WO2021179743A1 - Method and apparatus for querying account privacy information in blockchain - Google Patents

Method and apparatus for querying account privacy information in blockchain Download PDF

Info

Publication number
WO2021179743A1
WO2021179743A1 PCT/CN2020/139745 CN2020139745W WO2021179743A1 WO 2021179743 A1 WO2021179743 A1 WO 2021179743A1 CN 2020139745 W CN2020139745 W CN 2020139745W WO 2021179743 A1 WO2021179743 A1 WO 2021179743A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
blockchain node
authority
transaction
blockchain
Prior art date
Application number
PCT/CN2020/139745
Other languages
French (fr)
Chinese (zh)
Inventor
刘琦
闫莺
魏长征
Original Assignee
支付宝(杭州)信息技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 支付宝(杭州)信息技术有限公司 filed Critical 支付宝(杭州)信息技术有限公司
Publication of WO2021179743A1 publication Critical patent/WO2021179743A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2458Special types of queries, e.g. statistical queries, fuzzy queries or distributed queries
    • G06F16/2471Distributed queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices

Definitions

  • One or more embodiments of this specification relate to the field of blockchain technology, and more particularly to a method and device for querying account privacy information in a blockchain.
  • Blockchain technology is built on a transmission network (such as a peer-to-peer network).
  • the network nodes in the transmission network use chained data structures to verify and store data, and use distributed node consensus algorithms to generate and update data. Nodes in these blockchain networks sometimes need to be increased.
  • TEE Trusted Execution Environment
  • TEE can play the role of a black box in the hardware. Neither the code executed in the TEE nor the data operating system layer can be peeped, and only the pre-defined interface in the code can operate on it.
  • plaintext data is calculated in TEE instead of complex cryptographic operations in homomorphic encryption. There is no loss of efficiency in the calculation process. Therefore, the combination with TEE can achieve less performance loss. Under the premise, the security and privacy of the blockchain are greatly improved. At present, the industry is very concerned about the TEE solution.
  • TEE solutions including TPM (Trusted Platform Module) in software and Intel SGX (Software Guard Extensions) in hardware. , Software Protection Extension), ARM Trustzone (trust zone) and AMD PSP (Platform Security Processor, platform security processor).
  • one or more embodiments of this specification provide a method and device for querying account privacy information in a blockchain.
  • a method for querying account privacy information in a blockchain which includes: a blockchain node receives a transaction initiated by a querying party, and the transaction is used to obtain a target account
  • the private information contained in the privacy field in the private information is encrypted and stored at the blockchain node; the blockchain node determines the query according to the authority management information recorded in the authority field in the target account Whether the party has query authority; when the judgment result is that the blockchain node has query authority, the private information in ciphertext form is read into the trusted execution environment for decryption, so as to obtain all the information in plaintext form.
  • the private information is provided to the inquiring party.
  • a device for querying account privacy information in a blockchain which includes: a receiving unit that enables blockchain nodes to receive transactions initiated by the querying party, and the transaction is used To obtain the privacy information contained in the privacy field in the target account, the privacy information is encrypted and stored at the blockchain node; Authority management information to determine whether the query party has query authority; the decryption unit enables the blockchain node to read the private information in the form of cipher text into the trusted execution environment when the result of the determination is that it has query authority Decryption is performed in the process, so as to provide the obtained private information in the plaintext form to the inquiring party.
  • an electronic device including: a processor; a memory for storing executable instructions of the processor; wherein the processor runs the executable instructions To achieve the method as described in the first aspect.
  • a computer-readable storage medium on which computer instructions are stored, and when the instructions are executed by a processor, the steps of the method described in the first aspect are implemented.
  • Fig. 1 is a flowchart of a method for querying account privacy information in a blockchain according to an exemplary embodiment.
  • Fig. 2 is a schematic diagram of a key version evolution provided by an exemplary embodiment.
  • Fig. 3 is a schematic diagram of a data structure of private information in ciphertext form provided by an exemplary embodiment.
  • Fig. 4 is a schematic structural diagram of a device provided by an exemplary embodiment.
  • Fig. 5 is a block diagram of a device for querying account privacy information in a blockchain according to an exemplary embodiment.
  • the steps of the corresponding method may not be executed in the order shown and described in this specification.
  • the method may include more or fewer steps than described in this specification.
  • a single step described in this specification may be decomposed into multiple steps for description in other embodiments; and multiple steps described in this specification may also be combined into a single step in other embodiments. describe.
  • Blockchain is generally divided into three types: Public Blockchain, Private Blockchain and Consortium Blockchain.
  • the public chain is represented by Bitcoin and Ethereum. Participants who join the public chain can read the data records on the chain, participate in transactions, and compete for the accounting rights of new blocks. Moreover, each participant (ie, node) can freely join and exit the network, and perform related operations.
  • the private chain is the opposite.
  • the write permission of the network is controlled by an organization or institution, and the data read permission is regulated by the organization.
  • the private chain can be a weakly centralized system with strict restrictions and few participating nodes.
  • This type of blockchain is more suitable for internal use by specific institutions.
  • Consortium chain is a block chain between public chain and private chain, which can realize "partial decentralization".
  • Each node in the alliance chain usually has a corresponding entity or organization; participants are authorized to join the network and form a stakeholder alliance to jointly maintain the operation of the blockchain.
  • blockchain networks such as Ethereum can implement relatively complex processing logic by running virtual machines (such as the Ethereum virtual machine EVM used in the Ethereum network) on the blockchain nodes, and combining with smart contracts. , Such as conditional transfer logic, conditional query logic, etc. It can be seen that for a blockchain network that supports smart contracts, functions such as privacy protection and secure query of account information can be conveniently implemented based on complex processing logic, but simple processing logic is difficult to achieve in the same way.
  • the method may include the following steps 102 to 106.
  • Step 102 The blockchain node receives the transaction initiated by the querying party, the transaction is used to obtain the private information contained in the private field in the target account, and the private information is encrypted and stored at the blockchain node.
  • the above-mentioned blockchain nodes can obtain the above-mentioned transactions in a variety of ways.
  • the inquirer can submit the transaction to the aforementioned blockchain node through the client after generating the transaction on the client.
  • the client can submit the transaction to another blockchain node, and the other blockchain node can further forward the transaction to the aforementioned blockchain node.
  • the inquiring party can generate the transaction at the aforementioned blockchain node.
  • the blockchain node can determine the target account and privacy fields corresponding to the transaction.
  • the transaction content may include the account address of the target account, so that the above-mentioned blockchain node can determine the target account accordingly; and the transaction content may include the field name of the privacy field, so that the above-mentioned blockchain node can determine accordingly Out the privacy field.
  • the privacy field can include any one or more fields in the target account, and this specification does not limit this.
  • the account in the Ethereum blockchain, the account can contain the Balance field, Nonce field, etc., and the Balance field is used to record the account balance. If the Balance field is a privacy field, the account balance recorded in the Balance field can be encrypted and stored. To protect the value of the account balance from being leaked.
  • the above-mentioned blockchain node can first determine which field the querying party wants to query, and further determine whether the field is a private field. For example, for a field in all accounts, the above-mentioned blockchain node encrypts and stores the content of the corresponding field. Then, when the blockchain node knows that the querying party needs to query the field, the blockchain node can determine the query The field that the party needs to query must be a private field. For another example, if the blockchain node encrypts and stores the field content of a certain field in some accounts, and stores the field content of the certain field in the remaining accounts in plaintext, then the account can include a status field and pass the status field.
  • the status indication information contained in the corresponding account indicates that the field content of the above-mentioned certain field in the corresponding account is encrypted storage or plaintext storage.
  • the status indication information can have multiple values: the first value indicates that the field content is encrypted storage, and the second The value indicates that the content of the field is stored in plain text; for another example, the value of the highest bit of the status indication information can be used to indicate the use of encrypted storage or plain text storage.
  • the status field of the target account may contain the above-mentioned status indication information, which is used to indicate that the above-mentioned private information is stored in plaintext or encrypted and stored at the blockchain node : If stored encrypted, it indicates that the field where the private information is located is a private field, and the blockchain node needs to implement secure information query based on the following steps 104-106; if stored in plain text, it indicates the field where the private information is located It is not a private field, and the blockchain node can directly read the private information for returning to the inquiring party without performing the following steps 104-106.
  • the transaction submitted by the query party to the blockchain node can be a regular transaction in related technologies, that is, the transaction needs to be agreed by all blockchain nodes in the blockchain network and linked to the chain, so that the query party’s query can be traced back afterwards. operate.
  • a blockchain network that uses Proof of Work (POW), Proof of Stake (POS), Delegated Proof of Stake (DPOS) and other consensus algorithms that compete for the right to bookkeeping
  • POW Proof of Work
  • POS Proof of Stake
  • DPOS Delegated Proof of Stake
  • the blockchain node will immediately spread (such as broadcast) to other blockchain nodes in the blockchain network; then, if the above blockchain nodes compete for the right to keep accounts , And the blockchain node confirms that the above transaction submitted by the client is packaged into a new block, then all blockchain nodes in the blockchain network can execute the above transaction, and by adding a new block containing the transaction To the end of the blockchain and make the transaction on the chain.
  • the above-mentioned transaction submitted by the client can also be received, or after the client submits to another blockchain node, the other blockchain node forwards it to the above-mentioned A blockchain node, and the blockchain node can package and send the above-mentioned transactions (or other transactions) to each verification node in the consensus phase.
  • this manual can also support new transactions that do not require consensus.
  • this specification can provide a new transaction type, such as a query type, based on related technologies; accordingly, the blockchain node can identify the above transaction type, and when the transaction belongs to a predefined query type, The blockchain node executes the transaction without consensus. In other words, after the blockchain node obtains the above transaction, it does not need the accounting node (whether it is a node competing for accounting rights or an agreed accounting node) to determine whether to add the transaction to a new block.
  • the node can directly execute the transaction, and in fact the transaction will not be added to the new block and will not be on the chain. On the one hand, it can realize that query-type transactions are efficiently executed by the blockchain node, and on the other hand, it can be avoided Take up valuable block space.
  • the transaction in this specification can include a type field, and by setting the value of the type field, the blockchain node can identify whether the above transaction is a query type or other types (such as Transfer type, deposit type, etc.).
  • Step 104 The blockchain node determines whether the query party has query authority according to the authority management information recorded in the authority field in the target account.
  • the account maintained on the blockchain node can include a permission field, and the permission management information contained in the permission field can be used to determine whether a query party has query permission.
  • the blockchain node in response to the querying party’s query requirements for the above-mentioned target account, can determine whether the querying party has query authority based on the authority management information contained in the authority field in the target account: if it has query authority, then The blockchain node can provide the decrypted private information to the querying party, otherwise it will not provide it.
  • the authority management information recorded in the authority field can exist in various forms, so that the blockchain node can determine whether the querying party has query authority in a variety of ways.
  • the authority management information may include the public key of the authority owner, that is, a predetermined set of public keys of all users with query authority; at the same time, the transaction submitted by the querying party contains a transaction signature, and the transaction signature is passed by the querying party. Therefore, the blockchain node can verify the transaction signature with the public key of the above-mentioned authority owner: if the public key of a authority owner is successfully verified, it indicates that the inquiring party is the authority owner , And the blockchain node can determine that the inquiring party has the inquiry authority; and if all the public keys fail to verify, it indicates that the inquiry party is not the authority owner, that is, the inquiry party does not have the inquiry authority.
  • the above-mentioned authority owner may include the owner of the target account, or the above-mentioned authority owner may include the owner of the target account and at least one other user.
  • the owner of the target account can be the permission owner by default, and the owner can control adding the public key of at least one other user to the permission field to set the at least one other user as the permission owner.
  • the above-mentioned authority owner can also be set by administrators or other users in the blockchain network, and this manual does not limit this.
  • the target account Take the target account as an example.
  • the authority owner of the target account includes both the owner and at least one other user, it is equivalent to the owner and other users jointly managing the target account, that is, the target account belongs to a co-managed account of the owner and other users.
  • All accounts in the blockchain can contain an authmap field.
  • the authmap field of a non-shared account (or ordinary account) only contains the public key of the account owner, while the authmap field of a shared account contains all co-managers (as mentioned above).
  • the public key of the owner and at least one other user Based on the authority judgment method described above, only the account owner has the query authority for non-co-managed accounts, and all co-managers have the query authority for co-managed accounts.
  • the authority management information may include the authority scope or authority type of one or more users. For example, each user has corresponding specific authority management information to indicate what operations the corresponding user can perform on the target account.
  • the blockchain node can determine the specific authority management information corresponding to the querying party recorded in the authority field, and the specific authority management information may include authority information owned by the querying party, such as query authority, edit authority, delete authority, etc.; Then, in the case that the specific authority management information contains the query authority, the blockchain node can determine that the query party has the query authority, otherwise it is determined that the query party does not have the query authority.
  • the owner of the target account can default to having all the permissions for the target account, and the owner can control adding specific permission management information for at least one user to the permission field to set the permissions of the at least one user.
  • the above-mentioned specific authority management information can also be set by the administrator or other users in the blockchain network, and this manual does not limit this.
  • the above-mentioned specific authority management information adopts a positive description method to define which authority the corresponding user has; similarly, the specific authority management information can adopt a negative description method to define which authority the corresponding user does not have.
  • the target account Take the target account as an example.
  • specific authority management information By adding the above-mentioned specific authority management information to the target account, it is equivalent to establishing ACL (Access Control Lists) information for these users, for example, identifying whether the querying party has query authority according to the ACL information corresponding to the querying party.
  • ACL Access Control Lists
  • the account can be divided into non-ACL accounts (or ordinary accounts) and ACL accounts.
  • the authmap field of all accounts records the public key of the corresponding account owner to give the account all The person’s management authority for the corresponding account (including all permissions such as query permissions); at the same time, all accounts can also contain ACLmap fields, and the ACLmap field in ACL accounts can be used to record specific authority management information as described above, thereby recording relevant The permissions that the user has (such as query permissions or others), and the ACLmap field in the non-ACL account can be empty.
  • authmap field In addition to adding the ACLmap field on the basis of related technologies, you can also record specific authority management information in the authmap field, which can avoid field expansion of the account; for example, the authmap field of a non-ACL account only records the public key of the account owner , And the authmap account of the ACL account records the public key of the account owner and specific authority management information for each user at the same time.
  • Step 106 When the judgment result is that the blockchain node has the query authority, read the private information in cipher text into a trusted execution environment for decryption, so as to obtain the private information in plain text. Provided to the inquiring party.
  • TEE Trusted Execution Environment
  • Global Platform to solve the security isolation of resources on mobile devices, and parallel to the operating system to provide a trusted and secure execution environment for applications.
  • ARM's Trust Zone technology is the first to realize the real commercial TEE technology.
  • TEE TEE
  • server chip manufacturers Intel, AMD, etc. have successively introduced hardware-assisted TEE and enriched the concept and characteristics of TEE, which has been widely recognized in the industry.
  • the TEE mentioned now usually refers more to this kind of hardware-assisted TEE technology.
  • cloud access requires remote access, and the end user is invisible to the hardware platform. Therefore, the first step in using TEE is to confirm the authenticity of TEE.
  • TEE technology has introduced a remote certification mechanism, which is endorsed by hardware vendors (mainly CPU vendors) and digital signature technology ensures that users can verify the state of the TEE.
  • security needs that cannot be met by only secure resource isolation, further data privacy protection has also been proposed.
  • Commercial TEEs including Intel SGX and AMD SEV also provide memory encryption technology to limit the trusted hardware to the CPU, and the data on the bus and memory are ciphertexts to prevent malicious users from snooping.
  • TEE technologies such as Intel’s Software Protection Extensions (SGX) isolate code execution, remote attestation, secure configuration, secure storage of data, and trusted paths for code execution.
  • the applications running in the TEE are protected by security and are almost impossible to be accessed by third parties.
  • SGX provides an enclave (also called an enclave), which is an encrypted trusted execution area in the memory, and the CPU protects data from being stolen.
  • enclave also called an enclave
  • the CPU protects data from being stolen.
  • a part of the area EPC Enclave Page Cache, enclave page cache or enclave page cache
  • the encryption engine MEE Memory Encryption Engine
  • SGX users can distrust the operating system, VMM (Virtual Machine Monitor), and even BIOS (Basic Input Output System). They only need to trust the CPU to ensure that private data will not leakage.
  • the private data can be encrypted and transmitted to the circle in cipher text, and the corresponding key can also be transmitted to the circle through remote attestation. Then, use the data to perform operations under the encryption protection of the CPU, and the result will be returned in the form of ciphertext. Therefore, encrypting and decrypting the above-mentioned private information based on TEE can ensure sufficient security without worrying about data leakage.
  • the privacy information outside the TEE is in the form of ciphertext, and can only be decrypted after being read into the TEE It is in plain text and is based on the characteristics of TEE to ensure that the private information in plain text will not be stolen.
  • the blockchain node encrypts the private information in the plaintext form in the TEE to obtain the above-mentioned private information in the ciphertext form.
  • Blockchain nodes can use symmetric encryption or asymmetric encryption to implement the above encryption and decryption process, which is not limited in this specification.
  • the encryption algorithm used by symmetric encryption such as DES algorithm, 3DES algorithm, TDEA algorithm, Blowfish algorithm, RC5 algorithm, IDEA algorithm, etc.
  • the encryption algorithm used in asymmetric encryption is, for example, RSA, Elgamal, knapsack algorithm, Rabin, D-H, ECC (elliptic curve encryption algorithm), etc.
  • a key can be maintained in the TEE on the blockchain node, the key is a symmetric key, and the private information in plaintext form can be encrypted in the TEE by this key to obtain the above-mentioned private information in ciphertext form .
  • the blockchain node reads the private information in the cipher text form into the TEE, and decrypts the private information in the cipher text form with the above key, to obtain the above private information in the plain text form. Since the key is maintained in the TEE, it has sufficient security to avoid the key from leaking.
  • the blockchain node can generate the above-mentioned key based on a security key maintained in the TEE.
  • the above-mentioned key used by the blockchain node is the security key itself, so that the blockchain node uses the same key when encrypting and decrypting private information of all accounts.
  • the above-mentioned key used by the blockchain node is generated by the security key and the impact factor, so that different impact factors can form a differentiated key, and the corresponding account can use different keys Realize the encryption and decryption of private information. Due to the addition of the influence factor, different keys can be used for the privacy information of different accounts.
  • the encrypted ciphertext can also have different values. Then when a user knows When the plaintext of the private information of the account Qa is Ua and the ciphertext is Um, even if the user knows that the ciphertext of the private information of another account Qb is Um, it cannot be inferred that the plaintext of the private information of the account Qb must be Ua( If the keys used in accounts Qa and Qb are different, the same ciphertext corresponds to different plaintext), which helps to improve security.
  • the blockchain node can maintain all the keys generated by the security key and the impact factor in the TEE, since the frequency of use of the key may not be high, it can only be maintained in the TEE
  • the security key does not maintain the key generated by the security key and the impact factor, but temporarily generates the required key based on the security key and the impact factor when it needs to be used.
  • account-level privacy protection can be achieved, that is, different accounts use different keys, and all private fields in the same account use the same key; for another example, by using field-related
  • the impact factor can achieve field-level privacy protection, that is, different privacy fields in the same account use different keys, and the same privacy fields in different accounts (such as the Balance field in different accounts) use the same keys; for example,
  • field-level privacy protection that is, different privacy fields in the same account use different keys, and the same privacy fields in different accounts (such as the Balance field in different accounts) use the same keys; for example,
  • impact factors related to accounts and fields at the same time privacy protection at the account and field levels can be achieved, that is, different accounts use different keys, and different privacy fields in the same account use different keys.
  • the impact factor related to the target account can include at least one of the following: the block height of the block where the account creation transaction corresponds to the target account, the position offset of the account creation transaction in the block, and the target account in all accounts The creation sequence number in, the account address of the target account, etc.
  • the impact factor may include the block height of the block at which the account creation exchange corresponds to the target account.
  • the account creation transaction can refer to the transaction used to create the target account, and the blockchain node creates the target account by executing the transaction. Then, the blockchain node can determine the block height of the block in the blockchain where the account creation transaction is located, and use it as one of the influencing factors related to the target account. Therefore, when the account creation transactions corresponding to different accounts are in blocks of different heights, it can be ensured that the impact factors corresponding to these accounts are different, so that these accounts correspond to different keys, and therefore the privacy information contained in the privacy fields in these accounts Different keys can be used for encryption and storage, so that the same plaintext corresponds to ciphertext with different values to improve security.
  • the impact factor may include the position offset of the account creation transaction in the block.
  • Each block on the blockchain contains a number of transactions, which are arranged in sequence in the block, and the position offset can be regarded as the sequence number or index number of each transaction in the block, which is used to perform the transaction. position.
  • the position offset of the transaction in the first position is 0, the position offset of the transaction in the second position is 1, and so on. It can be seen that different transactions in the same block have different position offsets. After a certain block is specified, each transaction can be uniquely located by the position offset.
  • the position offsets of different account creation transactions are different, it can be ensured that the corresponding accounts have different impact factors, so that these accounts correspond to different keys, so the privacy information contained in the privacy fields in these accounts can be different.
  • the key is encrypted and stored so that the same plaintext corresponds to the ciphertext of different values to improve security.
  • the impact factor may include the creation sequence number of the target account in all accounts. All accounts on the blockchain are created sequentially, and the blockchain node can set the creation sequence number for these accounts according to the creation sequence, so that each account can be distinguished based on the creation sequence number, that is, the creation sequence corresponding to all accounts The numbers are all different. Therefore, based on the difference in the creation sequence number, it can be ensured that the impact factors corresponding to each account are not the same, so that these accounts correspond to different keys, so the privacy information contained in the privacy fields in these accounts can be processed using different keys. Encrypted storage, so that the same plaintext corresponds to ciphertext with different values, to improve security.
  • the impact factor may include the account address of the target account.
  • the account address is generated when the corresponding account is created, and each account has a unique corresponding account address, that is, the account address corresponding to all accounts is different. Therefore, based on the difference of account addresses, it can be ensured that the corresponding impact factors of each account are not the same, so that these accounts correspond to different keys, so the private information contained in the privacy fields in these accounts can be encrypted with different keys Storage, so that the same plaintext corresponds to ciphertext with different values, to improve security.
  • impact factors are not unique to each account, such as the block height and position offset mentioned above, when keys are generated based on these impact factors, the probability that different accounts use the same key can still be greatly reduced to improve safety.
  • by combining multiple types of impact factors with each other it can further reduce the probability of different accounts using the same key, and even ensure that all accounts use different keys, thereby completely preventing the same plaintext from being encrypted to generate the same secret.
  • Text to prevent the value of the plain text can be inferred by comparing the cipher text.
  • All blockchain nodes in the blockchain network maintain the same security key mentioned above, and all blockchain nodes use the same impact factor for the target account, so that all blockchain nodes generate the same
  • the key ensures that all blockchain nodes obtain the same ciphertext after encrypting the private information contained in the private field in the target account, so that all blockchain nodes can maintain the same state.
  • Blockchain nodes can obtain the above-mentioned security keys in a variety of ways. For example, after confirming that the blockchain node has passed the remote certification, the key management (KMS) server can issue the security key to the blockchain node, and the blockchain node will maintain the obtained security key In TEE. Then, the KMS server issues the same security key to all blockchain nodes that have passed remote certification, which can ensure that the security keys maintained by all blockchain nodes are consistent. For another example, a security key can be negotiated between blockchain nodes, and all blockchain nodes maintain the negotiated security key in the TEE.
  • KMS key management
  • the security key maintained by the blockchain node may have a version update, so that the blockchain node can update the version of the security key used regularly or irregularly.
  • a blockchain node can obtain an updated version of the security key through the method described above, that is, a new version of the security key is issued through the KMS server, or a new version of the security key is negotiated between the blockchain nodes.
  • blockchain nodes can implement the version update of the security key by themselves, so as long as the version update logic adopted by all blockchain nodes is consistent, it can ensure that the updated security key is maintained at all blockchain nodes Unanimous.
  • the security key initially obtained by the blockchain node is the root key, and the version of the root key is the highest.
  • the blockchain node can calculate the security key of the lower version based on the security key of the higher version, thereby obtaining the security key of several versions arranged in sequence.
  • the calculation method adopted by the blockchain node can be irreversible calculation, that is, the security key of the higher version can be calculated to obtain the security key of the lower version, but the security key of the lower version can be calculated irreversibly to obtain the security key of the higher version. .
  • the above-mentioned root key can be used as the highest version of the security key, and based on the root key, other lower versions of the security key can be generated in turn, such as 256 versions with version numbers ranging from 0 to 255. Security key.
  • the security key key-0 can be calculated from the security key key-1 and the version factor 0x00, but it cannot pass the security
  • the key key-0 and version factor 0x00 deduces the security key key-1.
  • All blockchain nodes in the blockchain network use the same version of the security key to ensure that all blockchain nodes maintain the same world state.
  • Each blockchain node can generate all versions of the security key in advance, and then select the corresponding version of the security key when it needs to update the version of the security key, or it can temporarily generate it when the version of the security key needs to be updated The security key of the corresponding version is not restricted in this manual.
  • Each blockchain node can negotiate to implement the version update of the security key; or, the update logic for the security key can be added to the chain code of the blockchain network, for example, the update logic can be used to determine where Which version of the security key is updated at any time, so that the blockchain node can automatically update the security key based on the update logic.
  • the high version of the key can be calculated to obtain the low version of the security key, and the low version of the security key cannot reverse the high version of the security key, so each blockchain node can start from the low version of the security key.
  • the security key is used, and only the security key of the lower version is allowed to be updated to the security key of the higher version.
  • the security key of the lower version cannot be changed from the lower version. If the security key is reversed, you only need to upgrade the version of the key to stop the loss in time.
  • the security key of the higher version can be calculated at any time from the security key of the lower version.
  • the encrypted data of the version of the security key is compatible.
  • the blockchain node can associate each encrypted account with the description of the generation method of the corresponding key.
  • the key generation method description information may include: the version information of the security key and the value of the impact factor related to the target account.
  • the blockchain node can write the version information of the security key in the Info field, the value of the impact factor in the Nounce field, and the encrypted private information (such as Balance) in the Cipher field.
  • the value of the field), and the Tag field is used to verify the integrity of the Cipher field.
  • the length of the Info field can be 4Bytes, of which 2Bytes is used to write the key version number, and the remaining 2Bytes are reserved bytes.
  • the length of the Nounce field can be 12Bytes, of which 4Bytes is used to write the height of the historical block, 4Bytes is used to write the position offset of the transaction in the block, and 4Bytes is used to write other information.
  • the length of the Cipher field can be 8Bytes.
  • the length of the Tag field can be 16Bytes. Of course, other field lengths, field combinations, etc. can also be used, which are not limited in this specification.
  • the blockchain node can also encrypt the description information of the key generation method, for example, the above-mentioned lowest version key-0 can be used for encryption to improve security.
  • the blockchain node when the blockchain node encrypts and stores the private information contained in the private field in the target account, it can be stored in the form of key-value pairs, where the value can adopt the structure shown in Figure 3.
  • the processing operations adopted include: indexing to the value according to the key, and the structure of the value is shown in Figure 3; using the key key-0 Decrypt the Info and Nounce fields, determine the key version number, historical block height, offset and other information, generate the corresponding key based on the security key, and use the key to decrypt the content of the Cipher field.
  • the data integrity can be verified through the Tag field (if the Tag is generated based on plain text, the decrypted data is verified; if the tag is generated based on cipher text, the data before decryption is verified), so as to obtain privacy in the form of plain text information.
  • the blockchain node After the blockchain node determines that the querying party has the query authority for the target account, it can obtain the stored private information in the form of ciphertext, and decrypt the private information in the form of ciphertext in the TEE to obtain the corresponding private information in the form of plaintext . Then, the blockchain node can provide the private information in plaintext to the querying party.
  • blockchain nodes can encrypt the plaintext private information before transmitting it to the querying party, and ensure that only the querying party can decrypt the plaintext private information again.
  • the inquiring party can maintain a symmetric key, and share the symmetric key with the blockchain node in some way, so that the blockchain node can use the symmetric key to encrypt private information in plaintext in the TEE Then it is sent to the inquiring party, and the inquiring party can decrypt the private information in plaintext based on the symmetric key.
  • the inquirer can maintain a private key of the inquirer, and the blockchain node can learn the corresponding public key of the inquirer, so that the blockchain node can use the inquirer's public key to encrypt private information in plaintext in the TEE Then it is sent to the inquiring party, and the inquiring party can decrypt the private information based on the private key of the inquiring party to obtain the private information in plain text.
  • the symmetric key maintained by the inquiring party can be negotiated between the inquiring party and the blockchain node.
  • the inquiring party can generate (such as randomly generated) the symmetric key, and then share it with the blockchain node in the following way:
  • the querying party When the querying party wants to query the private information in the private field in the target account, it can generate the corresponding plaintext transaction content, encrypt the plaintext transaction content with the above-mentioned symmetric key, and obtain the corresponding ciphertext transaction content.
  • the node private key is maintained in the TEE by the blockchain node, and the node public key is disclosed.
  • the query party can learn the node public key, and the node private key can be in After the blockchain node passes the remote certification, it is distributed to the blockchain node by the KMS server. Then the query party can encrypt the above symmetric key with the node public key to obtain the encrypted key, and the transaction submitted by the query party to the blockchain node as mentioned above contains both the ciphertext transaction content and the encrypted key .
  • the blockchain node when the blockchain node receives the transaction submitted by the querying party, it can read the transaction into the TEE, and use the node private key to decrypt the encrypted key contained in the transaction in the TEE to obtain the above-mentioned symmetric Then use the symmetric key to decrypt the ciphertext transaction content contained in the exchange in the TEE to obtain the above-mentioned plaintext transaction content, and then execute the plaintext transaction content to realize the query scheme based on this specification.
  • the blockchain node can obtain the symmetric key maintained by the inquiring party.
