WO2021042851A1 - Procédé et dispositif de signature de données destinés à être utilisés dans une chaîne de blocs, appareil informatique et support de stockage - Google Patents

Procédé et dispositif de signature de données destinés à être utilisés dans une chaîne de blocs, appareil informatique et support de stockage Download PDF

Info

Publication number
WO2021042851A1
WO2021042851A1 PCT/CN2020/099555 CN2020099555W WO2021042851A1 WO 2021042851 A1 WO2021042851 A1 WO 2021042851A1 CN 2020099555 W CN2020099555 W CN 2020099555W WO 2021042851 A1 WO2021042851 A1 WO 2021042851A1
Authority
WO
WIPO (PCT)
Prior art keywords
random number
information
signature
array
data
Prior art date
Application number
PCT/CN2020/099555
Other languages
English (en)
Chinese (zh)
Inventor
张玉坚
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2021042851A1 publication Critical patent/WO2021042851A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/14Details of searching files based on file metadata
    • G06F16/148File search processing
    • G06F16/152File search processing using file content signatures, e.g. hash values
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/17Details of further file system functions
    • G06F16/176Support for shared access to files; File sharing support
    • G06F16/1767Concurrency control, e.g. optimistic or pessimistic approaches
    • G06F16/1774Locking methods, e.g. locking methods for file systems allowing shared and concurrent access to files
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Definitions

  • This application relates to the field of data processing, and in particular to a method, device, computer equipment, and storage medium for data signing in a blockchain.
  • Blockchain is generally understood as a distributed ledger, and its essence is also a distributed database.
  • the content data in the proposal request needs to be signed, and a random number section array is used in the signing process.
  • obtaining the random number section array is realized through the urandom file lock. The inventor realized that every time a data signature needs to call system resources in real time to obtain a random number, it takes too long. And when multiple threads need to sign data at the same time, it is easy to cause file lock competition, which in turn affects the performance of the CPU itself, and reduces the concurrency of the processor.
  • the embodiments of the present application provide a method, device, computer equipment, and storage medium for data signing in a blockchain to solve the problem of affecting the concurrency of the processor during the data signing process.
  • a method for signing data in a blockchain includes:
  • a device for signing data in a blockchain includes:
  • a signature request acquisition module configured to acquire a data signature request, the data signature request including signature information
  • a signature key acquisition module configured to acquire node identity information and a signature key according to the data signature request
  • the combination module is used to combine the signature information and the node identity information to obtain the information to be signed;
  • the first hash operation module is configured to perform a hash operation on the information to be signed to obtain the first hash number
  • Random number acquisition module used to acquire a random number array from the random number cache channel as a signature random number
  • a second hash operation module configured to perform a hash operation on the signature key, the signature random number, and the first hash number to obtain a second hash number
  • the encryption module is used to encrypt the second hash number through an asymmetric encryption algorithm to obtain the encrypted hash number;
  • the sending module is used to send the encrypted hash number and node identity information to the client.
  • a computer device includes a memory and a processor, the processor and the memory are connected to each other, wherein the memory is used to store a computer program, the computer program includes program instructions, and the processor is used to execute the The program instructions of the memory, wherein:
  • a computer-readable storage medium stores a computer program
  • the computer program includes program instructions, and when the program instructions are executed by a processor, they are used to implement the following steps:
  • device, computer equipment and storage medium for data signature in the blockchain after obtaining the data signature request, obtain the node identity information and the signature key according to the data signature request; then combine the signature information with the The node identity information is combined to obtain the information to be signed; the information to be signed is hashed to obtain the first hash number; an array of random numbers is obtained from the random number cache channel as the signature random number; the signature is encrypted The key, the signature random number, and the first hash number are hashed to obtain the second hash number; the second hash number is encrypted by an asymmetric encryption algorithm to obtain the encrypted hash number; finally The encrypted hash number and node identity information are sent to the client.
  • this method caches the random number array in advance through the random number cache channel, and directly obtains the random number through the random number cache channel when signing, thereby avoiding file lock competition that may be caused by multi-threaded concurrent signatures, which is better This guarantees the performance of the CPU and improves the concurrency of the processor. Moreover, by performing multiple hash operations on the signature information and then encrypting it, it is possible to ensure that the data is not easily tampered with, and the security of the data is also ensured.
  • FIG. 1 is a schematic diagram of an application environment of a method for data signing in a blockchain in an embodiment of the present application
  • FIG. 2 is a flowchart of a method for data signing in a blockchain in an embodiment of the present application
  • FIG. 3 is another flowchart of a method for data signing in a blockchain in an embodiment of the present application
  • FIG. 4 is another flowchart of a method for data signing in a blockchain in an embodiment of the present application
  • FIG. 5 is another flowchart of a method for data signing in a blockchain in an embodiment of the present application
  • Fig. 6 is another flowchart of a method for data signing in a blockchain in an embodiment of the present application.
  • FIG. 7 is a schematic diagram of a data signing device in a blockchain in an embodiment of the present application.
  • FIG. 8 is another schematic diagram of a data signing device in a blockchain in an embodiment of the present application.
  • FIG. 9 is another schematic diagram of a data signing device in a blockchain in an embodiment of the present application.
  • Fig. 10 is a schematic diagram of a computer device in an embodiment of the present application.
  • the method for data signature in the blockchain can be applied in the application environment as shown in FIG. 1, in which the client (computer equipment) communicates with the server through the network.
  • the server obtains the data signing request sent by the client, the data signing request includes signature information; obtains the node identity information and the signing key according to the data signing request; combines the signature information and the node identity information to obtain Information to be signed; hash the information to be signed to obtain the first hash number; obtain an array of random numbers from the random number cache channel as the signature random number; to the signature key and the signature random Perform a hash operation on the number and the first hash number to obtain the second hash number; encrypt the second hash number by an asymmetric encryption algorithm to obtain the encrypted hash number; combine the encrypted hash number with the node
  • the identity information is sent to the client.
  • the client computer equipment
  • the client can be, but is not limited to, various personal computers, notebook computers, smart phones, tablet computers, and portable wearable devices.
  • the server can be implemented with an independent
  • a method for data signing in a blockchain is provided. Taking the method applied to the server in FIG. 1 as an example for description, the method includes the following steps:
  • S10 Obtain a data signature request, where the data signature request includes signature information.
  • the data signature request is a trigger request for initiating a signature on data.
  • the data signing request can be initiated by the client or triggered by the server.
  • the data signature request includes signature information, and the signature information may be original data that needs to be signed, or processed signature data.
  • a hash operation may be performed for the data that needs to be signed to obtain a hash value to form signature information.
  • the client can also send the data that needs to be signed to the server, and the server then hashes the data that needs to be signed to obtain a hash value to form the signature information, and then generate a data signature request.
  • the node identity information and signature key corresponding to the sending end can be obtained according to the identifier corresponding to the sending end (client) of the data signing request.
  • the node identity information is the identity information of the corresponding client, and the identity information can be embodied in different forms, such as at least one of numbers, letters, symbols, or words.
  • the signature key is a key carried by different clients.
  • the node identity information and signature key can be obtained by querying local MSP (Membership service provider) information.
  • MSP is a component that provides a management framework for virtual member operations. MSP extracts all the encryption mechanisms and protocols behind issuing and verifying certificates and user authentication. MSP can define its own identity concept, as well as these identity management rules (identity verification) and identity verification (signature generation and verification).
  • S30 Combine the signature information and the node identity information to obtain information to be signed.
  • the signature information and the node identity information can be directly combined to form the information to be signed.
  • a combination of "signature information + node identity information” or “node identity information + signature information” can be used to obtain the information to be signed.
  • the node identity information can also be inserted into any position in the signature information, and a position identification is formed for subsequent verification to perform corresponding operations, which further provides data security.
  • S40 Perform a hash operation on the information to be signed to obtain a first hash number.
  • Hash operation is usually implemented through a hash function, a hash function, which is also called a hash function or hash function.
  • the hash function is a public function that can map a message M of any length into a shorter and fixed-length value H(M), which is called hash value, hash value (Hash Value), and hash Value or Message Digest.
  • the hash function is a one-way cryptosystem, that is, an irreversible mapping from plaintext to ciphertext, with only an encryption process and no decryption process.
  • the information to be signed may be hashed by MD5, SHA-1 or SHA-2 algorithms.
  • the MD5 encryption algorithm Since the MD5 encryption algorithm generates a 32-bit MD5 code, and the SHA encryption algorithm generates a 40-bit SHA code, in terms of the security of cryptanalysis, using the SHA encryption algorithm (SHA-1 or SHA-2 algorithm) is better than using MD5.
  • Algorithm encryption is less susceptible to cryptanalysis attacks; in terms of operating speed, encryption using MD5 algorithm runs faster and has higher performance than encryption using SHA algorithm. Therefore, when considering the encryption speed of data encryption, you can choose the MD5 encryption algorithm, and when considering the security of data encryption, you can choose the SHA encryption algorithm.
  • a hash number with a preset number of bits is obtained.
  • the first hash number is a 32-bit hash number.
  • the random number cache channel is a pre-established cache channel for caching random arrays.
  • the random number cache channel can be implemented by starting a coroutine. Define a random number cache channel in advance, and then store the generated random array in the random number cache channel.
  • the traditional way to obtain the random number section array is realized through urandom file lock.
  • this step obtains a random number array from the random number cache channel.
  • the random number can be directly obtained through the random number cache channel, thereby bypassing the file lock that may be caused by multi-threaded concurrent signatures. competition.
  • the signature random number is a 32-bit random number array.
  • S60 Perform a hash operation on the signature key, the signature random number, and the first hash number to obtain a second hash number.
  • a hash operation is performed again to obtain a second hash number.
  • the signature key, the signature random number, and the first hash number may be hashed by using the SHA-512 algorithm to obtain the second hash number.
  • S70 Encrypt the second hash number by using an asymmetric encryption algorithm to obtain the encrypted hash number.
  • An asymmetric encryption algorithm requires two keys: a public key (publickey: public key for short) and a private key (privatekey: private key for short).
  • the public key and the private key are a pair. If the public key is used to encrypt data, only the corresponding private key can be used to decrypt it. Since encryption and decryption use two different keys, this algorithm is called an asymmetric encryption algorithm.
  • a public key and a private key are pre-allocated.
  • a key management center can be used to generate a key pair (public key and private key) for each node (client).
  • the Key Management Center (KMC, Key Management Center) is an important part of the public key infrastructure and is responsible for providing key generation, storage, backup, update, restoration, or query for the certification authority (CA, Certification Authority) system. Key service to solve the key management problems caused by large-scale cryptographic technology applications in distributed enterprise application environments.
  • the second hash number is encrypted by the private key of the node using an asymmetric encryption algorithm to obtain the encrypted hash number.
  • an asymmetric encryption algorithm such as RSA or Elgamal may be used to encrypt the second hash number.
  • S80 Send the encrypted hash number and node identity information to the client.
  • the node identity information and the signature key according to the data signature request; then combine the signature information and the node identity information to obtain the information to be signed;
  • the information to be signed is hashed to obtain the first hash number; an array of random numbers is obtained from the random number cache channel as the signature random number; the signature key, the signature random number, and the first hash are obtained.
  • the Greek number performs a hash operation to obtain the second hash number; the second hash number is encrypted by an asymmetric encryption algorithm to obtain the encrypted hash number; finally the encrypted hash number and node identity information are sent to the client .
  • this method caches the random number array in advance through the cached channel, and obtains the random number directly through the channel when signing, thereby bypassing the file lock competition that may be caused by multi-threaded concurrent signing, and better guarantees the CPU
  • the performance improves the concurrency of the processor.
  • by performing multiple hash operations on the signature information and then encrypting it it is possible to ensure that the data is not easily tampered with, and the security of the data is also ensured.
  • combining the signature information and the node identity information may include:
  • the rand() function can be used to produce random numbers.
  • the range of the random number can be determined according to the data length of the signature information or the node identity information. Exemplarily, if the range of the random number is set according to the data length of the node identity information, taking the data length of the node identity information as an example, the range of the random number generated can be set to be 1-8 or 0-7. Integer.
  • S32 Determine an information insertion position from the signature information or the node identity information according to the random number.
  • the information insertion position is determined from the signature information or the node identity information according to the random number.
  • the information insertion position is used to indicate the specific combination position of the two pieces of information when combining the signature information and the node identity information. Specifically, taking the insertion of the signature information into the node identity information as an example, the insertion position is determined from the node identity information according to a random number.
  • the node identity information can be used to determine the information insertion position from the node identity information based on random numbers in a left-to-right or right-to-left manner. Understandably, the process of inserting the node identity information into the signature information is similar to the foregoing process of inserting the signature information into the node identity information, and will not be repeated here.
  • the signature information and the node identity information are combined according to the information insertion position. Specifically, both the signature information and the node identity information are inserted into the other party according to the information insertion position (the signature information is inserted into the node identity information or the node identity information is inserted into the signature information) to obtain a combination information.
  • the random number is added to the combined information to obtain the information to be signed, so that the subsequent data can be restored based on the random number.
  • a random function is used to generate a random number; then the information insertion position is determined from the signature information or the node identity information according to the random number; the signature information and the node identity information are combined according to the insertion position.
  • the identity information is combined to obtain combined information; finally, the random number is added to the combined information to obtain the information to be signed.
  • more diversified choices are made for the combined location, which better guarantees the security of the information.
  • the method for signing data in the blockchain further includes:
  • S51 Create a random number cache channel with a preset capacity.
  • a coroutine is started to create a random number cache channel with a preset capacity.
  • a buffer can be used to create the random number cache channel.
  • the random number buffer channel in the buffer will prevent data transmission to the random number buffer channel when the buffer data storage is full. When the data in the buffer is empty, data reception to the random number buffer channel will be blocked.
  • the random number cache channel can be created as follows:
  • ch: make(chan type, capacity).
  • the data type is defined by "type”
  • the capacity of the cache channel is defined by "capacity”.
  • the data type of the random number buffer channel can be defined as an array type.
  • S52 Generate a random number array repeatedly in a preset manner, and store the generated random number array in the random number buffer channel, and stop generating the random number array until the random number buffer channel is full.
  • the preset method refers to a method of generating a random number array.
  • the random number array can be generated through the random function rand(), and each generated random number array is stored in the random number buffer channel. When the random number buffer channel is full, the step of generating the random number array is stopped.
  • the length in the random number buffer channel can be read to determine whether the random number buffer channel is full.
  • length refers to the number of elements in the current buffer channel.
  • a random number cache channel with a preset capacity is first created, and a random number array is repeatedly generated in a preset manner, and the generated random number array is stored in the random number cache channel, Until the random number buffer channel is full, stop generating the random number array. This ensures the efficiency of caching the random number array in the random number cache channel, further ensures the efficiency of subsequent reading of the random number array, and improves the concurrency of the processor.
  • the method for signing data in the blockchain further includes:
  • a coroutine is started to create a random number cache channel with a preset capacity. It can be created as follows:
  • ch: make(chan type, capacity).
  • the data type is defined by "type”
  • the capacity of the cache channel is defined by "capacity”.
  • the data type of the random number buffer channel is defined as an array.
  • S52' Generate a random number array repeatedly in a preset manner, and store the generated random number array in the random number buffer channel, and stop generating the random number array until the random number buffer channel is full .
  • the random number array can be generated by the random function rand(), and each generated random number array can be stored in the random number buffer channel. When the random number buffer channel is full, the step of generating the random number array is stopped.
  • the length in the random number buffer channel can be read to determine whether the random number buffer channel is full.
  • length refers to the number of elements in the current buffer channel.
  • S53' Obtain a preset number of random number arrays from the random number cache channel, and transfer the acquired random number arrays to the array object pool.
  • the preset number is determined according to the size of the array object pool, and the preset number of random number arrays obtained from the random number cache channel are transferred to the array object pool to improve the subsequent acquisition efficiency of the random number array.
  • an array object pool is also constructed, and after the random number array is filled in the random number cache channel, a preset number of random number arrays are transferred to the array object pool In order to facilitate subsequent acquisition of random number arrays, increase the speed of data acquisition, and reduce the impact on CPU performance.
  • the method for signing data in the blockchain before obtaining a random number array from the random number cache channel, the method for signing data in the blockchain further includes:
  • the method for signing data in the blockchain further includes:
  • S53 Generate a new random number array in a preset manner, and store the newly generated random number array in the random number buffer channel.
  • the server After obtaining the random number array from the random number cache channel, the server randomly generates a new random number array through a preset method, and stores the newly generated random number array in the random number cache channel to ensure data Timeliness of generation.
  • the signature random number is obtained from the random number cache channel, the signature random number is put into the temporary object pool to facilitate subsequent reuse of the signature random number to facilitate data recycling.
  • a temporary object pool is first constructed, and after the random number array is obtained from the random number cache channel, a new random number array is generated in a preset manner, and the newly generated random number array is stored in The random number cache channel. Put the signed random number into the temporary object pool.
  • the timeliness of data update is guaranteed, and the multiplexing of signed random numbers is increased to facilitate the recycling of data.
  • a device for signing data in a blockchain corresponds to the method for signing data in the blockchain in the above-mentioned embodiment in a one-to-one correspondence.
  • the device for signing data in the blockchain includes a signature request acquiring module 10, a signature key acquiring module 20, a combination module 30, a first hash operation module 40, a random number acquiring module 50, and a second hash module.
  • Greek arithmetic module 60, encryption module 70 and sending module 80 is as follows:
  • the signature request acquiring module 10 is configured to acquire a data signature request, where the data signature request includes signature information;
  • the signature key acquisition module 20 is configured to acquire the node identity information and the signature key according to the data signature request;
  • the combination module 30 is configured to combine the signature information and the node identity information to obtain the information to be signed;
  • the first hash operation module 40 is configured to perform a hash operation on the information to be signed to obtain a first hash number
  • the random number acquisition module 50 is used to acquire a random number array from the random number cache channel as a signature random number;
  • the second hash operation module 60 is configured to perform a hash operation on the signature key, the signature random number, and the first hash number to obtain a second hash number;
  • the encryption module 70 is used to encrypt the second hash number by an asymmetric encryption algorithm to obtain the encrypted hash number;
  • the sending module 80 is configured to send the encrypted hash number and node identity information to the client.
  • the combination module includes a random number generation unit 31, an insertion position determination unit 32, a combination information acquisition unit 33 and a to-be-signed information acquisition unit 34.
  • the random number generating unit 31 is configured to generate a random number by using a random function
  • the insertion position determining unit 32 is configured to determine the information insertion position from the signature information or the node identity information according to the random number;
  • the combined information obtaining unit 33 is configured to combine the signature information and the node identity information according to the information insertion position to obtain combined information;
  • the information to be signed acquisition unit 34 is configured to add the random number to the combined information to obtain the information to be signed.
  • the device for signing data in the blockchain further includes a creation module 51, a cache channel storage module 52 and an object pool construction module 53.
  • the creation module 51 is used to create a random number cache channel with a preset capacity and build an array object pool;
  • the cache channel storage module 52 is configured to repeatedly generate a random number array in a preset manner, and store the generated random number array in the random number cache channel, and stop generating until the random number cache channel is full The random number array;
  • the object pool construction module 53 is configured to obtain a preset number of random number arrays from the random number cache channel, and transfer the obtained random number arrays to the array object pool.
  • the device for signing data in the blockchain is also used to create a random number cache channel with a preset capacity; repeatedly generate a random number array in a preset manner, and store the generated random number array in the random number array. In the number buffer channel, until the random number buffer channel is full, stop generating the random number array.
  • the data signing device in the blockchain is also used to construct a temporary object pool; and, after the random number array is obtained from the random number cache channel, the data signing device in the blockchain is also used To generate a new random number array in a preset manner, and store the newly generated random number array in the random number cache channel; and put the signed random number into the temporary object pool.
  • Each module in the device for data signing in the above-mentioned blockchain can be implemented in whole or in part by software, hardware, and a combination thereof.
  • the above-mentioned modules may be embedded in the form of hardware or independent of the processor in the computer equipment, or may be stored in the memory of the computer equipment in the form of software, so that the processor can call and execute the operations corresponding to the above-mentioned modules.
  • a computer device is provided.
  • the computer device may be a server, and its internal structure diagram may be as shown in FIG. 10.
  • the computer equipment includes a processor, a memory, a network interface, and a database connected through a system bus. Among them, the processor of the computer device is used to provide calculation and control capabilities.
  • the memory of the computer device includes a non-volatile storage medium and an internal memory.
  • the non-volatile storage medium stores an operating system, a computer program, and a database.
  • the internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage medium.
  • the database of the computer equipment is used for the data used in the method for data signing in the blockchain described in the above embodiment.
  • the network interface of the computer device is used to communicate with an external terminal through a network connection.
  • the computer program is executed by the processor to realize a method of data signature in the blockchain.
  • a computer device including a memory, a processor, and a computer program stored in the memory and capable of running on the processor, and the processor implements the following steps when the processor executes the computer program:
  • a computer-readable storage medium on which a computer program is stored, and when the computer program is executed by a processor, the following steps are implemented:
  • the computer-readable storage medium may be non-volatile or volatile.
  • a person of ordinary skill in the art can understand that all or part of the processes in the above-mentioned embodiment methods can be implemented by instructing relevant hardware through a computer program.
  • the computer program can be stored in a non-volatile computer readable storage.
  • the medium when the computer program is executed, it may include the procedures of the above-mentioned method embodiments.
  • any reference to memory, storage, database or other media used in the embodiments provided in this application may include non-volatile and/or volatile memory.
  • Non-volatile memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory.
  • Volatile memory may include random access memory (RAM) or external cache memory.
  • RAM is available in many forms, such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous chain Channel (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Library & Information Science (AREA)
  • Computing Systems (AREA)
  • Power Engineering (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

L'invention porte sur un procédé et un dispositif de signature de données destinés à être utilisés dans une chaîne de blocs, sur un appareil informatique et sur un support de stockage. Le procédé de signature de données destiné à être utilisé dans une chaîne de blocs comprend : au cours d'un processus de signature numérique, la mise en cache d'un ensemble de nombres aléatoires à l'avance au moyen d'un canal de cache de nombres aléatoires, de sorte qu'un nombre aléatoire soit directement acquis pendant la signature au moyen du canal de cache de nombres aléatoires, ce qui évite une possible concurrence de verrouillage de fichier provoquée par le fait que de multiples fils effectuent une signature en parallèle, garantit la performance de l'unité centrale, et améliore la capacité de traitement parallèle d'un processeur. En outre, les informations de signature ont subi de multiples opérations de hachage avant d'être chiffrées, ce qui empêche que des données soient facilement falsifiées, et assure la sécurité des données.
PCT/CN2020/099555 2019-09-06 2020-06-30 Procédé et dispositif de signature de données destinés à être utilisés dans une chaîne de blocs, appareil informatique et support de stockage WO2021042851A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910842139.3A CN110781140B (zh) 2019-09-06 2019-09-06 区块链中数据签名的方法、装置、计算机设备及存储介质
CN201910842139.3 2019-09-06

Publications (1)

Publication Number Publication Date
WO2021042851A1 true WO2021042851A1 (fr) 2021-03-11

Family

ID=69383575

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/099555 WO2021042851A1 (fr) 2019-09-06 2020-06-30 Procédé et dispositif de signature de données destinés à être utilisés dans une chaîne de blocs, appareil informatique et support de stockage

Country Status (2)

Country Link
CN (1) CN110781140B (fr)
WO (1) WO2021042851A1 (fr)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110781140B (zh) * 2019-09-06 2023-08-18 平安科技(深圳)有限公司 区块链中数据签名的方法、装置、计算机设备及存储介质
CN111935075A (zh) * 2020-06-23 2020-11-13 浪潮云信息技术股份公司 一种基于区块链的数字身份签发方法、设备及介质
CN112580114B (zh) * 2020-12-21 2023-05-16 歌尔科技有限公司 一种信息处理方法、装置、设备及存储介质
CN112636926B (zh) * 2020-12-24 2022-05-27 网易(杭州)网络有限公司 签名处理方法、装置和电子设备
CN115766055A (zh) * 2022-09-08 2023-03-07 中国联合网络通信集团有限公司 一种用于通信报文验证的方法和装置

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102082796A (zh) * 2011-01-20 2011-06-01 北京融易通信息技术有限公司 一种基于http的信道加密方法、信道简化加密方法及系统
US20120134491A1 (en) * 2010-11-29 2012-05-31 Beijing Z & W Technology Consulting Co., Ltd Cloud Storage Data Encryption Method, Apparatus and System
CN102761557A (zh) * 2012-07-31 2012-10-31 飞天诚信科技股份有限公司 一种终端设备认证方法及装置
CN103795545A (zh) * 2014-02-14 2014-05-14 飞天诚信科技股份有限公司 一种安全通信的方法和系统
CN109559122A (zh) * 2018-12-07 2019-04-02 北京瑞卓喜投科技发展有限公司 区块链数据传输方法及区块链数据传输系统
CN110175467A (zh) * 2019-04-25 2019-08-27 平安科技(深圳)有限公司 基于区块链的签名文件保存方法、装置和计算机设备
CN110781140A (zh) * 2019-09-06 2020-02-11 平安科技(深圳)有限公司 区块链中数据签名的方法、装置、计算机设备及存储介质

Family Cites Families (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100258310B1 (ko) * 1997-11-12 2000-06-01 정명식 안전 모듈에서의 사전계산을 이용한 공개키 암호화 방법
JP2006319485A (ja) * 2005-05-10 2006-11-24 Ntt Docomo Inc 署名装置、署名暗号化装置、検証装置、復号装置、復元装置、情報提供装置、通信システム、署名方法、署名暗号化方法及び検証方法
JP4856933B2 (ja) * 2005-11-18 2012-01-18 株式会社エヌ・ティ・ティ・ドコモ 署名装置、検証装置、復号装置、平文復元装置、情報提供装置、署名システム、通信システム、鍵生成装置及び署名方法
KR101253683B1 (ko) * 2011-02-09 2013-04-11 주식회사 국민은행 연쇄 해시에 의한 전자서명 시스템 및 방법
US10200199B2 (en) * 2013-08-05 2019-02-05 Guardtime Holdings Limited Strengthened entity identity for digital record signature infrastructure
DE102013114493A1 (de) * 2013-12-19 2015-06-25 Deutsche Telekom Ag Verfahren zur Sicherstellung von Authentizität, Integrität und Anonymität einer Datenverknüpfung, insbesondere bei Präsentation der Datenverknüpfung in Form eines zweidimensionalen optischen Codes
CN105975868A (zh) * 2016-04-29 2016-09-28 杭州云象网络技术有限公司 一种基于区块链的证据保全方法及装置
WO2018046009A1 (fr) * 2016-09-12 2018-03-15 上海鼎利信息科技有限公司 Système d'identité à chaîne de blocs
US10102526B1 (en) * 2017-03-31 2018-10-16 Vijay K. Madisetti Method and system for blockchain-based combined identity, ownership, integrity and custody management
CN107241196A (zh) * 2017-06-30 2017-10-10 杰创智能科技股份有限公司 基于区块链技术的数字签名方法及系统
CN107342867B (zh) * 2017-07-07 2020-10-09 深圳和信安达科技有限公司 签名验签方法和装置
CN107741947B (zh) * 2017-08-30 2020-04-24 浙江九州量子信息技术股份有限公司 基于hdfs文件系统的随机数密钥的存储与获取方法
CN108418680B (zh) * 2017-09-05 2021-12-07 矩阵元技术(深圳)有限公司 一种基于安全多方计算技术的区块链密钥恢复方法、介质
CN107579817A (zh) * 2017-09-12 2018-01-12 广州广电运通金融电子股份有限公司 基于区块链的用户身份验证方法、装置及系统
CN107862215B (zh) * 2017-09-29 2020-10-16 创新先进技术有限公司 一种数据存储方法、数据查询方法及装置
CN107508686B (zh) * 2017-10-18 2020-07-03 克洛斯比尔有限公司 身份认证方法和系统以及计算设备和存储介质
CN108959911A (zh) * 2018-06-14 2018-12-07 联动优势科技有限公司 一种密钥链生成、验证方法及其装置
CN108964905A (zh) * 2018-07-18 2018-12-07 胡祥义 一种安全高效的区块链实现方法
CN109522698A (zh) * 2018-10-11 2019-03-26 平安科技(深圳)有限公司 基于区块链的用户认证方法及终端设备
CN109409884A (zh) * 2018-10-25 2019-03-01 北京安如山文化科技有限公司 一种基于sm9算法的区块链隐私保护方案和系统
CN109583219A (zh) * 2018-11-30 2019-04-05 国家电网有限公司 一种数据签名、加密及保存的方法、装置和设备
CN109919610A (zh) * 2019-01-14 2019-06-21 如般量子科技有限公司 基于p2p公钥池的抗量子计算区块链保密交易方法和系统
CN110069939A (zh) * 2019-03-12 2019-07-30 平安科技(深圳)有限公司 加密数据一致性校验方法、装置、计算机设备及存储介质
CN110166425B (zh) * 2019-04-09 2021-08-20 北京奇艺世纪科技有限公司 数据处理方法、装置、系统及计算机可读存储介质

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120134491A1 (en) * 2010-11-29 2012-05-31 Beijing Z & W Technology Consulting Co., Ltd Cloud Storage Data Encryption Method, Apparatus and System
CN102082796A (zh) * 2011-01-20 2011-06-01 北京融易通信息技术有限公司 一种基于http的信道加密方法、信道简化加密方法及系统
CN102761557A (zh) * 2012-07-31 2012-10-31 飞天诚信科技股份有限公司 一种终端设备认证方法及装置
CN103795545A (zh) * 2014-02-14 2014-05-14 飞天诚信科技股份有限公司 一种安全通信的方法和系统
CN109559122A (zh) * 2018-12-07 2019-04-02 北京瑞卓喜投科技发展有限公司 区块链数据传输方法及区块链数据传输系统
CN110175467A (zh) * 2019-04-25 2019-08-27 平安科技(深圳)有限公司 基于区块链的签名文件保存方法、装置和计算机设备
CN110781140A (zh) * 2019-09-06 2020-02-11 平安科技(深圳)有限公司 区块链中数据签名的方法、装置、计算机设备及存储介质

Also Published As

Publication number Publication date
CN110781140A (zh) 2020-02-11
CN110781140B (zh) 2023-08-18

Similar Documents

Publication Publication Date Title
WO2021042851A1 (fr) Procédé et dispositif de signature de données destinés à être utilisés dans une chaîne de blocs, appareil informatique et support de stockage
TWI725655B (zh) 用於在可信執行環境中執行子邏輯代碼的程式執行和資料證明的方法、設備和系統
CN112688784B (zh) 一种数字签名、验证方法、装置及系统
US10142107B2 (en) Token binding using trust module protected keys
WO2021013245A1 (fr) Procédé et système de protection de clé de données, dispositif électronique et support d'informations
CN107689869B (zh) 用户口令管理的方法和服务器
CN111095256A (zh) 在可信执行环境中安全地执行智能合约操作
US11184164B2 (en) Secure crypto system attributes
Yun et al. On protecting integrity and confidentiality of cryptographic file system for outsourced storage
US20170244687A1 (en) Techniques for confidential delivery of random data over a network
CN113691502B (zh) 通信方法、装置、网关服务器、客户端及存储介质
US20050221766A1 (en) Method and apparatus to perform dynamic attestation
CN107592202B (zh) 应用签名方法、装置、系统、计算设备及存储介质
WO2020215685A1 (fr) Procédés et appareil de traitement et d'acquisition d'informations basés sur une chaîne de blocs, dispositif et support
WO2020224138A1 (fr) Procédé et dispositif d'autorisation multipartite sur la base de la technologie des chaînes de blocs
WO2020140626A1 (fr) Procédé de vérification de la possession de données sur la base d'un sel et dispositif terminal
CN114157415A (zh) 数据处理方法、计算节点、系统、计算机设备和存储介质
CN112637156B (zh) 密钥分配方法、装置、计算机设备和存储介质
WO2023051337A1 (fr) Procédé et appareil de traitement de données, dispositif, et support de stockage
US11436360B2 (en) System and method for storing encrypted data
US10785193B2 (en) Security key hopping
US10268832B1 (en) Streaming authenticated encryption
CN113347143A (zh) 一种身份验证方法、装置、设备及存储介质
CN109586898B (zh) 双系统通信密钥生成方法及计算机可读存储介质
CN108574687B (zh) 通信连接建立方法、装置、电子设备和计算机可读介质

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20861647

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20861647

Country of ref document: EP

Kind code of ref document: A1