Method and system for maintaining privacy and traceability of blockchain-based system

Abstract

With the popularity of Blockchain comes grave security-related concerns. Achieving privacy and traceability simultaneously remains an open question. Efforts have been made to address the issues, while they may subject to specific scenarios. The present disclosure proposes a method, a system, and a device for maintaining privacy and traceability of a Blockchain-based system. The method includes: registering in a Blockchain-based system; transmitting a message from a transmitter T to a receiver R via an anonymous network, after a registration request of the transmitter T has been approved and storing message transmission data generated during a message transmission process in a Blockchain; and performing an identity disclosure by using the message transmission data when the message is detected to be false. The anonymous network may transmit the message by onion routing. The solution proposed by the present disclosure can achieve traceability and privacy for a Blockchain-based system simultaneously.

Claims

1. A method for maintaining privacy and traceability of a Blockchain-based system comprising: registering users in a Blockchain-based system by: creating a public/private key pair for a transmitter T; using a private key SK.sub.T to sign identity information of the transmitter T and putting a public key PubK.sub.T and a generated signature together to generate a registration request; and verifying the registration request; transmitting a message from the transmitter T to a receiver R via an anonymous network, after the registration request of the transmitter T has been approved and storing message transmission data generated during a message transmission process in a Blockchain; and performing an identity disclosure by using the message transmission data when the message is detected to be false; wherein the anonymous network transmits the message by onion routing.

2. The method of claim 1, wherein the step of verifying the registration request comprises: comparing the public key PubK.sub.T of the transmitter T with public keys of other parties registered in the Blockchain-based system; confirming whether the public key PubK.sub.T of the transmitter T is the same as the public keys of other parties; broadcasting a confliction and rejecting the registration request, if the public key PubK.sub.T of the transmitter T is the same as any of the public keys of other parties; further checking whether the identity information of the transmitter T is valid or not, if the public key PubK.sub.T of the transmitter T is not the same as any of the public keys of other parties; rejecting the registration request, if the identity information of the transmitter T is invalid; and writing the registration request onto the Blockchain if the identity information of the transmitter T is valid.

3. The method of claim 1, wherein the Blockchain-based system is Vehicular Ad Hoc Networks (OVANETs) for avoiding vehicles to spread false information intentionally.

4. The method of claim 1, wherein the message contains a timestamp to guarantee freshness of the message.

5. A method for maintaining privacy and traceability of a Blockchain-based system comprising: registering users in a Blockchain-based system; after a registration request of the transmitter T has been approved, transmitting a message from a transmitter T to a receiver R via an anonymous network by: randomly choosing at least three nodes A,B,C in a Blockchain P2P network as relays; negotiating different encryption keys K.sub.T-A, K.sub.T-B, K.sub.T-C with the nodes; encrypting the message to be transmitted with the different encryption keys K.sub.T-A, K.sub.T-B, K.sub.T-C successively to obtain an encrypted message EV.sub.0; hard-coding information of the next hop for each node inside the encrypted message; decrypting the encrypted message EV.sub.0 by the encryption key K.sub.T-A to obtain a packet V.sub.0, generating an evidence EV.sub.1 once decrypted, submitting the evidence EV.sub.1 to the Blockchain, and transmitting the packet V.sub.0 to the node B; decrypting the packet V.sub.0 by the encryption key K.sub.T-B to obtain a packet V.sub.1, generating an evidence EV.sub.2 once decrypted, submitting the evidence EV.sub.2 to the Blockchain, and transmitting the packet V.sub.1 to the node C; decrypting the packet V.sub.1 by the encryption key K.sub.T-C to obtain the message, generating an evidence EV.sub.3 once decrypted, submitting the evidence EV.sub.3 to the Blockchain, and transmitting the message to the receiver R; and generating an evidence EV.sub.4 after the receiver R received the message and submitting the evidence EV.sub.4 to the Blockchain; wherein the message transmission date comprises at least the evidence EV.sub.1, EV.sub.2, EV.sub.3, EV.sub.4; storing message transmission data generated during the message transmission process in a Blockchain; and performing an identity disclosure by using the message transmission data when the message is detected to be false; wherein the anonymous network transmits the message by onion routing.

6. The method of claim 5, wherein the steps of generating the evidence EV.sub.1, EV.sub.2, EV.sub.3, EV.sub.4 comprise: signing the encrypted message EV.sub.0 with the private key SK.sub.T of the transmitter T to obtain EV.sub.0|SIGN(SK.sub.T,EV.sub.0) and sending EV.sub.0|SIGN(SK.sub.T,EV.sub.0) to the node A, verifying a signature of the transmitter T by the node A using the public key PubK.sub.T of the transmitter T, signing SIGN(SK.sub.T,EV.sub.0) with a private key SK.sub.A of the node A to obtain SIGN(SK.sub.A,SIGN(SK.sub.T,EV.sub.0), negotiating a new key PK.sub.T-A, termed proof key, by the transmitter T and the node A, and encrypting SIGN(SK.sub.A,SIGN(SK.sub.T,EV.sub.0) with the new key PK.sub.T-A to generate the evidence EV.sub.1; signing the evidence EV.sub.1 with the private key SK.sub.A of the node A to obtain SIGN(SK.sub.A, V.sub.0∥EV.sub.1) and sending SIGN(SK.sub.A, V.sub.0∥EV.sub.1) to the node B, verifying a signature of the node A by the node B using the public key PubK.sub.A of the node A, signing SIGN(SK.sub.A, V.sub.0∥EV.sub.1) with a private key SK.sub.B of the node B to obtain SIGN(SK.sub.B, SIGN(SK.sub.A, V.sub.0∥EV.sub.1), negotiating a proof key PK.sub.A-B by the node A and the node B, and encrypting SIGN(SK.sub.B, SIGN(SK.sub.A, V.sub.0∥EV.sub.1) with the proof key PK.sub.A-B to generate the evidence EV.sub.2; signing the evidence EV.sub.2 with the private key SK.sub.B of the node B to obtain SIGN(SK.sub.B, V.sub.1∥EV.sub.2) and sending SIGN(SK.sub.B, V.sub.1∥EV.sub.2) to the node C, verifying a signature of the node B by the node C using the public key PubK.sub.B of the node B, signing SIGN(SK.sub.B, V.sub.1∥EV.sub.2) with a private key SK.sub.C of the node C to obtain SIGN(SK.sub.C, SIGN(SK.sub.B, V.sub.1∥EV.sub.2), negotiating a proof key PK.sub.B-C by the node B and the node C, and encrypting SIGN(SK.sub.C, SIGN(SK.sub.B, V.sub.1∥EV.sub.2) with the proof key PK.sub.B-C to generate the evidence EV.sub.3; and signing the encrypted message EV.sub.3 with the private key SK.sub.C of the node C to obtain SIGN(SK.sub.C, m∥EV.sub.3) and sending SIGN(SK.sub.C, m∥EV.sub.3) to the receiver R, verifying a signature of the node C by the receiver R using the public key PubK.sub.C of the node C, signing SIGN(SK.sub.C, m∥EV.sub.3) with a private key SK.sub.R of the receiver R to obtain SIGN(SK.sub.R, SIGN(SK.sub.C, m∥EV.sub.3), negotiating a proof key PK.sub.C-R by the node C and the receiver R, and encrypting SIGN(SK.sub.R, SIGN(SK.sub.C, m∥EV.sub.3) with the proof key PK.sub.C-R to generate the evidence EV.sub.4.

7. The method of claim 6, wherein the proof keys PK.sub.T-A, PK.sub.A-B, PK.sub.B-C, PK.sub.C-R are respectively kept by two sides involved in the negotiation of each proof key, the encryption key K.sub.T-A and the proof key PK.sub.T-A cannot be the same, and every time when a new message is transmitted, new proof keys are negotiated.

8. The method of claim 6, wherein the step of performing an identity disclosure comprises: launching the identity disclosure when an identity disclosure request has been approved by a majority of parties; and decrypting the evidence EV.sub.1, EV.sub.2, EV.sub.3, EV.sub.4 using the proof keys PK.sub.T-A, PK.sub.A-B, PK.sub.B-C, PK.sub.C-R.

9. The method of claim 8, wherein the step of decrypting the evidence EV.sub.1, EV.sub.2, EV.sub.3, EV.sub.4 using the proof keys PK.sub.T-A, PK.sub.A-B, PK.sub.B-C, PK.sub.C-R comprises: locating the evidence EV.sub.4 on the Blockchain by the receiver R, making a location of the evidence EV.sub.4 and the proof key PK.sub.C-R publicly accessible, such that all parties in the Blockchain P2P network can perform a decryption process DEC(PK.sub.C-R,EV.sub.4)=SIGN(SK.sub.R, SIGN(SK.sub.C, m∥EV.sub.3))=S.sub.4, and performing a signature verification VERIFY(PubK.sub.C,S.sub.4,(m∥EV.sub.3))) by all the parties; making PK.sub.B-C publicly accessible by the node C, such that all parties in the Blockchain P2P network can perform a decryption process DEC(PK.sub.B-C,EV.sub.3)=SIGN(SK.sub.C, SIGN(SK.sub.B, V.sub.1∥EV.sub.2))=S.sub.3, and performing a signature verification VERIFY(PubK.sub.B,S.sub.3,(V.sub.1∥EV.sub.2))) by all the parties; making PK.sub.A-B publicly accessible by the node B, such that all parties in the Blockchain P2P network can perform a decryption process DEC(PK.sub.A-B,EV.sub.2)=SIGN(SK.sub.B, SIGN(SK.sub.A, V.sub.0∥EV.sub.1))=S.sub.2, and performing a signature verification VERIFY(PubK.sub.A,S.sub.2,(V.sub.0∥EV.sub.4))) by all the parties; making PK.sub.T-A publicly accessible by the node A, such that all parties in the Blockchain P2P network can perform a decryption process DEC(PK.sub.T-A,EV.sub.1)=SIGN(SK.sub.A,SIGN(SK.sub.T,EV.sub.0)=S.sub.1, and performing a signature verification VERIFY(PubK.sub.T,S.sub.1,EV.sub.0)) by all the parties; and releasing encryption keys K.sub.T-A, K.sub.T-B, K.sub.T-C by the transmitter T after T is accused of false message spreading.

10. A system for maintaining privacy and traceability of a Blockchain-based system, comprising: one or more processors; and one or more memory devices interoperably coupled with the one or more processors and having tangible, non-transitory, machine-readable media storing one or more instructions that, when executed by the one or more processors, perform one or more operations comprising: registering users in a Blockchain-based system by: creating a public/private key pair for a transmitter T; using a private key SK.sub.T to sign identity information of the transmitter T and putting a public key PubK.sub.T and a generated signature together to generate a registration request; and verifying the registration request; transmitting a message from the transmitter T to a receiver R via an anonymous network, after the registration request of the transmitter T has been approved and storing message transmission data generated during a message transmission process in a Blockchain; and performing an identity disclosure by using the message transmission data when the message is detected to be false; the anonymous network transmits the message by onion routing.

11. The system of claim 10, wherein the step of transmitting the message from the transmitter T to a receiver R via the anonymous network comprises: randomly choosing at least three nodes A, B, C in a Blockchain P2P network as the relays; negotiating different encryption keys K.sub.T-A, K.sub.T-B, K.sub.T-C with the nodes; encrypting the message to be transmitted with the different encryption keys K.sub.T-A, K.sub.T-B, K.sub.T-C successively to obtain an encrypted message EV.sub.0; hard-coding information of the next hop for each node inside the encrypted message; decrypting the encrypted message EV.sub.0 by the encryption key K.sub.T-A to obtain a packet V.sub.0, generating an evidence EV.sub.1 once decrypted, submitting the evidence EV.sub.1 to the Blockchain, and transmitting the packet V.sub.0 to the node B; decrypting the packet V.sub.0 by the encryption key K.sub.T-B to obtain a packet generating an evidence EV.sub.2 once decrypted, submitting the evidence EV.sub.2 to the Blockchain, and transmitting the packet V.sub.1 to the node C; decrypting the packet V.sub.1 by the encryption key K.sub.T-C to obtain the message, generating an evidence EV.sub.3 once decrypted, submitting the evidence EV.sub.3 to the Blockchain, and transmitting the message to the receiver R; and generating an evidence EV.sub.4 after the receiver R received the message and submitting the evidence EV.sub.4 to the Blockchain; wherein the message transmission date comprises at least the evidence EV.sub.1, EV.sub.2, EV.sub.3, EV.sub.4.

12. The system of claim 11, wherein the steps of generating the evidence EV.sub.1, EV.sub.2, EV.sub.3, EV.sub.4 comprise: signing the encrypted message EV.sub.0 with the private key SK.sub.T of the transmitter T to obtain EV.sub.0|SIGN(SK.sub.T,EV.sub.0) and sending EV.sub.0|SIGN(SK.sub.T,EV.sub.0) to the node A, verifying a signature of the transmitter T by the node A using the public key PubK.sub.T of the transmitter T, signing SIGN(SK.sub.T,EV.sub.0) with a private key SK.sub.A of the node A to obtain SIGN(SK.sub.A,SIGN(SK.sub.T,EV.sub.0), negotiating a new key PK.sub.T-A, termed proof key, by the transmitter T and the node A, and encrypting SIGN(SK.sub.A,SIGN(SK.sub.T,EV.sub.0) with the new key PK.sub.T-A to generate the evidence EV.sub.1; signing the evidence EV.sub.1 with the private key SK.sub.A of the node A to obtain SIGN(SK.sub.A, V.sub.0∥EV.sub.1) and sending SIGN(SK.sub.A, V.sub.0∥EV.sub.1) to the node B, verifying a signature of the node A by the node B using the public key PubK.sub.A of the node A, signing SIGN(SK.sub.A, V.sub.0∥EV.sub.1) with a private key SK.sub.B of the node B to obtain SIGN(SK.sub.B, SIGN(SK.sub.A, V.sub.0∥EV.sub.1), negotiating a proof key PK.sub.A-B by the node A and the node B, and encrypting SIGN(SK.sub.B, SIGN(SK.sub.A, V.sub.0∥EV.sub.1) with the proof key PK.sub.A-B to generate the evidence EV.sub.2; signing the evidence EV.sub.2 with the private key SK.sub.B of the node B to obtain SIGN(SK.sub.B, V.sub.1∥EV.sub.2) and sending SIGN(SK.sub.B, V.sub.1∥EV.sub.2) to the node C, verifying a signature of the node B by the node C using the public key PubK.sub.B of the node B, signing SIGN(SK.sub.B, V.sub.1∥EV.sub.2) with a private key SK.sub.C of the node C to obtain SIGN(SK.sub.C, SIGN(SK.sub.B, V.sub.1∥EV.sub.2), negotiating a proof key PK.sub.B-C by the node B and the node C, and encrypting SIGN(SK.sub.C, SIGN(SK.sub.B, V.sub.1∥EV.sub.2) with the proof key PK.sub.B-C to generate the evidence EV.sub.3; and signing the encrypted message EV.sub.3 with the private key SK.sub.C of the node C to obtain SIGN(SK.sub.C, m∥EV.sub.3) and sending SIGN(SK.sub.C, m∥EV.sub.3) to the receiver R, verifying a signature of the node C by the receiver R using the public key PubK.sub.C of the node C, signing SIGN(SK.sub.C, m∥EV.sub.3) with a private key SK.sub.R of the receiver R to obtain SIGN(SK.sub.R, SIGN(SK.sub.C, m∥EV.sub.3), negotiating a proof key PK.sub.C-R by the node C and the receiver R, and encrypting SIGN(SK.sub.R, SIGN(SK.sub.C, m∥EV.sub.3) with the proof key PK.sub.C-R to generate the evidence EV.sub.4.

13. The system of claim 12, wherein the step of performing an identity disclosure comprises: launching the identity disclosure when an identity disclosure request has been approved by a majority of parties; and decrypting the evidence EV.sub.1, EV.sub.2, EV.sub.3, EV.sub.4 using the proof keys PK.sub.T-A, PK.sub.A-B, PK.sub.B-C, PK.sub.C-R.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

(1) The drawings described here are intended to provide a further understanding of the present disclosure, and constitute a part of the present disclosure. The illustrative implementations of the present disclosure and description of the implementations are intended to describe the present disclosure, and do not constitute limitations on the present disclosure.

(2) FIG. 1 is a flowchart of a method for maintaining privacy and traceability of a Blockchain-based system according to an exemplary embodiment of the present disclosure;

(3) FIG. 2 is a schematic diagram of a system for maintaining privacy and traceability of a Blockchain-based system according to an exemplary embodiment of the present disclosure;

(4) FIG. 3 is a schematic diagram showing the message transmission according to an exemplary embodiment of the present disclosure;

(5) FIG. 4 is a schematic diagram showing the identity disclosure according to an exemplary embodiment of the present disclosure;

(6) FIG. 5 is a schematic diagram of a device for maintaining privacy and traceability of a Blockchain-based system according to an exemplary embodiment of the present disclosure; and

(7) FIG. 6 is an overview of the vehicles communication system.

DETAILED DESCRIPTION OF THE EMBODIMENTS

(8) The exemplary embodiments of the present disclosure are described below in detail with reference to the drawings. It should be understood that the exemplary embodiments described below are used only to illustrate and interpret the present disclosure and are not intended to limit the present disclosure.

(9) It should be noted that the exemplary embodiments of the present disclosure and features in the exemplary embodiments may be combined with each other in the case of no conflict, and all the combinations fall within the protection scope of the present disclosure. In addition, although a logical order is shown in the flowchart, the steps shown or described may be performed in a different order from the order here in some cases.

(10) In implementations, a computing device that performs a data processing method may include one or more processors (CPU, Central Processing Module), an input/output interface, a network interface and a memory.

(11) The memory may include a volatile memory, a random access memory (RAM) and/or a non-volatile memory and other forms in a computer readable medium, for example, a read-only memory (ROM) or a flash RAM. The memory is an example of the computer readable medium. The memory may include a module 1, a module 2, . . . , and a module N (N is an integer greater than 2).

(12) The computer readable medium includes non-volatile and volatile media as well as removable and non-removable storage media. A storage medium may store information by means of any method or technology. The information may be a computer readable instruction, a data structure, and a module of a program or other data. A storage medium of a computer includes, for example, but is not limited to, a phase change memory (PRAM), a static random access memory (SRAM), a dynamic random access memory (DRAM), other types of RAMs, a ROM, an electrically erasable programmable read-only memory (EEPROM), a flash memory or other memory technologies, a compact disk read-only memory (CD-ROM), a digital versatile disc (DVD) or other optical storages, a cassette tape, a magnetic disk storage or other magnetic storage devices, or any other non-transmission media, and may be used to store information accessible to the computing device.

(13) Onion routing can resist to eavesdropping and traffic analysis innately. It is observed that the onion routers will relay the packets between an intended source and an intended destination. For most of the time, as a destination, it cannot trace the packets back to the source. This is because the destination and its previous hop, which is an onion router, are different nodes in the network. They shall not share the hop or routing information with each other. But what if the destination node and the three onion routers are all manipulated by a third-party behind? In this case, the third-party can obtain all the routing information, and trace from a destination back to a source. That is, he is capable of disclosing the identity of the source. Here, such a third party can be a good or evil one, depending on if and how he will perform the disclosure. If he is ultimately fair and only behaves according to the willingness of the majority, he is a good one. However, does such a flawless third party exist? To solve these problems, the present disclosure proposes the following solutions.

(14) The notations used in the present disclosure are summarized in TABLE 1 below.

(15) TABLE-US-00001 TABLE 1 Summary of notations Notation Description a .fwdarw. b a routing message, where a is the source and b is the destination PubK.sub.i the public key of a party i SK.sub.i the private key of a party i s.sub.1||s.sub.2 a combination of a string s.sub.1 and a string s.sub.2 ENC(keymsg) The AES encryption process, where key refers to a encryption key, and msg refers to a message DEC(key ctext) The decryption process, where key refers to a encryption key, and ctext refers to a cipher-text SIGN(SK,msg) The signature generation process, where SK refers to a private key, and msg refers to a message VERIFY The signature generation process, where PubK refers to a (PubK,sigm) private key, and sig refers to a signature, while m is the message

(16) As shown in FIG. 1, an exemplary embodiment of the present disclosure provides a method for maintaining privacy and traceability of a Blockchain-based system, which includes:

(17) S100: registering in a Blockchain-based system;

(18) S200: transmitting a message from a transmitter T to a receiver R via an anonymous network after a registration request of the transmitter T has been approved and storing message transmission data generated during a message transmission process in a Blockchain; and
S300: performing an identity disclosure by using the message transmission data when the message is detected to be false.

(19) S100 is used for parties to join the block-chain based system. To this end, each party must provide their real identity to the system distributedly, and the system will store these information onto Blockchain. All these information are free to access for the public. In regard of privacy-preserving, although the information is publicly accessible, an attacker cannot link a specific message to its sender according to the solution of the present disclosure. The privacy of each party is still preserved. S200 defines how two parties transmit a message via the network. Different from the traditional network communication, the message sender and the message responder may need to write data onto Blockchain. The message transmission data, termed evidence in the following description, is encrypted by negotiated keys, and also plays an important role in the identity disclosure process. S300 will perform when the parties have the requirement to disclose a specific sender. Say, when false information is identified, the parties want to know who is the sender of this false information. According to the solution of the present disclosure, the identity disclosure process can link the false information to a specific sender by decrypting the evidence.

(20) In an exemplary embodiment of the present disclosure, the anonymous network transmits the message by onion routing.

(21) In an exemplary embodiment of the present disclosure, the step of registration works as follows: (i) When a party A wants to join the system, he first creates a public/private key pair, denoted as SK.sub.A, PubK.sub.A, which can be used to perform signature generation and verification. (ii) He uses his private key SK.sub.A to sign his real identity ID, and put his public key PubK.sub.A and the generated signature S together to generate a registration request, i.e. regReq=(PubK.sub.A∥S). The ID here uniquely refers to a specific party. He submits the registration request to the Blockchain P2P network and preserves his private key carefully. To notice, before the request having been approved and written onto Blockchain, A is not permitted to send any other request. (iii) Other parties will verify the registration request before they write it onto Blockchain. The verification process is to make sure that the signature is generated from the attached public key PubK.sub.A, and the one who sends the request has the same identity as attached. Otherwise, other parties will reject the request. The other parties also need to check if the public key attached has been used by other parties else. Since the request can be viewed by all the parties, it is trivial for them to identify a duplicate public key. That is, each party compares the attached public key with his own public key and confirms that they are not the same. If they are the same, the party with the same public key will broadcast a confliction. The confliction is also a type of request that has a higher priority or other parties to process. Also, other parties may need to check if the identity used is a valid one or fabricated by the party itself. Therefore, the Blockchain used may be a permissioned Blockchain. The permissioned blockchain is a type of Blockchain that requires permission to join, and limits the parties who can provide the solution for the puzzle, i.e., being the miners. It is to be noticed that all parties other than miners can submit their transactions into Blockchain network, but only miners have the permission to record the transactions. This is reasonable because it reduces the risk of being attacked by some attacks, e.g., 51% attack and selfish mining attack. The process of how to group the requests as transitions, and how to write the transactions are as same as Bitcoin, and will not be described in detail herein.

(22) In an exemplary embodiment of the present disclosure, the message transmission works as follows. As shown in FIG. 2, three hops are used as relays between a transmitter T and a receiver R to demonstrate the principle. However, it should be noted that the present disclosure is not limited thereto, the number of the relays may also be other integers other than 1 and 3, and the relays work in the same principle as the relays discussed below. Parties can choose more than three hops to achieve better privacy. Specifically, the steps of the message transmission include: 1) Initially, the sender who wants to send the message first randomly chooses three nodes in the Blockchain P2P network. The three nodes are denoted as A, B, C respectively. The sender also negotiates the three different keys with the three nodes. The key negotiation process is as same as that in onion routing, which will not be repeated herein. We denote the encryption keys as K.sub.T-A, K.sub.A-B, K.sub.B-C, where the first letter in subscript refers to the sender of the packet, while the second letter refers to the packets responder. For example, K.sub.T-A is used to encrypt a message that is sent from T to A. 2) T encrypts the message with the three encryption keys successively. The user also hard-code the next-hop information, e.g., A.fwdarw.B, inside the encrypted message, to make sure that each node is aware of its next-hop respectively. As mentioned earlier, the encrypted message is also called evidence in the present disclosure. To notice, during the message transmitting, more than one evidence is generated. Here, the encrypted message is referred to as evidence EV.sub.0. The message is referred to as m, which contains a timestamp to grantee the freshness of messages. Formally, EV.sub.0 can be represented as equation (1):
EV.sub.0=ENC(K.sub.T-A,(A.fwdarw.B∥ENC(K.sub.A-B,(B.fwdarw.C∥ENC(K.sub.B-C,(C.fwdarw.R∥m))))))  (1)
3) A first removes the first layer encryption by decrypting the EV.sub.0 with the key K.sub.T-A, which is negotiated before. The decrypted packet is referred to as V.sub.0. Formally, V.sub.0 can be represented as equation (2):
V.sub.0=ENC(K.sub.A-B,(B.fwdarw.C∥ENC(K.sub.B-C,(C.fwdarw.R∥m))))  (2)
Once decrypted, A then knows which node is the next hop. Then, A will send V.sub.0 packet to B, and the key used between A and B is K.sub.A-B. Before this process, A also needs to generate a new evidence and submit it to Blockchain first. Here, A and T are required to work closely, and generate a new evidence EV.sub.1. To this end, T signs EV.sub.0 with his private key, and sends EV.sub.0|SIGN(SK.sub.T,EV.sub.0) to the first node A. The first node verifies the signature using the public key of T. As mentioned above, the public key was written onto Blockchain in the registration process and free to index. This step is used to ensure the message is sent from T, not other parties. Once the verification processed, A signs SIGN(SK.sub.T,EV.sub.0) with his own private key SK.sub.A. Thereafter, the two parties negotiate a new key PK.sub.T-A, termed proof key, then encrypts SIGN(SK.sub.A,SIGN(SK.sub.T,EV.sub.0)) with PK.sub.T-A to generate the new evidence EV.sub.1. This step ensures that A receives the message successfully. The EV.sub.1 is supposed to be written on Blockchain. Here, T and A have the same proof key PK.sub.T-A, so that they can check the signatures and confirms that they all follow the procedures properly, while other parities will have no information about EV.sub.1. To notice, the K.sub.T-A and PK.sub.T-A cannot be the same, and each party is required to keep the PK carefully for the further usage. Also, every time when a new message is sent, each party needs to negotiate a new proof key. Formally, EV.sub.1 can be represented as equation (3):
EV.sub.1=ENC(PK.sub.T-A,SIGN(SK.sub.A,(SIGN(SK.sub.T,EV.sub.0)))))  (3)
4) A will wait until EV.sub.1 is written onto Blockchain. Thereafter, A will send V.sub.0 packet to B. B then removes the second layer encryption with the key K.sub.A-B and generate the packet V.sub.1. Formally, V.sub.1 can be represented as equation (4):
V.sub.1=ENC(K.sub.B-C,(C.fwdarw.R∥m))  (4)
Afterwards, A and B work closely to generate a new evidence EV.sub.2. The process is similar to what have been elaborated in previous step, and will not be repeated in detail herein. Specifically, EV.sub.2 can be represented as equation (5):
EV.sub.2=ENC(PK.sub.A-B,SIGN(SK.sub.B,SIGN(SK.sub.A,V.sub.0∥EV.sub.1)))  (5)
5) B will wait until EV.sub.2 is written onto Blockchain. Thereafter, B will send V.sub.1 to C. C then removes the finally layer encryption with the key K.sub.B-C and obtains the message m in plain-text. At this time, B and C work closely to generate a new evidence EV.sub.3. Specifically, EV.sub.3 can be represented as shown in equation (6):
EV.sub.3=ENC(PK.sub.B-C,SIGN(SK.sub.C,SIGN(SK.sub.B,V.sub.1∥EV.sub.2)))  (6)
6) C will wait until EV.sub.3 is written onto Blockchain. Afterwards, C will send message to R. R and C then work closely to generate a new evidence EV.sub.4. Specifically, EV.sub.4 can be represented as equation (7):
EV.sub.4=ENC(PK.sub.C-R,SIGN(SK.sub.R,SIGN(SK.sub.C,m∥EV.sub.3)))  (7)

(23) In an exemplary embodiment of the present disclosure, the identity disclosure works as follows. An example algorithm for one of the implementations of the identity disclosure is presented below. However, it should be noted that the present disclosure is not limited thereto.

(24) TABLE-US-00002 Data m.sub.fake, EV.sub.i Output R.sub.x j = i − 1; V.sub.j = m.sub.fake; for j > 0 do | Relaying node R.sub.j−1 release his proof key |  PK.sub.R.sub.j−1; | if PK.sub.R.sub.j−1 == Ø then | | R.sub.x = R.sub.j−1; | | RETURN R.sub.x; | end | else | | DEC(PK.sub.j−i, EV.sub.j) | | = SIGN(SK.sub.R.sub.j−1, SIGN(SK.sub.R.sub.j−1PK.sub.j−1||V.sub.j); | | = S.sub.j | | if VERIFY(PubK.sub.j−1, S.sub.j, (V.sub.j||EV.sub.j−1))) then | | | if VERIFY(PubK.sub.j−2, S.sub.j, (V.sub.j||EV.sub.j−1))) | | |  then | | | | j=j−1 | | | end | | | else | | | | R.sub.x = R.sub.j−2; | | | | RETURN R.sub.x; | | | end | | end | | else | | | R.sub.x = R.sub.j−1; | | | RETURN R.sub.x; | | end | end end R.sub.x = R.sub.j−1; RETURN R.sub.x;

(25) FIG. 3 shows an exemplary embodiment of the identity disclosure of the present disclosure. 1) The receiver R requires a party C to perform the plea of innocence since R receives the false message from C. To prove so, R locates evidence EV.sub.4 on Blockchain, and makes the location of EV.sub.4 and the PK.sub.C-R publicly accessible. In this way, all parties in the Blockchain P2P network can perform the decryption process, as shown in equation (8).
DEC(PK.sub.C-R,EV.sub.4)=SIGN(SK.sub.R,SIGN(SK.sub.C,m∥EV.sub.3))=S.sub.4  (8)
After the decryption process, all parties know that the previous hop is C, which was confirmed by C and R, since their signature are present. As shown in equation 9, all parties can perform their signature verification without any changes.
VERIFY(PubK.sub.C,S.sub.4,(m∥EV.sub.3)))  (9)
2) In this case, C is required to perform the plea of innocence. Different from the first step, the evidence EV.sub.3 is contained in the plain-text of EV.sub.4. So C is only required to make the PK.sub.B-C publicly accessible. In such a way, parties know that previous hop is B, which was confirmed by B and C, since their signature are present. Meanwhile, new evidence EV.sub.2 shows up. 3) Thereafter, B is required to perform the plea of innocence. Similar to the previous process, B finally reveals a piece of new evidence EV.sub.1. 4) Afterwards, A is required to perform the plea of innocence. The process is also similar to the previous one. Finally, a piece of new evidence EV.sub.0 shows up. 5) Finally, T is required to perform the plea of innocence. T is required to make a proof key publicly accessible. However, T does not have a proof key for EV.sub.0, since T is the message transmitter. Therefore, T is accused of false message spreading. In this case, T can also release the three keys, which is considered as a “confession”.

(26) FIG. 2 is a schematic diagram of a system for maintaining privacy and traceability of a Blockchain-based system, which includes one or more processors; and one or more memory devices interoperably coupled with the one or more processors and having tangible, non-transitory, machine-readable media storing one or more instructions that, when executed by the one or more processors, perform one or more operations of the methods described above.

(27) In an exemplary embodiment of the present disclosure, a device for maintaining privacy and traceability of a Blockchain-based system is shown in FIG. 4. The device includes one or more processors and one or more memory devices interoperably coupled with the one or more processors. The one or more memory devices contain a tangible, non-transitory, machine-readable media storing one or more modules including a registration module 1 for parties to sign up in the Blockchain-based system, a message transmitting module 2 for transmitting message, and an identity disclosure module 3 for disclosing the identity of a party spreading false information when the dishonest behavior has been detected.

(28) The registration module 1 is configured to perform operations including: creating a public/private key pair for the transmitter T; using a private key SK.sub.T to sign identity information of the transmitter T and putting a public key PubK.sub.T and a generated signature together to generate the registration request; and verifying the registration request. The step of verifying the registration request further includes: comparing the public key PubK.sub.T of the transmitter T with public keys of other parties registered in the Blockchain-based system; confirming whether the public key PubK.sub.T of the transmitter T is the same as the public keys of other parties; broadcasting a confliction and rejecting the registration request, if the public key PubK.sub.T of the transmitter T is the same as any of the public keys of other parties; further checking whether the identity information of the transmitter T is valid or not, if the public key PubK.sub.T of the transmitter T is not the same as any of the public keys of other parties; rejecting the registration request, if the identity information of the transmitter T is invalid; and writing the registration request onto the Blockchain if the identity information of the transmitter T is valid.

(29) The message transmitting module 2 is configured to perform operations including: randomly choosing at least three nodes A,B,C in a Blockchain P2P network as the relays; negotiating different encryption keys K.sub.T-A, K.sub.T-B, K.sub.T-C with the nodes; encrypting the message to be transmitted with the different encryption keys K.sub.T-A, K.sub.T-B, K.sub.T-C successively to obtain an encrypted message EV.sub.0, hard-coding information of the next hop for each node inside the encrypted message; decrypting the encrypted message EV.sub.0 by the encryption key K.sub.T-A to obtain a packet V.sub.0, generating an evidence EV.sub.1 once decrypted, submitting the evidence EV.sub.1 to the Blockchain, and transmitting the packet V.sub.0 to the node B; decrypting the packet V.sub.0 by the encryption key K.sub.T-B to obtain a packet V.sub.1, generating an evidence EV.sub.2 once decrypted, submitting the evidence EV.sub.2 to the Blockchain, and transmitting the packet V.sub.1 to the node C; decrypting the packet V.sub.1 by the encryption key K.sub.T-C to obtain the message, generating an evidence EV.sub.3 once decrypted, submitting the evidence EV.sub.3 to the Blockchain, and transmitting the message to the receiver R; and generating an evidence EV.sub.4 after the receiver R received the message and submitting the evidence EV.sub.4 to the Blockchain. The message transmission date includes at least the evidence EV.sub.1, EV.sub.2, EV.sub.3, EV.sub.4. The evidence EV.sub.1 is generated by the following operations: signing the encrypted message EV.sub.0 with the private key SK.sub.T of the transmitter T to obtain EV.sub.0|SIGN(SK.sub.T,EV.sub.0) and sending EV.sub.0|SIGN(SK.sub.T,EV.sub.0) to the node A, verifying a signature of the transmitter T by the node A using the public key PubK.sub.T of the transmitter T, signing SIGN(SK.sub.TEV.sub.0) with a private key SK.sub.A of the node A to obtain SIGN(SK.sub.A,SIGN(SK.sub.TEV.sub.0), negotiating a new key PK.sub.T-A, termed proof key, by the transmitter T and the node A, and encrypting SIGN(SK.sub.A,SIGN(SK.sub.TEV.sub.0) with the new key PK.sub.T-A to generate the evidence EV.sub.1. The evidence EV.sub.2 is generated by the following operations: signing the evidence EV.sub.1 with the private key SK.sub.A of the node A to obtain SIGN(SK.sub.A, V.sub.0∥EV.sub.1) and sending SIGN(SK.sub.A, V.sub.0∥EV.sub.1) to the node B, verifying a signature of the node A by the node B using the public key PubK.sub.A of the node A, signing SIGN(SK.sub.A, V.sub.0∥EV.sub.1) with a private key SK.sub.B of the node B to obtain SIGN(SK.sub.B, SIGN(SK.sub.A, V.sub.0∥EV.sub.1), negotiating a proof key PK.sub.A-B by the node A and the node B, and encrypting SIGN(SK.sub.B, SIGN(SK.sub.A, V.sub.0∥EV.sub.1) with the proof key PK.sub.A-B to generate the evidence EV.sub.2. The evidence EV.sub.3 is generated by the following operations: signing the evidence EV.sub.2 with the private key SK.sub.B of the node B to obtain SIGN(SK.sub.B, V.sub.1∥EV.sub.2) and sending SIGN(SK.sub.B, V.sub.1∥EV.sub.2) to the node C, verifying a signature of the node B by the node C using the public key PubK.sub.B of the node B, signing SIGN(SK.sub.B, V.sub.1∥EV.sub.2) with a private key SK.sub.C of the node C to obtain SIGN(SK.sub.C, SIGN(SK.sub.B, V.sub.1∥EV.sub.2), negotiating a proof key PK.sub.B-C by the node B and the node C, and encrypting SIGN(SK.sub.C, SIGN(SK.sub.B, V.sub.1∥EV.sub.2) with the proof key PK.sub.B-C to generate the evidence EV.sub.3. The evidence EV.sub.4 is generated by the following operations: signing the encrypted message EV.sub.3 with the private key SK.sub.C of the node C to obtain SIGN(SK.sub.C, m∥EV.sub.3) and sending SIGN(SK.sub.C, m∥EV.sub.3) to the receiver R, verifying a signature of the node C by the receiver R using the public key PubK.sub.C of the node C, signing SIGN(SK.sub.C, m∥EV.sub.3) with a private key SK.sub.R of the receiver R to obtain SIGN(SK.sub.R, SIGN(SK.sub.C, m∥EV.sub.3), negotiating a proof key PK.sub.C-R by the node C and the receiver R, and encrypting SIGN(SK.sub.R, SIGN(SK.sub.C, m∥EV.sub.3) with the proof key PK.sub.C-R to generate the evidence EV.sub.4.

(30) The identity disclosure module 3 is configured to perform operations including: launching the identity disclosure when an identity disclosure request has been approved by a majority of parties, and decrypting the evidence EV.sub.1, EV.sub.2, EV.sub.3, EV.sub.4 using the proof keys PK.sub.T-A, PK.sub.A-B, PK.sub.B-C, PK.sub.C-R. The evidence EV.sub.4 is decrypted by the following operations: locating the evidence EV.sub.4 on the Blockchain by the receiver R, making a location of the evidence EV.sub.4 and the proof key PK.sub.C-R publicly accessible, such that all parties in the Blockchain P2P network can perform a decryption process DEC(PK.sub.C-R,EV.sub.4)=SIGN(SK.sub.R, SIGN(SK.sub.C, m∥EV.sub.3))=S.sub.4, and performing a signature verification VERIFY(PubK.sub.C, S.sub.4, (m∥EV.sub.3))) by all the parties. The evidence EV.sub.3 is decrypted by the following operations: making PK.sub.B-C publicly accessible by the node C, such that all parties in the Blockchain P2P network can perform a decryption process DEC(PK.sub.B-C,EV.sub.3)=SIGN(SK.sub.C, SIGN(SK.sub.B, V.sub.1∥EV.sub.2))=S.sub.3, and performing a signature verification VERIFY(PubK.sub.B,S.sub.3,(V.sub.1∥EV.sub.2))) by all the parties. The evidence EV.sub.2 is decrypted by the following operations: making PK.sub.A-B publicly accessible by the node B, such that all parties in the Blockchain P2P network can perform a decryption process DEC(PK.sub.A-B,EV.sub.2)=SIGN(SK.sub.B, SIGN(SK.sub.A, V.sub.0∥EV.sub.1))=S.sub.2, and performing a signature verification VERIFY(PubK.sub.A, S.sub.2, (V.sub.0∥EV.sub.1))) by all the parties. The evidence EV is decrypted by the following operations: making PK.sub.T-A publicly accessible by the node A, such that all parties in the Blockchain P2P network can perform a decryption process DEC(PK.sub.T-A,EV.sub.1)=SIGN(SK.sub.A,SIGN(SK.sub.T,EV.sub.0)=S.sub.1, and performing a signature verification VERIFY(PubK.sub.T,S.sub.1,EV.sub.0) by all the parties. Finally, transmitter T is required to make a proof key publicly accessible. However, T does not have a proof key for EV.sub.0, since T is the message transmitter. Therefore, T is accused of false message spreading. In this case, T can also release the encryption keys K.sub.T-A, K.sub.T-B, K.sub.T-C, which is considered as a “confession”.

(31) In an exemplary embodiment of the present disclosure, the Blockchain-based system may be Vehicular Ad Hoc Networks (VANETs). Vehicular Ad Hoc Networks (VANETs) as the term itself implies, is designed for vehicles to achieve communication. It has aroused researchers' interest since it offers a paradigm for facilitating smart city. In vehicles communication systems, vehicles are equipped with a set of sensors, Global Positioning System (GPS), and Radio Frequency Identification (RFID) tags, which allows them to sense the environment around. Examples of the applications of vehicles communication systems include navigation, path planning. For instance, in the case of path planning, vehicles may communicate with each other to share the traffic information, so that a suitable route can be selected, avoiding the traffic jams. FIG. 5 shows an overview of the vehicles communication system. Instead of using traditional Wireless Local Area Network (WLAN) and the wired network, vehicles communication system introduces Road-Side Units (RSUs) to connect the internet. These RSUs are installed along the road-sides, providing Internet access for vehicles. The coverage of each RSU is termed Wireless Advanced Vehicle Electrification (WAVE) Basic Service Set. Basically, vehicles connect to the RSUs via their On-Board Units (OBU), which is a component mounted inside each vehicle. When there is no RSU available, the vehicles can also achieve local area communication.

(32) The introduction of the method, system, device, or non-transitory, computer-readable medium for maintaining privacy and traceability of Blockchain-based system to the Vehicular Ad Hoc Networks (VANETs) can avoid vehicles to spread false information intentionally. The motivation for introducing the Vehicular Ad Hoc Networks (VANETs) is to demonstrate the generality of the present disclosure. From a high level, VANETs in this context is built on a Blockchain-based reputation system. In such a reputation system, vehicles share useful information, such as traffic information or information about road conditions, to gain their reputations. They are self-motivated by a suite of incentive mechanism. For example, vehicles with higher reputation may have more priority to access resources, or they can use reputations to earn their gas, while a vehicle with a lower reputation may fail to access some services. Therefore, each vehicle values its reputation and tries to have a higher reputation by behaving honestly and offering good service for other vehicles. Basically, a Blockchain-based database provides endorsements for the proposed system. The endorsements are tamper-proof due to the advanced features of Blockchain. In such a scenario, privacy-preserving is an indispensable requirement. Vehicles may require to remain anonymous for various reasons. For example, vehicles may be easy to be convinced by a message from a vehicle with higher reputation, while they may fail to believe information from a vehicle with a low reputation. In this case, the vehicles with a low reputation, like a vehicle that has newly joined the system, may never have a chance to earn its reputation. Therefore, the solution of the present disclosure offers opportunities for vehicles with lower reputations due to the privacy-preserving feature. On the other hand, the solution of the present disclosure can also work inversely and identifies these vehicles spreading false information. Once identified, punishments are enforced for these dishonest vehicles. One punishment can be decreasing their reputations. Finally, considering the limited storage resource of vehicles, the designer can choose RSUs to deploy the solution of the present disclosure, while vehicles can communicate with RSUs via VANET. It can be observed that the solution of the present disclosure can be extended to other similar scenarios with a little hindrance. For example, in the context of crowd-sourcing systems, employers/employees can also set up such a system based on the solution of the present disclosure to achieve privacy and traceability simultaneously. They may also use the idea of a reputation system to evaluate an employer/employee, and penalize the malicious parties when un-honest behaviors are detected. Moreover, by using the smart contracts, the entire process may be executed automatically without human's involvement, reducing the burdens of management.

(33) Hereinafter, the security analysis is presented to show the security performance when applying the solution of the present disclosure. Specifically, an attacker may intentionally create craft-packets and try to deploy attacks on the system applying the solution of the present disclosure in various ways. Notably, the transmitter, relaying nodes, receiver are examined throughout the lifecycle of a transaction and conduct five attack vectors in regards of security analysis, as shown in TABLE 2.

(34) TABLE-US-00003 TABLE 2 Attack Surface(✓refers to our solution can defend the attack without any changes) Attack Number of Name Initiator Attackers our solution Malicious- Transmitter Single ✓ Transmitter Malicious- Relaying Single ✓ Messenger nodes Replay All Single ✓ participants Calumniating Reciever Single ✓ Collusion All Multiple ✓ participants
It can be observed that the solution of the present disclosure can hinder all the attack vectors without any change.

(35) Malicious-Transmitter Attack: In this type of attack, a malicious transmitter may create a false message intentionally, and uses another message, which is considered benign, to generate shreds of evidence. We assume that the false message is m.sub.fake, and the benign message is m. His motivation is to evade responsibility when the false message is detected. However, it is not possible for attackers to achieve so. In this case, the party A will not allow the transmitter to do so since the evidence is not the one A received from the transmitter. Even if A is compromised by T, this type of attack still fails, since A may require to publish all the keys eventually, and m.sub.fake≠m.

(36) Malicious-Messenger Attack: In this case, the malicious party is one of the relaying nodes, e.g. B in the exemplary embodiment described above. B creates a false message m.sub.fake intentionally, and instead of using the original evidence, which is EV.sub.2 in the exemplary embodiment described above, B crafts new evidence EV.sub.2′ based on a fake message m.sub.fake. B also crafts a fake V.sub.1′ based on the fake message m.sub.fake. To notice, B does not know who will be the receiver, so B chooses a receiver R′ randomly. B's goal is to conceive others to believe the false message is from the transmitter. This type of attack will fail quickly. Since when the identity disclosure process occurs, the attacker can not link the fake evidence EV.sub.2′ to its previous evidence EV.sub.1. However, if B only crafts a fake V.sub.1′ based on the fake message m.sub.fake, and uses the original EV.sub.2, the attack will still fail. The reason is similar to the first case, and will not be repeated.

(37) Replay Attack: Replay attack occurs when malicious relaying nodes resend a previous message and use the same evidence that used before. However, our timestamp can provide freshness for each message. The message receiver will discard the messages when they are stale.

(38) Calumniating Attack: In this type of attack, a malicious receiver may create a false message/evidence intentionally, and tries to conceive others to believe the false message is from the transmitter. Assuming that the false message is m.sub.fake, and the original message is m. Therefore, in the exemplary embodiment of the present disclosure, EV.sub.4 can be represented as follows:
EV.sub.4=ENC(PK.sub.C-R,SIGN(Sk.sub.R,SIGN(Sk.sub.C,m.sub.fake∥EV.sub.3)))  (10)
However, the attacker can not modify or replace the evidence EV.sub.3. This is because EV.sub.4 is generated by C and R corporately, and C will not put its signature on it, if C detects EV.sub.3≠EV.sub.4. Therefore, as described in the identity disclosure above, EV.sub.3 can be traced back to EV.sub.0. At this moment, T will make the three keys, i.e. K.sub.T-A, K.sub.A-B, K.sub.B-C, publicly accessible, so that all parties can recover the original message m. It can be observed that m.sub.fake≠m, which turns out that R tires to perform a Calumniating Attack.

(39) Collusion Attack: In this case, two parties work jointly, and tries to craft a fake message. However, this type of attack is subject to the analysis in the previous examples. That is, the goal of an attacker is to create fake evidence or a fake message, and these fake ones fail to equal the previous evidence when parties perform the identity disclosure. Therefore, the solution of the present disclosure can defend this type of attacks with no changes. Moreover, in the exemplary embodiments described above, only three relaying nodes are involved. It can be much more complicated for the attacker to deploy a Collusion Attack when more relaying nodes are presented, which hinders the Collusion Attack effectively.

(40) The processor described in the above exemplary embodiments may include, but is not limited to, a processing apparatus such as a microprocessor (MCU, Microcontroller Unit) or a programmable logic device (FPGA, Field Programmable Gate Array). The memory device described in the above exemplary embodiments may be configured to store a software program and modules of an application, for example, program instructions or modules corresponding to the methods in the above exemplary embodiments. The processor runs the software program and modules stored in the memory device to implement various functional applications, that is, implement the method for maintaining privacy and traceability of a Blockchain-based system as described above. The memory device may include a high-speed random access memory, and may also include a nonvolatile memory, for example, one or more magnetic storage devices, flash memories or other nonvolatile solid-state memories. In some examples, the memory device may further include memories remotely disposed relative to the processor, and these remote memories may be connected to the communication device through a network. Examples of the network include, but are not limited to, the Internet, an intranet, a local area network, a mobile communications network, or a combination thereof.

(41) Those of ordinary skill in the art should understand that all or some of the steps in the method disclosed above as well as functional modules or units in the system and device disclosed above may be implemented as software, firmware, hardware, and appropriate combinations thereof. In a hardware implementation, the division between the functional modules or units mentioned in the above description does not necessarily correspond to the division of physical components. For example, a physical component may have more than one function, or one function or step may be performed by several physical components through collaboration. Some or all of the components may be implemented as software executed by a processor such as a digital signal processor or microprocessor, or implemented as hardware, or implemented as integrated circuits, such as application-specific integrated circuits. Such software may be distributed over a computer readable medium. The computer readable medium may include computer storage media (or non-temporary media) and communication media (or temporary media). As is well-known to those of ordinary skill in the art, the term “computer storage medium” includes volatile and non-volatile, removable and non-removable media implemented in any method or technology used to store information (such as computer readable instructions, data structures, program modules or other data). The computer readable medium includes, but is not limited to, a RAM, a ROM, an EEPROM, a flash memory or other memory technologies, a CD-ROM, a digital versatile disk (DVD) or other optical disk storage, magnetic cassettes, magnetic tapes, disk storage or other magnetic storage devices, or any other media that may be used to store desired information and accessible to computers. In addition, as is well-known to those of ordinary skill in the art, a communication medium usually includes computer-readable instructions, data structures, program modules, or other data in modulated data signals such as carriers or other transmission mechanisms, and may include any information delivery medium.

(42) The above shows and describes the basic principles and main features of the present disclosure as well as the advantages of the present disclosure. The present disclosure is not limited by the above exemplary embodiments. Described in the above exemplary embodiments and the specification are merely the principles of the present disclosure. On the premise of not departing from the spirit and scope of the present disclosure, the present disclosure will have various changes and improvements, all of which fall within the scope of the present disclosure for which protection is sought.