摘要
传统基于区块链的“真实存储”系统在过滤“无效查询请求”时忽略了提供“不存在证明”,恶意节点可以随时对指定用户发动拒绝服务攻击.本文提出了可验证布隆过滤器的一种构建方式,基于布隆过滤器快速过滤无效查询请求的同时能有效提供证据证明数据不存在;此外,针对证明过程中可能造成的隐私泄露问题,本文提出了“隐秘的可验证布隆过滤器”和“数据混淆”两种方式,前者确保每个“不存在证明”只会泄露布隆过滤器的一位置零位,减少了数据泄露量;后者则是在前者的基础上进一步降低用户从泄露的布隆过滤器中推测出真实内容准确率.实验数据表明,当无效查询请求量占比为35%时,读取性能提升大约30%;当无效查询请求量占比为95%时,读取性能可提升十倍以上.
The traditional blockchain-based“true-storage”system ignores the provision of“nonexistent proof”when filtering“invalid query requests”,and malicious nodes can launch denial of service attacks on designated users.This paper proposes a method for building a verifiable Bloom filter,by which nodes can quickly filter invalid query requests and provide valid evidence proving the data does not exist.In addition,this paper proposes two ways to solve the privacy leakage problem in the proof process:a“hidden verifiable Bloom filter”and“data confusion.”The former method ensures that each“nonexistent proof”only leaks one bit of the Bloom filter,reducing the data leakage in the proof process.The latter method reduces the accuracy for users inferring real content from the leaking Bloom filter.The experimental data show that when the proportion of invalid query requests is 35%,the read performance can be improved by approximately 30%;and when this proportion is 95%,the improvement can be more than tenfold.
作者
徐松松
过晓冰
徐恪
Songsong XU;Xiaobing GUO;Ke XU(Department of Computer Science and Technology,Tsinghua University,Beijing 100084,China;Beijing National Research Center for Information Science and Technology,Beijing 100084,China;The Lenovo Research,Beijing 100085,China)
出处
《中国科学:信息科学》
CSCD
北大核心
2023年第12期2386-2405,共20页
Scientia Sinica(Informationis)
基金
国家重点研发计划(批准号:2022YFB3102301)
国家杰出青年科学基金(批准号:61825204)
国家自然科学基金(批准号:61932016,62132011)
北京高校卓越青年科学家计划(批准号:BJJWZYJH01201910003011)
联想青年科学家资助项目。
关键词
区块链
可验证布隆过滤器
可认证数据结构
不存在证明
隐私保护
blockchain
verifiable Bloom filter
authenticated data structure
nonexistence proof
privacy preserving