Multi-party password distribution method based on secret sharing
By combining Shamir's (t,n) secret sharing scheme and biometric identification technology with blockchain and IPNS systems, secure distribution of multi-party codebooks was achieved, overcoming the limitation of one-to-one communication in covert communications and ensuring both security and efficiency.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- SONGSHAN LAB
- Filing Date
- 2023-07-10
- Publication Date
- 2026-07-03
AI Technical Summary
Existing covert communication methods can only conduct one-to-one communication, and cannot achieve secure distribution of codebooks from one party to multiple parties. Furthermore, there is the problem of untrustworthy secret distributors and participants.
This paper employs a Shamir-based (t,n) secret-sharing scheme and biometric identification technology, combined with a blockchain network and the IPNS system, to achieve secure distribution of multi-party codebooks. Specific steps include biometric collection, hash value calculation, secret segmentation, ring signature, codebook upload and recipient biometric identification, secret share recovery, and public key download.
It enables secure one-to-many codebook distribution, solves the untrust issues that may arise in traditional secret sharing, ensures the security and efficiency of the secret sharing process, and avoids fraudulent activities.
Smart Images

Figure CN117097463B_ABST
Abstract
Description
Technical Field
[0001] This invention relates to a method for distributing codebooks, and more specifically to a method for distributing codebooks to multiple parties based on secret sharing. Background Technology
[0002] With the development and advancement of network technology and the increasing informatization of society, information transmission has become a focus of attention for many. However, information leaks occur frequently, leading to the illegal theft of confidential information, thus information security has received widespread attention. Cryptography provides security, authenticity, and integrity guarantees for the exchange of data. In network security management research, key management is a key aspect of ensuring communication and information security. Once the key to important information is inadvertently leaked or lost, it can cause irreparable damage. Secret sharing is an important tool for protecting information. It originated from Shamir's 1979 article "How to Share Secrets," published in *Computer Communications*, which proposed a multi-dimensional spatial point (t,n) threshold distributed management scheme based on Lagrange interpolation and Blakley's published "Secure Protection of Encryption Keys" (Management Requirements Knowledge, International Symposium. Computer Society, 1979: 313-313). Initially developed to address single point of failure and access control problems, it prevents privacy leaks caused by single point failures or lost keys.
[0003] The concept of secret sharing offers a new approach to solving key management problems. By dividing the key into multiple sub-secrets and storing them in multiple locations, the security risks associated with centralized key storage are prevented. In the (t,n) threshold secret sharing scheme, a specific number of participants must pool their sub-secrets to reconstruct the original secret message; otherwise, no valid information can be obtained. Early secret sharing methods required both the key distributor and the recipient to be honest.
[0004] Simmons' article "Shared Secrets and / or Shared Control Schemes and Their Applications" (Contemporary Cryptography, 1991(1):441-497) proposed a scheme for sharing multiple secrets using missiles as an example. Managing the missile launch password ensures the missile's secure launch, but each participant needs to store a large number of secret shares. Furthermore, since only one secret can be reconstructed at a time, the large number of secret shares becomes difficult to manage when multiple missiles need to be launched simultaneously, resulting in low efficiency in reconstructing secrets. He et al.'s article "Multistage Secret Sharing Based on One-Way Functions" (Electronic Communications, 1994, 30(19):1591-1592) proposed a multistage secret sharing scheme based on one-way functions, which can share multiple secrets at once. Each participant only needs to store one secret share, but it restricts the order of secret reconstruction. Later, a multi-secret sharing scheme was proposed to optimize the above scheme. The order of secret reconstruction can be changed, and the secret shares of the distributor can be reused, improving the efficiency of secret sharing. Pang Liaojun et al.'s article "Multiple Secret Sharing Scheme Based on General Access Structure" (Computer Research and Development, 2006, 43(1): 33-38) proposed a verifiable multiple secret sharing scheme, which is based on the security of the Shamir threshold scheme and RSA cryptosystem. Participants can choose their own secret share, which improves the efficiency of secret sharing. KAYA K et al. proposed a verifiable secret sharing (VSS) scheme without distributors based on the Chinese remainder theorem (CRT). Participants can prevent dishonest behavior by secret distributors. It uses the range proof technique proposed by Benaloh, but the verification computation is large. Xue et al. first proposed a secret sharing scheme without distributors based on linear projection. This scheme has low communication cost and simple computation, and can avoid deception by participants. The article "A Distributed ECC-DSS Authentication Scheme Based on CT-VSS and Trusted Computing" (2012, IEEE, 2012: 656-665) by Lu et al. proposes a distributed key storage scheme based on CRT-VSS and trusted computing for mobile ad hoc networks, utilizing CRT. This scheme solves the fraud problem of distributors and participants, and the selection of trusted authentication nodes can eliminate the possibility of traditional DoS and fault attacks. Yang et al. proposed a threshold scheme for verifiable secret shares without a trusted center, based on CRT. In this scheme, members obtain their respective secret shares by exchanging shadows of secret shares, avoiding fraud that may arise from a trusted center and preventing deception among participants.Rong Huigui et al. proposed a key distribution and recovery algorithm based on Shamir secret sharing to address the situation where there may be more than t participants in the secret recovery process. They introduced a Lagrange factor to recover the secret and extended it to a multi-secret sharing scheme, which ensured the security of sub-secrets and prevented participants from engaging in internal deception.
[0005] The article "A Generative Blockchain Covert Communication Model Based on Markov Chain" published by She Wei et al. (Journal of Communications, 2022, 43(10): 121-132.) proposes a generative blockchain covert communication model MC-GBCC. However, this scheme has problems with text dataset exchange and security issues with codebook distribution. Moreover, the original covert communication can only be carried out one-to-one, and cannot realize one-to-many communication. Therefore, the secret sharing process may lead to the untrustworthiness of the secret distributor and participants, resulting in fraud in the secret sharing process. Summary of the Invention
[0006] The technical problem to be solved by this invention is how to solve the problem that the original covert communication can only be carried out one-to-one, so a method for distributing multi-party codebooks based on secret sharing is provided.
[0007] To solve the above problems, the present invention adopts the following technical solution:
[0008] A method for distributing multi-party codebooks based on secret sharing, including the sending and receiving processes;
[0009] The sending process is as follows: the sender initiates a request to the codebook. secret Distribution, expected to be sent to t Bit receiver:
[0010] (1) For including t Biometrics of all potential recipients, including the expected recipient, will be collected.
[0011] Fa(u i ) = face(photo(lu i )), lu i ∈LU (1)
[0012] in, face(x) Indicates extraction of biometric features x And store it. photo(x) Indicates to x Collecting and organizing facial photos, lu i Representing potential recipients, set LU This represents the set of users who are the sender and all potential receivers, i.e. LU ={lu 1, lu 2 ,…, lu m } ;
[0013] (2) All potential recipients lu i All have private serial numbers num i and the private number num i The value generated by the pseudo-random number generator and used as a seed are compared with the value generated by the receiver. lu i biological characteristics Fa(lu i ) The corresponding user's hash value is obtained by performing a hash function calculation. hash i ,Right now
[0014] hash i =h(Fa(u i ), random(num i )) (2)
[0015] in, random(x) Indicated by x Used as a seed to generate pseudo-random numbers h(x) Indicates to x Perform hash function calculation;
[0016] Step (3): Take the corresponding user hash value obtained in step (2) hash i Published on public networks for possible future distribution of the codebook;
[0017] (4) The sender hashes the public key. pu_key and t The expected hash value of the receiver. hash i The parts are spliced together and then secretly divided as a secret, that is...
[0018] ShamirGen(join(pu_key, hash 1 , …, hash t ) (3)
[0019] → key 0 ,…, key t
[0020] in, ShamirGen(x)Indicates the use of Shamir (t,n) Secret sharing schemes for secrets x Perform secret partitioning. join(x,y, …) This indicates the elements in parentheses. x,y,…. Perform splicing, and the splicing method should not disrupt the elements. x Given the overall order, randomly select each subsequent complete element. y Insertion elements x At any position, it will not simultaneously affect the subsequent complete element. y Separate; and key i This represents the secret share resulting from secret partitioning. i The value can be { i | i∈N,0 ≤ i ≤ t}, the secret share key i Distributed to t Expected recipient u j , j The value can be { j | j∈N * ,1 ≤ j ≤ t}, and the expected set of recipients U With the potential receiver set in step (1) LU The relationship is U⊆ LU At the same time, the secret share after division key i Compared with the user hash value in step (2) of the expected recipient hash i It is a one-to-one correspondence;
[0021] (5) The sender will send all the user hash values of the expected receivers. hash i The passwordbook is published on the blockchain network via ring signature in the form of a transaction, informing the corresponding recipient to receive it.
[0022] M = message(hash 1 ,…, hash t ) (4)
[0023] in, message(x) Indicates information x The transaction is published to the blockchain network in an agreed manner, and the recipient periodically searches the blockchain network for transactions.
[0024] (6) The sender will send the password book secret Using private key pr_key Upload it to the IPNS system, that is
[0025] post(pr_key, secret, time) (5)
[0026] in, post(x,y,z) Indicates the use of private key x Resources y Uploaded to the IPNS system, and the resource is valid for a limited time. z The IPNS system supports setting the validity period of resource packets. time ;
[0027] (7) Each recipient user who receives the password book notification shall perform biometric identification, i.e.
[0028] face_bool i = bool(Fa(u i ),photo(u i ´) ,λ ) (6)
[0029] Where, i∈{ 1,2,…,n}; u i ´ Indicates the user currently executing the receiving process; bool(x,y) This indicates the biometrics already stored during the pre-process. x Compared to the current collection of facial photos from users y Perform matching and comparison; if a match is successful, it means... u i ´ ∈ U This means that the user belongs to the potential recipient group. U Proceed to the next step; otherwise, terminate the process of receiving the password book for this user. λ represents the biometric identification fault tolerance rate.
[0030] (8) Each recipient uses its own private number num i The value generated by using it as a seed in a pseudo-random number generator is related to its own biological characteristics. Fa(u i ) Hash values for each user are obtained by performing hash function calculations. hash i ,Right now
[0031] hash i =h(Fa(u i ), random(num i )) (7)
[0032] and the individual's user hash value hash i The hash value is compared with the expected user's hash value in the public network sent by the sender. If the comparison is successful, it means that the sender belongs to the expected recipient and the receiving process continues. Otherwise, it means that the sender belongs to the potential recipient but not the expected recipient and the process is terminated.
[0033] (9) Parties who participate in the acceptance process and pass the verification in step (7) may extract the secret share allocated to them. key i ,Right now
[0034] K´ = get_key(u i ´) (8)
[0035] Where, i∈{ 1,2,…,n}; get_key(x) Indicates the extraction of the currently executing receiving process user. u i ´ The secret share and placed in the set K´ middle;
[0036] (10) All extracted secret shares are centrally determined. The centralization process is randomly assigned to one of the server groups. Each secret share holder signs the secret and sends it to the blockchain network. All servers know the identity of each secret holder in advance through the blockchain network and centralize the secret shares by continuously searching the network.
[0037] res_bool = b(s(K´)) (9)
[0038] in, b(x) Indicates an attempt to perform an operation. x If successful, output True And save the operation. x If the result is correct, proceed to the next step; otherwise, output the result. False And terminate the receiving process; operation s(K´) Represents the set of secret shares K´ Elements in (t,n) The secret recovery process of the secret sharing; if this step is executed successfully, then at this time... res_bool The content stored therein should be the public key hash. pu_key The hash values of all recipients were concatenated. hash i The content, namely
[0039] res_bool = join(pu_key,hash 1 ,…, hash t );
[0040] (11) Collect the user hash values of all recipients in step (8). hash i And attempt to recover the public key hash pu_key´ ,Right now
[0041] pu_key´ = join -1 (res_bool,hash 1 ,…, hash t ) (10)
[0042] in, join -1 (x,y, …) Indicates that the elements are not to be shuffled. x Try to arrange each subsequent complete element within the overall order. y From element x Delete at any position; for the data obtained in step (11) pu_key´ To determine the number of digits, that is...
[0043] bool = judge ( pu_key´,long (11)
[0044] in, judge(x,y) Indicates the element to be judged x Is the length of y If not, output FLASE and terminate the process; otherwise, continue the process. long The required length for the public key hash value;
[0045] (12) Each recipient u i ´ Hash the value using the distributed public key. pu_key´ Download and obtain the corresponding password book from the IPNS system. secret ,Right now
[0046] Secret = get(pu_key´) (12)
[0047] in, get(x) This indicates that the corresponding resource is downloaded from the IPNS system using the public key hash.
[0048] During the transmission process, facial recognition is used to collect the recipient's biometric features.
[0049] The present invention, employing the above technical solution, combines secret sharing technology and biometric identification to construct a codebook distribution scheme that can securely and efficiently distribute codebooks one-to-one or one-to-many, i.e., distribute text datasets used for Markov model training.
[0050] This invention proposes a secret-sharing-based codebook dataset distribution scheme. It employs the Shamir threshold scheme to address the security issue of codebook distribution, using a dynamically adjusted threshold to handle recipient entry and exit, thus overcoming the limitation of traditional covert communication being only one-to-one and enabling one-to-many communication. Furthermore, it utilizes biometric identification technology to address the potential for untrustworthy distributors and participants in traditional secret sharing, ensuring the security of the secret sharing process and preventing fraud. Attached Figure Description
[0051] Figure 1 This is an overall flowchart of the present invention;
[0052] Figure 2 Here is a flowchart of the sending process;
[0053] Figure 3 Here is a flowchart of the receiving process;
[0054] Figure 4 A graph showing the correspondence between users and their facial images;
[0055] Figure 5 For face capture during the receiving process;
[0056] Figure 6 A graph showing the time efficiency of face recognition;
[0057] Figure 7 A time efficiency graph for secret sharing in (t,n);
[0058] Figure 8 A graph showing the time efficiency of IPNS interactions during the upload process;
[0059] Figure 9 This is a graph showing the time efficiency of IPNS interactions during the download process. Detailed Implementation
[0060] The relevant technologies upon which this invention patent is based are as follows.
[0061] 1.1 Shamir Secret Sharing Solution
[0062] Before implementing a secret sharing scheme, secret information needs to be divided into... n share{ D 1, D 2,…, D n}, for each participant P i Distributing secret shares D i Only participants P i Only by collecting all the secret shares can the original secret information be obtained. For positive integers... t and n ,have t ≤ n When the distributor will n A secret share is allocated to the participants, with at least one... t The original secret information can only be reconstructed if each participant provides a secret share; otherwise, the secret information cannot be reconstructed.
[0063] Shamir's ( t, n The specific process of the threshold scheme is as follows:
[0064] Choose a finite field Z q ,in q Large prime numbers and q ≥ n Distributor F Random from a finite field Z q Selected from n Distinct non-zero elements x 1, x 2,…, x n Each non-zero element x i One participant P i and publicly x i and its corresponding P i .
[0065] Distributor F Random selection Z q On t -1st order polynomial f ( x )= a 0+ a 1 x + a 2 x +…+ a t-1 x t-1 Where, D= f (0)= a 0. F For allP i Secure distribution of secret shares D i Each secret share uniquely corresponds to one participant. D 1= f (1),…, D i = f ( x i ), D n = f ( x n ).
[0066] Any amount of secret share obtained t Number of participants { P 1, P 2,…, P t Send the sub-secret it holds to the secret reconstructor. R Using the Lagrange interpolation formula The original secret information can be calculated. D .
[0067] 1.2 Biometric Recognition Technology
[0068] This invention employs facial recognition technology as a biometric authentication method, which consists of face detection and face recognition. Face detection involves using algorithms to determine the presence and extent of a face in a captured image, and then cropping the location of the face. Face recognition, on the other hand, is the process of authenticating the detected face by comparing it with data in a face database using feature extraction algorithms.
[0069] The face recognition process can be divided into feature extraction and feature comparison. Feature extraction requires removing noise and distinguishing the most discriminative factors from numerous features. Commonly used face feature extraction methods include algebraic feature extraction, geometric feature extraction, elasticity model extraction, neural network extraction, and deformation model extraction. Among these, algebraic feature extraction based on linear projection and nonlinear discriminant analysis based on kernels are the mainstream methods in face recognition. Feature comparison involves using a trained model to extract face features into feature vectors, and then comparing them one by one with face images in a face database to output the face recognition result.
[0070] A typical face recognition system should include four modules: a face acquisition and detection module for locating the face in an image; a face image preprocessing module for performing tasks such as lighting compensation, grayscale transformation, and geometric correction on the image; a face image feature extraction module for extracting geometric descriptions of face coordinates and structural relationships; and a face image recognition module for matching and recognizing the face image with feature templates stored in a database.
[0071] 1.3 IPNS
[0072] The name of the Inter-Planetary Naming Service (IPNS) is a CID with a public-key multi-hash. IPNS records contain public and private key signatures, allowing anyone to verify whether a record was signed by the private key holder. Essentially, an IPNS name is a mutable pointer to an IPFS address. The InterPlanetary File System (IPFS) identifies files by hashing their content, meaning file addresses need to be updated based on content changes. Changing the content requires simultaneously updating the file address, limiting content updates. Therefore, using IPNS to create pointers to IPFS addresses allows the file's private key holder to update the file content without altering the file address.
[0073] The contents of this invention are as follows:
[0074] A method for distributing multi-party codebooks based on secret sharing, the distribution strategy process of which is as follows: Figure 1 As shown (assuming the sender distributes the codebook to receiver 1 and receiver 2), the strategy mainly consists of a sending process and a receiving process. This strategy combines the Shamir(t,n) threshold scheme, biometric identification technology, pseudo-random number generator, and IPNS system, which can solve to some extent the problem of exchanging text datasets used in Markov chain training in existing covert communication methods based on generative steganography. It also realizes one-to-many communication in covert communication. Furthermore, the design of biometric technology, the decision function in the distribution strategy, and the pseudo-random number generator enhances the security of secret distribution and reconstruction as well as user privacy, thereby raising the attack threshold for attackers while maintaining the efficiency of the strategy as much as possible.
[0075] The transmission process of this invention is as follows: the sender initiates a process to send a codebook. secret Distribution, expected to be sent to t The receiver is located at [number] bits, and the sending process is as follows: Figure 2 As shown, the specific steps are as follows:
[0076] (1) For including tThis strategy collects biometric data from all potential recipients, including the expected recipient, using facial recognition methods.
[0077] Fa(u i ) = face(photo(lu i )), lu i ∈LU (1)
[0078] in, face(x) Indicates extraction of biometric features x It collects and stores facial image features, including structural relationships, etc. photo(x) Indicates to x Collecting and organizing facial photos, lu i Representing potential recipients, set LU This represents the set of users who are the sender and all potential receivers, i.e. LU = {lu 1 , lu 2 ,…, lu m } .
[0079] (2) All potential recipients lu i All have private serial numbers num i and the private number num i The value generated by the pseudo-random number generator and used as a seed are compared with the value generated by the receiver. lu i biological characteristics Fa(lu i ) The corresponding user's hash value is obtained by performing a hash function calculation. hash i ,Right now
[0080] hash i =h(Fa(u i ), random(num i )) (2)
[0081] in, random(x) Indicated by x Used as a seed to generate pseudo-random numbers h(x) Indicates to x Perform hash function calculation.
[0082] (3) The corresponding user hash value obtained in step (2)hash i Published on public networks for possible future distribution of the codebook.
[0083] (4) The sender hashes the public key. pu_key and t The expected hash value of the receiver. hash i The parts are spliced together and then secretly divided as a secret, that is...
[0084] ShamirGen(join(pu_key, hash 1 , …, hash t ) (3)
[0085] → key 0 ,…, key t
[0086] in, ShamirGen(x) Indicates the use of Shamir (t,n) Secret sharing schemes for secrets x Perform secret partitioning. join(x,y, …) This indicates the elements in parentheses. x,y,…. Perform splicing, and the splicing method should not disrupt the elements. x Given the overall order, randomly select each subsequent complete element. y Insertion elements x At any position, it will not simultaneously affect the subsequent complete element. y Separate; and key i This represents the secret share resulting from secret partitioning. i The value can be { i | i∈N,0 ≤ i ≤ t}, the secret share key i The data will be distributed to t desired recipients. u j , j The value can be { j | j∈N * ,1 ≤ j ≤ t}, and the expected set of recipients U With the potential receiver set in step (1) LU The relationship is U⊆ LU At the same time, the secret share after division key i Compared with the user hash value in step (2) of the expected recipient hash iTo ensure a one-to-one correspondence, users cannot obtain a secret share that is different from their own biometric data, while the sender possesses the complete public key Hash. pu_key With private key pr_key These can be used for uploading and downloading resources in the IPNS system, respectively.
[0087] (5) The sender will send all the user hash values of the expected receivers. hash i The passwordbook is published on the blockchain network via ring signature in the form of a transaction, informing the corresponding recipient to receive it.
[0088] M = message(hash 1 ,…, hash t ) (4)
[0089] in, message(x) Indicates information x Transactions are published to the blockchain network in an agreed-upon manner. The recipient periodically searches the blockchain network for transactions, including those containing the recipient's user hash, which are then published in a specific format.
[0090] (6) The sender will send the password book secret Using private key pr_key Upload it to the IPNS system, that is
[0091] post(pr_key, secret, time) (5)
[0092] in, post(x,y,z) Indicates the use of private key x Resources y Uploaded to the IPNS system, and the resource is valid for a limited time. z The IPNS system supports setting the validity period of resource packets. time The sender can set this validity period according to actual needs. At this point, the sender has completed the codebook. secret The sending process.
[0093] The receiving process of this invention is as follows: After receiving the codebook receiving action in step (5) of the sending process, the receiver can proceed with the receiving process, which is as follows: Figure 3 As shown.
[0094] The detailed steps are as follows:
[0095] (7) Each recipient user who receives the password book notification shall perform biometric identification, i.e.
[0096] face_bool i = bool(Fa(u i),photo(u i ´) ,λ ) (6)
[0097] Where, i∈{ 1,2,…,n}; u i ´ Indicates the user currently executing the receiving process; bool(x,y) This indicates the biometrics already stored during the pre-process. x Compared to the current collection of facial photos from users y Perform matching and comparison; if a match is successful, it means... u i ´ ∈ U This means that the user belongs to the potential recipient group. U Proceed to the next step; otherwise, terminate the process of receiving the password book for this user. λ represents the biometric identification error tolerance rate. The lower the error tolerance rate λ, the stricter the matching and the higher the accuracy.
[0098] (8) Each recipient uses its own private number num i The value generated by using it as a seed in a pseudo-random number generator is related to its own biological characteristics. Fa(u i ) Hash values for each user are obtained by performing hash function calculations. hash i ,Right now
[0099] hash i =h(Fa(u i ), random(num i )) (7)
[0100] and the individual's user hash value hash i The hash value is compared with the expected user's hash value in the public network sent by the sender. If the comparison is successful, it means that the sender belongs to the expected recipient and the receiving process continues. Otherwise, it means that the sender belongs to the potential recipient but not the expected recipient and the process is terminated.
[0101] (9) Parties who participate in the acceptance process and pass the verification in step (7) may extract the secret share allocated to them. key i ,Right now
[0102] K´=get_key(u i ´) (8)
[0103] Where, i∈{ 1,2,…,n}; get_key(x) Indicates the extraction of the currently executing receiving process user. u i ´ The secret share and placed in the set K´ middle.
[0104] (10) All extracted secret shares are centrally determined. The centralization process is randomly assigned to one of the server groups. Each secret share holder signs the secret and sends it to the blockchain network. All servers know the identity of each secret holder in advance through the blockchain network and centralize the secret shares by continuously searching the network.
[0105] res_bool= b(s(K´)) (9)
[0106] in, b(x) Indicates an attempt to perform an operation. x If successful, output True And save the operation. x If the result is correct, proceed to the next step; otherwise, output the result. False And terminate the receiving process; operation s(K´) Represents the set of secret shares K´ Elements in (t,n) The secret recovery process of secret sharing is the reverse of formula (3), and the recovery result is output after successful recovery. If this step is executed successfully, then at this time... res_bool The content stored therein should be the public key hash. pu_key The hash values of all recipients were concatenated. hash i The content, namely
[0107] res_bool=join(pu_key,hash 1 ,…, hash t ) .
[0108] (11) Collect the user hash values of all recipients in step (8). hash i And attempt to recover the public key hash pu_key´ ,Right now
[0109] pu_key´= join -1 (res_bool,hash 1 ,…, hash t ) (10)
[0110] in, join -1(x,y,…) Indicates that the elements are not to be shuffled. x Try to arrange each subsequent complete element within the overall order. y From element x Delete it at any position. The data obtained in step (11) pu_key´ To determine the number of digits, that is...
[0111] bool=judge ( pu_key´,long (11)
[0112] in, judge(x,y) Indicates the element to be judged x Is the length of y If not, output FLASE and terminate the process; otherwise, continue the process. long This indicates the appropriate length for the public key hash value.
[0113] (12) Each recipient u i ´ Hash the value using the distributed public key. pu_key´ Download and obtain the corresponding password book from the IPNS system. secret ,Right now
[0114] Secret=get(pu_key´) (12)
[0115] in, get(x) This indicates that the corresponding resource is downloaded from the IPNS system using a public key hash, and at this time the receiver... u i ´ The obtained pu_key´ It cannot be viewed or saved by itself and can only be used once.
[0116] The recipient is expected to have completed the codebook operation through the above steps. secret Received.
[0117] Experiments and Analysis:
[0118] Simulation experiments were conducted on the secret-sharing-based multi-party cryptographic book distribution strategy of this invention. The simulation process was written using Python 3.9.6 with IPFS version 0.4.21. The face recognition module was implemented using the open-source Python project `face_recognition`, which is designed based on a deep learning model from the C++ open-source library `dlib`. Its functionality and performance metrics basically meet the requirements of the method proposed in this chapter. This face recognition module runs on a virtual machine deployed on the host machine, with 8 GB of memory and 8 processors. The virtual machine system is Ubuntu 20.04.3 LTS. In this experiment, a TXT document consisting of 1.6 million comments extracted from social networks by GO was selected, and some of its contents are shown in Table 1.
[0119] The simulation experiment is set up so that the sender, Alice, distributes the above TXT codebook to the intended recipients, Bob and Candy.
[0120] t =2、 n =3, meaning a (2,3) secret share is used, and Alice, the sender, does not provide her own secret share during the secret recovery phase. Simultaneously, user Peter is defined as a potential recipient but not a desired recipient, while user John is defined as neither a potential recipient nor a desired recipient in Alice's codebook distribution.
[0121]
[0122] Table 1.
[0123] First, the biometrics of Alice, Bob, Candy, and Peter are collected, calculated, and stored using Equation (1), where the face images are obtained from the Label Faces in the Wild face dataset.
[0124] Then use equation (2) to assign each user's private ID. num i The value generated by the pseudo-random number generator and used as a seed are compared with the value generated by the receiver. lu i biological characteristics Fa(lu i ) The corresponding user's hash value is obtained by performing a hash function calculation. hash i The MD5 algorithm was chosen as the hash function for calculating the user's hash value, and the calculation results are shown in Table 2.
[0125]
[0126] Table 2.
[0127] Next, the sender, Alice, hashes her own public key. pu_key The element values are first concatenated using equation (3) before secret splitting is performed, where the public key Hash is set in this simulation experiment. pu_key= QmSNnY3SHKZuxqGCMdY6kmfhFAM12dg4L7dXzXNTKBS3yn, and the expected user hash values of the receivers Bob and Candy can be obtained from Table 2. That is, the concatenated QmSNnY351726a68438ae9f463894efd49d7153aSHKZuxqGCMdY6kmfhFAM12 dg4L7dXz3e1baa83241d78be40e2add53c746490XNTKBS3yn is divided into (2,3) secret sharing segments and allocated to Alice, Bob and Candy respectively. That is, the three secret shares are in one-to-one correspondence with the three facial features, and the correspondence is shown in Table 3.
[0128]
[0129] Table 3.
[0130] Then, using equation (4), the user hash of the intended recipient, 51726a68438ae9f463894efd49d7153a, and 3e1baa83241d78be40e2add53c746490, are published to the public network to inform the intended recipient to prepare to receive the password book; finally, using equation (4.5), the password book is uploaded to the IPNS system using the sender Alice's personal private key. In this experiment, the validity period of the resource packet is... time The setting is 24h, meaning that the resource will become unavailable for download after 24 hours, and the receipt is shown in Table 4.
[0131]
[0132] Table 4.
[0133] All potential receivers located on the public network can see the expected receiver user hash sent by the sender, and thus begin to attempt to receive the data. Receivers Bob and Candy, as well as the two interfering parties Peter and John set up in the experiment, respectively use Equation (6) to collect and process the current face image.
[0134] The results of feature calculation of the collected face images in the above figure are compared with the face image features stored in Equation (1). Images 1, 2 and 3 were successfully identified as potential recipients Bob, Candy and Peter, respectively, while image 4 could not be matched, as shown in Table 5. The lower the error tolerance λ, the higher the accuracy. Generally, an error tolerance of less than 0.6 is considered to be a correct match.
[0135]
[0136] Table 5.
[0137] As shown in Table 5, Images 1, 2, and 3 match the facial features of Bob, Candy, and Peter, respectively, and are therefore potential receivers; however, Image 4 has no corresponding match, so it is not a potential receiver and the receiving step cannot be continued.
[0138] Then, the potential recipients corresponding to images 1, 2 and 3 use equation (7) to calculate their personal user hash values and compare them with the expected recipient user hashes published by the sender to the public network. It is found that Bob and Candy are expected recipients, while Peter is a potential recipient but not an expected recipient. Peter stops the receiving process.
[0139] Next, equations (8) and (9) are used to obtain the two secret shares corresponding to Bob and Candy, and a secret recovery is attempted using the secret shares. The secret recovery process is shown in Table 6.
[0140]
[0141] Table 6.
[0142] As shown in Table 6, the secret can be successfully recovered, and then Equation (10) is used to obtain the user hash values of all receivers. hash i Attempt to recover the public key hash pu_key´ The recovery results are shown in Table 7.
[0143]
[0144] Table 7.
[0145] Finally, use equation (11) to determine the number of bits. If the determination is successful, use equation (12) to obtain the password book, i.e., the TXT document, from the IPNS system within the validity period of 24 hours. Check that the content of the document is the same as the original transmitted document. Due to space limitations, the document content will not be compared here.
[0146] At this point, Alice, the sender, and Bob and Candy, the intended recipients, have completed the initial distribution and synchronization of the codebook.
[0147] Then, the strategy was experimentally analyzed from the perspectives of time efficiency and security.
[0148] (1) Time efficiency
[0149] Time efficiency is an important performance indicator affecting the practical feasibility of codebook distribution strategies. The main factors affecting the time efficiency of the multi-party codebook distribution strategy based on secret sharing proposed in this invention are the efficiency of face recognition, the efficiency of (t,n) secret sharing, and the efficiency of interaction with the IPNS system. Therefore, this section mainly tests and analyzes the time efficiency of these three modules.
[0150] First, a time efficiency experiment was conducted on the face recognition module. The experiment involved performing one hundred facial biometric feature matches on multiple face images, with a fault tolerance rate of 0.6. The experimental results are as follows: Figure 6 As shown in the figure, in most cases, the face recognition time is concentrated between 0.1850s and 0.1900s, with only a very few exceeding 0.1900s, indicating a relatively stable time. Therefore, the time complexity of the face recognition module can be considered constant. O (1).
[0151] Next, a time efficiency experiment was conducted on secret sharing in (t,n), with the time set in (t,n). t = n -1, and 1≤ t ≤50, and the secret is set as the secret in the simulation experiment section. This condition is basically the maximum time consumption for secret segmentation and extraction and satisfies most scenarios of the strategy proposed in this chapter. The experimental results are as follows: Figure 7 As shown in the figure, the secret recovery process takes slightly longer than the secret partitioning process, and the time consumption increases linearly with the increase of t. That is, the time complexity of the secret partitioning and secret recovery processes is O(t). O ( n ).
[0152] Finally, experiments were conducted to assess the time efficiency of interaction with IPNS. In the strategy proposed in this chapter, the sending process requires uploading the resource packet to the IPNS system, and the receiving process requires parsing and downloading the resource packet from the IPNS system using the recovered public key hash. Furthermore, after the resource packet is disassembled, the sender needs to reset the validity period and upload it again. Therefore, 50 experiments were conducted to test the upload and download time of the resource packet in the IPNS system, setting different file sizes from 2MB to 100MB for upload and download, and recording the time consumed each time. The experimental results are as follows: Figure 8 , Figure 9 As shown. By Figure 8 and Figure 9It can be seen that during the interaction with IPNS: the upload process is almost unaffected by the file size, generally remaining between 60 and 65 seconds, and the time complexity of the upload process is... O (1); The download process is highly dependent on the file size, almost linearly, meaning that under the same network conditions, the larger the file, the longer the download time. However, under normal circumstances, when the file size is less than 100MB, the download time can be controlled within 4 seconds. The time complexity of the download process is... O ( n A very small number of jitters occurred during the upload and download process due to network issues, but these did not affect the overall interaction time trend. Therefore, it can be considered that, for the high-security scenario of codebook distribution, the time consumption for interaction with IPNS can be kept within an acceptable range.
[0153] In summary, the total time complexity of the proposed multi-party codebook distribution strategy based on secret sharing is O(n log n). O (1)+ O ( n )+ O ( n )+ O (1)+ O ( n The time consumption is mainly concentrated in the IPNS upload and download process, and the total latency can be kept within an acceptable range.
[0154] (2) Security
[0155] ① Resisting Impersonation Attacks: Impersonation attacks refer to malicious attackers attempting to gain access to a system by posing as authorized users. The multi-party codebook distribution strategy based on secret sharing proposed in this paper utilizes biometric identification technology based on facial recognition. When recovering the secret share, facial image feature matching is required, and only potential recipients can pass. This step filters out some malicious attackers. Furthermore, the secret share is not stored by the recipient but is only available after facial feature recognition. The replaceable facial recognition module can be updated according to the latest biometric identification technology, further improving accuracy and reducing the probability of impersonation attacks. A salted hash function is used to unidirectionally encrypt the biometrics of all users, effectively preventing malicious users, acting as senders or potential recipients, from maliciously distributing codebooks multiple times to extract user biometrics for subsequent attacks. Simulation experiments also show that neither Peter, a potential recipient but not a desired recipient, nor John, neither a potential nor a desired recipient, can successfully gain trust.
[0156] ② (t,n) Threshold Scheme Characteristics: The codebook distribution strategy proposed in this section uses the idea of (t,n) secret sharing. The threshold characteristic of (t,n) secret sharing refers to dividing the secret and distributing it to... n There are at least one participating party, and at least one party is required to meet the following conditions. t A correct share can recover the original secret, less than t The correct share could not be successfully recovered, even if the attacker possessed it. t -1 secret share can only construct one t -1 containing t This scheme uses a system of equations with unknowns to ensure security while significantly increasing the cost of attack for attackers. In other words, a sufficient amount of secret share is required to recover the original secret. The mathematical approach ensures that the probability of successfully recovering the original secret approaches 0 in the case of incorrect or insufficient secret share.
[0157] In summary, this invention proposes a multi-party codebook distribution strategy based on secret sharing to address the codebook distribution problem in the covert communication model MC-GBCC. This strategy utilizes (t,n) secret sharing and biometric identification technology based on facial recognition to achieve one-to-many secure codebook distribution in covert communication scenarios involving generative steganography. Simulation experiments demonstrate the feasibility of this strategy, and time efficiency and security metrics are used to evaluate its performance. Experimental results show that this strategy can achieve secure one-to-many transmission of large-capacity codebooks with low latency and high security.
Claims
1. A method for multi-party password distribution based on secret sharing, characterized in that: Includes the sending and receiving processes; The sending process is as follows: the sender initiates a request to the codebook. secret Distribution, expected to be sent to t Bit receiver: (1) to include t collection of biometrics from all potential recipients, including the intended recipient, Fa(u i =face(photo(lu) i )), lu i ∈LU (1) in, face(x) Indicates extraction of biometric features x And store it. photo(x) Indicates to x Collecting and organizing facial photos, lu i Representing potential recipients, set LU This represents the set of users who are the sender and all potential receivers, i.e. LU={lu 1 , lu 2 ,…, lu m } ; (2) All potential recipients lu i All have private serial numbers num i and the private number num i The value generated by the pseudo-random number generator and used as a seed are compared with the value generated by the receiver. lu i biological characteristics Fa(lu i ) The corresponding user's hash value is obtained by performing a hash function calculation. hash i ,Right now hash i =h(Fa(u i ), random(num i )) (2) wherein, random(x) denotes to generate a pseudo-random number with x as a seed, h(x) denotes to perform a hash function calculation on x ; Step (3): The corresponding user Hash value obtained in step (2) is sent to the server hash i Published in public network for future possible password book distribution; (4) The sender hashes the public key. pu_key and t The expected hash value of the receiver. hash i The parts are spliced together and then secretly divided as a secret, that is... ShamirGen(join(pu_key, hash 1 , …, hash t ) (3) → key 0 ,…, key t in, ShamirGen(x) Indicates the use of Shamir (t,n) Secret sharing schemes for secrets x Perform secret partitioning. join(x, y, ...) This indicates the elements in parentheses. x, y, ... Perform splicing, and the splicing method should not disrupt the elements. x Given the overall order, randomly select each subsequent complete element. y Insertion elements x At any position, it will not simultaneously affect the subsequent complete element. y Separate; and key i This represents the secret share resulting from secret partitioning. i The value can be { i | i∈N,0≤i≤t }, the secret share key i The data will be distributed to t desired recipients. u j , j The value can be { j | j∈N * ,1≤j≤t }, and the expected set of recipients U With the potential receiver set in step (1) LU The relationship is U⊆ LU At the same time, the secret share after division key i Compared with the user hash value in step (2) of the expected recipient hash i It is a one-to-one correspondence; (5) The sender will send all the user hash values of the expected receivers. hash i The passwordbook is published on the blockchain network via ring signature in the form of a transaction, informing the corresponding recipient to receive it. M = message(hash) 1 ,…, hash t ) (4) wherein, message(x) representing the information x publishing to the blockchain network in an agreed manner, the recipient searching the blockchain network for transactions at a timed interval; (6) The sender will send the password book secret Using private key pr_key Upload it to the IPNS system, that is post(pr_key, secret, time) (5) Wherein, post(x,y,z) represents using a private key x uploading a resource y to an IPNS system and the resource validity time is z , the IPNS system supports setting the validity time of the resource package time ; The receiving process is as follows: (7) Each recipient user who receives the password book notification shall perform biometric identification, i.e. face_bool i = bool(Fa(u i ),photo(u i ´) ,λ ) (6) Where, i∈{ 1,2,…,n }; u i ´ Indicates the user currently executing the receiving process; bool(x,y) This indicates the biometrics already stored during the pre-process. x Compared to the current collection of facial photos from users y Perform matching and comparison; if a match is successful, it means... u i ´ ∈ U This means that the user belongs to the potential recipient group. U Proceed to the next step; otherwise, terminate the process of receiving the password book for this user. λ represents the biometric identification fault tolerance rate. (8) Each recipient uses its own private number num i The value generated by using it as a seed in a pseudo-random number generator is related to its own biological characteristics. Fa(u i ) Hash values for each user are obtained by performing hash function calculations. hash i ,Right now hash i =h(Fa(u i ), random(num i )) (7) and the personal user Hash value hash i comparing with the expected user Hash value in the public network sent by the sender, if successful, it means that it belongs to the expected receiver and continues the receiving process, otherwise it means that it only belongs to the potential receiver but not the expected receiver and the process is aborted. (9) Parties who participate in the acceptance process and pass the verification in step (7) may extract the secret share allocated to them. key i ,Right now K´=get_key(u i ´) (8) where i e { 1,2,…,n}; get_key(x) represents extracting the secret share of the current execution receiving process user u i ´ and placing it in the set K´ ; (10) All extracted secret shares are centrally determined. The centralization process is randomly assigned to one of the server groups. Each secret share holder signs the secret and sends it to the blockchain network. All servers know the identity of each secret holder in advance through the blockchain network and centralize the secret shares by continuously searching the network. res_bool= b(s(K´)) (9) in, b(x) Indicates an attempt to perform an operation. x If successful, output True And save the operation. x If the result is correct, proceed to the next step; otherwise, output the result. False And terminate the receiving process; operation s(K´) Represents the set of secret shares K´ Elements in (t,n) The secret recovery process of the secret sharing; if this step is executed successfully, then at this time... res_bool The content stored therein should be the public key hash. pu_key The hash values of all recipients were concatenated. hash i The content, namely res_bool=join(pu_key,hash 1 ,…, hash t ); (11) Collect all receiver's user Hash value in step (8) hash i and try to recover the public key Hash pu_key ´ i.e. pu_key´= join -1 (res_bool,hash 1 ,…, hash t ) (10) in, join -1 (x,y,…) Indicates that the elements are not to be shuffled. x Try to arrange each subsequent complete element within the overall order. y From element x Delete at any position; for the data obtained in step (11) pu_key´ To determine the number of digits, that is... bool=judge ( pu_key´,long ) (11) wherein, judge(x,y) represents a judging element x whether the length of y is not, outputs Flase and terminates the flow, otherwise continues the accepting process; long represents the required length of the public key Hash value; (12) each recipient u i ´ using the value of the public key Hash distributed to pu_key´ download and obtain the corresponding password book in the IPNS system secret , namely Secret=get(pu_key´) (12) wherein, get(x) represents downloading the corresponding resource in the IPNS system using a public key Hash.
2. The multi-party codebook distribution method based on secret sharing according to claim 1, characterized in that: During the transmission process, facial recognition is used to collect the recipient's biometric features.