CN108809652B - Block chain encrypted account book based on secret sharing - Google Patents

Block chain encrypted account book based on secret sharing Download PDF

Info

Publication number
CN108809652B
CN108809652B CN201810491417.0A CN201810491417A CN108809652B CN 108809652 B CN108809652 B CN 108809652B CN 201810491417 A CN201810491417 A CN 201810491417A CN 108809652 B CN108809652 B CN 108809652B
Authority
CN
China
Prior art keywords
key
decryption
user
block chain
account book
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810491417.0A
Other languages
Chinese (zh)
Other versions
CN108809652A (en
Inventor
李海波
包象琳
陆军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui Aisino Corp
Original Assignee
Anhui Aisino Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui Aisino Corp filed Critical Anhui Aisino Corp
Priority to CN201810491417.0A priority Critical patent/CN108809652B/en
Publication of CN108809652A publication Critical patent/CN108809652A/en
Application granted granted Critical
Publication of CN108809652B publication Critical patent/CN108809652B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The invention discloses a block chain encrypted account book based on secret sharing, which comprises a key management module, an encrypted data link entering module and an account book decryption module; the key management module is responsible for registration and key generation of users, the secret sharing technology is utilized to realize key segmentation, each node of the block chain is responsible for cooperatively storing the segmented key information, and each node can only master incomplete key information; the encrypted data chaining module is responsible for processing a data uploading request of a user and storing the encrypted data of the user passing the signature verification into the block chain account book; the account book decryption module is responsible for processing the account book decryption request, and only after the block chain link points achieve decryption consensus, the decryption key can be synthesized, so that decryption of the encrypted account book is completed. The invention solves the difficult problem of safe storage of the user key by using a secret sharing technology, effectively avoids accidental leakage of private data of the account book by partial block link points, ensures the safety of user key storage and enhances the credibility of a block link system.

