阅读说明：本技术 多数据提供方加密数据跨平台零知识校验方法、装置及介质 (The cross-platform Zero Knowledge method of calibration of more data providing encryption datas, device and medium ) 是由 陆陈一帆 来学嘉 贾牧 谢丹力 张鹏程 于 2019-07-29 设计创作，主要内容包括：本发明揭露了一种多数据提供方加密数据跨平台零知识校验方法,该方法包括：在第一用户的用户终端对第一独立数据存储系统的第一账本发起一个交易请求后,该交易处理协议获取第一独立数据存储系统的第一账本和第二独立数据存储系统的第二账本的与该交易请求对应的交易参数；根据获取的与该交易请求对应的交易参数,对第一账本和第二账本之间与所述交易参数对应的交易进行预设类型合法性验证,并在预设类型合法性验证通过后,用第一账本对应的更新份额密文更新第一用户在第一账本的账户数据。本发明还揭露了一种交易处理装置及计算机存储介质。利用本发明,在确保数据安全的同时实现多个数据提供方的加密数据零知识校验。(Disclosed herein a kind of more cross-platform Zero Knowledge methods of calibration of data providing encryption data, this method comprises: the trading processing agreement obtains the parameter transaction corresponding with the transaction request of the first account book of the first independent data storage system and the second account book of the second independent data storage system after the user terminal of the first user initiates a transaction request to the first account book of the first independent data storage system；According to the parameter transaction corresponding with the transaction request of acquisition, preset kind legitimate verification is carried out to transaction corresponding with the parameter transaction between the first account book and the second account book, and after preset kind legitimate verification passes through, the first user is updated in the account data of the first account book with the corresponding share ciphertext that updates of the first account book.The present invention is also disclosed that a kind of traction processing apparatus and computer storage medium.Using the present invention, the encryption data Zero Knowledge verification of multiple data providings is realized while ensuring data safety.)

1. a kind of cross-platform Zero Knowledge method of calibration of more data providing encryption datas, which is characterized in that this method is based on supporting The trading processing agreement of multi-party cross-platform transaction, which includes the user terminal and second user of the first user The collaboration of user terminal, alternatively, the trading processing agreement includes that the first independent data storage system and the second independent data store The collaboration of system, this method comprises:

It, should after the user terminal of the first user initiates a transaction request to the first account book of the first independent data storage system Trading processing agreement obtains the first account book of the first independent data storage system and the second account of the second independent data storage system This parameter transaction corresponding with the transaction request, wherein first the first account book of user management, second user manage the second account This, the parameter transaction includes the update share ciphertext of the first account book, verification share ciphertext, the real trade share of the second account book Exchange rate ciphertext between ciphertext and the first account book and the second account book does not proofread verification share ciphertext；

The trading processing agreement according to the parameter transaction corresponding with the transaction request of acquisition, to the first account book and the second account book it Between corresponding with parameter transaction transaction carry out preset kind legitimate verification, and pass through in preset kind legitimate verification Afterwards, account data of first user in the first account book, the preset kind are updated with the corresponding share ciphertext that updates of the first account book Legitimate verification includes whether verifying verification share corresponding with the transaction request is equal with the real trade share of the second account book.

2. the cross-platform Zero Knowledge method of calibration of more data providing encryption datas according to claim 1, which is characterized in that The parameter transaction further include: the share comparison key of the second account book, the verifying corresponding with the transaction request second Whether the verification share of account book is equal with the real trade share of the second account book, comprising:

Share comparison public key is obtained according to the verification share ciphertext and the real trade share cryptogram computation, and according to Verification share key and real trade share cipher key calculation obtain share comparison private key；

Examine share comparison private key whether corresponding with share comparison public key, if so, the transaction request corresponding the The verification share of two account books and the real trade share of the second account book are equal, and judgement is verified.

3. the cross-platform Zero Knowledge method of calibration of more data providing encryption datas according to claim 2, which is characterized in that The calculation formula of the share comparison public key includes: p_pk=ps/tz2, wherein p_pk indicates that share comparison is public Key, ps indicate verification share ciphertext, and tz2 indicates real trade share ciphertext；

The calculation formula of the share comparison private key includes: p_sk=s-z2, wherein p_sk indicates that share comparison is private Key, s indicate that verification share key, z2 indicate real trade share key；

Inspection share comparison private key formula whether corresponding with share comparison public key includes: p_pk==h^p_ Sk, wherein h is a base in the computing environment of discrete logarithm problem.

4. the cross-platform Zero Knowledge method of calibration of more data providing encryption datas according to claim 2, which is characterized in that The preset kind legitimate verification further include:

Verifying is described not to proofread whether verification share ciphertext generates according to the update share ciphertext and the exchange rate ciphertext.

5. the cross-platform Zero Knowledge method of calibration of more data providing encryption datas according to claim 4, which is characterized in that The parameter transaction further include: correction parameter signature, correction parameter public key, correction parameter private key are not proofreaded described in the verifying Verify whether share ciphertext generates according to the update share ciphertext and the exchange rate ciphertext, comprising:

Check whether correction parameter signature is signed and issued by the corresponding correction parameter private key of correction parameter public key；

Verification share ciphertext is not proofreaded if so, regenerating according to the verification share ciphertext and the correction parameter public key, and Verifying is described not to proofread whether verification share ciphertext generates according to the update share ciphertext and the exchange rate ciphertext, if so, Then judgement is verified.

6. the cross-platform Zero Knowledge method of calibration of more data providing encryption datas according to claim 5, which is characterized in that Do not proofread what whether verification share ciphertext generated according to the update share ciphertext and the exchange rate ciphertext described in the verifying Formula includes:

E (g, psm)==e (tz1, er), psm=ps*i_pk=ps*i^rz1

Wherein, psm expression, which is not proofreaded, examines share ciphertext, and tz1 indicates to update share ciphertext, and er indicates exchange rate ciphertext, ps table Show verification share ciphertext, i_pk indicates that correction parameter public key, rz1 indicate the numerical value of correction parameter private key i_sk, and g, i are discrete Base in the computing environment of logarithm problem.

7. a kind of cross-platform Zero Knowledge method of calibration of more data providing encryption datas suitable for described in claim 1 to 6 Traction processing apparatus, which is characterized in that the device includes memory and processor, is stored in the memory and the support The corresponding transaction processing program of trading processing agreement of multi-party cross-platform transaction, the transaction processing program are held by the processor Following steps can be realized when row:

It, should after the user terminal of the first user initiates a transaction request to the first account book of the first independent data storage system Trading processing agreement obtains the first account book of the first independent data storage system and the second account of the second independent data storage system This parameter transaction corresponding with the transaction request, wherein first the first account book of user management, second user manage the second account This, the parameter transaction includes the update share ciphertext of the first account book, verification share ciphertext, the real trade share of the second account book Exchange rate ciphertext between ciphertext and the first account book and the second account book does not proofread verification share ciphertext；

The trading processing agreement according to the parameter transaction corresponding with the transaction request of acquisition, to the first account book and the second account book it Between corresponding with parameter transaction transaction carry out preset kind legitimate verification, and pass through in preset kind legitimate verification Afterwards, account data of first user in the first account book, the preset kind are updated with the corresponding share ciphertext that updates of the first account book Legitimate verification includes whether verifying verification share corresponding with the transaction request is equal with the real trade share of the second account book.

8. traction processing apparatus according to claim 7, which is characterized in that the parameter transaction further include: the second account book Share comparison key, the verification share of corresponding with the transaction request the second account book of the verifying whether with the second account book Real trade share it is equal, comprising:

Share comparison public key is obtained according to the verification share ciphertext and the real trade share cryptogram computation, and according to Verification share key and real trade share cipher key calculation obtain share comparison private key；

Examine share comparison private key whether corresponding with share comparison public key, if so, the transaction request corresponding the The verification share of two account books and the real trade share of the second account book are equal, and judgement is verified.

9. traction processing apparatus according to claim 8, which is characterized in that the preset kind legitimate verification also wraps It includes:

Verifying is described not to proofread whether verification share ciphertext generates according to the update share ciphertext and the exchange rate ciphertext.

10. a kind of computer readable storage medium, which is characterized in that include trading processing in the computer readable storage medium Program, it can be achieved that majority as described in any one of claim 1 to 6 when the transaction processing program is executed by processor The step of Zero Knowledge method of calibration cross-platform according to provider's encryption data.

Technical field

The present invention relates to Internet technical field more particularly to a kind of more cross-platform Zero Knowledges of data providing encryption data Method of calibration, traction processing apparatus and computer storage medium.

Background technique

Zero-knowledge proof (Zero-Knowledge Proof), be by S.Gold wasser, S.Micali and C.Rackoff is proposed in early 1980s.It refer to certifier can not provided to verifier it is any useful In the case where information, verifier is made to believe that some judgement is correct.Zero-knowledge proof is substantially that one kind is related to two sides or more The series of steps that multi-party agreement, i.e. two sides or more are taken needed for just accomplishing a task.Certifier proves to verifier And believe it and oneself know or possess a certain message, but proof procedure cannot be leaked to verifier it is any about being proved to message Information.

Currently, zero-knowledge proof technology be related to the more important field of data safety using more and more, however, In Be related in the zero knowledge proof of encryption data, existing technology usually only support a data providing encryption data (for example, Encrypting transactions data in one account book) zero knowledge proof, currently on the market not to encryption data carry out Zero Knowledge four fundamental rules The highly effective algorithm of the verifying of operation (+- * /), more to more than two independent data storage systems, (independent data is not stored System can be the third-party platforms such as block chain network, distributed data base, cloud server, distributed system) data into The Zero Knowledge for the ciphertext arithmetic that row store across data verifies, those skilled in the art do not recognize yet can to two with The data of upper independent data storage system carry out cross-platform ciphertext arithmetic and realize Zero Knowledge verification.This state of the art makes Much a data providing can not verify mutually respective encryption data, and this problem especially seems very tight in block chain field Weight, because can be related to, there are multiple data providings, and are unwilling shared data between data providing but wish to mutually Mutually verification data.

Therefore, how cross-platform ciphertext arithmetic is carried out with reality to the data of more than two independent data storage systems Existing Zero Knowledge verification, realizes that multiple data providings verify mutually respective encryption data, and then ensuring the same of data safety The encryption data Zero Knowledge of the multiple data providings of Shi Shixian verifies, and has become a technical problem urgently to be resolved.

Summary of the invention

In view of the foregoing, the present invention provide a kind of cross-platform Zero Knowledge method of calibration of more data providing encryption datas, Traction processing apparatus and computer storage medium, main purpose are to realize that multiple data mention while ensuring data safety The encryption data Zero Knowledge of supplier verifies.

To achieve the above object, the present invention provides a kind of more cross-platform Zero Knowledge verification sides of data providing encryption data Method, for this method based on the trading processing agreement for supporting multi-party cross-platform transaction, which includes the use of the first user The collaboration of the user terminal of family terminal and second user, alternatively, the trading processing agreement includes the first independent data storage system With the collaboration of the second independent data storage system, this method comprises:

One transaction request is initiated to the first account book of the first independent data storage system in the user terminal of the first user Afterwards, the trading processing agreement obtain the first independent data storage system the first account book and the second independent data storage system the The parameter transaction corresponding with the transaction request of two account books, wherein first the first account book of user management, second user management second Account book, the parameter transaction include the update share ciphertext of the first account book, the verification share ciphertext of the second account book, real trade part Exchange rate ciphertext between volume ciphertext and the first account book and the second account book does not proofread verification share ciphertext；

The trading processing agreement is according to the parameter transaction corresponding with the transaction request of acquisition, to the first account book and the second account Transaction corresponding with the parameter transaction carries out preset kind legitimate verification between this, and logical in preset kind legitimate verification Later, account data of first user in the first account book, the default class are updated with the corresponding share ciphertext that updates of the first account book Type legitimate verification include corresponding with the transaction request verification share of verifying whether the real trade share phase with the second account book Deng.

In addition, to achieve the above object, the present invention also provides a kind of traction processing apparatus, which is characterized in that the device packet Memory and processor are included, is stored in the memory and supports the multi-party trading processing agreement of cross-platform transaction corresponding with described Transaction processing program, can be realized when the transaction processing program is executed by the processor and realize that more data providings add The step of ciphertext data cross-platform Zero Knowledge method of calibration.

In addition, to achieve the above object, the present invention also provides a kind of computer readable storage mediums, which is characterized in that institute State in computer readable storage medium include transaction processing program, when the transaction processing program is executed by processor, it can be achieved that The step of more data providing encryption datas cross-platform Zero Knowledge method of calibration.

The cross-platform Zero Knowledge method of calibration of more data providing encryption datas proposed by the present invention, traction processing apparatus and meter Calculation machine storage medium carries out cross-platform ciphertext arithmetic to the data of more than two independent data storage systems to realize zero Knowledge check realizes that multiple data providings verify mutually respective encryption data, and then real while ensuring data safety The encryption data Zero Knowledge verification of existing multiple data providings.

Detailed description of the invention

Fig. 1 is the process of the more cross-platform Zero Knowledge method of calibration preferred embodiments of data providing encryption data of the present invention Figure；

Fig. 2 is the schematic diagram of traction processing apparatus preferred embodiment of the present invention；

Fig. 3 is the architecture diagram of traction processing apparatus preferred embodiment of the present invention；

Fig. 4 is the schematic diagram of the user terminal preferred embodiment of the first user in Fig. 3；

Fig. 5 is the schematic diagram of the user terminal preferred embodiment of second user in Fig. 3.

The embodiments will be further described with reference to the accompanying drawings for the realization, the function and the advantages of the object of the present invention.

Specific embodiment

It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not intended to limit the present invention.

The present invention provides a kind of cross-platform Zero Knowledge method of calibration of more data providing encryption datas.

Shown in referring to Fig.1, preferably implement for the more cross-platform Zero Knowledge methods of calibration of data providing encryption data of the present invention The flow chart of example.

In more cross-platform one embodiments of Zero Knowledge method of calibration of data providing encryption data of the present invention, this method is based on Support that the trading processing agreement of multi-party cross-platform transaction, the trading processing agreement include that the user terminal of the first user and second are used The collaboration of the user terminal at family, alternatively, the trading processing agreement includes the first independent data storage system and the second independent data The collaboration of storage system, this method comprises:

Step S1 initiates a friendship to the first account book of the first independent data storage system in the user terminal of the first user Easily after request, which obtains the first account book and the second independent data storage system of the first independent data storage system The parameter transaction corresponding with the transaction request of second account book of system, wherein first the first account book of user management, second user pipe The second account book is managed, the parameter transaction includes the update share ciphertext of the first account book, verification share ciphertext, the reality of the second account book Exchange rate ciphertext between trade share ciphertext and the first account book and the second account book does not proofread verification share ciphertext；

Step S2, the trading processing agreement is according to the parameter transaction corresponding with the transaction request of acquisition, to the first account book And second transaction corresponding with the parameter transaction between account book carry out preset kind legitimate verification, and it is legal in preset kind Property be verified after, update account data of first user in the first account book, institute with the corresponding share ciphertext that updates of the first account book State preset kind legitimate verification include corresponding with the transaction request verification share of verifying whether the practical friendship with the second account book Easy share is equal.

Before being illustrated to the present invention program, the algorithm used is illustrated.

Above-mentioned independent data storage system: block chain network, distributed data base, cloud server, distribution are referred to The third-party platforms such as system.

Bilinear map: for arbitrary g1 ∈ G1；g2∈G2；A, b ∈ Zp have e (g1^a, g2^b)=e (g1, g2) ^ab is set up.Wherein, e is known as bilinear map.The present invention does not limit g1 and g2 sequence, and g1 can be equal to g2.For convenience Statement is described below and is all presented with e (g^a, g^b)=e (g, g) ^ab.

Discrete logarithm: known finite cyclic group G=<g>g^n | k=0,1,2 ..., and its generate member g and rank n=| G |, there are h=g^n in the operation of discrete logarithm problem, wherein g is base, due to the complexity of discrete logarithm problem, is difficult The value of Integer n is calculated in the case where knowing h and g.Therefore, the computing environment involved in the present invention is based on elliptic curve Operation, in elliptic curve, base is that a point is not several.

Susan Pedersen promises to undertake (Pedersen Commitment) Encryption Algorithm: under the computing environment of discrete logarithm problem, a For original text, x is key, ciphertext a '=g^a*h^x encrypted to a, wherein g and h respectively represent a base, h=g^n.Susan Pedersen Promise to undertake that algorithm has additive homomorphism characteristic and can be used as the parameter in bilinear map formula (the input factor).

Additive homomorphism Encryption Algorithm: having additive homomorphism characteristic, i.e. R and S are domains, and Encryption Algorithm E:R → S has addition same Step response, then if there is efficient algorithm ⊕, so that E (x+y)=E (x) ⊕ E (y) or x+y=D (E (x) ⊕ E (y)) is set up； And the value obtained after Encryption Algorithm encryption can be used as the parameter (the input factor) in bilinear map, i.e. e (g1^a, g2^b) In g1^a or g2^b.

In order to which the above steps of this method is explained more in detail, in the present embodiment, with the transaction For processing protocol includes the collaboration of the user terminal of the first user and the user terminal of second user, and to be asked with the transaction Seeking the corresponding parameter transaction includes the corresponding update share ciphertext tz1 of the first account book；Second account book is corresponding not to proofread school Test share ciphertext psm, verification share ciphertext ps, share comparison key p_sk, correction parameter signature i_sig；Second account book Corresponding real trade share ciphertext tz2, the second account book real trade share account address t2_address etc. for carry out Illustrate, those skilled in the art, which work as, to be known, the invention thought that the content of following specific embodiments is not intended to restrict the invention, ability Field technique personnel can carry out content diverging and extension appropriate according to following embodiment detailed descriptions easily.

T0: any user terminal receives the exchange rate and exchange rate key of corresponding first account book, and utilizes received exchange Rate and exchange rate key obtain exchange rate ciphertext with the first formula.

It should be noted that above-mentioned exchange rate can be and arrange in advance, it can be and determined when transaction, be also possible to come From third-party parameter；The first user that above-mentioned exchange rate ciphertext can be the first account book of the first independent data storage system is single Side determines and inputs the first independent data storage system by the user terminal of the first user, is also possible to the second independent data and deposits The second user of second account book of storage system and the first user negotiate to determine and input the storage of the first independent data by the first user System, the first independent data storage system can also be inputted by trusted third party.

In the present embodiment, the first user or third party generate exchange rate, and storage first is stored in after exchange rate is encrypted In first independent data storage system of account book, independent data that is any suitable, obtaining for third party can also be stored in In storage system.If the exchange rate is generated by third party and encrypts storage into the first independent data storage system, The third party needs to pass to key the user terminal of the first user.

In the present embodiment, above-mentioned first formula can promise to undertake Encryption Algorithm formula for Susan Pedersen.Above-mentioned first formula are as follows: Er=g^e*h^r, wherein g and h respectively represents a predetermined base, and h=g^n, er indicate exchange rate ciphertext, and r indicates to exchange Rate key, e indicate exchange rate.

The user terminal of T1: the first user, which receives and responds first the first account book of Client-initiated, updates transaction request, and The corresponding update share key of the first account book is generated, share and generation are updated according to corresponding first account book of the update transaction request The corresponding update share key of the first account book, generate the corresponding update share ciphertext of the first account book.

For example, it is that the corresponding account book of a transaction updates request, above-mentioned first account that above-mentioned first account book, which updates transaction request, This corresponding update share ciphertext is the corresponding trade share ciphertext of the transaction.

It (is handed over if the user terminal of the first user initiates a transaction to the first account book of the first independent data storage system Easy share encryption), the update share ciphertext tz1 of the first account book can be created that by the second formula.

In one embodiment of the invention, second formula can be with are as follows: tz1=g^t1*h^z1.

The user terminal of T2: the first user updates share according to the first account book, exchange rate, exchange rate key, updates share Key calculates the verification share ciphertext and verification share ciphertext of the corresponding second account book transaction of update share ciphertext of the first account book Corresponding verification share key, and calculated verification share ciphertext and verification share key are sent to the second independent data and deposited The user terminal of the second user of second account book of storage system, wherein the first account book and the second account book respectively represent two it is different Business datum account book.

Optionally, the first independent data storage system can also go out according to the update share and exchange rate calculation of the first account book The verification share of calculating is sent to the of the second account book of the second independent data storage system by the corresponding verification share of two account books Two users.

It should be noted that the first independent data storage system and the second independent data storage system have been pre-created 3 A base is g, h, i respectively.G is common parameter, h and i be a trusted third party or the collaboration setting of multiple trusted third party and on It reaches in the first independent data storage system and the second independent data storage system.Specifically, trusted third party generates one Random number α, and it is based on pre-set base g, by h=g^ α, h and i is calculated in i=h^ α=g^ α α.

The user terminal of first user can calculate with the first account book trade corresponding second account book trade share it is close Literary (i.e. the verification share ciphertext of the second account book), and the verification share ciphertext is issued second user, the verification share ciphertext and Should be in the practical correspondence real trade share carried out of the second account book it is the same, only the key of ciphertext is different, such as Two encryption shares of fruit are equal, then second user can produce one prove to prove that the first user calculates second The share of account book trade share ciphertext is equal to the share of corresponding second account book trade share ciphertext.

In the present embodiment, the user terminal of the first user can be by the verification share ciphertext of the second account book calculated Ps and verification share key s are sent to second user, and second user compares the verification in the verification share ciphertext ps of the second account book Whether share p is equal to the real trade share t2 of the second account book.It represents and is verified successfully if being equal to, second uses after verifying successfully Family will verify successful share comparison signature p_sig and issue the first user.

Wherein, the verification share ciphertext ps of the second account book can be calculated by third formula, and above-mentioned third formula can With are as follows:

Ps=g^p*h^s=g^et1*h^ (ez1+rt1), in which: p=et1；S=ez1+rt1.

The specific Computing Principle that above-mentioned third formula is realized is:

Pass through update share ciphertext tz1=g^t1*h^z1=g^ (t1+ α z1), the exchange rate ciphertext er=g^ of the first account book E*h^r=g^ (e+ α r) extrapolates the verification share ciphertext of uncorrected second account book are as follows:

Psm=e (er, tz1)=e (g^ (e+ α r), g^ (t1+ α z1))

=e (g, g) ^ (e+ α r) (t1+ α z1)

=e (g, g) ^ (et1+ α ez1+ α rt1+ α α rz1)

~g^et1*g^ α ez1*g^ α rt1*g^ α α rz1

~g^et1*h^ (ez1+rt1) * i^rz1

Since the encryption share formula on all account books is created by g and h basic point, so it is close not correct verification share Wen Yaoyong correction parameter public key i_pk=i^rz1 disposes i basic point noise, to obtain the verification share ciphertext ps of the second account book:

Ps=psm/i_pk

=g^et1*h^ (ez1+rt1) * i^rz1/i^rz1

=g^et1*h^ (ez1+rt1)

With this available verification share motion p and verification share key motion s:p=et1；S=ez1+rt1.And then it can To obtain ps=g^et1*h^ (ez1+rt1)=g^p*h^s.

The user terminal of first user is based on the first independent data storage system, and verification share ciphertext ps, verification share is close Key s, and the real trade share account address t2_address to be compared are sent to the second of the second independent data storage system The user terminal of the second user of account book.Optionally, the user terminal of the first user is based on the first independent data storage system also Verification share p can be calculated and be sent to the user terminal of the second user of the second account book of the second independent data storage system.

The user terminal of T3: the first user calculates correction parameter private key i_sk.Any third party may serve to prove Verification share ciphertext ps and do not proofread verification share ciphertext psm encrypt share be as.

The effect of the correction parameter private key i_sk is: verifying the verification share ciphertext ps for third party is (also only It is) it removes and does not proofread verification share ciphertext psm after i basic point parameter (share of described two parameters encryption is equal).

In the present embodiment, the first user is based on following 4th formula and obtains correction parameter private key i_sk, as private Key is digitally signed to obtain corresponding correction parameter signature i_sig to verification share ciphertext ps.When third party needs to authenticate When, the correction parameter that any third party can be obtained by the signature i_sig of correction parameter and based on following 5th formula is public Key i_pk come verify verification share ciphertext ps and do not proofread verification share ciphertext psm encrypt share whether be as.

4th formula can be with are as follows: i_sk=r*z1=rz1

5th formula can be with are as follows: i_pk=psm/ps=i^rz1

Wherein, rz1 represents the numerical value of correction parameter private key i_sk, if the user terminal of the first user knows rz1 numerical value, The signature i_sig of correction parameter can be produced with it.And any third party can be calculated by above-mentioned 5th formula Correction parameter public key i_pk is used to verify the signature i_sig of correction parameter.

T4: after the user terminal of second user receives the verification request of the second account book trade share, according to verification share ciphertext Ps and corresponding verification share key s calculate the corresponding verification share p of the second account book, and whether more calculated verification share Real trade share t2 corresponding with the second account book is equal, close according to verification share key s and real trade share if equal Key z2, calculates share comparison private key p_sk, and by the share comparison key p_sk and real trade share of generation Ciphertext tz2 is sent to the user terminal of the first user of the first independent data storage system.

In the present embodiment, the user terminal of second user can be according to verification share ciphertext ps and corresponding verification share Key s, and calculate the corresponding verification share p of the second account book.

In the present embodiment, the user terminal of second user can be according to the real trade share account address to be compared T2_address finds real trade share ciphertext tz2.

In the present embodiment, the user terminal of second user can be according to verification share ciphertext ps key and real trade part Volume ciphertext tz2 calculates share comparison public key p_pk based on following 6th formula, and according to verification share key s and reality Border trade share key z2 calculates share comparison private key p_sk based on following 7th formula:

6th formula can be with are as follows: p_pk=ps/tz2

7th formula can be with are as follows: p_sk=s-z2

The principle of calculating are as follows: if verification share p is equal to real trade share t2 (i.e. tz2=g^t2*h^z2):

P_pk=ps/tz2

=(g^p*h^s)/g^t2*h^z2

=g^ (p-t2) * h^ (s-z2)

=h^ (s-z2) (is explained: if p=t2, g point are eliminated)

Wherein, (s-z2) indicates share comparison private key p_sk.

If p2 ≠ s2, dispersed accumulation problem ensures that user two can not extrapolate p_sk；Equally, without exchange rate The user terminal of second user can not also analyze the corresponding update share of the first account book.

It is after calculating share comparison private key p_sk, share comparison private key p_sk and real trade share is close Literary tz2 issues the user terminal of the first user.

Preferably, before p_sk and tz2 are issued first user's user terminal, the user terminal of second user issues instruction To the first independent data storage system, allow the first independent data storage system to real trade share account address t2_address It is saved with real trade share ciphertext tz2 permanent backup.Third party can find, the share comparison private key p_ is provided Sk corresponding t2_address and tz2.

The user terminal of T5: the first user stores to the first data and initiates transaction request, the first independent data storage system After the parameter transaction for receiving all first preset kinds, according to the parameter transaction having received to the first account book and the second account book Between corresponding with parameter transaction transaction carry out preset kind legitimate verification, and pass through in preset kind legitimate verification Afterwards, the first user is updated in the account data of the first account book with the corresponding share ciphertext that updates of the first account book.

It is understood that the check logic is in intelligence if the first independent data storage system is block catenary system It is executed on contract.

In the present embodiment, the parameter transaction of first preset kind includes: that the corresponding update share of the first account book is close Literary tz1, the corresponding verification share ciphertext ps of the second account book transaction, the corresponding share comparison key p_ of the second account book transaction Trade corresponding correction parameter public key i_pk, the second account book of sk, the second account book is traded corresponding correction parameter signature i_sig, the The real trade share account address t2_address of the real trade share ciphertext tz2 of two account books, the second account book.

In the present embodiment, the preset kind legitimate verification includes: verifying the second account corresponding with the transaction request Whether this verification share is equal with the real trade share of the second account book.It specifically includes:

Share ratio is obtained according to the 6th calculation formula, the verification share ciphertext and the real trade share cryptogram computation To verification public key, and share is obtained according to the 7th calculation formula, verification share key and real trade share cipher key calculation and is compared Verify private key；

It is whether corresponding with share comparison public key according to the 8th formal test share comparison private key, if so, should The verification share of corresponding second account book of transaction request is equal with the real trade share of the second account book, and judgement is verified.

Wherein, the 8th formula are as follows:

P_pk==h^p_sk

~h^ (s-z2)==h^ (s-z2)

It explains: p_pk=ps/tz2

=(g^p*h^s)/g^t2*h^z2

=g^ (p-t2) * h^ (s-z2)

=h^ (s-z2)

If p==t2, g point are eliminated, so only verifying share p and the second account in the user terminal of the first user In the case that this practical verification share t2 is equal, the user terminal of second user is likely to provide public with share comparison The corresponding share comparison key p_sk of key p_pk.

In other embodiments, the preset kind legitimate verification further include: it is close not proofread verification share described in verifying Whether text generates according to the update share ciphertext and the exchange rate ciphertext.It specifically includes:

Check whether correction parameter signature is signed and issued by the corresponding correction parameter private key of correction parameter public key；

If so, regenerating according to the 9th formula, the verification share ciphertext and the correction parameter public key and not proofreading school Test share ciphertext, and according to the verifying of the tenth formula it is described do not proofread verification share ciphertext whether according to the updates share ciphertext with The exchange rate ciphertext generates, if so, judgement is verified.

By checking whether correction parameter signature i_sig is by the corresponding correction parameter private key i_ of correction parameter public key i_pk What sk was signed and issued, to prove that transaction initiator knows the parameter value on basic point i really.

9th formula are as follows: psm=ps*i_pk=ps*i^rz1

Tenth formula are as follows: whether the following amphicheirality of verifying is equal to formula,

E (g, psm)==e (tz1, er)

It explains: if equal, representing:

E (g, psm)=e (g, g^et1*h^ (ez1+rt1) * i^rz1)

=e (g, g^et1*g^ α ez1*g^ α rt1*g^ α α rz1)

=e (g, g^ (et1+ α ez1+ α rt1+ α α rz1))

=e (g, g) ^ (et1+ α ez1+ α rt1+ α α rz1)

E (tz1, er)=e (g^t1*h^z1, g^e*h^r)

=e (g, g) ^ (et1+ α ez1+ α rt1+ α α rz1)

It can be seen that the left half of and right one side of something of equation should be equal.

If all preset kind legitimate verifications pass through, the first independent data storage system can pass through the following the tenth One formula updates the corresponding update share ciphertext tz1 of the first account book onto the first user account on the first account book.

For example, the first user account remaining sum ciphertext is ax1, the first user account remaining sum ciphertext is ax1 ' after update, in which: Ax1=g^a1*h^x1；

11st formula are as follows:

Ax1 '=ax1*tz1

=g^a1*h^x1*g^t1*h^z1

=g^ (a1+t1) * h^ (x1+z1)

Preferably, the parameter transaction of the preset kind is also recorded in the storage of the first independent data.Any third party is The legitimacy of the first account book transaction can be verified by the parameter transaction of the preset kind.

T6: any third-party user terminal can be tested by the parameter transaction of the second preset kind at any time Demonstrate,prove the legitimacy of the first account book transaction.

When the user terminal of a third party user needs to verify the transaction, need to store and second from the first data Data storage obtains parameter transaction and carries out Accuracy Verification.Parameter transaction includes that the second preset kind of the first data storage is handed over The real trade share ciphertext tz2 of easy parameter and the storage of the second data.Verification step includes:

First independent data storage system is receiving the second preset kind transaction that the third-party user terminal sends After parameter acquisition request, the second preset kind parameter transaction corresponding with the acquisition request of storage is sent to the third party；

Second independent data storage system is in the reality with the second account book for receiving third-party user terminal and sending After the acquisition request of the real trade share ciphertext tz2 of trade share account address t2_address, by the reality of the second account book The real trade share ciphertext tz2 of trade share account address is sent to the third-party user terminal；

The third method, subscriber terminal is preset according to the real trade share ciphertext of acquisition and the acquisition request corresponding second Type transactions parameter carries out preset kind Accuracy Verification.

In the present embodiment, the second preset kind parameter transaction includes: exchange rate ciphertext er, updates share ciphertext Tz1, verification share ciphertext ps, correction parameter public key i_pk, correction parameter signature i_sig, share comparison key p_sk.

The preset kind Accuracy Verification includes: whether verifying verification share ciphertext ps updates according to the first account book is corresponding Share ciphertext tz1 and exchange rate ciphertext er is generated；Verifying verification share p and the second account book real trade share t2 is equal.

Preferably, the parameter transaction further includes exchange rate ciphertext corresponding with the transaction request, does not proofread verification share Ciphertext, the update share ciphertext of the first account book, the preset kind legitimate verification further include:

Verifying does not proofread whether verification share ciphertext generates according to the update share ciphertext and exchange rate ciphertext of the first account book.

The present invention also proposes a kind of traction processing apparatus.Referring to shown in Fig. 2, preferably implement for traction processing apparatus of the present invention The schematic diagram of example.

In the present embodiment, traction processing apparatus 1 is suitable for above-mentioned more cross-platform Zero Knowledges of data providing encryption data Method of calibration, the traction processing apparatus 1 include: memory 11, processor 12 and network interface 13.

Wherein, memory 11 include at least a type of readable storage medium storing program for executing, the readable storage medium storing program for executing include flash memory, Hard disk, multimedia card, card-type memory (for example, SD or DX memory etc.), magnetic storage, disk, CD etc..Memory 11 It can be the internal storage unit of the traction processing apparatus 1 in some embodiments, such as the traction processing apparatus 1 is hard Disk.Memory 11 is also possible to the External memory equipment of the traction processing apparatus 1, such as the transaction in further embodiments The plug-in type hard disk being equipped in processing unit 1, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card (Flash Card) etc..Further, memory 11 can also both include that the trading processing fills The internal storage unit for setting 1 also includes External memory equipment.

Memory 11 can be not only used for the application software and Various types of data that storage is installed on the traction processing apparatus 1, example Such as, transaction processing program 10 corresponding with the multi-party trading processing agreement of cross-platform transaction of the support etc., can be also used for temporarily When store the data that has exported or will export.

Processor 12 can be in some embodiments a central processing unit (Central Processing Unit, CPU), controller, microcontroller, microprocessor or other data processing chips, the program for being stored in run memory 11 Code or processing data, for example, transaction processing program corresponding with the multi-party trading processing agreement of cross-platform transaction of the support 10 etc..

Network interface 13 optionally may include standard wireline interface and wireless interface (such as WI-FI interface), be commonly used in Communication connection is established between the traction processing apparatus 1 and other electronic equipments, for example, minutes manager and minutes The terminal that inquiry uses.The component 11-13 of traction processing apparatus 1 is in communication with each other by communication bus.

Fig. 2 illustrates only the traction processing apparatus 1 with component 11-13, it will be appreciated by persons skilled in the art that figure Structure shown in 4 does not constitute the restriction to traction processing apparatus 1, may include less than diagram or more components, or Person combines certain components or different component layouts.

It is the architecture diagram of traction processing apparatus preferred embodiment of the present invention referring to shown in Fig. 3.

In the present embodiment, the traction processing apparatus 1 includes: the user terminal 2 of the first user and the use of second user Family terminal 3.Wherein, the first user manages the first account book by the user terminal 2 of the first user, and second user passes through second user User terminal 3 manage the second account book, the first anticipatory remark is stored in the first independent data storage system, and the second account book data are stored in Second independent data storage system.The user terminal 2 of first user and the user terminal 3 of second user are based on supporting multi-party The trading processing agreement of cross-platform transaction carries out cooperating.

It is the schematic diagram of the user terminal preferred embodiment of the first user in Fig. 3 referring to shown in Fig. 4.

In the present embodiment, the user terminal 2 of the first user can be server, smart phone, tablet computer, portable meter The terminal device having data processing function such as calculation machine, desktop PC.

The user terminal 2 of first user includes first memory 21, second processor 22 and first network interface 23, described The first transaction processing program 20 is stored in first memory 21.

Wherein, first memory 21 includes at least a type of readable storage medium storing program for executing, and the readable storage medium storing program for executing includes Flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory etc.), magnetic storage, disk, CD etc..The One memory 21 can be the internal storage unit of the user terminal 2 of first user in some embodiments, for example, this The hard disk of the user terminal 2 of one user.First memory 21 is also possible to the use of first user in further embodiments The plug-in type hard disk being equipped on the External memory equipment of family terminal 2, such as the user terminal 2 of first user, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card (Flash Card) etc..Into One step, first memory 21 can also both internal storage units of the user terminal 2 including first user or including outside Store equipment.

First memory 21 can be not only used for storage and be installed on the application software of user terminal 2 of first user and each Class data, for example, first transaction processing program 20 etc., can be also used for temporarily storing the number that has exported or will export According to.

First processor 22 can be in some embodiments a central processing unit (Central Processing Unit, CPU), controller, microcontroller, microprocessor or other data processing chips store in first memory 21 for running Program code or processing data, for example, first transaction processing program 20 etc..

First network interface 23 optionally may include standard wireline interface and wireless interface (such as WI-FI interface), usually For establishing communication connection between the user terminal 2 and other electronic equipments of first user, for example, the user of second user Terminal.The component 21-23 of the user terminal 2 of first user is in communication with each other by communication bus.

Fig. 4 illustrates only the user terminal 2 of the first user with component 21-23, it will be appreciated by those skilled in the art that , the structure shown in Fig. 4 do not constitute the restriction to the user terminal 2 of the first user, may include than illustrate it is less or More components perhaps combine certain components or different component layouts.

Optionally, the user terminal 2 of first user can also include user interface, and user interface may include display (Display), input unit such as keyboard (Keyboard), optional user interface can also include standard wireline interface, Wireless interface.

Optionally, in some embodiments, display can be light-emitting diode display, liquid crystal display, touch control type LCD and show Device and Organic Light Emitting Diode (Organic Light-Emitting Diode, OLED) touch device etc..Wherein, display It is properly termed as display screen or display unit, for being shown in the information handled in the user terminal 2 of the first user and for showing Show visual user interface.

It referring to Figure 5, is the schematic diagram of the user terminal preferred embodiment of second user in Fig. 3.

The user terminal 3 of second user includes second memory 31 and second processor 32, in the second memory 31 It is stored with the second transaction processing program 30.

In the present embodiment, the user terminal 3 of second user can be server, smart phone, tablet computer, portable meter The terminal device having data processing function such as calculation machine, desktop PC.

The user terminal 3 of second user includes second memory 31, second processor 22 and the second network interface 33, described The second transaction processing program 30 is stored in second memory 31.

Wherein, second memory 31 includes at least a type of readable storage medium storing program for executing, and the readable storage medium storing program for executing includes Flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory etc.), magnetic storage, disk, CD etc..The Two memories 31 can be the internal storage unit of the user terminal 3 of the second user in some embodiments, for example, this The hard disk of the user terminal 3 of two users.Second memory 31 is also possible to the use of the second user in further embodiments The plug-in type hard disk being equipped on the External memory equipment of family terminal 3, such as the user terminal 3 of the second user, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card (Flash Card) etc..Into One step, second memory 31 can also both internal storage units of the user terminal 3 including the second user or including outside Store equipment.

Second memory 31 can be not only used for storage and be installed on the application software of user terminal 3 of the second user and each Class data, for example, second transaction processing program 30 etc., can be also used for temporarily storing the number that has exported or will export According to.

Second processor 32 can be in some embodiments a central processing unit (Central Processing Unit, CPU), controller, microcontroller, microprocessor or other data processing chips store in second memory 31 for running Program code or processing data, for example, second transaction processing program 30 etc..

Second network interface 23 optionally may include standard wireline interface and wireless interface (such as WI-FI interface), usually For establishing communication connection between the user terminal 3 and other electronic equipments of the second user, for example, the user of the first user Terminal.The component 31-33 of the user terminal 3 of second user is in communication with each other by communication bus.

Fig. 5 illustrates only the user terminal 3 of the second user with component 31-33, it will be appreciated by those skilled in the art that , the structure shown in Fig. 5 do not constitute the restriction to the user terminal 3 of second user, may include than illustrate it is less or More components perhaps combine certain components or different component layouts.

Optionally, the user terminal 3 of the second user can also include user interface, and user interface may include display (Display), input unit such as keyboard (Keyboard), optional user interface can also include standard wireline interface, Wireless interface.

Optionally, in some embodiments, display can be light-emitting diode display, liquid crystal display, touch control type LCD and show Device and Organic Light Emitting Diode (Organic Light-Emitting Diode, OLED) touch device etc..Wherein, display It is properly termed as display screen or display unit, for being shown in the information handled in the user terminal 3 of second user and for showing Show visual user interface.

The specific implementation of the user terminal of the traction processing apparatus of the present invention, the user terminal of the first user and second user Mode is roughly the same with the specific embodiment of above-mentioned more cross-platform Zero Knowledge methods of calibration of data providing encryption data, herein It repeats no more.

In addition, the embodiment of the present invention also proposes a kind of computer readable storage medium, the computer readable storage medium In include supporting the corresponding transaction processing program 10 of the multi-party trading processing agreement of cross-platform transaction with described, it is described with the branch It holds when the corresponding transaction processing program 10 of trading processing agreement of multi-party cross-platform transaction is executed by processor and realizes as described more The step of data providing encryption data cross-platform Zero Knowledge method of calibration.

The specific embodiment of the computer readable storage medium of the present invention and above-mentioned more data providing encryption datas across The specific embodiment of platform Zero Knowledge method of calibration is roughly the same, and details are not described herein.

The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.

It should be noted that, in this document, the terms "include", "comprise" or its any other variant are intended to non-row His property includes, so that the process, device, article or the method that include a series of elements not only include those elements, and And further include other elements that are not explicitly listed, or further include for this process, device, article or method institute it is intrinsic Element.In the absence of more restrictions, the element limited by sentence "including a ...", it is not excluded that including being somebody's turn to do There is also other identical elements in the process, device of element, article or method.

Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side Method can be realized by means of software and necessary general hardware platform, naturally it is also possible to by hardware, but in many cases The former is more preferably embodiment.Based on this understanding, technical solution of the present invention substantially in other words does the prior art The part contributed out can be embodied in the form of software products, which is stored in one as described above In storage medium (such as ROM/RAM, magnetic disk, CD), including some instructions are used so that terminal device (it can be mobile phone, Computer, server or network equipment etc.) execute method described in each embodiment of the present invention.

The above is only a preferred embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair Equivalent structure or equivalent flow shift made by bright specification and accompanying drawing content is applied directly or indirectly in other relevant skills Art field, is included within the scope of the present invention.