CN114499894A - File storage and reading method and system in block chain network - Google Patents

File storage and reading method and system in block chain network Download PDF

Info

Publication number
CN114499894A
CN114499894A CN202210337490.9A CN202210337490A CN114499894A CN 114499894 A CN114499894 A CN 114499894A CN 202210337490 A CN202210337490 A CN 202210337490A CN 114499894 A CN114499894 A CN 114499894A
Authority
CN
China
Prior art keywords
file
middleware
data
client
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210337490.9A
Other languages
Chinese (zh)
Other versions
CN114499894B (en
Inventor
王威
吴怀江
石宁
李达
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Municipal Design And Research Institute Co ltd
Nanjing Jinninghui Technology Co ltd
Original Assignee
Nanjing Municipal Design And Research Institute Co ltd
Nanjing Jinninghui Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Municipal Design And Research Institute Co ltd, Nanjing Jinninghui Technology Co ltd filed Critical Nanjing Municipal Design And Research Institute Co ltd
Priority to CN202210337490.9A priority Critical patent/CN114499894B/en
Publication of CN114499894A publication Critical patent/CN114499894A/en
Application granted granted Critical
Publication of CN114499894B publication Critical patent/CN114499894B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/172Caching, prefetching or hoarding of files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/182Distributed file systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Abstract

The application provides a file storage and reading method and a file storage and reading system in a block chain network, a secret sharing method is used for splitting a storage hash value to obtain a plurality of initial tuple data, and a node public key is used for encrypting the initial tuple data to ensure that the node can only decrypt the initial tuple data of the node and cannot obtain the initial tuple data of other nodes. According to the scheme, the client is required to obtain node authorization more than or equal to the threshold number to restore the stored hash value for reading the file when reading the file, so that the control and management of the reading authority of the file are realized, and the data privacy of a user is protected. Furthermore, the effective time is set for each encryption metadata, so that the reading authority of the user to the file is controlled in a finer granularity.

Description

File storage and reading method and system in block chain network
Technical Field
The present application relates to a blockchain network technology, and in particular, to a method and a system for storing and reading files in a blockchain network.
Background
The blockchain is used as a distributed account technology, distributed trust and security are realized, meanwhile, the processing capacity of the blockchain is sacrificed, and compared with a traditional web centralized server, the processing performance of the blockchain is very limited. When storing large files, if the large files are linked directly, it will cause a lot of pressure on the blockchain network and consume a lot of bandwidth. It is therefore common practice to store a file down-link and only up-link the fingerprint of the file, i.e. the hash value of the file.
An InterPlanetary File System (IPFS) is a distributed File System, is a brand new point-to-point hypermedia text transfer protocol, provides a natural decentralized large File storage solution, and perfectly adapts to the decentralized feature of a block chain, so that in actual landing applications, many solutions use the large File storage solution of the block chain + IPFS.
The basic idea of a block chain file storage method implemented based on an IPFS network at present is to split a file into slices, upload the split file to the IPFS network to obtain corresponding hash values, and upload the hash values to the block chain network. The basic idea of the corresponding block chain file reading method based on the IPFS network is that a hash value of a file is obtained first, and then the file is read according to the hash value. Because the data in the blockchain network is shared, all parties in the chain can obtain the hash value of the file, and the file can be read without any consent.
With the importance of our country on the privacy of data, the privacy protection of data becomes more important, and the method does not consider the permission problem of file reading, so that the file can be read by all participants on a blockchain network without distinction, and the data privacy safety of a user cannot be protected.
Disclosure of Invention
In order to solve the problems that the permission of file reading is not considered in the prior block chain file storage method based on an IPFS network, so that a file can be read by all participants on the block chain network without distinction, and the data privacy security of a user cannot be protected, the application discloses a file storage method, a file reading method and a file storage and reading system in the block chain network through the following aspects.
The first aspect of the present application discloses a file storage method in a blockchain network, where the file storage method includes:
the client sends a file storage request to the middleware and transmits a file to be stored to the middleware, wherein the middleware stores node public keys of all nodes in a target block chain network; the file storage request includes a threshold number;
the middleware uploads the file to be stored to an IPFS network and receives a storage hash value which is returned by the IPFS network and corresponds to the file to be stored;
the middleware carries out secret splitting on the storage hash value according to a preset secret sharing method to obtain a first number of initial element group data; wherein the first number is equal to the number of nodes in the target blockchain network, one initial tuple data corresponds to one node in the target blockchain network, and a secret recovery threshold value of a preset secret sharing method is set as a threshold number;
the middleware encrypts each initial tuple data by using a corresponding node public key respectively to obtain an encrypted tuple data set and sends the encrypted tuple data set to the client, wherein the encrypted tuple data set comprises a first number of encrypted tuple data;
the client generates a target transaction according to the encrypted tuple data set and sends the target transaction to a target block chain network;
and the target block chain network returns the transaction hash value of the target transaction to the client.
Optionally, the secret splitting performed by the middleware according to a preset secret sharing method to obtain a first number of initial metadata, including:
generating a first number of different input data;
generating an encryption polynomial; wherein the degree of the encryption polynomial is a second number; the value of a constant item of the encryption polynomial is a storage hash value, and the value of an unknown item coefficient is a random integer between 1 and 9; the second number is equal to the threshold number minus one;
and substituting the input data into the encryption polynomial for calculation to obtain initial metadata.
Optionally, the uploading, by the middleware, the file to be stored to the IPFS network, and receiving the storage hash value corresponding to the file to be stored, which is returned by the IPFS network, includes:
the middleware divides the file to be stored into a plurality of file fragments and uploads the file fragments to the IPFS network;
the IPFS network returns a plurality of fragment hash values to the middleware, wherein one fragment hash value corresponds to one file fragment;
the middleware assembles the plurality of fragment hash values according to a preset structure to obtain preset structure data and uploads the preset structure data to the IPFS network;
the IPFS network returns the stored hash value corresponding to the preset structure data to the middleware.
Optionally, the client sets an effective time for each encrypted tuple data in the encrypted tuple data set.
A second aspect of the present application discloses a file reading method in a blockchain network, where the file reading method is used to read a file stored according to a file storage method in the blockchain network disclosed in the first aspect of the present application, and the file reading method includes:
the client generates query transaction according to the transaction hash value of the target transaction and sends the query transaction to the target block chain network;
the target block chain network returns an encryption tuple data set corresponding to the query transaction to the client;
the client sends the encrypted tuple data set and the encrypted public key to a target block chain network, wherein the encrypted public key is requested to be acquired from the middleware by the client;
the target block chain network returns node authorization data to the client according to the encryption tuple data set and the encryption public key;
when the number of the node authorization data is larger than or equal to the threshold number, the client generates a file reading request according to the node authorization data and sends the file reading request to the middleware, wherein the file reading request comprises the node authorization data and the threshold number;
the middleware carries out secret recovery according to a file reading request and a preset secret sharing method to obtain a storage hash value;
and the middleware acquires the file to be read from the IPFS network according to the storage hash value and sends the file to the client.
Optionally, the returning, by the target block chain network, the node authorization data to the client according to the encrypted tuple data set and the encrypted public key includes:
the node decrypts the encrypted tuple data set by using a node private key to obtain initial tuple data;
and the node encrypts the initial tuple data by using the encryption public key, signs the encrypted data by using the node private key to obtain node authorization data, and returns the node authorization data to the client.
Optionally, the middleware performs secret recovery according to the file reading request by using a preset secret sharing method to obtain a storage hash value, including:
the middleware verifies the signature in the node authorization data in the file reading request, and if the verification is passed, the node authorization data is decrypted by using a decryption private key to obtain initial metadata;
constructing a decryption polynomial, wherein the degree of the decryption polynomial is a second number, and the second number is equal to the threshold number minus one;
and substituting the initial element group data into the decryption polynomial to calculate to obtain a storage hash value, wherein the storage hash value is equal to the value of a constant item in the decryption polynomial.
Optionally, after decrypting the node authorization data by using the decryption private key to obtain the initial tuple data and before constructing the decryption polynomial, the file reading method further includes:
the middleware acquires effective time corresponding to the initial tuple data, and screens out effective initial tuple data according to the effective time; the valid initial tuple data is initial tuple data with valid time larger than the current time;
when the number of the effective initial element group data is larger than or equal to the threshold number, the middleware executes the operation of constructing a decryption polynomial;
and when the number of the effective initial metadata is less than the threshold number, the middleware stops executing subsequent operations, generates prompt information and feeds the prompt information back to the client.
Optionally, the obtaining, by the middleware, the file to be read from the IPFS network according to the stored hash value includes:
the middleware sends the storage hash value to an IPFS network;
the IPFS network returns corresponding preset structure data to the middleware according to the stored hash value;
the middleware obtains a plurality of fragment hash values according to preset structure data and sends the fragment hash values to the IPFS network;
the IPFS network returns the corresponding file fragments to the middleware according to the fragment hash value;
and the middleware assembles the file fragments into a file to be read.
A third aspect of the present application provides a file storage and reading system in a blockchain network, including a client, a middleware, an IPFS network, and a target blockchain network, where the file storage and reading system is configured to execute the following file storage method, where the file storage method includes:
the client sends a file storage request to the middleware and transmits a file to be stored to the middleware, wherein the middleware stores node public keys of all nodes in a target block chain network; the file storage request includes a threshold number;
the middleware uploads a file to be stored to an IPFS network and receives a storage hash value returned by the IPFS network;
the middleware carries out secret splitting on the storage hash value according to a preset secret sharing method to obtain a first number of initial element group data; wherein the first number is equal to the number of nodes in the target blockchain network, one initial tuple data corresponds to one node in the target blockchain network, and a secret recovery threshold value of a preset secret sharing method is set as a threshold number;
encrypting each initial tuple data by using a corresponding node public key respectively to obtain an encrypted tuple data set, and sending the encrypted tuple data set to a client, wherein the encrypted tuple data set comprises a first number of encrypted tuple data;
the client generates a target transaction according to the encrypted tuple data set and sends the target transaction to a target block chain network;
the target block chain network returns the transaction hash value of the target transaction to the client;
the file storage reading system is further configured to execute the following file reading method, the file reading method comprising:
the client generates query transaction according to the transaction hash value of the target transaction and sends the query transaction to the target block chain network;
the target block chain network returns an encrypted tuple data set corresponding to the query transaction to the client;
the client sends the encrypted tuple data set and the encrypted public key to a target block chain network, wherein the encrypted public key is requested to be acquired from the middleware by the client;
the target block chain network returns node authorization data to the client according to the encryption tuple data set and the encryption public key;
when the number of the node authorization data is larger than or equal to the threshold number, the client generates a file reading request according to the node authorization data and sends the file reading request to the middleware, wherein the file reading request comprises the node authorization data and the threshold number;
the middleware carries out secret recovery according to a file reading request and a preset secret sharing method to obtain a storage hash value;
and the middleware acquires the file to be read from the IPFS network according to the storage hash value and sends the file to the client.
The application provides a file storage and reading method and a file storage and reading system in a block chain network, which are characterized in that a storage hash value is split by using a secret sharing method to obtain a plurality of initial tuple data, and a node public key is used for encrypting the initial tuple data to ensure that a node can only decrypt the initial tuple data of the node and cannot obtain the initial tuple data of other nodes. According to the scheme, the client is required to obtain node authorization more than or equal to the threshold number to restore the stored hash value for reading the file when reading the file, so that the control and management of the reading authority of the file are realized, and the data privacy of a user is protected. Furthermore, the effective time is set for each encryption metadata, so that the reading authority of the user to the file is controlled in a finer granularity.
Drawings
In order to more clearly explain the technical solution of the present application, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious to those skilled in the art that other drawings can be obtained according to the drawings without any creative effort.
Fig. 1 is a call timing diagram of a file storage method in a blockchain network according to an embodiment of the present disclosure;
fig. 2 is a schematic workflow diagram of a file storage method in a blockchain network according to an embodiment of the present disclosure;
fig. 3 is a schematic flowchart of a work flow in an implementation manner of step 12 in a file storage method in a blockchain network according to an embodiment of the present application;
fig. 4 is a call timing chart of step 13 in a method for storing a file in a blockchain network according to an embodiment of the present application in an implementation manner;
FIG. 5 is a call sequence diagram of a method for reading a file in a blockchain network according to an embodiment of the present disclosure;
fig. 6 is a schematic flowchart illustrating a working procedure of a method for reading a file in a block chain network according to an embodiment of the present disclosure;
fig. 7 is a call timing chart of step 24 in a method for reading a file in a blockchain network according to an embodiment of the present application in an implementation manner;
fig. 8 is a call timing diagram of step 27 in a method for reading a file in a blockchain network according to an embodiment of the present application in an implementation manner.
Detailed Description
In order to solve the problems that the permission of file reading is not considered in the conventional block chain file storage method based on an IPFS network, so that a file can be read by all participants on the block chain network indiscriminately, and the data privacy safety of a user cannot be protected, the application discloses a file storage method, a file reading method and a file storage and reading system in the block chain network through the following embodiments.
It should be noted that, before executing the method provided by the present application, a file storage reading model needs to be established, that is, the method of the present application is completed based on a specific model, and the established model is described first below.
Referring to fig. 1, a sequence diagram of a call of a file storage method in a blockchain network is provided. As can be seen from fig. 1, the model established in the present application mainly includes a client, a middleware, an IPFS network, and a target block chain network, where the client is a general concept, any program, software, or hardware that can construct a call parameter and initiate a call can be called the client; while the client is stateless, each call is determined using the caller's signature or similar user identification. The client is used for initiating a file storage request by a user and generating a target transaction for uplink according to an encrypted tuple data set returned by the middleware. The IPFS network is used for storing files to be stored and returning corresponding storage hash values. The middleware is positioned between the client and the IPFS network and is used for transmitting the file to be stored sent by the client to the IPFS network, carrying out secret splitting on the storage hash value returned by the IPFS network and encrypting the split secret by using the node public key. And the target block chain network returns the transaction hash value of the target transaction to the client. The target blockchain network may correspond to a federation chain, or may correspond to a public chain or a private chain. The alliance chain is used as a representative of the block chain 3.0, identity authentication and data isolation are introduced, and higher requirements are placed on the read-write right of file data.
Referring to fig. 2, a schematic workflow diagram of a file storage method in a blockchain network according to a first embodiment of the present application is disclosed. As shown in fig. 1, the file storage method includes steps 11-16.
Step 11, the client sends a file storage request to the middleware, and transmits a file to be stored to the middleware, wherein the middleware stores node public keys of all nodes in a target block chain network; the file storage request includes a threshold number.
In this embodiment, a user first uses a client to register a node public key of a participant (node) in a target blockchain network into middleware. The purpose of registering the node public key is mainly to achieve the distribution of the secret after the secret splitting. The middleware is responsible for maintaining a list of node public keys for the target block chain. And if the node exits the network, the corresponding node public key needs to be cancelled.
Illustratively, the json paradigm of the file storage request in this embodiment is as follows:
req{
fileLocation:“D://file”
volumnPath:“/data/file”
account:"root"
password:"root"
ip: "x.x.x.x"
port: "22"
threshold:“n”
}
wherein, fileLocation is the location of the file to be stored in the client, volumPath is the file storage directory of the middleware, and acont, password, ip, and port are respectively the server user name, password, ip address, and port where the middleware is located. threshold is the threshold number n. The threshold number n corresponds to a secret recovery threshold value in a preset secret sharing method in the subsequent step and also corresponds to the minimum number of nodes of which the client needs to acquire the authorization data in the subsequent file reading method; namely, the client sets the reading authority corresponding to the file to be stored in the file storage request. It should be noted that n is required to be a positive integer, and the value range is greater than or equal to 1 and less than or equal to the number m of nodes in the target blockchain network.
And step 12, uploading the file to be stored to the IPFS network by the middleware, and receiving a storage hash value corresponding to the file to be stored, which is returned by the IPFS network.
In one implementation mode, the middleware directly uploads a file to be stored to an IPFS network; and returning the storage hash value of the file to be stored to the middleware by the IPFS network. And the middleware reads the file to be stored from the IPFS network according to the storage hash value.
In another implementation manner, in order to improve the storage efficiency, the middleware divides the file to be stored into a plurality of file fragments and uploads the file fragments to the IPFS network. Referring to fig. 3, step 12 further includes steps 121-124.
And step 121, the middleware divides the file to be stored into a plurality of file fragments and uploads the file fragments to the IPFS network. In this embodiment, a plurality of file fragments can be uploaded to the IPFS network at the same time, so that the uploading speed of the file to be stored is increased, and the storage efficiency is improved. It should be noted that, in other embodiments, the client may also be used to fragment the file to be stored, and directly upload the file to the IPFS network, and the middleware receives the fragment hash value and performs subsequent processing. In this embodiment, the middleware is used for performing a file fragmentation processing process, on one hand, the development habit of a person skilled in the art is met, and on the other hand, the middleware is used as a web back end, is connected with a database, and correspondingly generates a log file in a data processing process, thereby facilitating subsequent system maintenance or query statistics on data operation records.
Step 122, the IPFS network returns a plurality of shard hash values to the middleware, where one shard hash value corresponds to one file shard.
And step 123, the middleware assembles the plurality of sliced hash values according to a preset structure to obtain preset structure data, and uploads the preset structure data to the IPFS network. Illustratively, the default structure is a merkel (Merkle) tree structure. And taking the fragment hash value as a leaf node of the Mercker tree, and calculating the numerical value of the Mercker tree structure. But if the merkel tree structure is used as the original secret in the subsequent secret sharing method, the amount of data is too large. Therefore, the preset structure data is uploaded to the IPFS network, and the stored hash value of the preset structure data is used as the original secret for subsequent secret distribution.
For the assembled Mercker tree structure, leaf nodes correspond to the fragment hash value of each fragment file, and in the subsequent file reading process, the corresponding fragment file needs to be taken according to the fragment hash value, and the original file is recovered. The hierarchy of the Mercker tree contains the splicing sequence of the fragment files, and the validity of the fragment files can be verified by using the root values of the Mercker tree. It should be noted that this embodiment is only illustrated by a merkel tree structure, and other data structures may also be used in the file storage method. The specific data structure type corresponding to the preset structure is not limited.
At step 124, the IPFS network returns the stored hash value corresponding to the predetermined configuration data to the middleware. In this embodiment, the preset structure data is stored in the IPFS network, and the storage security of the preset structure data can be improved by means of the characteristic of distributed storage of the IPFS network.
In the file reading process, the middleware reads preset structure data from the IPFS network according to the storage hash value, restores a plurality of corresponding fragment hash values according to the preset data structure, reads a plurality of corresponding file fragments from the IPFS network according to the plurality of fragment hash values, restores the file to be stored according to the file fragments, and sends the file to the client.
Step 13, the middleware performs secret splitting on the storage hash value according to a preset secret sharing method to obtain a first number of initial element group data; the first number is equal to the number m of nodes in the target block chain network, one initial tuple data corresponds to one node in the target block chain network, and the secret recovery threshold value of the preset secret sharing method is set as the threshold number.
The basic idea of the secret sharing method is as follows: assuming an original secret s, the secret distributor divides s into m shares using some algorithm, and then sends the m shares to m participants. During reconstruction, n participants are selected from m participants to reconstruct the secret, any n persons can reconstruct the secret, and any n-1 persons cannot reconstruct the secret. In this embodiment, m corresponds to the number of participants of the target blockchain network, n is the threshold number, where n is less than or equal to m, and the original secret s corresponds to the stored hash value in step 12.
In one implementation, the middleware performs secret splitting on the storage hash value by adopting a polynomial secret sharing method to obtain m initial tuple data corresponding to nodes in the target block chain network. Referring to fig. 4, step 13 includes steps 131-133.
At step 131, a first number of different input data are generated. In one implementation, the middleware converts each node public key in the target blockchain network into a decimal value as input data x1,x2,...,xm. Illustratively, the node public key is a character string, such as "abcdefg", which can be converted into a binary number "01100001011000100110001101100100011001010110011001100111", and the binary number is converted into a decimal number, i.e., the input data "27411251766584936" is obtained. In another implementation, m different input data x may be randomly generated1,x2,...,xm
Step 132, generating an encryption polynomial; wherein the degree of the encryption polynomial is a second number; the value of a constant item of the encryption polynomial is a storage hash value, and the value of an unknown item coefficient is a random integer between 1 and 9; the second number is equal to the threshold number minus one.
In this embodiment, the corresponding n-1-order encryption polynomial is generated according to the threshold number n in the file storage request in step 11, y = a0+a1x+a2x2+......+an-1xn-1Wherein a is0Is a constant term of the polynomial and takes the value as the stored hash value in step 12, a1~an-1For the unknown coefficients of the polynomial, corresponding to random integers between 1-9, may be generated with a random generator.
And step 133, substituting the input data into the encryption polynomial to calculate, so as to obtain initial metadata. In this embodiment, x in step 131 is used1,x2,...,xmSubstituting the obtained initial element pair into the above encryption polynomial to calculate1,y1),(x2,y2),.....,(xm,ym)。
In other embodiments in the present application, the secret may be split according to other secret sharing algorithms, as long as "when reconstructing, n participants are selected from m participants to reconstruct the secret, any n participants can reconstruct, and any n-1 participants cannot reconstruct" is satisfied. The secret sharing algorithm employed by the middleware is not particularly limited by the present application.
And step 14, the middleware encrypts each initial tuple data respectively by using the corresponding node public key to obtain an encrypted tuple data set, and sends the encrypted tuple data set to the client, wherein the encrypted tuple data set comprises a first number m of encrypted tuple data.
In one implementation, when the input data is transformed from the node public key, illustratively, the initial tuple data (x)1,y1) Using x1Encrypting the corresponding node public key to obtain an encryption tuple pair Enc (x)1,y1) And repeating the steps to obtain an encryption tuple data set. In another implementation, the input data is generated randomly, and one initial tuple data is corresponding to the node public key one by one. Exemplary, initial tuple data (x)1,y1) Encrypting by using the node public key corresponding to the node 1 to initialize the tuple data (x)2,y2) And encrypting by using the node public key corresponding to the node 2, and so on to obtain an encrypted tuple data set.
And step 15, the client generates a target transaction according to the encrypted tuple data set and sends the target transaction to the target block chain network.
In one implementation, in order to control the read authority of the file more finely, the client sets the valid time for each encrypted tuple data respectively. The effective time of each encryption tuple data is determined according to the role of the corresponding node in the service flow. Exemplary, section(s)Point 1 is the core service role, the corresponding encryption tuple data Enc (x)1,y1) The effective time of (a) can be set to a large value. At the time of file reading, if the valid time of the encryption meta-group data is exceeded, the encryption meta-group data cannot be used for secret restoration.
And step 16, the target block chain network returns the transaction hash value of the target transaction to the client.
The embodiment provides a file storage method in a block chain network, which splits a storage hash value by using a secret sharing method to obtain a plurality of initial tuple data, and encrypts the initial tuple data by using a node public key to ensure that a node can only decrypt the initial tuple data of the node and cannot obtain the initial tuple data of other nodes. According to the scheme, the client is required to obtain node authorization more than or equal to the threshold number to restore the stored hash value for reading the file when reading the file, so that the control and management of the reading authority of the file are realized, and the data privacy of a user is protected.
