Menɡ Qinɡxianɡ Wei Jiaqi Huanɡ Yuhanɡ
(Huayun Huijiao Digital Technology Co., Ltd., Shenzhen, Guangdong, 518053)
Abstract: As a new distributed accounting technology, block chain store transaction records and privacy data among users, which are open and transparent, the transaction records cannot be changed, and the source can be traced. The Internet of Things, finance, medical care and other industries have combined block chain technology to solve the bottleneck of the industry, so block chain development is very rapid, the scale of the industry is becoming larger and larger. However, the data on the block chain is open to the whole network node, and the data update operation is transparent, which will leave space for the hacker to attack and cause the user information to leak. The anonymity and privacy of block chain can’t satisfy the user’s need for privacy protection, which seriously affects the application and promotion of block chain. New solutions to protect data privacy and user privacy are urgently needed. Aiming at the security and privacy problems in block chain, this paper studies the key technologies such as identity privacy and data privacy protection.
Key words: block chain technology, privacy protection,data encryption
-
Introduction
In modern society, private information is important privacy for a person, and important information for the country.With the development of computers over the years, it has become an indispensable tool for us, but our information is constantly being stolen and leaked, we pay more and more attention to network security. Block chain technology is a distributed Internet database technology. Its decentralization, trustlessness and transparency make it possible to establish peer-to-peer trusted value transfer among unfamiliar nodes without relying on third-party trusted institutions. The main advantage is that it can significantly reduce trust cost and improve interaction efficiency. There is no central server in the block chain network, and each participating node in the system holds a complete copy of the data. Together, they maintain the integrity of the data, which can effectively avoid the risk of single-point collapse and data leakage of the centralized server.
The block chain system does not have a centralized organization to process and maintain data. In order to enable nodes to quickly reach a consensus, all transactions in the system are open and transparent, which brings about the problem of data privacy leakage. Although the user’s address in the block chain is anonymous, some organizations or individuals track the user’s transaction data through the address, analyze the transaction rules, obtain the correlation between the user’s transaction address, and use external information on the network to infer the user’s true identity information. In the financial field and supply chain, the open and transparent nature of block chain enables users to obtain all transaction information and material supply information, including amount, contract content and so on. Data is the key to the profitability of financial institutions, and it is also the subject of confidentiality of supply chain services. Competing companies or individuals obtain benefits by analyzing transaction data, which directly harms the interests of the company. In the field of the Internet of Things, point-to-point transactions can be made between devices, in which case block chain systems leak sensitive information such as energy transmission, posing a threat to personal and national security. Therefore, while using block chain technology, it is necessary to solve the problem of privacy leakage in the block chain and ensure user information security.
2.High risk of privacy leakage in block chain
The issues of privacy protection in block chains, such as anonymous transactions in encrypted currency, privacy of smart contracts, privacy protection infrastructure of block chains, etc., are long-term research hotspots. Classified by privacy protection technology, zero-knowledge proof, secure multi-party computation, homomorphic encryption, ring signature, proxy re-encryption, etc., all rely on cryptographic technology to protect data privacy. As a privacy protection technology that can achieve the strongest anonymity, zero-knowledge proof has been studied and explored in various block chain projects. From the point of view of application, the main application scenarios of block chain technology, such as encryption currency, electronic deposit certificate, identity recognition, financial data settlement and so on, also require more and more privacy protection. Among them, crypto-currency is by far the most successful application of block chain technology, giving birth to such excellent private currencies as Monero, ZCash and Dash. Zero-knowledge proof, as a privacy protection technology that can achieve the strongest anonymity, has been the focus of research and exploration of these crypto-currency projects. Zero-knowledge proof was put forward by C.Rackoff, S.Micali and S.Goldwasser in the early 1980s. It is a proof that allows the verifier to believe that an assertion is correct and that the proof does not reveal any useful information. Zero-knowledge proof is an interactive proof system. In addition to the traditional completeness and reliability that must be met, its unique zero-knowledge guarantees that the verifier cannot obtain the secret owned by the prover or any other information that helps to obtain the secret during the process of being certified. For a long time, zero-knowledge proof, as a strong security privacy protection technology, has received considerable research and development in theory, but its performance parameters include the number of interactive proof rounds, the data length of the proof, the generation time and verification, are often the bottlenecks that restrict the application of the technology. -
Block Chain Privacy and Security
There’s a lot of talk about building apps in block chains, like health care and finance, which involves a lot of highly private information.
Many people have misconceptions about privacy and security. People say that block chain is very safe. They feel that block chain can also protect privacy. But in fact, the two are completely separate. The security of the block chain refers to the block chain as a distributed system. In the case that each node may be malicious and may not do things according to the rules, the architecture of the block chain can make the the whole system guarantees certain rules, even if a certain node is untrustworthy. So in this case security is researched. But such security has nothing to do with privacy protection. Most of the data and smart contracts on today’s Block chain are public, without any privacy protection. So most block chains may be very security-conscious, but they don’t have any privacy protections.
Privacy protection is a very complicated issue, which involves doing calculations on very sensitive data. For example, the current block chain does not have any privacy protection. When a node is doing calculations, the calculation process will be leaked because the data is public. There are some conflicts within the block chain itself. On the one hand, it is decentralized. From a theoretical point of view, there will be some inefficiencies. Therefore, there are some disadvantages to the block chain application; But at the same time, it is decentralized, compared with centralized, the decentralized trust model has great advantages…
4. Block Chain Privacy Protection Technology
In fact, long before bitcoin, there was an age-old form of transaction that offered very good privacy protection: both parties hid their money in their sleeves to make a deal, so that even when others saw the deal, they couldn’t get private information such as the amount of the transaction. But it is not easy to copy such ideas directly into the block chain. Because in an open ledger, the legitimacy of each transaction needs to be verified by others to ensure that the initiator of the transaction has indeed authorized the transaction and that the transaction did not cause hyperinflation.
How can you “hide” specific information about a transaction while allowing others to verify the legitimacy of the transaction?
4.1Anonymous Payment
The biggest challenge in improving the interchangeability of privacy and encrypted digital currency is the inability to encrypt the entire block chain. In a bitcoin-based encrypted digital currency system, you can see which outputs have not been sent and which have been sent, often referred to as UTXO (Unbound Transaction Output), all of which are unspent transaction outputs. This allows each user to act as a guarantor of honest transactions in the public ledger. Bitcoin’s protocol is designed without the participation of third parties, even without the participation of third parties, the ability to read user information at any time through the public block chain for auditing is critical. EIDchain’s goal is to improve confidentiality and interchangeability without losing these elements, and we firmly believe that this is the key to the successful creation of digital currency. We have also made a number of improvements, such as de-centralization, the use of links to achieve strong anonymity, the same denomination and passive advanced coinjoin technology. We can make digital currency itself fully interchangeable. Interchangeability is the property of money, which determines that all units of digital currency should remain equal. When you receive money in the form of currency, money should not retain the previous user’s use record, or users can easily forget the previous use history, so that all digital currency is equal. At the same time, any user, without affecting the privacy of others, ensures that every transaction in the public ledger is true. In order to improve interchangeability and maintain the honesty of the public block chain, we propose to use advanced trustless de-centralization coinjoin technology, in order to maintain the interchangeability of currency, this service is directly integrated into the digital currency system, it is easy and safe to use for every user.
