A method for multi-functional blockchain editing

By employing a multifunctional blockchain editing method and utilizing the Key Center (KGC) to manage user keys and chameleon hashes, the challenges of blockchain security, privacy, and decentralization in existing technologies are addressed, enabling flexible blockchain editing and revocable permission management.

CN118764155BActive Publication Date: 2026-07-03UNIV OF ELECTRONICS SCI & TECH OF CHINA

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
UNIV OF ELECTRONICS SCI & TECH OF CHINA
Filing Date
2024-06-07
Publication Date
2026-07-03

Smart Images

  • Figure CN118764155B_ABST
    Figure CN118764155B_ABST
Patent Text Reader

Abstract

To address the issue of limited editable functionality in existing editable blockchains, this invention discloses a multifunctional blockchain editing method, comprising: a key center (KGC) performing system initialization and outputting publicly available system parameters (mpk). ch and master key msk ch The calculation process for periodic and revocable keys: The Key Center (KGC), the server, and the user respectively generate keys for periodic encryption and decryption; The blockchain editing process: Users perform hash calculation and verification to generate and verify the chameleon hash value of the block. Users holding editing permissions and keys, as modifiers, execute rewrite and update algorithms to edit the hash value and time of the new block respectively. The KGC executes an auditing algorithm to determine whether the server's decryption actions have exceeded the limit. The KGC executes a revocation algorithm to periodically revoke users' editing permissions. Users run hash calculations, outputting chameleon hashes, random numbers, and temporary trapdoors based on different editing conditions.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention belongs to the field of cyberspace security technology, specifically involving blockchain editing technology. Background Technology

[0002] Current research on editable blockchains primarily focuses on fine-grained editing and decentralized editing operations, along with related security considerations. For example, research includes revoking blockchain editing permissions, achieving traceability of the editing process, and ensuring anonymity. However, these aspects are difficult to achieve with a single solution. This is mainly due to the "trilemma" problem of simultaneously addressing the challenges of "security, privacy, and decentralization" in blockchain. Furthermore, current solutions primarily involve cryptographic primitives such as attribute-based encryption (CP-ABE) and chameleon hashing (CH). Solving these challenges often requires modifying existing CP-ABE and CH schemes. Clearly, mainstream encryption schemes like CP-ABE face design bottlenecks in security and performance, which are difficult to resolve in the short term. Summary of the Invention

[0003] The technical problem to be solved by this invention is to provide a multifunctional blockchain editing method that addresses the single-function design of existing editable blockchains and adapts to the privacy protection needs and regulatory requirements of blockchains.

[0004] The technical solution adopted by this invention to solve the above-mentioned technical problems is a multifunctional blockchain editing method, comprising the following steps:

[0005] 1) System initialization steps:

[0006] The Key Center (KGC) performs system initialization, initializes the revocation list, and outputs the system's public parameters and master key.

[0007] 2) Steps for generating periodic and revocable keys:

[0008] Key Center (KGC) generates long-term conversion key pairs based on user identity ID and attribute set, and then converts the long-term conversion key pairs... Send to the corresponding user; generate a periodic key update based on the master key, time t, revocation list, and status;

[0009] The server uses the long-term public key conversion. Generate short-term conversion keys by periodically updating the keys;

[0010] User life is based on long-term conversion private key Generate a short-term decryption key dk for the ciphertext after server-assisted decryption, using time t. id,t ;

[0011] 3) Blockchain editing steps:

[0012] Hash Calculation Steps: The user performs hash calculation based on the editing conditions (mode) of public or private editing. R Get the corresponding hash auxiliary aux H Outputs the chameleon hash used to generate blocks. and random numbers And a temporary trapdoor ETD to complete block generation;

[0013] Hash verification steps: User verification includes Chameleon hash. Original code M, random number The validity of the chameleon hash pair at time t is checked. If the block verification is valid, the process proceeds to the next step; otherwise, the process ends.

[0014] Hash rewriting steps: Having edit permissions and a long-term conversion key pair and short-term decryption key dk id,t The user, as the modifier, transforms the private key over a long period of time. Hash Auxiliary H Chameleon hash pairs Rewrite the code M′ and the temporary trapdoor etd to obtain a random number for rewriting. Use random numbers Complete block rewriting;

[0015] Hash update steps: The modifier transforms the private key based on the long-term conversion. Hash Auxiliary H Chameleon hash pairs The update time t′ and the temporary trapdoor etd are used to obtain the random number for the update. Use random numbers Block update complete;

[0016] Auditing steps: KGC uses long-term transformation private keys Check whether the server is correctly providing decryption services and whether the number of times the server is disconnected for decryption exceeds the limit;

[0017] Undo Steps: KGC revokes a user's editing permissions by periodically updating the undo list; the undo list contains all user IDs that have revoked within time t.

[0018] The beneficial effect of this invention is that it proposes a highly flexible, multifunctional editable blockchain solution that can realize editable block generation, block re-editing, and reversible editing permissions within a single solution. Attached Figure Description

[0019] Figure 1 This is a flowchart of the present invention. Detailed Implementation

[0020] The technical solutions of the present invention will now be clearly and completely described with reference to the accompanying drawings of the embodiments of the present invention. Obviously, the described embodiments are only some embodiments of the present invention, and not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.

[0021] To make the above-mentioned objects, features and advantages of the present invention more apparent and understandable, the present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments.

[0022] like Figure 1 As shown, this embodiment of the invention provides a multifunctional blockchain editing method, including the following steps:

[0023] S1 System Initialization: The Key Center (KGC) performs system initialization and outputs the system's public parameters (mpk). ch and master key msk ch Specifically:

[0024] The Key Center (KGC) initializes a binary tree BT with at least N leaf nodes, where N represents the maximum number of users in the system. The state st is set to BT. An empty list named rl is maintained to store revoked users; rl is called the revocation list.

[0025] Choose two multiplication groups and Their orders are all prime order p. Choosing a random generator Indicates from the multiplication group Randomly select a real number from the list. It is a p-element finite field. Let denote the multiplicative cyclic group of invertible integers modulo p. The generator is g, and the bilinear mapping is → indicates mapping. The property universe U represents the namespace for all user properties, and is set... The namespace for all times t is Generate random numbers Set the hash function to

[0026] In addition, define two functions F1 and F2: F1(y) = u y ·h and y is the independent variable, Elements in the mapping to The elements in. For ease of representation, the system public parameters used for attribute-based encryption are set to D and E are intermediate values, and the system private key for attribute-based encryption is msk. abe =α. Let An input key is Collision-resistant hash functions.

[0027] The NIZK sub-algorithm NIZK.GenZK is run to initialize the non-interactive zero-knowledge proof NIZK and derive the common character reference string crs. Here, the existing non-interactive zero-knowledge proof NIZK = (GenZK, Prove, Verify, SimGen, SimProve) consists of five sub-algorithms.

[0028] The TPKE public-key pair (pk) is obtained using the TGen sub-algorithm of Time-Release Public-Key Encryption (TPKE). tpke ,sk tpke Here, the existing TPKE = (TGen, Enc, FDec, SDec) consists of four sub-algorithms. The time-controlled private key sk TPKE It will be used for fast decryption.

[0029] Output system public parameters and master key msk ch =α.

[0030] S2 User Key Generation: KGC generates key pairs (pk ch ,sk ch Specifically:

[0031] KGC runs a user key generation algorithm to generate key pairs (pk ch ,sk ch Select random number. Calculate the secret number from Random selection As the user's private key, calculation run Calculate the NIZK proof The algorithm outputs the hash public key. and hash private key

[0032] S3: Long-term conversion key generation: KGC executes this algorithm and outputs the long-term conversion public key corresponding to the user's identity ID. and long-term transformation private key

[0033] KGC executes a long-term conversion key generation algorithm. The input user ID and attribute set are S = (A1, ..., A...). k ), where k is the total number of attributes. Then, an undefined leaf node θ is selected from the binary tree BT, and the user algorithm ID is stored in this node. For each node x∈Path(θ), Path(θ) refers to the set of all nodes on the path from node θ to the root of the binary tree, which is randomly selected. And calculate Get g x This refers to a value initially stored in node x of the binary tree BT. If node x does not yet have this value defined, then a value should be randomly selected. Calculate the intermediate value and g x Stored in node x. Randomly selected. calculate Output the long-term converted public key of the user ID and long-term transformation private key

[0034] S4: Periodic Key Generation: KGC executes this algorithm. It outputs the periodic key ku. t and state st;

[0035] KGC executes a periodic update key generation algorithm. It obtains g from each node x∈KUNodes(BT,rl,t). x The KUNodes algorithm here specifies the minimum number of nodes required for a non-reversible user to decrypt the ciphertext within a time period t. (Selection...) calculate Output ku t =(x,Q) x,0 Q x,1 ) x∈KUNodes(BT,rl,t) and st.

[0036] S5: Short-term conversion key generation: The server executes this algorithm and outputs a short-term conversion key tk. id,t ;

[0037] The server executes a short-term conversion key generation algorithm. Assume θ is a leaf node storing user identity IDs. Let I = (x: x ∈ Path(θ)) and J = (x: x ∈ KUNodes(BT, rl, t)). If... Returning to ⊥. ⊥ indicates terminating the current process. Otherwise, there must exist a node x∈I∩J such that tk0=P. x,0 ·Q x,0 ,tk1=P x,1 , tk4=Q x,1 ,tk5=P x,4 ,tk6=P x,5 For each tk id,t Initialize the decryption counter ctr = 0 and an empty set. Set tk7 = csi as the current state information. Output the short-term conversion key tk. id,t =(tk0,tk1,(tk i,2 ,tk i,3 ) i∈[k] ,tk4,tk5,tk6,tk7).

[0038] S6: Short-Term Decryption Key Generation: The user executes the short-term decryption key generation algorithm and outputs the short-term decryption key dk. id,t .

[0039] The user executes a short-term decryption key generation algorithm. Input the user's identity ID and the long-term conversion private key. Random selection And output a short-term decryption key

[0040] S7: Calculate Hash: The user runs a hash calculation based on different editing conditions (mode). R Output Chameleon Hash and random numbers and temporary trapdoor Specifically:

[0041] According to public editing mode R ="public" or private editing mode R ="private", sets different hash auxiliary aux H for:

[0042]

[0043] Where (M,ρ) is the access structure of the Linear Secret Sharing Scheme (LSSS), M is the first element of the access structure, which is the original encoding; ρ is the second element of the access structure; and t is the time.

[0044] Next, run This checks the correctness of the NIZK proof. If the output is 0, it returns ⊥. Is the condition true? If not, return ⊥. Select a random number. and temporary trapdoor Calculate h = g etd and π h =NIZK1.Prove(crs,(etd,h=g)etd Then, calculate the hash value. Hash value and proof We represent the encoding and decoding methods as and It is the cyclic group of quadratic residues used for instantiation. M, M′, M″ are The elements in.

[0045] S8: Verify Hash: The user runs Verify Hash to check the Chameleon Hash pair. The validity at time t is determined by outputting ⊥, 0, or 1.

[0046] Users run this algorithm to verify the validity of the chameleon hash pairs. If or or Then return ⊥. Calculate and check if the condition is met: If the condition is not met, return ⊥; if it is met, calculate the verification value. Then determine whether it is satisfied. If satisfied, output 1; otherwise, check t′≠t and t′≠t. The function checks whether the condition is true or false. If true, output 0; otherwise, output ⊥. Output 0 indicates that the check or verification failed, and output 1 indicates that the check or verification passed.

[0047] S9: Rewrite Hash: The modifier runs the rewrite hash algorithm to calculate the new chameleon hash collision, outputting a new set of random numbers.

[0048] The modifier runs this algorithm to compute the new chameleon hash collision. Algorithm input: If M = M', then return M′ represents the rewrite encoding.

[0049] Otherwise, input hash auxiliary If mode R ="private": Runs a verification algorithm to check hash pairs and timestamps. The validity of the result. If the output is 0, return ⊥. Calculate and if Return directly. For the partially decrypted ciphertext CT', the modifier enters a short-term decryption key dk. id,t Use the decryption algorithm ABE.Decrypt to recover M from CT. If the output is ⊥, return ⊥. Otherwise, run... get calculate and hash value Run ABE.Offline.Enc on t to get IT'. Run get Run ABE.Online.Enc((M,ρ),M′,IT′), Obtain CT scan and proof If mode R =“public”: Run the verification algorithm If the output is not 1, then output ⊥. Otherwise, calculate... if Return directly Otherwise, run TPKE.SDec on CT to get M. If SDec outputs ⊥, then return ⊥. Otherwise, run... get calculate run Obtain M′. Run TPKE.Enc to obtain CT′ on M′. Run get Finally, rewrite the algorithm to output a new set of random numbers. Hash value, partially decrypted ciphertext CT'

[0050] S10: The modifier runs the update hash algorithm, updates the time corresponding to the chameleon hash pair, and outputs a new set of random numbers.

[0051] The modifier runs this algorithm to update the time corresponding to the chameleon hash pair. Algorithm input: If t′ = t, then return Otherwise, continue if mode R ="private": run Algorithm. If the output is 0 or ⊥, return ⊥. Then, calculate... if return Similarly, the modifier enters dk id,t (or sk) (2) Run `ABE.Decrypt` to recover M from `CT`. If the output is ⊥, return ⊥. Otherwise, run... get calculate Running ABE.Offline.Enc((M,ρ),t′) yields IT″. get Finally, run ABE.Online.Enc((M,ρ),M″,IT″) and CT″ and If mode R ="public":Run If the output is 0 or ⊥, return ⊥. Otherwise, calculate... if return Run TPKE.SDec(pk tpke ,CT) to get M. If TPKE.SDec outputs ⊥, return ⊥. Otherwise, run get calculate run Updated Finally, run TPKE.Enc(pk tpke ,M″) to get CT″. Run get This update algorithm outputs

[0052] S11: Audit Algorithm: KGC executes the audit algorithm to check whether the cloud server is correctly providing decryption services, and returns 0 or 1;

[0053] KGC executes the algorithm: Input a secret long-term conversion key If mode C If the expression is not equal to "part-dec", then output ⊥. Otherwise, check if the expression satisfies the condition. If the condition is not met, output 0 to indicate an incorrect decryption. Otherwise, output 1 to indicate a correct decryption.

[0054] S12: Undo Algorithm: KGC executes the undo algorithm and outputs a new undo list rl′.

[0055] KGC executes the algorithm: During time interval t, the user ID is revoked, and all nodes x and (x,t) associated with the ID are added to list rl. A new list rl′ is output.

[0056] Define offline encryption ABE.Offline.Enc: The user computes the offline ciphertext during the offline phase as follows: Let... Let (M,ρ) represent an LSSS (Linear Secret Sharing Scheme, commonly used to define access policies for attribute-based encryption) access structure, where M is a... Matrix. Calculation C0 = g γ Then, for Random selection And calculate C5 = Q γ ,for calculate The output intermediate ciphertext is

[0057] Define the online encryption algorithm ABE.Online.Enc: During the offline phase, the user computes the offline ciphertext as follows: randomly select a vector... Where T denotes the transpose of the matrix. Calculate a vector partition of γ. Calculate C = M·key,C i,7 =λ i -λ′ i C i,8 =μ i ·(ρ(i)-x i The complete ciphertext is output as follows:

[0058] Define the ciphertext transformation algorithm Transform: The server executes this algorithm to partially decrypt the ciphertext: Return ⊥ if the following conditions are not met: (1) And only if in every model that makes S true, It is also true. (2) and (3) ctr+1≤σ, where σ is the service. (2) and (3) ctr+1≤σ, where σ is the maximum number of decryption attempts the server can provide. If this is exceeded, it is considered an excessive and illegal decryption attempt. (4) If Next, if the user is revoked at time t, return ⊥; otherwise, compute the set I = (i: ρ(i) ∈ S) and the constant. Make ∑ i∈I w i M i = (1,0,…,0), where M i This is the i-th row of M. Calculate... Let (C′,C′0,C′4)=(C / B,C0,C4), CT′=CT||(C′,C′0,C′4), and modeC←“part-dec”. Output (CT′,modeC) C ).

[0059] Define the user decryption algorithm ABE.Dec: The user executes this algorithm and calculates M as follows: If mode C ="part-dec": using dk id,t The decryption is as follows: Otherwise, return ⊥. Next, perform different operations based on different editing conditions: (1) If mode R ="private": set Run IT←ABE.Offline.Enc((M,ρ),t). Run CT←ABE.Online.Enc((M,ρ),M,IT). (2) If mode R =“public”: Run Run CT←TPKE.Enc(pk tpke M). Let

[0060] The algorithm outputs a chameleon hash, a random number, and a temporary trapdoor:

[0061] The implementation can be achieved within a single solution:

[0062] (1) Efficient generation of editable blocks: With the help of pre-computation in the offline stage, the computational overhead of the online stage can be ignored by the user.

[0063] (2) Efficient block re-editing: With the help of cloud server to decrypt ciphertext, the re-editing overhead can be ignored by the user.

[0064] (3) Revocable editing permissions: The indirect revocation of user editing permissions is achieved through the server. The user's editing permissions for blocks are divided into periods of validity.

[0065] (4) Reversible Editing Results: Breaking away from the uniqueness of chameleon hashes (a security property), the system utilizes an update algorithm to achieve traceability and reversibility of edit results (chameleon hash values). Together with the reversibility of editing permissions, this forms a dual (more stable) editing management architecture.

[0066] (5) Public and Private Editing: By introducing time-controlled encryption (TPKE), all users are allowed to publicly edit the content of the issue block after a certain period of time. This achieves completely decentralized editing. Together with attribute-based encryption editing, it forms a (public-private) optional editing strategy.

[0067] The embodiments described above are merely preferred embodiments of the present invention and are not intended to limit the scope of the present invention. Various modifications and improvements made to the technical solutions of the present invention by those skilled in the art without departing from the spirit of the present invention should fall within the protection scope defined by the claims of the present invention.

Claims

1. A multifunctional blockchain editing method, characterized in that, Includes the following steps: 1) System initialization steps: The Key Center (KGC) performs system initialization, initializes the revocation list and binary tree state, and outputs the system's public parameters and master key. 2) Steps for generating periodic and revocable keys: Key Center (KGC) based on user identity Generate long-term transformation key pairs with the attribute set and then convert the long-term transformation key pairs. Send to the corresponding user; based on master key and time. Revocation list and status generation cycle update key; The server uses the long-term public key conversion. Generate short-term conversion keys by periodically updating the keys; Users convert private keys over a long period of time. and time Generate a short-term decryption key for server-assisted decryption of the ciphertext. ; 3) Blockchain editing steps: Hash Calculation Steps: The user performs hash calculation based on the editing conditions of public or private editing. Get the corresponding hash auxiliary Outputs the Chameleon hash used to generate blocks. and random numbers and temporary trapdoor Complete block generation; Hash verification steps: User verification includes Chameleon hash. Original encoding Random numbers Chameleon hash pairs in time The validity of the block is checked; if the block verification is valid, the process proceeds to the next step; otherwise, the process ends. Hash rewriting steps: Having edit permissions and a long-term conversion key pair and short-term decryption key The user, as the modifier, transforms the private key over a long period of time. Hash Auxiliary Chameleon hash pairs Rewrite the encoding and temporary trapdoor Get the random number to rewrite Use random numbers Complete block rewriting; Hash update steps: The modifier transforms the private key based on the long-term conversion. Hash Auxiliary Chameleon hash pairs Update time and temporary trapdoor Get the random number to update Use random numbers Block update complete; Auditing steps: KGC uses long-term private key conversion Check whether the server is correctly providing decryption services and whether the number of times the server is disconnected for decryption exceeds the limit; Undo Steps: KGC revokes a user's editing permissions by periodically updating the undo list; the undo list includes timestamps. All users who cancel .

2. The method as described in claim 1, characterized in that, Hash Auxiliary in the Hash Calculation Step The calculation method is as follows: in, As a public editor, For private editing, For string concatenation, For the p-element finite field in the system's publicly available parameters, where p is a prime number, Here is the access structure for the Linear Secret Sharing Scheme (LSSS), where M is the first element of the access structure and represents the original encoding. This is to access the second element of the structure.

3. The method as described in claim 1, characterized in that, In the hash calculation, hash verification, hash rewriting, and hash update steps, non-interactive zero-knowledge proofs are performed first to prove correctness before proceeding to the corresponding steps.