Description

Block chain encrypted account book based on secret sharing
Technical Field
The invention belongs to the technical field of block chains, and relates to a block chain encrypted account book based on secret sharing.
Background
The 'blockchain' technology is a special database technology originally designed by an artificial bitcoin (a digital currency) of the present intelligence in a place name, and from the data point of view: a blockchain is a distributed database (or referred to as a distributed shared ledger), where "distributed" is embodied not only as a distributed store of data, but also as a distributed record of data (i.e., maintained collectively by system participants). In brief, the blockchain enables distributed recording (which may be recorded collectively by system participants rather than centrally by a centralized authority) and distributed storage (which may store data in all nodes participating in recording data rather than centrally in the centralized authority nodes) of global data information.
From the perspective of the effect: the block chain can generate a set of database which records time sequence, cannot be tampered and can be trusted, the set of database is decentralized to store, and data security can be effectively guaranteed. In summary, a blockchain is a data structure that stores related data in blocks, and combines the blocks together in a chain, and is suitable for storing simple, sequential data that can be verified in a system, and cryptographically ensures that the data is not falsifiable or counterfeitable. It enables participants to establish consensus on the sequence of events and the current state of the network-wide transaction record.
The key points involved in the block chain technology include: decentralized, distrust, collective maintenance, reliable database, timestamp, asymmetric encryption, etc. In the system, participants do not need to know background information of other people and guarantee or guarantee by a third-party organization, the block chain technology ensures that the system records, transmits and stores the activity of value transfer, and the final result is credible.
The source of the block chain principle can be summarized as a mathematical problem: the general problem of Byzantine general can be summarized as follows: in the absence of a trusted central node and trusted channels, how the various nodes distributed in the network should agree. The blockchain technique provides a method for solving the problem that a consensus network can be created without trusting a single node (consensus protocol technique). The core of the block chain technology design is therefore:
firstly, the method comprises the following steps: how to build a strict database so that the database can store massive information and ensure the integrity of the database without a centralized structure?
II, secondly: how to record and store the rigorous database, so that even if some nodes participating in data recording crash, we can still ensure the normal operation and information completeness of the whole database system?
Thirdly, the method comprises the following steps: how to make this rigorously and completely stored database trustworthy so that we can successfully prevent nodes from doing malicious in a distrusted blockchain environment?
Aiming at the three core points, a whole set of complete and coherent database technology is constructed for the block chain to achieve the aim, and the technology for solving the three problems also becomes the most core three technologies of the block chain.
But because the blockchain is a public database, the records in each account are public. Such disclosure transparency brings great data privacy issues, taking the asset transaction application scenario as an example: when you tell your account address to the opposite party to the transaction, the opposite party can query all assets and historical transactions in the account through the blockchain.
In order to realize the safe storage of data, the data types stored in the block chain need to be distinguished, and the encryption storage strategies needed by different data types are different: (1) for the unstructured data which do not need to be subjected to logic operations such as validity verification, the data are encrypted after a secret key is shared among data correlation parties; (2) for those that require validation (e.g., normal transaction data) and, more complex, require some logic operation using the data (e.g., transaction data that triggers execution of a smart contract), some other cryptographic tools may be used.
The trust problem of the blockchain node is also a great problem to be solved in the system design implementation process, and a blockchain system without a precautionary strategy for doing malicious nodes cannot be safely operated. In addition, how to effectively store the privacy information of the user without being accidentally leaked is also a must-be-considered problem for the blockchain system. The technical scheme provides a block chain encrypted account book technology based on secret sharing for solving the trust problem and the privacy information safe storage problem among the block chain nodes. The account book information of the block chain is stored after being encrypted, the single node cannot decrypt the account book through the partitioned key information, and the decryption key can be synthesized only after the decryption requirement is identified by all the system nodes of the block chain. The secret sharing technology is used for dividing the secret key and then delivering the divided secret key to the block chain nodes for storage respectively, so that the hidden danger that the secret key stored in the system is leaked is effectively prevented. Moreover, the account book decryption process triggers the automatic execution of the intelligent contract to complete after the decryption consensus is achieved, and the account book decryption process and the account book flow direction after decryption can be completely controlled.
End-to-end encryption: block chain encrypted account book based on end-to-end encryption technology
The encryption protection is to encrypt the account book data by using a cryptographic algorithm, so that only relevant parties can decrypt and view the encrypted data. In the blockchain system, not only the ledger storage needs to be encrypted, but also the ledger transmission process needs to be encrypted. So only end-to-end encryption is done to be secure and efficient. If the platform or intermediate nodes are relied upon to complete the encryption, these nodes will be able to obtain private data.
Corresponding encryption algorithms include symmetric encryption (e.g., AES256, SM4) and asymmetric encryption (e.g., RSA2048, SM 2). Symmetric encryption is fast but relatively easy to break, while asymmetric encryption algorithms are the opposite. So in practical applications, a combination of symmetric encryption and asymmetric encryption algorithms is generally used. The digital envelope is one example, and the method for distributing the symmetric key by the asymmetric encryption (namely, two public keys and a private key) result can share one private data to a plurality of opponent parties, so that only the opponent parties can decrypt and view the data, and other people cannot know the plaintext of the data.
The disadvantages are as follows: 1. if the key is abused by others, the data privacy is not mentioned, and the security of the key is not guaranteed. 2. Although privacy protection of data on the chain is achieved, the blockchain node cannot perform logical operation on the encrypted data.
Homomorphic encryption: block chain encrypted account book based on homomorphic encryption technology
Homomorphic encryption is a cryptographic technique based on the theory of computational complexity of mathematical problems. The homomorphic encrypted data is processed to produce an output, which is decrypted, the result being the same as the output obtained by processing the unencrypted original data in the same way. If it is said, an encryption algorithm finds the corresponding operation for both multiplication and addition, it is called a fully homomorphic encryption algorithm.
The data are uploaded to the block chain system after homomorphic encryption, and a user only discloses the encrypted data to the outside, so that the block chain node can not obtain specific data content, but can realize simple logic processing on the data.
The disadvantages are as follows: until now there is no truly homomorphic encryption algorithm available. After the block account book data is homomorphic encrypted, the block chain system can only realize simple logic processing on the encrypted data, and the block chain system cannot acquire specific content of the data and cannot provide services with higher logic requirements for users of the block chain system.
Disclosure of Invention
The invention aims to provide a block chain encrypted account book based on secret sharing.
The technical problems to be solved by the invention include:
1. and malicious decryption behavior of a single block link point aiming at the account data is avoided, so that the secret of the user is protected. The block chain system can successfully synthesize the decryption key and decrypt the account book data only after all the chain link points achieve decryption consensus.
2. On the premise of ensuring the privacy of user data, the usability of block chain encrypted account book data is improved.
3. The method improves the usability of the ledger data and improves the safety of user key storage.
The purpose of the invention can be realized by the following technical scheme:
a block chain encrypted account book based on secret sharing comprises a key management module, an encrypted data link entering module and an account book decryption module;
the key management module is responsible for registration and key generation of a user, partitioning of a key is achieved by using a (k, n) threshold secret sharing scheme, each node of a block chain is responsible for cooperatively storing partitioned key information, and each node can only master incomplete key information;
the encrypted data chaining module is responsible for processing a data uploading request of a user and storing the encrypted data of the user passing the signature verification into the block chain account book;
the account book decryption module is responsible for processing the account book decryption request, and only after the block chain link points achieve decryption consensus, the decryption key can be synthesized, so that decryption of the encrypted account book is completed.
The block chain encrypted account book needs to be realized in a block chain environment in which a private key segmentation contract code and a decryption contract code for realizing a secret sharing technology are installed in advance; meanwhile, the blockchain system must complete the negotiation agreement of the decryption consensus protocol in advance.
The key management module generates a pair of public and private keys by using a national secret SM2 algorithm, generates a symmetric key by using a national secret SM4 algorithm, and sends the public and private key pair and the symmetric key to a user; meanwhile, the public key information of the user is disclosed in the block chain system; the user can select to use a symmetric encryption mode to encrypt the private data by using a symmetric key, can also select an asymmetric encryption mode to encrypt the private data, and simultaneously uses a private key to sign the private data by using a digital signature technology.
The block chain system can divide the decryption key information to realize the safe storage of the key by triggering the key division contract code based on the secret sharing technology; if the user chooses to encrypt the user data by using the asymmetric encryption technology, the user private key is divided into incomplete secrets to be stored in the block chain system; if the user chooses to encrypt the user data by using the symmetric encryption technology, the symmetric key of the user is divided into incomplete secrets to be stored in the block chain system; the blockchain system realizes secret sharing by partitioning the key, and each blockchain node is only responsible for storing an incomplete key.
In the encrypted data link-in module, a user can encrypt data in advance by using an encryption mode selected by the user, add a signature to the encrypted data by using a digital signature technology, and then upload the encrypted data to a block link system; each node of the blockchain system receives the encrypted data, verifies the signature through the public key information of the user disclosed in the blockchain system, and stores the encrypted data into a blockchain account book.
The account book decryption module realizes the synthesis of a decryption key in a decryption contract code based on a secret sharing technology; when the block chain system executes the decryption consensus protocol to achieve the decryption consensus, the system recovers the secret key by triggering the decryption contract code of the block chain system and completes the safe decryption process of the data.
The invention has the beneficial effects that:
the account book decryption behavior of the block chain system is normalized based on the secret sharing technology, the prevention of malicious account book privacy disclosure behavior of the untrusted nodes of the block chain is realized, and the secret sharing technology, the intelligent contract technology and the consensus protocol are utilized to realize the safe storage and management of the user key in combination with the characteristics of the block chain system;
by adopting the method and the device, the private data information can be acquired on the premise of ensuring the safety of the private data of the account book, so that the usability of the account book information is improved, and the subsequent expansion of the block chain function is facilitated; meanwhile, the block chain system divides the user key by using a secret sharing technology and then stores the user key, so that the leakage of the whole user key can not be caused even if a part of the user key is leaked by an individual node accidentally; only after each node of the block chain system achieves decryption consensus, the block chain system can fuse each divided key part to obtain decryption key decryption block account book information; the account book decryption process is automatically executed by means of intelligent contract codes, and the account book decryption process and the flow direction of the account book information can be controlled;
the invention solves the difficult problem of safe storage of the user key by using a secret sharing technology, effectively avoids the accidental leakage of private data of the account book by partial block chain link points, ensures the safety of user key storage and enhances the credibility of a block chain system.
Drawings
In order to facilitate understanding for those skilled in the art, the present invention will be further described with reference to the accompanying drawings.
FIG. 1 is a block diagram of a secret sharing based blockchain encrypted ledger of the present invention;
FIG. 2 is a flow chart of a key management module of the present invention;
FIG. 3 is a flow chart of key management information according to the present invention;
FIG. 4 is a flow chart of an encrypted data chaining module of the present invention;
FIG. 5 is a flow chart of the encrypted data in-link information of the present invention;
FIG. 6 is a flow chart of the account decryption module of the present invention;
FIG. 7 is a flow chart of ledger decryption information according to the present invention;
fig. 8 is a detailed diagram of the account book decryption information according to the present invention.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the following embodiments, and it should be understood that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
A block chain encrypted account book based on secret sharing needs to be implemented in a block chain environment in which a private key segmentation contract code and a decryption contract code for implementing a secret sharing technology are installed in advance. Meanwhile, the blockchain system must complete the negotiation agreement of the decryption consensus protocol in advance. The technical scheme comprises a key management module, an encrypted data chaining module and an account book decryption module. Fig. 1 is a block chain encrypted ledger system architecture based on secret sharing.
The key management module is responsible for registration and key generation of a user, partitioning of a key is achieved by using a secret sharing technology, each node of a block chain is responsible for cooperatively storing partitioned key information, and each node can only master incomplete key information; the specific key management process is shown in fig. 2.
The key division in the key management module is realized by adopting a (k, n) threshold secret sharing scheme, and the following two threshold secret sharing schemes can be selected:
1) shamir threshold secret sharing scheme
The (k, n) threshold secret sharing scheme is realized by using polynomial interpolation, and the scheme specifically comprises the following three stages:
(1) and (5) an initialization phase. Selecting a finite field FqLet P be { P ═ P1,P2,…,PnK is a threshold value, and the key information [ s belongs to F ∈q]. Selection of [ Fq]N mutually different non-zero elements x1,x2,…,xnThese elements are disclosed.
(2) A secret sharing phase. Random selection of FqThe polynomial of degree k-1 [ g (x) ═ a0+ a1x + … + ak-1xk-1,]wherein a0 ═ s, and the remainder ai are randomly selected from Fq. The values of [ si ═ g (xi), ] i ═ 1, 2, …, n,]distributing (xi, si) as a sub-secret to member Pi
(3) A secret recovery phase. Any k members can share the held sub-secrets, and the secret information s is recovered through a Lagrange interpolation formula.
2) Blakley threshold secret sharing scheme
The scheme uses a geometrical approach to implement another (k, n) threshold secret sharing scheme. The basic idea is that the key value is seen as a point in a k-dimensional space, the sub-secrets distributed to different participants are different k-1 dimensional sub-spaces, and when k participants share their sub-secrets, a unique intersection of these sub-spaces is obtained, resulting in the key value. The specific description is as follows:
(1) and (5) an initialization phase. Selecting a finite field FqLet P be { P ═ P1,P2,…,PnK is a threshold value, and secret information [ s belongs to F ∈q]. Selection of FqThe k linear equations above are:
a11x1+a12x2+…a1kxk=b1a21x1+a22x2+…a2kxk=b2…an1x1+an2x2+…ankxk=bn
the system of equations may be denoted as [ AX ═ B ], and two conditions need to be satisfied when selecting matrix [ a ]: [A] is linearly independent of any k rows of (a); the secret value s is a solution to a linear system of equations.
(2) A secret sharing phase. Each equation can be viewed as a k-1 dimensional subspace, with such an equation being distributed for each tile link point.
(3) A secret recovery phase. When k nodes are simultaneously used, a full-rank k linear equation set can be obtained, so that a unique value can be solved to obtain a secret value s. If fewer than k equations are simultaneous, no unique solution can be obtained.
The key generated after successful user registration is divided into multiple secrets, the divided secrets are distributed to the chunk node, and the key management information flow is shown in fig. 3.
The encrypted data chaining module is responsible for processing a data uploading request of a user and storing the encrypted data of the user passing the signature verification into the block chain account book, and a specific data chaining process is shown in fig. 4.
The encrypted data link entering module receives encrypted data transmitted by a user, the uploaded data passing verification is stored in the block link account book, and the data link entering information flow is shown in figure 5.
The account book decryption module is responsible for processing the account book decryption request, and only after the block chain link points achieve decryption consensus, the decryption key can be synthesized to complete decryption of the encrypted account book, and the specific account book decryption process is shown in fig. 6.
The account book decryption module receives the decryption request and sends the consensus result to the key management module, and the chain nodes send the partitioned keys to the key management module for synthesizing the decryption keys; and after the decryption keys are synthesized, the decryption keys are sent to the account book decryption module to complete decryption of the account book data, and the account book decryption information flows to the figures 7 and 8.
The key management module generates a pair of public and private keys and a symmetric key based on cryptographic techniques, which are sent to the user. Meanwhile, user public key information is disclosed in the blockchain system. The user can select to use a symmetric encryption mode to encrypt the private data by using a symmetric key, can also select an asymmetric encryption mode to encrypt the private data, and simultaneously uses a private key to sign the private data by using a digital signature technology.
The blockchain system splits the decryption key information by triggering a secret sharing technology-based key splitting contract code to achieve secure storage of the key. If the user chooses to encrypt the user data by using the asymmetric encryption technology, the user private key is divided into incomplete secrets to be stored in the block chain system; if the user chooses to encrypt the user data using symmetric encryption techniques, the user's symmetric key is divided into incomplete secrets to be stored in the blockchain system. The blockchain system realizes secret sharing by partitioning the key, and each blockchain node is only responsible for storing an incomplete key.
In the encrypted data link module, a user can encrypt data in advance by using an encryption mode selected by the user, add a signature to the encrypted data by using a digital signature technology, and upload the encrypted data to the block link system. Each node of the blockchain system receives the encrypted data, verifies the signature through the public key information of the user disclosed in the blockchain system, and stores the encrypted data into a blockchain account book.
The ledger decryption module implements composition of decryption keys in decryption contract codes based on a secret sharing technique. When the block chain system executes the decryption consensus protocol to achieve the decryption consensus, the system recovers the secret key by triggering the decryption contract code of the block chain system and completes the safe decryption process of the data. Therefore, any decryption request which is not identified by the blockchain system cannot be allowed, the privacy of the encrypted account book data is guaranteed, and the account book decryption process and the flow direction of the account book can be effectively controlled by automatically executing the decryption process of the account book by using an intelligent contract technology.
The technical scheme is based on the secret sharing technology to standardize the account book decryption behavior of the block chain system, so that the prevention of malicious account book privacy disclosure of the untrusted nodes of the block chain is realized, and the secret sharing technology, the intelligent contract technology and the consensus protocol are utilized to realize the safe storage and management of the user key in combination with the characteristics of the block chain system.
By adopting the block chain system in the technical scheme, on the premise of ensuring the safety of the account book private data, the private data information can be acquired so as to improve the usability of the account book information, and the subsequent expansion of the block chain function is realized. Meanwhile, the block chain system utilizes the secret sharing technology to divide the user key and then stores the user key, so that the leakage of the whole user key can not be caused even if part of the user key is leaked by an individual node accidentally. Only after each node of the blockchain system achieves decryption consensus, the blockchain system can fuse each divided key part to obtain the decryption key decryption blockbook information. The account book decryption process is automatically executed by means of the intelligent contract codes, and the account book decryption process and the information flow direction of the account book can be controlled. The technical scheme solves the difficult problem of safe storage of the user key by using a secret sharing technology, effectively avoids accidental leakage of private data of the account book by partial block chain link points, ensures the safety of user key storage and enhances the credibility of a block chain system.
The technical key points and points to be protected of the invention comprise: key management is realized based on secret sharing and a block chain intelligent contract; secure encrypted storage of distributed data is achieved based on secret sharing; and realizing privacy protection of the blockchain account data based on secret sharing and a blockchain consensus protocol.
The preferred embodiments of the invention disclosed above are intended to be illustrative only. The preferred embodiments are not intended to be exhaustive or to limit the invention to the precise embodiments disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best utilize the invention. The invention is limited only by the claims and their full scope and equivalents.

Claims (6)

1. A block chain encrypted account book system based on secret sharing is characterized by comprising a key management module, an encrypted data link entering module and an account book decryption module;
the key management module is responsible for registration and key generation of a user, partitioning of a key is achieved by using a (k, n) threshold secret sharing scheme, each node of a block chain is responsible for cooperatively storing partitioned key information, and each node can only master incomplete key information;
the encrypted data chaining module is responsible for processing a data uploading request of a user and storing the encrypted data of the user passing the signature verification into the block chain account book;
the account book decryption module is responsible for processing the account book decryption request, and only after the block chain link points achieve decryption consensus, the decryption key can be synthesized, so that decryption of the encrypted account book is completed.
2. The system of claim 1, wherein the blockchain cryptogram needs to be implemented in a blockchain environment where a private key splitting contract code and a decryption contract code for implementing the secret sharing technology are installed in advance; meanwhile, the blockchain system must complete the negotiation agreement of the decryption consensus protocol in advance.
3. The secret sharing based blockchain cryptogra phic system of claim 1 wherein the key management module generates a pair of public and private keys using the SM2 algorithm and a symmetric key using the SM4 algorithm, the pair of public and private keys and the symmetric key being transmitted to the user; meanwhile, the public key information of the user is disclosed in the block chain system; the user can select to use a symmetric encryption mode to encrypt the private data by using a symmetric key, can also select an asymmetric encryption mode to encrypt the private data, and simultaneously uses a private key to sign the private data by using a digital signature technology.
4. The secret sharing based blockchain cryptoledger system of claim 3 wherein the blockchain system splits the decryption key information to enable secure storage of the key by triggering a secret sharing technology based key splitting contract code; if the user chooses to encrypt the user data by using the asymmetric encryption technology, the user private key is divided into incomplete secrets to be stored in the block chain system; if the user chooses to encrypt the user data by using the symmetric encryption technology, the symmetric key of the user is divided into incomplete secrets to be stored in the block chain system; the blockchain system realizes secret sharing by partitioning the key, and each blockchain node is only responsible for storing an incomplete key.
5. The secret sharing based blockchain encrypted ledger system of claim 1, wherein the encrypted data chaining module is configured such that the user encrypts the data in advance by using an encryption method selected by the user, adds a signature to the encrypted data by using a digital signature technology, and uploads the encrypted data to the blockchain system; each node of the blockchain system receives the encrypted data, verifies the signature through the public key information of the user disclosed in the blockchain system, and stores the encrypted data into a blockchain account book.
6. The secret sharing based blockchain encrypted ledger system of claim 1, wherein the ledger decryption module implements composition of decryption keys in decryption contract codes based on secret sharing technology; when the block chain system executes the decryption consensus protocol to achieve the decryption consensus, the system recovers the secret key by triggering the decryption contract code of the block chain system and completes the safe decryption process of the data.
CN201810491417.0A 2018-05-21 2018-05-21 Block chain encrypted account book based on secret sharing Active CN108809652B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810491417.0A CN108809652B (en) 2018-05-21 2018-05-21 Block chain encrypted account book based on secret sharing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810491417.0A CN108809652B (en) 2018-05-21 2018-05-21 Block chain encrypted account book based on secret sharing

Publications (2)

Publication Number Publication Date
CN108809652A CN108809652A (en) 2018-11-13
CN108809652B true CN108809652B (en) 2021-07-23

Family

ID=64091328

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810491417.0A Active CN108809652B (en) 2018-05-21 2018-05-21 Block chain encrypted account book based on secret sharing

Country Status (1)

Country Link
CN (1) CN108809652B (en)

Families Citing this family (45)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109697365B (en) * 2018-12-20 2023-04-07 深圳市元征科技股份有限公司 Information processing method, block chain node and electronic equipment
CN111368309B (en) * 2018-12-26 2024-03-29 阿里巴巴集团控股有限公司 Information processing method, system and equipment
CN109728910A (en) * 2018-12-27 2019-05-07 北京永恒纪元科技有限公司 A kind of efficient thresholding distribution elliptic curve key generates and endorsement method and system
CN109672529A (en) * 2019-01-07 2019-04-23 苏宁易购集团股份有限公司 A kind of method and system for going anonymization of combination block chain and privacy sharing
TWI737956B (en) * 2019-01-14 2021-09-01 開曼群島商現代財富控股有限公司 Threshold signature system based on secret sharing and method thereof
US11042147B2 (en) * 2019-01-15 2021-06-22 Fisher-Rosemount Systems, Inc. Machine-to-machine transactions using distributed ledgers in process control systems
CN109951453A (en) * 2019-02-26 2019-06-28 符安文 A kind of safe encryption method based on block chain
CN109687979A (en) * 2019-03-06 2019-04-26 郑州师范学院 A kind of ring signatures method, apparatus, equipment and medium
US10979218B2 (en) * 2019-03-13 2021-04-13 International Business Machines Corporation Secret generation and share distribution
CN110058820B (en) * 2019-04-23 2022-05-17 武汉汇迪森信息技术有限公司 Data safe writing, deleting and reading method and device based on solid-state disk array
CN110162996A (en) * 2019-04-23 2019-08-23 上海链度科技有限公司 Ballot system, method and voting terminal based on block chain
CN110189143B (en) * 2019-04-26 2021-12-17 华中科技大学 Block chain-based marketing label authenticity verification method and system
WO2020258125A1 (en) * 2019-06-27 2020-12-30 云图有限公司 Private key recovery method and apparatus, collaborative address creation method and apparatus, collaborative address signing method and apparatus, and storage medium
CN110445845B (en) * 2019-07-17 2021-10-15 苏州同济区块链研究院有限公司 System based on main and sub account books in distributed account book
CN110555783B (en) * 2019-07-18 2023-08-29 中国南方电网有限责任公司 Block chain-based electric power marketing data protection method and system
CN110430039B (en) * 2019-07-19 2022-08-19 瑞纳智能设备股份有限公司 Production management system and method based on block chain
CN110971390A (en) * 2019-11-29 2020-04-07 杭州云象网络技术有限公司 Fully homomorphic encryption method for intelligent contract privacy protection
CN111277412B (en) * 2020-02-18 2023-03-24 暨南大学 Data security sharing system and method based on block chain key distribution
CN111460468A (en) * 2020-02-27 2020-07-28 山东公链信息科技有限公司 Block chain encryption and decryption method and system based on fault-tolerant mechanism
CN111159306B (en) * 2020-04-02 2020-10-30 支付宝(杭州)信息技术有限公司 Information publishing method and device based on block chain and computer equipment
CN113536388B (en) * 2020-04-16 2023-02-28 中移物联网有限公司 Data sharing method and system based on block chain
CN111586011A (en) * 2020-04-29 2020-08-25 中国联合网络通信集团有限公司 Information sharing method and device
CN111858519B (en) * 2020-07-10 2023-08-01 北京远景视点科技有限公司 System and method for sharing confidential data on blockchain
CN111865988B (en) * 2020-07-22 2022-10-18 山东华普信息科技有限公司 Certificate-free key management method, system and terminal based on block chain
CN112529573A (en) * 2020-08-31 2021-03-19 上海添玑网络服务有限公司 Combined block chain threshold signature method and system
CN112241553B (en) * 2020-10-27 2022-11-04 上海万向区块链股份公司 Block chain privacy protection method and system based on multi-account book architecture
CN112398648B (en) * 2020-11-05 2023-12-29 华控清交信息科技(北京)有限公司 Key management method and device for key management
CN112511515B (en) * 2020-11-19 2023-03-10 成都无右区块链科技有限公司 Chain number cube for data chaining
CN112507021A (en) * 2020-11-23 2021-03-16 厦门产业技术研究院 Block chain-based electronic contract management method and device and equipment
CN112287392B (en) * 2020-11-23 2023-06-02 广东科学技术职业学院 Intelligent contract implementation method and system with privacy information protection function
CN112437089A (en) * 2020-11-26 2021-03-02 交控科技股份有限公司 Train control system key management method and device based on block chain
CN112685760A (en) * 2021-01-08 2021-04-20 浙江泰科数联信息技术有限公司 Financial data privacy processing and sharing method capable of authorizing on block chain
CN112989321A (en) * 2021-03-02 2021-06-18 北京思特奇信息技术股份有限公司 Secret sharing algorithm-based key management method and system
CN112927080A (en) * 2021-03-05 2021-06-08 广东电网有限责任公司 Block chain technology-based multi-party information sharing method for power industry
CN112966022B (en) * 2021-03-10 2024-04-05 安徽航天信息科技有限公司 Information query method, device and system of data transaction platform
CN113094731B (en) * 2021-04-15 2023-04-07 西南大学 Block chain privacy protection method based on different distribution recombination scheme
CN113364576B (en) * 2021-05-28 2022-07-22 湘潭大学 Data encryption evidence storing and sharing method based on block chain
CN113438205B (en) * 2021-05-31 2022-12-20 东软集团股份有限公司 Block chain data access control method, node and system
CN113098697B (en) * 2021-06-08 2022-03-18 清华大学 Block chain data writing and accessing method and device
CN113259124A (en) * 2021-06-08 2021-08-13 清华大学 Block chain data writing and accessing method and device
CN113656828B (en) * 2021-07-20 2023-04-07 北京理工大学 Block chain privacy protection method based on lattice code and oriented to financial system transaction
CN113888163A (en) * 2021-09-24 2022-01-04 国网上海市电力公司 Intelligent contract bill recording and processing method based on completely homomorphic encryption
CN113946878B (en) * 2021-10-15 2024-04-09 星矿科技(北京)有限公司 Accounting method
CN115051853B (en) * 2022-06-10 2023-07-21 广东技术师范大学 Digital collection platform system
CN117353919B (en) * 2023-12-01 2024-03-26 卓望数码技术(深圳)有限公司 Data security storage method and system based on secret key sharing algorithm

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106548345A (en) * 2016-12-07 2017-03-29 北京信任度科技有限公司 The method and system of block chain private key protection are realized based on Secret splitting
CN106982205A (en) * 2017-03-01 2017-07-25 中钞信用卡产业发展有限公司北京智能卡技术研究院 Digital asset treating method and apparatus based on block chain
CN107623569A (en) * 2017-09-30 2018-01-23 矩阵元技术(深圳)有限公司 Block chain key escrow and restoration methods, device based on Secret sharing techniques
CN107666388A (en) * 2016-07-28 2018-02-06 郑珂威 Block chain information encryption method based on complete homomorphic cryptography method

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9436923B1 (en) * 2015-02-26 2016-09-06 Skuchain, Inc. Tracking unitization occurring in a supply chain

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107666388A (en) * 2016-07-28 2018-02-06 郑珂威 Block chain information encryption method based on complete homomorphic cryptography method
CN106548345A (en) * 2016-12-07 2017-03-29 北京信任度科技有限公司 The method and system of block chain private key protection are realized based on Secret splitting
CN106982205A (en) * 2017-03-01 2017-07-25 中钞信用卡产业发展有限公司北京智能卡技术研究院 Digital asset treating method and apparatus based on block chain
CN107623569A (en) * 2017-09-30 2018-01-23 矩阵元技术(深圳)有限公司 Block chain key escrow and restoration methods, device based on Secret sharing techniques

Also Published As

Publication number Publication date
CN108809652A (en) 2018-11-13

Similar Documents

Publication Publication Date Title
CN108809652B (en) Block chain encrypted account book based on secret sharing
CN109120639B (en) Data cloud storage encryption method and system based on block chain
Bonawitz et al. Practical secure aggregation for privacy-preserving machine learning
CN110033258B (en) Service data encryption method and device based on block chain
US9973334B2 (en) Homomorphically-created symmetric key
CN111541725B (en) Block chain all-in-one machine, password acceleration card thereof, and key management method and device
CN108352015A (en) The anti-loss storage of Secure for the system combination wallet management system based on block chain and encryption key transfer
CN111431897B (en) Multi-attribute mechanism attribute-based encryption method with tracking function for cloud-assisted Internet of things
CN108768647B (en) Random number generation method for block chain
US20230254129A1 (en) Key management for multi-party computation
Xu et al. An integrated privacy preserving attribute-based access control framework supporting secure deduplication
JP2023500570A (en) Digital signature generation using cold wallet
CN114175569A (en) System and method for adding and comparing integers encrypted with quasigroup operations in AES counter mode encryption
CN112039883A (en) Data sharing method and device for block chain
Yousif et al. Enhancing approach for information security in hadoop
CN115001730A (en) Role attribute-based access control system and method in distributed scene
Zhou et al. Bldss: A blockchain-based lightweight searchable data sharing scheme in vehicular social networks
WO2008065351A1 (en) Self encryption
Le et al. Auditing for distributed storage systems
Joseph et al. A Novel Algorithm for secured data sharing in cloud using GWOA-DNA cryptography
GB2446200A (en) Encryption system for peer-to-peer networks which relies on hash based self-encryption and mapping
Neela et al. A Hybrid Cryptography Technique with Blockchain for Data Integrity and Confidentiality in Cloud Computing
KR102546762B1 (en) Multi-signature wallet system in blockchain using the bloom filter
Nandini et al. Implementation of hybrid cloud approach for secure authorized deduplication
Karani et al. Secure File Storage Using Hybrid Cryptography

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant