Joint credit investigation application based on blockchain and multi-party secure computing technology

In the current era of digital economy, the financial industry has ushered in a period of important strategic opportunities for digital transformation. As the two carriages for the development of digital finance, industrial digital finance is in the ascendant and has broad prospects. Consumer digital finance relies on the consumer ecosystem shaped by the Internet economy and has been deeply integrated into the daily lives of residents. However, from the perspective of business practice, there are still some problems to be solved in consumer digital finance. Among them, the problems of long borrowing and excessive credit caused by information asymmetry have not only increased the credit risk faced by financial institutions, but also due to financial risks. Conductivity and complexity will bring certain challenges to the stability of my country’s financial system. 

Aiming at long-term lending and excessive credit granting, an effective method is to adopt a joint credit investigation model to realize the sharing of data and information of borrowers in financial institutions. However, for various financial institutions, the borrower’s loan amount in the institution is a trade secret, and they are generally unwilling to share this data with competitors. Even if financial institutions are willing to share the data for business expansion, there are still obstacles to the realization of financial data sharing under the increasingly stringent regulatory environment of privacy data protection due to the lack of safe and reliable data and information sharing methods that protect business secrets. With the vigorous development of high-precision technology related to financial technology, blockchain and multi-party secure computing technology may provide beneficial solutions to the above problems. 

Multi-party secure computing technology (Secure Muti-party Computation) is a privacy computing technology that has been widely concerned at home and abroad in recent years. In the field of cross-subject data sharing and collaborative computing, it provides new ideas and new methods to solve information security and privacy data protection. Under the premise of not divulging the original data, the application value of data can be realized through the operation of “data available but not visible”. In view of the problems of multi-head lending and excessive credit, the application of multi-party secure computing technology on the blockchain platform can ensure that various financial institutions realize data sharing and collaborative computing without disclosing their actual business data, and carry out joint credit investigation applications. The solution of the problem has practical guiding significance. 

Overview of Multi-party Secure Computing Technology 

Multi-party security computing originated from the “Millionaire Problem” proposed by Academician Yao Qizhi in 1982. The problem is to solve the problem of comparing the wealth of two parties without letting the other party get their own total wealth data. In essence, it can be understood as the safe completion of collaborative computing through the joint participation of multiple parties without a trusted third party. Multi-party secure computing has applied some important privacy technology achievements of cryptography and has become a key technology for cyberspace information security and privacy data protection, including Oblivious Transfer, Garbled Circuit, Homomorpgic Encryption, Secret Sharing, Zero-Knowledge Proof, etc. 

Multi-party security computing has been in the stage of theoretical research for a long time since it was proposed in 1982. In 1987, Goldreich, Micali and Wigderson proposed a multi-party secure computing protocol based on a cryptographic security model that can compute arbitrary functions. In 1988, Ben and Goldwasser introduced multiple parties in multi-party security calculations. They pointed out that two or more participants used their own confidential data as input to the calculation to jointly conduct confidential calculations. , After the safety calculation is completed, no participant can obtain other information except the output result. In 2004, the Fairplay system, a universal multi-party secure computing application, was implemented, proving that a privacy computing protocol can be described by a high-level language and compiled into an executable file for execution between data owners. Due to its high theoretical value and broad application prospects, multi-party secure computing technology has become a research hotspot in cryptography and even the technology industry in recent years. Foreign research teams have combined multi-party secure computing with cloud computing, big data and other technologies for research and exploration, and Try to commercialize it. Microsoft Research Institute of America has proposed a solution based on multi-party secure computing to realize the secure exchange of data in the cloud; the Engima team of the MIT Media Lab launched a “secret contract” agreement in 2018 to support developers in developing secret contracts to protect Private data; Enveil, a security company, provides an encrypted data application platform for companies and enterprises based on the “zero-leakage computing architecture” technology. Since 2019, foreign technology giants have accelerated their deployment in the privacy computing industry. Some giants have opened up private computing libraries to lower the development threshold and gain first-mover advantages. For example, in August 2019, Google (Google) open sourced a multi-party secure computing tool-Private Join and Compute, to help organizations and institutions to process confidential data sets; in October 2019, Facebook (Facebook) will secure machine learning ( Secure Machine Learning) framework CrypTen is open source. 

Domestically, relevant institutions and organizations actively promote the research and development of multi-party secure computing core technology, the formulation of standards and specifications, and the implementation of commercial applications. For example, Ant Financial has launched the Ant Chain Morse multi-party secure computing platform; Huakong Qingjiao has implemented a high-performance universal secure computing framework PrivPy platform based on multi-party secure computing technology; Matrix Yuan launched the private machine learning open source framework Rosetta. The People’s Bank of China, China Academy of Information and Communications Technology, China Electronics Standards Institute and other institutions have respectively carried out the research and development of relevant standards and specifications, and issued the “Multi-party Secure Computing Financial Application Technical Specification” and “Multi-party Secure Computing-based Data Circulation Product Technical Requirements and Test Methods “”Blockchain Privacy Computing Service Guide” and many other standards and specifications. 

Application status of multi-party secure computing technology

 With the rapid development of multi-party secure computing technology, multi-party secure computing has gradually expanded from its early application in scenarios such as anonymous bidding and electronic voting to collaborative computing for distributed scenarios, including private information retrieval, encrypted computing, federated machine learning, and AI security prediction And other fields, and explore applications in financial, medical and other industries. 

The financial sector. Multi-party secure computing can play an important role in supply chain finance, risk control, and joint marketing. Based on a multi-party secure computing platform, it can realize multi-dimensional data integration of different subjects, horizontally open up multi-dimensional data including tax data, transportation data, water, electricity and gas data, credit information data, consumption data, etc., and incorporate multi-dimensional data In the joint risk control model and precision marketing model, under the premise of ensuring the security of private data, multi-party data collaborative computing is realized, so as to build a more effective big data model. At present, financial institutions such as Industrial and Commercial Bank of China, Bank of Communications, Huaxia Bank, Xinwang Bank are actively exploring the application of multi-party secure computing technology in financing risk control, cross-border settlement, financial insurance blacklist security query, financial supervision and other scenarios, and obtain The initial results have been achieved. For example, Bank of Communications, China Mobile, China Telecom, and Fortune Technology jointly innovated the “Financing Service for Small and Medium-sized Enterprises Based on Multi-party Security Graph Computing”, which can establish user risk relationships and identify high Risk customers. 

Biomedical field. Scientific research in the biomedical field is increasingly dependent on data. AI-assisted medical care needs to collect, aggregate, and model a large amount of data including genomics data, medical imaging data, and clinical medicine to achieve disease prediction and other functions. , And this process often faces a greater risk of data leakage. Through privacy computing technologies such as multi-party secure computing and effective authorization, secure data sharing and computing between multiple medical subjects can be realized, and the problem of data islands in the biomedical field can be solved. In March 2020, the National Gene Bank and BGI Blockchain launched a new coronavirus genome analysis platform based on multi-party secure computing technology, which supports users to collaborate with other researchers to analyze and share results without publishing their own data, which is real-time Tracking the evolution of the virus, monitoring new mutations, as well as epidemic risk assessment, and medical countermeasures provide effective data support. 

Government affairs. Government big data occupies an absolute advantage in terms of volume, but due to security and other reasons, there are still data islands. There are strong sharing requirements among multi-industry and multi-departmental databases involving energy, transportation, planning, environmental protection, etc., and data sharing and circulation The barriers to be broken urgently. The in-depth integration and application of technologies such as multi-party secure computing, blockchain, and big data has broad space in promoting the secure sharing of government big data. 

Joint credit investigation application based on blockchain and multi-party secure computing technology

Scene description 

Some borrowers apply for loans from two or more banks and microfinance companies at the same time. Since the current credit investigation system does not cover all lending areas, the related business may have problems with long loans and excessive credit. Banks or microfinance companies lack security, credible and business secret lending data sharing methods, and cannot achieve joint credit investigation. Therefore, it is necessary to design a solution based on blockchain and multi-party secure computing technology. Under the premise that all parties do not disclose specific loan amount and other business data, calculate the total amount of cross-financial institution loans of specific borrowers and realize joint collection. Letter query. 

Technical solutions 

Considering that the blockchain is a multi-party collaboration system, it can build a basic framework platform that integrates data communication, data sharing, and data interaction for the application and implementation of multi-party secure computing. Therefore, this paper designs a joint credit investigation application based on blockchain and multi-party secure computing technology. The overall logical architecture is shown in Figure 1. 

Joint credit investigation application based on blockchain and multi-party secure computing technology

Figure 1 Logical architecture diagram of a joint credit application system based on blockchain and multi-party secure computing technology

The logical architecture of the joint credit application system based on blockchain and multi-party secure computing technology mainly includes client, server and blockchain network. Financial institutions participating in the joint credit investigation business can use the client or browser to call the server to implement various basic services. For example, the server encrypts the loan amount and other information locally, and then calls the blockchain smart contract to complete the collaborative calculation of multiple participants. The specific process is as follows: In the first step, customer M sends a loan application to financial institution A. In the second step, after receiving the loan request, financial institution A conducts a joint credit investigation. In this process, financial institution A initializes customer M related information in the back-end system, generates a public-private key pair based on a homomorphic encryption algorithm, and uses the public key to encrypt the customer’s loan amount and other information, and then distributes the public key to other financial institutions. mechanism. In the third step, other financial institutions use the public key sent by financial institution A to encrypt information such as the loan of customer M at the financial institution, and upload the encrypted value to the ledger through a smart contract. In the fourth step, the smart contract automatically performs collaborative calculations on the encrypted values ​​uploaded by various financial institutions, and obtains information such as the total loan amount of customer M in various financial institutions. In the fifth step, financial institution A inquires and decrypts the encrypted value through the smart contract in the back-end system, obtains plain text information such as the loan amount of customer M, and reports the result to the supervisory authority. In the sixth step, financial institution A conducts a risk assessment based on the loan situation of customer M and makes a credit decision. So far, customer M’s joint credit investigation work has been completed. In this technical application scheme, the regulatory agency can participate in the blockchain network as a regulatory node, achieve regulatory penetration, and prevent intrusion and interference from other nodes. 

Solution advantage 

The joint credit investigation application based on blockchain and multi-party secure computing technology has the following advantages: First, it is easy to implement. The technical application scheme has simple business logic and easy code implementation. Each participant interacts with the smart contract only once to complete automatic collaborative calculation. The second is high security. The core business process of the solution is all ciphertext calculations, and data information is stored in ciphertext. Even if the node is compromised and the ledger record is obtained, it cannot be decrypted. At the same time, the smart contract has undergone multi-party consensus, and the upgrade needs to be audited, which has high security. sex. The third is to support regulatory penetration. The supervisor does not participate in the multi-party calculation logic, and can be used as a supervisory node to access the blockchain network, access the lowest-level data, and achieve supervisory penetration. The entire solution does not require a trusted central node to participate in the core business logic, and realizes multi-party collaborative computing under decentralization. The fourth is strong scalability. The core computing logic of the technical solution is loosely coupled with the business, which is convenient for later business expansion and innovation. 

Concluding remarks 

In the joint credit investigation scenario, based on blockchain and multi-party secure computing technology, it is possible to carry out credit inquiry services without a trusted central node and protect the trade secrets and private data of each participant, which is useful for solving long-term borrowing and excessive The issue of credit is of great significance. The application value of multi-party secure computing technology in the financial field has gradually been recognized by regulatory agencies. The People’s Bank of China clearly stated in the “FinTech Development Plan (2019-2021)” that it is necessary to build a trusted environment for mobile terminals that adapt to the Internet era. , Make full use of trusted computing and multi-party secure computing to enhance financial technology innovation. 

At present, the development of multi-party secure computing technology is still in its early stage. In practical applications, there are still problems such as high computing overhead, large storage overhead, inconsistent standards, and high difficulty in algorithm design verification. Large-scale commercial use still requires multi-party cooperation and accelerated key technology research and development. And standard setting. Promote the innovative application of emerging privacy protection technologies such as multi-party secure computing in financial scenarios, which is helpful to the secure application of data in the financial industry and risk prevention and control. 

We have the following suggestions for the in-depth application development of multi-party secure computing in the financial field: First, financial institutions should closely follow the development and application trends of data privacy protection technology in the international financial technology field, and actively research and explore cryptography, multi-party secure computing, and blockchain. The second is to achieve key technological breakthroughs in data modeling, data transmission, storage, and distribution based on the research of new technologies, to form privacy data security protection capabilities, and to promote business innovation and development; third, to encourage the industry to strengthen cooperation , Applying innovations in privacy data security protection capabilities to anti-fraud, anti-money laundering, KYC, joint credit investigation and other business scenarios. 

Longying Zhida (Beijing) Technology Co., Ltd. Ding Ming, Zhang Yong, Yang Xuan, Li Haocheng, Wu Yinan also contributed to this article. 


Posted by:CoinYuppie,Reprinted with attribution to:
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.

Leave a Reply