基于區(qū)塊鏈的零知識(shí)位置證明方法研究
doi: 10.11999/JEIT191054
-
1.
武漢大學(xué)空天信息安全與可信計(jì)算教育部重點(diǎn)實(shí)驗(yàn)室 武漢 430072
-
2.
武漢大學(xué)國(guó)家網(wǎng)絡(luò)安全學(xué)院 武漢 430072
-
3.
測(cè)繪遙感信息工程國(guó)家重點(diǎn)實(shí)驗(yàn)室 武漢 430072
-
4.
矩陣元技術(shù)(深圳)有限公司 深圳 518000
Zero-knowledge Location Proof Based on Blockchain
-
1.
Key Laboratory of Aerospace Information Security and Trusted Computing Ministry of Education, Wuhan University, Wuhan 430072, China
-
2.
School of Cyber Science and Engineering, Wuhan University, Wuhan 430072, China
-
3.
State Key Laboratory of Information Engineering in Surveying, Mapping and Remote Sensing, Wuhan 430072, China
-
4.
Juzix Technology, Shenzhen 518000, China
-
摘要: 地理位置虛擬軟件泛濫、民用衛(wèi)星定位信號(hào)易模擬或篡改,致使地理位置可信認(rèn)證難以實(shí)現(xiàn)。針對(duì)已有位置證明方案采用中心化架構(gòu)存在單點(diǎn)失效和易引起集中攻擊等安全風(fēng)險(xiǎn),該文引入去中心化范式思路,利用區(qū)塊鏈具有的去中心化、不可篡改、可追溯等特點(diǎn),并結(jié)合零知識(shí)證明協(xié)議,提出了基于區(qū)塊鏈的零知識(shí)位置證明方法,實(shí)現(xiàn)了以去中心化、保護(hù)隱私、高度準(zhǔn)確、審查抵制的地理位置認(rèn)證服務(wù),從而確保用戶所提供位置的準(zhǔn)確性。該方法不僅能消除中心化位置證明的弊端,確保位置數(shù)據(jù)的機(jī)密性,而且被證明位置數(shù)據(jù)一旦上鏈后不可篡改,實(shí)現(xiàn)了不可抵賴性。測(cè)試分析結(jié)果表明:完整的證明流程(包含證明生成驗(yàn)證和上鏈全過(guò)程)實(shí)際測(cè)試每次平均用時(shí)約5 s,其中證明生成和驗(yàn)證的總耗時(shí)是50.5~55.5 ms。因此,算法具有較好的性能開銷,可滿足實(shí)際應(yīng)用需求。
-
關(guān)鍵詞:
- 位置證明 /
- 區(qū)塊鏈 /
- 零知識(shí)證明 /
- 智能合約
Abstract: Due to the proliferation of geographic location virtual software and the easy simulation or tampering of civil satellite positioning signals, it is difficult to realize the trusted authentication of geographic location. In view of the security risk of single-point failure in the existing location certification scheme using centralized architecture, a zero-knowledge location certification method based on blockchain is proposed, combining with zero knowledge certification protocol, to achieve a decentralized, privacy protected, highly accurate, review offset geographic location certification service, so as to ensure the accuracy of the location provided by users. This method not only ensures the confidentiality of the location data, but also proves that the location data can not tamper once it is linked. The results of the test analysis show that the average performance of the whole proving process is about 5 s/time, and the total time of proof generation and verification is 50.5~55.5 ms. Therefore, the algorithm has better performance overhead, which can meet the actual application requirements.-
Key words:
- Location proof /
- Blockchain /
- Zero-knowledge proof /
- Smart contract
-
表 1 零知識(shí)證明生成算法1
輸入:證明者和見證者的經(jīng)度、緯度和海拔、與以見證者位置為圓心的半徑$R$, 輸出:零知識(shí)證明結(jié)果${\rm{pf}}$; (1) 挑選隨機(jī)大數(shù)$a,{b_1},{b_2},{b_3},{b_4},{b_5},{e_1},{e_2},{e_3},{e_4},{f_1},{f_2},{f_3},{f_4},k,{l_1},{l_2},{l_3},{l_4},n,{q_1},{q_2},s$; (2) ${\alpha _1},{\alpha _2},{\alpha _3} \leftarrow $經(jīng)緯度海拔之差,$D \leftarrow {\rm{getDis}}({\alpha _1},{\alpha _2},{\alpha _3})$; (3) if ${R^2} \ge {D^{\rm{2} } }$ do //判斷是否在圓內(nèi) (4) 挑選兩個(gè)大素?cái)?shù),相乘得到N,并舍棄掉兩個(gè)素?cái)?shù);
(5) $\displaystyle\sum\nolimits_{i = 1}^4 {c_i^2} \leftarrow {R^2} - {D^2}$;${d_1} \leftarrow \displaystyle\sum\nolimits_{i = 1}^3 {e_i^2} + \displaystyle\sum\nolimits_{i = 1}^4 {f_i^2} (od N)$;(6) ${d_2} \leftarrow \displaystyle\sum\nolimits_{i = 1}^4 { {c_i}{f_i} } + \displaystyle\prod\nolimits_{i = 1}^3 { {e_i}{\alpha _i} } (od N)$;$m \leftarrow b_4^n \displaystyle\prod\nolimits_{i = 1}^4 {l_i^{ {f_i} } } (od N)$; (7) $g \leftarrow \displaystyle\prod\nolimits_{i = 1}^4 {b_i^{ {e_i} } } (od N)$;$h \leftarrow b_4^k \displaystyle\prod\nolimits_{i = 1}^4 {l_i^{ {c_i} } } (od N)$; (8) $p \leftarrow b_4^{ - {d_1}}b_5^{{q_1}}(od N)$;$r \leftarrow b_4^{ - 2{d_2}}b_5^{{q_2}}(od N)$; (9) ${x_i} \leftarrow s \cdot {\alpha _i} + {e_i}(od N)(i = 1,2,3)$,${x_4} \leftarrow s \cdot a + {e_4}(od N)$; (10) ${\beta _i} \leftarrow s{c_i} + {f_i}(od N)(i = 1,2,3,4)$;$A \leftarrow \displaystyle\prod\nolimits_{i = 1}^3 {b_i^{ {\alpha _i} } } b_4^a(od N)$; (11) $\gamma \leftarrow sk + n(od N),\lambda \leftarrow s{q_1} + {q_2}(od N)$; (12) ${\rm{pf}} \leftarrow \{ N,A,s,{b_i},{x_i},g,R,{\beta _i},\lambda ,p,r,\gamma ,h,{l_i},m\} $; (13) else (14) ${\rm{pf}} \leftarrow {\rm{\{ \} }}$. 下載: 導(dǎo)出CSV
表 2 零知識(shí)證明驗(yàn)證算法2
輸入:零知識(shí)證明${\rm{pf}}$, 輸出:驗(yàn)證結(jié)果$R$; (1) ${v_1} \leftarrow {A^{ - s} }\displaystyle\prod\nolimits_{i = 1}^4 {b_i^{ {x_i} } } (od N)$; (2) if ${v_1}! = g$ do (3) $R \leftarrow F$;//返回驗(yàn)證失敗
(4) ${v_2} \leftarrow {s^2}{R^2} - \displaystyle\sum\nolimits_{i = 3}^3 {x_i^2} - \displaystyle\sum\nolimits_{i = 1}^4 {\beta _i^2}$;
${v_3} \leftarrow b_4^{{v_2}}b_5^\lambda (od N)$;(5) if ${v_3}! = {\rm{p}}{{\rm{r}}^s}(od N)$ do
(6) $R \leftarrow F$;(7) ${v_4} \leftarrow b_4^\gamma {h^{ - s} }\displaystyle\prod\nolimits_{i = 1}^4 {l_i^{ {\beta _i} } } (od N)$; (8) if ${v_4}! = m$ do (9) $R \leftarrow F$; (10) $R \leftarrow T$;//返回驗(yàn)證通過(guò)。 下載: 導(dǎo)出CSV
-
ZHU Zhichao and CAO Guohong. APPLAUS: A privacy-preserving location proof updating system for location-based services[C]. 2011 IEEE INFOCOM, Shanghai, China, 2011: 1889–1897. doi: 10.1109/INFCOM.2011.5934991. ZHU Zhichao and CAO Guohong. Toward privacy preserving and collusion resistance in a location proof updating system[J]. IEEE Transactions on Mobile Computing, 2013, 12(1): 51–64. doi: 10.1109/TMC.2011.237 ZHENG Yao, LI Ming, LOU Wenjing, et al. SHARP: Private proximity test and secure handshake with cheat-proof location tags[C]. The 17th European Symposium on Research in Computer Security - ESORICS, Pisa, Italy, 2012. doi: 10.1007/978-3-642-33167-1_21. LUO Wanying and URS Hengartner. Veriplace: A privacy-aware location proof architecture[C]. The 18th SIGSPATIAL International Conference on Advances in Geographic Information Systems, San Jose, USA, 2010: 23–32. doi: 10.1145/1869790.1869797. SCHUMMER J and VOHRA R V. Strategy-proof location on a network[J]. Journal of Economic Theory, 2002, 104(2): 405–428. doi: 10.1006/jeth.2001.2807 LI Yi, ZHOU Lu, ZHU Haojin, et al. Privacy-preserving location proof for securing large-scale database-driven cognitive radio networks[J]. IEEE Internet of Things Journal, 2016, 3(4): 563–571. doi: 10.1109/JIOT.2015.2481926 KHAN R, ZAWOAD S, HAQUE M M, et al. ‘Who, When, and Where?’ Location proof assertion for mobile devices[C]. The 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy XXVIII, Vienna, Austria, 2014: 146–162. doi: 10.1007/978-3-662-43936-4_10. 李佩麗, 徐海霞. 區(qū)塊鏈用戶匿名與可追蹤技術(shù)[J]. 電子與信息學(xué)報(bào), 2020, 42(5): 1061–1067. doi: 10.11999/JEIT190813LI Peili and XU Haixia. Blockchain user anonymity and traceability technology[J]. Journal of Electronics &Information Technology, 2020, 42(5): 1061–1067. doi: 10.11999/JEIT190813 NAKAMOTO S. Bitcoin: A peer-to-peer electronic cash system[EB/OL]. http://bitcoin.org/bitcoin.pdf, 2009. FOUNDATION E. Ethereum: Blockchain app platform[EB/OL]. https://ethereum.github.io/yellowpaper/paper.pdf, 2019. YOUSSEF J R, ZACHAREWICZ G, and CHEN D. Developing an Enterprise Operating System (EOS) - requirements and architecture[C]. The 25th IEEE International Conference on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE), Paris, France, 2016: 130–135. doi: 10.1109/WETICE.2016.36. PlatONE Corp. PlatONE_Whitepaper[EB/OL]. https://platone.juzix.net/static-new/pdf/zh/PlatONE_Whitepaper_ZH.pdf, 2019. TROUW A, LEVIN M, and SCHEPER S. The XY oracle network: The proof-of-origin based cryptographic location-network[EB/OL]. https://docs.xyo.network/XYO-White-Paper.pdf, 2018. Foamspace Corp. FOAM whitepaper[EB/OL]. https://www.foam.space/publicAssets/FOAM_Whitepaper.pdf, 2018. NASRULIN B, MUZAMMAL M, and QU Qiang. A robust spatio-temporal verification protocol for blockchain[C]. The 19th International Conference on Web Information Systems Engineering, Dubai, United Arab Emirates, 2018: 52–67. 馮登國(guó), 張敏, 李昊. 大數(shù)據(jù)安全與隱私保護(hù)[J]. 計(jì)算機(jī)學(xué)報(bào), 2014, 37(1): 246–258. doi: 10.3724/SP.J.1016.2014.00246FENG Dengguo, ZHANG Min, and LI Hao. Big data security and privacy protection[J]. Chinese Journal of Computers, 2014, 37(1): 246–258. doi: 10.3724/SP.J.1016.2014.00246 曹素珍, 王斐, 郎曉麗, 等. 基于無(wú)證書的多方合同簽署協(xié)議[J]. 電子與信息學(xué)報(bào), 2019, 41(11): 2691–2698. doi: 10.11999/JEIT190166CAO Suzhen, WANG Fei, LANG Xiaoli, et al. Multi-party contract signing protocol based on certificateless[J]. Journal of Electronics &Information Technology, 2019, 41(11): 2691–2698. doi: 10.11999/JEIT190166 -