing of private cryptocurrency, an auditable confidential transaction (ACT) scheme is proposed. In ACT scheme, digital signature is used to authenticate the source of audit request, and bulletproofs is used to aggregate range proof to improve the efficiency of transaction generation. Homomorphic encryption ensures that the auditor only knows the total amount of transaction of all users in the network for a period of time, while protecting the privacy of individual user’s transaction amount. Through zero knowledge proof, the privacy and correctness of transaction data are guaranteed. The security proof shows that ACT scheme satisfies auditability, audit reliability and transaction amount privacy. The experiment results show that the generation and verification efficiency of transaction via bulletproofs are improved, and the execution efficiency of the auditor’s algorithm as well.

Key words: auditable, confidential transaction, zero-knowledge proof, homomorphic encryption, signature

中图分类号: