CN110336833B - Picture content consensus method based on block chain and server - Google Patents

Picture content consensus method based on block chain and server Download PDF

Info

Publication number
CN110336833B
CN110336833B CN201910694624.0A CN201910694624A CN110336833B CN 110336833 B CN110336833 B CN 110336833B CN 201910694624 A CN201910694624 A CN 201910694624A CN 110336833 B CN110336833 B CN 110336833B
Authority
CN
China
Prior art keywords
picture
encrypted
consensus
original
verification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910694624.0A
Other languages
Chinese (zh)
Other versions
CN110336833A (en
Inventor
赖春晖
黄肇敏
刘朝伟
朱国平
曾雨峰
巨龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN201910694624.0A priority Critical patent/CN110336833B/en
Publication of CN110336833A publication Critical patent/CN110336833A/en
Application granted granted Critical
Publication of CN110336833B publication Critical patent/CN110336833B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06VIMAGE OR VIDEO RECOGNITION OR UNDERSTANDING
    • G06V10/00Arrangements for image or video recognition or understanding
    • G06V10/20Image preprocessing
    • G06V10/22Image preprocessing by selection of a specific region containing or referencing a pattern; Locating or processing of specific regions to guide the detection or recognition
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/72Signcrypting, i.e. digital signing and encrypting simultaneously
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Abstract

According to the picture content consensus method and the server based on the block chain, on one hand, the symmetric key is encrypted in an asymmetric encryption mode, so that the key for encrypting the picture can be broadcasted to the nodes of the block chain, and when the verification node of the block chain needs to acquire the symmetric key, the nodes with the authority can decrypt by using the pre-stored private key, and further can decrypt the encrypted picture. On the other hand, the pictures are not directly transmitted in the processes of chaining of the block chains and the like, but the hash abstract and the storage path of the pictures are transmitted, so that the data interaction amount between the block chain link points is small, whether the pictures are original pictures can be determined through the hash abstract, the encrypted pictures can be obtained through the storage path, and then the original pictures are obtained by combining with the decrypted symmetric keys, so that the subsequent picture content consensus operation can be conveniently executed.

Description

Picture content consensus method based on block chain and server
Technical Field
The invention relates to the technical field of block chains, in particular to a picture content consensus method and a server based on a block chain.
Background
With the widespread use of blockchain technology, more and more application scenarios require unstructured data (such as pictures) to be stored in blockchains, for example, in supply chain finance, business parties want to chain related order picture information so that the business parties can refer to the chain at a range of nodes to confirm the authenticity of the transaction and endorse the transaction. However, the current blockchain system does not support this, and there are several main reasons:
1. due to the immaturity of the block chain technology, for example, the restriction of the consensus algorithm and the number of nodes, the performance efficiency is decreased and the response time is increased when large data is transmitted in the network, which is a bad cause for the block chain network that originally has low TPS throughput;
2. most of block chains, especially systems of alliance chains, operate in a mode of executing an intelligent contract after consensus, but in the consensus process, only signing and signing communication messages are performed to ensure the safety of the messages, business verification is not performed on the content of the messages, and only after the consensus passes, business verification is performed in an intelligent contract stage, for example, the business verification is performed on the customer information in a picture in combination with a local blacklist system, so that in case that the business verification of the picture fails, the time and resources spent in the consensus stage are consumed when the transaction is executed in a failure.
Therefore, no picture consensus processing technology has been presented at present.
Disclosure of Invention
In order to solve at least one of the above problems, the present application provides a picture content consensus method based on a block chain, including:
sending an original picture to a picture storage server so that the picture storage server encrypts the picture by using a symmetric key to generate an encrypted picture, encrypts the symmetric key by using a pre-stored public key, and then sends the encrypted picture and the encrypted symmetric key to each node;
acquiring a storage path of the encrypted picture;
and sending uplink request information to each node of the block chain, wherein the uplink request information comprises the storage path, so that all block chain verification node servers with access rights can acquire the encrypted picture according to the storage path, decrypt the symmetric key according to a pre-stored private key corresponding to the public key to obtain the symmetric key, decrypt the encrypted picture by adopting the symmetric key to obtain an original picture, extract picture content in the original picture, and then execute consensus operation according to the picture content.
In certain embodiments, further comprising:
processing the original picture through an abstract algorithm to obtain a first hash abstract of the original picture; and the uplink request also comprises the first hash abstract, so that all block chain verification node servers with access rights generate second hash abstract according to the obtained original picture, and whether the step of extracting the picture content in the original picture is executed is determined according to the comparison result of the first hash abstract and the second hash abstract.
In some embodiments, the uplink request information further comprises: and the identity authentication certificate of the application server, the identity information of the initiating user and the access authority of the initiating user are used, so that all block chain verification node servers with the access authority authenticate the uplink request.
The application also provides a picture content consensus method based on the block chain, which comprises the following steps:
receiving an original picture sent by an application server, and generating a symmetric key for encrypting the picture;
encrypting the original picture by using the symmetric key to generate an encrypted picture and a storage path of the encrypted picture;
encrypting the symmetric key using a pre-stored public key;
sending a storage path of the encrypted picture to the application server so that the application server adds the storage path to uplink request information, and all nodes can obtain the storage path;
receiving an encrypted picture acquisition request sent by a blockchain node, and returning the encrypted picture to the blockchain node which sends the encrypted picture acquisition request, wherein the encrypted picture acquisition request comprises the storage path, identity information of an initiating node which acquires the encrypted picture request and operation authority;
screening out a blockchain verification node server with access authority according to the identity information of the initiating node and the operation authority, sending the symmetric key encrypted by the public key to all blockchain verification node servers with access authority so that the blockchain verification node server with access authority decrypts the symmetric key according to a pre-stored private key corresponding to the public key to obtain the symmetric key, decrypting the encrypted picture by adopting the symmetric key to obtain an original picture, extracting picture content in the original picture, and further executing consensus operation according to the picture content.
The application also provides a picture content consensus method based on the block chain, which comprises the following steps:
the method comprises the steps that a block chain verification node server with access authority acquires uplink request information sent by an application server, wherein the uplink request information comprises a storage path of an encrypted picture obtained by symmetrically encrypting an original picture by a picture storage server; the picture storage server further encrypts a symmetric key for encrypting the original picture by using a pre-stored public key to obtain an encrypted symmetric key;
sending an encrypted picture obtaining request to the picture storage server, wherein the encrypted picture obtaining request comprises the storage path, identity information of an initiating node of the encrypted picture obtaining request and operation authority;
receiving an encrypted picture and the encrypted symmetric key sent by the picture storage server, and then decrypting the encrypted symmetric key by using a pre-stored private key corresponding to the public key to obtain the symmetric key;
decrypting the encrypted picture by adopting the symmetric key to obtain an original picture;
extracting picture content in the original picture;
and executing consensus operation according to the picture content.
In some embodiments, the application server further processes the original picture through a digest algorithm to obtain a first hash digest of the original picture; the uplink request further includes the first hash digest, the method further comprising:
generating a second hash abstract according to the obtained original picture;
and determining whether to execute the step of extracting the picture content in the original picture according to the comparison result of the first hash abstract and the second hash abstract.
In some embodiments, the step of determining whether to extract the picture content in the original picture according to the comparison result of the first hash digest and the second hash digest includes:
and if the comparison result is consistent, determining that the original picture is not tampered, and further determining to execute the step of extracting the picture content in the original picture.
In some embodiments, the extracting the picture content in the original picture includes:
and extracting field information in the original picture through OCR recognition.
In some embodiments, performing a consensus operation based on the picture content comprises:
verifying the picture content according to a pre-stored verification picture, and broadcasting a verification result;
and executing a consensus operation, determining whether all the nodes achieve consensus, and executing the intelligent contract corresponding to the original picture if the consensus is achieved.
The present application also provides an application server, comprising:
the sending module is used for sending an original picture to the picture storage server so that the picture storage server encrypts the picture by adopting a symmetric key to generate an encrypted picture, encrypts the symmetric key by adopting a pre-stored public key, and then sends the encrypted picture and the encrypted symmetric key to each node;
the storage path acquisition module is used for acquiring a storage path of the encrypted picture;
the cochain request information sending module is used for sending cochain request information to each node of a block chain, wherein the cochain request information comprises the storage path, so that all block chain verification node servers with access authority can obtain the encrypted pictures according to the storage path, the symmetric keys are decrypted according to pre-stored private keys corresponding to the public keys to obtain the symmetric keys, the encrypted pictures are decrypted by adopting the symmetric keys to obtain original pictures, picture contents in the original pictures are extracted, and then consensus operation is executed according to the picture contents.
In certain embodiments, further comprising:
the first hash abstract generating module is used for processing the original picture through an abstract algorithm to obtain a first hash abstract of the original picture; and the uplink request also comprises the first hash abstract, so that all block chain verification node servers with access rights generate second hash abstracts according to the obtained original pictures, and whether the step of extracting the picture contents in the original pictures is executed or not is determined according to the comparison result of the first hash abstracts and the second hash abstracts.
In some embodiments, the uplink request information further comprises: and the identity authentication certificate of the application server, the identity information of the initiating user and the access authority of the initiating user are used, so that all block chain verification node servers with the access authority authenticate the uplink request.
The present application further provides a picture storage server, including:
the original picture receiving module is used for receiving an original picture sent by the application server and generating a symmetric key for encrypting the picture;
the original picture encryption module is used for encrypting the original picture by using the symmetric key to generate an encrypted picture and a storage path of the encrypted picture;
the symmetric key encryption module encrypts the symmetric key by using a pre-stored public key;
a storage path sending module, configured to send a storage path of the encrypted picture to the application server, so that the application server adds the storage path to uplink request information, and further enables all nodes to obtain the storage path;
the system comprises an encrypted picture acquisition request receiving module, an encrypted picture acquisition request receiving module and an encrypted picture acquisition module, wherein the encrypted picture acquisition request receiving module receives an encrypted picture acquisition request sent by a block chain node, and returns an encrypted picture to a block chain node which sends the encrypted picture acquisition request, and the encrypted picture acquisition request comprises a storage path, identity information of an initiating node which acquires the encrypted picture request and operation authority;
and the encrypted symmetric key sending module screens out the blockchain verification node servers with the access right according to the identity information of the initiating node and the operation right, sends the symmetric key encrypted by the public key to all the blockchain verification node servers with the access right, so that the blockchain verification node servers with the access right decrypt the symmetric key according to a pre-stored private key corresponding to the public key to obtain the symmetric key, decrypts the encrypted picture by adopting the symmetric key to obtain an original picture, extracts the picture content in the original picture, and then executes consensus operation according to the picture content.
The present application further provides a blockchain validation node server, comprising:
the uplink request information acquisition module is used for acquiring uplink request information sent by an application server, wherein the uplink request information comprises a storage path of an encrypted picture obtained by symmetrically encrypting an original picture by a picture storage server; the picture storage server further encrypts a symmetric key for encrypting the original picture by using a pre-stored public key to obtain an encrypted symmetric key;
the encrypted picture obtaining request sending module is used for sending an encrypted picture obtaining request to the picture storage server, wherein the encrypted picture obtaining request comprises the storage path, the identity information of an initiating node for obtaining the encrypted picture request and the operation authority;
the first decryption module is used for receiving the encrypted picture and the encrypted symmetric key sent by the picture storage server and then decrypting the encrypted symmetric key by adopting a pre-stored private key corresponding to the public key to obtain the symmetric key;
the second decryption module decrypts the encrypted picture by adopting the symmetric key to obtain an original picture;
the picture content extraction module is used for extracting the picture content in the original picture;
and the consensus operation module executes consensus operation according to the picture content.
In some embodiments, the application server further processes the original picture through a digest algorithm to obtain a first hash digest of the original picture; the uplink request further includes the first hash digest, and the blockchain validation node server further includes:
the second hash abstract generating module is used for generating a second hash abstract according to the obtained original picture;
and the comparison module determines whether to execute the step of extracting the picture content in the original picture according to the comparison result of the first hash abstract and the second hash abstract.
In some embodiments, if the comparison result is consistent, the picture content extraction module extracts the picture content in the original picture.
In certain embodiments, the picture content extraction module extracts field information in the original picture by OCR recognition.
In certain embodiments, the consensus operation module comprises:
the verification unit is used for verifying the picture content according to a pre-stored verification picture and broadcasting a verification result;
and the consensus unit executes consensus operation, determines whether all the nodes achieve consensus or not, and executes the intelligent contract corresponding to the original picture if the consensus is achieved.
The present application also provides a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the method as described above when executing the program.
The present application also provides a computer-readable storage medium having stored thereon a computer program which, when being executed by a processor, carries out the steps of the method as set forth above.
The invention has the following beneficial effects:
according to the picture content consensus method and the server based on the block chain, on one hand, the symmetric key is encrypted in an asymmetric encryption mode, so that the key for encrypting the picture can be broadcast to the nodes of the block chain, and when the verification node of the block chain needs to acquire the symmetric key, the nodes with the authority can decrypt by adopting the pre-stored private key, so that the encrypted picture can be decrypted. On the other hand, the pictures are not directly transmitted in the processes of chaining of the block chains and the like, but the hash abstract and the storage path of the pictures are transmitted, so that the data interaction amount between the block chain link points is small, whether the pictures are original pictures can be determined through the hash abstract, the encrypted pictures can be obtained through the storage path, and then the original pictures are obtained by combining with the decrypted symmetric keys, so that the subsequent picture content consensus operation can be conveniently executed.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 shows a block chain system schematic suitable for implementing the present application.
Fig. 2 shows a schematic flowchart of a picture content consensus method based on a blockchain implemented by an application server according to the present application.
Fig. 3 shows a specific structural diagram of the application server in the present application.
Fig. 4 is a flowchart illustrating a picture content consensus method based on a block chain implemented by a picture storage server.
Fig. 5 shows a specific structural diagram of the picture storage server in the present application.
Fig. 6 shows a schematic flowchart of a picture content consensus method based on a blockchain implemented by a blockchain verification node server according to the present application.
Fig. 7 shows a schematic block structure diagram of a blockchain validation node server in the present application.
Fig. 8 shows a schematic diagram of the procedure of three-terminal interaction in the present application.
FIG. 9a is a diagram illustrating the interaction between nodes in the pre-prepare stage in performing consensus operations according to the present application.
Fig. 9b shows a flow chart of the interaction between the nodes of fig. 9 a.
FIG. 9c is a diagram illustrating interaction between nodes in the prepare stage in performing consensus operations according to the present application.
Fig. 9d shows a flowchart of the interaction between the nodes of fig. 9 c.
Fig. 9e shows an interaction diagram between nodes in the commit stage in the consensus operation performed by the present application.
Fig. 9f shows a flow chart of the specific steps of interaction between the nodes of fig. 9 e.
FIG. 10 shows a schematic block diagram of a computer device suitable for use in implementing embodiments of the present application.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.
Fig. 1 shows a block chain network system, please refer to fig. 1, which specifically includes: the system comprises a front-end application server 1, a verification node 2, a non-verification node 3, an authentication node 4 and a picture storage node 5. The application server 1 is connected with one or more of the blockchain verification node 2, the non-verification node 3 and the picture storage node 5 and performs bidirectional data transmission. The block chain verification node 2 and the non-verification node 3 are connected with each other and each node of the picture storage node 5 is in bidirectional data transmission. The blockchain authentication node 4 is connected to each of the verification node 2 and the non-verification node 3 and performs bidirectional data transmission.
Sending an original picture to a picture storage server through an application server to generate a hash digest, encrypting the picture by using a symmetric key by using the picture storage server to generate an encrypted picture, encrypting the symmetric key by using a pre-stored public key, sending the encrypted picture and the encrypted symmetric key to each node, acquiring a storage path and the hash digest of the encrypted picture by using a verification node, decrypting the symmetric key by using a private key of the verification node to obtain the symmetric key, decrypting the encrypted picture to obtain the original picture, generating the hash digest according to the original picture, comparing the hash digests, and extracting picture content and performing subsequent consensus operation after determining that the picture is the same picture.
The following describes each node server and its respective method steps in detail, one by one.
Fig. 2 illustrates a picture content consensus method based on a blockchain implemented by an application server, provided by the present application, including:
s201: sending an original picture to a picture storage server so that the picture storage server encrypts the picture by using a symmetric key to generate an encrypted picture, encrypts the symmetric key by using a pre-stored public key, and then sends the encrypted picture and the encrypted symmetric key to each node;
s202: acquiring a storage path of the encrypted picture;
s203: and sending uplink request information to each node of the block chain, wherein the uplink request information comprises the storage path, so that all block chain verification node servers with access rights can acquire the encrypted picture according to the storage path, decrypt the symmetric key according to a pre-stored private key corresponding to the public key to obtain the symmetric key, decrypt the encrypted picture by adopting the symmetric key to obtain an original picture, extract picture content in the original picture, and then execute consensus operation according to the picture content.
In some embodiments, the above steps further comprise:
s14: processing the original picture through an abstract algorithm to obtain a first hash abstract of the original picture; and the uplink request also comprises the first hash abstract, so that all block chain verification node servers with access rights generate second hash abstract according to the obtained original picture, and whether the step of extracting the picture content in the original picture is executed is determined according to the comparison result of the first hash abstract and the second hash abstract.
In some embodiments, the uplink request information further comprises: and the identity authentication certificate of the application server, the identity information of the initiating user and the access authority of the initiating user are used, so that all the block chain verification node servers with the access authority authenticate the uplink request.
The application server 1 may be a server or a server cluster composed of multiple servers, and is mainly responsible for processing business logic outside the block chain. Typically, the blockchain validation node 2 and the non-validation node 3 will provide a service interface to the application layer. And the application layer constructs a request message according to the specific service logic, sends a request to the blockchain to call a service interface provided by the blockchain, and continues to execute the subsequent service logic after waiting for the blockchain system to execute the transaction and return a transaction result.
In the virtual device level, the specific structure of the application server is as shown in fig. 3, and specifically includes:
the sending module 11 is configured to send an original picture to a picture storage server, so that the picture storage server encrypts the picture by using a symmetric key to generate an encrypted picture, encrypts the symmetric key by using a pre-stored public key, and then sends the encrypted picture and the encrypted symmetric key to each node;
a storage path obtaining module 12, configured to obtain a storage path of the encrypted picture;
the uplink request information sending module 13 is configured to send uplink request information to each node of the block chain, where the uplink request information includes the storage path, so that all block chain verification node servers with access permissions obtain the encrypted picture according to the storage path, decrypt the symmetric key according to a pre-stored private key corresponding to the public key to obtain the symmetric key, decrypt the encrypted picture by using the symmetric key to obtain an original picture, extract picture content in the original picture, and then perform consensus operation according to the picture content.
Based on the same inventive concept, in an embodiment, the method further includes:
the first hash abstract generating module is used for processing the original picture through an abstract algorithm to obtain a first hash abstract of the original picture; and the uplink request also comprises the first hash abstract, so that all block chain verification node servers with access rights generate second hash abstract according to the obtained original picture, and whether the step of extracting the picture content in the original picture is executed is determined according to the comparison result of the first hash abstract and the second hash abstract.
Based on the same inventive concept, in an embodiment, the uplink request message further includes: and the identity authentication certificate of the application server, the identity information of the initiating user and the access authority of the initiating user are used, so that all the block chain verification node servers with the access authority authenticate the uplink request.
Fig. 4 shows a picture content consensus method based on a block chain, which is implemented by a picture storage server, and includes:
s21: receiving an original picture sent by an application server, and generating a symmetric key for encrypting the picture;
s22: encrypting the original picture by using the symmetric key to generate an encrypted picture and a storage path of the encrypted picture;
s23: encrypting the symmetric key using a pre-stored public key;
s24: sending a storage path of the encrypted picture to the application server so that the application server adds the storage path to uplink request information, and all nodes can obtain the storage path;
s25: receiving an encrypted picture acquisition request sent by a blockchain node, and returning the encrypted picture to the blockchain node which sends the encrypted picture acquisition request, wherein the encrypted picture acquisition request comprises the storage path, identity information of an initiating node which acquires the encrypted picture request and operation authority;
s26: screening out a block chain verification node server with access authority according to the identity information of the initiating node and the operation authority, sending the symmetric key encrypted by the public key to all block chain verification node servers with access authority so that the block chain verification node server with access authority decrypts the symmetric key according to a pre-stored private key corresponding to the public key to obtain the symmetric key, decrypting the encrypted picture by adopting the symmetric key to obtain an original picture, extracting picture content in the original picture, and further executing consensus operation according to the picture content.
The blockchain picture storage node 5 may be one server or a plurality of servers that backup each other. The blockchain picture storage node 5 mainly provides picture storage, picture encryption and key storage services for the application server 1, and provides services such as identity authentication and key transmission for an initiator in a picture reading request for the blockchain verification node 2.
In the virtual device level, the specific structure of the image storage server is as shown in fig. 5, and specifically includes:
the original picture receiving module 21 is used for receiving an original picture sent by the application server and generating a symmetric key for encrypting the picture;
the original picture encryption module 22 encrypts the original picture by using the symmetric key to generate an encrypted picture and a storage path of the encrypted picture;
a symmetric key encryption module 23, which encrypts the symmetric key using a pre-stored public key;
a storage path sending module 24, configured to send a storage path of the encrypted picture to the application server, so that the application server adds the storage path to uplink request information, and further all nodes can obtain the storage path;
the encrypted picture acquisition request receiving module 25 receives an encrypted picture acquisition request sent by a block chain node, and returns the encrypted picture to the block chain node which sends the encrypted picture acquisition request, wherein the encrypted picture acquisition request comprises the storage path, the identity information of an initiating node which acquires the encrypted picture request, and the operation permission;
the encrypted symmetric key sending module 26 screens out the blockchain verification node servers with access rights according to the identity information of the initiating node and the operation rights, sends the symmetric key encrypted by the public key to all the blockchain verification node servers with access rights, so that the blockchain verification node servers with access rights decrypt the symmetric key according to a pre-stored private key corresponding to the public key to obtain the symmetric key, decrypts the encrypted picture by using the symmetric key to obtain an original picture, extracts the picture content in the original picture, and then executes consensus operation according to the picture content.
Figure 6 shows a blockchain-based picture content consensus method implemented by a blockchain verification node server,
s31: acquiring uplink request information sent by an application server, wherein the uplink request information comprises a storage path of an encrypted picture obtained by symmetrically encrypting an original picture by a picture storage server; the picture storage server further encrypts a symmetric key for encrypting the original picture by using a pre-stored public key to obtain an encrypted symmetric key;
s32: sending an encrypted picture obtaining request to the picture storage server, wherein the encrypted picture obtaining request comprises the storage path, identity information of an initiating node of the encrypted picture obtaining request and operation authority;
s33: receiving an encrypted picture and the encrypted symmetric key sent by the picture storage server, and then decrypting the encrypted symmetric key by using a pre-stored private key corresponding to the public key to obtain the symmetric key;
s34: decrypting the encrypted picture by adopting the symmetric key to obtain an original picture;
s35: extracting picture content in the original picture;
s36: and executing consensus operation according to the picture content.
Based on the same inventive concept, in an embodiment, the application server further processes the original picture through an abstraction algorithm to obtain a first hash abstraction of the original picture; the uplink request further includes the first hash digest, the method further comprising:
generating a second hash abstract according to the obtained original picture;
and determining whether to execute the step of extracting the picture content in the original picture according to the comparison result of the first hash abstract and the second hash abstract.
Based on the same inventive concept, in an embodiment, the determining whether to perform the step of extracting the picture content in the original picture according to the comparison result of the first hash digest and the second hash digest includes:
and if the comparison result is consistent, determining that the original picture is not tampered, and further determining to execute the step of extracting the picture content in the original picture.
Based on the same inventive concept, in an embodiment, the extracting the picture content in the original picture includes:
and extracting field information in the original picture through OCR recognition.
Based on the same inventive concept, in an embodiment, performing a consensus operation according to the picture content includes:
verifying the picture content according to a pre-stored verification picture, and broadcasting a verification result;
and executing a consensus operation, determining whether all the nodes achieve consensus, and if so, executing an intelligent contract corresponding to the original picture.
The blockchain verification node 2 may be a server or a server cluster composed of a plurality of servers. When the verification node 2 is started and joins the blockchain network, it sends a request to the authentication node 4 to obtain the transaction certificate issued by the authentication node 4. In order to ensure the anonymity and security of the transaction, the verifying node 2 signs the transaction using the transaction certificate issued by the authenticating node 4 in batch and encrypts the transaction data using a symmetric encryption key generated by a key exchange algorithm when sending the transaction request. In general, there are several verification nodes 2 in a blockchain network, and each verification node 2 is responsible for receiving a transaction request sent by the application server 1 (or forwarded by the blockchain non-verification node 3), and after signing and encrypting the transaction request, broadcasting the transaction request to other verification nodes in the blockchain network. And after receiving the transaction, other verification nodes verify the transaction. According to different scenes, the verification node can adopt different consensus algorithms to perform consensus on the transactions, the transactions achieving the consensus can be executed, and the transaction requests can be packaged and written into the blocks after caching a certain amount or a period of time to be stored persistently.
In the virtual device level, the specific structure of the blockchain validation node server is shown in fig. 7, and specifically includes:
the uplink request information obtaining module 31 is configured to obtain uplink request information sent by an application server, where the uplink request information includes a storage path of an encrypted picture obtained by symmetrically encrypting an original picture by a picture storage server; the picture storage server further encrypts a symmetric key for encrypting the original picture by using a pre-stored public key to obtain an encrypted symmetric key;
an encrypted picture obtaining request sending module 32, configured to send an encrypted picture obtaining request to the picture storage server, where the encrypted picture obtaining request includes the storage path, identity information of an initiating node that obtains the encrypted picture request, and an operation permission;
the first decryption module 33 is configured to receive the encrypted picture and the encrypted symmetric key sent by the picture storage server, and further decrypt the encrypted symmetric key by using a pre-stored private key corresponding to the public key to obtain the symmetric key;
the second decryption module 34 decrypts the encrypted picture by using the symmetric key to obtain an original picture;
the picture content extraction module is used for extracting the picture content in the original picture;
and a consensus operation module 35, which executes consensus operation according to the picture content.
Based on the same inventive concept, in an embodiment, the application server further processes the original picture through an abstraction algorithm to obtain a first hash abstraction of the original picture; the uplink request further includes the first hash digest, and the blockchain validation node server further includes:
the second hash abstract generating module is used for generating a second hash abstract according to the obtained original picture;
and the comparison module determines whether to execute the step of extracting the picture content in the original picture according to the comparison result of the first hash abstract and the second hash abstract.
Based on the same inventive concept, in an embodiment, if the comparison result is consistent, the picture content extraction module extracts the picture content in the original picture.
Based on the same inventive concept, in an embodiment, the picture content extraction module extracts field information in the original picture through OCR recognition.
Based on the same inventive concept, in an embodiment, the consensus operation module includes:
the verification unit is used for verifying the picture content according to a pre-stored verification picture and broadcasting a verification result;
and the consensus unit executes consensus operation, determines whether all the nodes achieve consensus or not, and executes the intelligent contract corresponding to the original picture if the consensus is achieved.
In the blockchain system, a blockchain non-verification node is further included, and the blockchain non-verification node 3 may be a server or a server cluster composed of a plurality of servers. When the non-verification node 3 is started and joins the blockchain network, it sends a request to the authentication node 4 to obtain the transaction certificate issued by the authentication node 4. To ensure anonymity and security of the transaction, the non-verifying node 3 signs the transaction using a transaction certificate issued in bulk by the authentication node 4 when sending the transaction request, and encrypts the transaction data using a symmetric encryption key generated by a key exchange algorithm. The block chain non-verification node 3 may receive a transaction request sent by the application server 1, encapsulate the transaction, and add a transaction type, a timestamp, and a signed field content, where the transaction type field is determined according to a message type of the application server, for example, the transaction type is determined by deploying an intelligent contract, querying block chain data, modifying block chain data, and the like, the timestamp field takes a timestamp when the non-verification node receives the request, the signature field signs the transaction data using a private key corresponding to the transaction certificate, attaches the signed transaction to the transaction certificate, encrypts the transaction using a symmetric key, and finally forwards the encrypted transaction to the block chain verification node 2. The blockchain non-authentication node 3 does not participate in consensus itself, nor does it perform transactions or save blockdata.
The blockchain authentication node 4 may be one server or a plurality of servers that back up each other. The blockchain authentication node 4 mainly provides identity authentication and certificate issuing services for the blockchain verification node 2 and the blockchain non-verification node 3.
As can be known from the above description, according to the picture content consensus method and the server based on the block chain provided by the present invention, on one hand, the symmetric key is encrypted by using an asymmetric encryption manner, so that the key for encrypting the picture can be broadcast to the nodes of the block chain, and when the verification node of the block chain needs to obtain the symmetric key, the node with the authority can decrypt the picture by using the pre-stored private key, and thus can decrypt the encrypted picture. On the other hand, the pictures are not directly transmitted in the processes of uplink of the block chain and the like, but the hash abstract and the storage path of the pictures are transmitted, so that the data interaction amount between the block chain link points is small, whether the blocks are original pictures or not can be determined through the hash abstract, the encrypted pictures can be obtained through the storage path, and the original pictures can be obtained by combining with the decryption symmetric keys, so that the subsequent picture content consensus operation can be conveniently executed.
The present application is described in detail below with reference to specific scenarios, and fig. 8 shows a schematic flow diagram of three-terminal interaction. As shown in fig. 8, the method specifically includes:
step S101: the application server 1 sends a request for storing the picture to the picture storage server 5, and the request information includes fields such as a plain text picture and whether to encrypt the stored picture.
Step S102: the picture storage server 5 receives the request of the application server 1 and acquires information such as a plaintext picture in the request.
Step S103: the picture storage server 5 generates a symmetric key for encrypting a picture, and stores the symmetric key.
Step S104: the picture storage server 5 encrypts the plaintext picture using the symmetric key generated in step S103, generates an encrypted picture, stores the encrypted picture locally, and saves the URI storage path of the encrypted picture.
Step S105: the picture storing server 5 returns the URI storage path of the encrypted picture to the application server 1.
Step S106: the application server 1 receives the URI storage path of the encrypted picture.
Step S107: the application server 1 generates a hash digest of the original plaintext picture through a hash digest algorithm, and sends a request of a block chain on the hash digest, wherein the request message includes information such as a URI (Uniform resource identifier) storage path of the encrypted picture, a TLS (transport layer security) identity authentication certificate of the application server, a user name and the like in addition to the hash digest.
Step S108: the blockchain non-verification node 3 receives the request, checks the validity of the transaction and assembles into a transaction.
Step S109: and the block chain non-verification node 3 signs the transaction by using a private key corresponding to the transaction certificate and forwards the transaction request to all the verification nodes 2 in the verification node cluster. The forwarded transaction request comprises the hash abstract of the original plaintext picture, the URI storage path of the encrypted picture, the TLS identity authentication certificate of the non-verification node, the user name and other information.
Step S110: the blockchain verification node 2 receives the request, checks the validity of the transaction, and specifically includes whether the transaction flow exceeds a certain set threshold, the identity information of the current transaction initiator, and the access right of the current transaction initiator, if the current transaction flow exceeds a certain set threshold, or the transaction initiator does not have a legal TLS identity authentication certificate, or the transaction initiator does not have operation rights such as chaining on pictures, the transaction is rejected, and if the transaction is legal, the next processing is continued.
Step S111: and the block chain verification node 2 initiates a picture reading request, and the request message comprises a URI storage path of the encrypted picture.
Step S112: the picture storage server 5 receives the picture reading request of the verification node 2, and verifies the identity information and the access authority of the initiator of the request. If the transaction initiator does not have a legal TLS identity authentication certificate or the transaction initiator user does not have operation authority such as picture reading, the transaction is refused to be processed, and if the transaction is legal, the next processing is continued.
Step S113: the picture storage server 5 returns the encrypted picture to the authentication node 2.
Step S114: the picture storage server 5 checks whether the verification node 2, which is the initiator of the request, has the access right to decrypt the picture, and if so, encrypts the symmetric key of the encrypted picture by using the public key in the certificate of the verification node 2 to generate a key ciphertext and returns the key ciphertext to the verification node 2. If the access right for decrypting the picture is not available, the decrypted key is not sent to the authentication node 2.
Step S115: if the verification node 2 receives the key ciphertext generated in step S114, it decrypts the key ciphertext with its own private key to obtain a symmetric key plaintext, and decrypts the encrypted picture in step S113 with the symmetric key plaintext to obtain a plaintext picture.
Step S116: the verification node 2 generates a hash digest 1 by the hash digest algorithm on the plaintext picture, and verifies that the hash digest 1 is compared with the hash digest of the plaintext picture in the step S107, if the two are consistent, the picture is not tampered, and the decrypted picture is consistent with the plaintext picture sent by the original application server.
Step S117: the block chain verification node 2 starts preparation before access and execution of the consensus algorithm, and calls a consensus message receiving module to monitor and receive messages communicated among the nodes in the consensus algorithm.
Step S118: the blockchain verification node 2 extracts key elements in the plaintext picture using OCR.
Step S119: and the block chain verification node 2 performs service verification on the key elements in the picture in linkage with the local service system, for example, according to the extracted identity card number in the account opening picture, the local blacklist service system is linked to verify whether the identity card number is legal or not.
Step S120: in the execution of the consensus algorithm, the picture verification result of step S119 is used, and the detailed consensus process is shown in fig. 9a to 9 f.
Step S121: after the consensus algorithm is executed, all verification nodes in the verification node cluster are required to reach a consensus result, if all the nodes reach consensus, the consensus commit module 2345 is executed, and the consensus result is subjected to persistence processing; if all the nodes do not achieve consensus, the consensus rollback module 2346 is executed to roll back the consensus result of each verification node, and no persistence processing is performed.
Step S122: the blockchain verification node 2 calls the common intelligent contract processing module 235 to verify the common identification result, if the common intelligent contract is verified, the intelligent contract is executed, and if the common intelligent contract is not verified, specific common identification error information is returned.
Step S123: the block chain verification node 2 calls the storage module 24 to write the transaction information and the intelligent contract execution result into the block, and stores relevant data generated in the transaction process into the database in a persistent mode.
In the above specific scenario, as shown in fig. 9a to 9f, fig. 9b shows the interaction steps between the nodes of fig. 9a, fig. 9d shows the interaction steps between the nodes of fig. 9c, and fig. 9f shows the interaction steps between the nodes of fig. 9 e.
The specific steps for executing the consensus operation are as follows:
step S201: after receiving the picture hash uplink requests forwarded by the non-verification nodes, all the verification nodes select the main node through a selection algorithm, wherein the selection algorithm includes but is not limited to the sequence of the cyclic slave verification nodes 0, 1, 2 and 3 as the main node in sequence.
Step S202: and according to the selected algorithm, each verification node judges whether the verification node is the main node, if not, the verification node exits, and if so, the next step of processing is continued.
Step S203: the master node checks the transaction request forwarded by the non-verification node, including the signature of the non-verification node in the visa transaction request, or checks whether the transaction request has never been processed, to prevent duplicate processing, etc.
Step S204: and calling key elements in the OCR and local business system verification pictures by the main node to perform business verification, and storing the business verification result of the pictures.
Step S205: the main node generates pre-prefix message information, wherein the message information comprises a current main node ID, a transaction serial number n, a transaction request abstract, a sending node ID, a picture hash abstract, a storage path of an encrypted picture, a picture service verification result and the like.
Step S206: the master node broadcasts a pre-prepare message to all the verification nodes.
Step S207: the master node persists pre-prefix packet information.
Step S208: after all verification nodes receive the pre-prefix message of the main verification node, checking the validity of the pre-prefix message sent by the main node, wherein the validity comprises the following steps: whether the ID of the main node is consistent with the ID of the main node calculated by the main node selection algorithm, whether the transaction sequence number meets the specified interval, whether the transaction abstract is correct, and the like.
Step S209: and each verification node calls OCR and key elements in the local service system verification picture to carry out service verification, and the service verification result of the picture is stored.
Step S210: each verification node checks whether the pictures in the pre-prepare message sent by the main node are subjected to business verification, wherein the business verification includes whether the hash of the picture uplink transaction request is consistent with the decrypted hash abstract, whether the received business verification result of the pictures is passed by other verification nodes, and whether the local picture business verification result is passed.
Step S211: each verification node generates prefix message information, and the message information comprises the ID of the current main node, a transaction serial number n, a transaction request abstract, the ID of a sending node, a picture hash abstract, a storage path of an encrypted picture, a service verification result of a local picture and the like.
Step S212: each verification node broadcasts a prefix message to all verification nodes.
Step S213: and each verification node persists the prefix message information.
Step S214: after receiving the prefix messages of other verification nodes, all verification nodes check the validity of the pre-prefix messages sent by all verification nodes, including whether the ID of the main node is consistent with the main node calculated by the main node selection algorithm, whether the transaction serial number meets the specified interval, whether the transaction abstract is correct, and the like.
Step S215: all verification nodes check whether the commit condition is met.
Step S216: and entering an intelligent execution stage based on the consensus of the picture content.
Further, S215 specifically includes:
1. the local database can query that the transaction is already in the preparation phase.
2. And receiving the prepended messages of all nodes in the network, wherein the picture service check results in the prepended messages all pass.
If the above 2 conditions are satisfied, S216 is continued, otherwise it exits.
As will be appreciated by those skilled in the art, the above method has the following advantages:
1. a general storage architecture of an uplink scheme of block chain picture data is designed. Through picture hash abstract cochaining and encrypted storage, the guaranteed picture is shared by all nodes in the block chain network, but the safety of the picture is not reduced, the picture is guaranteed not to be tampered, and the picture can be visible to partial verification nodes in an access control mode, so that sensitive picture information leakage is avoided.
2. In addition, in the consensus stage, the consensus verification is carried out on the picture content by combining the local OCR (optical character recognition) and other business inspection systems of all the nodes, the transaction failure can be returned in the consensus stage for the request which is not passed through the verification, the picture can be verified without waiting for the intelligent contract execution stage, and the resources of consensus communication are wasted, so that the transaction time is shortened, powerful support is provided for processing picture data by a block chain, and the business processing efficiency is improved.
The systems, apparatuses, modules or units described in the above embodiments may be specifically implemented by a computer chip or an entity, or implemented by a product with certain functions. A typical implementation device is a computer device, which may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
In a typical example, the computer device specifically comprises a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method performed by the client as described above when executing the program, or the processor implementing the method performed by the server as described above when executing the program.
Referring now to FIG. 10, shown is a schematic diagram of a computer device 600 suitable for use in implementing embodiments of the present application.
As shown in fig. 10, the computer apparatus 600 includes a Central Processing Unit (CPU)601 which can perform various appropriate works and processes according to a program stored in a Read Only Memory (ROM)602 or a program loaded from a storage section 608 into a Random Access Memory (RAM)) 603. In the RAM603, various programs and data necessary for the operation of the system 600 are also stored. The CPU601, ROM602, and RAM603 are connected to each other via a bus 604. An input/output (I/O) interface 605 is also connected to bus 604.
The following components are connected to the I/O interface 605: an input portion 606 including a keyboard, a mouse, and the like; an output portion 607 including a display such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 608 including a hard disk and the like; and a communication section 609 including a network interface card such as a LAN card, a modem, or the like. The communication section 609 performs communication processing via a network such as the internet. The driver 610 is also connected to the I/O interface 606 as needed. A removable medium 611 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 610 as necessary, so that a computer program read out therefrom is mounted as necessary on the storage section 608.
In particular, according to an embodiment of the present invention, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the invention include a computer program product comprising a computer program tangibly embodied on a machine-readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 609, and/or installed from the removable medium 611.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functionality of the units may be implemented in one or more software and/or hardware when implementing the present application.
The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The application may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The application may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement or the like made within the spirit and principle of the present application shall be included in the scope of the claims of the present application.

Claims (14)

1. A picture content consensus method based on a block chain is characterized by comprising the following steps:
sending an original picture to a picture storage server so that the picture storage server encrypts the picture by using a symmetric key to generate an encrypted picture, encrypts the symmetric key by using a pre-stored public key, and then sends the encrypted picture and the encrypted symmetric key to a block chain node for acquiring an encrypted picture request;
acquiring a storage path of the encrypted picture;
sending uplink request information to each node of a block chain, wherein the uplink request information comprises the storage path, so that all block chain verification node servers with access rights can obtain the encrypted picture according to the storage path, decrypt the encrypted symmetric key according to a pre-stored private key corresponding to the public key to obtain the symmetric key, decrypt the encrypted picture by adopting the symmetric key to obtain an original picture, extract picture content in the original picture, and further execute consensus operation according to the picture content;
further comprising:
processing the original picture through an abstract algorithm to obtain a first hash abstract of the original picture; the uplink request further comprises the first hash abstract, so that all block chain verification node servers with access rights generate second hash abstracts according to the obtained original pictures, and whether the step of extracting the picture contents in the original pictures is executed or not is determined according to the comparison result of the first hash abstracts and the second hash abstracts; wherein the content of the first and second substances,
in the consensus stage, the consensus verification is carried out on the picture content by combining the local OCR service inspection system of each node, and the transaction failure can be returned in the consensus stage for the request which fails to pass the verification;
wherein the executing of the consensus operation according to the picture content comprises: verifying the picture content according to a pre-stored verification picture, and broadcasting a verification result; and executing a consensus operation, determining whether all the nodes achieve consensus, and executing the intelligent contract corresponding to the original picture if the consensus is achieved.
2. The picture content consensus method of claim 1, wherein the uplink request message further comprises: and the identity authentication certificate of the application server, the identity information of the initiating user and the access authority of the initiating user are used, so that all block chain verification node servers with the access authority authenticate the uplink request.
3. A picture content consensus method based on a block chain is characterized by comprising the following steps:
receiving an original picture sent by an application server, and generating a symmetric key for encrypting the picture;
encrypting the original picture by using the symmetric key to generate an encrypted picture and a storage path of the encrypted picture;
encrypting the symmetric key using a pre-stored public key;
sending a storage path of the encrypted picture to the application server so that the application server adds the storage path to uplink request information, and all nodes can obtain the storage path;
receiving an encrypted picture acquisition request sent by a blockchain node, and returning the encrypted picture to the blockchain node which sends the encrypted picture acquisition request, wherein the encrypted picture acquisition request comprises the storage path, identity information of an initiating node which acquires the encrypted picture request and operation authority;
screening out a blockchain verification node server with access authority according to identity information of an initiating node and the operation authority, sending the symmetric key encrypted by the public key to all blockchain verification node servers with access authority so that the blockchain verification node server with access authority decrypts the encrypted symmetric key according to a pre-stored private key corresponding to the public key to obtain the symmetric key, decrypting the encrypted picture by adopting the symmetric key to obtain an original picture, extracting picture content in the original picture, and further executing consensus operation according to the picture content; wherein the content of the first and second substances,
the application server processes the original picture through an abstract algorithm to obtain a first hash abstract of the original picture; the uplink request further comprises the first hash abstract, so that all block chain verification node servers with access rights generate second hash abstracts according to the obtained original pictures, and whether the step of extracting the picture contents in the original pictures is executed or not is determined according to the comparison result of the first hash abstracts and the second hash abstracts;
in the consensus stage, the consensus verification is carried out on the picture content by combining the local OCR service inspection system of each node, and the transaction failure can be returned in the consensus stage for the request which fails to pass the verification;
wherein the executing of the consensus operation according to the picture content comprises: verifying the picture content according to a pre-stored verification picture, and broadcasting a verification result; and executing a consensus operation, determining whether all the nodes achieve consensus, and executing the intelligent contract corresponding to the original picture if the consensus is achieved.
4. A picture content consensus method based on a block chain is characterized by comprising the following steps:
acquiring uplink request information sent by an application server, wherein the uplink request information comprises a storage path of an encrypted picture obtained by symmetrically encrypting an original picture by a picture storage server; the picture storage server further encrypts a symmetric key for encrypting the original picture by using a pre-stored public key to obtain an encrypted symmetric key; the application server further processes the original picture through an abstract algorithm to obtain a first hash abstract of the original picture; the uplink request further includes the first hash digest;
sending an encrypted picture acquisition request to the picture storage server, wherein the encrypted picture acquisition request comprises the storage path, identity information of an initiating node of the encrypted picture acquisition request and operation permission;
receiving an encrypted picture and the encrypted symmetric key sent by the picture storage server, and then decrypting the encrypted symmetric key by using a pre-stored private key corresponding to the public key to obtain the symmetric key;
decrypting the encrypted picture by adopting the symmetric key to obtain an original picture;
generating a second hash abstract according to the obtained original picture;
determining whether to execute a step of extracting the picture content in the original picture according to a comparison result of the first hash abstract and the second hash abstract;
extracting picture content in the original picture;
executing consensus operation according to the picture content; wherein the content of the first and second substances,
in the consensus stage, the consensus verification is carried out on the picture content by combining the local OCR service inspection system of each node, and the transaction failure can be returned in the consensus stage for the request which fails to pass the verification;
wherein the executing of the consensus operation according to the picture content comprises: verifying the picture content according to a pre-stored verification picture, and broadcasting a verification result; and executing a consensus operation, determining whether all the nodes achieve consensus, and if so, executing an intelligent contract corresponding to the original picture.
5. The method as claimed in claim 4, wherein the step of determining whether to extract the picture content in the original picture according to the comparison result of the first hash digest and the second hash digest comprises:
and if the comparison result is consistent, determining that the original picture is not tampered, and further determining to execute the step of extracting the picture content in the original picture.
6. The picture content consensus method according to claim 4, wherein said extracting picture content from said original picture comprises:
and extracting field information in the original picture through OCR recognition.
7. An application server, comprising:
the sending module is used for sending an original picture to a picture storage server so that the picture storage server encrypts the picture by adopting a symmetric key to generate an encrypted picture, encrypts the symmetric key by adopting a pre-stored public key, and then sends the encrypted picture and the encrypted symmetric key to a block chain node for acquiring an encrypted picture request;
the storage path acquisition module is used for acquiring a storage path of the encrypted picture;
the uplink request information sending module is used for sending uplink request information to each node of a block chain, wherein the uplink request information comprises the storage path, so that all block chain verification node servers with access authority can obtain the encrypted pictures according to the storage path, the encrypted symmetric keys are decrypted according to a pre-stored private key corresponding to the public key to obtain the symmetric keys, the encrypted pictures are decrypted by adopting the symmetric keys to obtain original pictures, picture contents in the original pictures are extracted, and common identification operation is executed according to the picture contents;
further comprising:
the first hash abstract generating module is used for processing the original picture through an abstract algorithm to obtain a first hash abstract of the original picture; the uplink request further comprises the first hash abstract, so that all block chain verification node servers with access rights generate second hash abstracts according to the obtained original pictures, and whether the step of extracting the picture contents in the original pictures is executed or not is determined according to the comparison result of the first hash abstracts and the second hash abstracts; wherein the content of the first and second substances,
in the consensus stage, the consensus verification is carried out on the picture content by combining the local OCR service inspection system of each node, and the transaction failure can be returned in the consensus stage for the request which fails to pass the verification;
wherein the executing of the consensus operation according to the picture content comprises: verifying the picture content according to a pre-stored verification picture, and broadcasting a verification result; and executing a consensus operation, determining whether all the nodes achieve consensus, and executing the intelligent contract corresponding to the original picture if the consensus is achieved.
8. The application server of claim 7, wherein the uplink request message further comprises: and the identity authentication certificate of the application server, the identity information of the initiating user and the access authority of the initiating user are used, so that all block chain verification node servers with the access authority authenticate the uplink request.
9. A picture storage server, comprising:
the original picture receiving module is used for receiving an original picture sent by the application server and generating a symmetric key for encrypting the picture;
the original picture encryption module is used for encrypting the original picture by using the symmetric key to generate an encrypted picture and a storage path of the encrypted picture;
the symmetric key encryption module encrypts the symmetric key by using a pre-stored public key;
a storage path sending module, configured to send a storage path of the encrypted picture to the application server, so that the application server adds the storage path to uplink request information, and further enables all nodes to obtain the storage path;
the system comprises an encrypted picture acquisition request receiving module, an encrypted picture acquisition request receiving module and an encrypted picture acquisition module, wherein the encrypted picture acquisition request receiving module receives an encrypted picture acquisition request sent by a block chain node, and returns an encrypted picture to a block chain node which sends the encrypted picture acquisition request, and the encrypted picture acquisition request comprises a storage path, identity information of an initiating node which acquires the encrypted picture request and operation authority;
the encrypted symmetric key sending module screens out the blockchain verification node servers with access rights according to the identity information of the initiating node and the operation rights, sends the symmetric keys encrypted by the public keys to all the blockchain verification node servers with access rights, so that the blockchain verification node servers with access rights decrypt the encrypted symmetric keys according to pre-stored private keys corresponding to the public keys to obtain the symmetric keys, decrypts the encrypted pictures by adopting the symmetric keys to obtain original pictures, extracts picture contents in the original pictures and further executes consensus operation according to the picture contents; wherein the content of the first and second substances,
the application server processes the original picture through an abstract algorithm to obtain a first hash abstract of the original picture; the uplink request further comprises the first hash abstract, so that all block chain verification node servers with access rights generate second hash abstracts according to the obtained original pictures, and whether the step of extracting the picture contents in the original pictures is executed or not is determined according to the comparison result of the first hash abstracts and the second hash abstracts;
in the consensus stage, the consensus verification is carried out on the picture content by combining the local OCR service inspection system of each node, and the transaction failure can be returned in the consensus stage for the request which fails to pass the verification;
wherein the executing of the consensus operation according to the picture content comprises: verifying the picture content according to a pre-stored verification picture, and broadcasting a verification result; and executing a consensus operation, determining whether all the nodes achieve consensus, and executing the intelligent contract corresponding to the original picture if the consensus is achieved.
10. A blockchain authentication node server, comprising:
the uplink request information acquisition module is used for acquiring uplink request information sent by an application server, wherein the uplink request information comprises a storage path of an encrypted picture obtained by symmetrically encrypting an original picture by a picture storage server; the picture storage server further adopts a pre-stored public key to encrypt the symmetric key for encrypting the original picture to obtain an encrypted symmetric key;
the encrypted picture obtaining request sending module is used for sending an encrypted picture obtaining request to the picture storage server, wherein the encrypted picture obtaining request comprises the storage path, the identity information of an initiating node for obtaining the encrypted picture request and the operation authority;
the first decryption module is used for receiving the encrypted picture and the encrypted symmetric key sent by the picture storage server and then decrypting the encrypted symmetric key by adopting a pre-stored private key corresponding to the public key to obtain the symmetric key;
the second decryption module decrypts the encrypted picture by adopting the symmetric key to obtain an original picture;
the picture content extraction module is used for extracting the picture content in the original picture;
the consensus operation module executes consensus operation according to the picture content;
the application server further processes the original picture through an abstract algorithm to obtain a first hash abstract of the original picture; the uplink request further includes the first hash digest, and the blockchain validation node server further includes:
the second hash abstract generating module is used for generating a second hash abstract according to the obtained original picture;
the comparison module is used for determining whether to execute the step of extracting the picture content in the original picture according to the comparison result of the first hash abstract and the second hash abstract; wherein, the first and the second end of the pipe are connected with each other,
in the consensus stage, the consensus verification is carried out on the picture content by combining the local OCR service inspection system of each node, and the transaction failure can be returned in the consensus stage for the request which fails to pass the verification;
wherein the executing of the consensus operation according to the picture content comprises: verifying the picture content according to a pre-stored verification picture, and broadcasting a verification result; and executing a consensus operation, determining whether all the nodes achieve consensus, and executing the intelligent contract corresponding to the original picture if the consensus is achieved.
11. The blockchain verification node server of claim 10, wherein if the comparison result is consistent, the picture content extraction module extracts picture content in the original picture.
12. The blockchain validation node server of claim 10, wherein the picture content extraction module extracts field information in the original picture by OCR recognition.
13. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the method of any of claims 1 to 6 are implemented by the processor when executing the program.
14. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method of any one of claims 1 to 6.
CN201910694624.0A 2019-07-30 2019-07-30 Picture content consensus method based on block chain and server Active CN110336833B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910694624.0A CN110336833B (en) 2019-07-30 2019-07-30 Picture content consensus method based on block chain and server

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910694624.0A CN110336833B (en) 2019-07-30 2019-07-30 Picture content consensus method based on block chain and server

Publications (2)

Publication Number Publication Date
CN110336833A CN110336833A (en) 2019-10-15
CN110336833B true CN110336833B (en) 2022-06-21

Family

ID=68147977

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910694624.0A Active CN110336833B (en) 2019-07-30 2019-07-30 Picture content consensus method based on block chain and server

Country Status (1)

Country Link
CN (1) CN110336833B (en)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110933040B (en) * 2019-11-05 2021-11-12 武汉菲旺软件技术有限责任公司 Block chain based data uplink method, device, equipment and medium
CN110889137B (en) * 2019-11-21 2023-04-07 盛世智云(云南)软件有限公司 Data exchange method based on block chain
CN111191288B (en) * 2019-12-30 2023-10-13 中电海康集团有限公司 Block chain data access right control method based on proxy re-encryption
CN111343179B (en) * 2020-02-25 2023-04-07 中国工商银行股份有限公司 Real-time consensus method and device for authenticity of data on link
CN111371796B (en) * 2020-03-11 2023-05-26 腾讯科技(深圳)有限公司 Data transmission system, data transmission method, medium and electronic device
CN111625231B (en) * 2020-05-27 2021-02-26 哈尔滨云天智旅大数据有限公司 Software development method based on data security
CN112187767A (en) * 2020-09-23 2021-01-05 上海万向区块链股份公司 Multi-party contract consensus system, method and medium based on block chain
CN112084521B (en) * 2020-09-27 2024-02-09 中国建设银行股份有限公司 Unstructured data processing method, device and system for block chain
CN112532646B (en) * 2020-12-09 2022-08-16 杭州趣链科技有限公司 Data sharing method, system, device, equipment and storage medium
CN112911002B (en) * 2021-02-02 2022-11-25 上海华盖科技发展股份有限公司 Block chain data sharing encryption method
CN113051625B (en) * 2021-03-24 2024-02-20 中国工商银行股份有限公司 Data storage method and device based on blockchain
CN114285555A (en) * 2021-12-15 2022-04-05 支付宝(杭州)信息技术有限公司 Multicast method and device based on block chain
CN114205484A (en) * 2021-12-15 2022-03-18 湖南快乐阳光互动娱乐传媒有限公司 Picture processing method and device
CN116842573A (en) * 2023-07-25 2023-10-03 南京理工大学 Hierarchical encryption privacy protection method based on blockchain
CN116760651A (en) * 2023-08-22 2023-09-15 中国航空结算有限责任公司 Data encryption method and device, electronic equipment and readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108881262A (en) * 2018-07-02 2018-11-23 北京市天元网络技术股份有限公司 Restoring files methods, devices and systems based on block chain
CN109359206A (en) * 2018-10-17 2019-02-19 郑称德 Image processing method and system based on Internet of Things campus administration
CN109583912A (en) * 2018-11-14 2019-04-05 阿里巴巴集团控股有限公司 Trade company's authentication method and device based on block chain
CN109783447A (en) * 2019-01-23 2019-05-21 北京邮电大学 Electronics license deposits card method, acquisition methods, device, system and electronic equipment
CN109858222A (en) * 2019-01-18 2019-06-07 特斯联(北京)科技有限公司 A kind of authentication block catenary system and its verification method based on face characteristic

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107426170B (en) * 2017-05-24 2019-08-09 阿里巴巴集团控股有限公司 A kind of data processing method and equipment based on block chain
CN107846278B (en) * 2017-10-30 2020-02-14 中国联合网络通信集团有限公司 Intelligent contract processing method and device
CN108055274B (en) * 2017-12-22 2020-09-11 广东工业大学 Encryption and sharing method and system based on alliance chain storage data
CN108537063A (en) * 2018-02-26 2018-09-14 阿里巴巴集团控股有限公司 A kind of method, apparatus and equipment of data storage
CN108345685A (en) * 2018-03-07 2018-07-31 物数(上海)信息科技有限公司 More granularity data processing methods, system, equipment and storage medium under block chain
CN108550226B (en) * 2018-04-17 2021-09-07 暨南大学 Keyless sharing automobile system based on block chain technology and construction method thereof
CN109040012B (en) * 2018-06-19 2021-02-09 西安电子科技大学 Block chain-based data security protection and sharing method and system and application
CN109033475B (en) * 2018-09-10 2020-10-23 湖南智慧政务区块链科技有限公司 File storage method, device, equipment and storage medium
CN109753817A (en) * 2018-12-28 2019-05-14 全链通有限公司 Medical information secure storage scheme based on block chain
CN109768987B (en) * 2019-02-26 2022-01-28 重庆邮电大学 Block chain-based data file safe and private storage and sharing method
CN109951498A (en) * 2019-04-18 2019-06-28 中央财经大学 A kind of block chain access control method and device based on ciphertext policy ABE encryption

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108881262A (en) * 2018-07-02 2018-11-23 北京市天元网络技术股份有限公司 Restoring files methods, devices and systems based on block chain
CN109359206A (en) * 2018-10-17 2019-02-19 郑称德 Image processing method and system based on Internet of Things campus administration
CN109583912A (en) * 2018-11-14 2019-04-05 阿里巴巴集团控股有限公司 Trade company's authentication method and device based on block chain
CN109858222A (en) * 2019-01-18 2019-06-07 特斯联(北京)科技有限公司 A kind of authentication block catenary system and its verification method based on face characteristic
CN109783447A (en) * 2019-01-23 2019-05-21 北京邮电大学 Electronics license deposits card method, acquisition methods, device, system and electronic equipment

Also Published As

Publication number Publication date
CN110336833A (en) 2019-10-15

Similar Documents

Publication Publication Date Title
CN110336833B (en) Picture content consensus method based on block chain and server
KR102392420B1 (en) Program execution and data proof scheme using multi-key pair signatures
CN111066286B (en) Retrieving common data for blockchain networks using high availability trusted execution environments
US11652644B1 (en) Quantum-resistant double signature system
CN112333198B (en) Secure cross-domain login method, system and server
US20190124070A1 (en) Authentication token with client key
US20220394026A1 (en) Network identity protection method and device, and electronic equipment and storage medium
JP2005012732A (en) Device authentication system, terminal device, authentication server, service server, terminal device method, authentication method, terminal device program, authentication program, service server program, and storage medium
US10536271B1 (en) Silicon key attestation
CN110149323B (en) Processing device with ten-million-level TPS (platform secure protocol) contract processing capacity
US8260721B2 (en) Network resource access control methods and systems using transactional artifacts
CN111880919B (en) Data scheduling method, system and computer equipment
CN112256800A (en) Vector commitment-based alliance link data processing method, device and equipment
CN111241492A (en) Product multi-tenant secure credit granting method, system and electronic equipment
CN113094190B (en) Micro-service calling method, micro-service calling device, electronic equipment and storage medium
CN112887087B (en) Data management method and device, electronic equipment and readable storage medium
CN111901287B (en) Method and device for providing encryption information for light application and intelligent equipment
WO2021027504A1 (en) Consensus protocol-based information processing method, and related device
CN117155549A (en) Key distribution method, key distribution device, computer equipment and storage medium
US11777745B2 (en) Cloud-side collaborative multi-mode private data circulation method based on smart contract
CN109492359B (en) Secure network middleware for identity authentication and implementation method and device thereof
Hölzl et al. Bridging the gap in privacy-preserving revocation: practical and scalable revocation of mobile eIDs
CN114095165B (en) Key updating method, server device, client device and storage medium
CN111311412B (en) Decentralized transaction confirmation method and device and server
CN113592638A (en) Transaction request processing method and device and alliance chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant