CN110535848B - Information storage method and device - Google Patents

Information storage method and device Download PDF

Info

Publication number
CN110535848B
CN110535848B CN201910787330.2A CN201910787330A CN110535848B CN 110535848 B CN110535848 B CN 110535848B CN 201910787330 A CN201910787330 A CN 201910787330A CN 110535848 B CN110535848 B CN 110535848B
Authority
CN
China
Prior art keywords
block
public key
block chain
credit information
personal credit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910787330.2A
Other languages
Chinese (zh)
Other versions
CN110535848A (en
Inventor
安井河
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201910787330.2A priority Critical patent/CN110535848B/en
Publication of CN110535848A publication Critical patent/CN110535848A/en
Application granted granted Critical
Publication of CN110535848B publication Critical patent/CN110535848B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention discloses an information storage method and an information storage device, wherein the information storage method comprises the following steps: the block chain management device receives personal credit information from the block chain link point device; the block chain management device creates a private key and a root public key for the personal credit information based on an asymmetric encryption algorithm, and processes the personal credit information by using the private key to generate a digital signature of the personal credit information; the block chain management device generates a sub public key for the root public key based on a preset public key generation algorithm, and sets first effective time and first set time for the sub public key; the block chain management device generates a first block based on the personal credit information, the digital signature, the sub public key, the first effective time and the first set time; the block chain management device issues the first block to the block chain network to which the block chain link point device belongs. By adopting the embodiment of the invention, the personal credit information is encrypted, so that the personal credit information is not easy to be tampered, and the safety of the personal credit information can be improved.

Description

Information storage method and device
Technical Field
The present application relates to the field of communications technologies, and in particular, to an information storage method and apparatus.
Background
With the rapid development of society, personal credit information is more and more valued by people and becomes a decisive factor for whether personal activities (such as bank loan, airplane riding and other activities) can be normally carried out. The personal credit information is generated along with the behaviors of the individual in daily life, and the basic guarantee for ensuring the safe and effective storage of the personal credit information is the inquiry of each personal credit information inquiry mechanism.
At present, personal credit information is stored in a network platform through a credit investigation system by means of some mechanisms with credit certification. The personal credit information stored in the way is easy to be tampered and stolen by illegal personnel, and potential safety hazards exist.
Disclosure of Invention
The embodiment of the invention provides an information storage method and device, which can ensure that stored personal credit information is not easy to be tampered and stolen and can improve the safety of the stored personal credit information.
In a first aspect, an embodiment of the present invention provides an information storage method, where the method includes:
the block chain management device receives personal credit information from the block chain link point device; the block chain management device creates a private key and a root public key for the personal credit information based on an asymmetric encryption algorithm, processes the personal credit information by using the private key and generates a digital signature of the personal credit information; the block chain management device generates a sub public key for the root public key based on a preset public key generation algorithm, and sets first effective time and first set time for the sub public key; the block chain management device generates a first block based on the personal credit information, the digital signature, the sub public key, the first effective time and the first set time; the block chain management device issues the first block to the block chain network to which the block chain link point device belongs. By adopting the embodiment of the invention, the block chain management device packs the personal credit information to generate the first block, so that the personal credit information is subjected to distributed data storage in a block mode, the personal credit information is not easy to be tampered, and the safety of the personal credit information can be improved.
In the technical scheme, the block chain management device creates a private key, a root public key and a sub public key corresponding to the root public key for the personal credit information, sets first effective time and first set time for the sub public key, and the private key is used for processing the personal credit information and generating a digital signature of the personal credit information, so that the block chain node device can decrypt the digital signature by using the sub public key. The creation of the private key and the root public key encrypts the personal credit information, making the personal credit information more secure. The creation of the sub public key protects the safety of the root public key, and the sub public key is only valid within the set first valid time, so that the loss caused by stealing the sub public key is limited. The block chain management device generates a first block according to the personal credit information, and the personal credit information is stored in a distributed data mode in a block chain mode, so that the block chain management device has the characteristic of being not tampered, and the storage of the personal credit information has reliable safety. Meanwhile, the block chain management device issues the first block to the block chain network to which the block chain node device belongs, so that each block chain node device in the block chain network stores the personal credit information, and the personal credit information can be shared by all block chain node devices in the block chain network.
In one implementation, the sub public key is a first sub public key, and the number of the first sub public keys is one. After the blockchain management device sets the first valid time and the first set time for the sub public key, the blockchain management device may further determine that the first sub public key is invalid after the first valid time of the first sub public key is passed from the first set time of the first sub public key. Then, the block chain management device generates a second sub public key for the root public key based on a preset public key generation algorithm, and sets a second valid time and a second setting time for the second sub public key. And the block chain management device generates a second block based on the block identifier of the first block, the second sub public key, the second valid time and the second set time.
In one implementation manner, the sub public key is a first sub public key, and the number of the first sub public keys is multiple. The block chain management device sets a first validity time for the sub public key, and may include: the block chain management device sets different first valid time intervals for each first sub public key.
In one implementation, after the blockchain management device sets different first valid time intervals for each first sub-public key, the blockchain management device may determine that all the first sub-public keys are invalid according to that the current system time is not within the first valid time intervals of each first sub-public key. Then, the block chain management device generates a plurality of second sub public keys for the root public key based on a preset public key generation algorithm, and sets a second valid time interval for each second sub public key. And the block chain management device generates a third block based on the block identifier of the first block, each second sub public key and each second valid time interval.
In one implementation, after the blockchain management device publishes the first block to the blockchain network to which the blockchain node device belongs, the blockchain management device may send a persistence notification for the first block to the blockchain node device, where the persistence notification is used to notify each blockchain node device to persist the first block locally at each blockchain node device.
In a second aspect, an embodiment of the present invention provides an information storage method, where the method includes:
the block chain link point device acquires personal credit information; the block chain link point device sends the personal credit information to a block chain management device where a block chain network is located, so that the block chain management device generates a first block according to the personal credit information when the personal credit information is successfully verified, the block chain management device is a block chain link point device selected by all block chain link point devices in the block chain network according to a consensus algorithm, and the block chain network at least comprises the block chain management device and the block chain link point device; the block link point device receives a first block from the block chain management device.
In the technical scheme, the block chain link point device sends the personal credit information to the block chain management device, and the block chain link point device stores and releases the personal credit information, so that the credibility of the personal credit information is improved. The block chain node device receives the first block of the personal credit information from the block chain management device, so that the block chain node device acquires the personal credit information in a block receiving mode, and the safety of the personal credit information is improved.
In one implementation manner, the first block includes personal credit information, a digital signature of the block chain management device on the personal credit information, a first sub public key, a first valid time corresponding to the first sub public key, and a first set time, where the number of the first sub public keys is one. After the block link point device receives the first block from the block chain management device, the block link point device may receive a personal credit acquisition request, where the personal credit acquisition request carries a block identifier of the first block. And the block chain link point device determines a first block corresponding to the block identifier, and determines that the first sub public key is valid before a first valid time from a first set time. The block chain node device decrypts the digital signature by using the first sub public key so as to output the personal credit information.
In one implementation manner, the first block includes personal credit information, a digital signature of the block chain management device on the personal credit information, a first sub public key, a first valid time corresponding to the first sub public key, and a first set time, and the number of the first sub public keys is plural. After the block-link point device receives the first block from the block chain management device, the block-link point device may receive a personal credit acquisition request, where the personal credit acquisition request carries a block id of the first block. And when the current system time is in the effective time interval, the block chain link point device determines that the first sub public key is effective. The first blockchain node device decrypts the digital signature using the first sub public key to output the personal credit information.
In a third aspect, the present invention provides an information storage apparatus having a function of implementing the information storage method according to the first aspect or the second aspect. The functions can be realized by hardware, and the functions can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules corresponding to the above-described functions.
In a fourth aspect, an embodiment of the present invention provides a block chain management apparatus, where the apparatus includes a memory, a processor, an input device, and an output device, the memory stores a set of program codes, and the processor calls the program codes stored in the memory to perform the operations recited in the first aspect.
In a fifth aspect, embodiments of the present invention provide a computer-readable storage medium for storing computer program instructions for a blockchain management device or a blockchain node device, which includes a program for executing the first aspect or the second aspect.
By implementing the embodiment of the invention, the block chain management device uses the sub public key to encrypt the personal credit information, thereby improving the safety of the personal credit information. Meanwhile, the personal credit information is packaged to generate a first block, and distributed data storage is carried out on the personal credit information in a block mode, so that the personal credit information is not easy to be tampered and has reliable safety. Furthermore, the block chain management device continuously updates the sub public keys according to the validity of each sub public key, so that even if the currently used sub public key is leaked, destructive loss can not be caused, and the safety of personal credit information can be protected.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments or the background art of the present invention, the drawings required to be used in the embodiments or the background art of the present invention will be described below.
Fig. 1 is a schematic structural diagram of a block chain according to an embodiment of the present invention;
fig. 2 is a schematic diagram illustrating a block chain network according to an embodiment of the present invention;
fig. 3 is a schematic flowchart of an information storage method according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of another information storage method according to an embodiment of the present invention;
FIG. 5 is a flow chart illustrating another information storage method according to an embodiment of the present invention;
FIG. 6 is a schematic flowchart of another information storage method according to an embodiment of the present invention;
FIG. 7 is a schematic structural diagram of an information storage device according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a block chain management apparatus according to an embodiment of the present invention.
Detailed Description
The embodiments of the present invention will be described below with reference to the drawings.
In the process of storing personal credit information, the credit certification organizations such as a plurality of banks, government functional organizations (such as traffic bureaus) and the like and terminal equipment are mainly involved. The terminal device may be an access terminal, User Equipment (UE), subscriber unit, subscriber station, mobile station, remote terminal, mobile terminal, user terminal, wireless communication device, user agent, or user equipment, among others. An access terminal may be a cellular phone, a cordless phone, a Session Initiation Protocol (SIP) phone, a Wireless Local Loop (WLL) station, a Personal Digital Assistant (PDA), a handheld device with wireless communication capability, a computing device or other processing device connected to a wireless modem, a vehicle mounted device, a wearable device, a terminal device in the internet of things, a virtual reality device, a terminal device in a future 5G network, a terminal device in a future evolved Public Land Mobile Network (PLMN), or the like.
Existing information storage relies on some institutions with credit authentication (e.g., banks, government functions) to store it on a network platform through an internal credit investigation system. When these personal credit information needs to be viewed, the institution with credit authorization is invoked from the credit investigation system. In the storage process, the personal credit information is easily invaded by viruses and the like, so that the personal credit information is falsified and stolen, and potential safety hazards exist. Meanwhile, an information recording department (such as a railway department, a traffic management department, an airport department and the like) acquires personal credit information through the actual behavior of the user in the department, then an organization with credit authentication verifies the personal credit information, and after the verification is successful, the personal credit information is uploaded to an internal credit investigation system for the user or the organization to check when needed. In this method, only an organization having credit authentication is qualified to check and upload personal credit information, and management of personal credit information is inconvenient.
In order to solve the above problems, embodiments of the present invention introduce and apply a block chain technique to a personal credit information storage, and provide an information storage method and apparatus. According to the method, the personal credit information is packaged to generate the block, distributed data storage is carried out, the block is not easy to tamper, and the safety of the block can be improved. According to the method, personal credit information is acquired, verified and issued through the block chain management device, the block chain management device can be any block chain node device in the block chain network, and therefore any block chain node device in the block chain network can participate in management of the personal credit information, for example, the personal credit information is acquired, verified and issued, and management of the personal credit information is facilitated.
The Block Chain (Block Chain) is a Chain data structure formed by combining data blocks in a sequential connection mode according to a time sequence, and a distributed ledger which can ensure that data cannot be tampered and forged in a cryptology mode is provided. Multiple independent distributed nodes (i.e., block-link node devices) maintain the same record. The blockchain technology achieves decentralization and becomes a foundation for trusted digital asset storage, transfer and transaction. Taking the schematic structure of the block chain shown in fig. 1 as an example, the block chain is composed of a block 1 and a block 2, and data is stored in the block 1 and the block 2. When new data needs to be written into the blockchain, the new data is summarized into the block 3 and added after the end block 2 of the blockchain, and the blockchain ensures that the newly added blocks of each node are completely the same through a consensus algorithm. Block 1 includes its hash value, block 2 includes its hash value and the hash value of the previous block (i.e., block 1), and block 3 includes its hash value and the hash value of the previous block (i.e., block 2). Whether the content in the block 1 is tampered or not is determined by verifying the hash value of the block 1 in the block 2 and the hash value of the block 1, and if the hash value of the block 1 in the block 2 is the same as the hash value of the block 1, the information in the block 1 is not tampered. Whether the content in the block 2 is tampered or not is determined by verifying the hash value of the block 2 in the block 3 and the hash value of the block 2, and if the hash value of the block 2 in the block 3 is the same as the hash value of the block 2, the information in the block 2 is not tampered. Whether the content in the previous block is tampered or not can be determined by verifying whether the hash value of the previous block in the current block is the same as the hash value of the previous block in the block chain.
The storage of the personal credit information belongs to the storage of trusted digital assets, and the block chain technology is introduced to store and distribute the personal credit information on the block chain, so that the safety of the personal credit information can be ensured.
In order to better understand the information storage method and apparatus disclosed in the embodiments of the present invention, first, a description is given below of an architecture of a block chain network to which the embodiments of the present invention are applicable.
Referring to fig. 2, fig. 2 is a schematic diagram of a block chain network according to an embodiment of the present invention. As shown in fig. 2, the blockchain network includes a blockchain management device 201 and two blockchain node devices 202. Any of the blockchain node devices 202 in the blockchain network may be an organization with credit authorization (e.g., a bank, a government agency). Any of the above block link point devices 202 is used to store personal credit information. The blockchain network shown in fig. 2 is composed of three blockchain link point devices for illustration only and does not constitute a limitation on the embodiments of the present invention.
The block chain management device is a block chain node device selected by all block chain node devices in the block chain network according to a consensus algorithm. The consensus algorithm includes, but is not limited to, a Proof of Work (PoW) algorithm, a Proof of rights (PoS) algorithm, a granted Proof of rights (DPoS) algorithm, a Practical Byzantine Fault Tolerant (PBFT) algorithm, and the like. In one implementation, all the blockchain link point devices in the blockchain network may elect a blockchain management device according to a certain period. The blockchain management device may be configured to package personal credit information currently generated in the blockchain network, generate a block, and distribute the block to the blockchain network. The blockchain management device may be any one of blockchain link point devices in the blockchain network.
It should be understood that the block chain network described in the embodiment of the present invention is for more clearly illustrating the technical solution of the embodiment of the present invention, and does not constitute a limitation to the technical solution provided in the embodiment of the present invention, and as a person having ordinary skill in the art knows that along with the evolution of the system architecture and the appearance of a new scenario, the technical solution provided in the embodiment of the present invention is also applicable to similar technical problems.
Based on the above description, an embodiment of the present invention proposes an information storage method as shown in fig. 3, where the information storage method may include the following steps S301 to S306:
step S301: the blockchain management device receives personal credit information from the blockchain link point device.
Specifically, the personal credit information is obtained by the block link point device (i.e. the mechanism with credit certification). The personal credit information may include, but is not limited to, information content, information generation time, information generation place, information generation reason, and the like. The information content of the personal credit information can comprise account information of the user, fund flow condition, traffic violation and the like, and the information generation reasons can comprise loan overdue, red light running, high-speed rail seat occupation and the like. Personal credit information may have a variety of data structures, such as tables, files, and the like.
Step S302: the blockchain management device verifies the personal credit information.
In one implementation, the personal credit information may include identity information of the blockchain node device, and the process of verifying the personal credit information by the blockchain management device may include: the identity of the personal credit information sender is verified, namely the identity of the block chain link point device is verified, and therefore the credibility of the personal credit information issued to the block chain network is improved. For example, the personal credit information may include a digital signature of the block-link point device, where the digital signature is obtained by the block-link point device performing signature processing on the personal credit information according to a private key of the block-link point device. After the block chain management device receives the personal credit information from the block chain node device, the digital signature can be verified according to the public key of the block chain node device, if the verification is successful, it is indicated that the sending party of the personal credit information is the block chain node device sending the personal credit information, and the block chain management device successfully verifies the personal credit information. In this way, the credibility of the personal credit information is improved.
In one implementation, the process of verifying the personal credit information by the blockchain management device may include verifying the personal credit information. For example, each piece of personal credit information carries a seal stamp which is added after the credit certification authority certifies the personal credit information, the authenticity of the personal credit information is judged by verifying the authenticity of the seal stamp, and if the seal stamp on the personal credit information is authentic, the block chain management device successfully verifies the personal credit information. Or each personal credit information carries a unique number added after the credit authentication mechanism authenticates the personal credit information, whether the personal credit information really exists is judged through verifying whether the number exists really, and if the unique number exists really, the block chain management device successfully verifies the personal credit information. The block chain management device can ensure the correctness of the personal information through the verification of the personal credit information.
In one implementation, the blockchain management device may simultaneously verify the identity information of the sender of the personal credit and the personal credit. The sender of the personal credit information is a block chain link point device for sending the personal credit information, and if the seal on the personal credit information is true or the unique number actually exists, the block chain management device successfully verifies the personal credit information.
In one implementation, if the blockchain management device successfully verifies the personal credits, the personal credits are sent to all blockchain link point devices in the blockchain network. And when the block chain management device successfully verifies the personal credit information, the personal credit information is sent to each block chain link point device in the block chain network, so that the credibility of the personal credit information can be improved. Each block chain link point device in the block chain network verifies the personal credit information, and sends a verification result aiming at the personal credit information to the block chain management device in the form of a personal credit information verification response.
Specifically, each of the blockchain node devices in the blockchain network may verify the identity of the sender of the personal credit message. It should be noted that, whether the verification result is pass or fail, each blockchain node device in the blockchain network may send a personal credit verification response to the blockchain management device. The blockchain management device receives a personal credit verification response from each blockchain link point device in the blockchain network. The verification results for the personal credits contained in the personal credit verification responses from the respective block-link point devices in the block chain network may be independent of each other, that is, the verification process for the personal credits by the respective block-link point devices may be unaffected by the other block-link point devices. For example, the result of the verification for the personal credits contained in the personal credit verification response from one block-linked dot device may be a pass verification, and the result of the verification for the personal credits contained in the personal credit verification response from another block-linked dot device may be a fail verification.
The block chain management device obtains a personal credit information checking result according to each personal credit information checking response, and further determines whether the personal credit information passes the checking of the block chain network, namely the personal credit information checking result is determined according to the personal credit information checking response returned by each block chain node device in the block chain network. By the method, each block chain link point device in the block chain network can participate in the verification process aiming at the personal credit information, and the reliability of the personal credit information issued to the block chain network is improved.
In one implementation, the blockchain management device may obtain the personal credit verification result according to the preset rule and each personal credit verification response. For example, when the predetermined rule is that the minority obeys the majority and the blockchain network is composed of 20 blockchain node devices, if the verification result included in the personal credit verification response returned by 14 blockchain node devices for the personal credit is verification pass, the blockchain management device may determine that the personal credit passes the verification of the blockchain network. It should be noted that, the above example is only used to illustrate that the blockchain management device determines whether the personal credit information passes through the verification of the blockchain network based on the minority-compliant principle, and in other possible implementations, the blockchain management device may also determine whether the personal credit information passes through the verification of the blockchain network based on the majority-compliant principle, which is not limited in the embodiment of the present invention.
In one implementation, if the verification result included in each individual credit information verification response is that the number of passed verifications exceeds a first preset threshold, the blockchain management device may determine that the individual credit information passes the verification of the blockchain network. In one implementation, if the verification result included in each individual credit information verification response is that the number of failed verifications exceeds a second preset threshold, the blockchain management device may determine that the individual credit information failed the verification of the blockchain network. The first preset threshold and the second preset threshold may be equal or unequal.
Step S303: if the block chain management device successfully verifies the personal credit information, a first block is generated based on the personal credit information.
If the block chain management device successfully verifies the personal credit information, the personal credit information is packaged to generate a first block.
Step S304: the block chain management device distributes the first block to the block chain network to which the block chain link point device belongs.
Specifically, the block chain management device may send the first block corresponding to the personal credit information to each block link point device in the block chain network, where each block link point device in the block chain network stores the personal credit information, so that the personal credit information is shared by all block link point devices in the block chain network.
Step S305: the block chain management device sends a local persistence notification for the first block to the block link point device.
After the block chain management device issues the first block to the block chain network to which the block chain node point device belongs, the block chain management device sends the persistence notification aiming at the first block to the block chain node point device, so that the block chain node point device receives the local persistence notification aiming at the first block from the block chain management device.
Step S306: the block link point device persists a first block locally to the block link point device.
After the block-chain-linked-point device receives the first block from the block chain management device and the persistence notification for the first block, the first block may be persisted locally at the block-chain-linked-point device, i.e., the first block is permanently stored in the block-chain-linked-point device. And under the condition that each block chain node device in the block chain network stores the first block corresponding to the personal credit information, indicating that the personal credit information is successfully issued to the block chain network to which the block chain node device acquiring the personal credit information belongs. In this way, the distribution of personal credit information can be made fairly shared for each blockchain link device in the blockchain network. Meanwhile, the personal credit information is stored in a block mode, the current block stores the hash value of the current block and the hash value of the previous block, and whether the personal credit information in the current block is modified can be determined by verifying whether the hash value of the previous block stored in the current block is the same as the hash value of the previous block, so that the personal credit information in the block is difficult to tamper.
According to the embodiment, the first block is locally persisted only when the block link point device receives the persistence notification, so that the situation that the first block is locally persisted (namely, all received information is persisted by the block link point device) when the block link point device does not receive the persistence notification can be avoided, and the utilization rate of the storage space of the block link point device is improved.
Therefore, by implementing the embodiment of the invention, the personal credit information can be subjected to distributed data storage in a block mode and cannot be tampered. At the same time, personal credit information is made fairly shared for each block-link node device in the block-chain network.
Referring to fig. 4, fig. 4 is a flowchart illustrating another information storage method according to an embodiment of the present invention, where the method includes, but is not limited to, steps S401 to S407.
Step S401: the blockchain management device receives personal credit information from the blockchain link point device.
Step S402: the blockchain management device verifies the personal credit information.
For steps S401 to S402 in the embodiment of the present application, reference may be specifically made to the execution processes of steps S301 to S302 in the foregoing embodiment, and details of the embodiment of the present invention are not described again.
Step S403: and if the block chain management device successfully verifies the personal credit information, creating a key pair for the personal credit information based on the asymmetric encryption algorithm.
Specifically, the block chain management device creates a key pair for the personal credit information based on an asymmetric encryption algorithm, wherein the key pair comprises a public key and a private key.
In one implementation, the private key is used for the blockchain management device to digitally sign the personal credit information, and the public key is used for all blockchain link point devices in the blockchain network to decrypt the digital signature so as to obtain the personal credit information. The following description is given by way of example using private key encryption and public key decryption, and does not limit the embodiments of the present application, for example, public key encryption and private key decryption may be used.
The block chain management device creates a key pair for the personal credit information, encrypts the personal credit information through a private key to generate a digital signature, decrypts the digital signature by using a public key, encrypts the personal credit information and can enhance the safety of the personal credit information again.
Step S404: the block chain management means generates a first block based on the personal credit information.
Specifically, the block chain management means generates the first block based on the personal credit information and the public key, so that the personal credit information is stored in the first block together with the public key for decryption.
Step S405: the block chain management device distributes the first block to the block chain network to which the block chain link point device belongs.
Step S406: the block chain management device sends a local persistence notification for the first block to the block link point device.
Step S407: the block link point device persists a first block locally to the block link point device.
For steps S405 to S407 in this embodiment, reference may be specifically made to the execution process of steps S304 to S306 in the foregoing embodiment, and details of this embodiment of the present invention are not described again.
Referring to fig. 5, fig. 5 is a flowchart illustrating another information storage method according to an embodiment of the present invention, where the method includes, but is not limited to, steps S501 to S516.
Step S501: the blockchain management device receives personal credit information from the blockchain link point device.
Step S502: the block chain management device verifies the personal credit information.
For steps S501 to S502 in the embodiment of the present application, reference may be specifically made to the execution processes of steps S301 to S302 in the foregoing embodiment, and details of the embodiment of the present invention are not repeated.
Step S503: and if the block chain management device successfully verifies the personal credit information, creating a private key and a root public key for the personal credit information based on an asymmetric encryption algorithm.
In one implementation, the private key is used for the blockchain management device to digitally sign the personal credit information, and the root public key is used for all blockchain link point devices in the blockchain network to decrypt the digital signature so as to obtain the personal credit information. The following description is given by way of example using private key encryption and root public key decryption, and the embodiments of the present application are not limited thereto, for example, root public key encryption and private key decryption may be used.
Step S504: the block chain management device generates a first sub public key for the root public key based on a public key generation algorithm, and sets first effective time and first set time of the first sub public key.
Specifically, the blockchain management device generates a first sub public key for the root public key based on a public key generation algorithm, and sets a corresponding first validity time and a setting time of the first validity time for the first sub public key, where the public key generation algorithm may include, but is not limited to, an SHA256 algorithm, an SHA224 algorithm, an SHA384 algorithm, and the like. The first valid time of the first sub public key means that the first sub public key only takes effect within the first valid time, and after the first valid time, the corresponding first sub public key cannot be used, so that the first sub public key has unique timeliness. The first set time of the first valid time is system time when the first sub public key is generated, and the first valid time of the first sub public key is counted from the first set time.
Illustratively, the system time when the blockchain management device generates the first sub public key is 10 am # 8/6 in 2019, that is, the first set time of the first sub public key is 10 am # 8/6 in 2019. The first valid time of the first sub public key is 5 hours, the first valid time of the first sub public key is counted from 8.6.6.a.10.2019, the first sub public key is valid within 5 hours after the first valid time is 10.8.6.a.6.a.m. 2019, and the block link point device can decrypt the digital signature of the personal credit information by using the first sub public key. The first valid time is 5 hours after 3 pm at 8/6/2019, the first sub public key is invalid after 3 pm at 8/6/2019, and the block link point device cannot decrypt the digital signature by using the first sub public key.
The block chain management device sets the first valid time and the corresponding first setting time of the first sub public key, so that the first sub public key is valid only within a certain period, and the block chain node device can decrypt the digital signature by using the first sub public key only within the valid period of the first sub public key. This way of setting the first validity time for the first child public key enables the root public key to be protected even if the first child public key is compromised, with limited losses.
Step S505: the block chain management means generates a first block based on the personal credit information.
Specifically, the block chain management device generates the first block based on the personal credit information, the digital signature, the first sub public key, the first valid time of the first sub public key and the first set time, so that the digital signature, the first sub public key, the first valid time of the first sub public key and the first set time are all stored in the first block together with the personal credit information, so that all block chain link point devices in the block chain network are used when decrypting the first block.
Step S506: the block chain management device distributes the first block to the block chain network to which the block chain link point device belongs.
Step S506 in the embodiment of the present application may specifically refer to the execution process of step S304 in the above embodiment, and the embodiment of the present invention is not described again.
Step S507: the block chain link point device receives a personal credit information acquisition request.
The block link node device may receive a personal credit acquisition request from a user. The personal credit acquisition request carries the block identifier of the first block, which may include, but is not limited to, a number, a special letter, a name, etc. The block identification of the first block points to the first block, so that the block link node device can acquire the personal credit information which is desired to be acquired according to the personal acquisition request.
At present, when a user or an organization wants to check personal credit information, a checking application needs to be submitted to the organization with credit authentication, and the personal credit information can be checked only after the organization with the credit authentication checks the application, so that the method has complicated steps. And the block chain management device distributes the first block in the block chain network where the block chain node device is located, and after the block chain node device receives the personal credit information acquisition request, all the block chain node devices in the block chain network can directly use the effective first sub public key to decrypt the first block so as to check the personal credit information. The mode is direct and simple, so that the checking of the personal credit information is more convenient.
Step S508: the block-link node means determines a first block based on the personal credit acquisition request.
The block link point device determines the first block to be acquired based on the block identification of the first block in the personal credit information acquisition request, and ensures that the personal credit information to be acquired exists in the first block.
Step S509: the block chain node device determines that the first sub public key is valid based on the first valid time and the first set time of the first sub public key.
Specifically, the block link point device determines that the first sub public key is valid after a first valid time from a first setting time of the first sub public key. For example, the first valid time and the first set time of the first sub-public key are respectively as described in step S504, and the block link point device determines that the first sub-public key is valid within 5 hours of the first valid time from the first set time of 2019, No. 8/6 am, 10 pm, i.e., before No. 8/6 pm, 3 pm in 2019.
Step S510: the block link point device decrypts the first block using the first sub public key.
After determining that the first sub public key is valid, the block link point device may decrypt the digital signature of the first block using the first sub public key to obtain the personal credit information.
Step S511: the block chain management device determines that the first sub public key is invalid based on the first validity time and the first set time of the first sub public key.
The block chain management device may determine that the first sub public key is invalid after a first validity time of the first sub public key has elapsed from a first set time of the first sub public key.
For example, the first valid time and the first set time of the first sub public key are as described in step S504, and the blockchain management device determines that the first sub public key is invalid after 5 hours of the first valid time has elapsed from 10 am No. 8/6 in 2019, i.e., after 3 pm No. 8/6 in 2019.
It should be noted that, the execution sequence of step S511 and step S508 is not sequential, and if the block link node device receives the acquisition request, step S508 may be executed first, and then step S511 may be executed; step S511 may be executed first, and then step S508 may be executed; step S508 and step S511 may also be executed simultaneously, which is not limited in this embodiment of the present invention.
Step S512: the block chain management device generates a second sub public key for the root public key based on the public key generation algorithm, and sets a second effective time and a second set time of the second sub public key
And after determining that the first sub public key is invalid, the block chain management device generates a second sub public key based on the public key generation algorithm, wherein the second sub public key is valid after a second set time and within a second valid time.
Illustratively, the system time when the blockchain management device generates the second sub public key is 3 pm 8/6/2019, that is, the second set time of the second sub public key is 3 pm 8/6/2019, and the second valid time of the second sub public key is 4 hours, then the second valid time of the second sub public key is counted from 3 pm 8/6/2019, and the second valid time is 4 hours after 3 pm 8/6/2019, and the second sub public key is valid, and the blockchain node device can decrypt the digital signature of the personal credit information by using the second sub public key. And when the second valid time is 4 hours at 7 pm of 8/6/2019, the second sub public key is invalid after 7 pm of 8/6/2019, and the block chain node device cannot decrypt the digital signature by using the second sub public key.
The block chain management device determines that the first sub public key fails as a precondition for updating the sub public key. And the second sub public key is created, so that the block chain node point device can decrypt the digital signature by using the second sub public key after the first sub public key fails, and the corresponding sub public key can be used at any time.
Step S513: the block chain management device generates a second block based on the block identifier of the first block, the second sub public key, the second valid time and the second set time.
The block id of the first block, which is obtained by the blockchain management device before the second block is generated, may include, but is not limited to, a number, a special letter, a name, etc., and the block id of the first block points to the first block. The first block still contains the personal credit information, the digital signature, the first sub public key, the first valid time of the first sub public key and the first setting time, but only the personal credit information and the digital signature in the first block are valid at this moment, and the first sub public key, the first valid time and the first setting time in the first block are invalid and cannot be used by the block link node device.
Step S514: the block chain management device distributes the second block to the block chain network to which the block chain link point device belongs.
Specifically, the block chain management device may send the second block corresponding to the personal credit information to each block link point device in the block chain network, where each block link point device in the block chain network stores the personal credit information, so that the personal credit information is shared by all block link point devices in the block chain network.
Step S515: the block chain link point device determines that the second sub public key is valid based on the second validity time and the second set time of the second sub public key.
And the block chain node point device determines that the second sub public key is valid after a second valid time from a second set time of the second sub public key. For example, the second valid time and the second set time of the second sub public key are respectively as described in step S512, and the block link point device determines that the second sub public key is valid within 4 hours of the second valid time from the second set time of 2019, No. 8/6/pm, 3 pm, that is, before No. 6/2019/8/pm, 7 pm.
Step S516: the block link point device decrypts the second block using the second sub public key.
Specifically, after determining that the second sub public key is valid, the block link point device decrypts the digital signature of the second block by using the second sub public key to obtain the personal credit information.
Therefore, in the embodiment of the invention, the block chain management device generates the second sub public key after determining that the first sub public key is invalid, and the block chain link point device decrypts the second block by using the second sub public key after determining that the second sub public key is valid. The method enables the sub public key to be continuously updated, and can improve the safety of personal credit information stored in the block.
Referring to fig. 6, fig. 6 is a flowchart illustrating another information storage method according to an embodiment of the present invention, where the method includes, but is not limited to, steps S601-S616.
Step S601: the blockchain management device receives personal credit information from the blockchain link point device.
Step S602: the block chain management device verifies the personal credit information.
Step S603: and if the block chain management device successfully verifies the personal credit information, creating a private key and a root public key for the personal credit information based on the asymmetric encryption algorithm.
For steps S601 to S603 in the embodiment of the present application, reference may be specifically made to the execution processes of steps S501 to S503 in the embodiment described above, and details of the embodiment of the present invention are not repeated.
Step S604: the block chain management device generates a plurality of first sub public keys for the root public key based on a public key generation algorithm, and sets a first valid time interval of each first sub public key.
The blockchain management device generates a plurality of first child public keys to the root public key based on a public key generation algorithm, which includes, but is not limited to, the method in step 504. The first valid time interval of the first sub public key is a time interval which can be used by the first sub public key, and the lower boundary of the current first valid time interval is the upper boundary of the target first valid time interval, so that the continuity of each first valid time interval in time is ensured. And only when the system time corresponding to the first sub public key is within the first valid time interval, the first sub public key is valid.
Illustratively, the first validity interval of the first sub-public key is between 9 am at 7/h 2 of 2019 and 12 am at 7/h 2 of 2019, the first validity interval of the second first sub-public key is between 12 am at 7/h 2 of 2019 and 2 pm at 7/h 4 of 2019, and the first validity interval of the third first sub-public key is between 2 am at 7/h 4 of 2019 and 3 am at 7/h 5 of 2019. The lower boundary 2019, 7/month 2 am 12 p.m. of the first validity interval is the upper boundary of the second first validity interval, and the lower boundary 2019, 7/month 4 pm 2 p.m. of the second first validity interval is the upper boundary of the third first validity interval, so that the first validity interval, the second first validity interval and the third first validity interval are continuous in time. Meanwhile, a first sub-public key corresponding to a first valid time interval is only valid within the first valid time interval of 2019, 7.2 am 9-2019, 7.2 am 12 am, a second first sub-public key corresponding to a second first valid time interval is only valid within the second first valid time interval of 2019, 7.2 am 12 am-2019, 7.4 pm 2 pm, and a third first sub-public key corresponding to a third valid time interval is only valid within the third first valid time interval of 2019, 7.4 pm 2 pm-2019, 7.5 am 3 am.
Step S605: the block chain management device generates a first block based on the personal credit information.
Specifically, the block chain management device generates the first block based on the personal credit information, the digital signature, all the first sub public keys and the first valid time intervals corresponding to the first sub public keys. The digital signature, all the first sub public keys and each first valid time interval are stored in the first block together with the personal credit information, so that the digital signature, all the first sub public keys and each first valid time interval can be used by all the block link node devices in the block link network for decrypting the blocks.
Step S606: the block chain management device distributes the first block to the block chain network to which the block chain link point device belongs.
Step S607: the block chain link point device receives a personal credit information acquisition request.
Step S608: the block-link node means determines a first block based on the personal credit acquisition request.
For steps S606 to S608 in the embodiment of the present application, reference may be specifically made to the execution processes of steps S506 to S508 in the foregoing embodiment, and details of the embodiment of the present invention are not described again.
Step S609: the block chain node device determines that one first sub public key of all the first sub public keys is valid based on the first validity time intervals of all the first sub public keys.
And the block chain node point device determines that one first sub public key in all the first sub public keys is valid by judging that the current system time is within one first valid time in all the first valid time intervals corresponding to all the first sub public keys.
For example, the first valid time intervals of the first sub public key, the second first sub public key, and the third first sub public key are respectively described in step S604, and if the current system time is 2019, 7, 3, and 10 am, 25 min, and the current system time is within the first valid time interval of the second first sub public key, the block link node device determines that the second first sub public key is valid, and the second first sub public key is available for the block link node device at the system time. And if the current system time is 40 minutes at 8 pm, 7/4/2019, and the current system time is within a first valid time interval of the third first sub public key, the block chain node device determines that the third first sub public key is valid, and at the system time, the third first sub public key can be used by the block chain node device.
Step S610: the block chain node device decrypts the first block by using the valid first sub public key in all the first sub public keys.
And the block chain node device decrypts the digital signature in the first block by using the valid first sub public key determined in the step so as to acquire the personal credit information.
Step S611: the block chain management device determines that all the first sub public keys are invalid based on the first validity time interval of each first sub public key.
And the block chain management device determines that all the first sub public keys are invalid by judging that the current system time is not in all the first valid time intervals corresponding to all the first sub public keys.
Illustratively, the first valid time intervals of the first sub public key, the second first sub public key, and the third first sub public key are respectively described in step 604, and if the current system time is 2019, 7/month, 5 # am, 3 am, 5 minutes, and the current system time is not within the first valid time intervals of the first sub public key, the second first sub public key, and the third first sub public key, the block chain management device determines that the first sub public key, the second first sub public key, and the third first sub public key are all invalid. The block chain node device cannot decrypt the digital signature of the personal credit information from the block chain management device by using any one of the first sub public keys.
It should be noted that, the execution sequence of step S611 and step S608 is not sequential, and if the block link node device receives the acquisition request, step S608 may be executed first, and then step S611 is executed; step S611 may be executed first, and then step S608 may be executed; step S608 and step S611 may also be executed at the same time, which is not limited in the embodiment of the present invention.
Step S612: the block chain management device generates a plurality of second sub public keys based on a public key generation algorithm, and sets a second valid time interval of each second sub public key.
After determining that all the first sub-public keys are invalid according to the above steps, the blockchain management device generates a plurality of second sub-public keys based on the public key generation algorithm shown in step 604, and sets a second valid time interval of each second sub-public key, where all the second sub-public keys are valid only in the corresponding second valid time interval.
Illustratively, the second validity interval of the first second sub-public key is 3 am at 7/h 5 of 2019-8 am at 7/h 6 of 2019, the second validity interval of the second sub-public key is 8 am at 7/h 6 of 2019-6 pm at pm 6 of 2019, and the second validity interval of the third second sub-public key is 6 am at 7/h 6 of 2019-9 am at 7/h 8 of 2019. The lower boundary 2019 of the first second effective time interval, No. 7/6/8 am, is the upper boundary of the second effective time interval, and the lower boundary 2019 of the second effective time interval, No. 7/6 pm, is the upper boundary of the third second effective time interval, so that the first second effective time interval, the second effective time interval and the third second effective time interval are continuous in time. Meanwhile, a first second sub public key corresponding to the first second valid time interval is only valid within the first second valid time interval from 2019 No. 7/month 5 am 3 to 2019 No. 7/month 6 am 8 in 2019, a second sub public key corresponding to the second valid time interval is only valid within the second valid time interval from 2019 No. 7/month 6 am 8 to 2019 No. 7/month 6 pm 6 afternoon 6, and a third second sub public key corresponding to the third valid time interval is only valid within the third second valid time interval from 2019 No. 7/month 6 afternoon 6 to 2019 No. 7/month 8 am 9.
In this way, after all the first sub public keys fail, the block chain node device still has the corresponding second sub public key available in the next time interval.
Step S613: the block chain management device generates a second block based on the block identifier of the first block, each second sub public key and each second valid time interval.
The block identification of the first block, which is obtained by the block chain management device before the second block is generated, may include, but is not limited to, a number, a special letter, a name, etc. The block mark of the first block points to the first block, the first block still contains the personal credit information, the digital signature, each first sub public key and each first valid time interval, but only the personal credit information and the digital signature in the first block are valid at the moment, each first sub public key and each first valid time interval in the first block are invalid, and the first block can not be used by the block link point device.
Step S614: the block chain management device distributes the second block to the block chain network to which the block chain link point device belongs.
Step S614 in this embodiment may specifically refer to the execution process of step S514 in the foregoing embodiment, and details are not repeated in this embodiment of the present invention.
Step S615: the block chain node device determines that one of all the second sub public keys is valid based on the second validity time intervals of all the second sub public keys.
And the block chain node point device determines that one second sub public key in all the second sub public keys is valid by judging that the current system time is in one second valid time in all the second valid time intervals corresponding to all the second sub public keys. For example, the second valid time intervals of the first second sub public key, the second sub public key, and the third second sub public key are respectively described in step S612, if the current system time is 2019, 7/month, 5/3 pm, 45 minutes, and the current system time is within the second valid time interval of the first second sub public key, the block link node device determines that the second sub public key is valid, and the second sub public key is available for the block link node device at the system time. And if the current system time is 20 minutes at 7.7.7.10 am in 2019, and the current system time is in a second valid time interval of the third second sub public key, the block chain node device determines that the third second sub public key is valid, and at the system time, the third second sub public key can be used by the block chain node device.
Step S616: and the block chain node device decrypts the second block by using the valid second sub public key in all the second sub public keys.
Specifically, after determining that one of all the second sub public keys is valid, the block link node device decrypts the digital signature of the first block by using the valid second sub public key of all the second sub public keys to acquire the personal credit information.
Therefore, the block chain management device in the embodiment of the invention generates a plurality of first sub public keys at a time based on the root public key, thereby improving the generation efficiency of the first sub public keys. And simultaneously, after determining that all the first sub public keys are invalid, the block chain link point device generates a plurality of second sub public keys, and after determining that one second sub public key in all the second sub public keys is valid, the block chain link point device decrypts the second block by using the valid second sub public key. In the process, the sub public key is continuously updated, so that the safety of storing the personal credit information in the block can be improved.
Referring to fig. 7, fig. 7 is a schematic structural diagram of an information storage device according to an embodiment of the present invention, where the information storage device may be used in the steps executed by the blockchain management device in the embodiments shown in fig. 3 to 6, and the information storage device 70 at least includes:
a receiving module 701, configured to receive personal credit information from a block-link point device;
a processing module 702 for creating a private key and a root public key for personal credit information; the private key is also used for processing the personal credit information to generate a digital signature of the personal credit information; the first block is also generated based on the personal credit information, the digital signature, the sub public key, the first valid time and the first set time; also used for setting a first valid time and a first setting time for the sub public key;
a sending module 703 is configured to issue the first block to the block chain network to which the block link point device belongs.
In an implementation manner, the sub public keys are first sub public keys, the number of the first sub public keys is one, and the processing module 702 is further configured to determine that the first sub public key is invalid after a first valid time of the first sub public key elapses from a first set time of the first sub public key; then generating a second sub public key for the root public key based on the preset public key generating algorithm, and setting second effective time and second setting time for the second sub public key; and generating a second block based on the block identifier of the first block, the second sub public key, the second valid time and the second set time.
In an implementation manner, the sub public keys are a plurality of first sub public keys, and the processing module 703 is further configured to set different first valid time intervals for each first sub public key.
In an implementation manner, the processing module 703 is further configured to determine that all the first sub-public keys are invalid according to that the current system time is not within the first valid time interval of each first sub-public key; then generating a plurality of second sub public keys for the root public key, and setting a second effective time interval for each second sub public key; and generating a third block based on the block identifier of the first block, each second sub public key and each second valid time interval.
In one implementation, the sending module 703 is further configured to send a persistence notification for the first tile to the tile link point device, where the persistence notification is used to notify each tile link point device to locally persist the first tile in each tile link point device.
Referring to fig. 8, fig. 8 is a schematic structural diagram of a blockchain management device according to an embodiment of the present invention, where the blockchain management device 80 includes a processor 801, a memory 802, and a communication interface 803, and the processor 801, the memory 802, and the communication interface 803 are connected through one or more communication buses.
The processor 801 is configured to support the blockchain management device to perform the corresponding functions of the blockchain management device in the embodiments shown in fig. 3-6. The processor 801 may be a Central Processing Unit (CPU), a Network Processor (NP), a hardware chip, or any combination thereof.
The memory 802 is used for storing program codes and the like. The memory 802 may include volatile memory (volatile memory), such as Random Access Memory (RAM); the memory 802 may also include a non-volatile memory (non-volatile memory), such as a read-only memory (ROM), a flash memory (flash memory), a hard disk (HDD) or a solid-state drive (SSD); the memory 802 may also comprise a combination of the above types of memory.
The communication interface 803 is used to receive and transmit data, for example, the communication interface 803 is used to receive personal credit information from a block-link point device, or the communication interface 803 is used for first block distribution to various block-link point devices in a block chain network, etc.
In the embodiment of the present invention, the blockchain management device 80 includes a plurality of communication interfaces, wherein the communication interface for transmitting data and the communication interface for receiving data may not be the same communication interface.
The processor 801 may call the program code stored in the memory 802 to perform the following operations:
the communication interface 803 receives personal credit information from the block-link point device;
the processor 801 creates a private key and a root public key for the personal credit information based on the asymmetric encryption algorithm, and processes the personal credit information by using the private key to generate a digital signature of the personal credit information;
the processor 801 generates a sub public key for the root public key based on a preset public key generation algorithm, and sets first effective time and first setting time for the sub public key, wherein the sub public key is used for decrypting the digital signature by the block chain node device;
the processor 801 generates a first block based on the personal credit information, the digital signature, the sub public key, the first validity time and the first set time;
the processor 801 issues the first tile into the tile chain network described by the tile chain node device via the communication interface 803.
In one implementation, the sub public key created by the processor 801 is a first sub public key, and the number of the first sub public keys is one; after the processor 801 sets the first valid time and the first set time for the sub public key, the following operations may be further performed:
the processor 801 may determine that the first sub public key is invalid by passing through a first validity time of the first sub public key from a first set time of the first sub public key;
the processor 801 generates a second sub public key for the root public key based on a preset public key generation algorithm, and sets a second valid time and a second setting time for the second sub public key;
the processor 801 generates a second block based on the block identifier of the first block, the second sub public key, the second validity time, and the second setting time.
In one implementation, the sub public key created by the processor 801 is a first sub public key, and the number of the first sub public keys is one; the processor 801 setting a first validity time for the sub public key may include: each first sub-public key of the processor 801 sets a different first validity time interval.
In one implementation, after the processor 801 sets different first validity time intervals for each first sub-public key, the following operations may be further performed:
the processor 801 may determine that all the first sub-public keys are invalid according to that the current system time is not within the first validity time interval of each first sub-public key;
the processor 801 generates a plurality of second sub public keys for the root public key based on a preset public key generation algorithm, and sets a second valid time interval for each second sub public key;
the processor 801 generates a third block based on the block identifier of the first block, each second sub-public key, and each second validity time interval.
In one implementation, after the processor 801 issues the first tile to the tile chain network to which the tile chain node device belongs, the following operations may be further performed:
the processor 801 may send a persistence notification for the first tile to the tile linked point device, the persistence notification notifying each tile linked point device to persist the first tile locally at each tile linked point device.
Embodiments of the present invention further provide a computer-readable storage medium, which can be used to store computer software instructions for the blockchain management device in the embodiments shown in fig. 3 to 6, and which contains a program designed for the blockchain node device in the embodiments described above.
The computer readable storage medium includes, but is not limited to, flash memory, hard disk, solid state disk.
The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.

Claims (10)

1. An information storage method, comprising:
the block chain management device receives personal credit information from the block chain node device and an identification of the personal credit information, and when the identification is a seal, the seal is formed by adding the seal on the personal credit information after the personal credit information is authenticated by a credit authentication mechanism; when the identification is a number, the number is a number added to the personal credit information after the credit certification authority certifies the personal credit information;
the block chain management device verifies the personal credit information according to the identification;
if the verification is successful, the block chain management device creates a private key and a root public key for the personal credit information based on an asymmetric encryption algorithm, processes the personal credit information by using the private key, and generates a digital signature of the personal credit information;
the block chain management device generates a sub public key for the root public key based on a preset public key generation algorithm, and sets first effective time and first set time for the sub public key, wherein the sub public key is used for decrypting the digital signature of the personal credit information by the block chain node device;
the block chain management device generates a first block based on the personal credit information, the digital signature of the personal credit information, the sub public key, the first validity time and the first set time;
the blockchain management device issues the first block to a blockchain network to which the blockchain link point device belongs, the blockchain network including at least the blockchain management device and the blockchain link point device.
2. The method according to claim 1, wherein the sub public key is a first sub public key, and the number of the first sub public keys is one;
after the blockchain management device sets the first valid time and the first set time for the sub public key, the method further includes:
the block chain management device determines that the first sub public key is invalid after the first setting time of the first sub public key passes through the first valid time of the first sub public key;
the block chain management device generates a second sub public key for the root public key based on the preset public key generation algorithm, and sets second effective time and second setting time for the second sub public key;
the block chain management device generates a second block based on the block identifier of the first block, the second sub public key, the second validity time, and the second setting time.
3. The method according to claim 1, wherein the sub public key is a first sub public key, and the number of the first sub public keys is plural;
the block chain management device sets a first valid time for the sub public key, and the method comprises the following steps:
the block chain management device sets different first valid time intervals for each first sub public key.
4. The method according to claim 3, wherein after the blockchain management device sets a different first validity time interval for each of the first sub public keys, the method further comprises:
the block chain management device determines that all the first sub public keys are invalid according to the condition that the current system time is not within the first valid time interval of each first sub public key;
the block chain management device generates a plurality of second sub public keys for the root public key based on the preset public key generation algorithm, and sets a second effective time interval for each second sub public key;
the block chain management device generates a third block based on the block identifier of the first block, each second sub public key and each second validity time interval.
5. The method of claim 1, wherein after the blockchain management device issues the first block to a blockchain network to which the blockchain node device belongs, the method further comprises:
the block chain management device sends a persistence notification for the first block to the block link point device, where the persistence notification is used to notify each block link point device to locally persist the first block at each block link point device.
6. An information storage method, comprising:
the block chain link point device acquires personal credit information;
the block chain link point device acquires an identifier of the personal credit information, and when the identifier is a seal, the seal is formed by adding the personal credit information after the personal credit information is authenticated by a credit authentication mechanism; when the identification is a number, the number is a number added to the personal credit information after the personal credit information is authenticated by a credit authentication mechanism;
the block chain link point device sends the personal credit information and the identification of the personal credit information to a block chain management device where a block chain network is located, wherein the block chain management device is selected by all block chain link point devices in the block chain network according to a common identification algorithm, and the block chain network at least comprises the block chain management device and the block chain link point device;
the block chain node device receives a first block from the block chain management device, the first block being generated by the block chain management device based on the personal credit information, a digital signature of the personal credit information, a sub public key, a first validity time of the sub public key, and a first setting time of the sub public key, the digital signature is that the block chain management device creates a private key and a root public key for the personal credit information based on an asymmetric encryption algorithm after successfully verifying the personal credit information according to the identification, and processing the personal credit information by using a private key to obtain the sub public key, wherein the sub public key is obtained by processing the root public key by the block chain management device based on a preset public key generation algorithm, and the first effective time and the first set time are set by the block chain management device.
7. The method according to claim 6, wherein the first block comprises the personal credit information, a digital signature of the block chain management device on the personal credit information, a first sub public key, a first valid time corresponding to the first sub public key, and a first set time, and the number of the first sub public keys is one;
after the block link point device receives the first block from the block chain management device, the block chain link point device further comprises:
the block link point device receives a personal credit information acquisition request, wherein the personal credit information acquisition request carries a block identifier of the first block;
the block link point device determines a first block corresponding to the block identifier;
the block link point device determines that the first sub public key is valid before the first valid time elapses from the first set time;
the block link node device decrypts the digital signature using the first sub public key to output the personal credit information.
8. The method according to claim 6, wherein the first block includes the personal credit information, a digital signature of the block chain management device on the personal credit information, a first sub public key, a first validity time interval corresponding to the first sub public key, the number of the first sub public key being plural;
after the block link point device receives the first block from the block chain management device, the block chain link point device further comprises:
the block chain node device receives a personal credit information acquisition request, wherein the personal credit information acquisition request carries the block identifier of the first block;
the block link point device determines a first block corresponding to the block identifier of the first block;
when the current system time is within one first effective time interval of each first effective time interval, the block chain link point device determines that the first sub public key corresponding to the first effective time interval is effective;
the block link node device decrypts the digital signature by using the valid first sub public key to output the personal credit information.
9. A block chain management device is characterized by comprising a memory, a processor, an input device and an output device, wherein the memory stores a group of program codes, and the processor calls the program codes stored in the memory and is used for executing any one of 1-5 or any one of 6-8.
10. A computer-readable storage medium, characterized in that it stores a computer program comprising program instructions which, when executed by a processor, cause the processor to carry out the method according to any one of claims 1 to 5 or 6 to 8.
CN201910787330.2A 2019-08-22 2019-08-22 Information storage method and device Active CN110535848B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910787330.2A CN110535848B (en) 2019-08-22 2019-08-22 Information storage method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910787330.2A CN110535848B (en) 2019-08-22 2019-08-22 Information storage method and device

Publications (2)

Publication Number Publication Date
CN110535848A CN110535848A (en) 2019-12-03
CN110535848B true CN110535848B (en) 2022-07-26

Family

ID=68662761

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910787330.2A Active CN110535848B (en) 2019-08-22 2019-08-22 Information storage method and device

Country Status (1)

Country Link
CN (1) CN110535848B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109962777A (en) * 2017-12-26 2019-07-02 航天信息股份有限公司 The key in block catenary system is permitted to generate, obtain the method and apparatus of key

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016200885A1 (en) * 2015-06-08 2016-12-15 Blockstream Corporation Cryptographically concealing amounts transacted on a ledger while preserving a network's ability to verify the transaction
CN107769922B (en) * 2017-10-31 2020-02-18 捷德(中国)信息科技有限公司 Block chain safety management system and method
CN108737430B (en) * 2018-05-25 2020-07-17 全链通有限公司 Encryption communication method and system for block chain node
CN109274496A (en) * 2018-08-01 2019-01-25 何世容 A kind of electronic passenger ticket storage system and electronic passenger ticket storage method based on block chain
CN109543456B (en) * 2018-11-06 2021-07-09 北京新唐思创教育科技有限公司 Block generation method and computer storage medium

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109962777A (en) * 2017-12-26 2019-07-02 航天信息股份有限公司 The key in block catenary system is permitted to generate, obtain the method and apparatus of key

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于区块链的去中心化身份认证及密钥管理方案;姚英英等;《网络空间安全》;20190625(第06期);全文 *

Also Published As

Publication number Publication date
CN110535848A (en) 2019-12-03

Similar Documents

Publication Publication Date Title
CN111062716B (en) Method and device for generating block chain signature data and block chain transaction initiating system
CN106548345B (en) Method and system for realizing block chain private key protection based on key partitioning
CN110417750B (en) Block chain technology-based file reading and storing method, terminal device and storage medium
JP6524347B2 (en) Information sharing system
CN101170407B (en) A method for securely generating secret key pair and transmitting public key or certificate application file
CN117097466A (en) Computer-implemented system and method for providing a decentralised protocol for retrieving encrypted assets
CN103634114B (en) The verification method and system of intelligent code key
CN108830733A (en) A kind of information processing method, block scm cluster and system
CN105656920B (en) A kind of encryption and decryption method and system for posting number of packages evidence based on express delivery
CN110800250A (en) Controlled distribution of encrypted private keys
JPH06223041A (en) Rarge-area environment user certification system
JP2015154491A (en) System and method for remote access and remote digital signature
CN107171796A (en) A kind of many KMC key recovery methods
JP2007522739A (en) One-way authentication
CN102769623A (en) Two-factor authentication method based on digital certificate and biological identification information
CN109858259A (en) The data protection of community health service alliance and sharing method based on HyperLedger Fabric
CN111355591A (en) Block chain account safety management method based on real-name authentication technology
CN114760114A (en) Identity authentication method, device, equipment and medium
CN110634072B (en) Block chain transaction system based on multi-signature and hardware encryption
CN110519222B (en) External network access identity authentication method and system based on disposable asymmetric key pair and key fob
US20230259899A1 (en) Method, participant unit, transaction register and payment system for managing transaction data sets
JP2002529778A (en) Incorporating shared randomness into distributed encryption
CN114969786A (en) Block chain-based insurance function data processing method, node and system
CN113365264A (en) Block chain wireless network data transmission method, device and system
CN112446701B (en) Identity authentication method, equipment and storage device based on blockchain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant