CN109189727B - Block chain ciphertext cloud storage sharing method based on attribute proxy re-encryption - Google Patents

Block chain ciphertext cloud storage sharing method based on attribute proxy re-encryption Download PDF

Info

Publication number
CN109189727B
CN109189727B CN201811072783.9A CN201811072783A CN109189727B CN 109189727 B CN109189727 B CN 109189727B CN 201811072783 A CN201811072783 A CN 201811072783A CN 109189727 B CN109189727 B CN 109189727B
Authority
CN
China
Prior art keywords
information
sharing
storage
node
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811072783.9A
Other languages
Chinese (zh)
Other versions
CN109189727A (en
Inventor
张小红
孙岚岚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Southern Power Grid Internet Service Co ltd
Jingchuang United Beijing Intellectual Property Service Co ltd
Original Assignee
Jiangxi University of Science and Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangxi University of Science and Technology filed Critical Jiangxi University of Science and Technology
Priority to CN201811072783.9A priority Critical patent/CN109189727B/en
Publication of CN109189727A publication Critical patent/CN109189727A/en
Application granted granted Critical
Publication of CN109189727B publication Critical patent/CN109189727B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Abstract

The invention provides a block chain ciphertext cloud storage sharing method based on attribute proxy re-encryption, and provides an attribute proxy re-encrypted block chain ciphertext storage sharing idea supporting keyword retrieval on the basis of proxy re-encryption and attribute-based encryption technologies. Safety and experimental analysis show that: the invention shortens the time of encryption and decryption and lightens the high-frequency access pressure of the cloud storage. When the number of the attributes is 100, the re-decryption time consumption of the system is 1.69s, and the execution efficiency of the system is improved by 19.04-49.68%. The invention has stronger collusion attack resistance and good application prospect in the field of the current Internet of things.

Description

Block chain ciphertext cloud storage sharing method based on attribute proxy re-encryption
Technical Field
The invention belongs to cryptography technology and intelligent contract technology in the technical field of block chains, and relates to a method for solving the problem of information security storage and sharing in a cloud system.
Background
With the rapid development Of cloud computing and Internet Of Things (IOT), cloud storage is one Of the most common network storage services. At present, most of Cloud storage sharing systems are centralized, and personal information is managed under the help of a third-party Cloud Service Provider (CSP), but the method not only needs a large amount of communication overhead and high computing cost, but also the integrity, accuracy and confidentiality of information are seriously threatened due to the open and transparent internet of things.
In order to better ensure the information security and integrity, from the viewpoint of reducing the management complexity of information owners, Hong et al designs a secret sharing model of hybrid cloud re-encryption based on attribute encryption, and realizes more efficient dynamic ciphertext access control. Seo et al designs an attribute-based proxy re-encryption method that combines traditional proxy re-encryption with attribute-based encryption to enable an information owner to authorize a designated user to decrypt the re-encrypted ciphertext according to the user's attributes. All the researches play a positive role in ensuring the confidentiality of information and realizing the safe interaction of the information, but do not support the keyword retrieval function, and cause certain obstacles for efficient information sharing. Shi et al propose an attribute proxy re-encryption model based on public key retrievable keywords and do not support decryption of the original ciphertext and the re-encrypted ciphertext. Liang et al have demonstrated under a random predictive model that their designed key strategy-based attribute proxy re-encryption model supporting keyword retrieval, but the computational cost of the invention is relatively large. All the researches proposed above adopt a centralized management mode, information of all users is concentrated in a resource pool, a third-party CSP uses specific software to forcibly manage the information in a unified way, and once software and hardware of the CSP break down or are attacked, information loss, leakage and even service interruption can be caused.
The advent of the Blockchain (BC) technology has provided people with a decentralized, non-falsifiable, and collectively maintained distributed management method. The clever of the American Hispanic student in 2008 firstly provides a block chain concept which can be used as a public ledger and is a novel application mode with the integration of technologies such as distributed data storage, point-to-point transmission, a consensus mechanism and an encryption algorithm. The block chain technology utilizes a block chain type data structure to verify and store data, adopts a distributed node consensus algorithm to generate and update the data, ensures the safety of data transmission and access by combining a cryptology mode, and is a brand new distributed infrastructure and computing paradigm for programming and operating the data by an intelligent contract consisting of automatic script codes. The bit currency bottom layer technology accords with basic characteristics of sharing openness, fair competition, reality, integrity, safety, reliability and the like in the era of the Internet of things.
Disclosure of Invention
The invention provides a block chain cloud storage sharing method based on attribute proxy re-encryption on the premise that all information owners are trustable and sharing requesters are not trustable, namely sharing requesters can collude in series and illegally access unauthorized user information, and the block chain cloud storage sharing method integrates a block chain technology and a cryptography technology and is a technology compatible with the existing information sharing system. The simulation result shows that compared with the existing information storage and sharing technology, the information storage and sharing method has lower calculation cost and communication overhead, and can better meet the requirements of users on the safety and confidentiality of the information.
The invention is realized by the following technical scheme.
The invention relates to a block chain ciphertext cloud storage sharing method based on attribute proxy re-encryption, which comprises the following steps:
(S01): before information storage is carried out, the system firstly makes intelligent contracts and is commonly signed by information users.
(S02): the information owner Alan sends a storage request, and the transmission leader node T selected by the Pool authentication mechanism sends a storage request to the crowd node T in the own clusternAnd broadcasting the validity of the verification information and the user identity.
1) If the data is valid, the transmission leader node T extracts the data and then temporarily stores the data in a log of the transmission leader node T;
2) and if the data is invalid, feeding back 'illegal users'.
(S03): transmitting the leader node T to all the crowd nodes T in the clusternCopying information and waiting for response, confirming that the information is received to the information owner Alan after determining that more than half of nodes in the cluster have received the information, indicating that the information is in a submitted state at the moment once the information owner Alan receives the confirmation information, and returning T to TnA notification is sent to inform that the data state has been committed. In the process, the information owner Alan needs to submit information quotation and self-defined random character strings so as to facilitate the user to obtain information sharing reward, and provide certain credit coins as the guarantee fund so as to avoid the phenomena of false, plagiarism and the like.
(S04): the transmission node sends storage information to the storage node, and the leader node M responsible for storage sends the storage information to M in the clusteriA storage request is broadcast. And after more than half of the nodes are determined to finish storage, feeding back information to the owner Alan of the information, and finishing the storage process.
(S05): a sharing requester Bill sends a sharing request, before information sharing, a storage leader node M in the cluster sends a sharing request to a crowd node M in the clusteriAnd broadcasting to verify the identity of the user and judging whether the identity accords with the ciphertext sharing authority.
1) If the result is consistent with the result, the leader node M sends the result to the node M in the clusteriBroadcasting a sharing request;
2) if not, feeding back 'illegal user'.
(S06): according to a keyword w provided by a sharing requester Bill, a metadata ciphertext CT in a block chain is calculated and then converted into a ciphertext CT which accords with the sharing authority of the sharing requester Bill by using an agent re-encryption technologyB
1) The system generates a corresponding search password TK according to the public key PK and the keyword w to acquire retrieval result information and quotations corresponding to the information.
2) Determining the price of sharing information between Bill credit currency of a sharing requester and a user, and entering a ciphertext conversion stage if the credit currency is more than or equal to the information price; otherwise, the 'balance is insufficient' is fed back.
(S07): transmitting the leader node T to all the intra-cluster TnThe node copies the information and waits for a response. After determining that at least more than half of the nodes in the cluster have received the information, the information is confirmed to the storage node, which indicates that the information is in a transmitted state at the moment.
(S08): the transmission node sends a metadata ciphertext CT acquired through keyword ciphertext retrieval to the sharing requester Bill, and acquires a storage position LC of information after decryption, so that the original decrypted information ciphertext CT is downloaded at a corresponding positionAAnd acquiring the information plaintext m.
(S09): the system correspondingly adjusts the credit coins of the users according to the information interaction condition and settles the credit coins according to the feedback data.
The more specific implementation steps of the invention are as follows:
the invention mainly focuses on three roles: the cloud storage, the information owner and the sharing requester are designed, fig. 1 is a model diagram of a block chain ciphertext storage system provided by the invention, fig. 2 is a model diagram of a block chain ciphertext information sharing system provided by the invention, and the specific role design is as follows:
1) cloud storage: the user can purchase the corresponding storage space from the CSP, so that the record information can be conveniently stored.
2) The information owner: all users in the system have the authority to record and store information, can encrypt the information and preset sharing authority, and can decrypt and acquire a secret key only on the premise that a sharing requester meets the sharing information authority, so that the original plaintext information shared by information owners is acquired, and the information owners are assumed to be Alan.
3) The sharing requester: users in the system can initiate a request for sharing information to the information owner or the local node, and the sharing requester is assumed to be Bill. The symbols used in the present invention are shown in table 1:
TABLE 1 symbolic description
Figure BDA0001799999510000031
Step 1: a contract is created.
1) The contract creator converts the contract with the user attribute set characteristics into a binary contract code by using a high-level language, and records the binary contract code in a local network;
2) the manager summons all local users to sign the contract;
3) after the node confirms the signature, the signature is deployed in an Ether house block chain through an Ether house virtual machine;
4) feeding back contract address and calling instruction to contract user
Step 2: and electing a leader node and verifying the legality of the user identity.
In a decentralized block chain system, nodes are mutually independent, trust is achieved through a consensus mechanism algorithm, and the unification of system internal information is achieved on the premise that each node meets self income. According to the working principle of a Pool consensus mechanism, and actual needs, all nodes are divided into two types: storage node, transmission node. Each node can be in three states: leader node, election node and crowd node.
1) In the initial state, all participating nodes are crowd nodes before the information owner sends a storage request.
2) Before receiving no leader node command, all the crowd nodes can select a leader node in the form of democratic voting, and the most voted election node is selected as the leader node within the time of 150-300 ms.
3) Once election is successful, the leader node transmits and stores the latest trading information in the system according to all the mass nodes in the organization cluster of the Raft protocol; and the other nodes are automatically changed back to the public nodes, and the appointed work is completed by following the instruction of the leader node.
And step 3: the information owner Alan submits information and provides a certain guarantee fund and user information sharing reward for the system, after the node confirms the effectiveness of the transaction, the nodes in the cluster copy the information, and after the tasks are completed by most nodes, the information is fed back to the information owner Alan.
And 4, step 4: the node generates ciphertext information CT according to the information provided by the information owner AlanAMetadata Data → { LC, w, IN }, ciphertext CT, and broadcast a storage request inside the cluster, and after determining that most nodes have finished storing, feed back a storage result to the owner Alan of the information, and complete the storing.
The invention realizes the encryption and decryption processes of the information by the attribute proxy re-encryption technology, wherein the information encryption process is as follows:
1) initializing a system: setup (λ, U) → (GP, MSK, PK)
Giving a system security parameter lambda and a system attribute set U, then constructing an addition cyclic group G with the order p, wherein G is a generator of G, and existence of the additive cyclic group G satisfies a bilinear mapping e: g → GTRandomly choosing an integer satisfying g1E.g. G, and set the following target hash function H1:(0,1)2k→Zp,H2:(0,1)2k→GT,H3:(0,1)*→G,H4:(0,1)*→G,H5:(0,1)k→Zp,H6:(0,1)*→ G randomly selects different integers alpha, a epsilon ZpZ is e (g, g), and the integer h is randomly selectedx∈ZpComputing
Figure BDA0001799999510000041
Where x ∈ U.
Figure BDA0001799999510000051
Wherein, GP represents a system public parameter, MSK represents a system master key, and PK represents a system public key.
And a key generation stage: KeyGen (GP, PK, MSK, S)A)→(SKA,PKA)
Inputting a public parameter GP, a system master key MSK and an information owner Alan attribute set
Figure BDA0001799999510000052
Randomly selecting integer t ∈ ZpAnd generating a private key SK corresponding to the information owner AlanA、PKA
Figure BDA0001799999510000053
Similarly, a private key SK of the sharing requester Bill is generatedB、PKB
2) Re-encryption key generation algorithm: RekeyGen (GP, SK)A,(M',ρ'),PKB)→rkA→B
Randomly taking an integer theta from the information owner Alan to form ZpAnd calculate gθ
Figure BDA0001799999510000054
Attribute set S based on shared requestor BillBConstructing a shared structure (M ', rho'), combining a public parameter GP and a private key SK corresponding to the information owner AlanASharing private Key PK of requester BillBCalculating the re-encryption key rkA→B
Figure BDA0001799999510000055
rkA→B=(SA,rk1,rk2,rk3,rk4,Rx)(4)
Where M ' is a matrix of l ' × n ', and the function ρ ' maps the rows of the matrix M ' to attributes. Randomly choosing integer s, y2,...,yn∈ZpForm ZpA column vector
Figure BDA0001799999510000056
Computing
Figure BDA0001799999510000057
Where s denotes a secret shared by the owner of the information, MiVector of ith row of 'corresponding matrix M' { εiIs Mi' of
Figure BDA0001799999510000058
I ═ I: (I) ∈ SAAnd 1 ≦ i ≦ l ' } represents the attribute used in the shared structure (M ', ρ ').
3) Information encryption:
Figure BDA0001799999510000059
first step, encrypting original information: input public key PKAThe information owner inputs information plaintext M, preset viewing and sharing authority (M, rho), calculates ciphertext CTAAnd storing the ciphertext information in the cloud server.
And a second step of metadata encryption: inputting a system public key PK, and preset browsing and sharing authority (M, rho), metadata Data → { LC, w, IN }, wherein LC represents the storage position of an original information ciphertext IN the cloud, w is a keyword of the information, IN is an item number of the information, and the original information ciphertext decryption key k' outputs a ciphertext CT and stores the ciphertext CT IN a block chain.
Figure BDA0001799999510000061
Figure BDA0001799999510000062
Cipher text re-encryption algorithm: ReEncrypt (rk)A→B,CT,PKB,(M',ρ'))→CTB
The node firstly judges whether the sharing requester Bill is a system contract user, if so, selects delta E G randomlyTAnd calculating:
Figure BDA0001799999510000063
Figure BDA0001799999510000064
then based on the re-encryption key rkA→BCalculating the important component phi of the cipher text by the cipher text CT, and finally outputting the re-encrypted cipher text CTB
Figure BDA0001799999510000065
Figure BDA0001799999510000066
Wherein, ω isi∈ZpAnd satisfy
Figure BDA0001799999510000067
And 5: and the sharing requester Bill sends a sharing request, and after the identity validity is confirmed, the node generates an index code according to the keyword provided by the sharing requester Bill and searches the password.
Index generation and keyword retrieval:
Figure BDA0001799999510000068
index generation: inputting a public parameter GP, a keyword w of the information m, and calculating the keyword w in the original information by the nodeACorresponding message authentication code kw, and CT of re-encrypted message ciphertextBMiddle wB' corresponding authentication code kw ', generating index codes ID, ID ';
and (3) keyword retrieval: according to a private key SK corresponding to an input sharing requester BillBKeyword wBAnd the corresponding search key kw' thereof, outputting the keyword wAThe corresponding search password TK.
Step 6: obtaining metadata ciphertext CT according to the index code and the search password, then determining the relationship between Bill credit currency of the sharing requester and the price of the user sharing information, and converting the metadata ciphertext CT into the ciphertext CT conforming to the sharing authority (M ', rho') of the Bill of the sharing requester by using a proxy re-encryption technology on the premise of more than or equal to the price of the user sharing informationB
And 7: the transmission node copies the information in the cluster, and confirms that the information is in a transmitted state after the majority of nodes respond.
And 8: sending the metadata ciphertext CT obtained by searching to the sharing requester Bill, and downloading the decrypted original information ciphertext CT at the corresponding position through obtaining the storage position LC of the information after decryptionAAnd acquiring the information plaintext m.
The information decryption process comprises the following two steps:
1) agent re-encryption and decryption algorithm: ReDecrypt (SK)B,CTB)→CT
System checking attribute set S of sharing requester BillBWhether the encrypted ciphertext CT after the re-encryption is satisfied or notBIf the shared structure (M ', rho') in (1) is satisfied, the sharing requester Bill can use the private key SKBAnd recovering the important component phi of the ciphertext by a decryption method of ciphertext strategy attribute-based encryption to obtain the original information ciphertext decryption key k' and Data recovered by CT. And if not, feeding back 'illegal user'.
Figure BDA0001799999510000071
The user obtains the original information storage position LC and the decryption key k' according to the metadata Data, and for CTADecrypting recovers the plaintext information m.
Figure BDA0001799999510000072
2) Decryption of the original information ciphertext: decrypt (CT)A,k',GP)→m
In the invention, the decryption key k' is only mastered by the block chain and the information owner Alan, and only the information owner Alan can encrypt the original information ciphertext CT on the cloud storage under the unauthorized conditionAUsing the formula
Figure BDA0001799999510000073
And decrypting to obtain the original plaintext information m.
And step 9: and correspondingly adjusting the credit currency of the user according to the actual condition of information interaction.
1) The deposit of the sharing requester Bill that has not successfully interacted is returned first.
2) And then settling the information expense of the successful transaction user according to the transaction completion condition.
The invention provides a block chain ciphertext information storage and sharing model which is compatible with the traditional information storage and sharing and supports keyword retrieval in order to improve the information security in the existing information interaction process and reduce the complexity of information management of a user, combine the existing attribute-based encryption algorithm and the agent re-encryption algorithm, integrate the block chain technology and provide the block chain ciphertext information storage and sharing model which is compatible with the traditional information storage and sharing. And through the attribute proxy re-encryption technology, the information sharing has more flexible sharing control characteristics. When the information owner goes offline, the nodes can still complete information interaction work according to the intelligent contract rules, and uninterrupted information sharing is realized. The keywords are stored on the block chain as part of the metadata, so that information retrieval is facilitated, the information sharing efficiency is improved, the communication cost is saved to a certain extent, and the pressure of high-frequency access of the cloud storage is relieved.
The metadata ciphertext and the original information ciphertext are stored separately, collusion attack resistance is achieved better, and information safety is guaranteed; an intelligent contract of information interaction is designed on the basis of a block chain technology, so that two information sharing parties can spontaneously communicate according to a preset protocol without the participation of a central mechanism, and the safety of ciphertext conversion and the high efficiency of information sharing are ensured. When the information owner is offline, the nodes can still finish information interaction work according to contract rules, and uninterrupted information sharing is realized. The method has the advantages in the aspects of collusion attack resistance, execution efficiency, algorithm complexity and the like, and is more suitable for the development requirements of the field of the current Internet of things.
Drawings
FIG. 1 is a block chain ciphertext storage system of the present invention.
FIG. 2 is a block chain ciphertext information sharing system model diagram according to the present invention.
Fig. 3 is a schematic diagram of an attribute proxy re-encryption process according to the present invention.
FIG. 4 is a flow chart of contract execution between two parties in information exchange according to the present invention.
FIG. 5 is a graph comparing the effect of the number of attributes on the encryption time of the system according to the present invention.
FIG. 6 is a graph comparing the effect of the number of attributes on the decryption time of the system according to the present invention.
FIG. 7 is a graph comparing the effect of the number of attributes on the system re-encryption time.
FIG. 8 is a graph comparing the effect of the number of attributes on the system re-decryption time.
Detailed Description
In order to explain the present invention in more detail, the present invention will be further explained below with reference to specific examples.
Example 1. The invention relates to a contract user information interaction example process.
1) And the information owner Alan sends a storage request and submits an information quotation and a self-defined random character string so as to facilitate the user to obtain an information sharing reward.
2) The transmission leader node T in the cluster transmits the data to the mass nodes T in the clusternAnd broadcasting the validity of the verification information and the user identity. If the data is valid, the transmission leader node T extracts the data and then temporarily stores the data in a log of the transmission leader node T; and if the data is invalid, feeding back 'illegal users'.
3) Transmitting leader node T to all the crowd nodes T in the clusternCopying information and waiting for response, confirming that more than half of nodes in the cluster have received the information, confirming that the information is received to the owner Alan of the information, indicating that the information is in a submitted state once the user receives the confirmation information, and returning T to TnA notification is sent to inform that the data state has been committed. In the process, the information owner Alan needs to submit information quotation and self-defined random character strings so as to facilitate the user to obtain information sharing reward, and provide certain credit coins as the guarantee fund so as to avoid the phenomena of false, plagiarism and the like.
4) The transmission node sends storage information to the storage node, and the node M responsible for storage sends the storage information to the M in the clusteriA storage request is broadcast. After more than half of nodes are determined to be stored, metadata Data → { LC, w, IN } is stored according to the set sharing authority (M, rho) to obtain a ciphertext CT, information is fed back to the information owner Alan, and the storage work is finished.
5) The sharing requester Bill sends a sharing request and submits a certain credit to the system to ensure the true validity of the request. Before information sharing, a storage leader node M in the cluster sends a storage leader node M to a crowd node M in the clusteriAnd broadcasting to verify the identity of the user and judging whether the identity accords with the ciphertext sharing authority (M, rho). If the result is consistent with the result, the leader node M sends the result to the node M in the clusteriA sharing request is broadcast. If not, feeding back 'illegal user'.
6) Further determining the price of Bill credit and user shared information of the shared requester, if the credit is greater than or equal to the information price, entering a cryptograph conversion stage, obtaining a digit metadata cryptograph CT, and converting the digit metadata cryptograph CT into a value meeting the shared requester Bi by using a proxy re-encryption technologyll's shared right (M ', ρ ') ciphertext CTB. Otherwise, the 'balance is insufficient' is fed back.
7) Transmitting the leader node T to all the intra-cluster TnThe node copies the information and waits for a response. After determining that at least more than half of the nodes in the cluster have received the information, the information is confirmed to the storage node, which indicates that the information is in a transmitted state at the moment.
8) The transmission node sends a metadata ciphertext CT acquired through keyword ciphertext retrieval to the sharing requester Bill, and acquires a storage position LC of information after decryption, so that the original decrypted information ciphertext CT is downloaded at a corresponding positionAAnd acquiring the information plaintext m.
9) And the system performs credit settlement according to the information interaction result and the feedback data to correspondingly adjust the credit of the users of both information interaction sides and confirm the updating change condition of the information. And returning the user deposit which is not successfully interacted, and settling the information interaction fee of the user according to the transaction completion condition.
Example 2. And (3) carrying out an information interaction intelligent contract execution process.
The invention designs a large amount of users and information, and in order to more conveniently process transactions, the invention is divided into the following stages according to the time sequence: contract issuing, transaction issuing, authority verification, security check and transaction settlement. Specifically, the following is described with reference to fig. 4:
1) and (3) contract making: the contract creator uses a high-level language to convert a contract with user attribute set characteristics into a binary contract code, records the binary contract code in a local network, simultaneously calls all local users to sign the contract, after the node confirms the signature, deploys the contract in an Ethernet bay blockchain through an Ethernet bay virtual machine, and feeds back a contract address and a calling instruction to the user.
2) Issuing a transaction: the information owner Alan stores metadata Data → { LC, w, IN } according to a preset sharing authority (M, rho) to obtain a ciphertext CT, and meanwhile, the information owner Alan submits an information quotation and a self-defined random character string to facilitate a user to obtain an information sharing reward.
3) And (4) permission examination: in the permission auditing stage, the system collects S according to the attribute of a sharing requester BillBAnd carrying out permission matching with a preset permission set (M, rho), and submitting the result to an intelligent contract. The intelligent contract generates a corresponding search password TK according to the public key PK and the keyword w to acquire retrieval result information and quotations corresponding to the information.
4) And (4) safety checking: in the security check stage, the intelligent contract determines the shared information price of the Bill credit currency of the shared requester and the user, and if the credit currency is larger than or equal to the information price, the intelligent contract enters a ciphertext conversion stage; otherwise, the 'balance is insufficient' is fed back.
5) And (3) transaction settlement: the system correspondingly adjusts the credit coins of the users according to the information interaction result, confirms the updating change condition of the information, and then performs credit coin settlement according to the feedback data. And returning the user deposit which is not successfully interacted, and settling the information interaction fee of the user according to the transaction completion condition.
Example 3. The invention relates to a safety analysis.
a) And (3) safety certification of information interaction:
the invention carries out security certification based on the q-parallel BDHE difficulty problem, judges the bilinear difficulty problem, and if the problem is assumed to be true, an adversary under a stochastic prophetic model
Figure BDA00017999995100001016
Advantage of (2)
Figure BDA00017999995100001017
Neglecting, it is stated that the invention is selected for Plaintext security (CPA).
Theorem 1 if the present invention has negligible advantages in solving the q-parallel BDHE problem, then we call q-parallel BDHE assumed to be (G, G)T) It holds that the invention is CPA secure under the stochastic predictive model.
Proving the assumption that there is an attacker
Figure BDA00017999995100001018
In CPA games, it is advantageous
Figure BDA00017999995100001024
Cannot be ignored and the adversary wins the security game. A game challenger is constructed
Figure BDA0001799999510000101
If there is an attacker
Figure BDA00017999995100001019
The CPA under the security model is broken through by the advantage of xi, and only the challenger needs to be proved
Figure BDA0001799999510000102
Can be assisted by attackers
Figure BDA00017999995100001020
With a non-negligible probability
Figure BDA0001799999510000103
The problem of deterministic q-parallel BDHE is solved.
An initialization stage: game challenger
Figure BDA00017999995100001012
Will receive a message from an attacker
Figure BDA00017999995100001025
Shared authority structure (M) of transmission**)。
A system establishment stage: challenger
Figure BDA00017999995100001013
Randomly selecting a value x' epsilon to ZpAnd calculating: e (g, g)α=e(g,g)χ′e(g,gα) And sends GP and PK to the attacker
Figure BDA00017999995100001023
Query phase 1: and a private key extraction stage: attacker
Figure BDA00017999995100001026
By giving way to the challenger
Figure BDA00017999995100001015
Submitting property sets
Figure BDA00017999995100001028
Challenger
Figure BDA00017999995100001014
Randomly selecting tau epsilon ZpCalculating (i, SK)i) And will SKAIs sent to an attacker
Figure BDA00017999995100001027
And a re-encryption key extraction stage: using a set of attributes SiAnd a sharing authority structure (M ', rho') for extracting a key, firstly judging whether the key meets the requirement (M ', rho'), and if so, acquiring the private key SKAThen calculating rkA→B=(S,rk1,rk2,rk3,rk4,Rx) Otherwise, challenger
Figure BDA0001799999510000104
Arbitrarily selecting one from the two to feed back to the attacker
Figure BDA00017999995100001032
A challenge stage: attacker
Figure BDA00017999995100001029
Randomly sending two segments of messages m with equal length0And m1To the challenger
Figure BDA0001799999510000105
Challenger
Figure BDA0001799999510000106
Randomly extracting a bit attribute b epsilon (0,1) and utilizing (M)**) To mbEncrypted to obtain a ciphertext CT and send the ciphertext CT to
Figure BDA00017999995100001033
And (2) query stage: the query phase 1 operation is repeated.
A guessing stage:
Figure BDA00017999995100001021
give a b' e (0,1) to guess the challenger in the challenge phase
Figure BDA0001799999510000107
The choice of b-0 or b-1 wins the game if the guess is correct, i.e. b' is b. If the attacker
Figure BDA00017999995100001022
The guess result b' ≠ b, the guess is wrong. We define the challenger
Figure BDA0001799999510000108
Has the advantages that:
Figure BDA0001799999510000109
when the output is 0, i.e.
Figure BDA00017999995100001030
Nothing is obtained about mbCannot recover the plaintext, so the guess has the correct probability of
Figure BDA00017999995100001010
When the output is 1, i.e.
Figure BDA00017999995100001031
To obtain any information on mbOn the ciphertext information, andcan recover the plaintext, and the probability of correctly guessing the plaintext is easily obtained by theorem 1
Figure BDA00017999995100001011
Therefore, in the present invention, the q-parallel BDHE guesses accurately, i.e., b 'is advantageous in that b' is
Figure BDA0001799999510000111
Namely, the invention can achieve the aim of challenging plaintext attack.
Collusion attack resistance: the invention adopts an attribute proxy re-encryption algorithm (as shown in figure 1), and a user attribute set
Figure BDA0001799999510000112
And the shared structure (M, ρ) is through A2Verification is performed, rk1、rk3、RxAnd rk4By δ ∈ GTCorrelation, rk1、rk2And rk4By theta ∈ ZpClosely connected, rk4At theta ∈ ZpAnd under the sharing authority structure (M, rho), the pair delta belongs to GTEncryption is performed so when rk1、rk2、rk3、RxThe value of (A) is invalid when an attacker tampers with the corresponding re-encrypted ciphertext, if the attacker tampers with the re-encrypted ciphertext
Figure BDA0001799999510000113
(M, ρ) and rk4Is tampered with, it can be expressed by
Figure BDA0001799999510000114
And (6) verifying.
Due to the special structure of the system, the transmission node and the storage node are separated, a Pool verification Pool consensus mechanism is introduced, and the storage node and the transmission node are both generated in a democratic election mode, so that the randomness of the execution node and the uncertainty of the position are ensured. That is, the storage node does not know the position of the next transmission node, and does not know the information of the sharer, and the randomness of the node determines the difficulty of the communication among the storage node, the transmission node and the sharer, so the possibility of the communication among the storage node, the transmission node and the sharer is extremely low.
Example 4. Efficiency analysis of the invention.
The communication overhead in the invention mainly comprises communication between the transmission node and the storage node and communication between the node and the system. In order to further evaluate the efficiency in the system, a comparison experiment was performed in combination with a Tiwari method for attribute-agent re-encryption secure sharing based on a key strategy, a cross-domain agent re-encryption friend discovery privacy protection study in the mobile social network of rohita et al, and a Seo method for pairing operation based on attribute-agent re-encryption of a constant amount.
The results are shown in table 2 by comparing the system public key PK, MSK length, user private key SK length and CT length with the following three methods. As can be seen from the table, compared with the Tiwari method and the Luo method, the length of the system public key PK of the invention is gradually increased along with the increase of the number of the attributes, and the length increase rate of the user private key SK is far greater than that of the other three methods, so that the key of the invention has higher anti-attack capability. The attribute of the user is used as one of the basis for generating each user private key SK, the control of sharing authority can be flexibly realized, the user attribute is converted into a sharing structure in the ciphertext, and the ciphertext is directionally and effectively protected.
TABLE 2 communication overhead comparison
Figure BDA0001799999510000115
Figure BDA0001799999510000121
The results of comparing the calculation amount required for the encryption, re-encryption, ciphertext decryption and re-encrypted ciphertext decryption processes in the algorithm with the existing three typical methods are shown in table 3, where E is used to describe the group G, GTThe duration of an exponentiation, and P represents a bilinear logarithmic movementThe calculation time length is n, and the number of the attributes is represented. As can be seen from table 3, the bilinear implementation in the Seo method is that the and gate access structure only supports the and relation operation between attributes, but the present invention supports any sharing authority formula, and is more flexible and convenient. Compared with the Tiwari method, the method reduces the required bilinear logarithm operation by increasing multiplication operation, so the operation cost of the method is far less than the operation amount of the two methods, and the aim of reducing the calculation expense is fulfilled. Compared with the Luo method, the algorithm complexity of the invention is also obviously reduced.
TABLE 3 computational overhead comparison
Figure BDA0001799999510000122
In order to further evaluate the efficiency in the system, the invention carries out comparison experiments on three methods, namely a Seo method, a Tiwari method and a Luo method, wherein the four methods adopt Tate bilinear pairing, according to the experiment result of Chen et al, the operation of 512-bit Tate bilinear pairing needs to reach the RSA security level of 1024 bits, and the operation of one-time Tate bilinear pairing takes 20.04ms, and the operation of one-time power exponent operation is carried out for 5.31 ms. The experimental process of the invention is that the operation time of encryption, decryption, re-encryption and re-decryption is respectively simulated and compared according to the attribute number held by the user as a variable.
Fig. 5 illustrates that as the number of attributes increases, the calculation time of encryption also increases, and in order to better ensure the security of information, the invention increases the number of attribute matching times in the encryption process, so the operation time consumption is slightly higher than that of Seo. Fig. 6 shows the decryption duration of the original information, and the invention has absolute advantages over the Tiwari and Luo. The invention shares the calculation task of the data center by different nodes by utilizing the block chain technology, reduces the calculation times of bilinear pairing of the trusted center, and has more advantages on the calculation cost. Fig. 7 shows the change of the calculation time in the re-encryption phase, all four methods need sharing right matching, and the encryption of information with 100 feature attributes in the invention only needs about 1.70s, which is much smaller than the sio method and the Tiwari method. Fig. 8 shows that the time consumption for decrypting information is increased as the number of attributes increases, and the increase rate of the decryption duration of the present invention is minimized as compared with the other three methods as the number of attributes increases.

Claims (1)

1. A block chain ciphertext cloud storage sharing method based on attribute proxy re-encryption is characterized by comprising the following steps:
(S01): before information storage, firstly, a system makes an intelligent contract, and the intelligent contract is signed by an information user together;
(S02): the information owner Alan sends a storage request, and the transmission leader node T selected by the Pool authentication mechanism sends a storage request to the crowd node T in the own clusternBroadcasting the validity of the verification information and the identity of the information owner user;
1) if the data is valid, the transmission leader node T extracts the data which the information owner desires to store, and then temporarily stores the data into the own log;
2) if the user is invalid, feeding back 'illegal user';
(S03): transmitting the leader node T to all the crowd nodes T in the clusternCopying information and waiting for response, confirming that the information is received to the information owner Alan after determining that more than half of nodes in the cluster have received the information, indicating that the information is in a submitted state at the moment once the information owner Alan receives the confirmation information, and returning T to TnSending a notice to inform that the data state is submitted; in the process, the information owner Alan needs to submit information quotation and self-defined random character strings so as to facilitate the user to obtain information sharing reward, and provides certain credit coins as the guarantee fund so as to avoid the phenomena of false and plagiarism;
(S04): the transmission node sends storage information to the storage node, and the leader node M responsible for storage sends the storage information to M in the clusteriBroadcasting a storage request; after more than half of the nodes are determined to finish storage, feeding back information to the information owner Alan, and finishing the storage process;
(S05): a sharing requester Bill sends a sharing request, and before information sharing, a storage leader node in the clusterPoint M to mass node M in its clusteriThe broadcast verifies the user identity of the sharing requester, and judges whether the user identity accords with the ciphertext sharing authority;
1) if the result is consistent with the result, the leader node M sends the result to the node M in the clusteriBroadcasting a sharing request;
2) if not, feeding back 'illegal user';
(S06): according to a keyword w provided by a sharing requester Bill, a metadata ciphertext CT in a block chain is calculated and then converted into a ciphertext CT which accords with the sharing authority of the sharing requester Bill by using an agent re-encryption technologyB
1) The system generates a corresponding search password TK according to the public key PK and the keyword w to acquire retrieval result information and quotations corresponding to the information;
2) determining the price of sharing information between Bill credit currency of a sharing requester and a user, and entering a ciphertext conversion stage if the credit currency is more than or equal to the information price; otherwise, feeding back 'balance is insufficient';
(S07): transmitting the leader node T to all the intra-cluster TnThe node copies the information and waits for a response; after determining that at least more than half of the nodes in the cluster have received the information, confirming the information to the storage node to indicate that the information is in a transmitted state at the moment;
(S08): the transmission node sends a metadata ciphertext CT acquired through keyword ciphertext retrieval to the sharing requester Bill, and acquires a storage position LC of information after decryption, so that the original decrypted information ciphertext CT is downloaded at a corresponding positionAAcquiring a plaintext m of the information;
(S09): the system correspondingly adjusts the credit coins of the users according to the information interaction condition and settles the credit coins according to the feedback data.
CN201811072783.9A 2018-09-14 2018-09-14 Block chain ciphertext cloud storage sharing method based on attribute proxy re-encryption Active CN109189727B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811072783.9A CN109189727B (en) 2018-09-14 2018-09-14 Block chain ciphertext cloud storage sharing method based on attribute proxy re-encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811072783.9A CN109189727B (en) 2018-09-14 2018-09-14 Block chain ciphertext cloud storage sharing method based on attribute proxy re-encryption

Publications (2)

Publication Number Publication Date
CN109189727A CN109189727A (en) 2019-01-11
CN109189727B true CN109189727B (en) 2021-07-23

Family

ID=64910913

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811072783.9A Active CN109189727B (en) 2018-09-14 2018-09-14 Block chain ciphertext cloud storage sharing method based on attribute proxy re-encryption

Country Status (1)

Country Link
CN (1) CN109189727B (en)

Families Citing this family (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109905464B (en) * 2019-01-29 2021-08-20 华东师范大学 Distributed remote sensing data sharing system based on block chain
CN109842681B (en) * 2019-01-31 2021-06-29 广东绍林科技开发有限公司 Data management system and method giving consideration to both centralized and distributed characteristics
CN109933995B (en) * 2019-01-31 2023-04-07 广州中国科学院软件应用技术研究所 User sensitive data protection and system based on cloud service and block chain
CN109979550B (en) * 2019-02-14 2021-06-01 中国科学院信息工程研究所 Block chain medical data management method and system based on distributed attribute signature
CN110098919B (en) * 2019-04-26 2021-06-25 西安电子科技大学 Block chain-based data permission acquisition method
CN109981690B (en) * 2019-04-29 2021-06-11 河南大学 Anti-tamper timing data secret transmission method based on block chain intelligent contract
CN110266687B (en) * 2019-06-21 2021-08-17 杭州云象网络技术有限公司 Method for designing Internet of things security agent data sharing module by adopting block chain technology
CN110266490B (en) * 2019-07-25 2023-04-21 西南石油大学 Keyword ciphertext generation method and device of cloud storage data
CN110599147B (en) * 2019-09-17 2022-11-22 福州大学 Ciphertext retrieval fair payment method and system based on block chain
CN110610102B (en) * 2019-09-23 2021-06-25 郑州师范学院 Data access method, device and system
CN110635909B (en) * 2019-10-16 2022-08-26 淮北师范大学 Attribute-based collusion attack resistant proxy re-encryption method
CN110750541B (en) * 2019-10-18 2023-05-02 天津理工大学 Block chain-based data storage indexing system and method
CN111050317B (en) * 2019-12-07 2022-08-02 江西理工大学 Intelligent traffic data safety sharing method based on alliance block chain
CN111143471B (en) * 2019-12-27 2023-09-01 北京工业大学 Ciphertext retrieval method based on blockchain
CN111092958B (en) * 2019-12-27 2022-10-21 深圳市迅雷网络技术有限公司 Node access method, device, system and storage medium
CN111353165A (en) * 2020-01-16 2020-06-30 湖南智慧政务区块链科技有限公司 Block chain data supervision method, system, equipment and storage medium
CN111310202A (en) * 2020-01-20 2020-06-19 腾讯科技(深圳)有限公司 Information processing method for block chain network, block chain node device and medium
CN111526197B (en) * 2020-04-24 2023-05-09 远光软件股份有限公司 Cloud data secure sharing method
CN111598695A (en) * 2020-05-18 2020-08-28 国网电子商务有限公司 Block chain data access method and device
CN111641641B (en) * 2020-05-29 2021-07-30 兰州理工大学 Block chain data sharing method based on searchable proxy re-encryption
CN111737710A (en) * 2020-06-03 2020-10-02 安徽科技学院 Block chain information storage method based on cryptography
CN111859444B (en) * 2020-06-12 2022-03-01 中国科学院信息工程研究所 Block chain data supervision method and system based on attribute encryption
CN111695128B (en) * 2020-06-15 2023-11-21 中国银行股份有限公司 Data processing method and device for block chain network for data asset allocation
CN111756645B (en) * 2020-06-30 2022-09-06 中国科学技术大学 Ad hoc network elastic transmission control method based on block chain security attribute
CN111784369A (en) * 2020-07-06 2020-10-16 广东工业大学 Competitive product detection method based on alliance block chain
CN111914272B (en) * 2020-07-13 2024-02-02 华中科技大学 Encryption retrieval method and system for origin data in mobile edge computing environment
CN112039880B (en) * 2020-08-30 2021-07-30 河南大学 Block chain distributed outsourcing-based dual-policy access control method
CN113051589B (en) * 2021-03-17 2022-09-02 重庆扬成大数据科技有限公司 Big data government affair analysis and processing safety application platform
CN113259317B (en) * 2021-04-09 2023-05-30 淮阴工学院 Cloud storage data deduplication method based on identity agent unencrypted
CN113193953B (en) * 2021-04-16 2022-09-02 南通大学 Multi-authority attribute-based encryption method based on block chain
CN113556363B (en) * 2021-09-18 2021-12-17 中国人民解放军国防科技大学 Data sharing method and system based on decentralized and distributed proxy re-encryption
CN113810421B (en) * 2021-09-18 2023-05-05 上海万向区块链股份公司 PRE (PRE) Internet of things data sharing method and system based on block chain
CN114520747B (en) * 2022-04-21 2022-08-30 山东省计算中心(国家超级计算济南中心) Data security sharing system and method taking data as center
CN115499193B (en) * 2022-09-14 2024-02-13 西南石油大学 Country travel passenger privacy protection system and method based on blockchain
CN115714669B (en) * 2022-10-20 2024-02-06 云南师范大学 Private data cross-domain sharing method based on PURH-CP-ABE under blockchain

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107171806A (en) * 2017-05-18 2017-09-15 北京航空航天大学 Mobile terminal network cryptographic key negotiation method based on block chain
CN107493340A (en) * 2017-08-23 2017-12-19 广州市易彩乐网络科技有限公司 Data distribution method of calibration in block chain network, apparatus and system
CN108063752A (en) * 2017-11-02 2018-05-22 暨南大学 A kind of credible genetic test and data sharing method based on block chain and proxy re-encryption technology
CN108259169A (en) * 2018-01-09 2018-07-06 北京大学深圳研究生院 A kind of file security sharing method and system based on block chain cloud storage
CN108418681A (en) * 2018-01-22 2018-08-17 南京邮电大学 A kind of searching ciphertext system and method based on attribute for supporting proxy re-encryption
CN108470276A (en) * 2018-03-12 2018-08-31 成都零光量子科技有限公司 A kind of block chain common recognition method using agency's book keeping operation

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107103252A (en) * 2017-04-27 2017-08-29 电子科技大学 Data access control method based on block chain
EP3486855A1 (en) * 2017-11-21 2019-05-22 Wipro Limited System and method to validate blockchain transactions in a distributed ledger network

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107171806A (en) * 2017-05-18 2017-09-15 北京航空航天大学 Mobile terminal network cryptographic key negotiation method based on block chain
CN107493340A (en) * 2017-08-23 2017-12-19 广州市易彩乐网络科技有限公司 Data distribution method of calibration in block chain network, apparatus and system
CN108063752A (en) * 2017-11-02 2018-05-22 暨南大学 A kind of credible genetic test and data sharing method based on block chain and proxy re-encryption technology
CN108259169A (en) * 2018-01-09 2018-07-06 北京大学深圳研究生院 A kind of file security sharing method and system based on block chain cloud storage
CN108418681A (en) * 2018-01-22 2018-08-17 南京邮电大学 A kind of searching ciphertext system and method based on attribute for supporting proxy re-encryption
CN108470276A (en) * 2018-03-12 2018-08-31 成都零光量子科技有限公司 A kind of block chain common recognition method using agency's book keeping operation

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
"一种高效安全的去中心化数据共享模型";董祥千等;《计算机学报》;20180531;第41卷(第5期);1021-1036 *

Also Published As

Publication number Publication date
CN109189727A (en) 2019-01-11

Similar Documents

Publication Publication Date Title
CN109189727B (en) Block chain ciphertext cloud storage sharing method based on attribute proxy re-encryption
CN111639361B (en) Block chain key management method, multi-person common signature method and electronic device
CN107491497B (en) Multi-user multi-keyword sequencing searchable encryption system supporting query in any language
CN112019591B (en) Cloud data sharing method based on block chain
Zhao et al. Secure pub-sub: Blockchain-based fair payment with reputation for reliable cyber physical systems
CN101120351B (en) Derivative seeds distribution method
CN111835500A (en) Searchable encryption data secure sharing method based on homomorphic encryption and block chain
Sun et al. Multi-keyword searchable and data verifiable attribute-based encryption scheme for cloud storage
CN110020541B (en) Reputation evaluation method and system based on block chain privacy protection
CN106487506B (en) Multi-mechanism KP-ABE method supporting pre-encryption and outsourcing decryption
CN110933033B (en) Cross-domain access control method for multiple Internet of things domains in smart city environment
JP2010220212A (en) Securing communications sent by first user to second user
CN110266687B (en) Method for designing Internet of things security agent data sharing module by adopting block chain technology
CN112383550B (en) Dynamic authority access control method based on privacy protection
CN110730064B (en) Data fusion method based on privacy protection in crowd sensing network
CN110737915B (en) Anti-quantum-computation anonymous identity recognition method and system based on implicit certificate
CN110830244A (en) Anti-quantum computing vehicle networking method and system based on identity secret sharing and alliance chain
CN111431898A (en) Multi-attribute mechanism attribute-based encryption method with search function for cloud-assisted Internet of things
CN116303767A (en) Medical data multistage management and sharing method based on CP-ABE
CN115270145A (en) User electricity stealing behavior detection method and system based on alliance chain and federal learning
Wang et al. Attribute-based equality test over encrypted data without random oracles
CN109565440B (en) Key exchange method and key exchange system
Tiwari et al. ACDAS: Authenticated controlled data access and sharing scheme for cloud storage
CN110890961B (en) Novel safe and efficient multi-authorization attribute-based key negotiation protocol
CN114584286B (en) Dynamic ciphertext retrieval and verification method and system supporting omnidirectional operation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20221227

Address after: Room 606-609, Compound Office Complex Building, No. 757, Dongfeng East Road, Yuexiu District, Guangzhou, Guangdong Province, 510699

Patentee after: China Southern Power Grid Internet Service Co.,Ltd.

Address before: Room 02A-084, Building C (Second Floor), No. 28, Xinxi Road, Haidian District, Beijing 100085

Patentee before: Jingchuang United (Beijing) Intellectual Property Service Co.,Ltd.

Effective date of registration: 20221227

Address after: Room 02A-084, Building C (Second Floor), No. 28, Xinxi Road, Haidian District, Beijing 100085

Patentee after: Jingchuang United (Beijing) Intellectual Property Service Co.,Ltd.

Address before: 341000 No. 86 Hongqi Avenue, Jiangxi, Ganzhou

Patentee before: Jiangxi University of Science and Technology