Research On Data Privacy And Security Protection Mechanism On Consortium Blockchain

Consortium blockchain has been applied to various fields,and it has become the main solution for data sharing across companies and organizations.However,due to the inherent characteristic of transparency and traceability,the privacy and confidentiality of data on consortium blockchain is easily to be violated when the blockchain system is deployed and operating.In order to address this problem,this paper conducts research on the data privacy and security protection mechanism on consortium blockchain according to different application scenarios.Starting from the above research,two methods for addressing the onchain data privacy and confidentiality issues are proposed in this paper.The following three aspects are specific work.(1)In application scenarios such as security supervision based on consortium blockchain,blockchain members demand that the uploaded data could be audited based on data range under their identities,and the data cannot be disclosed.To solve the auditing problem of private data on the chain,this paper proposes the advanced solution of privacypreserving data auditing for consortium blockchains based on zero-knowledge range proof.This method combines the non-interactive zero-knowledge range proof(i.e.,Bulletproofs)with the consortium blockchain(i.e.,Hyperledger Fabric)in a weakly coupled manner,and implements the private data audit function of standard range and arbitrary range based on chaincodes.This method supports the zero-knowledge range proofs generation and verification of single-value standard range and arbitrary range.To improve the efficiency,the aggregation proof and batch verification of multi-value standard range and arbitrary range are developed.Furthermore,to broaden multi-party application scenarios,multiparty proofs generation and verification are also implemented.To support further development,this method provides chaincodes,related APIs together with the client codes.Aiming at possible attacks,this method conducts security analysis and implementation to protect the security of on-chain private data and chaincodes.(2)In scenarios such as financial supervision and judicial forensics based on consortium blockchain,normal members want to protect the on-chain secret data while supervision peers want to reveal the on-chain secret data.Key escrow is one of the solutions to this problem,but the current key escrow schemes heavily rely on traditional asymmetric encryption and decryption algorithms that are extremely vulnerable to attacks from quantum computers.Therefore,in order to protect the confidentiality of data on the chain,based on the idea of key escrow and post-quantum cryptography,this paper proposes a supervised secret data sharing method on consortium blockchain.Specifically,this method integrates the post-quantum key encapsulation mechanism algorithms in the third round of the National Institute of Standards and Technology call for national standard,and designs a post-quantum key escrow system on consortium blockchain based on chaincodes.This method is implemented on Hyperledger Fabric,and provides chaincodes as well as related APIs together with client codes for further development by developers.For possible attacks,this method designs a security mechanism and analyzes the secure use of post-quantum cryptography to provide sufficient security for the system.(3)This paper evaluates the performance of the two proposed methods in terms of execution time and on-chain storage space.The results of the first method show that as the total data size grows exponentially,the proof and verification time only grow linearly while the total on-chain storage grows logarithmically.The results of the second method show that the execution time of key steps is kept at the millisecond level,meanwhile the total storage space on the chain is mostly kept within 10 KB.To sum up,the method proposed in this paper can promote the research on the privacy and confidentiality protection of data on consortium blockchain,and has practical significance for promoting the wider application of consortium blockchain.