CN116094699A - Message processing method, cloud server and communication system - Google Patents

Message processing method, cloud server and communication system Download PDF

Info

Publication number
CN116094699A
CN116094699A CN202310002201.4A CN202310002201A CN116094699A CN 116094699 A CN116094699 A CN 116094699A CN 202310002201 A CN202310002201 A CN 202310002201A CN 116094699 A CN116094699 A CN 116094699A
Authority
CN
China
Prior art keywords
terminal
group
configuration information
intelligent contract
cloud server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310002201.4A
Other languages
Chinese (zh)
Inventor
杜明晓
姚旭
曲强
张子怡
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Huawei Cloud Computing Technology Co ltd
Original Assignee
Shenzhen Huawei Cloud Computing Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Huawei Cloud Computing Technology Co ltd filed Critical Shenzhen Huawei Cloud Computing Technology Co ltd
Priority to CN202310002201.4A priority Critical patent/CN116094699A/en
Publication of CN116094699A publication Critical patent/CN116094699A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The message processing method provided by the embodiment of the application comprises the following steps: after receiving the message sent by the first terminal, the first cloud server sends a request for inquiring the configuration information to the intelligent contract executing node, receives a first group configuration information set sent by the intelligent contract executing node, selects first group configuration information from the first group configuration information set, and encrypts the message by using a first group communication key in the first group configuration information; and sending the encrypted message and the blockchain user identification of the first terminal to an intelligent contract executing node. Since the smart contract executing nodes are distributed, when one or more smart contract executing nodes fail, the message still exists in the blockchain, and the receiving terminal can still acquire the message from the blockchain, so that the reliability of message transmission is improved. The application also provides a cloud server and a communication system capable of realizing the message processing method.

Description

Message processing method, cloud server and communication system
Technical Field
The present application relates to the field of communications, and in particular, to a message processing method, a cloud server, and a communication system.
Background
End-to-end encryption is a method for encrypting messages transmitted between terminals to ensure the safety of the messages.
There is a general end-to-end message processing method as follows: the sending terminal generates a first key pair according to the key exchange protocol, the receiving terminal generates a second key pair according to the key exchange protocol, the first key pair comprises a first private key and a first public key, and the second key pair comprises a second private key and a second public key. The sending terminal generates a communication key according to the first private key and the second public key; after encrypting the message by using the communication key, sending the encrypted message to a communication server, forwarding the encrypted message to a receiving terminal by the communication server, generating the communication key by the receiving terminal according to the second private key and the first public key, and decrypting the encrypted message by using the communication key.
After the communication server is hacked, the encrypted message may be destroyed or the communication server cannot provide the communication service, which may cause communication interruption.
Disclosure of Invention
In view of the above, the present application provides a message processing method capable of storing and transmitting messages using a blockchain network, thereby improving reliability of storing and transmitting messages. The present application provides a cloud server, a communication system, a cluster of computing devices, a computer readable storage medium and a computer program product capable of performing the above method.
A first aspect provides a message processing method, where a communication system applied by the method includes a blockchain network, a first cloud server, and a first terminal, where the blockchain network includes a plurality of intelligent contract executing nodes, and the message processing method includes: after receiving the message sent by the first terminal, the first cloud server sends a request for inquiring configuration information to the intelligent contract executing node according to the message, wherein the request for inquiring configuration information comprises an intelligent contract identifier; after the intelligent contract executing node acquires a first group configuration information set according to the intelligent contract identifier carried by the query configuration information request, the first cloud server receives the first group configuration information set sent by the intelligent contract executing node, acquires the blockchain user identifier of the first terminal, and then selects first group configuration information corresponding to the blockchain user identifier of the first terminal from the first group configuration information set; encrypting the message by using a first group communication key in the first group configuration information; and sending the encrypted message and the blockchain user identification of the first terminal to an intelligent contract executing node.
After the first terminal sends out the message, the message is stored in the blockchain after being encrypted by the first cloud server and processed by the intelligent contract. After the first terminal uploads the message, other terminals of the first group (e.g., the second terminal) may query and decrypt the message of the first group from the blockchain, thereby completing the end-to-end communication. Because the smart contract executing nodes are distributed, one or more smart contract executing nodes fail and the message remains in the blockchain, thereby improving the reliability of storing and transmitting messages.
In another possible implementation manner, before the first cloud server receives the message sent by the first terminal, the message processing method of the present application further includes: after receiving a group creation request sent by a first terminal, a first cloud server sends the group creation request to an intelligent contract execution node; after receiving public key packages of other group users sent by the intelligent contract executing node, generating a first group communication key according to the public key packages of all group users in the first group; generating first group configuration information according to the blockchain user identifications of all group users in the first group and the first group communication key; and sending the first group configuration information to the intelligent contract execution node.
The create group request includes blockchain user identifications of other group users in the first group, the other group users being group users in the first group other than the first terminal. Thus, the first group configuration information can be stored in the blockchain according to the group creation request, and other group users can acquire the group configuration information from the blockchain. The first group configuration information includes a first group communication key that can be obtained by each group user of the first group and then used to encrypt and decrypt messages so that multi-person communication can be achieved. The existing end-to-end encryption method is only used for two people to communicate, and the message processing method can provide end-to-end communication for more users.
With reference to the former possible implementation manner, in another possible implementation manner, the message processing method of the present application further includes: after receiving the group update request sent by the first terminal, the first cloud server sends the group update request to the intelligent contract executing node; after receiving the public key package of the target user sent by the intelligent contract executing node, generating a second group communication key according to the public key package of the target user and the public key packages of all group users in the first group, generating second group configuration information according to the blockchain user identification of the target user, the blockchain user identifications of all group users in the first group and the second group communication key, and sending the second group configuration information to the intelligent contract executing node. The update group request includes the blockchain user identification of the target user.
For the target user not belonging to the first group, the first group communication key can be updated to the second group communication key according to the public key package of the target user, and the blockchain user identification of the target user and the second group communication key are stored in the blockchain.
In another possible implementation manner, before the first cloud server receives the message sent by the first terminal, the message processing method of the present application further includes: after receiving a first registration request sent by a first terminal, a first cloud server sends the first registration request to an intelligent contract executing node; after receiving the blockchain user identification of the first terminal sent by the intelligent contract executing node, sending the blockchain user identification of the first terminal to the first terminal; the first cloud server receives a second registration request sent by the first terminal; transmitting the end-to-end user identification of the first terminal to the first terminal according to the second registration request; storing identity-related data; and after the public key package of the first terminal is acquired, the identity association data and the public key package of the first terminal are sent to the intelligent contract executing node. The identity association data includes a correspondence of an end-to-end user identification of the first terminal and a blockchain user identification of the first terminal. This provides a method of registering end-to-end users and blockchain users, and also provides a method of binding end-to-end user identifications and blockchain user identifications.
A second aspect provides a message processing method, where a communication system applied by the method includes a blockchain network, a second cloud server, and a second terminal, and the method includes: the second cloud server receives a query message request sent by the second terminal, and then sends the query message request to the intelligent contract executing node; after receiving the second group configuration information set sent by the intelligent contract executing node and the encrypted message corresponding to each group configuration information in the second group configuration information set, determining the first group configuration information including the blockchain user identifier of the second terminal in the second group configuration information set and determining the encrypted message corresponding to the first group configuration information in the encrypted message sent by the intelligent contract executing node; after the private key of the second terminal is obtained, decrypting the encrypted message corresponding to the first group configuration information according to the private key of the second terminal; and sending the decrypted message to the second terminal.
After the first terminal uploads the message, other terminals (such as a second terminal) of the first group can query and decrypt the message of the first group through the second cloud server, so that end-to-end communication is completed. The message is encrypted in the end-to-end communication process, so that the safety of message transmission can be ensured. The end-to-end communication method can be applied to a plurality of users in the group, and the application scene of end-to-end encryption is expanded.
A third aspect provides a message processing method, the method comprising: after receiving the message sent by the first terminal, the first cloud server sends a request for inquiring configuration information to the intelligent contract executing node according to the message; after determining an intelligent contract corresponding to an intelligent contract identifier carried by a configuration information inquiry request, the intelligent contract execution node acquires a first group configuration information set according to the intelligent contract; after receiving a first group configuration information set sent by an intelligent contract executing node, the first cloud server acquires a blockchain user identifier of a first terminal, and then selects first group configuration information corresponding to the blockchain user identifier of the first terminal from the first group configuration information set; encrypting the message using a first group communication key in the first group configuration information; then the encrypted message and the blockchain user identification of the first terminal are sent to an intelligent contract executing node; the intelligent contract executing node stores the encrypted message and the blockchain user identification of the first terminal in the blockchain according to the intelligent contract.
After the first terminal sends out the message, the message is stored in the blockchain after being encrypted by the first cloud server and processed by the intelligent contract. Because the smart contract executing nodes are distributed, one or more smart contract executing nodes fail and the message remains in the blockchain, thereby improving the reliability of message storage. Other terminals can query the blockchain and receive messages from the blockchain, so that the reliability of message transmission can be improved.
In one possible implementation, after the smart contract execution node stores the encrypted message and the blockchain user identification of the first terminal in the blockchain according to the smart contract, the message processing method further includes: after receiving the query message request sent by the second terminal, the second cloud server sends the query message request to the intelligent contract executing node; the intelligent contract executing node acquires the second group configuration information set and encryption information corresponding to each group configuration information in the second group configuration information set according to the query message request; then the second cloud server receives a second group configuration information set sent by the intelligent contract executing node and encrypted messages corresponding to each group configuration information in the second group configuration information set, determines first group configuration information corresponding to the blockchain user identifier comprising the second terminal in the second group configuration information set, and determines encrypted messages corresponding to the first group configuration information in the encrypted messages sent by the intelligent contract executing node; after the second cloud server obtains the private key of the second terminal, the second cloud server decrypts the encrypted message corresponding to the first group configuration information according to the private key of the second terminal, and then sends the decrypted message to the second terminal. The second terminal and the first terminal belong to a first group. After the first terminal uploads the message, other terminals of the first group (e.g., the second terminal) may query and decrypt the message of the first group, thereby completing the end-to-end communication. The message is encrypted in the end-to-end communication process, so that the safety of message transmission can be ensured.
The steps and advantages performed by the first cloud server of the third aspect may be referred to in the corresponding description of the first aspect.
A fourth aspect provides a message processing method applied to a communication system including a blockchain network including a plurality of smart contract execution nodes and a terminal, the message processing method comprising: after the first terminal sends a request for inquiring configuration information to the intelligent contract executing node, the intelligent contract executing node determines an intelligent contract corresponding to an intelligent contract identifier carried by the request for inquiring configuration information; acquiring a first group configuration information set according to the intelligent contract, and acquiring a blockchain user identifier of the first terminal by the first terminal after the first terminal receives the first group configuration information set sent by the intelligent contract execution node; selecting first group configuration information corresponding to the blockchain user identification of the first terminal from the first group configuration information set; encrypting the message using a first group communication key in the first group configuration information; transmitting the encrypted message and the blockchain user identification of the first terminal to an intelligent contract executing node; the smart contract execution node then stores the encrypted message and the blockchain user identification of the first terminal in the blockchain in accordance with the smart contract.
In this implementation, after the first terminal encrypts the message, the encrypted message may be stored in the blockchain. After the first terminal uploads the message, other terminals of the first group (e.g., the second terminal) may query and decrypt the message of the first group from the blockchain, thereby completing the end-to-end communication. Because the smart contract executing nodes are distributed, one or more smart contract executing nodes fail and the message remains in the blockchain, thereby improving the reliability of storing and transmitting messages.
In one possible implementation, the message processing method further includes: the second terminal sends a query message request to the intelligent contract execution node, and the second terminal and the first terminal belong to a first group; the intelligent contract executing node acquires the second group configuration information set and encryption information corresponding to each group configuration information in the second group configuration information set according to the query message request; after receiving a second group configuration information set and encrypted messages corresponding to each group configuration information in the second group configuration information set, which are sent by the intelligent contract executing node, the second terminal determines first group configuration information corresponding to the blockchain user identifier of the second terminal in the second group configuration information set; determining an encrypted message corresponding to the first group configuration information in the encrypted messages sent by the intelligent contract executing node; and decrypting the encrypted message corresponding to the first group configuration information according to the private key of the second terminal.
After the first terminal uploads the message, other terminals of the first group (e.g., the second terminal) may query and decrypt the message of the first group, thereby completing the end-to-end communication. The message is encrypted in the end-to-end communication process, so that the safety of message transmission can be ensured. The end-to-end communication method can be applied to a plurality of users in the group, and the application scene of end-to-end encryption is expanded.
In another possible implementation manner, before the first terminal sends the request for querying the configuration information to the smart contract execution node, the message processing method of the present application further includes: the first terminal sends a group creation request to an intelligent contract execution node, and the intelligent contract execution node acquires public key packages of other group users from a blockchain according to blockchain user identifiers of the other group users carried by the group creation request; after receiving public key packages of other group users sent by an intelligent contract executing node, a first terminal generates a first group communication key according to the public key packages of all group users in a first group; generating first group configuration information according to the blockchain user identifications of all group users in the first group and the first group communication key; transmitting the first group configuration information to an intelligent contract execution node; the smart contract execution node then writes the first group configuration information to the blockchain.
The first group configuration information includes a first group communication key that can be obtained by each group user of the first group and then used to encrypt and decrypt messages so that multi-person communication can be achieved. The existing end-to-end encryption method is only used for two people to communicate, and the message processing method can provide end-to-end communication for more users.
With reference to the former possible implementation manner, in another possible implementation manner, the message processing method further includes: the first terminal sends an update group request to an intelligent contract executing node, wherein the update group request comprises a blockchain user identifier of a target user, and the intelligent contract executing node acquires a public key package of the target user according to the blockchain user identifier of the target user; after receiving the public key package of the target user sent by the intelligent contract executing node, the first terminal generates a second group communication key according to the public key package of the target user and the public key packages of all group users in the first group; generating second group configuration information according to the blockchain user identification of the target user, the blockchain user identifications of all group users in the first group and the second group communication key; transmitting the second group configuration information to the intelligent contract execution node; the smart contract execution node then writes the second group configuration information to the blockchain. The target user does not belong to the first group.
For the target user not belonging to the first group, the first group communication key can be updated to the second group communication key according to the public key package of the target user, and the blockchain user identification of the target user and the second group communication key are stored in the blockchain.
A fifth aspect provides a cloud server, which includes a receiving module, a processing module, and a sending module; the receiving module is used for receiving the message sent by the first terminal; the sending module is used for sending a request for inquiring the configuration information to the intelligent contract execution node according to the message; the receiving module is further used for receiving a first group configuration information set sent by the intelligent contract executing node; the processing module is used for acquiring the blockchain user identification of the first terminal; selecting first group configuration information corresponding to the blockchain user identification of the first terminal from the first group configuration information set; encrypting the message using a first group communication key in the first group configuration information; the sending module is further configured to send the encrypted message and the blockchain user identification of the first terminal to the intelligent contract executing node.
In another possible implementation manner, the receiving module is further configured to receive a group creation request sent by the first terminal, where the group creation request includes a blockchain user identifier of other group users in the first group; the sending module is also used for sending a request for creating the group to the intelligent contract executing node; the receiving module is also used for receiving public key packages of other group users sent by the intelligent contract executing node; the processing module is further used for generating a first group communication key according to the public key package of all group users in the first group; generating first group configuration information according to the blockchain user identifications of all group users in the first group and the first group communication key; the sending module is further configured to send the first group configuration information to the smart contract execution node.
In another possible implementation manner, the receiving module is further configured to receive an update group request sent by the first terminal, and the sending module is further configured to send the update group request to the intelligent contract executing node; the receiving module is also used for receiving a public key package of a target user sent by the intelligent contract executing node; the processing module is further used for generating a second group communication key according to the public key package of the target user and the public key packages of all group users in the first group; generating second group configuration information according to the blockchain user identification of the target user, the blockchain user identifications of all group users in the first group and the second group communication key; the sending module is further configured to send the second group configuration information to the smart contract execution node.
In another possible implementation manner, the receiving module is further configured to receive a first registration request sent by the first terminal; the sending module is further used for sending a first registration request to the intelligent contract executing node; the receiving module is also used for receiving the blockchain user identification of the first terminal sent by the intelligent contract executing node; the sending module is also used for sending the blockchain user identification of the first terminal to the first terminal; the receiving module is also used for receiving a second registration request sent by the first terminal; the sending module is also used for sending the end-to-end user identification of the first terminal to the first terminal; the processing module is also used for storing identity association data, wherein the identity association data comprises the corresponding relation between the end-to-end user identification of the first terminal and the blockchain user identification of the first terminal; acquiring a public key package of a first terminal; the sending module is further configured to send the identity-related data and the public key package of the first terminal to the smart contract execution node.
The steps performed by the modules in the fifth aspect, the explanation of terms and advantages may be referred to in the corresponding description of the first aspect.
A sixth aspect provides a cloud server, which includes a receiving module, a processing module, and a sending module; the receiving module is used for receiving a query message request sent by the second terminal, and the sending module is also used for sending the query message request to the intelligent contract executing node; the receiving module is further used for receiving a second group configuration information set sent by the intelligent contract executing node and an encrypted message corresponding to each group configuration information in the second group configuration information set; the processing module is further configured to determine, in the second set of group configuration information, first group configuration information including a blockchain user identification of the second terminal; determining an encrypted message corresponding to the first group configuration information in the encrypted messages sent by the intelligent contract executing node; acquiring a private key of a second terminal; decrypting the encrypted message corresponding to the first group configuration information according to the private key of the second terminal; the sending module is further configured to send the decrypted message to the second terminal.
The steps performed by the modules in the sixth aspect may be explained and advantageous with reference to the corresponding descriptions in the second aspect.
A seventh aspect provides a communication system, including a first terminal, a first cloud server, and an intelligent contract execution node; the first terminal is used for sending a message to the first cloud server; the first cloud server is used for sending a request for inquiring configuration information to the intelligent contract execution node according to the message sent by the first terminal; the intelligent contract executing node is used for determining an intelligent contract corresponding to the intelligent contract identifier carried by the query configuration information request; acquiring a first group configuration information set according to an intelligent contract; the first cloud server is further used for receiving a first group configuration information set sent by the intelligent contract executing node; acquiring a blockchain user identifier of a first terminal; selecting first group configuration information corresponding to the blockchain user identification of the first terminal from the first group configuration information set; encrypting the message using a first group communication key in the first group configuration information; transmitting the encrypted message and the blockchain user identification of the first terminal to an intelligent contract executing node; the smart contract execution node is further configured to store the encrypted message and the blockchain user identification of the first terminal in the blockchain in accordance with the smart contract.
In one possible implementation manner, the communication system further includes a second terminal and a second cloud server, where the second terminal is configured to send a query message request to the second cloud server; the second cloud server is further used for sending a query message request to the intelligent contract execution node; the intelligent contract executing node is used for acquiring the second group configuration information set and the encryption information corresponding to each group configuration information in the second group configuration information set according to the query message request; the second cloud server is further configured to receive a second group configuration information set and an encrypted message corresponding to each group configuration information in the second group configuration information set, where the second group configuration information set is sent by the intelligent contract executing node; determining first group configuration information corresponding to the blockchain user identification comprising the second terminal in the second group configuration information set; determining an encrypted message corresponding to the first group configuration information in the encrypted messages sent by the intelligent contract executing node; acquiring a private key of a second terminal; decrypting the encrypted message corresponding to the first group configuration information according to the private key of the second terminal; and sending the decrypted message to the second terminal.
In another possible implementation manner, the first cloud server is further configured to receive a group creation request sent by the first terminal, where the group creation request includes blockchain user identifiers of other group users in the first group; sending a group creation request to an intelligent contract execution node; the intelligent contract executing node is used for acquiring public key packages of other group users from the blockchain according to the group creation request; the first cloud server is also used for receiving public key packages of other group users sent by the intelligent contract executing node; generating a first group communication key according to public key packages of all group users in the first group; generating first group configuration information according to the blockchain user identifications of all group users in the first group and the first group communication key; transmitting the first group configuration information to an intelligent contract execution node; the smart contract execution node is also configured to write the first group configuration information to the blockchain.
In another possible implementation manner, the first cloud server is further configured to receive an update group request sent by the first terminal; sending an update group request to an intelligent contract execution node; the intelligent contract executing node is also used for acquiring a public key package of the target user according to the blockchain user identification of the target user; the first cloud server is also used for receiving a public key package of a target user sent by the intelligent contract executing node; generating a second group communication key according to the public key package of the target user and the public key packages of all group users in the first group; generating second group configuration information according to the blockchain user identification of the target user, the blockchain user identifications of all group users in the first group and the second group communication key; transmitting the second group configuration information to the intelligent contract execution node; the smart contract execution node is also configured to write second group configuration information to the blockchain.
In another possible implementation manner, the first cloud server is further configured to receive a first registration request sent by the first terminal; sending a first registration request to an intelligent contract execution node; the intelligent contract executing node is further used for generating a blockchain user identifier of the first terminal according to the first registration request; the first cloud server is further used for receiving a blockchain user identification of the first terminal sent by the intelligent contract executing node; the block chain user identification of the first terminal is sent to the first terminal; receiving a second registration request sent by the first terminal; transmitting an end-to-end user identification of the first terminal to the first terminal; storing identity-related data; acquiring a public key package of a first terminal; transmitting the identity-related data and the public key package of the first terminal to an intelligent contract executing node; the smart contract execution node is further configured to write the identity-related data and the public key package of the first terminal to the blockchain.
The steps performed by each terminal, the steps performed by each cloud server, and the steps performed by the intelligent contract execution node in the seventh aspect, noun interpretation, and advantageous effects may be referred to the corresponding descriptions in the third aspect.
An eighth aspect provides a communication system comprising a blockchain network and a first terminal, the blockchain network comprising a plurality of intelligent contract executing nodes; the first terminal is used for sending a request for inquiring configuration information to the intelligent contract executing node; the intelligent contract executing node is used for determining an intelligent contract corresponding to the intelligent contract identifier carried by the query configuration information request; acquiring a first group configuration information set according to an intelligent contract; the first terminal is further used for receiving a first group configuration information set sent by the intelligent contract executing node; acquiring a blockchain user identifier of a first terminal; selecting first group configuration information corresponding to the blockchain user identification of the first terminal from the first group configuration information set; encrypting the message using a first group communication key in the first group configuration information; transmitting the encrypted message and the blockchain user identification of the first terminal to an intelligent contract executing node; the smart contract execution node is further configured to store the encrypted message and the blockchain user identification of the first terminal in the blockchain in accordance with the smart contract.
In one possible implementation, the communication system further includes a second terminal, where the second terminal is configured to send a query message request to the smart contract execution node; the intelligent contract executing node is further used for acquiring the second group configuration information set and encryption information corresponding to each group configuration information in the second group configuration information set according to the query message request; the second terminal is further configured to receive a second group configuration information set and an encrypted message corresponding to each group configuration information in the second group configuration information set, where the second group configuration information set is sent by the intelligent contract executing node; determining first group configuration information corresponding to the blockchain user identification comprising the second terminal in the second group configuration information set; determining an encrypted message corresponding to the first group configuration information in the encrypted messages sent by the intelligent contract executing node; and decrypting the encrypted message corresponding to the first group configuration information according to the private key of the second terminal. The second terminal and the first terminal belong to a first group.
In another possible implementation manner, the first terminal is further configured to send a group creation request to the smart contract execution node, where the group creation request includes blockchain user identifications of other group users in the first group; the intelligent contract executing node is also used for acquiring public key packages of other group users from the blockchain according to the blockchain user identifiers of the other group users; the first terminal is also used for receiving public key packages of other group users sent by the intelligent contract executing node; generating a first group communication key according to public key packages of all group users in the first group; generating first group configuration information according to the blockchain user identifications of all group users in the first group and the first group communication key; transmitting the first group configuration information to an intelligent contract execution node; the smart contract execution node is also configured to write the first group configuration information to the blockchain.
In another possible implementation manner, the first terminal is further configured to send an update group request to the smart contract execution node, where the update group request includes a blockchain user identifier of the target user; the intelligent contract executing node is also used for acquiring a public key package of the target user according to the blockchain user identification of the target user; the first terminal is also used for receiving a public key package of a target user sent by the intelligent contract executing node; generating a second group communication key according to the public key package of the target user and the public key packages of all group users in the first group; generating second group configuration information according to the blockchain user identification of the target user, the blockchain user identifications of all group users in the first group and the second group communication key; transmitting the second group configuration information to the intelligent contract execution node; the smart contract execution node is also configured to write second group configuration information to the blockchain.
The steps performed by the terminals in the eighth aspect, the steps performed by the intelligent contract execution node, the noun interpretation, and the advantageous effects can be referred to the corresponding descriptions in the fourth aspect.
A ninth aspect provides a cluster of computing devices comprising at least one computing device, each computing device comprising a processor and a memory; the processor of the at least one computing device is configured to execute instructions stored in a memory of the at least one computing device to cause the cluster of computing devices to perform the method of the first aspect, the second aspect or the third aspect.
A tenth aspect provides a cluster of computing devices, comprising at least one computing device, each computing device comprising a processor and a memory; the processor of the at least one computing device is configured to execute instructions stored in the memory of the at least one computing device to cause the cluster of computing devices to perform the method according to the fourth aspect.
An eleventh aspect provides a computer readable storage medium comprising computer program instructions which, when executed by a cluster of computing devices, perform the method of the first, second, third or fourth aspects.
A twelfth aspect provides a computer program product comprising instructions which, when executed by a cluster of computing devices, cause the cluster of computing devices to perform the method of the first, second, third or fourth aspects.
A thirteenth aspect provides a system on a chip comprising at least one processor coupled to a memory for storing a computer program or instructions for execution by the processor to implement the methods of the first, second, third or fourth aspects described above.
Drawings
Fig. 1 is a schematic diagram of an end-to-end communication scenario in an embodiment of the present application;
FIG. 2 is another schematic diagram of an end-to-end communication scenario in an embodiment of the present application;
FIG. 3 is a signaling diagram illustrating a message sent in an embodiment of the present application;
fig. 4 is a signaling interaction diagram of a received message in an embodiment of the present application;
FIG. 5 is a signaling diagram illustrating the use of blockchain storage group configuration information in accordance with embodiments of the present application;
FIG. 6 is a signaling diagram of updating group configuration information of a blockchain in an embodiment of the present application;
fig. 7 is a signaling interaction diagram of user registration in an embodiment of the present application;
FIG. 8 is another schematic diagram of an end-to-end communication scenario in an embodiment of the present application;
FIG. 9 is another schematic diagram of an end-to-end communication scenario in an embodiment of the present application;
FIG. 10 is a signaling diagram of a message sent in an embodiment of the present application;
FIG. 11 is a signaling interaction diagram of a received message in an embodiment of the present application;
FIG. 12 is a block diagram of a cloud server according to an embodiment of the present application;
FIG. 13 is a schematic diagram of a communication system according to an embodiment of the present application;
fig. 14 is a block diagram of a terminal in an embodiment of the present application;
fig. 15 is another schematic diagram of a communication system according to an embodiment of the present application;
FIG. 16 is another block diagram of a computing device in an embodiment of the present application;
FIG. 17 is a block diagram of a cluster of computing devices in an embodiment of the present application;
FIG. 18 is another block diagram of a cluster of computing devices in an embodiment of the application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application. The terminology used in the following embodiments is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in the specification and the appended claims, the singular forms "a," "an," "the," and "the" are intended to include, for example, "one or more" such forms of expression, unless the context clearly indicates to the contrary. It should also be understood that in embodiments of the present application, "one or more" means one, two, or more than two; "and/or", describes an association relationship of the association object, indicating that three relationships may exist; for example, a and/or B may represent: a alone, a and B together, and B alone, wherein A, B may be singular or plural. The character "/" generally indicates that the context-dependent object is an "or" relationship.
Reference in the specification to "one embodiment" or "some embodiments" or the like means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," and the like in the specification are not necessarily all referring to the same embodiment, but mean "one or more but not all embodiments" unless expressly specified otherwise. The terms "comprising," "including," "having," and variations thereof mean "including but not limited to," unless expressly specified otherwise.
The plurality of the embodiments of the present application refers to greater than or equal to two. It should be noted that, in the description of the embodiments of the present application, the terms "first," "second," and the like are used for distinguishing between the descriptions and not necessarily for indicating or implying a relative importance, or alternatively, for indicating or implying a sequential order.
Blockchain technology is a decentralised architecture and computational paradigm that uses a blockchain data structure to validate and store data, a distributed node consensus algorithm to generate and update data, cryptography to secure data transfer and access, and intelligent contracts composed of automated script code to program and manipulate data.
The communication method can be applied to a communication system comprising a terminal and a blockchain network, and the communication system can also comprise a cloud server. Terminals are also referred to as terminal devices.
Referring to fig. 1, in one embodiment, the communication system includes a terminal 101, a terminal 102, a terminal 103, the internet 110, a cloud service system 120, and a blockchain network 130. Terminal 101, terminal 102, and terminal 103 are respectively connected to the internet 110. The cloud service system 120 is connected to the internet 110 and the blockchain network 130, respectively. The cloud service system 120 includes a plurality of cloud servers, and each terminal has a cloud server corresponding thereto. For example, in the cloud server system 120, the terminal 101 corresponds to the cloud server 121, and the terminal 102 corresponds to the cloud server 122.
Each cloud server may configure an end-to-end encryption component that includes one or more of a communication module, an identity management module, a key management module, a database, an encryption and decryption module, and a group management module.
The communication module is used for communication between the terminal and the end-to-end encryption component of the cloud server and communication between the end-to-end encryption component of the cloud server and the intelligent contract execution node of the blockchain.
The identity management module is used for managing end-to-end user identification of one or more terminals, and the like. The end-to-end user identification may be, but is not limited to, an account number of the communication program. The end-to-end encryption component is also responsible for management of identities on the user chain when shared as a blockchain plugin.
The key management module is used for managing the end-to-end key of the terminal, including key generation, updating and the like.
The database is used to store the decrypted messages and to provide storage services for other modules, such as storing group structure information in a group management module.
The encryption and decryption module is used for encrypting and decrypting the information.
The group management module is used for managing the group, including creating the group, adding or deleting group members.
The blockchain network 130 includes an intelligent contract execution node 131, an intelligent contract execution node 132, and an intelligent contract execution node 133. The smart contract execution node is a blockchain node that deploys and can execute smart contracts. The intelligent contract executing node stores intelligent contracts, blockchain account books, encrypted messages and the like. An intelligent contract is a "computer transaction agreement to execute contract terms". All users on the blockchain can see the blockchain-based intelligence contract. The intelligent contract can realize the on-chain interactive logic of the end-to-end communication, and automatically returns corresponding information according to the business logic after verifying the user identity according to the business logic of the end-to-end encryption.
It should be appreciated that the number of terminals in the communication system, the number of cloud servers, the number of intelligent contract execution nodes in the blockchain network 130 are not limited to the above examples.
Referring to fig. 2, in one embodiment, a message transmission method includes:
step 201, the terminal 101 sends a message to the cloud server 121.
Step 202, the cloud server 121 encrypts the message. Specifically, the encryption and decryption module in the end-to-end encryption component of the cloud server 120 encrypts the message.
Step 203, the cloud server 121 sends the encrypted message to the blockchain network 130.
Specifically, cloud server 121 sends the encrypted message to any one of the intelligent contract execution nodes of blockchain network 130, which may broadcast the encrypted message to all of the intelligent contract execution nodes of blockchain network 130, which all store the encrypted message.
Step 204, the terminal 102 sends a query message request to the cloud server 122.
Step 205, the cloud server 122 requests to obtain the encrypted message from the blockchain network 130 according to the query message.
Step 206, the cloud server 122 decrypts the encrypted message. Specifically, an encryption and decryption module in the end-to-end encryption component of the cloud server 122 decrypts the encrypted message.
Step 207, the cloud server 122 sends the message to the terminal 102.
Since the smart contract executing nodes of the blockchain network 130 are distributed nodes, even if one or more smart contract executing nodes fail, other smart contract executing nodes can still execute the smart contract transmission encrypted message, and thus the reliability of storing and transmitting messages can be improved.
It should be noted that, the end-to-end encryption component may be integrated in a software development kit, and perform secondary encapsulation development application based on the software development kit; the system can also be used as an optional plug-in on a single blockchain, and can be used by a plurality of users after the identities of different users are checked. When the end-to-end encryption component is used as a software module of the terminal, the terminal can directly communicate with an intelligent contract execution node of the blockchain network, and the interaction signaling between the terminal and the intelligent contract execution node in the message processing process is similar to the interaction signaling between the cloud server and the intelligent contract execution node in the application, and is not repeated here.
Referring to fig. 3, in one embodiment, the message processing method of the present application includes:
step 301, the first terminal sends a message to a first cloud server.
In this embodiment, a communication connection is established between the first terminal, the first cloud server, and the blockchain network. The communication connection may be, but is not limited to, a google remote procedure call (google remote procedure call, GRPC) connection.
It should be understood that the first terminal may also send a blockchain user identity or an end-to-end user identity of the first terminal, and the first cloud server authenticates according to the blockchain user identity or the end-to-end user identity of the first terminal. The first terminal may be any terminal having an end-to-end user identity and a blockchain user identity.
And step 302, the first cloud server sends the request for inquiring the configuration information to the intelligent contract executing node according to the message.
Step 303, the intelligent contract executing node determines an intelligent contract corresponding to the blockchain user identifier of the first terminal according to the intelligent contract identifier carried by the query configuration information request.
Step 304, the intelligent contract executing node obtains the first group configuration information set according to the intelligent contract.
Specifically, the query configuration information request includes an intelligent contract identifier, the intelligent contract execution node determines an intelligent contract according to the intelligent contract identifier, and obtains a first group configuration information set according to the intelligent contract. After the intelligent contract executing node obtains the first group configuration information set, the first group configuration information set is sent to the first terminal.
Step 305, the first cloud server receives a first group configuration information set sent by the intelligent contract executing node.
Step 306, the first cloud server obtains the blockchain user identifier of the first terminal.
Optionally, the first cloud server obtains the blockchain user identifier of the first terminal from the locally stored blockchain user identifiers. Alternatively, the terminal sends the first blockchain user identifier of the terminal at the same time of sending the message, and the first cloud server receives the blockchain user identifier sent by the first terminal.
Step 307, the first cloud server selects first group configuration information corresponding to the blockchain user identifier of the first terminal from the first group configuration information set.
Wherein the first set of group configuration information may include all of the group configuration information currently stored, each group configuration information including a group communication key and a blockchain user identification of the group user.
Step 308, the first cloud server encrypts the message using the first group communication key in the first group configuration information.
It should be noted that, the encryption and decryption algorithm in the present application is an asymmetric encryption algorithm, the first group communication key is generated according to the public key package of the group user, and the private key of the decrypted message is the private key of the group user.
And 309, the first cloud server sends the encrypted message and the blockchain user identification of the first terminal to the intelligent contract executing node.
Step 310, the intelligent contract executing node stores the encrypted message and the blockchain user identification of the first terminal in the blockchain according to the intelligent contract. The encrypted message and the blockchain user identification of the first terminal may be bound to identify the blockchain user of the first terminal as the sender of the message.
In this embodiment, after encrypting a message sent by a terminal, the first cloud server may send the encrypted message to an intelligent contract executing node, where the intelligent contract executing node stores the encrypted message in a blockchain. Because the intelligent contract executing nodes of the blockchain network are distributed nodes, when one or a plurality of intelligent contract executing nodes fail, the encrypted information is still stored in the blockchain, thereby improving the security of the stored information.
Referring to fig. 4, in an alternative embodiment, the message processing method of the present application further includes:
and step 401, the second terminal sends a query message request to the second cloud server.
Step 402, the second cloud server sends a query message request to the intelligent contract execution node.
In this application, the first terminal and the second terminal belong to a first group. Alternatively, the blockchain user of the first terminal and the blockchain user of the second terminal belong to a first group.
Step 403, the intelligent contract executing node obtains the second group configuration information set and the encryption information corresponding to each group configuration information in the second group configuration information set according to the query message request.
Specifically, the query message request includes an intelligent contract identifier, and the intelligent contract executing node determines an intelligent contract according to the intelligent contract identifier of the query message request, and obtains the second group configuration information set and encryption information corresponding to each group configuration information in the second group configuration information set according to the intelligent contract. The second set of group configuration information may include all group configuration information stored at the current time.
Step 404, the intelligent contract executing node sends the second group configuration information set and the encrypted message corresponding to each group configuration information in the second group configuration information set to the second cloud server.
Step 405, the second cloud server determines, in the second set of group configuration information, first group configuration information including a blockchain user identifier of the second terminal.
Step 406, the second cloud server determines an encrypted message corresponding to the first group configuration information from the encrypted messages sent by the intelligent contract executing node.
Step 407, the second cloud server decrypts the encrypted message corresponding to the first group configuration information according to the private key of the second terminal. The second cloud server may also store the decrypted message in a local database.
And step 408, the second cloud server sends the decrypted message to the second terminal. The second terminal displays the decrypted message.
It should be noted that the first cloud server and the second cloud server may be configured in the same computing device, or may be configured in different computing devices.
In this embodiment, after the intelligent contract executing node stores the encrypted message in the blockchain, the second cloud server may obtain the encrypted message from the blockchain, decrypt the encrypted message according to the private key of the second terminal, and send the decrypted message to the second terminal, thereby completing end-to-end message transmission. The message is encrypted in the end-to-end communication process, so that the safety of message transmission can be ensured.
Second, since the intelligent contract executing nodes of the blockchain network are distributed nodes, when one or several intelligent contract executing nodes fail, the encrypted message is still stored in the blockchain, thereby improving the security of the transmitted message.
The message processing method shown in fig. 4 requires the acquisition of a group communication key from the blockchain, and encrypts a message according to the group communication key. The present application may generate the group communication key and the group configuration information before step 401, and the generation process of the group communication key and the group configuration information is described below, and participates in fig. 5, in another embodiment, the message processing method of the present application further includes:
step 501, a first terminal sends a request for creating a group to a first cloud server.
Step 502, the first cloud server sends a request for creating a group to the intelligent contract execution node.
In step 503, the smart contract executing node obtains public key packages of other group users from the blockchain according to the request for creating the group.
Specifically, the group creation request includes an intelligent contract identifier and blockchain user identifiers of other group users in the first group, the intelligent contract execution node determines an intelligent contract according to the intelligent contract identifier of the group creation request, and obtains public key packages of the other group users from the blockchain according to the intelligent contract and the blockchain user identifiers of the other group users in the first group. The other group users are group users other than the first terminal in the first group.
Step 504, the intelligent contract executing node sends the public key package of other group users to the first terminal.
In step 505, the first cloud server generates a first group communication key according to the public key package of all group users in the first group.
The first terminal belongs to a first group. The public key packages of all group users in the first group include the public key packages of the first terminal and the public key packages of other group users. The protocol for generating the first group communication key from the public key package of all group users in the first group may be a message layer security (message layer security, MLS) protocol or a signaling protocol (signaling protocol). The signal protocol is also called text security protocol (text secure protocol).
Step 506, the first terminal generates the first group configuration information according to the blockchain user identifiers of all the group users in the first group and the first group communication key.
In an alternative embodiment, the first group configuration information is as shown in table 1:
Figure BDA0004035537250000111
TABLE 1
It should be understood that the first group configuration information, the second group configuration information, and other group configuration information in this application are not limited to the examples shown in table 1, and may be specifically set according to practical situations. The group user identity may be, but is not limited to, an end-to-end user identity.
And step 507, the first terminal sends the first group configuration information to the intelligent contract executing node.
Step 508, the smart contract execution node writes the first group configuration information to the blockchain.
Specifically, the intelligent contract executing node writing the first group configuration information into the blockchain and writing the first group configuration information into the blockchain means that the intelligent contract executing node sends the first group configuration information to other intelligent contract executing nodes of the blockchain network, and then all intelligent contract executing nodes of the blockchain network store the first group configuration information.
In this embodiment, the first terminal may generate the first group communication key according to the public key package of all the group users of the first group, and after encrypting the message by using the first group communication key, only the private key of the user of the first group may decrypt the message to obtain the message. The private key of the user not belonging to the first group cannot be decrypted and thus the transmission message can be kept secret.
Next, the present embodiment provides a method of creating a group and generating group configuration information based on which a message can be transmitted. The existing end-to-end encryption method is only used for two people to communicate, and the message processing method can provide end-to-end communication for more users, so that the application scene of end-to-end encryption is expanded.
After generating the group communication key and the group configuration information, other group terminals can send a request for inquiring the configuration information to the intelligent contract executing node, and the group configuration information where the terminal is located can be inquired in the blockchain according to the blockchain user identification carried by the request for inquiring the configuration information.
Or the first terminal sends an under-link notification to the terminal corresponding to the first group through an internet protocol (internet protocol, IP) network, after other group terminals (such as a second terminal) receive the under-link notification, the first terminal sends a request for inquiring configuration information to the intelligent contract executing node according to the under-link notification, and the group and group configuration information where the terminal is located can be inquired in the blockchain according to the blockchain user identifier carried by the request for inquiring configuration information.
After creating the group, the group user can be added. Referring to fig. 6, in an alternative embodiment, the message processing method of the present application further includes:
in step 601, the first terminal sends an update group request to the first cloud server.
Step 602, the first cloud server sends an update group request to the intelligent contract execution node.
Step 603, the intelligent contract executing node obtains the public key package of the target user according to the update group request.
Specifically, the update group request includes a blockchain user identifier and an intelligent contract identifier of the target user, the intelligent contract executing node determines an intelligent contract according to the intelligent contract identifier in the update group request, and obtains a public key package of the target user according to the blockchain user identifier and the intelligent contract identifier of the target user in the update group request.
Step 604, the first cloud server receives a public key package of the target user sent by the intelligent contract executing node.
Step 605, the first cloud server generates a second group communication key according to the public key package of the target user and the public key packages of all group users in the first group.
When the public key package of all the group users in the first group is stored in the first terminal, the first terminal may generate the second group communication key according to the public key package of the target user and the public key package of all the group users in the first group.
When the public key packages of all the group users in the first group are not stored in the first terminal, the first terminal can send a group user key inquiry request to the intelligent contract executing node, the group user key inquiry request comprises the blockchain user identification of the group users, the intelligent contract executing node obtains the public key packages of all the group users in the first group according to the group user key inquiry request, then sends the public key packages of all the group users in the first group to the first terminal, and then the first terminal can generate a second group communication key according to the public key packages of the target users and the public key packages of all the group users in the first group.
In step 606, the first cloud server generates second group configuration information according to the blockchain user identifier of the target user, the blockchain user identifiers of all group users in the first group, and the second group communication key.
It should be appreciated that the second group configuration information includes the second group communication key, the blockchain user identification of the target user, and the blockchain user identifications of all group users in the first group.
In step 607, the first cloud server sends the second group configuration information to the intelligent contract executing node.
Step 608, the smart contract execution node writes the second group configuration information to the blockchain.
For a target user that does not belong to the first group, the present embodiment may update the first group communication key to the second group communication key according to the public key package of the target user, and then store the blockchain user identification of the target user and the second group communication key in the blockchain.
After the second group configuration information is written into the blockchain, the intelligent contract executing node can request to acquire the second group configuration information from the blockchain according to the query message sent by the terminal of the target user, send the second group configuration information and the encrypted message to the terminal of the target user, and the terminal of the target user decrypts the message according to the private key of the target user. The process of querying the message by the terminal of the target user is similar to the process of querying the message by the second terminal in steps 401 to 408, and detailed description thereof will be omitted.
The present application may authorize all or a portion of the users to modify group configuration information. In an alternative embodiment, step 607 includes: the first cloud server sends the second group configuration information and the blockchain user identification of the first terminal to an intelligent contract executing node; the intelligent contract executing node judges whether the blockchain user identifier of the first terminal belongs to a preset group administrator user group, and when the blockchain user identifier of the first terminal belongs to the preset group administrator user group, step 608 is executed; when the blockchain user identifier of the first terminal does not belong to the preset group administrator user group, step 608 is not executed, and an error prompt is returned, wherein the error prompt is used for notifying the user that the modification of the group configuration information fails.
It should be noted that, the deleted group user may be considered to be a new group created in the present application, and the new group does not include the deleted user compared to the original group.
The message processing method of the present application requires the use of blockchain user identification and end-to-end keys. The end-to-end key for each terminal includes a public key package and a private key. Referring to fig. 7, in another embodiment, the message processing method of the present application further includes:
Step 701, a first terminal sends a first registration request to a first cloud server.
Step 702, a first cloud server sends a first registration request to an intelligent contract execution node.
Step 703, the intelligent contract executing node generates a blockchain user identifier of the first terminal according to the first registration request.
Step 704, the first cloud server receives a blockchain user identifier of the first terminal sent by the intelligent contract executing node.
Step 705, the first cloud server sends the blockchain user identifier of the first terminal to the first terminal.
Step 706, the first terminal sends a second registration request to the first cloud server.
Step 707, the first cloud server generates an end-to-end user identifier of the first terminal according to the second registration request.
Step 708, the first terminal receives an end-to-end user identifier of the first terminal sent by the first cloud server.
Step 709, the first cloud server stores the identity-related data. The identity association data includes a correspondence of an end-to-end user identification of the first terminal and a blockchain user identification of the first terminal.
Step 710, the first cloud server obtains a public key package of the first terminal.
In an alternative embodiment, the first terminal generates a private key of the first terminal and a public key package of the first terminal according to a key generation algorithm. In another alternative embodiment, the first terminal sends a request for obtaining the key to the key server, and receives the private key of the first terminal and the public key package of the first terminal sent by the key server.
And step 711, the first cloud server sends the identity association data and the public key package of the first terminal to the intelligent contract executing node.
Step 712, the smart contract execution node writes the identity-related data to the blockchain with the public key package of the first terminal.
The embodiment provides a method for registering a blockchain user and an end-to-end user of a first terminal and acquiring an end-to-end key, which can store identity related data and a public key package of the first terminal in a blockchain, so that the user can still use the information to communicate after replacing the terminal.
It should be noted that, the operations performed by the smart contract executing node in the present application are all implemented based on smart contracts, for example, obtaining group configuration information, storing encrypted messages and group configuration information into a blockchain, and so on.
Referring to fig. 8, in another embodiment, the communication system of the present application includes a terminal 801, a terminal 802, a terminal 803, the internet 810, and a blockchain network 820. Terminals 801, 802, and 803 are each connected to the internet 810, and the internet 810 is connected to the blockchain network 820. The blockchain network 820 includes an intelligent contract execution node 821, an intelligent contract execution node 822, and an intelligent contract execution node 823. It should be appreciated that the number of terminals in the communication system, the number of intelligent contract executing nodes in the blockchain network 820, is not limited to the above examples. Each terminal may be configured with an end-to-end encryption component that is identical to the end-to-end encryption component described above.
Referring to fig. 9, in an embodiment, a message transmission method includes:
step 901, terminal 801 encrypts the message. Specifically, the encryption and decryption module in the end-to-end encryption component of terminal 801 encrypts the message.
Step 902, terminal 801 sends an encrypted message to an intelligent contract node of blockchain network 820.
Specifically, terminal 801 sends the encrypted message to any one of the intelligent contract execution nodes of blockchain network 820, which may broadcast the encrypted message to all of the intelligent contract execution nodes of blockchain network 820, which all store the encrypted message.
Step 903, the terminal 802 sends a query message request to an intelligent contract node of the blockchain network 820.
Step 904, the terminal 802 obtains an encrypted message from the blockchain network 820 according to the query message request.
Step 905, the terminal 802 decrypts the encrypted message. Specifically, an encryption and decryption module in the end-to-end encryption component of the terminal 802 decrypts the encrypted message.
The message processing method of the present application may not need a cloud server, and the following describes in detail the process of executing the message processing method of the present application by the terminal and the blockchain network, referring to fig. 10, in another embodiment, the message processing method of the present application includes:
Step 1001, the first terminal sends a request for inquiring configuration information to the intelligent contract executing node. The first terminal may be any terminal having a blockchain user identity.
Step 1002, the intelligent contract executing node determines an intelligent contract corresponding to an intelligent contract identifier carried by the query configuration information request.
Step 1003, the intelligent contract executing node obtains a first group configuration information set according to the intelligent contract.
Step 1004, the first terminal receives a first group configuration information set sent by the intelligent contract execution node.
Step 1005, the first terminal obtains the blockchain user identifier of the first terminal.
In step 1006, the first terminal selects first group configuration information corresponding to the blockchain user identifier of the first terminal from the first group configuration information set.
Step 1007, the first terminal encrypts the message using the first group communication key in the first group configuration information.
Step 1008, the first terminal sends the encrypted message and the blockchain user identification of the first terminal to the intelligent contract executing node.
In step 1009, the intelligent contract executing node stores the encrypted message and the blockchain user identifier of the first terminal in the blockchain according to the intelligent contract.
In this embodiment, after the first terminal encrypts the message, the encrypted message may be stored in the blockchain. After the first terminal uploads the message, other terminals of the first group (e.g., the second terminal) may query and decrypt the message of the first group from the blockchain, thereby completing the end-to-end communication. Because the smart contract executing nodes are distributed, one or more smart contract executing nodes fail and the message remains in the blockchain, thereby improving the reliability of storing and transmitting messages.
In another alternative embodiment, prior to step 1001, the message processing method of the present application further includes:
the first terminal sends a group creation request to the intelligent contract execution node, wherein the group creation request comprises block chain user identifiers of other group users in the first group; the intelligent contract executing node acquires public key packages of other group users from the blockchain according to the blockchain user identifiers of the other group users; the method comprises the steps that a first terminal receives public key packages of other group users sent by an intelligent contract executing node, generates a first group communication key according to the public key packages of all group users in a first group, generates first group configuration information according to block chain user identifiers of all group users in the first group and the first group communication key, and sends the first group configuration information to the intelligent contract executing node; the smart contract execution node writes the first group configuration information to the blockchain.
In this embodiment, the first group configuration information includes a first group communication key, and each group user of the first group may acquire the first group communication key and then encrypt and decrypt the message using the first group communication key, so as to implement multi-person communication. The existing end-to-end encryption method is only used for two people to communicate, and the message processing method can provide end-to-end communication for more users.
In combination with the previous embodiment, in another optional embodiment, the message processing method of the present application further includes:
the first terminal sends an update group request to the intelligent contract execution node, wherein the update group request comprises a blockchain user identifier of a target user, and the target user does not belong to a first group; the intelligent contract executing node acquires a public key package of the target user according to the blockchain user identification of the target user; the first terminal receives a public key package of a target user sent by an intelligent contract executing node, generates a second group communication key according to the public key package of the target user and the public key package of all group users in a first group, generates second group configuration information according to the blockchain user identification of the target user, the blockchain user identification of all group users in the first group and the second group communication key, and sends the second group configuration information to the intelligent contract executing node; the smart contract execution node writes the second group configuration information to the blockchain.
In this embodiment, for a target user that does not belong to the first group, the first group communication key may be updated to the second group communication key according to the public key package of the target user, and the blockchain user identifier of the target user and the second group communication key may be stored in the blockchain.
Referring to fig. 11, in an alternative embodiment, after step 1009, the message processing method of the application further includes:
step 1101, the second terminal sends a query message request to the intelligent contract execution node, where the second terminal and the first terminal belong to the first group.
Step 1102, the intelligent contract executing node obtains the second group configuration information set and the encryption information corresponding to each group configuration information in the second group configuration information set according to the query message request.
In step 1103, the second terminal receives the second group configuration information set and the encrypted message corresponding to each group configuration information in the second group configuration information set, which are sent by the intelligent contract executing node.
Step 1104, the second terminal determines, in the second set of group configuration information, first group configuration information corresponding to the blockchain user identifier including the second terminal.
Step 1105, the second terminal determines an encrypted message corresponding to the first group configuration information from the encrypted messages sent by the intelligent contract executing node.
Step 1106, the second terminal decrypts the encrypted message corresponding to the first group configuration information according to the private key of the second terminal.
In this embodiment, after the first terminal uploads the message, other terminals (such as the second terminal) of the first group may query and decrypt the message of the first group through the second cloud server, so as to complete the end-to-end communication. The message is encrypted in the end-to-end communication process, so that the safety of message transmission can be ensured. The end-to-end communication method can be applied to a plurality of users in the group, and the application scene of end-to-end encryption is expanded.
Referring to fig. 12, in one embodiment, a cloud server 1200 of the present application includes a receiving module 1201, a processing module 1202, and a sending module 1203;
the receiving module 1201 is configured to receive a message sent by a first terminal;
the sending module 1203 is configured to send a request for querying configuration information to the smart contract executing node, where the request for querying configuration information includes a blockchain user identifier of the first terminal;
the receiving module 1201 is configured to receive a first group configuration information set sent by an intelligent contract executing node, where the first group configuration information is obtained by the intelligent contract executing node according to an intelligent contract identifier requested by querying the configuration information;
The processing module 1202 is configured to obtain a blockchain user identifier of a first terminal; selecting first group configuration information corresponding to the blockchain user identification of the first terminal from the first group configuration information set; encrypting the message using a first group communication key in the first group configuration information;
the sending module 1203 is further configured to send the encrypted message and the blockchain user identifier of the first terminal to the smart contract executing node.
The receiving module 1201, the processing module 1202 and the sending module 1203 may be implemented by software, or may be implemented by hardware. Illustratively, an implementation of the processing module 1202 is described next with respect to the processing module 1202. Similarly, the implementation of the receiving module 1201 and the sending module 1203 may refer to the implementation of the processing module 1202.
Module as an example of a software functional unit, the processing module 1202 may include code that runs on a computing instance. The computing instance may include at least one of a physical host (computing device), a virtual machine, and a container, among others. Further, the above-described computing examples may be one or more. For example, the processing module 1202 may include code that runs on multiple hosts/virtual machines/containers. It should be noted that, multiple hosts/virtual machines/containers for running the code may be distributed in the same region (region), or may be distributed in different regions. Further, multiple hosts/virtual machines/containers for running the code may be distributed in the same availability zone (availability zone, AZ) or may be distributed in different AZs, each AZ comprising a data center or multiple geographically close data centers. Wherein typically a region may comprise a plurality of AZs.
Also, multiple hosts/virtual machines/containers for running the code may be distributed in the same virtual private cloud (virtual private cloud, VPC) or in multiple VPCs. In general, one VPC is disposed in one region, and a communication gateway is disposed in each VPC for implementing inter-connection between VPCs in the same region and between VPCs in different regions.
Module as an example of a hardware functional unit, the processing module 1202 may include at least one computing device, such as a server or the like. Alternatively, the processing module 1202 may be a device implemented using an application-specific integrated circuit (ASIC) or a programmable logic device (programmable logic device, PLD), etc. The PLD may be implemented as a complex program logic device (complex programmable logical device, CPLD), a field-programmable gate array (FPGA), a general-purpose array logic (generic array logic, GAL), or any combination thereof.
The processing module 1202 may include multiple computing devices distributed in the same region or in different regions. The processing module 1202 may include multiple computing devices distributed among the same AZ or among different AZ. Likewise, multiple computing devices included in the processing module 1202 may be distributed across the same VPC or across multiple VPCs. Wherein the plurality of computing devices may be any combination of computing devices such as servers, ASIC, PLD, CPLD, FPGA, and GAL.
It should be noted that, in other embodiments, the processing module 1202 may be configured to perform any step performed by the first cloud server or the second cloud server in the message processing method of the embodiments illustrated in fig. 3 to 7, the receiving module 1201 may be configured to perform any step performed by the first cloud server or the second cloud server in the message processing method of the embodiments illustrated in fig. 3 to 7, the sending module 1203 may be configured to perform any step performed by the first cloud server or the second cloud server in the message processing method of the embodiments illustrated in fig. 3 to 7, and the steps responsible for implementation of the receiving module 1201, the processing module 1202, and the sending module 1203 may be specified as needed, and the receiving module 1201, the processing module 1202, and the sending module 1203 implement different steps in the message processing method to implement all functions of the first cloud server or the second cloud server, respectively.
The present application provides a communication system capable of implementing a message processing method of any one of the embodiments shown in fig. 3 to fig. 7. Referring to fig. 13, in one embodiment, a communication system of the present application includes a terminal 101, a cloud server 121, a terminal 102, a cloud server 122, and an intelligent contract executing node 131, where the terminal 102 and the terminal 101 belong to a first group;
The terminal 101 is configured to send a message to the cloud server 121;
the cloud server 121 is configured to send a request for querying configuration information to the smart contract execution node 131 according to a message sent by the terminal 101;
the intelligent contract executing node 131 is configured to determine an intelligent contract corresponding to an intelligent contract identifier carried by the query configuration information request; acquiring a first group configuration information set according to an intelligent contract;
the cloud server 121 is further configured to receive a first group configuration information set sent by the smart contract execution node 131; acquiring a blockchain user identifier of the terminal 101; selecting first group configuration information corresponding to the blockchain user identifier of the terminal 101 from the first group configuration information set; encrypting the message using a first group communication key in the first group configuration information; transmitting the encrypted message and the blockchain user identification of the terminal 101 to the smart contract execution node 131; the smart contract execution node 131 is further configured to store the encrypted message and the blockchain user identification of the terminal 101 in the blockchain according to the smart contract.
The terminal 101, the cloud server 121, and the smart contract execution node 131 may be implemented by software or by hardware. Illustratively, an implementation of the cloud server 121 is described next. Similarly, the implementation of the terminal 101 and the smart contract execution node 131 may refer to the implementation of the cloud server 121.
Modules as one example of a software functional unit, cloud server 121 may include code that runs on a computing instance. Wherein the computing instance may be at least one of a physical host (computing device), a virtual machine, a container, etc. computing device. Further, the computing device may be one or more. For example, cloud server 121 may include code that runs on multiple hosts/virtual machines/containers. It should be noted that, multiple hosts/virtual machines/containers for running the application may be distributed in the same region, or may be distributed in different regions. Multiple hosts/virtual machines/containers for running the code may be distributed among the same AZ or among different AZs, each AZ including one data center or multiple geographically close data centers. Wherein typically a region may comprise a plurality of AZs.
Also, multiple hosts/virtual machines/containers for running the code may be distributed in the same VPC, or may be distributed among multiple VPCs. Where typically one VPC is placed within one region. The inter-region communication between two VPCs in the same region and between VPCs in different regions needs to set a communication gateway in each VPC, and the interconnection between the VPCs is realized through the communication gateway.
Modules as one example of hardware functional units, cloud server 121 may include at least one computing device, such as a server or the like. Alternatively, the cloud server 121 may be a device implemented by ASIC or PLD. Wherein, the PLD can be CPLD, FPGA, GAL or any combination thereof.
The multiple computing devices included in cloud server 121 may be distributed in the same region or may be distributed in different regions. The plurality of computing devices included in the cloud server 121 may be distributed in the same AZ or may be distributed in different AZ. Likewise, multiple computing devices included in cloud server 121 may be distributed in the same VPC or may be distributed among multiple VPCs. Wherein the plurality of computing devices may be any combination of computing devices such as servers, ASIC, PLD, CPLD, FPGA, and GAL.
It should be understood that cloud server 121 can implement any step performed by the first cloud server in the embodiments shown in fig. 3 to 7, terminal 101 can implement any step performed by the first terminal in the embodiments shown in fig. 3 to 7, cloud server 122 can implement any step performed by the second cloud server in the embodiments shown in fig. 3 to 7, and terminal 102 can implement any step performed by the second terminal in the embodiments shown in fig. 3 to 7. The smart contract execution node 131 is capable of implementing any of the steps performed by the smart contract execution node in the embodiments illustrated in fig. 3-7.
Referring to fig. 14, in another embodiment, a terminal 1400 of the present application includes a receiving module 1401, a processing module 1402, and a transmitting module 1403;
the sending module 1403 is configured to send a request for querying configuration information to the smart contract executing node, where the request for querying configuration information includes a blockchain user identifier of the first terminal;
the receiving module 1401 is configured to receive a first group configuration information set sent by an intelligent contract executing node, where the first group configuration information is obtained by the intelligent contract executing node according to an intelligent contract identifier requested by querying the configuration information;
the processing module 1402 is configured to obtain a blockchain user identifier of a first terminal; selecting first group configuration information corresponding to the blockchain user identification of the first terminal from the first group configuration information set; encrypting the message using a first group communication key in the first group configuration information;
the sending module 1403 is further configured to send the encrypted message and the blockchain user identification of the first terminal to the smart contract executing node.
The receiving module 1401, the processing module 1402, and the transmitting module 1403 may be implemented in software, or may be implemented in hardware. Illustratively, an implementation of the processing module 1402 will be described next with reference to the processing module 1402. Similarly, the implementation of the receiving module 1401 and the transmitting module 1403 may refer to the implementation of the processing module 1402.
Module as an example of a software functional unit, the processing module 1402 may include code running on a computing instance. The computing instance may include at least one of a physical host (computing device), a virtual machine, and a container, among others. Further, the above-described computing examples may be one or more. For example, processing module 1402 can include code that runs on multiple hosts/virtual machines/containers. It should be noted that, multiple hosts/virtual machines/containers for running the code may be distributed in the same region (region), or may be distributed in different regions. Further, multiple hosts/virtual machines/containers for running the code may be distributed in the same availability zone (availability zone, AZ) or may be distributed in different AZs, each AZ comprising a data center or multiple geographically close data centers. Wherein typically a region may comprise a plurality of AZs.
Also, multiple hosts/virtual machines/containers for running the code may be distributed in the same virtual private cloud (virtual private cloud, VPC) or in multiple VPCs. In general, one VPC is disposed in one region, and a communication gateway is disposed in each VPC for implementing inter-connection between VPCs in the same region and between VPCs in different regions.
Module as an example of a hardware functional unit, the processing module 1402 may include at least one computing device, such as a server or the like. Alternatively, the processing module 1402 may be a device implemented using an application-specific integrated circuit (ASIC) or a programmable logic device (programmable logic device, PLD), or the like. The PLD may be implemented as a complex program logic device (complex programmable logical device, CPLD), a field-programmable gate array (FPGA), a general-purpose array logic (generic array logic, GAL), or any combination thereof.
The processing module 1402 can include multiple computing devices distributed in the same region or in different regions. The processing module 1402 may include multiple computing devices distributed among the same AZ or among different AZ. Likewise, multiple computing devices included in processing module 1402 may be distributed in the same VPC or may be distributed among multiple VPCs. Wherein the plurality of computing devices may be any combination of computing devices such as servers, ASIC, PLD, CPLD, FPGA, and GAL.
In other embodiments, the processing module 1402 may be configured to perform any step performed by the first terminal or the second terminal in the message processing method of the embodiment shown in fig. 9 to the embodiment shown in fig. 11, the receiving module 1401 may be configured to perform any step performed by the first terminal or the second terminal in the message processing method of the embodiment shown in fig. 9 to the embodiment shown in fig. 11, the transmitting module 1403 may be configured to perform any step performed by the first terminal or the second terminal in the message processing method of the embodiment shown in fig. 9 to the embodiment shown in fig. 11, and the steps that the receiving module 1401, the processing module 1402, and the transmitting module 1403 are responsible for implementing may be specified as needed, and the receiving module 1401, the processing module 1402, and the transmitting module 1403 implement different steps in the message processing method, respectively, to implement the overall functions of the first terminal or the second terminal.
Referring to fig. 15, in another embodiment, a communication system includes an intelligent contract execution node 821, a terminal 801, and a terminal 802, the terminal 802 and the terminal 801 belonging to a first group;
the terminal 801 is configured to send a request for inquiring configuration information to the smart contract execution node 821;
the intelligent contract executing node 821 is configured to determine an intelligent contract corresponding to an intelligent contract identifier carried by the query configuration information request; acquiring a first group configuration information set according to an intelligent contract;
terminal 801 is further configured to receive a first set of group configuration information sent by smart contract execution node 821; acquiring a blockchain user identifier of the terminal 801; selecting first group configuration information corresponding to the blockchain user identifier of the terminal 801 from the first group configuration information set; encrypting the message using a first group communication key in the first group configuration information; transmitting the encrypted message and the blockchain user identification of the terminal 801 to the intelligent contract execution node 821;
the smart contract execution node 821 is also configured to store encrypted messages and blockchain user identifications of the terminal 801 in the blockchain in accordance with the smart contract.
In an alternative embodiment, the terminal 802 is configured to send a query message request to the smart contract execution node 821; the intelligent contract executing node 821 is further configured to obtain the second set of group configuration information and encryption information corresponding to each group configuration information in the second set of group configuration information according to the query message request; the terminal 802 is further configured to receive the second set of group configuration information and an encrypted message corresponding to each group configuration information in the second set of group configuration information sent by the intelligent contract execution node 821; determining first group configuration information corresponding to the blockchain user identification comprising the terminal 802 in the second group configuration information set; determining an encrypted message corresponding to the first group configuration information from the encrypted messages sent by the intelligent contract execution node 821; the encrypted message corresponding to the first group configuration information is decrypted according to the private key of the terminal 802.
In another alternative embodiment, terminal 801 is further configured to send a create group request to smart contract execution node 821 including blockchain user identifications of other group users in the first group; the intelligent contract executing node 821 is further configured to obtain public key packages of other group users from the blockchain according to blockchain user identifiers of other group users; terminal 801 is further configured to receive public key packages of other group users sent by smart contract execution node 821; generating a first group communication key according to public key packages of all group users in the first group; generating first group configuration information according to the blockchain user identifications of all group users in the first group and the first group communication key; transmitting the first group configuration information to the smart contract execution node 821; the smart contract execution node 821 is also configured to write first group configuration information to the blockchain.
In another alternative embodiment, terminal 801 is further configured to send an update group request to smart contract execution node 821, the update group request including a blockchain user identification of the target user; the intelligent contract executing node 821 is further configured to obtain a public key package of the target user according to the blockchain user identifier of the target user; terminal 801 is further configured to receive a public key package of a target user sent by smart contract execution node 821; generating a second group communication key according to the public key package of the target user and the public key packages of all group users in the first group; generating second group configuration information according to the blockchain user identification of the target user, the blockchain user identifications of all group users in the first group and the second group communication key; sending the second group configuration information to the smart contract execution node 821; the smart contract execution node 821 is also configured to write second group configuration information to the blockchain.
It should be understood that the terminal 801 may be used to perform any step performed by a first terminal in the message processing method of the embodiment of fig. 9 to 11, the terminal 802 may be used to perform any step performed by a second terminal in the message processing method of the embodiment of fig. 9 to 11, and the smart contract performing node 821 may be used to perform any step performed by the smart contract performing node in the message processing method of the embodiment of fig. 9 to 11.
The present application also provides a computing device 1600. As shown in fig. 16, the computing device 1600 includes: bus 1602, processor 1604, memory 1606, and communication interface 1608. The processor 1604, memory 1606, and communication interface 1608 communicate via a bus 1602. The computing device 1600 may be a server or a terminal device. It should be understood that the present application is not limited to the number of processors, memories in computing device 1600.
Bus 1602 may be a peripheral component interconnect standard (peripheral component interconnect, PCI) bus or an extended industry standard architecture (extended industry standard architecture, EISA) bus, among others. The buses may be divided into address buses, data buses, control buses, etc. For ease of illustration, only one line is shown in fig. 16, but not only one bus or one type of bus. Bus 1604 may include a path for transferring information between various components of computing device 1600 (e.g., memory 1606, processor 1604, communication interface 1608).
The processor 1604 may include any one or more of a central processing unit (central processing unit, CPU), a graphics processor (graphics processing unit, GPU), a Microprocessor (MP), or a digital signal processor (digital signal processor, DSP).
The memory 1606 may include volatile memory (RAM), such as random access memory (random access memory). The processor 1604 may also include a non-volatile memory (ROM), such as read-only memory (ROM), flash memory, a mechanical hard disk (HDD), or a solid state disk (solid state drive, SSD).
The memory 1606 has stored therein executable program codes, which the processor 1604 executes to implement the functions of the aforementioned receiving module, processing module, and transmitting module, respectively, thereby implementing a message processing method. That is, the memory 1606 has instructions stored thereon for performing the message processing method.
Alternatively, the memory 1606 has executable code stored therein, and the processor 1604 executes the executable code to implement the functions of the aforementioned first terminal, cloud server, and smart contract execution node, respectively, thereby implementing a message processing method. That is, the memory 1606 has instructions stored thereon for performing the message processing method.
Communication interface 1603 enables communication between computing device 1600 and other devices or communication networks using transceiver modules such as, but not limited to, network interface cards, transceivers, and the like.
The embodiment of the application also provides a computing device cluster. The cluster of computing devices includes at least one computing device. The computing device may be a server, such as a central server, an edge server, or a local server in a local data center. In some embodiments, the computing device may also be a terminal device such as a desktop, notebook, or smart phone.
As shown in fig. 17, a cluster of computing devices includes at least one computing device 1600. The same instructions for performing the message processing method may be stored in memory 1606 in one or more computing devices 1600 in the cluster of computing devices.
In some possible implementations, portions of the instructions for performing the message processing method may also be stored separately in the memory 1606 of one or more computing devices 1600 in the cluster of computing devices. In other words, a combination of one or more computing devices 1600 may collectively execute instructions for performing the message processing method.
It should be noted that, the memory 1606 in different computing devices 1600 in the computing device cluster may store different instructions for performing part of the functions of the cloud server. That is, instructions stored in memory 1606 in different computing devices 1600 may implement the functionality of one or more of a receiving module, a processing module, and a transmitting module.
In some possible implementations, one or more computing devices in a cluster of computing devices may be connected through a network. Wherein the network may be a wide area network or a local area network, etc. Fig. 18 shows one possible implementation. As shown in fig. 18, two computing devices 1600A and 1600B are connected by a network. Specifically, the connection to the network is made through a communication interface in each computing device. In this type of possible implementation, instructions to perform the functions of a receiving module are stored in memory 1606 in computing device 1600A. Meanwhile, the memory 1606 in the computing device 1600B stores therein instructions that perform the functions of the processing module and the transmitting module.
Embodiments of the present application also provide a computer program product comprising instructions. The computer program product may be software or a program product containing instructions capable of running on a computing device or stored in any useful medium. The computer program product, when run on at least one computing device, causes the at least one computing device to perform a message processing method.
Embodiments of the present application also provide a computer-readable storage medium. The computer readable storage medium may be any available medium that can be stored by a computer or a data storage device such as a data center containing one or more available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid state disk), etc. The computer-readable storage medium includes instructions that instruct a computer to perform a message processing method.
The present application also provides a chip system including a processor and a memory coupled to each other. The memory is configured to store a computer program or instructions, and the processing unit is configured to execute the computer program or instructions stored in the memory, so that the cloud server performs the steps performed by the receiving module, the processing module, or the transmitting module in the above embodiment, or causes the terminal to perform the steps performed by the receiving module, the processing module, or the transmitting module in the above embodiment. Alternatively, the memory is an on-chip memory, such as a register, a cache, etc., and the memory may also be an off-chip memory located in a site, such as a read-only memory or other type of static storage device that can store static information and instructions, a random access memory, etc. The processor referred to in any of the foregoing may be a general purpose central processing unit, a microprocessor, an application specific integrated circuit or one or more integrated circuits for implementing the message processing methods described above.
The above embodiments are only for illustrating the technical solution of the present application, and are not limiting thereof; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the corresponding technical solutions from the scope of the technical solutions of the embodiments of the present application.

Claims (24)

1. A message processing method, wherein a communication system to which the method applies includes a blockchain network, a first cloud server, and a first terminal, the blockchain network including a plurality of smart contract execution nodes, the method comprising:
the method comprises the steps that a first cloud server receives a message sent by a first terminal;
the first cloud server sends a query configuration information request to an intelligent contract execution node according to the message, wherein the query configuration information request comprises an intelligent contract identifier;
the first cloud server receives a first group configuration information set sent by an intelligent contract executing node, wherein the first group configuration information set is acquired by the intelligent contract executing node according to an intelligent contract identifier carried by the query configuration information request;
The first cloud server acquires a blockchain user identifier of the first terminal;
the first cloud server selects first group configuration information corresponding to the blockchain user identifier of the first terminal from the first group configuration information set;
the first cloud server encrypts a message using a first group communication key in the first group configuration information;
and the first cloud server sends the encrypted message and the blockchain user identification of the first terminal to the intelligent contract executing node.
2. The method of claim 1, wherein before the first cloud server receives the message sent by the first terminal, the method further comprises:
the first cloud server receives a group creation request sent by the first terminal, wherein the group creation request comprises blockchain user identifications of other group users in a first group, and the other group users are group users except the first terminal in the first group;
the first cloud server sends the group creation request to the intelligent contract execution node;
the first cloud server receives public key packages of other group users sent by the intelligent contract executing node;
The first cloud server generates a first group communication key according to public key packages of all group users in the first group;
the first cloud server generates first group configuration information according to the blockchain user identifications of all group users in the first group and the first group communication key;
the first cloud server sends the first group configuration information to the intelligent contract execution node.
3. The method according to claim 2, wherein the method further comprises:
the first cloud server receives an update group request sent by the first terminal, wherein the update group request comprises a blockchain user identifier of a target user, and the target user does not belong to the first group;
the first cloud server sends the update group request to the intelligent contract execution node;
the first cloud server receives a public key package of the target user, which is sent by the intelligent contract executing node;
the first cloud server generates a second group communication key according to the public key package of the target user and the public key packages of all group users in the first group;
the first cloud server generates the second group configuration information according to the blockchain user identification of the target user, the blockchain user identifications of all group users in the first group and the second group communication key;
And the first cloud server sends the second group configuration information to an intelligent contract executing node.
4. A method according to any one of claims 1 to 3, wherein before the first cloud server receives the message sent by the first terminal, the method further comprises:
the first cloud server receives a first registration request sent by the first terminal;
the first cloud server sends the first registration request to the intelligent contract execution node;
the first cloud server receives a blockchain user identification of the first terminal sent by the intelligent contract executing node;
the first cloud server sends the blockchain user identification of the first terminal to the first terminal;
the first cloud server receives a second registration request sent by the first terminal;
the first cloud server sends the end-to-end user identification of the first terminal to the first terminal according to a second registration request;
the first cloud server stores identity association data, wherein the identity association data comprises a corresponding relation between an end-to-end user identifier of the first terminal and a blockchain user identifier of the first terminal;
The first cloud server acquires a public key package of the first terminal;
and the first cloud server sends the identity association data and the public key package of the first terminal to the intelligent contract executing node.
5. A message processing method, wherein a communication system to which the method is applied includes a blockchain network, a second cloud server, and a second terminal, the blockchain network including a plurality of smart contract execution nodes, the method comprising:
the method comprises the steps that a second cloud server receives a query message request sent by a second terminal, wherein the second terminal and the first terminal belong to a first group;
the second cloud server sends the query message request to the intelligent contract execution node;
the second cloud server receives a second group configuration information set sent by the intelligent contract executing node and encryption messages corresponding to each group configuration information in the second group configuration information set;
the second cloud server determines first group configuration information comprising a blockchain user identifier of the second terminal in the second group configuration information set;
the second cloud server determines an encrypted message corresponding to the first group configuration information from encrypted messages sent by the intelligent contract executing node;
The second cloud server acquires a private key of the second terminal;
the second cloud server decrypts the encrypted message corresponding to the first group configuration information according to the private key of the second terminal;
and the second cloud server sends the decrypted message to the second terminal.
6. A message processing method, wherein a communication system to which the method applies includes a blockchain network, a first cloud server, and a first terminal, the blockchain network including a plurality of smart contract execution nodes, the method comprising:
the method comprises the steps that a first cloud server receives a message sent by a first terminal;
the first cloud server sends a query configuration information request to an intelligent contract execution node according to the message, wherein the query configuration information request comprises an intelligent contract identifier;
the intelligent contract executing node determines an intelligent contract corresponding to the intelligent contract identifier carried by the query configuration information request;
the intelligent contract executing node acquires a first group configuration information set according to the intelligent contract;
the first cloud server receives a first group configuration information set sent by an intelligent contract executing node;
the first cloud server acquires a blockchain user identifier of the first terminal;
The first cloud server selects first group configuration information corresponding to the blockchain user identifier of the first terminal from the first group configuration information set;
the first cloud server encrypts a message using a first group communication key in the first group configuration information;
the first cloud server sends the encrypted message and the blockchain user identification of the first terminal to the intelligent contract executing node;
the intelligent contract executing node stores the encrypted message and the blockchain user identification of the first terminal in a blockchain according to the intelligent contract.
7. The method of claim 6, wherein the communication system further comprises a second cloud server and a second terminal, the second terminal belonging to a first group with the first terminal;
after the smart contract execution node stores the encrypted message and the blockchain user identification of the first terminal in a blockchain according to the smart contract, the method further includes:
the second cloud server receives a query message request sent by a second terminal;
the second cloud server sends the query message request to the intelligent contract execution node;
The intelligent contract executing node acquires a second group configuration information set and encryption information corresponding to each group configuration information in the second group configuration information set according to the query message request;
the second cloud server receives a second group configuration information set sent by the intelligent contract executing node and encryption messages corresponding to each group configuration information in the second group configuration information set;
the second cloud server determines first group configuration information corresponding to a blockchain user identifier comprising the second terminal in the second group configuration information set;
the second cloud server determines an encrypted message corresponding to the first group configuration information from encrypted messages sent by the intelligent contract executing node;
the second cloud server acquires a private key of the second terminal;
the second cloud server decrypts the encrypted message corresponding to the first group configuration information according to the private key of the second terminal;
and the second cloud server sends the decrypted message to the second terminal.
8. A method of message processing, the method applied to a communication system comprising a blockchain network and a first terminal, the blockchain network comprising a plurality of smart contract executing nodes, the method comprising:
The first terminal sends a request for inquiring configuration information to the intelligent contract executing node;
the intelligent contract executing node determines an intelligent contract corresponding to the intelligent contract identifier carried by the query configuration information request;
the intelligent contract executing node acquires a first group configuration information set according to the intelligent contract;
the first terminal receives a first group configuration information set sent by the intelligent contract executing node;
the first terminal acquires a blockchain user identifier of the first terminal;
the first terminal selects first group configuration information corresponding to the blockchain user identifier of the first terminal from the first group configuration information set;
the first terminal encrypts a message using a first group communication key in the first group configuration information;
the first terminal sends the encrypted message and the blockchain user identification of the first terminal to the intelligent contract executing node;
the intelligent contract executing node stores the encrypted message and the blockchain user identification of the first terminal in a blockchain according to the intelligent contract.
9. The method of claim 8, wherein the method further comprises:
The second terminal sends the query message request to the intelligent contract execution node, and the second terminal and the first terminal belong to a first group;
the intelligent contract executing node acquires a second group configuration information set and encryption information corresponding to each group configuration information in the second group configuration information set according to the query message request;
the second terminal receives a second group configuration information set sent by the intelligent contract executing node and encryption messages corresponding to each group configuration information in the second group configuration information set;
the second terminal determines first group configuration information corresponding to a blockchain user identifier of the second terminal in the second group configuration information set;
the second terminal determines an encrypted message corresponding to the first group configuration information from the encrypted messages sent by the intelligent contract executing node;
and the second terminal decrypts the encrypted message corresponding to the first group configuration information according to the private key of the second terminal.
10. A cloud server, wherein the cloud server is a first cloud server, the cloud server comprising:
The receiving module is used for receiving the message sent by the first terminal;
the sending module is used for sending a request for inquiring configuration information to the intelligent contract executing node according to the message, wherein the request for inquiring configuration information comprises an intelligent contract identifier;
the receiving module is further configured to receive a first group configuration information set sent by an intelligent contract executing node, where the first group configuration information set is obtained by the intelligent contract executing node according to an intelligent contract identifier requested by the query configuration information;
the processing module is used for acquiring the blockchain user identification of the first terminal; selecting first group configuration information corresponding to the blockchain user identifier of the first terminal from the first group configuration information set; encrypting a message using a first group communication key in the first group configuration information;
and the sending module is further used for sending the encrypted message and the blockchain user identification of the first terminal to the intelligent contract executing node.
11. The cloud server of claim 10, wherein,
the receiving module is further configured to receive a group creation request sent by the first terminal, where the group creation request includes blockchain user identifiers of other group users in a first group, where the other group users are group users in the first group except the first terminal;
The sending module is further configured to send the group creation request to the intelligent contract executing node;
the receiving module is further configured to receive a public key package of the other group users sent by the intelligent contract executing node;
the processing module is further configured to generate a first group communication key according to the public key packages of all group users in the first group; generating first group configuration information according to the blockchain user identifications of all group users in the first group and the first group communication key;
the sending module is further configured to send the first group configuration information to the intelligent contract executing node.
12. The cloud server of claim 11, wherein,
the receiving module is further configured to receive an update group request sent by the first terminal, where the update group request includes a blockchain user identifier of a target user, and the target user does not belong to the first group;
the sending module is further configured to send the update group request to the intelligent contract executing node;
the receiving module is further used for receiving a public key package of the target user, which is sent by the intelligent contract executing node;
The processing module is further configured to generate a second group communication key according to the public key package of the target user and the public key packages of all group users in the first group; generating the second group configuration information according to the blockchain user identification of the target user, the blockchain user identifications of all group users in the first group and the second group communication key;
the sending module is further configured to send the second group configuration information to an intelligent contract executing node.
13. The cloud server according to any one of claim 10 to 12,
the receiving module is further configured to receive a first registration request sent by the first terminal;
the sending module is further configured to send the first registration request to the intelligent contract executing node;
the receiving module is further configured to receive a blockchain user identifier of the first terminal sent by the intelligent contract executing node;
the sending module is further configured to send a blockchain user identifier of the first terminal to the first terminal;
the receiving module is further configured to receive a second registration request sent by the first terminal;
The sending module is further configured to send an end-to-end user identifier of the first terminal to the first terminal according to a second registration request;
the processing module is further configured to store identity association data, where the identity association data includes a correspondence between an end-to-end user identifier of the first terminal and a blockchain user identifier of the first terminal; acquiring a public key package of the first terminal;
and the sending module is further used for sending the identity association data and the public key package of the first terminal to the intelligent contract executing node.
14. A cloud server, wherein the cloud server is a second cloud server, the cloud server comprising:
the receiving module is further configured to receive a query message request sent by a second terminal, where the second terminal and the first terminal belong to a first group;
the sending module is further configured to send the query message request to the intelligent contract executing node;
the receiving module is further configured to receive a second group configuration information set sent by the intelligent contract executing node and an encrypted message corresponding to each group configuration information in the second group configuration information set;
The processing module is further configured to determine, in the second set of group configuration information, first group configuration information including a blockchain user identifier of the second terminal; determining an encrypted message corresponding to the first group configuration information from the encrypted messages sent by the intelligent contract executing node; acquiring a private key of the second terminal; decrypting the encrypted message corresponding to the first group configuration information according to the private key of the second terminal;
the sending module is further configured to send the decrypted message to the second terminal.
15. A communication system, comprising a first terminal, a first cloud server and an intelligent contract execution node;
the first terminal is used for sending the message to the first cloud server;
the first cloud server is used for sending a request for inquiring configuration information to the intelligent contract executing node according to the message sent by the first terminal, and the request for inquiring configuration information comprises an intelligent contract identifier;
the intelligent contract executing node is used for determining an intelligent contract corresponding to the intelligent contract identifier carried by the query configuration information request; acquiring a first group configuration information set according to the intelligent contract;
The first cloud server is further configured to receive a first group configuration information set sent by the intelligent contract execution node; acquiring a blockchain user identifier of the first terminal; selecting first group configuration information corresponding to the blockchain user identifier of the first terminal from the first group configuration information set; encrypting a message using a first group communication key in the first group configuration information; sending the encrypted message and the blockchain user identification of the first terminal to the intelligent contract executing node;
the intelligent contract executing node is further configured to store the encrypted message and the blockchain user identification of the first terminal in a blockchain according to the intelligent contract.
16. The communication system of claim 15, further comprising a second terminal and a second cloud server, the second terminal belonging to a first group with the first terminal;
the second terminal is used for sending the query message request to the second cloud server;
the second cloud server is further configured to send the query message request to the intelligent contract execution node;
the intelligent contract executing node is used for acquiring a second group configuration information set and encryption information corresponding to each group configuration information in the second group configuration information set according to the query message request;
The second cloud server is further configured to receive a second group configuration information set sent by the intelligent contract executing node and an encrypted message corresponding to each group configuration information in the second group configuration information set; determining first group configuration information corresponding to a blockchain user identifier comprising the second terminal in the second group configuration information set; determining an encrypted message corresponding to the first group configuration information from the encrypted messages sent by the intelligent contract executing node; acquiring a private key of the second terminal; decrypting the encrypted message corresponding to the first group configuration information according to the private key of the second terminal; and sending the decrypted message to the second terminal.
17. A communication system, comprising:
the first terminal is used for sending a request for inquiring configuration information to the intelligent contract execution node;
the intelligent contract executing node is used for determining an intelligent contract corresponding to the intelligent contract identifier carried by the query configuration information request; acquiring a first group configuration information set according to the intelligent contract;
the first terminal is further configured to receive a first group configuration information set sent by the intelligent contract execution node; acquiring a blockchain user identifier of the first terminal; selecting first group configuration information corresponding to the blockchain user identifier of the first terminal from the first group configuration information set; encrypting a message using a first group communication key in the first group configuration information; sending the encrypted message and the blockchain user identification of the first terminal to the intelligent contract executing node;
The intelligent contract executing node is further configured to store the encrypted message and the blockchain user identifier of the first terminal in a blockchain according to the intelligent contract.
18. The communication system of claim 17, wherein the communication system further comprises a second terminal;
the second terminal is configured to send the query message request to the intelligent contract execution node, where the second terminal and the first terminal belong to a first group;
the intelligent contract executing node is further configured to obtain a second group configuration information set and encryption information corresponding to each group configuration information in the second group configuration information set according to the query message request;
the second terminal is further configured to receive a second group configuration information set sent by the intelligent contract executing node and an encrypted message corresponding to each group configuration information in the second group configuration information set; determining first group configuration information corresponding to a blockchain user identifier comprising the second terminal in the second group configuration information set; determining an encrypted message corresponding to the first group configuration information from the encrypted messages sent by the intelligent contract executing node; and decrypting the encrypted message corresponding to the first group configuration information according to the private key of the second terminal.
19. A cluster of computing devices, comprising at least one computing device, each computing device comprising a processor and a memory; the processor of the at least one computing device is configured to execute instructions stored in the memory of the at least one computing device to cause the cluster of computing devices to perform the method of any one of claims 1 to 7.
20. A cluster of computing devices, comprising at least one computing device, each computing device comprising a processor and a memory; the processor of the at least one computing device is configured to execute instructions stored in the memory of the at least one computing device to cause the cluster of computing devices to perform the method of any one of claims 8 to 9.
21. A computer readable storage medium comprising computer program instructions which, when executed by a cluster of computing devices, perform the method of any of claims 1 to 7.
22. A computer readable storage medium comprising computer program instructions which, when executed by a cluster of computing devices, perform the method of any of claims 8 to 9.
23. A computer program product containing instructions that, when executed by a cluster of computing devices, cause the cluster of computing devices to perform the method of any of claims 1 to 7.
24. A computer program product containing instructions that, when executed by a cluster of computing devices, cause the cluster of computing devices to perform the method of any of claims 8 to 9.
CN202310002201.4A 2023-01-03 2023-01-03 Message processing method, cloud server and communication system Pending CN116094699A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310002201.4A CN116094699A (en) 2023-01-03 2023-01-03 Message processing method, cloud server and communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310002201.4A CN116094699A (en) 2023-01-03 2023-01-03 Message processing method, cloud server and communication system

Publications (1)

Publication Number Publication Date
CN116094699A true CN116094699A (en) 2023-05-09

Family

ID=86203877

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310002201.4A Pending CN116094699A (en) 2023-01-03 2023-01-03 Message processing method, cloud server and communication system

Country Status (1)

Country Link
CN (1) CN116094699A (en)

Similar Documents

Publication Publication Date Title
US11784788B2 (en) Identity management method, device, communications network, and storage medium
US10402578B2 (en) Management of encrypted data storage
WO2022193985A1 (en) Data processing method and apparatus, and device and storage medium
CN113364735B (en) Data cross-link access control method, system, equipment and terminal under multi-link scene
CN102195957B (en) Resource sharing method, device and system
CN111541724B (en) Block chain all-in-one machine and automatic node adding method and device thereof
US20210328767A1 (en) Hash updating methods and apparatuses of blockchain integrated station
US20130173747A1 (en) System, method and apparatus providing address invisibility to content provider/subscriber
CN111541552A (en) Block chain all-in-one machine and automatic node adding method and device thereof
CN102970135B (en) For finding method and apparatus of the shared secret without leaking non-shared secret
CN107172001B (en) Control method and device of website proxy server and key proxy server
US20230079672A1 (en) Cross-chain data transmission method and apparatus, computer device, storage medium, and computer program product
TW200928777A (en) Data processing method and apparatus based on cluster
US11470065B2 (en) Protection of private data using an enclave cluster
WO2020252611A1 (en) Data interaction method and related equipments
CN112235193B (en) Data transmission method, device, equipment and medium based on cross-network multi-level routing
US10673827B1 (en) Secure access to user data
CN114868359A (en) Apparatus and method for light communication protocol between multi-block chains
CN114142995B (en) Key security distribution method and device for block chain relay communication network
CN114780982A (en) Flow business circulation method, device and system
US20240086562A1 (en) User data management method and related device
CN114051031A (en) Encryption communication method, system, equipment and storage medium based on distributed identity
CN116094699A (en) Message processing method, cloud server and communication system
CN114338091A (en) Data transmission method and device, electronic equipment and storage medium
CN111404901A (en) Information verification method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination