Blockchain Privacy Protection Scheme Based On Group Signature

Blockchain is a kind of distributed database,which is different from the traditional database,does not need the participation of trusted third-party organizations,and is stored and maintained by multiple nodes,and the data on the chain can only be added and cannot be tampered with.Blockchain can establish a reliable trust relationship for multiple users who do not know each other,and realize data sharing and information transmission among different users.However,because many nodes in the blockchain need to calculate and verify the same data,so the transaction data of users in the blockchain is required to be public.Although this feature increases the transparency and credibility of data,it also brings data privacy problems.That is to say,we can infer the association between the same user's transactions and the user's identity information according to the public user's address information and transaction amount,which will bring incalculable loss to the user.Therefore,based on the alliance chain,this paper attempts to adopt a group signature scheme with both anonymity and good traceability to sign the identity information of both parties of the transaction,and then use the group signature to replace the address information of both parties of the transaction,so as to prevent others from judging the relationship between transactions based on the address information disclosed in the transaction block,causing user's privacy data disclosure,and construct a more secure blockchain transaction framework with privacy protection function(Alliance chain: a kind of blockchain with bookkeeping right only in the hands of some nodes).Firstly,according to the characteristics of transactions in the blockchain,the signature schemes needed in the scheme are studied;Secondly,the privacy protection scheme is constructed by using the proposed signature schemes.The specific research contents are as follows:(1)In order to verify the validity of transaction information and the identity of both parties more safely,based on the analysis and research of two typical signature schemes BB and Waters,this paper proposes an identity-based signature scheme with bilateral security and strongly existentially unforgeable based on the q-SDH difficulty problem on the elliptic curve,and gives the complete proof process under the standard model.Compared with the existing identity-based signature schemes under the standard model,this scheme proposed in this paper has fewer common parameters and higher calculation efficiency,and is more suitable for the validity confirmation of the transaction information and the identity of both parties in the blockchain.(2)In order to obtain a more secure group signature for the identity information of both parties of the transaction and hide the user's transaction information,this paper proposes an efficient group signature scheme with bilateral security based on the discrete logarithm problem on the elliptic curve.By adding random numbers,the scheme breaks the direct relationship between the public and private keys of users and avoids the risk that the revoked members can obtain the private keys of other members through the public key status list.The scheme also designs a private key update scheme that changes with time period,which avoids the tedious process of re-registering into the group and selecting the private key after the private key leaks,and solves the problem that the validity of the previous signatures cannot be determined after the private key leaks,which has certain practical significance for the blockchain with the characteristics of non tamperability.(3)Based on the identity-based signature and group signature scheme described above,a concrete blockchain transaction framework which can protect the privacy of users is constructed.In this scheme,the identity-based signature of multi-key generation center is used to verify the identity of both parties of the transaction and transfer transaction information(including group signature information);Then,the group signature information generated in front is used to replace the address information of both sides of the transaction to generate the transaction block to be broadcast,so as to prevent others from judging the relevance between transactions according to the information in the transaction block,to a certain extent,hide the identity information of both sides of the transaction and the relationship between different transactions of the same user.Moreover,according to the unique nature of group signature,the scheme can trace the identity of both parties when necessary,and has traceability.