CN112087308A - Data integrity protection platform based on smart city - Google Patents

Data integrity protection platform based on smart city Download PDF

Info

Publication number
CN112087308A
CN112087308A CN202010951072.XA CN202010951072A CN112087308A CN 112087308 A CN112087308 A CN 112087308A CN 202010951072 A CN202010951072 A CN 202010951072A CN 112087308 A CN112087308 A CN 112087308A
Authority
CN
China
Prior art keywords
data
encryption module
smart city
key
data integrity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010951072.XA
Other languages
Chinese (zh)
Inventor
刘明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202010951072.XA priority Critical patent/CN112087308A/en
Publication of CN112087308A publication Critical patent/CN112087308A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of smart city data integrity protection, and discloses a smart city-based data integrity protection platform, which comprises a key service system, a data encryption module and a data integrity verification module; the data encryption module encrypts the acquired data by adopting a secure hash algorithm to generate a digital abstract; the data encryption module encrypts a key to the key service system, and the data encryption module re-encrypts the digital abstract by using a private key to obtain a signature of the data; the data encryption module transmits the data and the signature to a big data center of the smart city at the same time; the data integrity verification module compares the decrypted digital digest with the digital digest generated by re-encrypting the received data, and if the decrypted digital digest and the received data are consistent, the data are not damaged or tampered and are complete. The method solves the problem that data are incomplete in the smart city construction and information acquisition process due to the lack of a data integrity protection mechanism.

Description

Data integrity protection platform based on smart city
Technical Field
The invention relates to the technical field of data integrity protection of smart cities, in particular to a data integrity protection platform based on a smart city.
Background
Technologies such as internet of things, cloud computing and big data are used for building a smart city in the digital economic era, so that the problem of data integrity is also inevitably brought while the object is intelligent and the user experience is facilitated, for example, in the process of building the smart city and acquiring information, collected data are lost or incomplete due to errors of hardware equipment (such as a sensor); information loss may also occur during the process of information sharing that is required due to isolation of information between industries or departments. And key data also lack special verification links, and the data cannot be quickly found after being tampered, or the data cannot be quickly restored and the service cannot be recovered even if the data is found, so that the working rate of people in production and life is greatly reduced.
Disclosure of Invention
Technical problem to be solved
Aiming at the defects of the prior art, the invention provides a data integrity protection platform based on a smart city, which aims to solve the technical problem of incomplete data due to lack of a data integrity protection mechanism in the smart city construction and information acquisition process.
(II) technical scheme
In order to achieve the purpose, the invention provides the following technical scheme:
a data integrity protection platform based on a smart city comprises a key service system, a data encryption module and a data integrity verification module, wherein the data integrity verification module is deployed in a big data center of the smart city;
the data encryption module encrypts the acquired data by adopting a secure hash algorithm to generate a digital abstract;
the data encryption module encrypts a key SK to the key service system, and the data encryption module re-encrypts the digital abstract by using the private key SK to obtain a signature of the data;
the data encryption module transmits the data and the signature to a big data center of the smart city at the same time;
the data integrity verification module applies for a public key PK of the data encryption module from the key service system, decrypts the signature by using the public key PK to obtain a digital digest, and simultaneously, the data integrity verification module encodes and encrypts the received data by adopting a secure hash algorithm to generate a second digital digest;
the data integrity verification module compares the decrypted digital digest with the digital digest generated by re-encrypting the received data, if the decrypted digital digest and the received data are consistent, the data are not damaged or tampered in the transmission process, the data are complete, otherwise, the data are incomplete.
Further, the key service system is deployed in a smart city network system.
Further, the data encryption module is deployed on the terminal acquisition equipment of the internet of things.
Further, the data encryption module on the terminal acquisition device of the internet of things selects a module n = pq, p and q are prime numbers, p ≡ q ≡ 3mod4, and a hash function H: {0,1}*→Zn *
The public key of a data encryption module on the terminal acquisition equipment of the Internet of things is n, and the private key is p, q;
the data encryption module collects the data M belonging to the Z and transmitted by the terminal collection equipment of the Internet of thingsnCalculating the ciphertext C of the data M using the private key p, q, such that s2= h (M) modn, the signature to generate data M is (M, s);
data integrity verification module verification s of smart city big data center2=H(m)modn。
(III) advantageous technical effects
Compared with the prior art, the invention has the following beneficial technical effects:
the invention establishes the anti-counterfeiting mark through the digital signature of the data encryption module, so that the data can not be changed, the data integrity is maintained, and a polynomial time algorithm does not exist, so that the digital signature after the message change can be generated effectively according to an effective message digital signature, and therefore, the digital signature technology of the data encryption module ensures the integrity and the effectiveness after the information transmission.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
A data integrity protection platform based on a smart city, comprising: the system comprises a key service system deployed in a smart city network system, a data encryption module deployed on terminal acquisition equipment of the Internet of things, and a data integrity verification module deployed in a smart city big data center;
the data encryption module encrypts the data M collected by the terminal collection equipment of the Internet of things and transmitted by adopting a Secure Hash Algorithm (SHA) to generate a 128-bit digital abstract AM;
the data encryption module applies for an encryption key SK of the terminal acquisition equipment of the Internet of things from the key service system, and then encrypts the digital abstract AM by using the private key SK of the terminal acquisition equipment of the Internet of things to obtain a digital signature sigma of the data M;
the data encryption module transmits the data M and the digital signature sigma to a big data center of the smart city at the same time;
the data integrity verification module of the smart city big data center applies for a public key PK of the Internet of things terminal acquisition equipment to the key service system, decrypts the digital signature sigma by using the public key PK of the Internet of things terminal acquisition equipment to obtain a digital abstract AM ', and simultaneously encrypts the received data M ' by adopting SHA codes to generate another 128-bit digital abstract AM ';
the data integrity verification module compares the decrypted digital abstract AM 'with the digital abstract AM' 'generated by re-encrypting the received data M', if the decrypted digital abstract AM 'and the received data M' are consistent, the data M is complete, otherwise the data M is incomplete;
the first embodiment is as follows:
the data encryption module on the terminal acquisition equipment of the Internet of things selects a module n = pq, p and q are prime numbers, p ≡ q ≡ 3mod4, and a hash function H: {0,1}*→Zn *
The public key of a data encryption module on the terminal acquisition equipment of the Internet of things is n, and the private key is p, q;
the data encryption module collects the data M belonging to the Z and transmitted by the terminal collection equipment of the Internet of thingsnCalculating the ciphertext C of the data M using the private key p, q, such that s2= h (M) modn, the signature to generate data M is (M, s);
data integrity verification module verification s of smart city big data center2=H(m)modn;
Wherein, the digital signature of the data encryption module can establish an anti-counterfeiting mark, so that the data can not be changed, the integrity of the data can be kept, in many practical application scenarios of smart cities, a mechanism of data integrity protection is needed between the internet of things terminal acquisition device and the transceiver of the smart city big data center to ensure that the transmitted data is still complete and effective, although the encryption technology can provide confidentiality requirement for the message content, but it is not certain whether a message has been tampered with during transmission, and when a message is digitally signed by the sender, any alteration of the message will result in the original digital signature being invalid, and furthermore, there is no polynomial time algorithm that can be validated against a valid digital signature of the message to produce an altered digital signature of the message, therefore, the digital signature technology of the data encryption module ensures the integrity and the effectiveness of the information after transmission.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (4)

1. A data integrity protection platform based on a smart city is characterized by comprising a key service system, a data encryption module and a data integrity verification module, wherein the data integrity verification module is deployed in a big data center of the smart city;
the data encryption module encrypts the acquired data by adopting a secure hash algorithm to generate a digital abstract;
the data encryption module encrypts a key SK to the key service system, and the data encryption module re-encrypts the digital abstract by using the private key SK to obtain a signature of the data;
the data encryption module transmits the data and the signature to a big data center of the smart city at the same time;
the data integrity verification module applies for a public key PK of the data encryption module from the key service system, decrypts the signature by using the public key PK to obtain a digital digest, and simultaneously, the data integrity verification module encodes and encrypts the received data by adopting a secure hash algorithm to generate a second digital digest;
the data integrity verification module compares the decrypted digital digest with the digital digest generated by re-encrypting the received data, if the decrypted digital digest and the received data are consistent, the data are not damaged or tampered in the transmission process, the data are complete, otherwise, the data are incomplete.
2. The smart city-based data integrity protection platform according to claim 1, wherein the key service system is deployed within a smart city network system.
3. The smart city-based data integrity protection platform according to claim 2, wherein the data encryption module is deployed on an internet of things terminal acquisition device.
4. The smart city-based data integrity protection platform as claimed in claim 3, wherein the data encryption module on the terminal collection device of the internet of things selects a modulus n = pq, p, q are prime numbers, p ≡ q ≡ 3mod4, a hash function H: {0,1}*→Zn *
The public key of a data encryption module on the terminal acquisition equipment of the Internet of things is n, and the private key is p, q;
the data encryption module collects the data M belonging to the Z and transmitted by the terminal collection equipment of the Internet of thingsnCalculating the ciphertext C of the data M using the private key p, q, such that s2= h (M) modn, the signature to generate data M is (M, s);
data integrity verification module verification s of smart city big data center2=H(m)modn。
CN202010951072.XA 2020-09-11 2020-09-11 Data integrity protection platform based on smart city Pending CN112087308A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010951072.XA CN112087308A (en) 2020-09-11 2020-09-11 Data integrity protection platform based on smart city

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010951072.XA CN112087308A (en) 2020-09-11 2020-09-11 Data integrity protection platform based on smart city

Publications (1)

Publication Number Publication Date
CN112087308A true CN112087308A (en) 2020-12-15

Family

ID=73736639

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010951072.XA Pending CN112087308A (en) 2020-09-11 2020-09-11 Data integrity protection platform based on smart city

Country Status (1)

Country Link
CN (1) CN112087308A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116980237A (en) * 2023-09-25 2023-10-31 北京智城联合科技发展有限公司 Urban safety informatization data acquisition method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116980237A (en) * 2023-09-25 2023-10-31 北京智城联合科技发展有限公司 Urban safety informatization data acquisition method
CN116980237B (en) * 2023-09-25 2024-01-02 北京智城联合科技发展有限公司 Urban safety informatization data acquisition method

Similar Documents

Publication Publication Date Title
CN110300112B (en) Block chain key hierarchical management method
CN106789090B (en) Public key infrastructure system based on block chain and semi-random combined certificate signature method
CN107948143B (en) Identity-based privacy protection integrity detection method and system in cloud storage
CN109743171B (en) Key series method for solving multi-party digital signature, timestamp and encryption
CN111555872B (en) Communication data processing method, device, computer system and storage medium
CN102497581B (en) Digital-certificate-based video monitoring data transmission method and system
CN110048849B (en) Multi-layer protection session key negotiation method
US20060282675A1 (en) Message authentication system, message transmission apparatus and message reception apparatus
JPH1041932A (en) Ciphering key recovery method and equipment
CN110336673B (en) Block chain design method based on privacy protection
WO2016098303A1 (en) Signature verification device, signature generation device, signature processing system, signature verification method, and signature generation method
CN103684794A (en) Communication data encryption and decryption method based on DES (Data Encryption Standard), RSA and SHA-1 (Secure Hash Algorithm) encryption algorithms
EP3750277A1 (en) Cryptographic methods and systems using blinded activation codes for digital certificate revocation
CN110611670A (en) API request encryption method and device
CN104009842A (en) Communication data encryption and decryption method based on DES encryption algorithm, RSA encryption algorithm and fragile digital watermarking
WO2019140112A1 (en) Cryptographic methods and systems using activation codes for digital certificate revocation
CN1620005A (en) Method of safety transmitting key
CN112906056A (en) Cloud storage key security management method based on block chain
CN104392185A (en) Method for verifying data integrity during log forensics in cloud environments
CN112671710A (en) Security encryption device based on national cryptographic algorithm, bidirectional authentication and encryption method
CN112749232A (en) Production data monitoring method and device, block chain node and storage medium
CN112911588A (en) Lightweight narrowband Internet of things secure transmission method and system
CN104881838A (en) A meaningful non-augmented image storage and reconstruction method based on GF (23) (K, N)
CN101647229A (en) Compressed ECDSA signatures
CN111049738A (en) E-mail data security protection method based on hybrid encryption

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 277100 No.1 Ningbo Road, high tech Zone, Zaozhuang City, Shandong Province

Applicant after: Liu Ming

Address before: No. 402, caitun village, xiaohuyingzi Town, Yixian County, Jinzhou City, Liaoning Province, 121000

Applicant before: Liu Ming