  • the symmetric key is in an encrypted state during transmission and the node private key used for encryption is maintained in the TEE of the blockchain node.
  • the blockchain node decrypts the symmetric key in the TEE, that is, when the symmetric key is at the blockchain node, it only exists in plain text in the TEE, which can avoid the occurrence of leakage.
  • the query scheme in this manual can be applied to blockchain networks that only support simple processing logic, such as Bitcoin blockchain, etc.; at the same time, the query scheme in this manual can also be applied to blocks that support complex processing logic.
  • the chain network does not conflict with the complex processing logic based on smart contracts implemented by the blockchain network, and can be compatible.
  • Fig. 4 is a schematic structural diagram of a device provided by an exemplary embodiment.
  • the device can be configured as a blockchain node in this specification. 4, at the hardware level, the device includes a processor 402, an internal bus 404, a network interface 406, a memory 408, and a non-volatile memory 410. Of course, it may also include hardware required for other services.
  • the processor 402 reads the corresponding computer program from the non-volatile memory 410 to the memory 408 and then runs it to form a query device for account privacy information in the blockchain on a logical level.
  • one or more embodiments of this specification do not exclude other implementations, such as logic devices or a combination of software and hardware, and so on. That is to say, the execution subject of the following processing flow is not limited to each
  • the logic unit can also be a hardware or a logic device.
  • the device for querying account privacy information in the blockchain may include the following units.
  • the receiving unit 51 enables the blockchain node to receive the transaction initiated by the inquiring party, the transaction is used to obtain the private information contained in the private field in the target account, and the private information is encrypted and stored at the blockchain node; judge Unit 52 enables the blockchain node to determine whether the inquiring party has the inquiry authority according to the authority management information recorded in the authority field in the target account; the information decryption unit 53 makes the blockchain node to determine whether the result In the case of having the query authority, the private information in the form of cipher text is read into a trusted execution environment for decryption, so as to provide the obtained private information in the form of plain text to the inquiring party.
  • the judging unit 52 is specifically configured to: enable the blockchain node to read the public key of the authority owner contained in the authority management information; and enable the blockchain node to pass the authority owner's public key
  • the public key of the exchange verifies the transaction signature contained in the transaction, and the transaction signature is generated by the private key of the querying party; if the blockchain node passes the verification, it is determined that the querying party has the query Authority; otherwise, it is determined that the inquiring party does not have inquiry authority.
  • the authority owner includes the owner of the target account; or, the authority owner includes the owner of the target account and at least one other user.
  • the judging unit 52 is specifically configured to: enable the blockchain node to determine the specific permission management information corresponding to the inquiring party recorded in the permission field; and enable the blockchain node to be in the In the case that the specific authority management information contains the query authority, it is determined that the query party has the query authority; otherwise, it is determined that the query party does not have the query authority.
  • the status field of the target account includes status indication information, and the status indication information is used to indicate that the private information is stored in plaintext or encrypted and stored at the blockchain node.
  • it further includes: an identification unit 54 to enable the blockchain node to identify the type of the transaction; an execution unit 55 to enable the blockchain node to be free when the transaction belongs to a predefined query type The transaction is executed in the case of consensus.
  • the transaction includes ciphertext transaction content and an encrypted key
  • the ciphertext transaction content is obtained by encrypting the plaintext transaction content with a symmetric key maintained by the querying party
  • the encrypted key is obtained by the node
  • the public key is obtained by encrypting the symmetric key
  • the node public key corresponds to the node private key maintained by the blockchain node in the trusted execution environment
  • the device further includes: a key decryption unit 56 , Enable the blockchain node to read the transaction into the trusted execution environment, and decrypt the encrypted key through the node's private key to obtain the symmetric key
  • the content decryption unit 57 makes The blockchain node decrypts the ciphertext transaction content through the symmetric key in the trusted execution environment to obtain the plaintext transaction content
  • the encryption unit 58 makes the blockchain node available in the In the letter execution environment, the symmetric key is used to encrypt the private information in plain text, so as to provide the obtained encrypted information to the querying party.
  • the private information is stored after being encrypted by the blockchain node in the trusted execution environment using a key, and the key is based on a security key maintained in the trusted execution environment. generate.
  • the key is generated based on the security key and at least one influence factor related to the target account.
  • the impact factor related to the target account includes at least one of the following: the block height of the block where the account creation transaction corresponding to the target account is located, and the position of the account creation transaction in the block where the account creation transaction is located. The offset, the creation sequence number of the target account in all accounts, and the account address of the target account.
  • the security key has a version update
  • the security key of the lower version is irreversibly calculated from the security key of the higher version.
  • a typical implementation device is a computer.
  • the specific form of the computer can be a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email receiving and sending device, and a game control A console, a tablet computer, a wearable device, or a combination of any of these devices.
  • the computer includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
  • processors CPU
  • input/output interfaces network interfaces
  • memory volatile and non-volatile memory
  • the memory may include non-permanent memory in computer readable media, random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of computer readable media.
  • RAM random access memory
  • ROM read-only memory
  • flash RAM flash memory
  • Computer-readable media include permanent and non-permanent, removable and non-removable media, and information storage can be realized by any method or technology.
  • the information can be computer-readable instructions, data structures, program modules, or other data.
  • Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical storage, Magnetic cassettes, disk storage, quantum memory, graphene-based storage media or other magnetic storage devices, or any other non-transmission media, can be used to store information that can be accessed by computing devices.
  • computer-readable media does not include transitory media, such as modulated data signals and carrier waves.
  • first, second, third, etc. may be used to describe various information in one or more embodiments of this specification, the information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other.
  • first information may also be referred to as second information, and similarly, the second information may also be referred to as first information.
  • word “if” as used herein can be interpreted as "when” or “when” or "in response to determination”.

Abstract

Provided are a method and apparatus for querying account privacy information in a blockchain. The method may comprise: a blockchain node receiving a transaction initiated by a query party, wherein the transaction is used for acquiring privacy information contained in a privacy field in a target account, and the privacy information is encrypted and stored in the blockchain node; the blockchain node determining, according to permission management information recorded in a permission field in the target account, whether the query party has query permission; and insofar as a determination result indicates that the query party has query permission, the blockchain node reading the privacy information, which is in the form of ciphertext, in a trusted execution environment for decryption, so as to provide obtained privacy information in the form of plaintext to the query party.

Description

区块链中账户隐私信息的查询方法及装置Method and device for querying account privacy information in blockchain 技术领域Technical field
本说明书一个或多个实施例涉及区块链技术领域,尤其涉及一种区块链中账户隐私信息的查询方法及装置。One or more embodiments of this specification relate to the field of blockchain technology, and more particularly to a method and device for querying account privacy information in a blockchain.
背景技术Background technique
区块链技术构建在传输网络(例如点对点网络)之上。传输网络中的网络节点利用链式数据结构来验证与存储数据,并采用分布式节点共识算法来生成和更新数据。这些区块链网络中的节点有时需要增加。Blockchain technology is built on a transmission network (such as a peer-to-peer network). The network nodes in the transmission network use chained data structures to verify and store data, and use distributed node consensus algorithms to generate and update data. Nodes in these blockchain networks sometimes need to be increased.
目前企业级的区块链平台技术上最大的两个挑战就是隐私和性能,往往这两个挑战很难同时解决。大多解决方案都是通过损失性能换取隐私,或者不大考虑隐私去追求性能。常见的解决隐私问题的加密技术,如同态加密(Homomorphic encryption)和零知识证明(Zero-knowledge proof)等复杂度高,通用性差,而且还可能带来严重的性能损失。At present, the two biggest challenges in enterprise-level blockchain platform technology are privacy and performance, and it is often difficult to solve these two challenges at the same time. Most of the solutions are to lose performance in exchange for privacy, or do not consider privacy to pursue performance. Common encryption technologies that solve privacy problems, such as Homomorphic encryption and Zero-knowledge proof, are highly complex, have poor versatility, and may also cause serious performance losses.
在解决隐私方面,可信执行环境(Trusted Execution Environment,TEE)是另一种解决方式。TEE可以起到硬件中的黑箱作用,在TEE中执行的代码和数据操作系统层都无法偷窥,只有代码中预先定义的接口才能对其进行操作。在效率方面,由于TEE的黑箱性质,在TEE中进行运算的是明文数据,而不是同态加密中的复杂密码学运算,计算过程效率没有损失,因此与TEE相结合可以在性能损失较小的前提下很大程度上提升区块链的安全性和隐私性。目前工业界十分关注TEE的方案,几乎所有主流的芯片和软件联盟都有自己的TEE解决方案,包括软件方面的TPM(Trusted Platform Module,可信赖平台模块)以及硬件方面的Intel SGX(Software Guard Extensions,软件保护扩展)、ARM Trustzone(信任区)和AMD PSP(Platform Security Processor,平台安全处理器)。In terms of solving privacy, Trusted Execution Environment (TEE) is another solution. TEE can play the role of a black box in the hardware. Neither the code executed in the TEE nor the data operating system layer can be peeped, and only the pre-defined interface in the code can operate on it. In terms of efficiency, due to the black box nature of TEE, plaintext data is calculated in TEE instead of complex cryptographic operations in homomorphic encryption. There is no loss of efficiency in the calculation process. Therefore, the combination with TEE can achieve less performance loss. Under the premise, the security and privacy of the blockchain are greatly improved. At present, the industry is very concerned about the TEE solution. Almost all mainstream chip and software alliances have their own TEE solutions, including TPM (Trusted Platform Module) in software and Intel SGX (Software Guard Extensions) in hardware. , Software Protection Extension), ARM Trustzone (trust zone) and AMD PSP (Platform Security Processor, platform security processor).
发明内容Summary of the invention
有鉴于此,本说明书一个或多个实施例提供一种区块链中账户隐私信息的查询方法及装置。In view of this, one or more embodiments of this specification provide a method and device for querying account privacy information in a blockchain.
为实现上述目的,本说明书一个或多个实施例提供技术方案如下。In order to achieve the foregoing objectives, one or more embodiments of the present specification provide the following technical solutions.
