电子学报

• •    

基于代理重加密的区块链数据受控共享方案

郭庆1,2, 田有亮1,2,3(), 万良1   

  1. 1.贵州大学计算机科学与技术学院,贵州 贵阳 550025
    2.贵州省公共大数据重点实验室,贵州 贵阳 550025
    3.贵州大学密码学与数据安全研究所,贵州 贵阳 550025
  • 收稿日期:2021-06-24 修回日期:2022-01-13 出版日期:2022-07-12
    • 通讯作者:
    • 田有亮
    • 作者简介:
    • 郭庆 女,1997年出生,贵州铜仁人.硕士研究生.主要研究方向为密码学与区块链技术.E-mail: qingguo_gq@163.com
      田有亮(通讯作者) 男,1982年出生,贵州盘县人.博士,贵州大学教授,博士生导师.主要研究方向为算法博弈论、密码学与安全协议、大数据安全与隐私保护、区块链与电子货币.
      万良 男,1974年出生,贵州铜仁人.博士,贵州大学教授,硕士生导师.主要研究方向为网络空间安全.E-mail: wanliangtr@163.com
    • 基金资助:
    • 国家自然科学基金 (61662009); 国家自然科学基金联合基金重点支持项目 (U1836205); 贵州省科技重大专项计划 (20183001); 贵州省科技计划项目 (黔科合基础[2019]1098); 贵州省高层次创新型人才项目 (黔科合平台人才[2020]6008); 贵阳市科技计划项目 (筑科合[2021]1-5)

Blockchain Data Controlled Sharing Scheme Based on Proxy Re-Encryption

GUO Qing1,2, TIAN You-liang1,2,3(), WAN Liang1   

  1. 1.College of Computer Science and Technology,Guizhou University,Guiyang,Guizhou 550025,China
    2.Guizhou Provincial Key Laboratory of Public Big Data,Guiyang,Guizhou 550025,China
    3.Institute of Cryptography & Data Security,Guizhou University,Guiyang,Guizhou 550025,China
  • Received:2021-06-24 Revised:2022-01-13 Online:2022-07-12
    • Corresponding author:
    • TIAN You-liang

摘要:

区块链以分布式共享全局账本的形式存储交易数据,数据共享难以实现隐私保护和可用性之间的平衡,现有的区块链数据共享方案在进行隐私保护的同时可用性较低,有效实现区块链数据访问权限的动态调整是一个挑战性问题.为此,本文提出基于代理重加密的区块链数据受控共享方案.首先,基于SM2构造代理重加密算法,并借此设计区块链数据受控共享方案,利用代理重加密保护交易数据隐私实现数据安全共享.其次,提出用户权限动态调整机制,区块链节点分工代理并对重加密密钥参数分割管理,实现用户访问权限确定性更新,交易数据的可见性得到动态调整.最后,安全性和性能分析表明,本方案可以在保护交易隐私的同时,实现区块链数据动态共享,并且在计算开销方面具有优势,更好地适用于区块链数据受控共享.

关键词: 区块链, 代理重加密, 隐私保护, SM2, 受控共享

Abstract:

The blockchain stores transaction data in the form of a distributed shared global ledger and it is difficult to achieve a balance between privacy protection and availability in data sharing. The existing blockchain data sharing schemes have low availability while protecting privacy and effectively realizing the dynamic adjustment of blockchain data access permissions is a challenging problem. To this end, this paper proposes a blockchain data controlled sharing scheme based on proxy re-encryption. Firstly, based on SM2, the proxy re-encryption algorithm is constructed to design a blockchain data controlled sharing scheme, using proxy re-encryption to protect the privacy of transaction data to achieve data secure sharing. Secondly, a dynamic adjustment mechanism of user permissions is proposed that the blockchain nodes division of labor agent and the re-encryption key parameters are dividedly managed to realize the assured update of user access rights, so that the visibility of the blockchain data can be dynamically adjusted. Finally, the security and performance analysis show that the scheme can realize the dynamic sharing of blockchain data while protecting transaction privacy, and has advantages in computing overhead, better suitable for the controlled sharing of blockchain data.

Key words: blockchain, proxy re-encryption, privacy protection, SM2, controlled sharing

中图分类号: