Design and implementation of a smart-contract voting system based on zero-knowledge proof
-
摘要: 作為一種具有法律約束力的程序,智能合約為電子投票系統提供了可信執行平臺.然而,由于合約部署在公開透明的區塊鏈上,這將為投票內容的有效性與隱私性帶來巨大威脅.為了解決上述問題,基于交互式零知識證明技術設計了智能合約投票系統.首先,提出了一個新的交互式零知識集合成員關系證明協議,使得投票者在不泄露投票內容的前提下,完成對投票內容有效性的驗證,從而避免無效選票對投票系統的影響.其次,本文通過智能合約規范語言SPESC對投票合約進行描述并對投票各個階段的觸發條件進行限定,通過將合約以JAR包形式上傳至區塊鏈,實現智能合約投票系統的部署和自動化執行.最后,對智能合約投票系統的性能進行分析,實驗結果表明該系統投票和計票階段均可高效實施,為密碼協議構造技術與智能合約投票系統的有效結合提供參考.Abstract: As a legally binding computer program, smart contracts are stored on the blockchain and can be automatically executed according to the contract terms. These features of smart contracts provide a trusted execution environment for the electronic voting system. However, since the contract is deployed on an open and transparent blockchain, this causes a considerable threat to the validity and privacy of the voting content. However, due to the openness of the blockchain network, any node linked to the network can obtain information concerning contract transactions on the chain without restriction, which greatly threatens the validity and privacy of the voting content. To address this problem, a smart-contract voting system has been designed. First, we construct a new interactive zero-knowledge set membership proof protocol (ZSMPP) based on the discrete logarithm problem. Using ZSMPP in the design of the smart-contract voting system, the voter can verify the voting content validity to the initiator without disclosing the voting content itself to avoid the impact of invalid votes. Moreover, we prove that the proposed protocol is complete and has zero knowledge. Second, we describe the voting contract by the specification language of smart-contract (SPESC) and limit the trigger conditions of stages of the voting system through contract terms. By deploying the voting contract to the blockchain as a JAR file, the proposed smart-contract voting system can be automatically executed in accordance with the predefined contract terms. Additionally, we further introduce the execution process and related algorithms of the four stages of the proposed voting system and show the related execution results in the form of contract transactions. Furthermore, we analyzed five security features of the proposed voting protocol. Particularly, the validity of the ballot content is ensured by the zero-knowledge of our protocol, which can prevent invalid votes from affecting the system. The privacy of the ballot ensures that the voting content is undisclosed either in the verification or counting stage. Uniqueness ensures that each voter can only vote once. Supervision-free means that there are no trusted supervisors in the proposed voting protocol. Self-counting indicates that smart-contract programs automatically implement the counting process. Finally, the performance of the proposed smart-contract voting system is analyzed. The experimental results show that both the voting and counting stages of our voting system can be implemented efficiently. Moreover, our smart-contract voting system can provide a reference for effectively combining the cryptographic protocol construction technology and smart-contract voting system.
-
Key words:
- zero-knowledge proof /
- smart contract /
- voting system /
- homomorphic encryption /
- privacy protection
-
表 1 符號說明表
Table 1. Notation declaration
Symbol Description ${\boldsymbol{G}}$ Elliptic curve multiplicative cyclic group ${\bf{Z} }$ Integer group g Generator of the group ${\boldsymbol{G}}$ n Number of candidates s Number of voters ${v_i}$ The i-th voter ${\rm{s}}{{\rm{k}}_i}$ Secret key of voter $ {v_i} $ ${\rm{p}}{{\rm{k}}_i}$ Public key of voter $ {v_i} $ ${\rm{nu}}{{\rm{m}}_i}$ Voting number of voter $ {v_i} $ $ {w_j} $ The j-th candidate ${\rm{wi}}{{\rm{d}}_j}$ Identity of candidate $ {w_j} $ 
下載: 導出CSV
表 2 initParam算法
Table 2. initParam algorithm
input: rbit, qbit output: void pg ← new TypeACurveGenerator(rbit,qbit) typeAParams ← pg.generate() pairing←PairingFactory.getPairing(typeAParams) G ← pairing.getG1(); Z ← pairing.getZr(); g ← G.newRandomElement().getImmutable(); return;
下載: 導出CSV
表 3 candidateForm算法
Table 3. candidateForm algorithm
input: params output: candidateList params={} for i ← 0 to params.length by 1 do n ← params.length; w.setCandidateAddress(params[i]); z← newNum(); w.setNumid((int)pow(2,(i+1)·z); w.setNumid(i+1); w.setTotal(0); candidateList.add(w); resultMap.put(params[i?1],0); end for return candidateList;
下載: 導出CSV
表 4 voterRegist算法
Table 4. voterRegist algorithm
input: params output: voterList params={} for i ← 0 to params.length by 1 do v ← new Voter(); v.setVoterAddress(params[i]); v.setVoteStatus(false); voterList.add(v); end for return voterList;
下載: 導出CSV
表 5 generateCommit算法
Table 5. generateCommit algorithm
input: address,num output: Commit Commit ← {}; if address in voterList then sk1←Z.newRandomElement().getImmutable().duplicate(); sk2←Z.newRandomElement().getImmutable().duplicate(); pk1 ← g.duplicate().powZn(sk1); pk2 ← g.duplicate().powZn(sk2); x ← pk1.duplicate(); yy ← pk2.duplicate(); wid ← (int) pow(2, num * newNum()); e ←g.duplicate().pow(BigInteger.valueOf(wid)); y ← yy.mul(e); Commit.add(x); Commit.add(y); end if return Commit;
下載: 導出CSV
表 6 generateChallenge2算法
Table 6. generateChallenge2 algorithm
input: address output: miuN for i ← 0 to n-1 by 1 do sum ← sum.add(A.get(i)); end for sum ← sum.add(x)); phi ← hash(sum); for i ← 0 to n-1 by 1 do miuN ← miuN.sub(U.get(i)); end for return miuN;
下載: 導出CSV
中文字幕在线观看表 7 voteResult算法
Table 7. voteResult algorithm
input: candidateList output: result for j ← 0 to n-1 by 1 do candidateddress ← candidateList.get(j).candidateaddress; for i ← 0 to s-1 by 1 do eTotal ← eTotal + BGN(getPK.initiator, candidateaddress); end for result.put(candidateaddess, eTotal); end for return result;
下載: 導出CSV
-
參考文獻
[1] Wang D, Zhu Y, Chen E, et al. Smart legal contract and its research progress. Chin J Eng, 2022, 44(1): 68王迪, 朱巖, 陳娥, 等. 智能法律合約及其研究進展. 工程科學學報, 2022, 44(1):68 [2] Wang S, Ouyang L, Yuan Y, et al. Blockchain-enabled smart contracts: Architecture, applications, and future trends. IEEE Trans Syst Man Cybern Syst, 2019, 49(11): 2266 doi: 10.1109/TSMC.2019.2895123 [3] Zhu Y, Wang Q S, Qin B H, et al. Survey of blockchain technology and its advances. Chin J Eng, 2019, 41(11): 1361朱巖, 王巧石, 秦博涵, 等. 區塊鏈技術及其研究進展. 工程科學學報, 2019, 41(11):1361 [4] Zhu Y, Qin B H, Chen E, et al. An advanced smart contract conversion and its design and implementation for auction contract. Chin J Comput, 2021, 44(3): 652 doi: 10.11897/SP.J.1016.2021.00652朱巖, 秦博涵, 陳娥, 等. 一種高級智能合約轉化方法及競買合約設計與實現. 計算機學報, 2021, 44(3):652 doi: 10.11897/SP.J.1016.2021.00652 [5] Hewa T, Ylianttila M, Liyanage M. Survey on blockchain based smart contracts: Applications, opportunities and challenges. J Netw Comput Appl, 2021, 177: 102857 doi: 10.1016/j.jnca.2020.102857 [6] Buterin V. A next-generation smart contract and decentralized application platform [R/OL]. Ethereum (2014-12-01) [2022-07-07].https://ethereum.org/669c9e2e2027310b6b3cdce6e1c52962/Ethereum_Whitepaper_-_Buterin_2014.pdf [7] Lerner S D. RSK Bitcoin powered smart contracts [R/OL]. Sciencepaper Online (2015-11-19) [2022-07-07]. http://cryptochainuni.com/wp-content/uploads/Rootstock-WhitePaper-v9-Overview.pdf [8] Androulaki E, Barger A, Bortnikov V, et al. Hyperledger fabric: A distributed operating system for permissioned blockchains // Proceedings of the Thirteenth EuroSys Conference. Portugal, 2018: 1 [9] Chaum D L. Untraceable electronic mail, return addresses, and digital pseudonyms. Commun ACM, 1981, 24(2): 84 doi: 10.1145/358549.358563 [10] Zhang P, Yu J P, Liu H W. A homomorphic signcryption scheme and its application in electronic voting. J Shenzhen Univ Sci Eng, 2011, 28(6): 489張鵬, 喻建平, 劉宏偉. 同態簽密方案及其在電子投票中的應用. 深圳大學學報(理工版), 2011, 28(6):489 [11] Sun M, Wang Y B. Traceable anonymous electronic voting scheme based on blockchain. Cyberspace Secur, 2019, 10(9): 85 doi: 10.3969/j.issn.1674-9456.2019.09.011孫萌, 王昀飚. 基于區塊鏈的可追蹤匿名電子投票方案. 網絡空間安全, 2019, 10(9):85 doi: 10.3969/j.issn.1674-9456.2019.09.011 [12] Zheng J, Lai H C. Blockchain e-voting scheme based on one-time ring signature. Appl Res Comput, 2020, 37(11): 3378鄭劍, 賴恒財. 基于一次性環簽名的區塊鏈電子投票方案. 計算機應用研究, 2020, 37(11):3378 [13] Satizábal C, Páez R, Forné J. Secure Internet Voting Protocol (SIVP): A secure option for electoral processes. J King Saud Univ Comput Inf Sci, 2022, 34(6): 3647 [14] Wang K H, Mondal S K, Chan K, et al. A review of contemporary e-voting: Requirements, technology, systems and usability. Data Sci Pattern Recognit, 2017, 1(1): 31 [15] Alvarez R M, Hall T E, Trechsel A H. Internet voting in comparative perspective: The case of Estonia. PS Political Sci Politics, 2009, 42(3): 497 doi: 10.1017/S1049096509090787 [16] Zhao Z C, Chan T H H. How to vote privately using bitcoin // International Conference on Information and Communications Security. Beijing, 2015: 82 [17] Tarasov P, Tewari H. Internet voting using zcash [R/OL]. Sciencepaper Online (2017-06-20) [2022-07-07].https://eprint.iacr.org/2017/585 [18] McCorry P, Shahandashti S F, Hao F. A smart contract for boardroom voting with maximum voter privacy // International Conference on Financial Cryptography and Data Security. Sliema, 2017: 357 [19] Yu B, Liu J K, Sakzad A, et al. Platform-independent secure blockchain-based voting system // International Conference on Information Security. Guildford, 2018: 369 [20] Camenisch J, Chaabouni R, Shelat A. Efficient protocols for set membership and range proofs // International Conference on the Theory and Application of Cryptology and Information Security. Melbourne, 2008: 234 [21] Morais E, Koens T, Van W C, et al. A survey on zero knowledge range proofs and applications. SN Appl Sci, 2019, 1(8): 946 doi: 10.1007/s42452-019-0989-z [22] Boneh D, Boyen X. Short signatures without random oracles // International Conference on the Theory and Applications of Cryptographic Techniques. Interlaken, 2004: 56 [23] Yin H J, Chen E, Zhu Y, et al. An efficient zero-knowledge dual membership proof supporting pos-and-neg membership decision. Mathematics, 2022, 10(17): 3217 doi: 10.3390/math10173217 [24] De Caro A, Iovino V. jPBC: Java pairing based cryptography // 2011 IEEE Symposium on Computers and Communications. Corfu, 2011: 850 [25] He X, Qin B H, Zhu Y, et al. SPESC: A specification language for smart contracts // 2018 IEEE 42nd Annual Computer Software and Applications Conference. Tokyo, 2018, 1: 132 [26] Boneh D, Goh E J, Nissim K. Evaluating 2-DNF formulas on ciphertexts // Proceedings of the 2005 Second International Conference on Theory of Cryptography. Spain, 2005: 325 [27] Kumar M, Chand S, Katti C P. A secure end-to-end verifiable internet-voting system using identity-based blind signature. IEEE Syst J, 2020, 14(2): 2032 doi: 10.1109/JSYST.2019.2940474 -
點擊查看大圖
圖(15) / 表(8)
計量
- 文章訪問數: 934
- HTML全文瀏覽量: 369
- PDF下載量: 91
- 被引次數: 0