4.2Transaction Amount Hiding Mechanism
Block chain is a data block chain structure arranged in chronological order. In essence, it is a anti-tampering distributed database that uses cryptography to realize the security of each link in a decentralized way. Block chain has the characteristics of de-centralization, anti-tampering, anonymity, public verifiability, traceability, code open source and so on. At present, in most of the block chain platforms, any node can access all the data on the block chain, so the block chain privacy security problem is particularly prominent, and has become an important research topic in the block chain field. At present, block chain privacy technology mainly focuses on verifiable computation based on block chain, block chain data privacy, block chain transaction address hiding and block chain transaction amount hiding. Firstly, since block chains, secure multi-party computation and verifiable homomorphic secret sharing are all designed to solve the problem of how to work together among untrusted groups, the combination of block chains with secure multi-party computation and verifiable homomorphic secret sharing has inherent advantages. Most of the existing homomorphic secret sharing and secure multi-party computation have the problems of large number of communication wheels and large amount of communication. However, in the block chain environment, multi-round communication and a large amount of communication data will inevitably lead to the reduction of the efficiency of the algorithm itself and the block chain platform. In addition, since the nodes in the block chain are untrusted, a large amount of communication data will bring heavy burden of verification to the nodes. Therefore, it is important to study homomorphic verifiable secret sharing and secure multi-party computation for block chain-based verifiable computation. Secondly, the problem of leaking data privacy and difficult to support homomorphic computation exists in existing block-chain-based applications. Therefore, it is very difficult to support homomorphism computation and privacy leakage in block chain application system to study the secure and efficient de-centralization outsourcing computer system which supports homomorphism computation. Finally, according to the way of accounting, block chain can be divided into UTXO-based block chain and account-based block chain.
Since the miners in the account-based block chain need to update the dynamically changing balance in real time, the transaction amount hiding mechanism of the block chain has certain difficulties. Therefore, the block chain platform that provides the amount hiding function at present is the block chain based on UTXO, and the block chain platform based on account records all transactions in plain text. Therefore, the study of block chain transaction amount hiding mechanism can make up for the lack of transaction amount hiding mechanism in the existing block chain technology center.
4.3Confidential Transaction Agreement
Before introducing confidential transactions, let’s look at the trading model of Bitcoin’s UTXO (unspent transaction output).
UTXO is a very fancy concept that can simply be understood as a large envelope with an indefinite amount of legal currency, but can be used only once. In this large envelope, it may contain a penny, but it may also contain ten thousand yuan. In any case, the system sets the conditions under which the envelope will not be used again once it is unsealed. In the transfer transaction, after the miner’s fee and the transaction amount have been paid, there will usually be a zero-change situation, so each transaction will produce two new transaction output UTXO: 1) the transaction amount of the receiver; 2) change from the transfer party.
Here’s an example to illustrate the trading process.
If Alice needed to transfer $1 to Bob, the traditional transaction process would have the following record: Alice: - $1, Bob: + $1. In Bitcoin, however, it is not the same. BTC transactions are made by the sender constructing a set of inputs and a set of outputs. Therefore, the working principle of Bitcoin is as follows: Alice wants to send 1 BTC to Bob. The network does not simply deduct one Bitcoin from Alice’s wallet, but first find a set of input UTXOs that can be used to pay the transaction amount and the miner’s packing fee from your wallet, and then generate a new set of UTXOs for transaction output (Alice’s change and Bob’s received transaction amount) .
At this moment, if the following three UTXOs have been found> 1.1 BTC:
UTXO 1: 0.1 BTC
UTXO 2: 0.25 BTC
UTXO 3: 0.8 BTC Totally 1.15 BTC
With these three UTXO forms three inputs, and then two transaction outputs are generated:
- Bob receives:1 BTC
- Alice got changes: 0.05 BTC final miner’s fee: 0.1 BTC
After the transaction is completed, these three UTXOs of Alice will be spent, which means that these three envelopes will no longer be usable, and two new UTXOs, namely, two large unopened envelopes will be generated:
1)Bob’s large envelope: get 1BTC;
2)Alice’s large envelope: change 0.05 BTC.
In a bitcoin network, to complete a transaction, you need to use a private key signature algorithm to unlock all the inputs and create a public-key output script, in which the ECDSA signature cannot be multiple-signed, and each input and output is accompanied by a corresponding cost, while the subsequent Schnorr signature we’ll talk about solves this problem, ECDSA can’t compare with in terms of smaller byte space, speed optimization and more considerable advantages of multi aggregate signature.
Confidential Transaction (also known as CT). The core idea of Confidential Transaction is to hide the transaction amount with Pedersen Commitments. While ensuring privacy, it must also be verifiable. And in order to pursue performance and efficiency, multi-signature and more expansibility in the future, we use Schnorr Signature technology to complete the transaction. The core of the Confidential Transaction is the public-private key principle of ECC, which has the property of adding homomorphic encryption, and then the multi-signature algorithm of Schnorr is completed together.
Here, Pedersen Commitments represent all the inputs and outputs of the transaction amount v which is a public key. How does this public key come about?
First, in order to convert the amount v (we call this v the private key) into a public key, it needs to be multiplied by a generator point (public key generator) on an ECC elliptic curve group to complete the conversion. Here we provide Several corresponding public key generators:
1)The first is the generating point H of the amount v,
2)To prevent violent cracking, we add the random number r, so we have the random number of the public key generator G point
Therefore, a complete commitment formula is: r * G + v * H.
Because of the presence of r, both the transferer and the receiver have different r_s and r_r, which will result in the result not necessarily equal to 0, which is not consistent with the result of the zero-knowledge proof algorithm. In order to ensure that both sides of the equation are balanced, we have added an excess value (remainder), which can be regarded as the private key of the entire transaction:
excess_value * G = kernel_excess is the public key for the whole transaction. Any transaction must conform to: sum (outputs) - sum (inputs) = kernel_excess
We also added an offset value (offset) to the formula to further increase stealth and improve the overall Confidential Transaction. Its main purpose is to solve the problem of finding the input and output of the corresponding transaction from the input and output of the entire block through kernel_excess. To eliminate this correlation, we add an offset to each transaction, making the formula as follows:
offset * G = kernel_offset,
kernel_excess + kernel_offset = sum(inputs_commitments)
-sum(outputs_commitments)
When packing a block, the kernel_offsets of all transactions in the entire block are added up to become a total kernel_offsets. This total kernel_offsets can verify the legality of transactions in the block, and it can also hide the kernel_offset of individual transactions to eliminate the correlation, which is what CoinJoin does.
Well, the transaction is basically completed. In the last step, in order to avoid the negative number of the transaction amount, we can’t fabricate it out of thin air. We have added a range proof in each output (new UTXO) correspondingly-Bulletproofs to prove the amount The integer range of is 0-264-1. Since each output has to be accompanied by Bulletproofs, it’s very valuable for data on the block, and we’ve optimized the Bulletproofs for a quantized level of byte optimization. When there is only one Bulletproofs, it needs to occupy 674 bytes of the block, but for each additional one, the number of bytes only increases by 64 bytes!
In general, a transaction has only two outputs (change and transaction amount), so the number of bytes is only 738, plus input takes up quite little space, no transaction address and no script, together with a very small kernel for saving fees and extensibility, we have strict control over the space occupied by each transaction so that a 1MB block can accommodate at least 1000 + transactions.
Since each transaction output has to carry Bulletproofs, in order to further optimize block synchronization in the network, we also cut the spent UTXO accordingly, which can greatly reduce the time consumption of synchronization.
4.4Dandelion Spreading Protocol
The main purpose of the Dandelion Spreading Protocol is also to improve the privacy of bitcoin transactions, knowing that the spread of bitcoin transactions does not hide the source of transactions well, and that every time a transaction is made, it is made public to nodes across the network, so people can trace it back to the original node. The dandelion is a new transaction broadcast mechanism that aims to confuse the IP addresses of bitcoin transactions. Like the stem and fluff contained in the petals of the dandelion, the Dandelion Spreading Protocol is broadcast to the network in two stages: the “Stem” phase (the transaction is confused) and the “fluff” phase (the broadcast). Each node in the “stem” phase passes the transaction to a single randomly selected peer node. Depending on a fixed probability, the transaction is transferred to a “fluff” mode, which is then communicated using a normal broadcast, and it becomes challenging to map it back to the original node because the random nodes in the initial phase are confused, which prevents the monitoring node from using dandelion to map the transaction back to the original address. EIDchain deal broadcast uses the Dandelion Spreading Protocol, which hides the sender’s original IP well.
Figure 2 Dandelion Spreading Protocol
4.5De-centralization of Coinjoin Mechanism
The coinjoin process of the de-centralization coinjoin scheme is realized by the coinjoin protocol, which does not require the participation of third-party nodes. The first de-centralization scheme was the CoinJoin mechanism proposed by Gregory Maxwell at the Bitcoin Forum. The core idea of the CoinJoin mechanism is to hide the relationship between input and output by merging multiple transactions into one transaction. As shown in Figure 4, when there is only one input address and one output address in a transaction, the attacker can directly observe the relationship between the two parties of the transaction, while under the CoinJoin mechanism, several single input-one output transactions are merged into one multiple input-one output transaction, and the two sides of the transaction are changed from two separate addresses to a set of two addresses. For a multi-input-multi-output transaction, the potential attacker cannot confirm the correspondence between input and output by observing the transaction information. Typically, the CoinJoin mechanism requires a third-party server to collate all coinjoin applicants for signature. In a CoinJoin transaction, each user completes his or her signature independently, and the transaction can be judged legal and accepted by the network only if all the signatures are provided and merged. This de-centralization mechanism eliminates the involvement and confusion of third-party service providers, coinjoin process is completed with the joint participation of all the coinjoin users, thereby effectively avoiding the risk of third-party theft and disclosure of the coinjoin information.
CoinJoin is the basis of the de-centralization mechanism, and its ideas are used in a variety of anonymous bitcoin protocols.
Figure 3 Decentralization of Coinjoin Transaction Mechanism
4.6Range Proof and Multiple Signature Technology
In the previous confidential transaction agreement, we have introduced the Bulletproofs technology in EID chain and Schnorr signature technology, so we don’t say much about it.
4.7Scalable transaction pool technology
For every transaction on the EIDchain, it has no transaction address. We use transaction pool technology that cleverly remove the wallet’s transaction address. This transaction pool is maintained on every node. The specific technology is as follows: After each wallet is online, all its transaction channels will be sent to the node to request transaction subscription, and the subscription will be automatically cancelled once it is offline. This transaction pool is designed to bring more ecological scalability to the future.
- Future application scenarios
Privacy protection is strongly demanded by individuals and organizations in the real world, especially in the digital world. The main contribution of this paper lies in the privacy of the transaction amount of block chain, combined with the cryptographic technologys such as scope proof, Pedersen Commitments and zero-knowledge proof, the hiding mechanism of the transaction amount of block chain is proposed, including the process of building account of privacy coin and the process of privacy coin payment. This mechanism is the first to realize the hidden function of block chain transaction amount, and it makes up for the lack of transaction amount hiding mechanism in the existing block chain technology center. The transfer amount and user balance are hidden in a real-time, secure and verifiable manner. Research and application of block chain technology can realize the blockization of private data, the decentralization of structure, the hierarchization of information and the management of smart contracts, the establishment of a three-dimensional and full life cycle protection model, and a new trustless management mechanism to solve the problem of preventing privacy leakage , anti-tampering, evidence traceability and other privacy protection requirements.
5.1Financial Legal Privacy
The scope of legal use of financial privacy is vast, and most transactions in the world require financial privacy. It is not reasonable for the assets of digital world-related accounts and the privacy data of transactions to be exposed to everyone through transaction records stored in block chains.
In the real world, the thorny issue we encounter related to financial privacy may be this: a company wants to protect a supply chain information that is not known to competitors, and a person does not want the public to know that she is seeking a bankruptcy lawyer or divorce with the consulting fees paid by lawyers, a wealthy person does not want to let potential criminals know his whereabouts, and buyers and sellers of different commodities want to avoid transactions being cut off by their intermediary companies. At the same time, for those investment banks, hedge funds and other (securities, bonds, derivatives) trading types of financial entities, if others can find out where they are or what they intend to do, and the exposure of that information will put the deal executors at a disadvantage and affect their profitability.
However, in the smart contract, the complete sequence of financial behavior will be spread through the network and recorded in the block chain, so it is open and transparent, because their financial transactions (such as insurance contracts or stock trading) are highly confidential, many people based on the details of certain terms of the transaction may have required the information protection of the parties, but now they cannot be done due to the openness and transparency of the block chain. Therefore, for those individuals and enterprises who do not want to be known about their financial situation, the lack of privacy protection is the main obstacle to the widespread adoption of de-centralization smart contracts, the lack of privacy protection technology has become the bottleneck of the popularization of de-centralization applications, and the development of technology in related fields has attracted public attention.
5.2Supply Chain System
Block chain can solve the problem of transaction voucher and traceability in the supply chain system, simplify the difficulty of enterprise management in the supply chain, and provide corresponding solution to the financing of upstream and downstream enterprises. However, if sensitive data such as prices and goods are put on the chain, companies will leak commercial secrets. This is a huge problem for the previous block chain. Now, by solving the problems of block chain privacy and encryption, the business can be completely resolved. The problem of confidential disclosure, at the same time, allows all participating parties to enjoy the benefits brought by the application of the block chain system.
.
5.3Enterprise Management
Block chain technology is trustless, the application of it in the privacy protection of the Internet of Things will cause a change in the management mechanism, that is, from centralization management to de-centralization or weak centralization, the system management personnel and other insiders to divulge privacy opportunities are greatly reduced.
At the same time, for any business operations and transactions, block chains are recorded in chronological order, and anti-tampering, evidence traceable, without third-party supervision, reducing the opportunity for customers, businesses and third parties to divulge privacy information. In management, it is not to strengthen the restriction measures of nodes, but to strengthen the design of consensus mechanism and incentive mechanism to attract more nodes to join. While improving the balance of mutual constraints between nodes, it also enhances computation and storage capabilities and saves more costs.
6. Conclusion
In general, personal data and sensitive data should not be trusted by third parties, because third parties are vulnerable to attack and misuse. In the future, this is even more important when global human information data is stored in block chain. Based on the block chain technology, this paper tries to use the scheme of technology combination to realize privacy. We have made a series of improvements based on the concept of bitcoin and other privacy coins, resulting in a de-centralised and more anonymous network of encrypted digital currencies designed to create an unlimited and secure network of privacy values.
References
[1] J Zarrin,LA Rui,JP Barraca.Resource discovery for distributed computation systems: A comprehensive survey[J].Journal of Parallel and Distributed computation,2018(113):1-45.
[2] M0NAC0J V. Identifying Bitcoin users by transaction be havior[C]// The SPIEDSS, ApriI 20-25,2015, Baltimore, USA. Baltimore:SPIE,2015.
[3] [27] Maxwell, Gregory. CoinJoin: bitcoin privacy for the real world, 2013: 1-13.
[4] ANTONOPOULOS A M.Mastering bitcoin: unlocking digital cryp-to-currencies[M]. O 'Reilly Media, Inc.2014:25-36.
[5] MILLER A, BENTOV I, KUMARESAN R, et al. Sprites: payment channels that go faster than lightning[J]. 2017:1-23.
[6] ZHANG Y, WEN J. The IoT electric business model: using blockchain technology for the Internet of things[J]. Peer-to-Peer Networking and Applications, 2017, 10(4): 983-994.
[7] VALENTA L, ROWAN B. Blindcoin: blinded, accountable mixes for bitcoin[C]//International Conference on Financial Cryptography and Data Security. Springer, Berlin, Heidelberg, 2015: 112-126.