CN112087308A - Data integrity protection platform based on smart city - Google Patents
Data integrity protection platform based on smart city Download PDFInfo
- Publication number
- CN112087308A CN112087308A CN202010951072.XA CN202010951072A CN112087308A CN 112087308 A CN112087308 A CN 112087308A CN 202010951072 A CN202010951072 A CN 202010951072A CN 112087308 A CN112087308 A CN 112087308A
- Authority
- CN
- China
- Prior art keywords
- data
- encryption module
- smart city
- key
- data integrity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of smart city data integrity protection, and discloses a smart city-based data integrity protection platform, which comprises a key service system, a data encryption module and a data integrity verification module; the data encryption module encrypts the acquired data by adopting a secure hash algorithm to generate a digital abstract; the data encryption module encrypts a key to the key service system, and the data encryption module re-encrypts the digital abstract by using a private key to obtain a signature of the data; the data encryption module transmits the data and the signature to a big data center of the smart city at the same time; the data integrity verification module compares the decrypted digital digest with the digital digest generated by re-encrypting the received data, and if the decrypted digital digest and the received data are consistent, the data are not damaged or tampered and are complete. The method solves the problem that data are incomplete in the smart city construction and information acquisition process due to the lack of a data integrity protection mechanism.
Description
Technical Field
The invention relates to the technical field of data integrity protection of smart cities, in particular to a data integrity protection platform based on a smart city.
Background
Technologies such as internet of things, cloud computing and big data are used for building a smart city in the digital economic era, so that the problem of data integrity is also inevitably brought while the object is intelligent and the user experience is facilitated, for example, in the process of building the smart city and acquiring information, collected data are lost or incomplete due to errors of hardware equipment (such as a sensor); information loss may also occur during the process of information sharing that is required due to isolation of information between industries or departments. And key data also lack special verification links, and the data cannot be quickly found after being tampered, or the data cannot be quickly restored and the service cannot be recovered even if the data is found, so that the working rate of people in production and life is greatly reduced.
Disclosure of Invention
Technical problem to be solved
Aiming at the defects of the prior art, the invention provides a data integrity protection platform based on a smart city, which aims to solve the technical problem of incomplete data due to lack of a data integrity protection mechanism in the smart city construction and information acquisition process.
(II) technical scheme
In order to achieve the purpose, the invention provides the following technical scheme:
a data integrity protection platform based on a smart city comprises a key service system, a data encryption module and a data integrity verification module, wherein the data integrity verification module is deployed in a big data center of the smart city;
the data encryption module encrypts the acquired data by adopting a secure hash algorithm to generate a digital abstract;
the data encryption module encrypts a key SK to the key service system, and the data encryption module re-encrypts the digital abstract by using the private key SK to obtain a signature of the data;
the data encryption module transmits the data and the signature to a big data center of the smart city at the same time;
the data integrity verification module applies for a public key PK of the data encryption module from the key service system, decrypts the signature by using the public key PK to obtain a digital digest, and simultaneously, the data integrity verification module encodes and encrypts the received data by adopting a secure hash algorithm to generate a second digital digest;
the data integrity verification module compares the decrypted digital digest with the digital digest generated by re-encrypting the received data, if the decrypted digital digest and the received data are consistent, the data are not damaged or tampered in the transmission process, the data are complete, otherwise, the data are incomplete.
Further, the key service system is deployed in a smart city network system.
Further, the data encryption module is deployed on the terminal acquisition equipment of the internet of things.
Further, the data encryption module on the terminal acquisition device of the internet of things selects a module n = pq, p and q are prime numbers, p ≡ q ≡ 3mod4, and a hash function H: {0,1}*→Zn *;
The public key of a data encryption module on the terminal acquisition equipment of the Internet of things is n, and the private key is p, q;
the data encryption module collects the data M belonging to the Z and transmitted by the terminal collection equipment of the Internet of thingsnCalculating the ciphertext C of the data M using the private key p, q, such that s2= h (M) modn, the signature to generate data M is (M, s);
data integrity verification module verification s of smart city big data center2=H(m)modn。
(III) advantageous technical effects
Compared with the prior art, the invention has the following beneficial technical effects:
the invention establishes the anti-counterfeiting mark through the digital signature of the data encryption module, so that the data can not be changed, the data integrity is maintained, and a polynomial time algorithm does not exist, so that the digital signature after the message change can be generated effectively according to an effective message digital signature, and therefore, the digital signature technology of the data encryption module ensures the integrity and the effectiveness after the information transmission.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
A data integrity protection platform based on a smart city, comprising: the system comprises a key service system deployed in a smart city network system, a data encryption module deployed on terminal acquisition equipment of the Internet of things, and a data integrity verification module deployed in a smart city big data center;
the data encryption module encrypts the data M collected by the terminal collection equipment of the Internet of things and transmitted by adopting a Secure Hash Algorithm (SHA) to generate a 128-bit digital abstract AM;
the data encryption module applies for an encryption key SK of the terminal acquisition equipment of the Internet of things from the key service system, and then encrypts the digital abstract AM by using the private key SK of the terminal acquisition equipment of the Internet of things to obtain a digital signature sigma of the data M;
the data encryption module transmits the data M and the digital signature sigma to a big data center of the smart city at the same time;
the data integrity verification module of the smart city big data center applies for a public key PK of the Internet of things terminal acquisition equipment to the key service system, decrypts the digital signature sigma by using the public key PK of the Internet of things terminal acquisition equipment to obtain a digital abstract AM ', and simultaneously encrypts the received data M ' by adopting SHA codes to generate another 128-bit digital abstract AM ';
the data integrity verification module compares the decrypted digital abstract AM 'with the digital abstract AM' 'generated by re-encrypting the received data M', if the decrypted digital abstract AM 'and the received data M' are consistent, the data M is complete, otherwise the data M is incomplete;
the first embodiment is as follows:
the data encryption module on the terminal acquisition equipment of the Internet of things selects a module n = pq, p and q are prime numbers, p ≡ q ≡ 3mod4, and a hash function H: {0,1}*→Zn *;
The public key of a data encryption module on the terminal acquisition equipment of the Internet of things is n, and the private key is p, q;
the data encryption module collects the data M belonging to the Z and transmitted by the terminal collection equipment of the Internet of thingsnCalculating the ciphertext C of the data M using the private key p, q, such that s2= h (M) modn, the signature to generate data M is (M, s);
data integrity verification module verification s of smart city big data center2=H(m)modn;
Wherein, the digital signature of the data encryption module can establish an anti-counterfeiting mark, so that the data can not be changed, the integrity of the data can be kept, in many practical application scenarios of smart cities, a mechanism of data integrity protection is needed between the internet of things terminal acquisition device and the transceiver of the smart city big data center to ensure that the transmitted data is still complete and effective, although the encryption technology can provide confidentiality requirement for the message content, but it is not certain whether a message has been tampered with during transmission, and when a message is digitally signed by the sender, any alteration of the message will result in the original digital signature being invalid, and furthermore, there is no polynomial time algorithm that can be validated against a valid digital signature of the message to produce an altered digital signature of the message, therefore, the digital signature technology of the data encryption module ensures the integrity and the effectiveness of the information after transmission.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (4)
1. A data integrity protection platform based on a smart city is characterized by comprising a key service system, a data encryption module and a data integrity verification module, wherein the data integrity verification module is deployed in a big data center of the smart city;
the data encryption module encrypts the acquired data by adopting a secure hash algorithm to generate a digital abstract;
the data encryption module encrypts a key SK to the key service system, and the data encryption module re-encrypts the digital abstract by using the private key SK to obtain a signature of the data;
the data encryption module transmits the data and the signature to a big data center of the smart city at the same time;
the data integrity verification module applies for a public key PK of the data encryption module from the key service system, decrypts the signature by using the public key PK to obtain a digital digest, and simultaneously, the data integrity verification module encodes and encrypts the received data by adopting a secure hash algorithm to generate a second digital digest;
the data integrity verification module compares the decrypted digital digest with the digital digest generated by re-encrypting the received data, if the decrypted digital digest and the received data are consistent, the data are not damaged or tampered in the transmission process, the data are complete, otherwise, the data are incomplete.
2. The smart city-based data integrity protection platform according to claim 1, wherein the key service system is deployed within a smart city network system.
3. The smart city-based data integrity protection platform according to claim 2, wherein the data encryption module is deployed on an internet of things terminal acquisition device.
4. The smart city-based data integrity protection platform as claimed in claim 3, wherein the data encryption module on the terminal collection device of the internet of things selects a modulus n = pq, p, q are prime numbers, p ≡ q ≡ 3mod4, a hash function H: {0,1}*→Zn *;
The public key of a data encryption module on the terminal acquisition equipment of the Internet of things is n, and the private key is p, q;
the data encryption module collects the data M belonging to the Z and transmitted by the terminal collection equipment of the Internet of thingsnCalculating the ciphertext C of the data M using the private key p, q, such that s2= h (M) modn, the signature to generate data M is (M, s);
data integrity verification module verification s of smart city big data center2=H(m)modn。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010951072.XA CN112087308A (en) | 2020-09-11 | 2020-09-11 | Data integrity protection platform based on smart city |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010951072.XA CN112087308A (en) | 2020-09-11 | 2020-09-11 | Data integrity protection platform based on smart city |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112087308A true CN112087308A (en) | 2020-12-15 |
Family
ID=73736639
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010951072.XA Pending CN112087308A (en) | 2020-09-11 | 2020-09-11 | Data integrity protection platform based on smart city |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112087308A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116980237A (en) * | 2023-09-25 | 2023-10-31 | 北京智城联合科技发展有限公司 | Urban safety informatization data acquisition method |
-
2020
- 2020-09-11 CN CN202010951072.XA patent/CN112087308A/en active Pending
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116980237A (en) * | 2023-09-25 | 2023-10-31 | 北京智城联合科技发展有限公司 | Urban safety informatization data acquisition method |
CN116980237B (en) * | 2023-09-25 | 2024-01-02 | 北京智城联合科技发展有限公司 | Urban safety informatization data acquisition method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110300112B (en) | Block chain key hierarchical management method | |
CN106789090B (en) | Public key infrastructure system based on block chain and semi-random combined certificate signature method | |
CN107948143B (en) | Identity-based privacy protection integrity detection method and system in cloud storage | |
CN109743171B (en) | Key series method for solving multi-party digital signature, timestamp and encryption | |
CN111555872B (en) | Communication data processing method, device, computer system and storage medium | |
CN102497581B (en) | Digital-certificate-based video monitoring data transmission method and system | |
CN110048849B (en) | Multi-layer protection session key negotiation method | |
US20060282675A1 (en) | Message authentication system, message transmission apparatus and message reception apparatus | |
JPH1041932A (en) | Ciphering key recovery method and equipment | |
CN110336673B (en) | Block chain design method based on privacy protection | |
WO2016098303A1 (en) | Signature verification device, signature generation device, signature processing system, signature verification method, and signature generation method | |
CN103684794A (en) | Communication data encryption and decryption method based on DES (Data Encryption Standard), RSA and SHA-1 (Secure Hash Algorithm) encryption algorithms | |
EP3750277A1 (en) | Cryptographic methods and systems using blinded activation codes for digital certificate revocation | |
CN110611670A (en) | API request encryption method and device | |
CN104009842A (en) | Communication data encryption and decryption method based on DES encryption algorithm, RSA encryption algorithm and fragile digital watermarking | |
WO2019140112A1 (en) | Cryptographic methods and systems using activation codes for digital certificate revocation | |
CN1620005A (en) | Method of safety transmitting key | |
CN112906056A (en) | Cloud storage key security management method based on block chain | |
CN104392185A (en) | Method for verifying data integrity during log forensics in cloud environments | |
CN112671710A (en) | Security encryption device based on national cryptographic algorithm, bidirectional authentication and encryption method | |
CN112749232A (en) | Production data monitoring method and device, block chain node and storage medium | |
CN112911588A (en) | Lightweight narrowband Internet of things secure transmission method and system | |
CN104881838A (en) | A meaningful non-augmented image storage and reconstruction method based on GF (23) (K, N) | |
CN101647229A (en) | Compressed ECDSA signatures | |
CN111049738A (en) | E-mail data security protection method based on hybrid encryption |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: 277100 No.1 Ningbo Road, high tech Zone, Zaozhuang City, Shandong Province Applicant after: Liu Ming Address before: No. 402, caitun village, xiaohuyingzi Town, Yixian County, Jinzhou City, Liaoning Province, 121000 Applicant before: Liu Ming |