P-Chain:使用 SMPC 实现隐私感知智能合约

IF 3.8 2区 计算机科学 Q2 COMPUTER SCIENCE, INFORMATION SYSTEMS Journal of Information Security and Applications Pub Date : 2024-09-03 DOI:10.1016/j.jisa.2024.103872
Yiqing Diao , Ayong Ye , Yuexin Zhang , Ji Zhang , Li Xu
{"title":"P-Chain:使用 SMPC 实现隐私感知智能合约","authors":"Yiqing Diao ,&nbsp;Ayong Ye ,&nbsp;Yuexin Zhang ,&nbsp;Ji Zhang ,&nbsp;Li Xu","doi":"10.1016/j.jisa.2024.103872","DOIUrl":null,"url":null,"abstract":"<div><p>Smart contract, as the representative application of blockchain, has recently fueled extensive research interests from both academia and industry. However, with its wide applications, the weaknesses of smart contract have been gradually revealed. The major barrier to the widespread adoption of smart contract involves concerns about on-chain privacy which refers to the details of input/output privacy. To address privacy concerns, we propose in this paper, P-Chain, a privacy-aware framework for smart contracts of permissioned blockchain to protect sensitive data of users based on Secure Multi-party Computation (SMPC). Unlike existing work that suffer several key drawbacks, including introducing a third party who could get the details of the deal, and high overhead for on-chain and off-chain communication, as well as lacking a privacy protection for output data, we enhance the privacy protection for smart contracts system by adding a new secure multi-party computation layer in P-Chain. Through secure multi-party computing, sensitive inputs of smart contracts are divided into multiple sub-inputs and sent to computing participants for operation respectively, which ensures that each participant can only access part of the user’s information. A stochastic strategy based on <span><math><mrow><mo>(</mo><mi>t</mi><mo>;</mo><mi>n</mi><mo>)</mo></mrow></math></span> threshold secret sharing to select calculating parties is also been proposed, which makes it difficult for an attacker to aggregate <span><math><mi>t</mi></math></span> of <span><math><mi>n</mi></math></span> participants for launching a collusive attack. In addition, we propose the output privacy protection method that makes it possible to reach a consensus without the need to know the output. The extensive experimental evaluation and analysis demonstrate that our scheme enjoys the advantages of calculation correctness, input–output privacy as well as anti-collusion.</p></div>","PeriodicalId":48638,"journal":{"name":"Journal of Information Security and Applications","volume":"86 ","pages":"Article 103872"},"PeriodicalIF":3.8000,"publicationDate":"2024-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"P-Chain: Towards privacy-aware smart contract using SMPC\",\"authors\":\"Yiqing Diao ,&nbsp;Ayong Ye ,&nbsp;Yuexin Zhang ,&nbsp;Ji Zhang ,&nbsp;Li Xu\",\"doi\":\"10.1016/j.jisa.2024.103872\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><p>Smart contract, as the representative application of blockchain, has recently fueled extensive research interests from both academia and industry. However, with its wide applications, the weaknesses of smart contract have been gradually revealed. The major barrier to the widespread adoption of smart contract involves concerns about on-chain privacy which refers to the details of input/output privacy. To address privacy concerns, we propose in this paper, P-Chain, a privacy-aware framework for smart contracts of permissioned blockchain to protect sensitive data of users based on Secure Multi-party Computation (SMPC). Unlike existing work that suffer several key drawbacks, including introducing a third party who could get the details of the deal, and high overhead for on-chain and off-chain communication, as well as lacking a privacy protection for output data, we enhance the privacy protection for smart contracts system by adding a new secure multi-party computation layer in P-Chain. Through secure multi-party computing, sensitive inputs of smart contracts are divided into multiple sub-inputs and sent to computing participants for operation respectively, which ensures that each participant can only access part of the user’s information. A stochastic strategy based on <span><math><mrow><mo>(</mo><mi>t</mi><mo>;</mo><mi>n</mi><mo>)</mo></mrow></math></span> threshold secret sharing to select calculating parties is also been proposed, which makes it difficult for an attacker to aggregate <span><math><mi>t</mi></math></span> of <span><math><mi>n</mi></math></span> participants for launching a collusive attack. In addition, we propose the output privacy protection method that makes it possible to reach a consensus without the need to know the output. The extensive experimental evaluation and analysis demonstrate that our scheme enjoys the advantages of calculation correctness, input–output privacy as well as anti-collusion.</p></div>\",\"PeriodicalId\":48638,\"journal\":{\"name\":\"Journal of Information Security and Applications\",\"volume\":\"86 \",\"pages\":\"Article 103872\"},\"PeriodicalIF\":3.8000,\"publicationDate\":\"2024-09-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Security and Applications\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2214212624001741\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Security and Applications","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2214212624001741","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

智能合约作为区块链的代表性应用,近年来引起了学术界和产业界的广泛研究兴趣。然而,随着智能合约的广泛应用,其弱点也逐渐暴露出来。智能合约广泛应用的主要障碍涉及对链上隐私的担忧,即输入/输出隐私的细节问题。为了解决隐私问题,我们在本文中提出了P-Chain,这是一个隐私感知框架,用于许可区块链的智能合约,以保护基于安全多方计算(SMPC)的用户敏感数据。与现有工作的几个主要缺点不同,包括引入第三方获取交易细节、链上和链下通信开销高以及缺乏对输出数据的隐私保护,我们通过在P-Chain中添加一个新的安全多方计算层来增强智能合约系统的隐私保护。通过安全多方计算,智能合约的敏感输入被分成多个子输入,分别发送给计算参与方进行运算,确保每个参与方只能获取用户的部分信息。我们还提出了一种基于(t;n)阈值秘密共享的随机策略来选择计算参与方,这使得攻击者很难聚合 n 个参与方中的 t 个参与方来发起合谋攻击。此外,我们还提出了输出隐私保护方法,使得在不知道输出的情况下达成共识成为可能。大量的实验评估和分析表明,我们的方案具有计算正确性、输入输出隐私性和防串通等优点。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
P-Chain: Towards privacy-aware smart contract using SMPC

Smart contract, as the representative application of blockchain, has recently fueled extensive research interests from both academia and industry. However, with its wide applications, the weaknesses of smart contract have been gradually revealed. The major barrier to the widespread adoption of smart contract involves concerns about on-chain privacy which refers to the details of input/output privacy. To address privacy concerns, we propose in this paper, P-Chain, a privacy-aware framework for smart contracts of permissioned blockchain to protect sensitive data of users based on Secure Multi-party Computation (SMPC). Unlike existing work that suffer several key drawbacks, including introducing a third party who could get the details of the deal, and high overhead for on-chain and off-chain communication, as well as lacking a privacy protection for output data, we enhance the privacy protection for smart contracts system by adding a new secure multi-party computation layer in P-Chain. Through secure multi-party computing, sensitive inputs of smart contracts are divided into multiple sub-inputs and sent to computing participants for operation respectively, which ensures that each participant can only access part of the user’s information. A stochastic strategy based on (t;n) threshold secret sharing to select calculating parties is also been proposed, which makes it difficult for an attacker to aggregate t of n participants for launching a collusive attack. In addition, we propose the output privacy protection method that makes it possible to reach a consensus without the need to know the output. The extensive experimental evaluation and analysis demonstrate that our scheme enjoys the advantages of calculation correctness, input–output privacy as well as anti-collusion.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Journal of Information Security and Applications
Journal of Information Security and Applications Computer Science-Computer Networks and Communications
CiteScore
10.90
自引率
5.40%
发文量
206
审稿时长
56 days
期刊介绍: Journal of Information Security and Applications (JISA) focuses on the original research and practice-driven applications with relevance to information security and applications. JISA provides a common linkage between a vibrant scientific and research community and industry professionals by offering a clear view on modern problems and challenges in information security, as well as identifying promising scientific and "best-practice" solutions. JISA issues offer a balance between original research work and innovative industrial approaches by internationally renowned information security experts and researchers.
期刊最新文献
Editorial Board Multi-ciphertext equality test heterogeneous signcryption scheme based on location privacy Towards an intelligent and automatic irrigation system based on internet of things with authentication feature in VANET A novel blockchain-based anonymous roaming authentication scheme for VANET Efficient quantum algorithms to break group ring cryptosystems
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1