CN111190862A - Method for realizing block chain - Google Patents

Method for realizing block chain Download PDF

Info

Publication number
CN111190862A
CN111190862A CN201911384949.5A CN201911384949A CN111190862A CN 111190862 A CN111190862 A CN 111190862A CN 201911384949 A CN201911384949 A CN 201911384949A CN 111190862 A CN111190862 A CN 111190862A
Authority
CN
China
Prior art keywords
user
file
center
hash value
chain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911384949.5A
Other languages
Chinese (zh)
Other versions
CN111190862B (en
Inventor
黄柏
邱少师
姚佑贤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Thinker Technology Co ltd
Original Assignee
Guangzhou Thinker Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Thinker Technology Co ltd filed Critical Guangzhou Thinker Technology Co ltd
Priority to CN201911384949.5A priority Critical patent/CN111190862B/en
Publication of CN111190862A publication Critical patent/CN111190862A/en
Application granted granted Critical
Publication of CN111190862B publication Critical patent/CN111190862B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/13File access structures, e.g. distributed indices
    • G06F16/137Hash-based
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/172Caching, prefetching or hoarding of files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/182Distributed file systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2151Time stamp
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention relates to the field of block chains, and discloses a block chain realization method, which comprises a client data uplink process, wherein the client data uplink process comprises the following steps: uploading a file to be stored to an IPFS system by a client, and acquiring a HASH value FH of the file; the client calculates the HASH value FH of the file, and signs the HASH value FH of the file, the current TIME TIME and the user HASH value UH to obtain a file signature US; the client sends the HASH value FH, the file signature US, the current TIME TIME, the user HASH value UH and the block chain ID information of the file to the center to request for establishing the block nodes; when the client side successfully monitors the addition of the block chain, the client side downloads the newly added block nodes; and (6) ending. The invention has safer data, unites the chain at the center, does not have the branching condition, can control the block chain growth speed, and is beneficial to improving the speed of the concurrent chain.

Description

Method for realizing block chain
Technical Field
The present invention relates to the field of block chains, and in particular, to a block chain implementation method.
Background
The block chain has the following characteristics: distributed storage is adopted, and the system robustness is high; the record cannot be tampered, and the safety is high; the record is public and the root cause can be traced. Based on these characteristics, blockchains were first applied to accounting for transactions of virtual currency, resulting in a vigorous development of the mining machine market. However, the blockchain is not equal to the virtual currency, which can be applied in many ways.
The current pursuit of aggressive "decentralized" blockchain technology has several problems that limit its applicability. The rules of the blockchain result in that the data it stores must be stored in the clear; because only the plaintext is stored, other people can prove the content of the stored data of the block chain; if the content is stored in an encrypted manner, the content cannot be proved; publishing blockchains on a public network can cause leakage of some sensitive data; when multiple persons release information at the same time, competition exists, and some information fails to be published; the block chain data update is poor in real-time.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a block chain implementation method that is safer in data, unified in center chaining, free from forking, and capable of controlling the block chain growth speed, and is beneficial to increasing the concurrent chaining speed, aiming at the above-mentioned defects in the prior art.
The technical scheme adopted by the invention for solving the technical problems is as follows: an implementation method for constructing a block chain comprises a client-side data uplink process, wherein the client-side data uplink process comprises the following steps:
A1) uploading a file to be stored to an IPFS system by a client, and acquiring a HASH value FH of the file;
A2) the client calculates the HASH value FH of the file, and signs the HASH value FH of the file, the current TIME TIME and the user HASH value UH to obtain a file signature US;
A3) the client sends the HASH value FH of the file, the file signature US, the current TIME, the user HASH value UH and the block chain ID information to a center to request the establishment of a block node;
A4) the client side listens whether the block chain is successfully added, if so, the step A5 is executed); otherwise, performing step a 6);
A5) the client downloads the newly added block node, and executes step a 7);
A6) the client side performs exception handling and returns to the step A3);
A7) and (6) ending.
In the method for implementing a block chain according to the present invention, the method further includes a data uplink process performed by the center, where the data uplink process performed by the center includes the following steps:
B1) the center receives a request for adding a block node;
B2) the center synchronizes a file needing an upper block chain to the local from the IPFS system;
B3) the center searches user information and uses the user information to check the file signature US;
B4) judging whether the file signature US is legal, if so, executing the step B6); otherwise, performing step B5);
B5) returning error information to the user, informing the user to perform exception handling, and executing the step B10);
B6) the center combines the file signature US and the previous block HASH value PH, calculates a signature by using a private key of the center to obtain a private key signature BS, and executes the step B7);
B7) the center writes the block node file into the IPFS system to obtain the HASH value of the block node;
B8) the center returns the HASH value of the block node which is successfully added to the user;
B9) the central broadcast block chain change message, and the subscriber updates the block chain from the IPFS system according to the received message;
B10) and (6) ending.
In the implementation method of the block chain, the invention further includes a secret key changing process, and the secret key changing process includes the following steps:
C1) generating a pair of new secret keys in a timed mode;
C2) writing the new and old public keys into the IPFS system to obtain corresponding HASH values;
C3) signing files in the IPFS system using an old private key;
C4) sending a chaining request to the center, wherein the center can uplink the signed file to a public key chain;
C5) a new private key is recorded and subsequent signatures are performed using the new private key.
The method for realizing the block chain further comprises the step of adding a user flow, wherein the step of adding the user flow comprises the following steps:
D1) before adding a user, firstly acquiring information of the added user, wherein the information of the added user comprises a public key of an added person;
D2) saving the information of the added user to the IPFS system to obtain a HASH value of a new file; the information of the added user comprises HASH of the user;
D3) signing the new file by using a private key of the added user;
D4) requesting to uplink data to a user chain;
D5) and after the user chain on the data is successful, informing the added user, and the added user links own data.
The method for realizing the block chain further comprises a user deleting process, wherein the user deleting process comprises the following steps:
E1) acquiring the information of the deleted user before deleting the user;
E2) saving the information of the deleted user to the IPFS system to obtain a HASH value of a new file; the deleted user information comprises the HASH of the user;
E3) signing the new file by using a private key of the user;
E4) requesting to uplink data to the failure chain;
E5) the center judges whether the center has right to delete, if so, the step E6 is executed); otherwise, performing step E7);
E6) after the failure chain on the data is successful, notifying the deleted user, wherein the deleted user can not request the data uplink any more;
E7) and (6) ending.
In the block chain implementation method of the present invention, the user itself, the creator of the user, or the superior creator of the creator can delete the user.
The implementation of the block chain implementation method has the following beneficial effects: the client uploads the file to be stored to the IPFS system, and the HASH value FH of the file is obtained; the client side calculates the HASH value FH of the file, and signs the HASH value FH of the file, the current TIME TIME and the user HASH value UH to obtain a file signature US; the client sends the HASH value FH, the file signature US, the current TIME TIME, the user HASH value UH and the block chain ID information of the file to the center to request for establishing the block nodes; when the block chain is successfully added, the client downloads the newly added block nodes; the data are stored in a distributed mode, so that the data are safer; the chain is uniformly wound at the center, so that the branching situation can not occur, and the block chain growth speed can be controlled; the data needing to be linked up is separately stored in one file of the IPFS, and the block node file only stores the HASH value and the signature of the file of the IPFS, so that the speed of concurrent linking is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart illustrating a data uplink procedure of a ue in an embodiment of a block chain implementation method according to the present invention;
FIG. 2 is a flow chart of the center-to-center data uplink procedure in the embodiment;
FIG. 3 is a flow chart of a key change procedure in the above embodiment;
FIG. 4 is a flow chart of adding a user flow in the embodiment;
fig. 5 is a flowchart of the user deletion process in the embodiment.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In an embodiment of the method for implementing a block chain according to the present invention, the method for implementing a block chain includes a ue data uplink procedure, and a flowchart of the ue data uplink procedure is shown in fig. 1. In fig. 1, the ue uplink data flow includes the following steps:
step S11, the client uploads the file to be stored to the IPFS system, and obtains the HASH value FH of the file: in this step, the client first uploads the file to be stored to the IPFS system, and obtains the HASH value FH of the file.
Step S12, the client calculates the HASH value FH of the file, and signs the HASH value FH, the current TIME, and the user HASH value UH of the file to obtain a file signature US: in this step, the client calculates the HASH value FH of the file, and signs the HASH value FH of the file, the current TIME, and the user HASH value UH to obtain a file signature US.
Step S13, the client sends the HASH value FH, the file signature US, the current TIME, the user HASH value UH, and the tile chain ID information of the file to the center, requesting to establish a tile node: in this step, the client sends the HASH value FH, the file signature US, the current TIME, the user HASH value UH, the block chain ID, and other information of the file to the center to request for building the block node.
Step S14 the client listens whether adding the block chain is successful: in this step, the client monitors whether the adding of the block chain is successful, and if the monitoring result is yes, step S15 is executed; otherwise, step S16 is executed.
Step S15 the client downloads the new chunk node: if the judgment result of the above step S14 is yes, the present step is executed. In this step, the block chain is successfully added, and the client downloads the newly added block nodes. After the present step is executed, step S17 is executed.
Step S16 the client performs exception handling: if the judgment result of the above step S14 is no, the present step is executed. In this step, the block addition is abnormal, the client performs exception handling, the step is executed, and the process returns to step S13. After the present step is executed, step S17 is executed.
Step S17 ends: in this step, the process ends.
The invention adopts distributed storage, so that the data is safer; the chain is uniformly wound at the center, so that the branching situation can not occur, and the block chain growth speed can be controlled; the data needing to be linked up is separately stored in a file of the IPFS, and the block node file only stores the HASH value and the signature of the file of the IPFS, so that the speed of concurrent linking up is improved.
In this embodiment, the method for implementing the block chain further includes a data uplink procedure performed by the center, where the data uplink procedure performed by the center includes the following steps:
step S201 the center receives a request for adding a block node: in this step, the center receives a request to add a block node.
Step S202, the center synchronizes the files needing the upper block chain from the IPFS system to the local: in this step, the center synchronizes the file requiring the upper block chain from the IPFS system to the local.
Step S203, the center searches for user information, and verifies the file signature US by using the user information: in this step, the center searches for user information, and verifies the file signature US using the user information.
Step S204 determines whether the file signature US is legitimate: in this step, it is determined whether the file signature US is legal, and if the determination result is yes, step S206 is executed; otherwise, step S205 is executed.
Step S205 returns error information to the user, informing the user to perform exception handling: if the judgment result of the step S204 is no, that is, the signature US is illegal, the present step is executed. In this step, an error message is returned to the user, and the user is informed of exception handling. After the present step is executed, step S210 is executed.
Step S206, the center combines the file signature US and the previous block HASH value PH, and calculates the signature by using the own private key to obtain a private key signature BS: in this step, the center combines the file signature US and the HASH value PH of the previous block, and calculates the signature using its own private key to obtain the private key signature BS. After this step is executed, step S207 is executed.
Step S207, the center writes the tile node file to the IPFS system, and obtains the HASH value of the tile node: in this step, the center writes the block node file to the IPFS system to obtain the HASH value of the block node.
Step S208 the center returns the HASH value of the block node that was successfully added to the user: in this step, the center returns the HASH value of the block node successfully added to the user.
Step S209, the center broadcasts a change message of the block chain, and the subscriber updates the block chain from the IPFS system according to the received message: in this step, the center broadcasts a change message of the block chain, and the subscriber updates the block chain from the IPFS system according to the received message. After the present step is executed, step S210 is executed.
And step S210 is finished: in this step, the process ends.
In this embodiment, the method for implementing the block chain further includes a key changing process, and a flowchart of the key changing process is shown in fig. 3. In fig. 3, the key change process includes the following steps:
step S31 is to generate a new pair of keys: in this step, in order to resist hacking, the participant generates a pair of new keys at regular time.
Step S32 writes the new and old public keys into the IPFS system to obtain the corresponding HASH value: in this step, the participant writes the new and old public keys into the IPFS system to obtain the corresponding HASH value.
Step S33 signs the file in the IPFS system using the old private key: in this step, the participant signs the file in the IPFS system using the old private key.
Step S34 is to send a chaining request to the center, and the center chains the signed file to the public key chain: in this step, the participant sends a chaining request to the center, and the center chains the signed file in the IPFS system to the public key chain.
Step S35 records a new private key, and subsequent signatures are performed using the new private key: in this step, the participant records the new private key, and the subsequent signature is performed using the new private key.
In this embodiment, the method for implementing the blockchain further includes adding a user flow, and a flowchart of the adding the user flow is shown in fig. 4. In fig. 4, the add user flow includes the following steps:
step S41 is to acquire the information of the added user before adding the user, where the information of the added user includes the public key of the added person: in this step, before adding the user, the information of the added user is acquired first, and the information of the added user includes the public key of the added person.
Step S42 saves the information of the added user to the IPFS system, and obtains the HASH value of the new file: in this step, the information of the added user is saved in the IPFS system, and the HASH value of the new file is obtained, where the information of the added user includes the HASH of the user.
Step S43 signs the new file using the private key of the added user: in this step, the new file is signed using the private key of the added user.
Step S44 requests uplink of data to the user chain: in this step, a request is made to uplink data to the user chain.
After the user link is successfully established in step S45, the added user is notified that the added user has established its own data: in this step, after the user link on the data is successful, the added user is notified, and at this time, the added user can link up the own data.
In this embodiment, the method for implementing the blockchain further includes deleting the user flow, and a flowchart of deleting the user flow is shown in fig. 5. In fig. 5, the delete user flow includes the following steps:
step S51 acquires the information of the deleted user before deleting the user: in this step, before deleting the user, the information of the deleted user is first acquired.
Step S52 stores the information of the deleted user in the IPFS system, and obtains the HASH value of the new file: in this step, the information of the deleted user is saved in the IPFS system, and the HASH value of the new file is obtained, where the information of the deleted user includes the HASH of the user.
Step S53 signs the new file with its own private key: in this step, the new file is signed using the deleted user's own private key.
Step S54 requests to link data to the failure chain: in this step, a request is made to uplink data to the failure chain.
The center of step S55 determines whether the right to delete: in this step, the center judges whether or not there is right to delete, and if the judgment result is yes, step S56 is executed; otherwise, step S57 is executed. It should be noted that, in this embodiment, only the user itself or the creator of the user or the upper-level creator of the creator (may skip multiple levels) may delete the user.
After the data link failure is successful in step S56, the deleted user is notified that the deleted user can no longer request the data link: if the judgment result of the above step S55 is yes, the present step is executed. In this step, after the data link failure succeeds, the deleted user is notified, and at this time, the deleted user cannot request the data link. After the present step is executed, step S57 is executed.
Step S57 ends: in this step, the process ends.
The invention adds a message pushing system, so that the subscriber can update the block information more timely; user chains and failure chains are added, so that users can be effectively managed; a public key chain is added, so that the secret key can be changed regularly, and brute force cracking can be effectively resisted; only the HTTP/MQTT service and the IPFS system need to be built, the realization is extremely simple, the block chain inside enterprises/industries is convenient to build, and the block chain popularization is facilitated.
The traditional block chain technology pursues extremely 'decentralized', so that the application is very difficult; the present invention employs a more mediocre approach, which may make more efficient use of blockchain techniques for some applications by combining "centralization" and "decentralization".
The invention still uses IPFS to realize the distributed storage of data; uniformly chaining data from a center, so that block chain branching can be prevented, and the block chain growth speed can be controlled; the user data is stored in an IPFS file separately, and only the HASH value and the signature of the file are stored on the block node, namely, the HASH value of the user file is only hung on the block node and not the whole content; a message push MQTT platform is added to broadcast the change messages of the block chains, so that the real-time performance of the system is improved; user chains and failure chains are added for recording which users are added and which users are reduced, so that user manageability is realized; a public key chain is added for recording the change condition of the public key, so that the participants (users and centers) can frequently change own secret keys, and brute force cracking can be effectively resisted.
a. Block chain description
The invention adds a user chain, a failure chain and a public key chain besides a data chain for recording transaction. The user chain is used to record which users are present in the whole system and the information of the users. The failure chain records which users have failed. Failed users cannot add data to the chain (data can be written to the IPFS system, but cannot be uplinked and cannot be acknowledged; data before the time of the failure of the uplink is still considered valid). And the public key chain records the public and private key change condition of the user. If any participant fails to verify a data signature of a user, the altered public key can be used for verification.
a1, for the user chain description, the user data stored by the user chain at least comprises the following contents:
a11, user ID
a12, creating human HASH
a13, user name
a14, user public key
Wherein a11 refers to the ID of the user, such as ID number or other certificate number; a12 information used to locate creators in IPFS; a13 is used to record the user name; a14 is used to record the user's initial public key for verifying the data issued by the user. If the user's public key cannot be found on the public key chain, then the data should be signed using this public key.
a2, for the failure chain description, the storage of the failed user by using the failure chain at least comprises the following contents:
a21, user HASH
a22, performer HASH
a23, failure start time
a24, failure reason
Where a21 is used to locate this user's data in the IPFS; a22 is used to locate the information of the person who disabled the user in the IPFS, the executor may be the user itself, the creator or the ancestor of the creator (creator of creator); a23 is used to record the failure start time (including the time point); a24 is used to record the cause of failure.
a3, for the explanation of public key chain, storing the user public key change record by using the public key chain at least comprises the following contents:
a31, user HASH
a32, original public key of user
a33, user's current public key
a34, time of public key change
Where a31 is used to locate this user's data in the IPFS; a32 denotes the original public key; a33 denotes the changed public key; a34 represents the public key change time.
b. Block node specification
The block chain is composed of block nodes, each block node is a file and is used for storing information of the node and front and rear nodes on the chain, storing positioning information of a user data file associated with the node, storing a time stamp generated by user data, storing positioning information of a user and storing a signature of the node. In summary, if the node is found, the user data hanging on the node can be found.
One block node contains the following:
b1, last block node HASH value PH
b2, filename NH of Next Block node
b3 HASH value FH of the file hanging on the current node
b4 TIME stamp of user data
b5, user HASH value UH
b6, node signature BS
Where b1 is used to locate the previous tile in IPFS, null is indicated as the first tile in the chain, denoted PH; b2 points to the filename of the next node, used to locate the next node, denoted NH; b3 is used to locate the user file hanging on this node in IPFS, denoted by FH; b4 is the TIME when the user stores data TIME; b5 data for locating user in IPFS; b6 is the signature of the node data, denoted BS, to prevent the stored data from being tampered with.
The next node name calculation method:
NH=BS
by using the signature BS of the node as the file name of the next node, the storage space of each node can be reduced, and the calculation amount is reduced.
The node signature BS calculation method comprises the following steps:
US=RSA_ENC(PRIVATE_KEY2,FH+TIME+UH),
BS=RSA_ENC(PRIVATE_KEY1,US+PH),
wherein US represents signature data generated by a user, BS represents signature data generated by a center, RSA _ ENC represents an encryption algorithm of RSA, PRIVATE KEY1 represents a PRIVATE KEY of the center, PRIVATE KEY2 represents a PRIVATE KEY of the user, FH represents a HASH value of the storage content, and TIME represents a storage timestamp.
The calculation method of the BS is described as that the user key is used to encrypt data such as HASH and timestamp of the stored content to obtain US, and then the key of the center is used to encrypt the US and HASH value of the previous node to obtain the BS.
The signature BS checking method comprises the following steps:
US=RSA_DEC(PUBLIC_KEY1,BS)-PH,
FH+TIME+UH=RSA_DEC(PUBLIC_KEY2,US),
wherein US denotes signature data generated by a user, BS denotes signature data generated by a center, RSA _ DEC denotes a decryption algorithm of RSA, PUBLIC _ KEY1 denotes a PUBLIC KEY of the center, PUBLIC _ KEY2 denotes a PUBLIC KEY of the user, FH denotes a HASH value of the storage content, and TIME denotes a storage TIME stamp. If the calculated parameters like FH are correct, then the signature is valid.
c. Description of the Upper chain
In the invention, the user can store own information on the IPFS system in a file form, but if the HASH value of the user file is stored on the block chain, the block chain is requested to be realized by the center, namely, the center uniformly links the chain, so as to avoid the possibility of block chain bifurcation, and simultaneously, the growth speed of the block chain can be effectively controlled. For example: if a user frequently requests uplink data in a short time, an error message is returned to the user, and the user is required to wait for a period of time before performing uplink request.
The data uplink is realized by sending uplink request to the center, and the uplink request data includes the following contents:
c 1: user HASH
c 2: block chain ID
c 3: block chain end node HASH
c 4: HASH of file hung on current node
c 5: TIME stamping of user data
c 6: user file content signature US
Where c1 is used to locate this user's data in the IPFS; c2 is used to designate the uplink block chain; c3 is the end node of the user's local current blockchain; c4 is used to locate the content of the data to be hung in the IPFS, denoted by FH; c5 is the time when the user generated the data; c6 is the signature of the user's file content, denoted US, used to verify the legitimacy of the data to the center.
After the center receives the request data, the validity of FH and signature US is checked, if the FH and signature US are legal, the block nodes are established to the specified chain, and then the addition confirmation is returned. If the center considers that the parameters are wrong, returning to reject; after the requester receives the rejection, the requester should correct the error and re-initiate the request.
In practical applications, in case of low requirements, the following alternatives can also be adopted: 1) the uplink data is not stored separately but directly stored on the block node file; 2) the invention uses different methods of calculating signatures; 3) realizing the central unified uplink function by using a non-HTTP/MQTT technology; 4) distributed storage is implemented using a non-IPFS file system.
In summary, in the embodiment, chaining is unified by the center, so that the block chain branching problem is technically avoided; the real-time broadcasting of block chain change information is carried out by adopting technologies such as MQTT and the like, so that the real-time performance of the system is provided; a special signature calculation method is adopted; managing the user by using the user chain and the failure chain; the key pair change is realized by using a public key chain. According to the method, the block chain in an enterprise or an industry can be easily built, and the risk caused by the fact that sensitive data are published to an external network is reduced, so that the block chain is convenient to popularize.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.

Claims (6)

1. A method for implementing a block chain includes a client-side data uplink procedure, where the client-side data uplink procedure includes the following steps:
A1) uploading a file to be stored to an IPFS system by a client, and acquiring a HASH value FH of the file;
A2) the client calculates the HASH value FH of the file, and signs the HASH value FH of the file, the current TIME TIME and the user HASH value UH to obtain a file signature US;
A3) the client sends the HASH value FH of the file, the file signature US, the current TIME, the user HASH value UH and the block chain ID information to a center to request the establishment of a block node;
A4) the client side listens whether the block chain is successfully added, if so, the step A5 is executed); otherwise, performing step a 6);
A5) the client downloads the newly added block node, and executes step a 7);
A6) the client side performs exception handling and returns to the step A3);
A7) and (6) ending.
2. The method of claim 1, further comprising a center-to-data uplink procedure, wherein the center-to-data uplink procedure comprises the steps of:
B1) the center receives a request for adding a block node;
B2) the center synchronizes a file needing an upper block chain to the local from the IPFS system;
B3) the center searches user information and uses the user information to check the file signature US;
B4) judging whether the file signature US is legal, if so, executing the step B6); otherwise, performing step B5);
B5) returning error information to the user, informing the user to perform exception handling, and executing the step B10);
B6) the center combines the file signature US and the previous block HASH value PH, calculates a signature by using a private key of the center to obtain a private key signature BS, and executes the step B7);
B7) the center writes the block node file into the IPFS system to obtain the HASH value of the block node;
B8) the center returns the HASH value of the block node which is successfully added to the user;
B9) the central broadcast block chain change message, and the subscriber updates the block chain from the IPFS system according to the received message;
B10) and (6) ending.
3. The method according to claim 1, further comprising a key modification procedure, wherein the key modification procedure includes the following steps:
C1) generating a pair of new secret keys in a timed mode;
C2) writing the new and old public keys into the IPFS system to obtain corresponding HASH values;
C3) signing files in the IPFS system using an old private key;
C4) sending a chaining request to the center, wherein the center can uplink the signed file to a public key chain;
C5) a new private key is recorded and subsequent signatures are performed using the new private key.
4. The method for implementing blockchain according to claim 1, further comprising adding a user flow, wherein the adding a user flow includes the following steps:
D1) before adding a user, firstly acquiring information of the added user, wherein the information of the added user comprises a public key of an added person;
D2) saving the information of the added user to the IPFS system to obtain a HASH value of a new file; the information of the added user comprises HASH of the user;
D3) signing the new file by using a private key of the added user;
D4) requesting to uplink data to a user chain;
D5) and after the user chain on the data is successful, informing the added user, and the added user links own data.
5. The method for implementing blockchain according to claim 1, further comprising deleting a user flow, wherein the deleting a user flow includes the following steps:
E1) acquiring the information of the deleted user before deleting the user;
E2) saving the information of the deleted user to the IPFS system to obtain a HASH value of a new file; the deleted user information comprises the HASH of the user;
E3) signing the new file by using a private key of the user;
E4) requesting to uplink data to the failure chain;
E5) the center judges whether the center has right to delete, if so, the step E6 is executed); otherwise, performing step E7);
E6) after the failure chain on the data is successful, notifying the deleted user, wherein the deleted user can not request the data uplink any more;
E7) and (6) ending.
6. The method for implementing blockchain according to claim 5, wherein the user itself or the creator of the user or an upper creator of the creator can delete the user.
CN201911384949.5A 2019-12-28 2019-12-28 Method for realizing block chain Active CN111190862B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911384949.5A CN111190862B (en) 2019-12-28 2019-12-28 Method for realizing block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911384949.5A CN111190862B (en) 2019-12-28 2019-12-28 Method for realizing block chain

Publications (2)

Publication Number Publication Date
CN111190862A true CN111190862A (en) 2020-05-22
CN111190862B CN111190862B (en) 2023-06-30

Family

ID=70707720

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911384949.5A Active CN111190862B (en) 2019-12-28 2019-12-28 Method for realizing block chain

Country Status (1)

Country Link
CN (1) CN111190862B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112543184A (en) * 2020-11-19 2021-03-23 杭州甘道智能科技有限公司 Block chain-based equipment authentication activation method
CN114786170A (en) * 2022-05-09 2022-07-22 中国联合网络通信集团有限公司 Method, terminal, USIM and system for switching uplink data security processing entity

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108376106A (en) * 2018-02-01 2018-08-07 中国工商银行股份有限公司 A kind of block chain message feedback method and system
CN108681565A (en) * 2018-04-28 2018-10-19 百度在线网络技术(北京)有限公司 block chain data parallel processing method, device, equipment and storage medium
CN109218348A (en) * 2017-06-29 2019-01-15 华为技术有限公司 The determination method and node device of block in a kind of block chain
WO2019080235A1 (en) * 2017-10-26 2019-05-02 平安科技(深圳)有限公司 Ethereum-based blockchain system and transaction data processing method
WO2019232789A1 (en) * 2018-06-08 2019-12-12 北京大学深圳研究生院 Voting-based consensus method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109218348A (en) * 2017-06-29 2019-01-15 华为技术有限公司 The determination method and node device of block in a kind of block chain
WO2019080235A1 (en) * 2017-10-26 2019-05-02 平安科技(深圳)有限公司 Ethereum-based blockchain system and transaction data processing method
CN108376106A (en) * 2018-02-01 2018-08-07 中国工商银行股份有限公司 A kind of block chain message feedback method and system
CN108681565A (en) * 2018-04-28 2018-10-19 百度在线网络技术(北京)有限公司 block chain data parallel processing method, device, equipment and storage medium
WO2019232789A1 (en) * 2018-06-08 2019-12-12 北京大学深圳研究生院 Voting-based consensus method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
郭学沛;杨宇光;: "区块链技术及应用", 信息安全研究 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112543184A (en) * 2020-11-19 2021-03-23 杭州甘道智能科技有限公司 Block chain-based equipment authentication activation method
CN114786170A (en) * 2022-05-09 2022-07-22 中国联合网络通信集团有限公司 Method, terminal, USIM and system for switching uplink data security processing entity
CN114786170B (en) * 2022-05-09 2023-06-23 中国联合网络通信集团有限公司 Uplink data security processing entity switching method, terminal, USIM and system

Also Published As

Publication number Publication date
CN111190862B (en) 2023-06-30

Similar Documents

Publication Publication Date Title
US10630463B2 (en) Meta block chain
US10790976B1 (en) System and method of blockchain wallet recovery
US10389518B2 (en) Blockchain hash value recomputation
Wang et al. Enabling public verifiability and data dynamics for storage security in cloud computing
US20190377889A1 (en) Verifiable version control on authenticated and/or encrypted electronic documents
KR101134059B1 (en) Authentication method, system, server, and client
JP4993733B2 (en) Cryptographic client device, cryptographic package distribution system, cryptographic container distribution system, and cryptographic management server device
CN110912706A (en) Identity-based dynamic data integrity auditing method
CN108696356B (en) Block chain-based digital certificate deleting method, device and system
CN111027036B (en) Identity association method based on block chain
US20050120203A1 (en) Methods, systems and computer program products for automatic rekeying in an authentication environment
CN110958110A (en) Block chain private data management method and system based on zero knowledge proof
TWI726581B (en) Method and device for creating block chain account and verifying block chain transaction
CN110930153B (en) Block chain privacy data management method and system based on hidden third party account
CN114465817B (en) Digital certificate system and method based on TEE predictor clusters and blockchain
CN109635593B (en) Data integrity storage protection method based on electric power payment terminal in electric power system
CN109508562B (en) TEE-based trusted remote verification method
CN111190862A (en) Method for realizing block chain
CN113127562A (en) Low-redundancy block chain data storage and retrieval method and system
KR20180046593A (en) Internet of things device firmware update system for firmware signature verification and security key management
CN115604038A (en) Cloud storage data auditing system and method based on block chain and edge computing
CN111177265A (en) Block chain domain division method
CN114297678A (en) Operation method, device, equipment and storage medium of union chain system
CN115943609A (en) Block propagation for poisoned transactions in block chain networks
JPWO2020065633A5 (en)

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant