CN110019373A - A kind of data query method, device and equipment based on cryptographic Hash - Google Patents
A kind of data query method, device and equipment based on cryptographic Hash Download PDFInfo
- Publication number
- CN110019373A CN110019373A CN201910100158.9A CN201910100158A CN110019373A CN 110019373 A CN110019373 A CN 110019373A CN 201910100158 A CN201910100158 A CN 201910100158A CN 110019373 A CN110019373 A CN 110019373A
- Authority
- CN
- China
- Prior art keywords
- data
- block
- data block
- cryptographic hash
- record
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 230000000903 blocking effect Effects 0.000 claims description 21
- 238000012163 sequencing technique Methods 0.000 claims description 9
- 241001269238 Data Species 0.000 claims description 5
- 238000003860 storage Methods 0.000 abstract description 20
- 230000008859 change Effects 0.000 abstract description 8
- 238000010586 diagram Methods 0.000 description 15
- 238000004891 communication Methods 0.000 description 11
- 238000007792 addition Methods 0.000 description 7
- 230000008569 process Effects 0.000 description 7
- 230000007246 mechanism Effects 0.000 description 6
- 230000004048 modification Effects 0.000 description 5
- 238000012986 modification Methods 0.000 description 5
- 238000010926 purge Methods 0.000 description 5
- 238000012550 audit Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 238000013500 data storage Methods 0.000 description 3
- 238000012217 deletion Methods 0.000 description 3
- 230000037430 deletion Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000005540 biological transmission Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 238000010276 construction Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000010200 validation analysis Methods 0.000 description 2
- 241000406668 Loxodonta cyclotis Species 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000000712 assembly Effects 0.000 description 1
- 238000000429 assembly Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000012790 confirmation Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000007257 malfunction Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 239000003550 marker Substances 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
- 230000002123 temporal effect Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/24—Querying
- G06F16/245—Query processing
- G06F16/2455—Query execution
Abstract
Disclose a kind of data query method, device and equipment based on cryptographic Hash.Under the scene for carrying out the storage of centralization to data record in a manner of data block chain in service side, the cryptographic Hash of the data block determined in each data block comprising the cryptographic Hash by last data block and the data record for itself being included, the provider of data service can not easily make a change the data of storage.User need to only input cryptographic Hash, so that it may which whether the data record inquired in the data record of oneself, and the whole data block chain of verifying at any time is correct, ensure that the integrality of user data, improves user experience.
Description
Technical field
This specification embodiment be related to information technology field more particularly to a kind of data query method based on cryptographic Hash,
Device and equipment.
Background technique
Current database product is typically all centralization, and data are generated by user, but the additions and deletions of data are changed
It the operations such as looks into and is all based on the instruction of user and carried out in server-side.
In this case, user has a mind to know whether the data of oneself damage occur, lose or distorted by people,
And it is hoped that there will be a kind of modes, and this verifying may be implemented.And since in practical applications, the data volume that user generates is very big
, for example, in some data bank services towards enterprise-level, such as audit log, supply chain, government regulation, consumer record
In equal application scenarios, enterprise customer wants to inquire the data of oneself mistake whether occur and be not easy to.
Based on this, a kind of data query scheme convenient for user's checking is needed.
Summary of the invention
It is to realize in centralization aiming at the problem that whether the data that user is difficult to verify oneself in available data storage malfunction
Data storage in, improve user experience, this specification embodiment provides a kind of data query method, apparatus based on cryptographic Hash
And equipment, the method are applied in the database service provider by the centralization of multiple data block storing datas, specifically
Include:
The inquiry instruction of user is received, includes cryptographic Hash to be checked in the inquiry instruction, the cryptographic Hash is data
The cryptographic Hash of record or the cryptographic Hash of data block;
The block height for obtaining data block locating for data record is inquired based on the cryptographic Hash, data are recorded in locating data block
Offset or data record in plain text, alternatively, the block that inquiry obtains the corresponding data block of cryptographic Hash of data block is high, and return
Query result;
Wherein, in addition to initial data block, include at least one data record in each data block, wrapped in each data block
Cryptographic Hash containing the data block that the cryptographic Hash by last data block and the data record for itself being included determine, data block
Sequencing monotonic increase of the block height based on Chunky Time.
Corresponding, this specification embodiment also provides a kind of data query device based on cryptographic Hash, is applied to by more
In the database service provider of the centralization of a data block storing data, described device includes:
Receiving module receives the inquiry instruction of user, includes cryptographic Hash to be checked, the Hash in the inquiry instruction
Value is the cryptographic Hash of data record or the cryptographic Hash of data block;
The block height for obtaining data block locating for data record is inquired based on the cryptographic Hash, data are recorded in locating data block
Offset or data record in plain text, alternatively, the block that inquiry obtains the corresponding data block of cryptographic Hash of data block is high, and return
Query result;
Wherein, in addition to initial data block, include at least one data record in each data block, wrapped in each data block
Cryptographic Hash containing the data block that the cryptographic Hash by last data block and the data record for itself being included determine, data block
Sequencing monotonic increase of the block height based on Chunky Time.
Under the scene for carrying out the storage of centralization to data record in a manner of data block chain in service side, each data block
In include the cryptographic Hash of the data block determined by the cryptographic Hash and the data record that itself is included of last data block, data
The provider of service can not easily make a change the data of storage.User need to only input cryptographic Hash, so that it may look at any time
Whether the data record ask in the data record of oneself, and the whole data block chain of verifying is correct, ensure that user data
Integrality, improve user experience.
It should be understood that above general description and following detailed description be only it is exemplary and explanatory, not
This specification embodiment can be limited.
In addition, any embodiment in this specification embodiment does not need to reach above-mentioned whole effects.
Detailed description of the invention
In order to illustrate more clearly of this specification embodiment or technical solution in the prior art, below will to embodiment or
Attached drawing needed to be used in the description of the prior art is briefly described, it should be apparent that, the accompanying drawings in the following description is only
The some embodiments recorded in this specification embodiment for those of ordinary skill in the art can also be attached according to these
Figure obtains other attached drawings.
The schematic diagram of system architecture involved in Fig. 1 current techniques;
Fig. 2 is a kind of flow diagram for data query method based on cryptographic Hash that this specification embodiment provides;
Fig. 3 is the flow diagram that the illustrative part of one kind provided by this specification embodiment is removed;
Fig. 4 is a kind of process schematic for construction concealmentization data record that this specification embodiment provides;
Fig. 5 is the schematic diagram of another system framework involved in this specification embodiment;
Fig. 6 is a kind of structural schematic diagram for data query device based on cryptographic Hash that this specification embodiment provides;
Fig. 7 shows one kind provided by this specification embodiment and more specifically calculates device hardware structural schematic diagram;
Fig. 8 is the specific schematic diagram for generating time service certificate of one kind that this specification embodiment provides.
Specific embodiment
In order to make those skilled in the art more fully understand the technical solution in this specification embodiment, below in conjunction with this
Attached drawing in specification embodiment is described in detail the technical solution in this specification embodiment, it is clear that described
Embodiment is only a part of the embodiment of this specification, instead of all the embodiments.The embodiment of base in this manual,
Those of ordinary skill in the art's every other embodiment obtained, all should belong to the range of protection.
Firstly the need of explanation, in current server architecture, database server can be the visitor directly docked
Family end personal user is also possible to dock client personal user by some application servers, and database server then docks
The application server.As shown in Figure 1, the schematic diagram of system architecture involved in Fig. 1 current techniques.
Therefore, in this specification embodiment, when user is application server, database service provider can be figure
Database server shown in 1;And when user is client personal user, database service provider is also possible to by answering
The server-side constituted with server and database server is whole.But no matter in that case, all it is for the storage of data
It is completed in database service provider, and the instruction for being also based on user for the operation of data (change including additions and deletions look into etc.) exists
Database service provider carries out, and user data and is stored in database service provider to the operating result of data, uses
The data cannot be stored in family and other equipment.In other words, the database service provider in this specification be with
The form of centralization provides data service.
Below in conjunction with attached drawing, the technical solution that each embodiment of this specification provides is described in detail.As shown in Fig. 2, Fig. 2 is this
A kind of flow diagram for data query method based on cryptographic Hash that specification embodiment provides, which specifically includes as follows
Step:
S201 receives the inquiry instruction of user, includes cryptographic Hash to be checked in the inquiry instruction, the cryptographic Hash is
The cryptographic Hash of data record or the cryptographic Hash of data block.
It should be noted that for a user, the type that can specify the cryptographic Hash of input is the Kazakhstan of data record
The cryptographic Hash of uncommon value or data block;It can not also specify, merely enter a cryptographic Hash, then voluntarily judged by server-side.One
As for, before cryptographic Hash can be user upload data record when server-side return cryptographic Hash, be also possible to user oneself
Carry out what Hash operation obtained for certain data.
S203 inquires the block height for obtaining data block locating for data record based on the cryptographic Hash, data are recorded in locating number
According to the offset or data record plaintext in block, alternatively, the block that inquiry obtains the corresponding data block of cryptographic Hash of data block is high,
And return to query result.
Database service provider can carry out traversal from data block based on cryptographic Hash and look into after receiving inquiry instruction
It askes, can also be inquired from the index pre-established.For example, directly being traversed from the last one current data BOB(beginning of block)
Inquiry.
Following exemplary enumerates several inquiry modes provided by several this specification embodiments:
The first, the cryptographic Hash of input block, all data clear texts in returned data block;Alternatively, input data is remembered
The cryptographic Hash of record, returned data record in plain text, specifically, inquiry instruction SELEC T (khash , &v) realization can be used, work as clothes
When business side receives corresponding inquiry instruction, i.e., query logic above-mentioned is executed to return the result based on cryptographic Hash.
Second, the block of the cryptographic Hash of input data record, the locating data block of returned data record is high, and, at this
Offset in data block, specifically, inquiry instruction SELECT (khash , &v, FULL) realization can be used;
The third, it is high to return to block according to block Hash for the cryptographic Hash of input block.Specifically, inquiry instruction can be used
SELECT (khash, BLK) Lai Shixian.
It is of course also possible to which there are users to have input a cryptographic Hash, and service side cannot inquire the feelings of corresponding result
Shape.For example, user has input the corresponding cryptographic Hash of a data record, and service side's inquiry is less than as a result, so at this point, user
Can be with reasonable doubt, data record corresponding to the Hash has occurred that variation, it may be possible to be tampered, or be possible to
Loss of data has occurred.
Under the scene for carrying out the storage of centralization to data record in a manner of data block chain in service side, each data block
In include the cryptographic Hash of the data block determined by the cryptographic Hash and the data record that itself is included of last data block, data
The provider of service can not easily make a change the data of storage.User need to only input cryptographic Hash, so that it may look at any time
Whether the data record ask in the data record of oneself, and the whole data block chain of verifying is correct, ensure that user data
Integrality, improve user experience.
The database service provider of the centralization involved by this specification embodiment, data block are preparatory in the following way
It generates:
Data record to be stored is received, determines the cryptographic Hash of each data record.The data record of to be stored, can herein
To be the various consumer records of client personal user, it is also possible to instruction of the application server based on user, in the business of execution
Business result, intermediate state and operation note for being generated when logic etc..Specific business scenario may include consumer record,
Audit log, supply chain, government regulation record, medical records etc..
When reaching preset blocking condition, each data record in data block to be written is determined, generating includes data block
Cryptographic Hash and data record n-th data block.
The preset blocking condition includes: that data record quantity to be stored reaches amount threshold, for example, often receiving
When 1000 datas record, a new data block is generated, 1,000 datas are recorded in write-in block;Alternatively, apart from the last time at
The time interval at block moment reaches time threshold, for example, a new data block was generated every 5 minutes, it will be inscribed at this 5 minutes
In the data record write-in block received.
N herein refers to the serial number of data block, and in other words, in this specification embodiment, data block is with block chain
Form, the sequence based on Chunky Time successively arrange, and have very strong temporal aspect.Wherein, the block height of data block is based on blocking
The sequencing monotonic increase of time.Block height can be serial number, and the block height of n-th data block is N at this time;Block height can also be with it
Its mode generates.
As N=1, i.e., data block at this time is initial data block.The cryptographic Hash and block height of initial data block are based on pre-
If mode is given.For example, not including data record in initial data block, cryptographic Hash is then any given cryptographic Hash, and block is high
Blknum=0;In another example the generation trigger condition of initial data block is consistent with the trigger condition of other data blocks, but it is initial
The cryptographic Hash of data block is by taking Hash to determine all the elements in initial data block.
As N > 1, since content and the cryptographic Hash of last data block are it has been determined that then at this point it is possible to be based on last data
The cryptographic Hash of block (i.e. the N-1 data block) generates the cryptographic Hash of current data block (n-th data block), for example, a kind of feasible
Mode be to determine that the cryptographic Hash of the data record in n-th block will be written in each, according to putting in order in block,
A Merkel tree is generated, the cryptographic Hash of the root cryptographic Hash of Merkel tree and last data block is stitched together, is used again
Hash algorithm generates the cryptographic Hash of current block.In another example can also be spliced according to the sequence of data record in block and take Kazakhstan
The uncommon cryptographic Hash for obtaining overall data record splices the cryptographic Hash of last data block and the cryptographic Hash of overall data record, and right
Splice obtained word string and carry out Hash operation, generates the cryptographic Hash of data block.
By the generating mode of data block above-mentioned, each data block is determined by cryptographic Hash, the cryptographic Hash of data block
It is determined by the cryptographic Hash of the content of the data record in data block, sequence and last data block.User can be at any time based on number
Verifying is initiated according to the cryptographic Hash of block, for content any in data block (including for data record content in data block or suitable
The modification of sequence) cryptographic Hash of the modification when cryptographic Hash of data block being calculated in verifying and data block can all be caused to generate
It is inconsistent, and lead to authentication failed, thus can not distort under realizing centralization.
By generating the data block including a certain number of data records, and record Hash when data block generates
Value, to realize the storage for carrying out centralization to data record in a manner of data block chain.Under this data storage method, often
The cryptographic Hash of one data block is dependent on the cryptographic Hash of last data block and the content for the data record for itself being included.User can
To inquire oneself data record at any time based on above-mentioned storage form, and can be according to the cryptographic Hash to specified data block
Or specified data record carries out cryptographic Hash verifying, ensure that the integrality of user data, improves user experience.
After being stored to data record, some relevant index informations can also be resettled, for example, due to
What is saved in data block is data record, without the cryptographic Hash of data record.Therefore, in order to which finding of can be convenient is any
Data record, can establish using the cryptographic Hash of data record as key, and with the block of data block locating for data record, high, data are recorded in
Offset in locating data block is the index of value, is stored.Alternatively, can also establish using the cryptographic Hash of data block as key,
With the index of a height of value of the block of data block.To inquiry when can be directly based upon cryptographic Hash from the concordance list having built up into
Row inquiry, it is more convenient.It should be noted that the creation of above-mentioned index information is relative to blocking can be asynchronous progress, with
And above-mentioned index information can send backup to user, thus being recorded according to index to any data of also can be convenient of user
It is inquired or is verified.
Cryptographic Hash due in query process, needing to rely on data record cryptographic Hash or data block is inquired.It changes
Yan Zhi, each data record have required corresponding data record Hash.Therefore when user needs storing data, can pass through
The addition instruction of dedicated addition data record, is added specific data record, service side determines described to be added
The cryptographic Hash of data record, and the block Hash of block locating for the cryptographic Hash and the data record of the data record is returned to user;
The data record to be added is stored in local cache, when to meet preset blocking condition, the data record is write
Enter in new data block.To which user can look into according to the Hash to data record when needing to inquire
It askes.The following are the instructions that record is illustratively added provided by this specification embodiment:
APPEND (v , &khash): addition data record, the cryptographic Hash of returned data record.
Further, in storing process, service side can also provide the signature of corresponding service platform, specifically include as
Under type: encrypting the data record using privacy key, generates server to the private key label of the data record
Name;The cryptographic Hash of the private key signature and data record is returned to user, so that user uses private described in corresponding public key decryptions
Key signature is verified.To which user can be confirmed that the cryptographic Hash is that service side is recognized.Specifically, user can add
Service side is required to provide the signature in instruction, the following are the additions for illustratively returning to signature provided by this specification embodiment
The instruction of record:
APPEND (v , &khash, CERT): the corresponding cryptographic Hash of returned data record, and, return to service side's signature
Certificate.
Certainly, in the other types of database manipulation provided by this specification embodiment, for example, inquiry, removing,
It can also include service side's signing certificate in returning the result in the other database manipulations of verifying and concealment etc..
Except inquiry, user actively can also initiate verifying to multiple data blocks already existing in database, specifically
For, verifying instruction can be initiated by user, need which data block to initiate verifying, example to by the way that parameter is specified in verifying instruction
Such as, a data block can be specified by cryptographic Hash or block height, multiple data blocks before or after the data block is sent out
It rises and whether correctly verifies;Alternatively, specifying a data record by cryptographic Hash, a data record is verified with the presence or absence of data
In library.It verifies obtaining the result is that one " having " perhaps metadata as "None" and " correct " or " incorrect ".Below
Illustratively give several validation testings provided by this specification embodiment:
The first, input cryptographic Hash, data block is determined by cryptographic Hash, verifying is executed to the data block, be verified as a result,
Specifically, can be realized by verifying instruction VERIFY (' khash ' , &v).
Second, cryptographic Hash is inputted, corresponding data block is determined by cryptographic Hash or determines that the corresponding data of cryptographic Hash are remembered
The locating data block of record, is verified up to initial data block forward from determining data BOB(beginning of block), specifically, can be referred to by verifying
VERIFY (' khash ', -1) is enabled to realize, it is however generally that, original block a height of " 0 " or " 1 ", therefore, therein -1 can also be with
It is other values high less than original block.
The third, inputs cryptographic Hash, determines corresponding data block by cryptographic Hash, verify forward from determining data BOB(beginning of block)
The data block of specified number, specifically, can be realized by verifying instruction VERIFY (' khash ' , &v, blknum).
4th kind, the quantity that input block height and needs are verified verifies forward specified number by the high corresponding data BOB(beginning of block) of block
The data block of amount, specifically, can be realized by verifying instruction VERIFY (blkh , &v, blknum).
It is being returned when verifying the result is that a "Yes" or "No" metadata, as previously mentioned, service side can be at this time
The signature of service side is added in this process, and the generating mode of signature is described above.Specifically, can be any
Verifying instruction end be added represent service side signature parameter " CERT ", such as: VERIFY (' khash ' , &v, blknum,
CERT), to sign in returning the result with service side.
Under another embodiment, if in the content of data block also including the timestamp or data note of data block
The timestamp of record, alternatively, when database service side has also pre-generated related index, for example, generated when blocking block it is high and at
The cryptographic Hash of the index or data block of the index of block timestamp or the cryptographic Hash of data record and logging timestamp and at
The index etc. of block time, then at this point, service side can also provide corresponding time inquiring mode, it can from data block
When perhaps inquiring the high perhaps cryptographic Hash of corresponding block by time value in index or inquiring corresponding by cryptographic Hash or block height
Between be worth, following exemplary enumerates several time-based inquiry modes provided by this specification embodiment:
The first, input block is high, the Chunky Time of the high corresponding data block of query block, specifically, can be by time inquiring
TIME (blknum , &v) is instructed to realize.
Second, cryptographic Hash is inputted, returns to timestamp corresponding to cryptographic Hash, cryptographic Hash here can be data block
Cryptographic Hash is also possible to the cryptographic Hash of data record, specifically, TIME (' khash ' , &v) can be instructed real by time inquiring
It is existing.
The third, input time value, the block for returning to the last one data block before the time value is high, alternatively, returning
The block of the cryptographic Hash of the last item data record and locating data block is high before the time value, specifically, can be by the time
Inquiry instruction LTIME (' timestamp ' , &v) it realizes.
In this specification embodiment, if user no longer needs the service, data can be carried out before terminating service
Global purge.For example, user inputs account book ID, service side removes the account book, for example, real by clearance order PURGE (lgid)
Existing, alternatively, user also inputs a time span, service side first files the account book, after reaching the time span, service side
The account book is removed, for example, being realized by clearance order PURGE (lgid, day-archive).
And since the data of user constantly increase, memory space is caused to occupy more and more or some longer
The historical data of time is no longer valuable for user at this point, database service side is also based on the demand of user, right
Data block carries out corresponding part and removes.When part is removed, it can carry out at or time point high based on block.
For example, user specifies account book ID and block high, the data block before service side determines block height based on block height is to need
Then the data block to be removed removes these and determines the data block for needing to remove, specifically, can be by clearance order PURGE
(lgid, d-a, blkbound) is realized.
In another example user specifies account book ID and time point, service side is based on time point and determines at the time point before most
The data block generated before the data block is determined as the data block for needing to remove, then clearly by the data block that the latter generates
Except these determine the data block for needing to remove, specifically, can be real by clearance order PURGE (lgid, d-a, ' timestmp ')
It is existing.
Before execution part removing, since the cryptographic Hash of first data block of the data block chain after removing is before being based on
What the cryptographic Hash of one data block generated, at this time, it is also necessary to generate a pseudo- initial data block, the cryptographic Hash etc. of pseudo- initial data block
In the cryptographic Hash of determined the last one data block for needing to remove, this way it is possible to avoid appearance when being verified afterwards
Mistake.The cryptographic Hash of the last one data block can inquire acquisition from the index pre-established, can also be from initial data block
Start the cryptographic Hash that the data block is calculated in progress sequence, or inquires and obtain from the data block.
Content in newly-generated pseudo- initial data block can be sky, some corresponding remarks can also be recorded, for example, raw
At time etc..But the content of pseudo- initial data block is unrelated with the pseudo- cryptographic Hash of initial data block.And service side is also
It can sign to the puppet initial data block.
In addition, for a user, the data that generally can all remove to part back up.Based on this, carried out in user
During part is removed, the data for needing part to remove confirmation can also be inserted into and verified.As shown in figure 3, Fig. 3 is
The flow diagram that the illustrative part of one kind provided by this specification embodiment is removed.In the schematic diagram, user's input
At time point, at the generation moment of nearest data block, be then somebody's turn to do before can specifically inquiring to obtain first at the time point
The block for generating moment corresponding data block is high, generates pseudo- initial data block and signs, performs part clear operation again later.
In practical applications, some data (herein referred to as sensitive data) are once written into data block, Jiu Huizao
At harmfulness consequence.For example, having the content in data record is " leaf XX, gender male, identity in the data that company A uploads
Card number is 123456 ", and the identification card number in the data record is related to having revealed privacy of user, needs to hide it.
As the modification or removing while meeting in the scheme provided by specification embodiment, for any data record
Lead to the validation failure to other data blocks, be based on this, this specification embodiment also provides a kind of side for hiding sensitive data
Method, specifically, core technology means are that data record locating for the information that will need to be concealed in data block is substituted for the number
According to the cryptographic Hash of record.In this way, can not only stop disclosing the sensitive information, but also the steady fortune of data block system is not affected
Row.
Specifically, user can directly specify the position to secret information, alternatively, in practical applications, user can also
To issue the secret information instruction for carrying location information.Here location information includes that data block block is high, data are recorded in block height
In offset, to offset of the secret information in data record, to length of secret information etc..
For example, a kind of illustrative secret information instruction can be DELETE (blkheight, txoff), in this instruction
Under, concealment is the data record as corresponding to the specified high blkheight of the block and amount of specifying Offsets txoff;
In another example another illustrative secret information instruction can be DELETE (blkheight, txoff, offset,
Length), under this instruction, determine that a data records by block high blkheight and offset txoff, hide the data
Starting length at the offset specified in record is information determined by length.
The information obtained after secret information is replaced or is removed has not been re-used as data record use, can be with
Referred to as remark information.During secret information, a kind of feasible mode is to determine to data record locating for secret information
Cryptographic Hash, preset preceding tab character is spliced to the stem of the cryptographic Hash, tab character after preset is spliced to institute
The tail portion of cryptographic Hash is stated, also, remark information is spliced to the tail portion of the rear tab character, then, by the preceding marker word
The data that symbol, the transaction Hash, the rear tab character and the remark information are spliced into are determined as the concealmentization number
According to record.As shown in figure 4, Fig. 4 is a kind of process schematic for construction concealmentization data record that this specification embodiment provides.
It should be noted that above-mentioned preceding tab character can be specified according to actual needs with rear tab character.Example
Such as, the preceding tab character can be " 0E ", and the rear tab character can be " 0F ".The effect of above-mentioned preceding tab character
It is, when needing to read the data record when being verified later, then, preceding tab character reveals out information to node at this time:
" clear content for the not instead of data record that the storage location is stored, the cryptographic Hash of data record ".At this point, then can be straight
Connect read the cryptographic Hash verified.And when needing to read corresponding remark information, then it can be since rear tab character " 0F "
It is read out, after having hidden sensitive information, content can be essentially identical with the data record content before concealment in remark information,
It is also possible to completely empty (content of i.e. whole data record is hidden completely).
In addition, it should be noted that, being a stringenter operation for the concealment of historgraphic data recording.Its often elephant
Levy the information that certain triggering laws and regulations perhaps violate morals and disclose also tend to be it is multi-party adjust or trial after obtain and need
To carry out forcing the conclusion of processing to information.Therefore, when executing above-mentioned clear operation, a kind of feasible mode are as follows: remove behaviour
Make to need certain signature weight.
For example, for the operational order that ordinary user is issued, backstage default signature weight is 30, and service side or its
The useful signature weight of its transaction system is then 60, and the national executing agency by force such as law court issues the signature weight of operational order
It is 120, and signature weight needed for a clear operation is preset as 100.The execution weight of one operation can be participant
The sum of weight of signing, it is however generally that, participant can be set no more than 2.Under this embodiment, two sum numbers are at least needed
It could be executed according to the digital signature for recording related authorities (such as transaction system side and database service side).That is, it needs to hand over
Easy system side initiates clearance order and signs, and database service side receives clearance order and signs and can just be purged.And by
Even if terminal user initiate clearance order database service side carried out signature authorization as signature weight not enough without
It can execute.
Further, database service side can also provide some other database service modes, such as:
During filing, user data account book is given for change, realized by giving instruction RECALL (lgid) for change, account book herein
It refers to containing the set of all data blocks;
The block for returning to the last one current data block is high, by instructing GETHEIGHT (&v) it realizes;
User's account book ID is returned to, by instructing GETLEDGER (&v) realize etc..
In addition, it should be noted that, it is provided herein to realize to provide a variety of operational orders in the above description
Database service mode.But the form of operational order is not limited to the form that this specification embodiment is proposed, in reality
In, the form of the operational order of data can be diversified, only need to may be implemented the service side that the application is proposed
Formula.And inquiry instruction itself merely provides a user-friendly external form, receives and instructs in service side
And executive mode corresponding to each instruction is still relied on when executing.
Further, after generating data block, service side can also provide each piece of corresponding timestamp.For example, introducing
National time service hub-interface carries out out block using believable timestamp in block out.It is thus possible to which relying on the timestamp carries out rope
The foundation drawn.
In one embodiment, for any data block, if having receiving time in data record in the block
Stamp is ranked up data record then can be stabbed according to receiving time, distributes to one sequence serial number of each data record;Or
Person can reset serial number according to the direct Allotment Serial Number of the sequence for receiving data record, and after blocking, so as to next
Allotment Serial Number inside a data block.