Corresponding to the foregoing embodiment of the file storage method in the blockchain network, a second embodiment of the present application discloses a file reading method in the blockchain network, in which a client obtains a to-be-read file by using a transaction hash value of a target transaction obtained in the first embodiment of the present application. Correspondingly, the file reading method in the blockchain network provided by the embodiment is also executed based on the established file storage reading model.
Referring to fig. 5, a call timing chart of a file reading method in a blockchain network according to a second embodiment of the present application is provided. As can be seen from fig. 5, in this embodiment, the client obtains the encrypted tuple data set from the target blockchain network through the transaction hash value of the target transaction, and sends the encrypted tuple data set and the encrypted public key to the target blockchain network; and the nodes in the target block chain network return the node authorization data to the client. The client generates a file reading request according to the node authorization data and sends the file reading request to the middleware; the middleware decrypts the node authorization data in the file reading request by using a decryption private key to obtain initial metadata, and then performs secret recovery to obtain a storage hash value; and the middleware obtains the file to be read from the IPFS network by using the storage hash value and returns the file to the client.
Referring to fig. 6, a flowchart of a file reading method in a blockchain network according to a second embodiment of the present disclosure is shown. As shown in fig. 2, the file reading method includes steps 21 to 27.
And step 21, the client generates query transaction according to the transaction hash value of the target transaction and sends the query transaction to the target block chain network.
In this embodiment, the client obtains the file to be read by using the transaction hash value of the target transaction obtained in the first embodiment of the present application. Firstly, a query transaction is constructed by using a transaction hash value of a target transaction, and is used for acquiring an uplink encrypted tuple data set.
Step 22, the target block chain network returns the encrypted tuple data set corresponding to the query transaction to the client.
And step 23, the client sends the encrypted tuple data set and the encrypted public key to the target block chain network, wherein the encrypted public key is requested to be acquired from the middleware by the client.
The middleware generates the encrypted public key and also generates a decryption private key corresponding to the encrypted public key, wherein the middleware only sends the encrypted public key to the client and keeps the corresponding decryption private key. In one implementation, the middleware generates a one-time encryption public key/decryption private key, and sends a fixed encryption public key to the client each time the client sends a request for applying an encryption public key. In another implementation, in order to improve security, after receiving a request for an encrypted public key sent by a client, the middleware generates an encrypted public key and a decryption private key corresponding to the request, and sends the encrypted public key to the client. The application does not limit the specific algorithm of generating the encryption public key and the decryption private key by the middleware, and public and private key pair generation algorithms such as an RSA algorithm, an SM2 algorithm and the like can be adopted.
And 24, returning the node authorization data to the client by the target block chain network according to the encryption tuple data set and the encryption public key. The process of returning the node authorization data by the target block chain network comprises the following steps: the node uses the node private key to decrypt the encrypted tuple data, uses the encrypted public key to encrypt the decrypted initial tuple data, and uses the node private key to sign.
In one implementation, a user communicates a file reading request with an administrator of at least n (a threshold number) nodes in an offline manner, and then sends an encrypted tuple data set and an encrypted public key to the previously communicated nodes by using a client to obtain corresponding node authorization data. In another implementation, a user uses a client to send the encrypted tuple data set and the encrypted public key to all nodes in the target blockchain network to obtain node authorization data.
Referring to fig. 7, a call sequence diagram of an implementation manner for returning corresponding node authorization data to a node 1 in a target blockchain network in the file reading method in the blockchain network according to the embodiment of the present application is shown. As can be seen in FIG. 7, step 24 includes steps 241-242.
And 241, the node decrypts the encrypted tuple data set by using the node private key to obtain initial tuple data.
And 242, the node encrypts the initial tuple data by using the encryption public key, signs the encrypted data by using the node private key to obtain node authorization data, and returns the node authorization data to the client. The node encrypts the initial tuple data by using the encryption public key, so that the client is prevented from directly acquiring the initial tuple data, and the initial tuple data can be only checked by one node and not checked by other nodes.
For example, the node 1 receives the encrypted tuple data set and the encrypted public key sent by the client, and firstly uses the own node private key to encrypt the encrypted tuple data Enc (x) corresponding to itself in the encrypted tuple data set1,y1) Decrypting to obtain corresponding initial metadata (x)1,y1) (ii) a Then uses the transmitted encrypted public key pair (x)1,y1) Carrying out encryption; then, signature authorization is carried out by using the own node private key to obtain the node authorization numberAnd sending the data to the client. Because different encrypted tuple data in the encrypted tuple data set are respectively encrypted by different node public keys, each node can only decrypt the initial tuple data corresponding to the node.
And step 25, when the number of the node authorization data is greater than or equal to the threshold number, the client generates a file reading request according to the node authorization data and sends the file reading request to the middleware, wherein the file reading request comprises the node authorization data and the threshold number.
Corresponding to the file storage method in the first embodiment, in the file reading process in this embodiment, the client needs to collect at least n (threshold number) pieces of node authorization data to perform secret recovery, and obtain the storage hash value. Therefore, when the number of the collected node authorization data is greater than or equal to the threshold number, the client generates a corresponding file reading request and sends the file reading request to the middleware.
It should be noted that the download threshold number corresponding to each stored file is set in the file storage process. In one implementation, the middleware writes a threshold number to the encrypted tuple data set during file storage. The user needing to read the file can know the threshold number of the file to be read through the uplink encryption metafile data set. In another implementation, the ue writes a threshold number to the target transaction for uplink during the file storage process. The user who needs to read the files knows the threshold number of the files to be read when the user reads the uplink target transaction through the inquiry transaction. In practical application, the threshold number of the file can be transmitted in various ways, and the application does not limit the transmission way of the threshold number in the storage and reading processes.
Illustratively, the json paradigm of the file read request in this embodiment is as follows:
req:{
authorizeSet:[{
encData:””
signature:””
},
……
{
encData:””
signature:””
}
threshold:””
}]
}
wherein, the authorization set is a node authorization data set, and includes node authorization data collected by the client. the threshold number n is threshhord, and the secret can be restored only if the number of data collected by the nodes in the ahthhrizedSet is greater than or equal to the threshold number n. The node authorization data includes two fields, encData is data obtained by encrypting the initial metadata data using the encrypted public key in step 242, and signature is signature information obtained by signing the encrypted data using the node private key in step 242.
And step 26, the middleware performs secret recovery according to the file reading request and a preset secret sharing method to obtain a storage hash value. The middleware verifies the signature information of the node authorization data in the file reading request, and then performs inverse process calculation and solving through a secret sharing method corresponding to the file storage method to obtain an original secret, namely a storage hash value. Further, step 26 includes steps 261-263.
And 261, verifying the signature in the node authorization data in the file reading request by the middleware, and if the signature passes the verification, decrypting the node authorization data by using a decryption private key to obtain initial metadata.
In this embodiment, the middleware verifies the signature information in the node authorization data in the file read request using the stored node public key. If the verification is passed, the node authorization data is decrypted by using the decryption private key corresponding to the encryption public key in the step 23 to obtain initial metadata, such as (x)1,y1). The decryption private key is only kept and managed in the middleware, and the client or each node cannot obtain the decryption private key. In step 261, the number of initial tuple data obtained by the middleware is greater than or equal to n.
It should be noted that, if a node exits the target block chain network, the client deletes the corresponding node public key in the node public key list in the middleware. When the file reading request comprises the node authorization data corresponding to the node, the middleware cannot verify the validity of the signature of the node authorization data, and the condition that the initial tuple data corresponding to the node is never available after a certain node exits the target block chain network is ensured.
At step 262, a decryption polynomial is constructed, wherein the degree of the decryption polynomial is a second number, and the second number is equal to the threshold number minus one. In the present embodiment, an n-1 th degree polynomial is constructed according to the threshold number n in the file read request in step 25, y = a0+a1x+a2x2+......+an-1xn-1
And 263, substituting the initial tuple data into the decryption polynomial for calculation to obtain a storage hash value, wherein the storage hash value is equal to the value of the constant term in the decryption polynomial.
Substituting the initial tuple data obtained in step 261 into the polynomial equation results in a linear equation set with a scale of at least n, and solving the linear equation set results in a solution set of (a)0,a1,a2,.....,an-1) (ii) a Wherein a is0The value of (d) corresponds to the original secret s, i.e. the stored hash value.
In one implementation, after step 261 and before step 262, in order to control the read permission of the file more finely, the middleware filters out valid initial tuple data according to the valid time corresponding to each initial tuple data, and determines whether the number of the valid initial tuple data is greater than or equal to a threshold number n. If so, returning a prompt that the number of the effective initial tuple data does not reach the threshold number and the secret cannot be recovered to the client; if not, then the subsequent step 262 continues with valid initial tuple data.
Thus, the method for reading a file in the blockchain network provided by this embodiment further includes: the middleware acquires effective time corresponding to the initial tuple data, and screens out effective initial tuple data according to the effective time; the valid initial tuple data is initial tuple data with valid time larger than the current time; when the number of the effective initial element group data is larger than or equal to the threshold number, the middleware executes the operation of constructing a decryption polynomial; and when the number of the effective initial metadata is less than the threshold number, the middleware stops executing subsequent operations, generates prompt information and feeds the prompt information back to the client.
In the above implementation, the solving of the system of linear equations is performed using the valid initial element data when the decrypting polynomial of step 263 is performed; the initial metadata exceeding the valid time cannot be used for secret recovery, and the aging control of the file reading authority is guaranteed.
And 27, the middleware acquires the file to be read from the IPFS network according to the storage hash value and sends the file to the client.
In one implementation mode, the middleware directly uploads the file to be stored to the IPFS network, and the storage hash value of the file to be stored is obtained. Correspondingly, in the file reading process, the middleware directly obtains the file to be read from the IPFS network according to the storage hash value.
In another implementation, to improve storage efficiency, files are stored in the IPFS network divided into multiple small file slices. Referring to fig. 8, a call sequence diagram for acquiring a file to be read by middleware in the file reading method in the blockchain network according to the embodiment of the present application is shown. As shown in FIG. 8, step 27 further comprises steps 271-275.
Step 271, the middleware sends the storage hash value to the IPFS network.
And step 272, the IPFS network returns corresponding preset structure data to the middleware according to the stored hash value.
Step 273, the middleware obtains a plurality of shard hash values according to the preset structure data and sends the shard hash values to the IPFS network.
And step 274, the IPFS network returns the corresponding file fragments to the middleware according to the fragment hash value.
And 275, assembling the file fragments into the file to be read by the middleware. And the middleware assembles the file fragments into a file to be read according to the splicing sequence of the fragment files contained in the preset structure data.
The embodiment provides a file reading method in a block chain network. In the file reading method, a client generates an inquiry transaction according to a transaction hash value of a target transaction, acquires a corresponding encrypted tuple data set from a target block chain network, and sends the encrypted tuple data set and an encrypted public key requested to be acquired from a middleware to the target block chain network to acquire corresponding node authorization data; and when the client collects node authorization data with the number greater than or equal to the threshold number, generating a file reading request and sending the file reading request to the middleware. And the middleware performs secret recovery according to the node authorization data to obtain a storage hash value, and finally reads the file to be read from the IPFS network and sends the file to be read to the client.
Furthermore, in this embodiment, after the node decrypts the encrypted tuple data to obtain the initial tuple data, the encryption public key is used for encryption, so that the client is prevented from directly obtaining the initial tuple data, it is ensured that one initial tuple data can only be checked by one node and not by other nodes, the control and management of the file reading authority are implemented, and the data privacy of the user is protected.
A third embodiment of the present application provides a file storage and reading system in a blockchain network, which corresponds to the file storage method provided in the first embodiment and the file reading method provided in the second embodiment, and includes a client, a middleware, an IPFS network, and a target blockchain network.
The file storage and reading system is configured to execute a file storage method according to a first embodiment of the present application, and includes: the client sends a file storage request to the middleware and transmits a file to be stored to the middleware, wherein the middleware stores node public keys of all nodes in a target block chain network; the file storage request includes a threshold number; the middleware uploads a file to be stored to an IPFS network and receives a storage hash value returned by the IPFS network; the middleware carries out secret splitting on the stored hash value according to a preset secret sharing method to obtain a first number of initial tuple data; wherein the first number is equal to the number of nodes in the target blockchain network, one initial tuple data corresponds to one node in the target blockchain network, and a secret recovery threshold value of a preset secret sharing method is set as a threshold number; encrypting each initial tuple data by using a corresponding node public key respectively to obtain an encrypted tuple data set, and sending the encrypted tuple data set to a client, wherein the encrypted tuple data set comprises a first number of encrypted tuple data; the client generates a target transaction according to the encrypted tuple data set and sends the target transaction to a target block chain network; and the target block chain network returns the transaction hash value of the target transaction to the client.
The file storage and reading system is further configured to execute a file reading method according to a second embodiment of the present application, including: the client generates query transaction according to the transaction hash value of the target transaction and sends the query transaction to the target block chain network; the target block chain network returns an encrypted tuple data set corresponding to the query transaction to the client; the client sends the encrypted tuple data set and the encrypted public key to a target block chain network, wherein the encrypted public key is requested to be acquired from the middleware by the client; the target block chain network returns node authorization data to the client according to the encryption tuple data set and the encryption public key; when the number of the node authorization data is larger than or equal to the threshold number, the client generates a file reading request according to the node authorization data and sends the file reading request to the middleware, wherein the file reading request comprises the node authorization data and the threshold number; the middleware carries out secret recovery according to a file reading request and a preset secret sharing method to obtain a storage hash value; and the middleware acquires the file to be read from the IPFS network according to the storage hash value and sends the file to the client.
The effect of the system when the file storage method and the file reading method are applied can be referred to the description of the method embodiments, and details are not repeated here.
Other embodiments of the invention will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the invention and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the invention being indicated by the following claims.

Claims (10)

1. A method for storing files in a blockchain network is characterized by comprising the following steps:
a client sends a file storage request to a middleware, and transmits a file to be stored to the middleware, wherein node public keys of all nodes in a target block chain network are stored in the middleware; the file storage request comprises a threshold number;
the middleware uploads the file to be stored to an IPFS network and receives a storage hash value which is returned by the IPFS network and corresponds to the file to be stored;
the middleware carries out secret splitting on the storage hash value according to a preset secret sharing method to obtain a first number of initial element group data; wherein the first number is equal to the number of nodes in the target blockchain network, one of the initial tuple data corresponds to one of the nodes in the target blockchain network, and a secret recovery threshold value of the preset secret sharing method is set as the threshold number;
the middleware encrypts each initial metadata by using a corresponding node public key respectively to obtain an encrypted metadata data set, and sends the encrypted metadata data set to a client, wherein the encrypted metadata data set comprises a first number of encrypted metadata;
the client generates a target transaction according to the encrypted tuple data set and sends the target transaction to the target block chain network;
and the target blockchain network returns the transaction hash value of the target transaction to the client.
2. The method according to claim 1, wherein the step of the middleware performing secret splitting on the storage hash value according to a preset secret sharing method to obtain a first number of initial tuple data comprises:
generating a first number of different input data;
generating an encryption polynomial; wherein the degree of the encryption polynomial is a second number; the value of a constant item of the encryption polynomial is the storage hash value, and the value of an unknown item coefficient is a random integer between 1 and 9; the second number is equal to the threshold number minus one;
and substituting the input data into the encryption polynomial for calculation to obtain initial metafile data.
3. The method according to claim 1, wherein the middleware uploads the file to be stored to an IPFS network and receives a storage hash value corresponding to the file to be stored, which is returned by the IPFS network, and includes:
the middleware divides the file to be stored into a plurality of file fragments and uploads the file fragments to the IPFS network;
the IPFS network returns a plurality of fragment hash values to the middleware, wherein one fragment hash value corresponds to one file fragment;
the middleware assembles a plurality of fragment hash values according to a preset structure to obtain preset structure data and uploads the preset structure data to the IPFS network;
the IPFS network returns the stored hash value corresponding to the preset structure data to the middleware.
4. The method according to claim 1, wherein the client sets a valid time for each encrypted tuple data in the set of encrypted tuple data.
5. A file reading method in a blockchain network, wherein the file reading method is used for reading a file stored according to the file storing method in the blockchain network of any one of claims 1 to 4, and the file reading method comprises:
the client generates query transaction according to the transaction hash value of the target transaction and sends the query transaction to the target block chain network;
the target block chain network returns an encrypted tuple data set corresponding to the query transaction to the client;
the client sends the encrypted metadata set and an encrypted public key to the target block chain network, wherein the encrypted public key is requested to be acquired from the middleware by the client;
the target block chain network returns node authorization data to a client according to the encrypted metadata set and the encrypted public key;
when the number of the node authorization data is larger than or equal to the threshold number, the client generates a file reading request according to the node authorization data and sends the file reading request to the middleware, wherein the file reading request comprises the node authorization data and the threshold number;
the middleware carries out secret recovery according to the file reading request and a preset secret sharing method to obtain a storage hash value;
and the middleware acquires the file to be read from the IPFS network according to the storage hash value and sends the file to be read to the client.
6. The method according to claim 5, wherein the target blockchain network returns node authorization data to the client according to the encrypted tuple data set and the encrypted public key, and the method comprises:
the node decrypts the encrypted tuple data set by using a node private key to obtain initial tuple data;
and the node encrypts the initial tuple data by using the encryption public key, signs the encrypted data by using a node private key to obtain node authorization data, and returns the node authorization data to the client.
7. The method for reading the file in the blockchain network according to claim 6, wherein the middleware performs secret recovery according to the file reading request by a preset secret sharing method to obtain the storage hash value, and the method comprises:
the middleware verifies the signature in the node authorization data in the file reading request, and if the signature passes the verification, the node authorization data is decrypted by using a decryption private key to obtain initial metadata;
constructing a decryption polynomial, wherein the decryption polynomial has a second number of degrees, the second number being equal to the threshold number minus one;
and substituting the initial tuple data into the decryption polynomial to calculate to obtain the storage hash value, wherein the storage hash value is equal to the value of a constant term in the decryption polynomial.
8. The method according to claim 7, wherein after decrypting the node authorization data using the decryption private key to obtain initial tuple data and before constructing the decryption polynomial, the method further comprises:
the middleware acquires effective time corresponding to the initial tuple data, and screens out effective initial tuple data according to the effective time; the valid initial tuple data is initial tuple data with valid time larger than the current time;
when the number of the valid initial element group data is larger than or equal to the threshold number, the middleware executes the operation of constructing the decryption polynomial;
and when the number of the effective initial metadata is smaller than the threshold number, the middleware stops executing subsequent operations and generates prompt information to feed back to the client.
9. The method according to claim 5, wherein the middleware obtains the file to be read from the IPFS network according to the stored hash value, and includes:
the middleware sends the storage hash value to the IPFS network;
the IPFS network returns corresponding preset structure data to the middleware according to the stored hash value;
the middleware obtains a plurality of fragment hash values according to the preset structure data and sends the fragment hash values to the IPFS network;
the IPFS network returns the corresponding file fragments to the middleware according to the fragment hash value;
and the middleware assembles the file fragments into the file to be read.
10. A file storage and reading system in a blockchain network, comprising a client, middleware, an IPFS network, and a target blockchain network, wherein the file storage and reading system is configured to execute the following file storage method, and the file storage method comprises:
a client sends a file storage request to a middleware, and transmits a file to be stored to the middleware, wherein node public keys of all nodes in a target block chain network are stored in the middleware; the file storage request comprises a threshold number;
the middleware uploads the file to be stored to an IPFS network and receives a storage hash value returned by the IPFS network;
the middleware carries out secret splitting on the storage hash value according to a preset secret sharing method to obtain a first number of initial element group data; wherein the first number is equal to the number of nodes in the target blockchain network, one of the initial tuple data corresponds to one of the nodes in the target blockchain network, and a secret recovery threshold value of the preset secret sharing method is set as the threshold number;
encrypting each initial tuple data by using a corresponding node public key respectively to obtain an encrypted tuple data set, and sending the encrypted tuple data set to a client, wherein the encrypted tuple data set comprises a first number of encrypted tuple data;
the client generates a target transaction according to the encrypted tuple data set and sends the target transaction to the target block chain network;
the target blockchain network returns the transaction hash value of the target transaction to the client;
the file storage reading system is further configured to execute the following file reading method, the file reading method comprising:
the client generates query transaction according to the transaction hash value of the target transaction and sends the query transaction to the target block chain network;
the target block chain network returns an encrypted tuple data set corresponding to the query transaction to the client;
the client sends the encrypted metadata set and an encrypted public key to the target block chain network, wherein the encrypted public key is requested to be acquired from the middleware by the client;
the target block chain network returns node authorization data to a client according to the encrypted metadata set and the encrypted public key;
when the number of the node authorization data is larger than or equal to the threshold number, the client generates a file reading request according to the node authorization data and sends the file reading request to the middleware, wherein the file reading request comprises the node authorization data and the threshold number;
the middleware carries out secret recovery according to the file reading request and a preset secret sharing method to obtain a storage hash value;
and the middleware acquires the file to be read from the IPFS network according to the storage hash value and sends the file to be read to the client.
CN202210337490.9A 2022-04-01 2022-04-01 File storage and reading method and system in block chain network Active CN114499894B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210337490.9A CN114499894B (en) 2022-04-01 2022-04-01 File storage and reading method and system in block chain network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210337490.9A CN114499894B (en) 2022-04-01 2022-04-01 File storage and reading method and system in block chain network

Publications (2)

Publication Number Publication Date
CN114499894A true CN114499894A (en) 2022-05-13
CN114499894B CN114499894B (en) 2022-09-09

Family

ID=81488275

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210337490.9A Active CN114499894B (en) 2022-04-01 2022-04-01 File storage and reading method and system in block chain network

Country Status (1)

Country Link
CN (1) CN114499894B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115499249B (en) * 2022-11-17 2023-04-07 南京可信区块链与算法经济研究院有限公司 File storage method and system based on block chain distributed encryption

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109150968A (en) * 2018-07-13 2019-01-04 上海大学 A kind of block chain distributed storage method based on privacy sharing
CN109639406A (en) * 2018-12-24 2019-04-16 国泰君安证券股份有限公司 Efficient trust solution based on block chain and IPFS
WO2019142075A1 (en) * 2018-01-16 2019-07-25 nChain Holdings Limited Computer implemented method and system for obtaining digitally signed data
US20190305938A1 (en) * 2018-03-30 2019-10-03 Spyrus, Inc. Threshold secret share authentication proof and secure blockchain voting with hardware security modules
CN110555783A (en) * 2019-07-18 2019-12-10 中国南方电网有限责任公司 block chain-based power marketing data protection method and system
CN111199045A (en) * 2018-11-16 2020-05-26 安全技术私人有限责任公司 Method and system for encrypted private key management for secure multiparty storage and delivery of information
CN112434336A (en) * 2020-11-25 2021-03-02 深圳前海微众银行股份有限公司 Block chain-based electronic medical record sharing method, device and system and storage medium
CN112685763A (en) * 2021-03-18 2021-04-20 上海众旦信息科技有限公司 Data opening method and system based on ciphertext authorized access
CN113347266A (en) * 2021-06-21 2021-09-03 上海计算机软件技术开发中心 Permission control system and method based on block chain and IPFS
CN113821478A (en) * 2021-11-24 2021-12-21 南京金宁汇科技有限公司 Block chain-based large file storage method and system
CN113901005A (en) * 2021-09-01 2022-01-07 微易签(杭州)科技有限公司 Portable file storage method, system and medium based on block chain

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019142075A1 (en) * 2018-01-16 2019-07-25 nChain Holdings Limited Computer implemented method and system for obtaining digitally signed data
US20190305938A1 (en) * 2018-03-30 2019-10-03 Spyrus, Inc. Threshold secret share authentication proof and secure blockchain voting with hardware security modules
CN109150968A (en) * 2018-07-13 2019-01-04 上海大学 A kind of block chain distributed storage method based on privacy sharing
CN111199045A (en) * 2018-11-16 2020-05-26 安全技术私人有限责任公司 Method and system for encrypted private key management for secure multiparty storage and delivery of information
CN109639406A (en) * 2018-12-24 2019-04-16 国泰君安证券股份有限公司 Efficient trust solution based on block chain and IPFS
CN110555783A (en) * 2019-07-18 2019-12-10 中国南方电网有限责任公司 block chain-based power marketing data protection method and system
CN112434336A (en) * 2020-11-25 2021-03-02 深圳前海微众银行股份有限公司 Block chain-based electronic medical record sharing method, device and system and storage medium
CN112685763A (en) * 2021-03-18 2021-04-20 上海众旦信息科技有限公司 Data opening method and system based on ciphertext authorized access
CN113347266A (en) * 2021-06-21 2021-09-03 上海计算机软件技术开发中心 Permission control system and method based on block chain and IPFS
CN113901005A (en) * 2021-09-01 2022-01-07 微易签(杭州)科技有限公司 Portable file storage method, system and medium based on block chain
CN113821478A (en) * 2021-11-24 2021-12-21 南京金宁汇科技有限公司 Block chain-based large file storage method and system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
AYOUB GHANI ET AL: "A Blockchain-based secure PHR data storage and sharing framework", 《2020 6TH IEEE CONGRESS ON INFORMATION SCIENCE AND TECHNOLOGY (CIST)》 *
孙尧等: "基于多秘密共享的电子文件元数据区块链存储研究", 《电子技术与软件工程》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115499249B (en) * 2022-11-17 2023-04-07 南京可信区块链与算法经济研究院有限公司 File storage method and system based on block chain distributed encryption

Also Published As

Publication number Publication date
CN114499894B (en) 2022-09-09

Similar Documents

Publication Publication Date Title
US11451386B2 (en) Method and system for many-to-many symmetric cryptography and a network employing the same
US10903991B1 (en) Systems and methods for generating signatures
Yan et al. Deduplication on encrypted big data in cloud
Barsoum et al. Enabling dynamic data and indirect mutual trust for cloud computing storage systems
US20200401726A1 (en) System and method for private integration of datasets
CN110635912A (en) Data processing method and device
CN114499894B (en) File storage and reading method and system in block chain network
JP4794970B2 (en) Secret information protection method and communication apparatus
CN112003690B (en) Password service system, method and device
CN110166460B (en) Service account registration method and device, storage medium and electronic device
CN109412788B (en) Anti-quantum computing agent cloud storage security control method and system based on public key pool
CN109302283B (en) Anti-quantum computing agent cloud storage method and system based on public asymmetric key pool
CN114510734B (en) Data access control method, device and computer readable storage medium
CN115828290A (en) Encryption and decryption method and device based on distributed object storage
Kavuri et al. An improved integrated hash and attributed based encryption model on high dimensional data in cloud environment
Kamboj et al. DEDUP: Deduplication system for encrypted data in cloud
Yasmin et al. Decentralized Entrance Power with Secret Endorsement of Data Stored in Clouds
CN116032499A (en) Distributed cloud file storage method and system, user terminal and cloud device thereof
US10439810B2 (en) Device and method for administering a digital escrow server
Navya et al. Securing smart grid data under key exposure and revocation in cloud computing
Sirsat et al. Deduplication in cloud storage on the basis of proof of ownership
Tamboli et al. An analysis of access control mechanism with authentication of anonymous user and deduplication of data in decentralized clouds
Joice et al. Secure and Efficient Deduplication Scheme based on Ownership Challenge for Mobile Cloud Environment
Dhokne et al. Secure Data Deduplication System with Tag Consistency
CN117675383A (en) Data transmission architecture and data transmission method for networked collaborative design

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant