基于群签名与属性加密的区块链可监管隐私保护方案

区块链技术的去中心化、数据难篡改等特性使其在溯源问题上体现出明显优势，基于区块链的溯源系统可以解决传统系统中信息孤岛、共享程度低以及数据可篡改等问题，从而保证数据的可追溯性。然而，区块链溯源系统中的数据可追溯性与用户隐私保护之间难以取得平衡。提出一种结合群签名、隐私地址协议、零知识证明以及属性加密的分布式可监管隐私保护方案。对群签名的群管理员机制进行改进，设置多群管理员生成用户私钥片段，用户根据返回的私钥片段计算自身私钥，并根据需要有选择性地对溯源数据进行属性加密，同时为链上数据设置特定的访问结构，以实现数据与用户的“一对多”通信。群管理员利用群公钥对交易双方的身份进行追踪与追责。符合数据特定访问结构的用户通过自身的属性私钥对密文进行解密从而获取数据信息。实验结果表明，该方案能在保证数据可追溯并实现交易双方监管的同时，提高链上数据的隐私保护水平，与现有隐私保护方案相比安全性更高。

Blockchain Supervisable Privacy Protection Scheme Based on Group Signature and Attribute Encryption

The decentralization of blockchain technology and difficulty of data tampering provide it with obvious advantages in traceability.Traceability systems based on blockchain can solve information island, low sharing degree, and data tampering problems in traditional systems to ensure the traceability of data.However, balancing data traceability and user privacy protection is difficult in blockchain traceability systems.To solve this, a distributed supervised privacy protection scheme combining group signature, privacy address protocol, zero-knowledge proof, and attribute encryption is proposed.By improving the group administrator mechanism of group signature and setting multiple group administrators to generate user private key fragments, users can calculate their private keys according to the returned private key fragments, selectively encrypt the attribute of traceability data as required, and set a specific access structure for the data on the chain to realize "one to many" communication between data and users.The group administrator uses the group public key to track and hold accountable both parties to the transaction.Users who conform to the specific data access structure decrypt the ciphertext using their attribute private key to obtain data information.The experimental results show that the scheme can ensure the data traceability, realize the supervision of both parties, and even improve the privacy protection level of data on the chain.It has higher security than existing privacy protection schemes.