After determining serial number, it can according to the cryptographic Hash of each data record of determination, splice the serial number and Kazakhstan
Uncommon value.Specifically, can be used to place serial number in the substring that designated length is added in the head of cryptographic Hash or tail portion, number is generated
According to the timing Hash character string of record, then, according to the sequence of sequence serial number, establishes the Chunky Time comprising data block and stab sum number
According to the first concordance list of the timing Hash character string corresponding relationship of record.As shown in table 1, table 1 is mentioned by this specification embodiment
A kind of the first concordance list about data record supplied.In table 1, first 6 of the cryptographic Hash of data record are inserted accordingly
Serial number word string, " 0x " therein are serial numbers for identifying next, and " 0001 " therein is serial number, and " hash1 " is to count
According to the cryptographic Hash of the first data in block, the time in left side is the Chunky Time of data block.In this manner, timestamp has
Effect digit is fully retained.
Table 1
| 20xx-01-19 03:14:07.938576 | 0x0001Hash1 |
| 20xx-01-19 03:14:07.938576 | 0x0002Hash2 |
| 20xx-01-19 03:14:07.938576 | 0x0003Hash3 |
| 20xx-01-19 03:14:07.938576 | …… |
Under another embodiment, same mode, for any data block, if the data record in the block
In have receiving time stamp, then can according to receiving time stab data record is ranked up, distribute to each data record one
A sequence serial number;Or it can be according to the direct Allotment Serial Number of the sequence for receiving data record, and by serial number after blocking
Resetting, so as to Allotment Serial Number inside next data block.
At this point it is possible to by Chunky Time stab in last specified digit eliminate, for the serial number of data record to be written.
Further, it is also possible to the appointed sequence number that will not distribute to data record be added in the index, for storing Chunky Time stamp and data
The high corresponding relationship of the block of block, and index is written.For example, the serial number of data record is generally since 1, then it can be by serial number " 0 "
The block of block is high for storing data.As shown in table 2, table 2 is a kind of about data record provided by this specification embodiment
Second concordance list.In table 2, last three of the Chunky Time in left side are (assuming that the data record quantity stored in a block is not
More than 1000) for storing the serial number of data record.
Table 2
| 20xx-01-19 03:14:07.938000 | Blkheight |
| 20xx-01-19 03:14:07.938001 | Hash1 |
| 20xx-01-19 03:14:07.938002 | Hash2 |
| 20xx-01-19 03:14:07.938003 | Hash3 |
| 20xx-01-19 03:14:07.938004 | …… |
Under this embodiment, although sacrificing several time number of significant digit, the cryptographic Hash of data record can be with
It directly reads, and can be high by the block of specified serial number (000 i.e. in table 2) identification data block.
It can be created at once in the time of block out when above-mentioned index creation, be also possible to asynchronous creation.Index itself can
To be avoided out of data block for some lookups or statistical operation for example, counting the data record quantity in some period
Traversal counting is carried out, it is more convenient.
In addition, having generally comprised continuous multiple data blocks in one account book when using the account book storing data of block chain type.
In practical application, data block is numbered commonly using nature serial number.For example, the block of initial data block a height of 1, subsequent every increasing
Add a data block, block height adds 1.Based on this, this specification embodiment also provides a kind of piece high creation mode, specifically, really
Determine the Chunky Time of data block, then it is converted to integer data by the Chunky Time using symmetric encipherment algorithm, will be described
Integer data is high as the block of the data block, and Chunky Time is more early, and integer data is smaller.
Specifically, integer here can be a big integer data, for example, one 13 big integers.To, by
It is to be obtained based on time symmetric cryptography in big integer, it, can be similarly symmetrical thus in the Chunky Time for needing data block
Decryption obtains Chunky Time.
It, can be with after by symmetric cryptography for example, for Chunky Time " 20xx-01-19 03:14:07.938576 "
One big integer " 1547838847938 " is converted to, due to integer data monotonic increase at any time,
"1547838847938".It at this time can be as the block height of the data block, for identifying the data block.In this specification, block is high
Based on Chunky Time monotonic increase, accordingly even when use big integer data, but between them still from small to large, instead
The sequence between each data block is reflected.For example, if the Chunky Time of a following data block be " 20xx-01-19 03:16:
07.235125 ", then another bigger big integer can be converted into using preset symmetric encipherment algorithm
“1547838848125”。
Based on this, the serial number of each business diary in data block, and splicing block can also be determined as in foregoing manner
High and serial number, generates the timing information of the business diary simultaneously comprising block height and serial number, and establish the cryptographic Hash of business diary with
The third concordance list of timing information.As shown in table 3, table 3 is a kind of third concordance list provided by this specification embodiment.At this
In table, the big integer in left side is the timing information comprising block height and serial number, and block height is based on time symmetric cryptography and obtains.When blocking
Between be accurate to Millisecond it is other in the case of, 3 decimal digits are introduced in third index after block height and carrys out identification number and (limits
Block threshold value is 999), so being million grades for the hypothesis of handling capacity, to have been able to meet any real trade scene.If gulped down
The amount of spitting is higher, then only more decimal system need to be introduced after block height carrys out identification number.
Table 3
| 1547838847938000 | 1547838847938 |
| 1547838847938001 | Hash1 |
| 1547838847938002 | Hash2 |
| 1547838847938003 | Hash3 |
| 1547838847938004 | …… |
Under a kind of actual application scenarios, database service provider involved in the embodiment of this specification may be used also
To provide corresponding service for corresponding database.As shown in Figure 5, Fig. 5 is another involved in this specification embodiment
The schematic diagram of system architecture enhances service provider including Basis of Database service provider and database.For example, wherein
MySQL, PostgreSQL, MongoDB etc. be Basis of Database service provider, these Database Systems can be normal
The additions and deletions that the transaction system seen provides basis change the service for looking into etc. operation.Meanwhile also phase can be respectively locally stored in they
The business operation log for these operations answered, describes Basis of Database service provider to business in business operation log
The operation note of data.There is provided the system further serviced for this Basis of Database service provider is this specification embodiment
Provided database enhances service provider Ledger server.
Based on this, this specification embodiment, which also provides one kind, can provide further increasing for Basis of Database service provider
The mode serviced by force.Specifically, when MySQL, PostgreSQL, MongoDB etc. these databases generate business operation day
After will, both the business operation log that each generates can be sent to Ledger.Due to being had in business operation log
Timestamp is generated, Ledger system can be ranked up these business operation logs according to timestamp is generated, is blocking and deposit
Storage.To which each database can further be managed to based on System Operation Log of the mode of operation above-mentioned for oneself
Reason.Basis of Database service provider, without being sent to Ledger system at once, can be one in generation system operation log
The process of a asynchronous transmission.
Each Basis of Database service provider can send business operation log to Ledger system by way of " plaintext "
System." plaintext " herein refers to that Ledger system is understood that or part understands business operation day transmitted by each database
Will.For example, some database and Ledger system allow Ledger system to know business by pre-establishing communication protocol
Action type, operation service object in operation log etc., so that Ledger system can further basis when blocking
Action type or operation target object progress are blocking, so that each Database Systems are preferably managed.In this manner,
If desired each database carries out inquiry to itself or statistics (for example, statistics has done how many to the data of which business object
Secondary clear operation), instruction only need to can be sent, specific statistics or query procedure can be completed in Ledger system end.
Certainly, each Basis of Database service provider can also send business operation log extremely by way of " ciphertext "
Ledger system." ciphertext " herein refers to that Ledger system cannot understand business operation log transmitted by each database.
In this manner, each database can only then carry out the reading or removing of stored business operation log to Ledger system
Etc. operation, specific inquiry or statistical work then need after reading data in Basis of Database service provider local
It executes.
Under a kind of implement scene, for example, being the cost information in relation to enterprise in data record, and need to data record
When being audited.Prevent enterprise combine with service side play tricks forge timestamp produce new account book at this point, to it is some authority
The time service certification that time just mechanism carries out data block is exactly indispensable technological means.Here time just mechanism example
It such as can be national time service center, alternatively, the authoritative time certification mechanism permitted through national time service center.Time service certification herein
I.e. are as follows: obtain the related signature of time just mechanism, the trusted time that signature packets just mechanism containing having time here is issued
Stamp, the trusted timestamp correspond to the data block for needing to authenticate.
Specifically, service side determines to need to carry out time service certification first from the data block for having generated and having stored
One section of account book wherein at least should include a data block or the multiple pieces of continuous data blocks of height.Determining mode can be with base
It is specified in user's operation, for example, user initiates time service instruction, it include the starting block height for needing to carry out time service certification in instruction
And number of blocks;It is also possible to specify without user, service side is based on preset service logic and carries out automatically.
For example, application time service can be gone from most fine granularity with each data block.In this manner, Merkel tree
Root Hash be the data block block cryptographic Hash, which can to the greatest extent carry out account book (i.e. each data block) true
The protection of property.Due to data block go out block frequency it is higher, this mode no matter for time service center, or for service side and
Speech, cost overhead all can be bigger.A kind of optional mode is that certain time service preset condition is arranged, when meeting certain award
When preset condition when, initiate time service request.It is regarded as when the data block that time service authenticates in newly-generated data block, it is described
Time service preset condition may is that time service certification data block reach amount threshold, alternatively, apart from last time service certification when
Between interval have arrived at time threshold.
Specific time service authentication mode is to play the block Hash of the data block authenticated to time service according to the high sequential series of block
Come, the block Hash based on each data block generates the Merkel tree for corresponding to the multiple data block, to confirm Merkel tree
Root Hash.Also, the relevant information for confirming the data block authenticated to time service, end block height high for example including starting block or number
Quantity according to block etc. information.Then the root Hash of Merkel tree and the relevant information of above-mentioned data block are sent to time just machine
Structure.Time just authorities provide a trusted timestamp to above- mentioned information, and carry out digital label to trusted timestamp
Name certification generates one and includes the time service certificate of trusted timestamp and digital signature, wherein can also include above-mentioned data block
Relevant information, the mode of digital signature are conventional private key encryption, public key decryptions.
To, service side can receive a series of trusted timestamp comprising time just authority signature, each
Trusted timestamp corresponds to one section of account book, also, can explicitly know it is which segment data block based on relevant information.Service side
It can be managed accordingly based on the trusted timestamp, and verifying.For example, when needing to audit to certain account book, clothes
Business side can provide the time service certificate of corresponding the data block trusted timestamp comprising time just mechanism and signature in account book, and
And the relevant information according to included in time service certificate carries out recalculating for Merkel's tree root Hash, whereby it was confirmed that the card
Data block corresponding to book is impossible to be forged in the future, and service side can be effectively prevented and include by service side's joint manufacture
The account book of false timestamp, to hide corresponding audit.As shown in figure 8, Fig. 8 is that one kind that this specification embodiment provides is specific
Generation time service certificate schematic diagram.
Corresponding, this specification embodiment also provides a kind of data query device based on cryptographic Hash, is applied to by more
In the database service provider of the centralization of a data block storing data, as shown in fig. 6, Fig. 6 is that this specification embodiment mentions
A kind of structural schematic diagram of the data query device based on cryptographic Hash supplied, comprising:
Receiving module 601 receives the inquiry instruction of user, includes cryptographic Hash to be checked in the inquiry instruction, described
Cryptographic Hash is the cryptographic Hash of data record or the cryptographic Hash of data block;
Hash query module 607 inquires the block height for obtaining data block locating for data record, data note based on the cryptographic Hash
Offset or data record plaintext in locating data block are recorded, alternatively, inquiry obtains the corresponding number of cryptographic Hash of data block
It is high according to the block of block, and return to query result;
Wherein, in addition to initial data block, include at least one data record in each data block, wrapped in each data block
Cryptographic Hash containing the data block that the cryptographic Hash by last data block and the data record for itself being included determine, data block
Sequencing monotonic increase of the block height based on Chunky Time.
Further, the receiving module 601 is also used to, and receives data record to be stored, and determines each data record
Cryptographic Hash;Described device further includes generation module 603, when reaching preset blocking condition, is determined in data block to be written
Each data record generates the n-th data block of the cryptographic Hash comprising data block and data record, specifically includes:
As N=1, the cryptographic Hash and block height of initial data block are given based on predetermined manner;
As N > 1, N is determined according to the cryptographic Hash of each data record and the N-1 data block in data block to be written
The cryptographic Hash of a data block generates the n-th data block of the cryptographic Hash comprising n-th data block and each data record, wherein number
According to the block height of block based on the sequencing monotonic increase of Chunky Time.Further, the preset blocking condition includes: wait deposit
The data record quantity of storage reaches amount threshold;Alternatively, the time interval apart from the last blocking moment reaches time threshold.
Further, described device further includes that data record hash index establishes module 605, is established with the Kazakhstan of data record
Uncommon value is key, and the offset that high, data are recorded in locating data block with the block of data block locating for data record is the index of value,
And it stores;
Further, described device further includes that data block hash index establishes module 609, and foundation is with the Hash of data block
Key with the index of a height of value of data block, and stores.
This specification embodiment also provides a kind of computer equipment, includes at least memory, processor and is stored in
On reservoir and the computer program that can run on a processor, wherein processor realizes base shown in Fig. 2 when executing described program
In the data query method of cryptographic Hash.
Fig. 7 shows one kind provided by this specification embodiment and more specifically calculates device hardware structural schematic diagram,
The equipment may include: processor 1010, memory 1020, input/output interface 1030, communication interface 1040 and bus
1050.Wherein processor 1010, memory 1020, input/output interface 1030 and communication interface 1040 are real by bus 1050
The now communication connection inside equipment each other.
Processor 1010 can use general CPU (Central Processing Unit, central processing unit), micro- place
Reason device, application specific integrated circuit (Application Specific Integrated Circuit, ASIC) or one
Or the modes such as multiple integrated circuits are realized, for executing relative program, to realize technical side provided by this specification embodiment
Case.
Memory 1020 can use ROM (Read Only Memory, read-only memory), RAM (Random Access
Memory, random access memory), static storage device, the forms such as dynamic memory realize.Memory 1020 can store
Operating system and other applications are realizing technical solution provided by this specification embodiment by software or firmware
When, relevant program code is stored in memory 1020, and execution is called by processor 1010.
Input/output interface 1030 is for connecting input/output module, to realize information input and output.Input and output/
Module can be used as component Configuration (not shown) in a device, can also be external in equipment to provide corresponding function.Wherein
Input equipment may include keyboard, mouse, touch screen, microphone, various kinds of sensors etc., output equipment may include display,
Loudspeaker, vibrator, indicator light etc..
Communication interface 1040 is used for connection communication module (not shown), to realize the communication of this equipment and other equipment
Interaction.Wherein communication module can be realized by wired mode (such as USB, cable etc.) and be communicated, can also be wirelessly
(such as mobile network, WIFI, bluetooth etc.) realizes communication.
Bus 1050 include an access, equipment various components (such as processor 1010, memory 1020, input/it is defeated
Outgoing interface 1030 and communication interface 1040) between transmit information.
It should be noted that although above equipment illustrates only processor 1010, memory 1020, input/output interface
1030, communication interface 1040 and bus 1050, but in the specific implementation process, which can also include realizing normal fortune
Other assemblies necessary to row.In addition, it will be appreciated by those skilled in the art that, it can also be only comprising real in above equipment
Component necessary to existing this specification example scheme, without including all components shown in figure.
This specification embodiment also provides a kind of computer readable storage medium, is stored thereon with computer program, the journey
The data query method shown in Fig. 2 based on cryptographic Hash is realized when sequence is executed by processor.
Computer-readable medium includes permanent and non-permanent, removable and non-removable media can be by any method
Or technology come realize information store.Information can be computer readable instructions, data structure, the module of program or other data.
The example of the storage medium of computer includes, but are not limited to phase change memory (PRAM), static random access memory (SRAM), moves
State random access memory (DRAM), other kinds of random access memory (RAM), read-only memory (ROM), electric erasable
Programmable read only memory (EEPROM), flash memory or other memory techniques, read-only disc read only memory (CD-ROM) (CD-ROM),
Digital versatile disc (DVD) or other optical storage, magnetic cassettes, tape magnetic disk storage or other magnetic storage devices
Or any other non-transmission medium, can be used for storage can be accessed by a computing device information.As defined in this article, it calculates
Machine readable medium does not include temporary computer readable media (transitory media), such as the data-signal and carrier wave of modulation.
As seen through the above description of the embodiments, those skilled in the art can be understood that this specification
Embodiment can be realized by means of software and necessary general hardware platform.Based on this understanding, this specification is implemented
Substantially the part that contributes to existing technology can be embodied in the form of software products the technical solution of example in other words,
The computer software product can store in storage medium, such as ROM/RAM, magnetic disk, CD, including some instructions are to make
It is each to obtain computer equipment (can be personal computer, server or the network equipment etc.) execution this specification embodiment
Method described in certain parts of a embodiment or embodiment.
System, method, module or the unit that above-described embodiment illustrates can specifically realize by computer chip or entity,
Or it is realized by the product with certain function.A kind of typically to realize that equipment is computer, the concrete form of computer can
To be personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media play
In device, navigation equipment, E-mail receiver/send equipment, game console, tablet computer, wearable device or these equipment
The combination of any several equipment.
All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment
Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for method reality
For applying example, since it is substantially similar to the method embodiment, so describing fairly simple, related place is referring to embodiment of the method
Part explanation.Embodiment of the method described above is only schematical, wherein described be used as separate part description
Module may or may not be physically separated, can be each module when implementing this specification example scheme
Function realize in the same or multiple software and or hardware.Can also select according to the actual needs part therein or
Person's whole module achieves the purpose of the solution of this embodiment.Those of ordinary skill in the art are not the case where making the creative labor
Under, it can it understands and implements.
The above is only the specific embodiment of this specification embodiment, it is noted that for the general of the art
For logical technical staff, under the premise of not departing from this specification embodiment principle, several improvements and modifications can also be made, this
A little improvements and modifications also should be regarded as the protection scope of this specification embodiment.
Claims (11)
1. a kind of data query method based on cryptographic Hash, the data applied to the centralization by multiple data block storing datas
In the service provider of library, which comprises
The inquiry instruction of user is received, includes cryptographic Hash to be checked in the inquiry instruction, the cryptographic Hash is data record
Cryptographic Hash or data block cryptographic Hash;
It is inclined in data block locating for block based on data block locating for cryptographic Hash inquiry acquisition data record is high, data are recorded in
Shifting amount or data record in plain text, alternatively, the block that inquiry obtains the corresponding data block of cryptographic Hash of data block is high, and return to inquiry
As a result;
Wherein, include at least one data record in each data block in addition to initial data block, in each data block comprising by
The block of the cryptographic Hash for the data block that the cryptographic Hash of last data block and the data record for itself being included determine, data block is high
Sequencing monotonic increase based on Chunky Time.
2. the method as described in claim 1, in the database service provider of centralization, data block is preparatory in the following way
It generates:
Data record to be stored is received, determines the cryptographic Hash of each data record;
When reaching preset blocking condition, each data record in data block to be written is determined, generate the Kazakhstan comprising data block
The n-th data block of uncommon value and data record, specifically includes:
As N=1, the cryptographic Hash and block height of initial data block are given based on predetermined manner;
As N > 1, n-th number is determined according to the cryptographic Hash of each data record and the N-1 data block in data block to be written
According to the cryptographic Hash of block, the n-th data block of the cryptographic Hash comprising n-th data block and each data record is generated, wherein data block
Sequencing monotonic increase of the block height based on Chunky Time.
3. method according to claim 2, the preset blocking condition include:
Data record quantity to be stored reaches amount threshold;Alternatively,
The time interval at distance last blocking moment reaches time threshold.
4. the method as described in claim 1, the method also includes:
It establishes using the cryptographic Hash of data record as key, with the block of data block locating for data record, high, data are recorded in locating data
Offset in block is the index of value, and stores;
It is inclined in data block locating for the block for inquiring data block locating for acquisition data record based on cryptographic Hash is high, data are recorded in
Shifting amount, comprising: from the index having built up, inquiry obtains the block of data block locating for the corresponding data record of the cryptographic Hash
High, data are recorded in the offset in locating data block.
5. the method as described in claim 1, the method also includes:
It establishes using the Hash of data block as key, with the index of a height of value of data block, and stores;
The block that the inquiry obtains the corresponding data block of cryptographic Hash of data block is high, comprising: from the index having built up, inquiry
The block for obtaining data block corresponding to the cryptographic Hash is high.
6. a kind of data query device based on cryptographic Hash, the data applied to the centralization by multiple data block storing datas
In the service provider of library, described device includes:
Receiving module receives the inquiry instruction of user, includes cryptographic Hash to be checked in the inquiry instruction, the cryptographic Hash is
The cryptographic Hash of data record or the cryptographic Hash of data block;
Enquiry module inquires the block height for obtaining data block locating for data record based on the cryptographic Hash, data are recorded in locating number
According to the offset or data record plaintext in block, alternatively, the block that inquiry obtains the corresponding data block of cryptographic Hash of data block is high,
And return to query result;
Wherein, include at least one data record in each data block in addition to initial data block, in each data block comprising by
The block of the cryptographic Hash for the data block that the cryptographic Hash of last data block and the data record for itself being included determine, data block is high
Sequencing monotonic increase based on Chunky Time.
7. device as claimed in claim 6,
The receiving module is also used to, and receives data record to be stored, and determines the cryptographic Hash of each data record;
Described device further includes generation module, when reaching preset blocking condition, determines each data in data block to be written
Record generates the n-th data block of the cryptographic Hash comprising data block and data record, specifically includes:
As N=1, the cryptographic Hash and block height of initial data block are given based on predetermined manner;
As N > 1, n-th number is determined according to the cryptographic Hash of each data record and the N-1 data block in data block to be written
According to the cryptographic Hash of block, the n-th data block of the cryptographic Hash comprising n-th data block and each data record is generated, wherein data block
Sequencing monotonic increase of the block height based on Chunky Time.
8. device as claimed in claim 7, the preset blocking condition include:
Data record quantity to be stored reaches amount threshold;Alternatively,
The time interval at distance last blocking moment reaches time threshold.
9. device as claimed in claim 6, described device further include: data record hash index establishes module, establishes with number
Cryptographic Hash according to record is key, and with the block of data block locating for data record, high, data are recorded in the offset in locating data block
For the index of value, and store;The enquiry module, from the index having built up, inquiry obtains the corresponding number of the cryptographic Hash
According to the block for recording locating data block, high, data are recorded in the offset in locating data block.
10. device as claimed in claim 6, described device further include: data block hash index establishes module, establishes with data
The Hash of block is key, with the index of a height of value of data block, and is stored;The enquiry module, from the index having built up, inquiry
The block for obtaining data block corresponding to the cryptographic Hash is high.
11. a kind of computer equipment including memory, processor and stores the meter that can be run on a memory and on a processor
Calculation machine program, wherein the processor realizes method as claimed in any one of claims 1 to 5 when executing described program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910100158.9A CN110019373A (en) | 2019-01-31 | 2019-01-31 | A kind of data query method, device and equipment based on cryptographic Hash |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910100158.9A CN110019373A (en) | 2019-01-31 | 2019-01-31 | A kind of data query method, device and equipment based on cryptographic Hash |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110019373A true CN110019373A (en) | 2019-07-16 |
Family
ID=67188992
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910100158.9A Pending CN110019373A (en) | 2019-01-31 | 2019-01-31 | A kind of data query method, device and equipment based on cryptographic Hash |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110019373A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112380573A (en) * | 2019-07-29 | 2021-02-19 | 创新先进技术有限公司 | Digital signature method, device and equipment in block chain type account book |
| CN112506884A (en) * | 2020-12-10 | 2021-03-16 | 杭州安恒信息技术股份有限公司 | Log checking method, device, equipment and storage medium |
| CN112380573B (en) * | 2019-07-29 | 2024-05-14 | 创新先进技术有限公司 | Digital signature method, device and equipment in block chain type account book |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180013567A1 (en) * | 2016-07-08 | 2018-01-11 | Mastercard International Incorporated | Method and system for verification of identity attribute information |
| CN109033841A (en) * | 2018-07-12 | 2018-12-18 | 杨城 | It is a kind of to write the weak center's trusted data storage system and management method for testing separation |
-
2019
- 2019-01-31 CN CN201910100158.9A patent/CN110019373A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180013567A1 (en) * | 2016-07-08 | 2018-01-11 | Mastercard International Incorporated | Method and system for verification of identity attribute information |
| CN109033841A (en) * | 2018-07-12 | 2018-12-18 | 杨城 | It is a kind of to write the weak center's trusted data storage system and management method for testing separation |
Non-Patent Citations (2)
| Title |
|---|
| JIA YU 等: "Compression function design of secure hash algorithm based on block cipher", 《IET INTERNATIONAL CONFERENCE ON INFORMATION SCIENCE AND CONTROL ENGINEERING 2012 (ICISCE 2012)》 * |
| 刘冰星 等: "一种网络编码分布式存储系统中的数据更新策略", 《小型微型计算机系统》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112380573A (en) * | 2019-07-29 | 2021-02-19 | 创新先进技术有限公司 | Digital signature method, device and equipment in block chain type account book |
| CN112380573B (en) * | 2019-07-29 | 2024-05-14 | 创新先进技术有限公司 | Digital signature method, device and equipment in block chain type account book |
| CN112506884A (en) * | 2020-12-10 | 2021-03-16 | 杭州安恒信息技术股份有限公司 | Log checking method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109902086A (en) | A kind of index creation method, device and equipment | |
| CN109902071A (en) | Business diary storage method, system, device and equipment | |
| CN109951290A (en) | A kind of time service authentication method, device and the equipment of chain type account book | |
| TWI727594B (en) | Signature verification method, system, device and equipment in block chain ledger | |
| CN110059084A (en) | A kind of date storage method, device and equipment | |
| CN110019278A (en) | A kind of data verification method, device and equipment | |
| CN110008203A (en) | A kind of data clearing method, device and equipment | |
| CN110061843A (en) | The high creation method of block, device and equipment in a kind of chain type account book | |
| CN109460413B (en) | Method and system for establishing account across block chains | |
| CN110008249A (en) | A kind of time-based data query method, device and equipment | |
| CN110188096A (en) | A kind of index creation method, device and equipment of data record | |
| WO2020258858A1 (en) | Authorization method, system, apparatus and device in blockchain-type account book | |
| CN111602166B (en) | Method and apparatus for providing traversable key-value data storage on a blockchain | |
| CN110457898A (en) | Operation note storage method, device and equipment based on credible performing environment | |
| CN110147686A (en) | A kind of storage method, system, device and the equipment of personal asset change record | |
| CN111753014B (en) | Identity authentication method and device based on block chain | |
| CN110474775A (en) | User's creation method, device and equipment in a kind of piece of chain type account book | |
| CN110022315A (en) | Weight management method, device and equipment in a kind of piece of chain type account book | |
| CN110162523A (en) | Date storage method, system, device and equipment | |
| CN112287033B (en) | Data synchronization method, equipment and computer readable storage medium | |
| CN110046281A (en) | A kind of data adding method, device and equipment | |
| WO2020233149A1 (en) | Method, apparatus and device for timing authentication in blockchain account book | |
| CN110190963A (en) | A kind of monitoring method, device and equipment for the request of time service certificates constructing | |
| CN110347745A (en) | Time service authentication method, device and the equipment of a kind of piece of chain type account book | |
| CN110008210A (en) | A kind of index creation method, device and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20201015 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant after: Innovative advanced technology Co.,Ltd. Address before: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant before: Advanced innovation technology Co.,Ltd. Effective date of registration: 20201015 Address after: Cayman Enterprise Centre, 27 Hospital Road, George Town, Grand Cayman Islands Applicant after: Advanced innovation technology Co.,Ltd. Address before: A four-storey 847 mailbox in Grand Cayman Capital Building, British Cayman Islands Applicant before: Alibaba Group Holding Ltd. |
|
| AD01 | Patent right deemed abandoned | ||
| AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20240220 |