Researchers Submit Patent Application, “Zero Knowledge Proof-Based Privacy Protection Method And System For Authenticated Data In Smart Contract”, for Approval (USPTO 20210297255): Shandong University

2021 OCT 07 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- From Washington, D.C., NewsRx journalists report that a patent application by the inventors GUAN, Zhangshuang (Qingdao, China); WAN, Zhiguo (Qingdao, China), filed on November 19, 2019, was made available online on September 23, 2021.

The patent’s assignee is Shandong University (Qingdao, Shandong, People’s Republic of China).

News editors obtained the following quote from the background information supplied by the inventors: “

“Technical Field

“The present disclosure relates to the technical field of blockchains, and more particularly, to a Zero Knowledge Proof (ZKP)-based privacy protection method and system for authenticated data in a smart contract.

“Related Art

“The statements in this section merely provide background techniques related to the present disclosure, and do not necessarily constitute the prior art.

“With the unprecedented success of the cryptocurrency Bitcoin, the rapid development of the blockchain technology has led a new technological wave in the Internet field. As a distributed system without a central server, a blockchain does not rely on the correct execution of any party. Once recorded on the blockchain, data cannot be changed. The tamper-proof nature of the blockchain ensures the integrity of transactions thereon, thus establishing a trust relationship.

“A smart contract is a program running on the blockchain, and its execution must be verified by consensus. The emergence of the smart contract enables the blockchain to handle more complex logic than fund transfers. The combination of the blockchain technology and the smart contract has been applied in many fields such as finance, insurance, notary, real estate, lottery, voting, supply chains, smart grids, medical insurance, Internet of Things, cloud computing and the like.

“When the blockchain is applied to actual scenarios to realize the automatic execution of the smart contract, interaction with the real world is inevitable. The smart contract on the blockchain needs to acquire certain information from the real world as inputs, so as to calculate a result and execute it in accordance with predetermined rules. However, not all the inputs from the real world to the smart contract can be open to the public. For example, the smart contract of medical insurance requires age, occupation, gender and a physical examination report of an insured as inputs. For the protection of privacy, the data cannot be open to the public. On the other hand, even if medical insurance is maintained using a consortium blockchain and an access control mechanism is adopted to prevent privacy leakage, personal medical information will still be leaked to nodes that maintain the consortium blockchain. Therefore, it is of great importance to provide authenticated real data to the smart contract on the blockchain without revealing any privacy so as to ensure the privacy and authenticity of data sent to the blockchain.

“A ZKP refers to a method by which a prover who knows or possesses a certain message can convince a validator that a certain assertion is correct without providing any useful information to the validator. A lot of facts have proved that if the ZKP can be used for data authentication, many problems will be effectively solved. Correspondingly, the latest technologies for the ZKP include zk-SNARKs (zero-knowledge Succinct Non-interactive ARgument of Knowledge), zk-STARKs (zero-knowledge Scalable Transparent ARguments of Knowledge), Bulletproofs and the like. zk-SNARK has been successfully applied to the anonymous digital currency ZeroCash.

“A digital signature is a combination of a public key encryption technology and a digital digest technology. The digital signature is equivalent to a traditional handwritten signature in many respects, and already has legal significance in some countries. A correctly implemented digital signature is more difficult to forge than a handwritten one. In addition, some undeniable digital signature schemes can provide a timestamp, which can ensure the validity of the signature even if the private key is leaked.”

As a supplement to the background information on this patent application, NewsRx correspondents also obtained the inventors’ summary information for this patent application: “In order to overcome the shortcomings of the prior art, the present disclosure provides a ZKP-based privacy protection method for authenticated data in a smart contract, which can ensure the privacy and authenticity of input data and allows everyone to verify the authenticity of the data without leaking sensitive information.

“According to a first aspect, the present disclosure provides a ZKP-based privacy protection method for authenticated data in a smart contract.

“The ZKP-based privacy protection method for authenticated data in a smart contract includes:

“

“initialization step: performing initialization, including inputting a security parameter to obtain a public parameter, and generating, by a trusted Data Authenticator (DA), a public/private key pair;

“key pair generation step: generating a key pair by using the public parameter and a verification circuit as inputs, the key pair including a proof key and a verification key;

“data authentication step: performing authentication on private data of a Decentralized App (DApp) User (DU) by using the private key of the trusted DA, and generating a signature;

“proof generation step: inputting, by a DU prover terminal, the private data serving as an input value and a calculation result and a hash value serving as output values of the verification circuit, and generating, by the DU, a ZKP using the proof key; and

“proof verification step: verifying, by a validator by using the verification key, whether the ZKP is correct or not, and determining that the calculation result is correct if the verification is passed, or determining that the calculation result is wrong if the verification fails; and executing, by the validator, a smart contract based on a result of the verification.

“

“Further, the inputting a security parameter to obtain a public parameter specifically comprises: inputting the security parameter to obtain the public parameter using a ZKP system.

“Further, the security parameter is an integer l.

“Further, the obtaining a public parameter using a ZKP system comprises: obtaining a public parameter pp using ZKP.Setup(1^l) of the ZKP system.

“Further, the generating, by a trusted DA, a public/private key pair comprises: selecting, by the trusted DA, a digital signature mechanism to generate the public/private key pair, and announcing, by the trusted DA, the public key.

“Further, the generating, by a trusted DA, a public/private key pair comprises: selecting, by the trusted DA, a digital signature mechanism p=(KeyGen, Sign, Verify), and running p.KeyGen to generate a public/private key pair (pk_a, sk_a).

“Further, the announcing, by the trusted DA, the public key comprises: announcing, by the trusted DA, (pp, pk_a).

“A plurality of trusted DAs are allowed, that is, private data of a user is authenticated by different DAs, and each DA generates a signature.

“Further, in the generation of a key pair by using the public parameter and a verification circuit as inputs, the verification circuit specifically comprises:

“

“a condition that the private data of the user needs to satisfy, for example, a given insurance condition that private information such as the health status and income of the user needs to satisfy.

“

“Further, the generation of a key pair by using the public parameter and a verification circuit as inputs specifically comprises:

“

“running a ZKP system by using the public parameter and the verification circuit as inputs to generate the key pair.

“

“Further, the generation of a key pair by using the public parameter and a verification circuit as inputs is implemented by a trusted third-party institution or by a trusted process. The trusted third-party institution includes but is not limited to a digital certificate authority, a government department and the like.

“The public parameter and the verification circuit are used as inputs, and a ZKP system is run to generate a key pair. The key pair is allowed to be generated jointly by a plurality of trusted institutions or generated by a trusted process.

“Further, the generation of a key pair by using the public parameter and a verification circuit as inputs specifically comprises: p1 running a ZKP.KeyGen(pp, C) algorithm of a ZKP system by using a public parameter pp and a verification circuit C as inputs to generate a key pair (pk, vk), where the proof key pk is used for generating a proof, and the verification key vk is used for verifying the proof.

“Further, the performing authentication on private data of a DU by using the private key of the trusted DA and generating a signature comprises:

“

“running, by the trusted DA, a DataAuth(sk_a, {right arrow over (x)}) algorithm by using private data {right arrow over (x)} and a signature private key sk_a as inputs, to perform authentication, and generate a signature s_a.

“

“Further, the inputting, by a DU prover terminal, the private data serving as an input value and a calculation result and a hash value serving as output values of the verification circuit comprises:

“

“inputting, by the DU prover terminal, the private data {right arrow over (x)} serving as an input value and a calculation result R and a hash value h serving as output values of the verification circuit C.

“

“Further, the generating, by the DU, a proof comprises: executing, by the DU, a ZKP system to generate the proof.

“Further, the generating, by the DU, a proof comprises: executing, by the DU, a ZKP.Prove (pk, {right arrow over (x)}, R, h) algorithm of the ZKP system to generate a proof p.

“Further, the verifying, by a validator by using the verification key, whether the ZKP is correct or not, and determining that the calculation result is correct if the verification is passed, or determining that the calculation result is wrong if the verification fails includes:

“

“running, by a validator V, a Verify(vk, pk_a, p, R, h, s_a) algorithm to verify whether the proof p is correct or not, and if the verification is passed, determining that the calculation result R is correct, or otherwise determining that the calculation result R is wrong.

“

“According to a second aspect, the present disclosure provides a ZKP-based privacy protection system for authenticated data in a smart contract.

“The ZKP-based privacy protection system for authenticated data in a smart contract includes:

“

“an initialization module, configured to input a security parameter for initialization to obtain a public parameter, and generate a public/private key pair by a trusted DA;

“a key pair generation module, configured to generate a key pair by using the public parameter and a verification circuit as inputs, the key pair including a proof key and a verification key;

“a data authentication module, configured to perform authentication on private data of a DU by using the private key of the trusted DA, and generate a signature;

“a proof generation module, configured to input, by a DU prover terminal, the private data serving as an input value and a calculation result and a hash value serving as output values of the verification circuit, and generate, by the DU, a ZKP using the proof key; and

“a proof verification module, configured to verify, by a validator by using the verification key, whether the ZKP is correct or not, and determine that the calculation result is correct if the verification is passed, or determine that the calculation result is wrong if the verification fails; and execute, by the validator, a smart contract based on a result of the verification.

“

“Further, in the initialization module of the system,

“

“the trusted DA constructs the verification circuit based on the calculation task required by a smart contract-based DApp.

“

“According to a third aspect, the present disclosure also provides an electronic device, which includes a memory, a processor, and computer instructions stored on the memory and executable by the processor. When run by the processor, the computer instructions implement the steps of the method according to the first aspect.

“According to a fourth aspect, the present disclosure also provides a computer-readable storage medium configured to store computer instructions. When run by a processor, the computer instructions implement the steps of the method according to the first aspect.

“Compared with the prior art, the beneficial effects of the present disclosure are as follows:

“1. The technology proposed in the present disclosure ensures the authenticity and privacy of data in a smart contract, and does not leak input data to others, thereby ensuring the authenticity and validity of the input data.

“2. The present disclosure can be applied to various blockchain systems to ensure the authenticity and privacy of data.

“3. In the present disclosure, a proof generated by a user of a service provider is recorded by a blockchain, and any validator can access and verify the proof, thereby achieving real decentralization.”

The claims supplied by the inventors are:

“1. A Zero Knowledge Proof (ZKP)-based privacy protection method for authenticated data in a smart contract, comprising: initialization step: inputting a security parameter to obtain a public parameter, and generating, by a trusted Data Authenticator (DA), a public/private key pair; key pair generation step: generating a key pair by using the public parameter and a verification circuit as inputs, the key pair comprising a proof key and a verification key; data authentication step: performing authentication on private data of a Decentralized App (DApp) User (DU) by using the private key of the trusted DA, and generating a signature; proof generation step: inputting, by a DU prover terminal, the private data serving as an input value and a calculation result and a hash value serving as output values of the verification circuit, and generating, by the DU, a ZKP using the proof key; and proof verification step: verifying, by a validator by using the verification key, whether the ZKP is correct or not, and determining that the calculation result is correct if the verification is passed, or determining that the calculation result is wrong if the verification fails; and executing, by the validator, a smart contract based on a result of the verification.

“2. The method of claim 1, wherein the inputting a security parameter to obtain a public parameter specifically comprises: inputting the security parameter to obtain the public parameter using a ZKP system.

“3. The method of claim 1, wherein the generating, by a trusted DA, a public/private key pair comprises: selecting, by the trusted DA, a digital signature mechanism to generate the public/private key pair, and announcing, by the trusted DA, the public key.

“4. The method of claim 1, wherein a plurality of trusted DAs are allowed, that is, private data of a user is authenticated and signed by different DAs.

“5. The method of claim 1, wherein the generating a key pair by using the public parameter and a verification circuit as inputs specifically comprises: running a ZKP system by using the public parameter and the verification circuit as inputs to generate the key pair.

“6. The method of claim 1, wherein a ZKP system is run to generate a key pair, the key pair being allowed to be generated jointly by a plurality of trusted institutions or generated by a trusted process.

“7. The method of claim 1, wherein the generating, by the DU, a proof comprises: executing, by the DU, a ZKP system to generate a proof.

“8. A Zero Knowledge Proof (ZKP)-based privacy protection system for authenticated data in a smart contract, comprising: an initialization module, configured to perform initialization, comprising inputting a security parameter to obtain a public parameter, and generating a public/private key pair by a trusted Data Authenticator (DA); a key pair generation module, configured to generate a key pair by using the public parameter and a verification circuit as inputs, the key pair comprising a proof key and a verification key; a data authentication module, configured to perform authentication on private data of a Decentralized App (DApp) User (DU) by using the private key of the trusted DA, and generate a signature; a proof generation module, configured to input, by a DU prover terminal, the private data serving as an input value and a calculation result and a hash value serving as output values of the verification circuit, and generate, by the DU, a ZKP using the proof key; and a proof verification module, configured to verify, by a validator by using the verification key, whether the ZKP is correct or not, and determine that the calculation result is correct if the verification is passed, or determine that the calculation result is wrong if the verification fails; and execute, by the validator, a smart contract based on a result of the verification.

“9. An electronic device, comprising a memory, a processor, and computer instructions stored on the memory and executable by the processor, wherein when run by the processor, the computer instructions implement the steps of the method of claim 1.

“10. A computer-readable storage medium, configured to store computer instructions, wherein when run by a processor, the computer instructions implement the steps of the method of claim 1.”

For additional information on this patent application, see: GUAN, Zhangshuang; WAN, Zhiguo. Zero Knowledge Proof-Based Privacy Protection Method And System For Authenticated Data In Smart Contract. Filed November 19, 2019 and posted September 23, 2021. Patent URL: https://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220210297255%22.PGNR.&OS=DN/20210297255&RS=DN/20210297255

(Our reports deliver fact-based news of research and discoveries from around the world.)