ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2021, Vol. 58 ›› Issue (10): 2310-2318.doi: 10.7544/issn1000-1239.2021.20210653

所属专题: 2021密码学与网络空间安全治理专题

• 信息安全 • 上一篇    

一次变色龙哈希函数及其在可修正区块链中的应用

高伟1,陈利群2,唐春明3,张国艳4,李飞1   

  1. 1(鲁东大学数学与统计科学学院 山东烟台 264025);2(萨里大学计算机系 英国萨里 GU27XH);3(广州大学数学与信息科学学院 广州 510006);4(山东大学网络空间安全学院 山东青岛 266237) (mygaowei@163.com)
  • 出版日期: 2021-10-01
  • 基金资助: 
    基金项目:国家自然科学基金项目(61772147);全国统计科研项目(2020LY016,2021LY029);山东省自然科学基金项目(ZR2019MF062);山东省重点研发计划项目(2020RKB01114);山东省高校科技计划项目(J18A326)

One-Time Chameleon Hash Function and Its Application in Redactable Blockchain

Gao Wei1, Chen Liqun2, Tang Chunming3, Zhang Guoyan4, Li Fei1   

  1. 1(School of Mathematics and Statistics, Ludong University, Yantai, Shandong 264025);2(Department of Computer Science, University of Surrey, Surrey, UK GU27XH);3(School of Mathematics and Informatics, Guangzhou University, Guangzhou 510006);4(School of Cyber Science and Technology, Shandong University, Qingdao, Shandong 266237)
  • Online: 2021-10-01
  • Supported by: 
    This work was supported by the National Natural Science Foundation of China (61772147), the National Statistics Research Program (2020LY016, 2021LY029), the Natural Science Foundation of Shandong Province (ZR2019MF062), the Key Research and Development Program of Shandong Province (2020RKB01114), and Shandong University Science and Technology Program (J18A326).

摘要: 提出了称作一次变色龙哈希函数的新密码学原语:同一哈希值的2个原像(一次碰撞)不会暴露任何陷门信息,而同一哈希值的3个原像(二次碰撞)则会暴露部分陷门信息,但足以导致严重的安全危害.基于经典的RSA困难问题构造了简单高效的一次变色龙哈希函数方案,并在随机预言模型下证明了其安全性.应用该一次变色龙哈希函数方案,进一步高效实现了对每个区块仅允许至多一次修正的可修正区块链,而任何区块的二次修改都将导致区块链崩溃的惩罚.对区块链进行有效治理是网络空间安全治理的关键领域,而可修正区块链则构成了区块链监管和治理的最核心技术.所提出的可修正区块链方案具有高效和修正权限契合实际需求的两大特点,有望为区块链监管(尤其是链上有害数据的事后治理)提供有力的技术参考.

关键词: 可证明安全, 变色龙哈希函数, 可修正区块链, 区块链治理, RSA假设

Abstract: A new cryptographic primitive called a one-time chameleon Hash function is proposed for the first time. For this new primitive, two pre-images of the same Hash value (i.e. one collision) will not expose any trapdoor information, while three pre-images of the same Hash value (i.e. two collisions) will expose some trapdoor information, but it is enough to cause some serious security hazards. An efficient one-time chameleon Hash function scheme is constructed based on the classical RSA hard problem. Then its security is proved based on the RSA assumption in the random oracle model. By using this one-time chameleon Hash function scheme, a redactable blockchain scheme is further implemented efficiently, which only allows one redaction at most for each block, and any second redaction of the block will result in the penalty of the blockchain crash. Effective governance of blockchain is the key area of cyberspace security governance, and the redactable blockchain constitutes the most core technology of blockchain supervision and governance. The redactable blockchain scheme proposed in this paper has two characteristics of high efficiency and redacting restrictions compatible with the practical demand. So it is expected to provide a powerful technical method for blockchain supervision (especially for the post-governance of harmful data stored on the chain).

Key words: provable security, chameleon Hash function, redactable blockchain, blockchain governance, RSA assumption

中图分类号: