Blockchain smart contract privacy authorization method based on TrustZone

doi:10.11772/j.issn.1001-9081.2022050719

Journal of Computer Applications ›› 2023, Vol. 43 ›› Issue (6): 1969-1978.DOI: 10.11772/j.issn.1001-9081.2022050719

Special Issue: 前沿与综合应用

• Frontier and comprehensive applications • Previous Articles Next Articles

Blockchain smart contract privacy authorization method based on TrustZone

Luyu CHEN¹, Xiaofeng MA¹(), Jing HE¹, Shengzhi GONG², Jian GAO³

^1.College of Electronic and Information Engineering，Tongji University，Shanghai 201804，China
^2.Wutong Chain Digital Technology Research Institute （Suzhou） Company Limited，Suzhou Jiangsu 215100，China
^3.Office of Science and Technology Management，Yunnan Provincial Academy of Science and Technology，Kunming Yunnan 650100，China

Received:2022-05-20 Revised:2022-12-27 Accepted:2022-12-30 Online:2023-06-08 Published:2023-06-10
Contact: Xiaofeng MA
About author:CHEN Luyu， born in 1997， M. S. candidate. His research interests include blockchain， financial technology.
HE Jing， born in 2000， M. S. candidate. His research interests include blockchain， financial technology.
GONG Shengzhi， born in 1985， associate senior engineer. His research interests include enterprise digitization， blockchain， privacy computing.
GAO Jian， born in 1982， M. S.， associate research fellow. His research interests include digital technology， management of science and technology.
Supported by:
Shanghai Science and Technology Innovation Action Plan(21511101503)

基于TrustZone的区块链智能合约隐私授权方法

陈璐瑀¹, 马小峰¹(), 何敬¹, 龚生智², 高建³

^1.同济大学电子与信息工程学院, 上海 201804
^2.梧桐链数字科技研究院(苏州)有限公司, 江苏苏州 215100
^3.云南省科学技术院科技管理办公室, 昆明 650100

通讯作者: 马小峰
作者简介:陈璐瑀（1997—），男，福建宁德人，硕士研究生，主要研究方向：区块链、金融科技
马小峰（1975—），男，山西大同人，副教授，博士，主要研究方向：区块链、金融科技Email：xiaofengma@tongji.edu.cn
何敬（2000—），男，湖南株洲人，硕士研究生，主要研究方向：区块链、金融科技
龚生智（1985—），重庆人，副高级工程师，主要研究方向：企业数字化、区块链、隐私计算
高建（1982—），男，山东济宁人，副研究员，硕士，主要研究方向：数字技术、科技管理。
基金资助:
上海市科技创新行动计划项目(21511101503)

Abstract

Abstract:

To meet the needs of data sharing in the context of digitalization currently， and take into account the necessity of protecting private data security at the same time， a blockchain smart contract private data authorization method based on TrustZone was proposed. The blockchain system is able to realize data sharing in different application scenarios and meet regulatory requirements， and a secure isolation environment was provided by TrustZone Trusted Execution Environment （TEE） technology for private computing. In the integrated system， the uploading of private data was completed by the regulatory agency， the plaintext information of the private data was obtained by other business nodes only after obtaining the authorization of the user. In this way， the privacy and security of the user were able to be protected. Aiming at the problem of limited memory space in the TrustZone architecture during technology fusion， a privacy set intersection algorithm for small memory conditions was proposed. In the proposed algorithm， the intersection operation for large-scale datasets was completed on the basis of the ??grouping computing idea. The proposed algorithm was tested with datasets of different orders of magnitude. The results show that the time and space consumption of the proposed algorithm fluctuates in a very small range and is relatively stable. The variances are 1.0 s² and 0.01 MB² respectively. When the order of magnitudes of the dataset is increased， the time consumption is predictable. Furthermore， using a pre-sorted dataset can greatly improve the algorithm performance.

Key words: blockchain, smart contract, Trusted Execution Environment (TEE), TrustZone, private set intersection

摘要：

为满足当代数字化背景下数据共享的需求，同时兼顾保护隐私数据安全的必要性，提出一种基于TrustZone的区块链智能合约隐私数据授权方法。区块链系统能够在不同应用场景中实现数据共享，并且满足监管的要求；TrustZone可信执行环境（TEE）技术则为隐私计算提供安全的隔离环境。在整体系统中，隐私数据的上传由监管机构完成，其余业务节点需要在获得用户授权的前提下，获得隐私数据的明文信息，从而保护用户的隐私安全。针对技术融合时TrustZone架构存在的内存空间较小的问题，提出一种针对小内存条件的隐私求交算法，其中，通过基于分组计算的思想完成对大数量级数据集合的求交运算。使用不同数量级大小的数据集测试所提算法，结果表明所提算法在时间与空间方面的消耗在极小范围内波动，方差分别约为1.0 s²与0.01 MB²，较为稳定；当增大数据集数量级时，所提算法的时间消耗是可预期的；此外，使用事先排序的数据集能够大幅提高算法性能。

关键词: 区块链, 智能合约, 可信执行环境, TrustZone, 隐私求交

CLC Number:

TP309

Luyu CHEN, Xiaofeng MA, Jing HE, Shengzhi GONG, Jian GAO. Blockchain smart contract privacy authorization method based on TrustZone[J]. Journal of Computer Applications, 2023, 43(6): 1969-1978.

陈璐瑀, 马小峰, 何敬, 龚生智, 高建. 基于TrustZone的区块链智能合约隐私授权方法[J]. 《计算机应用》唯一官方网站, 2023, 43(6): 1969-1978.

Figures/Tables 18

Fig. 1 Architecture of TrustZone

Fig.2 System model

Fig.3 Node model

Fig.4 Privacy computing process

Tab.1 Keys saved in nodes

节点	持有密钥
监管节点	PK_P、SK_P、PK_A、PK_B
业务节点A	SK_P、PK_A、SK_A、PK_B
业务节点B	SK_P、PK_A、PK_B、SK_B

Tab.2 Digital identity information recorded on blockchain

key	value	区块hash
orgA+timeA1	user1+userA1	hash1
orgA+timeA2	user2+userA2	hash2
orgB+timeB1	user1+userB1	hash3
orgA+timeA3	user3+userA3	hash4
orgA+timeA4	user4+userA4	hash5
orgB+timeB2	user2+userB2	hash6

Tab.3 Results of query

key	value	区块hash
orgA+timeA1	user1+userA1	hash1
orgA+timeA2	user2+userA2	hash2
orgB+timeB1	user1+userB1	hash3
orgB+timeB2	user2+userB2	hash6

Tab.4 Results of filtering

key	value	区块hash
$o r g A + t i m e A 1$	$u s e r 1 + u s e r A 1$	$h a s h 1$
$o r g B + t i m e B 1$	$u s e r 1 + u s e r B 1$	$h a s h 3$

Tab.4 Results of filtering

key	value	区块hash
$o r g A + t i m e A 1$	$u s e r 1 + u s e r A 1$	$h a s h 1$
$o r g B + t i m e B 1$	$u s e r 1 + u s e r B 1$	$h a s h 3$

Fig.5 Schematic diagram of benchmark set grouping pre-division

Fig.6 Example of value range update

Fig.7 Schematic diagram of recursive initial data update

Fig.8 Schematic diagram of trie tree

Tab.5 Results of algorithm stability test

序号	时间消耗/s	最大占用内存/MB	序号	时间消耗/s	最大占用内存/MB
1	85.86	104.099 6	11	84.93	104.087 6
2	84.68	104.098 2	12	85.24	104.092 3
3	86.48	104.108 5	13	85.30	104.093 5
4	83.38	104.088 6	14	84.30	104.087 3
5	82.62	104.062 9	15	86.02	104.100 5
6	84.80	104.085 7	16	84.23	104.090 2
7	83.92	104.091 0	17	83.49	104.086 7
8	86.17	104.094 5	18	85.39	104.094 6
9	83.86	104.089 5	19	84.24	104.089 3
10	85.63	104.099 2	20	83.94	104.085 9

Tab.6 Results of algorithm stability test （datasets are sorted）

序号	时间消耗/s	最大占用内存/MB	序号	时间消耗/s	最大占用内存/MB
1	51.40	104.021 6	11	50.04	104.009 8
2	50.30	104.017 0	12	50.98	104.012 6
3	52.31	104.049 3	13	48.99	103.982 3
4	49.89	104.001 2	14	49.63	103.998 4
5	48.78	103.998 7	15	50.68	104.014 8
6	50.33	104.012 7	16	50.93	104.017 5
7	49.36	104.014 6	17	51.10	104.018 8
8	51.91	104.012 1	18	49.02	103.993 2
9	49.24	103.990 2	19	50.36	104.010 9
10	50.53	104.009 2	20	50.83	103.014 7

Tab.7 Algorithm test results comparison

数据集排序情况	时间消耗平均值/s	时间消耗方差/s²	最大占用内存平均值/MB	最大占用内存方差/MB²
未排序	84.73	1.037 5	104.091 3	0.008 9
已排序	50.33	0.976 2	104.009 0	0.011 6

Tab.8 Comparison of algorithm time consumption under different dataset magnitudes

数据集排序情况	不同数量级大小的时间消耗
数据集排序情况	10⁵	5×10⁵	10⁶	2×10⁶	5×10⁶	10⁷	2×10⁷
未排序	16.33	55.32	84.75	165.43	360.99	529.59	657.32
已排序	13.32	38.34	50.33	91.32	186.35	253.74	287.13

Tab.9 Algorithm test results under different quantitative conditions

序号	数据集数据量/10⁷	时间消耗/s	序号	数据集数据量/10⁷	时间消耗/s
1	0.01	16.33	9	0.70	441.12
2	0.05	55.32	10	0.80	476.23
3	0.10	84.73	11	0.90	502.24
4	0.20	165.43	12	1.00	529.59
5	0.30	242.11	13	1.20	564.32
6	0.40	307.46	14	1.50	603.33
7	0.50	360.99	15	2.00	657.32
8	0.60	404.13

Fig.9 Comparison of time consumption for the proposed algorithm under different quantitative conditions

References 26

1	朱雪忠，代志在. 总体国家安全观视域下《数据安全法》的价值与体系定位［J］. 电子政务， 2020（8）：82-92. 10.16582/j.cnki.dzzw.2020.08.008
	ZHU X Z， DAI Z Z. The value and system orientation of the “Data Security Law” from the perspective of the overall national security concept ［J］. E-Government， 2020（8）： 82-92. 10.16582/j.cnki.dzzw.2020.08.008
2	冯登国，张敏，李昊. 大数据安全与隐私保护［J］. 计算机学报， 2014， 37（1）：246-258. 10.3724/SP.J.1016.2014.00246
	FEND D G， ZHANG M， LI H. Big data security and privacy protection ［J］. Chinese Journal of Computers， 2014， 37（1）： 246-258. 10.3724/SP.J.1016.2014.00246
3	袁勇，王飞跃. 区块链技术发展现状与展望［J］. 自动化学报， 2016， 42（4）：481-494. 10.16383/j.aas.2016.c160158
	YUAN Y， WANG F Y. Blockchain： the state of the art and future Trends［J］. Acta Automatica Sinica， 2016， 42（4）：481-494. 10.16383/j.aas.2016.c160158
4	SZABO N. The idea of smart contracts ［EB/OL］. ［2022-08-07］.. 10.1007/978-3-030-90421-0_48
5	范吉立，李晓华，聂铁铮，等. 区块链系统中智能合约技术综述［J］. 计算机科学， 2019， 46（11）：1-10. 10.11896/jsjkx.190300013
	FAN J L， LI X H， NIE T Z， et al. Survey on smart contract based on blockchain system ［J］. Computer Science， 2019， 46（11）：1-10. 10.11896/jsjkx.190300013
6	仝秦玮，李洁，王洁，等. 一种基于智能合约的全同态加密方法［J］. 网络空间安全， 2020， 11（9）：32-38. 10.3969/j.issn.1674-9456.2020.09.005
	TONG Q W， LI J， WANG J， et al. A full homomorphic encryption method based on smart contract ［J］. Cyberspace Security， 2020， 11（9）： 32-38. 10.3969/j.issn.1674-9456.2020.09.005
7	董贵山，陈宇翔，范佳，等. 区块链应用中的隐私保护策略研究［J］. 计算机科学， 2019， 46（5）：29-35. 10.11896/j.issn.1002-137X.2019.05.004
	DONG G S， CHEN Y X， FAN J， et al. Research on privacy protection strategies in blockchain application［J］. Computer Science， 2019， 46（5）：29-35. 10.11896/j.issn.1002-137X.2019.05.004
8	汪金苗，谢永恒，王国威，等. 基于属性基加密的区块链隐私保护与访问控制方法［J］. 信息网络安全， 2020， 20（9）：47-51. 10.3969/j.issn.1671-1122.2020.09.010
	WANG J M， XIE Y H， WANG G W， et al. A method of privacy preserving and access control in blockchain based on attribute-based encryption ［J］. Netinfo Security， 2020， 20（9）： 47-51. 10.3969/j.issn.1671-1122.2020.09.010
9	YAN Y， WEI C Z， GUO X P， et al. Confidentiality support over financial grade consortium blockchain ［C］// Proceedings of the 2020 ACM SIGMOD International Conference on Management of Data. New York： ACM， 2020： 2227-2240. 10.1145/3318464.3386127
10	VALADARES D C G， WILL N C， CAMINHA J， et al. Systematic literature review on the use of trusted execution environments to protect cloud/fog-based Internet of Things applications ［J］. IEEE Access， 2021， 9： 80953-80969. 10.1109/access.2021.3085524
11	HUA Z C， GU J Y， XIA Y B， et al. vTZ： virtualizing ARM TrustZone［C］// Proceeding of the 26th USENIX Security Symposium. Berkeley： USENIX Association， 2017： 541-556.
12	AMACHER J， SCHIAVONI V. On the performance of ARM TrustZone： practical experience report［C］// Proceeding of the 2019 IFIP International Conference on Distributed Applications and Interoperable Systems， LNCS 11534. Cham： Springer， 2019：133-151.
13	ENKHTAIVAN B， TAKENOUCHI T， SAKO K. A fair anonymous auction scheme utilizing trusted hardware and blockchain ［C］// Proceeding of the 17th International Conference on Privacy， Security and Trust. Piscataway： IEEE， 2019： 1-5. 10.1109/pst47121.2019.8949020
14	AYOADE G， KARANDE V， KHAN L， et al. Decentralized IoT data management using blockchain and trusted execution environment［C］// Proceeding of the 2018 IEEE International Conference on Information Reuse and Integration for Data Science. Piscataway： IEEE， 2018：15-22. 10.1109/iri.2018.00011
15	LIANG Y H， LI Y， SHIN B S. FairCs-blockchain-based fair crowdsensing scheme using trusted execution environment［J］. Sensors， 2020， 20（11）： No.3172. 10.3390/s20113172
16	CHENG J R， LI J， XIONG N X， et al. Lightweight mobile clients privacy protection using trusted execution environments for blockchain ［J］ Computers， Materials and Continua， 2020， 65（3）： 2247-2262. 10.32604/cmc.2020.011668
17	ENKHTAIVAN B， INOUE A. Mediating data trustworthiness by using trusted hardware between IoT devices and blockchain ［C］// Proceeding of the 2020 IEEE International Conference on Smart Internet of Things. Piscataway： IEEE， 2020：314-318. 10.1109/smartiot49966.2020.00056
18	ZHANG Y X， LI Y， FANG L， et al. Privacy-protected electronic voting system based on blockchin and trusted execution environment［C］// Proceeding of the IEEE 5th International Conference on Computer and Communications. Piscataway： IEEE， 2019：1252-1257. 10.1109/iccc47050.2019.9064387
19	WANG Y， LI J N， ZHAO S Y， et al. Hybridchain： a novel architecture for confidentiality-preserving and performant permissioned blockchain using trusted execution environment ［J］. IEEE Access， 2020， 8：190652-190662. 10.1109/access.2020.3031889
20	FU X， WANG H M， SHI P C， et al. Teegraph： a blockchain consensus algorithm based on TEE and DAG for data sharing in IoT［J］. Journal of Systems Architecture， 2022， 122： No.102344. 10.1016/j.sysarc.2021.102344
21	BRANDENBURGER M， CACHIN C， KAPITZA R， et al. Trusted computing meets blockchain： rollback attacks and a solution for Hyperledger Fabric［C］// Proceeding of the 38th Symposium on Reliable Distributed Systems. Piscataway： IEEE， 2019：324-333. 10.1109/srds47363.2019.00045
22	LIND J， NAOR O， EYAL I， et al. Teechain： a secure payment network with asynchronous blockchain access ［C］// Proceedings of the 2020 ACM SIGMOD International Conference on Management of Data. New York： ACM， 2019：63-79. 10.1145/3341301.3359627
23	MADDALI L P， THAKUR M S D， VIGNESWARAN R， et al. VeriBlock： a novel blockchain framework based on verifiable computing and trusted execution environment ［C］// Proceeding of the 2020 International Conference on Communication Systems and Networks. Piscataway： IEEE， 2020： 1-6. 10.1109/comsnets48256.2020.9027414
24	FENG Q， HE D B， ZEADALLY S， et al. A survey on privacy protection in blockchain system［J］. Journal of Network and Computer Applications， 2019， 126： 45-58. 10.1016/j.jnca.2018.10.020
25	杨保绚，董攀，张利军，等. 基于TrustZone的安全应用性能优化［J］. 计算机工程与科学， 2020， 42（12）：2141-2150. 10.3969/j.issn.1007-130X.2020.12.006
	YANG B X， DONG P， ZHANG L J， et al. Performance optimization of secure application based on TrustZone ［J］. Computer Engineering and Science， 2020， 42（12）： 2141-2150. 10.3969/j.issn.1007-130X.2020.12.006
26	杨帆，张倩颖，施智平，等. 可信执行环境软件侧信道攻击研究综述［J］. 软件学报， 2023， 34（1）：381-403.
	YANG F， ZHANG Q Y， SHI Z P， et al. Survey on software side-channel attacks in trusted execution environment［J］. Journal of Software， 2023， 34（1）： 381-403.

[1]	Tingwei CHEN, Jiacheng ZHANG, Junlu WANG. Random validation blockchain construction for federated learning [J]. Journal of Computer Applications, 2024, 44(9): 2770-2776.
[2]	Xiaoling SUN, Danhui WANG, Shanshan LI. Dynamic ciphertext sorting and retrieval scheme based on blockchain [J]. Journal of Computer Applications, 2024, 44(8): 2500-2505.
[3]	Baoyan SONG, Junxiang DING, Junlu WANG, Haolin ZHANG. Consortium blockchain modification method based on chameleon hash and verifiable secret sharing [J]. Journal of Computer Applications, 2024, 44(7): 2087-2092.
[4]	He HUANG, Yu JIN. Cloud data auditing scheme based on voting and Ethereum smart contracts [J]. Journal of Computer Applications, 2024, 44(7): 2093-2101.
[5]	Jiao LI, Xiushan ZHANG, Yuanhang NING. Blockchain sharding method for reducing cross-shard transaction proportion [J]. Journal of Computer Applications, 2024, 44(6): 1889-1896.
[6]	Meihong CHEN, Lingyun YUAN, Tong XIA. Data classified and graded access control model based on master-slave multi-chain [J]. Journal of Computer Applications, 2024, 44(4): 1148-1157.
[7]	Lipeng ZHAO, Bing GUO. Blockchain consensus improvement algorithm based on BDLS [J]. Journal of Computer Applications, 2024, 44(4): 1139-1147.
[8]	Gaimei GAO, Jin ZHANG, Chunxia LIU, Weichao DANG, Shangwang BAI. Privacy protection scheme for crowdsourced testing tasks based on blockchain and CP-ABE policy hiding [J]. Journal of Computer Applications, 2024, 44(3): 811-818.
[9]	Haifeng MA, Yuxia LI, Qingshui XUE, Jiahai YANG, Yongfu GAO. Attribute-based encryption scheme for blockchain privacy protection [J]. Journal of Computer Applications, 2024, 44(2): 485-489.
[10]	Yifan WANG, Shaofu LIN, Yunjiang LI. Highway free-flow tolling method based on blockchain and zero-knowledge proof [J]. Journal of Computer Applications, 2024, 44(12): 3741-3750.
[11]	Yiting WANG, Wunan WAN, Shibin ZHANG, Jinquan ZHANG, Zhi QIN. Linkable ring signature scheme based on SM9 algorithm [J]. Journal of Computer Applications, 2024, 44(12): 3709-3716.
[12]	Deyuan LIU, Jingquan ZHANG, Xing ZHANG, Wunan WAN, Shibin ZHANG, Zhi QIN. Cross-chain identity authentication scheme based on certificate-less signcryption [J]. Journal of Computer Applications, 2024, 44(12): 3731-3740.
[13]	Keshuo SUN, Haiying GAO, Yang SONG. Multi-authority attribute-based encryption scheme for private blockchain over public blockchain [J]. Journal of Computer Applications, 2024, 44(12): 3699-3708.
[14]	Peng FANG, Fan ZHAO, Baoquan WANG, Yi WANG, Tonghai JIANG. Development， technologies and applications of blockchain 3.0 [J]. Journal of Computer Applications, 2024, 44(12): 3647-3657.
[15]	Ziqian CHEN, Kedi NIU, Zhongyuan YAO, Xueming SI. Review of blockchain lightweight technology applied to internet of things [J]. Journal of Computer Applications, 2024, 44(12): 3688-3698.

Blockchain smart contract privacy authorization method based on TrustZone

基于TrustZone的区块链智能合约隐私授权方法

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 18

References 26

Related Articles 15

Recommended Articles

Metrics