根据本说明书一个或多个实施例的第一方面,提出了一种区块链中账户隐私信息的 查询方法,包括:区块链节点接收查询方发起的交易,所述交易用于获取目标账户中隐私字段所含的隐私信息,所述隐私信息被加密存储于所述区块链节点处;所述区块链节点根据所述目标账户中权限字段所记录的权限管理信息,判断所述查询方是否具有查询权限;所述区块链节点在判断结果为具有查询权限的情况下,将密文形式的所述隐私信息读入可信执行环境中进行解密,以将得到的明文形式的所述隐私信息提供至所述查询方。According to the first aspect of one or more embodiments of this specification, a method for querying account privacy information in a blockchain is proposed, which includes: a blockchain node receives a transaction initiated by a querying party, and the transaction is used to obtain a target account The private information contained in the privacy field in the private information is encrypted and stored at the blockchain node; the blockchain node determines the query according to the authority management information recorded in the authority field in the target account Whether the party has query authority; when the judgment result is that the blockchain node has query authority, the private information in ciphertext form is read into the trusted execution environment for decryption, so as to obtain all the information in plaintext form. The private information is provided to the inquiring party.
根据本说明书一个或多个实施例的第二方面,提出了一种区块链中账户隐私信息的查询装置,包括:接收单元,使区块链节点接收查询方发起的交易,所述交易用于获取目标账户中隐私字段所含的隐私信息,所述隐私信息被加密存储于所述区块链节点处;判断单元,使所述区块链节点根据所述目标账户中权限字段所记录的权限管理信息,判断所述查询方是否具有查询权限;解密单元,使所述区块链节点在判断结果为具有查询权限的情况下,将密文形式的所述隐私信息读入可信执行环境中进行解密,以将得到的明文形式的所述隐私信息提供至所述查询方。According to a second aspect of one or more embodiments of this specification, a device for querying account privacy information in a blockchain is proposed, which includes: a receiving unit that enables blockchain nodes to receive transactions initiated by the querying party, and the transaction is used To obtain the privacy information contained in the privacy field in the target account, the privacy information is encrypted and stored at the blockchain node; Authority management information to determine whether the query party has query authority; the decryption unit enables the blockchain node to read the private information in the form of cipher text into the trusted execution environment when the result of the determination is that it has query authority Decryption is performed in the process, so as to provide the obtained private information in the plaintext form to the inquiring party.
根据本说明书一个或多个实施例的第三方面,提出了一种电子设备,包括:处理器;用于存储处理器可执行指令的存储器;其中,所述处理器通过运行所述可执行指令以实现如第一方面所述的方法。According to a third aspect of one or more embodiments of this specification, an electronic device is proposed, including: a processor; a memory for storing executable instructions of the processor; wherein the processor runs the executable instructions To achieve the method as described in the first aspect.
根据本说明书一个或多个实施例的第四方面,提出了一种计算机可读存储介质,其上存储有计算机指令,该指令被处理器执行时实现如第一方面所述方法的步骤。According to the fourth aspect of one or more embodiments of the present specification, a computer-readable storage medium is provided, on which computer instructions are stored, and when the instructions are executed by a processor, the steps of the method described in the first aspect are implemented.
附图说明Description of the drawings
图1是一示例性实施例提供的一种区块链中账户隐私信息的查询方法的流程图。Fig. 1 is a flowchart of a method for querying account privacy information in a blockchain according to an exemplary embodiment.
图2是一示例性实施例提供的一种密钥版本演进的示意图。Fig. 2 is a schematic diagram of a key version evolution provided by an exemplary embodiment.
图3是一示例性实施例提供的一种密文形式的隐私信息的数据结构的示意图。Fig. 3 is a schematic diagram of a data structure of private information in ciphertext form provided by an exemplary embodiment.
图4是一示例性实施例提供的一种设备的结构示意图。Fig. 4 is a schematic structural diagram of a device provided by an exemplary embodiment.
图5是一示例性实施例提供的一种区块链中账户隐私信息的查询装置的框图。Fig. 5 is a block diagram of a device for querying account privacy information in a blockchain according to an exemplary embodiment.
具体实施方式Detailed ways
这里将详细地对示例性实施例进行说明,其示例表示在附图中。下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。以下示例性实施 例中所描述的实施方式并不代表与本说明书一个或多个实施例相一致的所有实施方式。相反,它们仅是与如所附权利要求书中所详述的、本说明书一个或多个实施例的一些方面相一致的装置和方法的例子。The exemplary embodiments will be described in detail here, and examples thereof are shown in the accompanying drawings. When the following description refers to the accompanying drawings, unless otherwise indicated, the same numbers in different drawings represent the same or similar elements. The implementation manners described in the following exemplary embodiments do not represent all implementation manners consistent with one or more embodiments of this specification. Rather, they are merely examples of devices and methods consistent with some aspects of one or more embodiments of this specification as detailed in the appended claims.
需要说明的是:在其他实施例中并不一定按照本说明书示出和描述的顺序来执行相应方法的步骤。在一些其他实施例中,其方法所包括的步骤可以比本说明书所描述的更多或更少。此外,本说明书中所描述的单个步骤,在其他实施例中可能被分解为多个步骤进行描述;而本说明书中所描述的多个步骤,在其他实施例中也可能被合并为单个步骤进行描述。It should be noted that in other embodiments, the steps of the corresponding method may not be executed in the order shown and described in this specification. In some other embodiments, the method may include more or fewer steps than described in this specification. In addition, a single step described in this specification may be decomposed into multiple steps for description in other embodiments; and multiple steps described in this specification may also be combined into a single step in other embodiments. describe.
区块链一般被划分为三种类型:公有链(Public Blockchain),私有链(Private Blockchain)和联盟链(Consortium Blockchain)。此外,还有多种类型的结合,比如私有链+联盟链、联盟链+公有链等不同组合形式。其中去中心化程度最高的是公有链。公有链以比特币、以太坊为代表,加入公有链的参与者可以读取链上的数据记录、参与交易以及竞争新区块的记账权等。而且,各参与者(即节点)可自由加入以及退出网络,并进行相关操作。私有链则相反,该网络的写入权限由某个组织或者机构控制,数据读取权限受组织规定。简单来说,私有链可以为一个弱中心化系统,参与节点具有严格限制且少。这种类型的区块链更适合于特定机构内部使用。联盟链则是介于公有链以及私有链之间的区块链,可实现“部分去中心化”。联盟链中各个节点通常有与之相对应的实体机构或者组织;参与者通过授权加入网络并组成利益相关联盟,共同维护区块链运行。Blockchain is generally divided into three types: Public Blockchain, Private Blockchain and Consortium Blockchain. In addition, there are many types of combinations, such as private chain + alliance chain, alliance chain + public chain and other different combinations. Among them, the most decentralized one is the public chain. The public chain is represented by Bitcoin and Ethereum. Participants who join the public chain can read the data records on the chain, participate in transactions, and compete for the accounting rights of new blocks. Moreover, each participant (ie, node) can freely join and exit the network, and perform related operations. The private chain is the opposite. The write permission of the network is controlled by an organization or institution, and the data read permission is regulated by the organization. In simple terms, the private chain can be a weakly centralized system with strict restrictions and few participating nodes. This type of blockchain is more suitable for internal use by specific institutions. Consortium chain is a block chain between public chain and private chain, which can realize "partial decentralization". Each node in the alliance chain usually has a corresponding entity or organization; participants are authorized to join the network and form a stakeholder alliance to jointly maintain the operation of the blockchain.
不论是公有链、私有链还是联盟链,都可以实现相对简单的处理逻辑,比如转账逻辑、存证逻辑等。在相关技术中,诸如以太坊等区块链网络可以通过在区块链节点上运行虚拟机(比如以太坊网络中采用的以太坊虚拟机EVM等),并结合智能合约实现相对复杂的处理逻辑,比如有条件的转账逻辑、有条件的查询逻辑等。可见,对于支持智能合约的区块链网络而言,可以基于复杂处理逻辑而便捷地实现对账户信息的隐私保护和安全查询等功能,但简单处理逻辑则难以通过相同的方式实现。Regardless of whether it is a public chain, a private chain, or a consortium chain, relatively simple processing logic can be implemented, such as transfer logic, deposit logic, and so on. In related technologies, blockchain networks such as Ethereum can implement relatively complex processing logic by running virtual machines (such as the Ethereum virtual machine EVM used in the Ethereum network) on the blockchain nodes, and combining with smart contracts. , Such as conditional transfer logic, conditional query logic, etc. It can be seen that for a blockchain network that supports smart contracts, functions such as privacy protection and secure query of account information can be conveniently implemented based on complex processing logic, but simple processing logic is difficult to achieve in the same way.
下面结合图1所示说明本说明书一区块链中账户隐私信息的查询方法实施例的实现过程,可以通过简单处理逻辑实现对账户信息的隐私保护和安全查询。如图1所示,该方法可以包括以下步骤102至步骤106。The following describes the implementation process of an embodiment of the method for querying account privacy information in a blockchain in this specification with reference to FIG. 1, which can realize privacy protection and secure query of account information through simple processing logic. As shown in FIG. 1, the method may include the following steps 102 to 106.
步骤102,区块链节点接收查询方发起的交易,所述交易用于获取目标账户中隐私字段所含的隐私信息,所述隐私信息被加密存储于所述区块链节点处。Step 102: The blockchain node receives the transaction initiated by the querying party, the transaction is used to obtain the private information contained in the private field in the target account, and the private information is encrypted and stored at the blockchain node.
上述区块链节点可以通过多种方式获得上述交易。例如,查询方可以在客户端生成交易后,通过该客户端将该交易提交至上述区块链节点。或者,客户端可以将该交易提交至另一区块链节点,而该另一区块链节点可以将该交易进一步转发至上述区块链节点。或者,查询方可以在上述区块链节点处生成该交易。The above-mentioned blockchain nodes can obtain the above-mentioned transactions in a variety of ways. For example, the inquirer can submit the transaction to the aforementioned blockchain node through the client after generating the transaction on the client. Alternatively, the client can submit the transaction to another blockchain node, and the other blockchain node can further forward the transaction to the aforementioned blockchain node. Alternatively, the inquiring party can generate the transaction at the aforementioned blockchain node.
通过解析上述交易所含的交易内容,上述区块链节点可以确定该交易对应的目标账户和隐私字段等内容。例如,交易内容中可以包含目标账户的账户地址,使得上述区块链节点可以据此确定出目标账户;以及,交易内容中可以包含隐私字段的字段名称,使得上述区块链节点可以据此确定出隐私字段。By analyzing the transaction content contained in the transaction, the blockchain node can determine the target account and privacy fields corresponding to the transaction. For example, the transaction content may include the account address of the target account, so that the above-mentioned blockchain node can determine the target account accordingly; and the transaction content may include the field name of the privacy field, so that the above-mentioned blockchain node can determine accordingly Out the privacy field.
隐私字段可以包括目标账户中的任意一个或多个字段,本说明书并不对此进行限制。譬如,在以太坊区块链中,账户可以包含Balance字段、Nonce字段等,而Balance字段用于记录账户余额,如果该Balance字段为隐私字段,可以对Balance字段中记录的账户余额进行加密存储,以保护账户余额的取值不被泄露。The privacy field can include any one or more fields in the target account, and this specification does not limit this. For example, in the Ethereum blockchain, the account can contain the Balance field, Nonce field, etc., and the Balance field is used to record the account balance. If the Balance field is a privacy field, the account balance recorded in the Balance field can be encrypted and stored. To protect the value of the account balance from being leaked.
上述区块链节点基于接收到的交易,首先仅能够确定出查询方希望查询哪一字段,并进一步确定该字段是否为隐私字段。譬如,对于所有账户中的某一字段,上述区块链节点对相应的字段内容均加密存储,那么在区块链节点获知查询方需要查询该字段的情况下,该区块链节点可以确定查询方需要查询的字段必然为隐私字段。再譬如,区块链节点对部分账户中的某一字段的字段内容加密存储、对剩余账户中的该某一字段的字段内容明文存储,那么账户中可以包含一状态字段,并通过该状态字段所含的状态指示信息来表明相应账户中的上述某一字段的字段内容为加密存储或明文存储,例如状态指示信息可以存在多种取值:第一取值表明字段内容为加密存储、第二取值表明字段内容为明文存储;再例如,可以通过状态指示信息的最高比特位的取值来表明采用加密存储或明文存储。因此,对于上文所述的目标账户而言,该目标账户的状态字段可以包含上述的状态指示信息,该状态指示信息用于表明上述的隐私信息被明文存储或加密存储于区块链节点处:如果加密存储,则表明该隐私信息所处的字段为隐私字段,且区块链节点需要基于下述步骤104-106实现安全的信息查询;如果明文存储,则表明该隐私信息所处的字段并非隐私字段,且区块链节点可以直接读取该隐私信息以供返回至查询方,而无需执行下述的步骤104-106。Based on the received transaction, the above-mentioned blockchain node can first determine which field the querying party wants to query, and further determine whether the field is a private field. For example, for a field in all accounts, the above-mentioned blockchain node encrypts and stores the content of the corresponding field. Then, when the blockchain node knows that the querying party needs to query the field, the blockchain node can determine the query The field that the party needs to query must be a private field. For another example, if the blockchain node encrypts and stores the field content of a certain field in some accounts, and stores the field content of the certain field in the remaining accounts in plaintext, then the account can include a status field and pass the status field. The status indication information contained in the corresponding account indicates that the field content of the above-mentioned certain field in the corresponding account is encrypted storage or plaintext storage. For example, the status indication information can have multiple values: the first value indicates that the field content is encrypted storage, and the second The value indicates that the content of the field is stored in plain text; for another example, the value of the highest bit of the status indication information can be used to indicate the use of encrypted storage or plain text storage. Therefore, for the above-mentioned target account, the status field of the target account may contain the above-mentioned status indication information, which is used to indicate that the above-mentioned private information is stored in plaintext or encrypted and stored at the blockchain node : If stored encrypted, it indicates that the field where the private information is located is a private field, and the blockchain node needs to implement secure information query based on the following steps 104-106; if stored in plain text, it indicates the field where the private information is located It is not a private field, and the blockchain node can directly read the private information for returning to the inquiring party without performing the following steps 104-106.
上述查询方提交至区块链节点的交易可以为相关技术中的常规交易,即该交易需要由区块链网络中的所有区块链节点进行共识、上链,以便于事后追溯查询方的查询操作。例如,在采用工作量证明(Proof of Work,POW)以及股权证明(Proof of Stake,POS)、 委任权益证明(Delegated Proof of Stake,DPOS)等争夺记账权性质的共识算法的区块链网络中,区块链节点在收到客户端提交的上述交易后,立即扩散(如广播)至区块链网络中的其他区块链节点;然后,如果上述的区块链节点争夺到记账权,并且该区块链节点确认将客户端提交的上述交易打包至新的区块中,那么区块链网络中的所有区块链节点可以执行上述交易,并通过将包含该交易的新区块添加至区块链末端而使得该交易上链。当然,如果其他区块链节点争夺到记账权,那么由其他区块链节点选取希望打包至新的区块的交易,此处不再赘述。再例如,在采用实用拜占庭容错(Practical Byzantine Fault Tolerance,PBFT)等非争夺记账权性质的区块链网络中,记账节点在本轮记账前已经商定好,使得区块链节点在收到客户端提交的交易后,若自身并非记账节点,则将该交易发送至已确定的记账节点,使得该记账节点在进一步的共识阶段将交易(包括该交易)打包发送至各个验证节点。而当上述区块链节点自身为已确定的记账节点时,同样可以接收客户端提交的上述交易,或者由客户端提交至其他区块链节点后、由该其他区块链节点转发至上述区块链节点,且该区块链节点可以在共识阶段将上述交易(或还包括其他交易)打包发送至各个验证节点。The transaction submitted by the query party to the blockchain node can be a regular transaction in related technologies, that is, the transaction needs to be agreed by all blockchain nodes in the blockchain network and linked to the chain, so that the query party’s query can be traced back afterwards. operate. For example, in a blockchain network that uses Proof of Work (POW), Proof of Stake (POS), Delegated Proof of Stake (DPOS) and other consensus algorithms that compete for the right to bookkeeping , After receiving the above transaction submitted by the client, the blockchain node will immediately spread (such as broadcast) to other blockchain nodes in the blockchain network; then, if the above blockchain nodes compete for the right to keep accounts , And the blockchain node confirms that the above transaction submitted by the client is packaged into a new block, then all blockchain nodes in the blockchain network can execute the above transaction, and by adding a new block containing the transaction To the end of the blockchain and make the transaction on the chain. Of course, if other blockchain nodes compete for the right to bookkeeping, then other blockchain nodes will select the transactions that they want to package into the new block, which will not be repeated here. For another example, in a blockchain network that uses non-competitive accounting rights such as Practical Byzantine Fault Tolerance (PBFT), the accounting nodes have agreed before the current round of accounting, so that the blockchain nodes can receive After the transaction submitted by the client, if it is not the accounting node, the transaction is sent to the determined accounting node, so that the accounting node will package the transaction (including the transaction) and send it to each verification in the further consensus stage node. And when the above-mentioned blockchain node itself is the determined accounting node, the above-mentioned transaction submitted by the client can also be received, or after the client submits to another blockchain node, the other blockchain node forwards it to the above-mentioned A blockchain node, and the blockchain node can package and send the above-mentioned transactions (or other transactions) to each verification node in the consensus phase.
而由于查询方的需求只是查询目标账户中的信息,并不会导致诸如账户内容等发生变化,即不会影响区块链的状态,因此本说明书还可以支持新的无需共识的交易。例如,本说明书可以在相关技术中的基础上提供一种新的交易类型,譬如查询类型;相应地,区块链节点可以识别上述交易的类型,并在该交易属于预定义的查询类型时,由该区块链节点在免共识的情况下执行该交易。换言之,区块链节点在获得上述交易后,并不需要记账节点(无论是争夺记账权的节点或者商定的记账节点)确定是否将该交易添加至新的区块,该区块链节点可以直接执行该交易,且实际上该交易并不会被添加至新的区块中、不会上链,一方面可以实现查询类型的交易被区块链节点高效执行,另一方面可以避免占用宝贵的区块空间。举例而言,本说明书中的交易可以包含类型字段,并通过对该类型字段的取值进行设置,使得区块链节点可以基于该取值来识别出上述交易是否为查询类型或其他类型(如转账类型、存证类型等)。Since the inquirer’s needs are only to query the information in the target account, and will not cause changes such as account content, that is, it will not affect the state of the blockchain, this manual can also support new transactions that do not require consensus. For example, this specification can provide a new transaction type, such as a query type, based on related technologies; accordingly, the blockchain node can identify the above transaction type, and when the transaction belongs to a predefined query type, The blockchain node executes the transaction without consensus. In other words, after the blockchain node obtains the above transaction, it does not need the accounting node (whether it is a node competing for accounting rights or an agreed accounting node) to determine whether to add the transaction to a new block. The node can directly execute the transaction, and in fact the transaction will not be added to the new block and will not be on the chain. On the one hand, it can realize that query-type transactions are efficiently executed by the blockchain node, and on the other hand, it can be avoided Take up valuable block space. For example, the transaction in this specification can include a type field, and by setting the value of the type field, the blockchain node can identify whether the above transaction is a query type or other types (such as Transfer type, deposit type, etc.).
步骤104,所述区块链节点根据所述目标账户中权限字段所记录的权限管理信息,判断所述查询方是否具有查询权限。Step 104: The blockchain node determines whether the query party has query authority according to the authority management information recorded in the authority field in the target account.
基于如前所述的简单处理逻辑,区块链节点上维护的账户中可以包含权限字段,该权限字段所含的权限管理信息可以被用于判断某一查询方是否具有查询权限。相应地,响应于查询方对上述目标账户的查询需求,区块链节点可以根据该目标账户中的权限字 段所含的权限管理信息,来判断查询方是否具有查询权限:如果具有查询权限,则区块链节点可以向查询方提供解密后的隐私信息,否则不提供。Based on the simple processing logic described above, the account maintained on the blockchain node can include a permission field, and the permission management information contained in the permission field can be used to determine whether a query party has query permission. Correspondingly, in response to the querying party’s query requirements for the above-mentioned target account, the blockchain node can determine whether the querying party has query authority based on the authority management information contained in the authority field in the target account: if it has query authority, then The blockchain node can provide the decrypted private information to the querying party, otherwise it will not provide it.
权限字段中记录的权限管理信息可以存在多种形式,以使得区块链节点可以通过多种方式判断查询方是否具有查询权限。The authority management information recorded in the authority field can exist in various forms, so that the blockchain node can determine whether the querying party has query authority in a variety of ways.
例如,权限管理信息可以包含权限拥有者的公钥,即预先确定的具有查询权限的所有用户的公钥集合;同时,查询方提交的交易中包含交易签名,该交易签名由该查询方通过自身的私钥而生成;因此,区块链节点可以通过上述权限拥有者的公钥对该交易签名进行验证:如果某一权限拥有者的公钥验证成功,则表明查询方即为该权限拥有者,而区块链节点可以判定查询方具有查询权限;而如果所有公钥均验证失败,则表明查询方并非权限拥有者,即查询方不具有查询权限。可见,通过对权限管理信息所含的公钥进行管理,就可以控制允许对目标账户中的隐私字段进行查询的用户,即合理设置上述的权限拥有者。譬如,上述的权限拥有者可以包括目标账户的所有者,或者上述的权限拥有者可以包括目标账户的所有者和至少一个其他用户。目标账户的所有者可以默认为权限拥有者,而该所有者可以控制将至少一个其他用户的公钥添加至权限字段,以将该至少一个其他用户设置为权限拥有者。除了目标账户的所有者之外,还可以由诸如区块链网络中的管理员或其他用户来设定上述的权限拥有者,本说明书并不对此进行限制。For example, the authority management information may include the public key of the authority owner, that is, a predetermined set of public keys of all users with query authority; at the same time, the transaction submitted by the querying party contains a transaction signature, and the transaction signature is passed by the querying party. Therefore, the blockchain node can verify the transaction signature with the public key of the above-mentioned authority owner: if the public key of a authority owner is successfully verified, it indicates that the inquiring party is the authority owner , And the blockchain node can determine that the inquiring party has the inquiry authority; and if all the public keys fail to verify, it indicates that the inquiry party is not the authority owner, that is, the inquiry party does not have the inquiry authority. It can be seen that by managing the public key contained in the authority management information, it is possible to control the users who are allowed to query the privacy fields in the target account, that is, the authority owner mentioned above can be set reasonably. For example, the above-mentioned authority owner may include the owner of the target account, or the above-mentioned authority owner may include the owner of the target account and at least one other user. The owner of the target account can be the permission owner by default, and the owner can control adding the public key of at least one other user to the permission field to set the at least one other user as the permission owner. In addition to the owner of the target account, the above-mentioned authority owner can also be set by administrators or other users in the blockchain network, and this manual does not limit this.
以目标账户为例。当目标账户的权限拥有者同时包括所有者和至少一个其他用户时,相当于由该所有者与其他用户共同管理该目标账户,即该目标账户属于该所有者与其他用户的共管账户。区块链中的所有账户均可以包含authmap字段,非共管账户(或称,普通账户)的authmap字段仅包含账户所有者的公钥,而共管账户的authmap字段同时包含所有共管者(如上述的所有者和至少一个其他用户)的公钥。基于前文所述的权限判断方式,只有账户所有者对非共管账户具有查询权限,而所有共管者均具有对共管账户的查询权限。Take the target account as an example. When the authority owner of the target account includes both the owner and at least one other user, it is equivalent to the owner and other users jointly managing the target account, that is, the target account belongs to a co-managed account of the owner and other users. All accounts in the blockchain can contain an authmap field. The authmap field of a non-shared account (or ordinary account) only contains the public key of the account owner, while the authmap field of a shared account contains all co-managers (as mentioned above). The public key of the owner and at least one other user). Based on the authority judgment method described above, only the account owner has the query authority for non-co-managed accounts, and all co-managers have the query authority for co-managed accounts.
再例如,权限管理信息可以包含一个或多个用户的权限范围或权限类型,比如每个用户分别存在相应的特定权限管理信息,以表明相应的用户可以对目标账户实施何种操作。相应地,区块链节点可以确定权限字段所记录的对应于查询方的特定权限管理信息,该特定权限管理信息可以包含查询方所拥有的权限信息,比如查询权限、编辑权限、删除权限等;那么,在特定权限管理信息中包含查询权限的情况下,区块链节点可以判定查询方具有查询权限,否则判定查询方不具有查询权限。目标账户的所有者可以默认为拥有针对目标账户的所有权限,而该所有者可以控制将针对至少一个用户的特定权限管 理信息添加至权限字段,以设定该至少一个用户的权限。除了目标账户的所有者之外,还可以由诸如区块链网络中的管理员或其他用户来设定上述的特定权限管理信息,本说明书并不对此进行限制。上述的特定权限管理信息采用正面描述的方式,定义了相应的用户拥有何种权限;类似地,特定权限管理信息可以采用负面描述的方式,以定义相应的用户不具有何种权限。For another example, the authority management information may include the authority scope or authority type of one or more users. For example, each user has corresponding specific authority management information to indicate what operations the corresponding user can perform on the target account. Correspondingly, the blockchain node can determine the specific authority management information corresponding to the querying party recorded in the authority field, and the specific authority management information may include authority information owned by the querying party, such as query authority, edit authority, delete authority, etc.; Then, in the case that the specific authority management information contains the query authority, the blockchain node can determine that the query party has the query authority, otherwise it is determined that the query party does not have the query authority. The owner of the target account can default to having all the permissions for the target account, and the owner can control adding specific permission management information for at least one user to the permission field to set the permissions of the at least one user. In addition to the owner of the target account, the above-mentioned specific authority management information can also be set by the administrator or other users in the blockchain network, and this manual does not limit this. The above-mentioned specific authority management information adopts a positive description method to define which authority the corresponding user has; similarly, the specific authority management information can adopt a negative description method to define which authority the corresponding user does not have.
以目标账户为例。通过在目标账户中添加上述的特定权限管理信息,相当于建立针对这些用户的ACL(Access Control Lists,访问控制列表)信息,比如根据查询方对应的ACL信息来识别查询方是否具有查询权限。根据账户中是否包含特定权限管理信息,可以将账户划分为非ACL账户(或称,普通账户)与ACL账户,所有账户的authmap字段均记录有相应的账户所有者的公钥,以赋予账户所有者对于相应账户的管理权限(包括查询权限等所有权限);同时,所有账户还可以包含ACLmap字段,而ACL账户中的ACLmap字段可以用于记录如前所述的特定权限管理信息,从而记录相关用户所拥有的权限(如查询权限或其他),而非ACL账户中的ACLmap字段可以为空。除了在相关技术的基础上增加ACLmap字段之外,还可以将特定权限管理信息记录于authmap字段,这样可以避免对账户进行字段扩展;比如,非ACL账户的authmap字段仅记录账户所有者的公钥,而ACL账户的authmap账户同时记录账户所有者的公钥和针对各个用户的特定权限管理信息。Take the target account as an example. By adding the above-mentioned specific authority management information to the target account, it is equivalent to establishing ACL (Access Control Lists) information for these users, for example, identifying whether the querying party has query authority according to the ACL information corresponding to the querying party. According to whether the account contains specific authority management information, the account can be divided into non-ACL accounts (or ordinary accounts) and ACL accounts. The authmap field of all accounts records the public key of the corresponding account owner to give the account all The person’s management authority for the corresponding account (including all permissions such as query permissions); at the same time, all accounts can also contain ACLmap fields, and the ACLmap field in ACL accounts can be used to record specific authority management information as described above, thereby recording relevant The permissions that the user has (such as query permissions or others), and the ACLmap field in the non-ACL account can be empty. In addition to adding the ACLmap field on the basis of related technologies, you can also record specific authority management information in the authmap field, which can avoid field expansion of the account; for example, the authmap field of a non-ACL account only records the public key of the account owner , And the authmap account of the ACL account records the public key of the account owner and specific authority management information for each user at the same time.
步骤106,所述区块链节点在判断结果为具有查询权限的情况下,将密文形式的所述隐私信息读入可信执行环境中进行解密,以将得到的明文形式的所述隐私信息提供至所述查询方。Step 106: When the judgment result is that the blockchain node has the query authority, read the private information in cipher text into a trusted execution environment for decryption, so as to obtain the private information in plain text. Provided to the inquiring party.
可信执行环境(Trusted Execution Environment,TEE)是基于CPU硬件的安全扩展,且与外部完全隔离的可信执行环境。TEE最早是由Global Platform提出的概念,用于解决移动设备上资源的安全隔离,平行于操作系统为应用程序提供可信安全的执行环境。ARM的Trust Zone技术最早实现了真正商用的TEE技术。Trusted Execution Environment (TEE) is a secure extension based on CPU hardware and a trusted execution environment that is completely isolated from the outside world. TEE was first proposed by Global Platform to solve the security isolation of resources on mobile devices, and parallel to the operating system to provide a trusted and secure execution environment for applications. ARM's Trust Zone technology is the first to realize the real commercial TEE technology.
伴随着互联网的高速发展,安全的需求越来越高,不仅限于移动设备,云端设备,数据中心都对TEE提出了更多的需求。TEE的概念也得到了高速的发展和扩充。现在所说的TEE相比与最初提出的概念已经是更加广义的TEE。例如,服务器芯片厂商Intel,AMD等都先后推出了硬件辅助的TEE并丰富了TEE的概念和特性,在工业界得到了广泛的认可。现在提起的TEE通常更多指这类硬件辅助的TEE技术。不同于移动端,云端访问需要远程访问,终端用户对硬件平台不可见,因此使用TEE的第一步就是要确 认TEE的真实可信。因此现在的TEE技术都引入了远程证明机制,由硬件厂商(主要是CPU厂商)背书并通过数字签名技术确保用户对TEE状态可验证。同时仅仅是安全的资源隔离也无法满足的安全需求,进一步的数据隐私保护也被提出。包括Intel SGX,AMD SEV在内的商用TEE也都提供了内存加密技术,将可信硬件限定在CPU内部,总线和内存的数据均是密文防止恶意用户进行窥探。例如,英特尔的软件保护扩展(SGX)等TEE技术隔离了代码执行、远程证明、安全配置、数据的安全存储以及用于执行代码的可信路径。在TEE中运行的应用程序受到安全保护,几乎不可能被第三方访问。With the rapid development of the Internet, security requirements are getting higher and higher. Not only mobile devices, cloud devices, and data centers have put forward more demands on TEE. The concept of TEE has also been rapidly developed and expanded. Compared with the original concept, the TEE referred to now is a broader TEE. For example, server chip manufacturers Intel, AMD, etc. have successively introduced hardware-assisted TEE and enriched the concept and characteristics of TEE, which has been widely recognized in the industry. The TEE mentioned now usually refers more to this kind of hardware-assisted TEE technology. Unlike the mobile terminal, cloud access requires remote access, and the end user is invisible to the hardware platform. Therefore, the first step in using TEE is to confirm the authenticity of TEE. Therefore, the current TEE technology has introduced a remote certification mechanism, which is endorsed by hardware vendors (mainly CPU vendors) and digital signature technology ensures that users can verify the state of the TEE. At the same time, security needs that cannot be met by only secure resource isolation, further data privacy protection has also been proposed. Commercial TEEs including Intel SGX and AMD SEV also provide memory encryption technology to limit the trusted hardware to the CPU, and the data on the bus and memory are ciphertexts to prevent malicious users from snooping. For example, TEE technologies such as Intel’s Software Protection Extensions (SGX) isolate code execution, remote attestation, secure configuration, secure storage of data, and trusted paths for code execution. The applications running in the TEE are protected by security and are almost impossible to be accessed by third parties.
以Intel SGX技术为例,SGX提供了围圈(enclave,也称为飞地),即内存中一个加密的可信执行区域,由CPU保护数据不被窃取。以第一区块链节点采用支持SGX的CPU为例,利用新增的处理器指令,在内存中可以分配一部分区域EPC(Enclave Page Cache,围圈页面缓存或飞地页面缓存),通过CPU内的加密引擎MEE(Memory Encryption Engine)对其中的数据进行加密。EPC中加密的内容只有进入CPU后才会被解密成明文。因此,在SGX中,用户可以不信任操作系统、VMM(Virtual Machine Monitor,虚拟机监控器)、甚至BIOS(Basic Input Output System,基本输入输出系统),只需要信任CPU便能确保隐私数据不会泄漏。实际应用中,可以将隐私数据加密后以密文形式传递至围圈中,并通过远程证明将对应的密钥也传入围圈。然后,在CPU的加密保护下利用数据进行运算,结果会以密文形式返回。所以,基于TEE对上述隐私信息进行加解密操作,可以确保足够的安全性、不用担心数据泄漏。Taking Intel SGX technology as an example, SGX provides an enclave (also called an enclave), which is an encrypted trusted execution area in the memory, and the CPU protects data from being stolen. Taking the first blockchain node using a CPU that supports SGX as an example, using the newly added processor instructions, a part of the area EPC (Enclave Page Cache, enclave page cache or enclave page cache) can be allocated in the memory, and through the CPU The encryption engine MEE (Memory Encryption Engine) encrypts the data in it. The encrypted content in the EPC will only be decrypted into plaintext after entering the CPU. Therefore, in SGX, users can distrust the operating system, VMM (Virtual Machine Monitor), and even BIOS (Basic Input Output System). They only need to trust the CPU to ensure that private data will not leakage. In practical applications, the private data can be encrypted and transmitted to the circle in cipher text, and the corresponding key can also be transmitted to the circle through remote attestation. Then, use the data to perform operations under the encryption protection of the CPU, and the result will be returned in the form of ciphertext. Therefore, encrypting and decrypting the above-mentioned private information based on TEE can ensure sufficient security without worrying about data leakage.
如前所述,对于目标账户中隐私字段所含的隐私信息而言,出于隐私保护的原因,在TEE外部的该隐私信息均以密文形式存在,只有读入TEE内后才能够被解密为明文形式,并基于TEE的特性来确保该明文形式的隐私信息不会被窃取。而区块链节点通过在TEE中对明文形式的隐私信息进行加密,从而得到上述密文形式的隐私信息。区块链节点可以采用对称加密或非对称加密的方式实现上述的加解密过程,本说明书并不对此进行限制。对称加密采用的加密算法,例如是DES算法,3DES算法,TDEA算法,Blowfish算法,RC5算法,IDEA算法等。非对称加密采用的加密算法,例如是RSA、Elgamal、背包算法、Rabin、D-H、ECC(椭圆曲线加密算法)等。As mentioned earlier, for the privacy information contained in the privacy field in the target account, for privacy protection reasons, the privacy information outside the TEE is in the form of ciphertext, and can only be decrypted after being read into the TEE It is in plain text and is based on the characteristics of TEE to ensure that the private information in plain text will not be stolen. The blockchain node encrypts the private information in the plaintext form in the TEE to obtain the above-mentioned private information in the ciphertext form. Blockchain nodes can use symmetric encryption or asymmetric encryption to implement the above encryption and decryption process, which is not limited in this specification. The encryption algorithm used by symmetric encryption, such as DES algorithm, 3DES algorithm, TDEA algorithm, Blowfish algorithm, RC5 algorithm, IDEA algorithm, etc. The encryption algorithm used in asymmetric encryption is, for example, RSA, Elgamal, knapsack algorithm, Rabin, D-H, ECC (elliptic curve encryption algorithm), etc.
以对称加密为例。区块链节点上的TEE中可以维护一密钥,该密钥为对称密钥,并通过该密钥在TEE中对明文形式的隐私信息进行加密,即可得到上述的密文形式的隐私信息。类似地,区块链节点通过将密文形式的隐私信息读入TEE内,并通过上述密钥对该密文形式的隐私信息进行解密,即可得到上述明文形式的隐私信息。由于密钥被 维护于TEE中,因此具有足够的安全性,可以避免密钥发生泄漏。Take symmetric encryption as an example. A key can be maintained in the TEE on the blockchain node, the key is a symmetric key, and the private information in plaintext form can be encrypted in the TEE by this key to obtain the above-mentioned private information in ciphertext form . Similarly, the blockchain node reads the private information in the cipher text form into the TEE, and decrypts the private information in the cipher text form with the above key, to obtain the above private information in the plain text form. Since the key is maintained in the TEE, it has sufficient security to avoid the key from leaking.
区块链节点可以基于在TEE中维护的一安全密钥生成上述密钥。在一较粗粒度的场景中,区块链节点采用的上述密钥即安全密钥本身,使得区块链节点在针对所有账户的隐私信息进行加解密时均采用相同的密钥。在一较细粒度的场景中,区块链节点采用的上述密钥由安全密钥和影响因子而生成,使得不同影响因子可以形成差异化的密钥,而相应的账户可以采用不同的密钥实现对隐私信息的加解密。由于影响因子的加入,使得不同账户的隐私信息可以采用不同密钥,因而不同账户的隐私信息即便具有相同的明文,加密后得到的密文也可以具有不同取值,那么当某一用户已知账户Qa的隐私信息的明文为Ua、密文为Um时,即便该用户获知了另一账户Qb的隐私信息的密文为Um,也无法推测出该账户Qb的隐私信息的明文必然为Ua(如果账户Qa和Qb采用的密钥不同,则相同密文对应于不同的明文),有助于提升安全性。对于影响因子参与的情况下,虽然区块链节点可以在TEE中维护由安全密钥和影响因子生成的所有密钥,但是由于密钥的使用频率可能并不高,因而可以仅在TEE中维护安全密钥、并不维护由安全密钥和影响因子生成的密钥,而在需要使用的情况下临时根据安全密钥和影响因子生成所需的密钥。The blockchain node can generate the above-mentioned key based on a security key maintained in the TEE. In a coarse-grained scenario, the above-mentioned key used by the blockchain node is the security key itself, so that the blockchain node uses the same key when encrypting and decrypting private information of all accounts. In a fine-grained scenario, the above-mentioned key used by the blockchain node is generated by the security key and the impact factor, so that different impact factors can form a differentiated key, and the corresponding account can use different keys Realize the encryption and decryption of private information. Due to the addition of the influence factor, different keys can be used for the privacy information of different accounts. Even if the privacy information of different accounts has the same plaintext, the encrypted ciphertext can also have different values. Then when a user knows When the plaintext of the private information of the account Qa is Ua and the ciphertext is Um, even if the user knows that the ciphertext of the private information of another account Qb is Um, it cannot be inferred that the plaintext of the private information of the account Qb must be Ua( If the keys used in accounts Qa and Qb are different, the same ciphertext corresponds to different plaintext), which helps to improve security. In the case of the impact factor participation, although the blockchain node can maintain all the keys generated by the security key and the impact factor in the TEE, since the frequency of use of the key may not be high, it can only be maintained in the TEE The security key does not maintain the key generated by the security key and the impact factor, but temporarily generates the required key based on the security key and the impact factor when it needs to be used.
通过采用不同的影响因子,可以实现进一步的粒度划分,以满足不同安全级别的隐私保护需求。例如,通过采用与账户相关的影响因子,可以实现账户级别的隐私保护,即不同账户使用的密钥不同、同一账户内的所有隐私字段使用的密钥相同;再例如,通过采用与字段相关的影响因子,可以实现字段级别的隐私保护,即同一账户内的不同隐私字段使用的密钥不同、不同账户内相同的隐私字段(比如不同账户内的Balance字段)使用的密钥相同;又例如,通过采用同时与账户和字段相关的影响因子,可以实现账户和字段级别的隐私保护,即不同账户使用的密钥不同、同一账户内的不同隐私字段使用的密钥也不同。By using different impact factors, further granularity can be achieved to meet the privacy protection requirements of different security levels. For example, by using account-related impact factors, account-level privacy protection can be achieved, that is, different accounts use different keys, and all private fields in the same account use the same key; for another example, by using field-related The impact factor can achieve field-level privacy protection, that is, different privacy fields in the same account use different keys, and the same privacy fields in different accounts (such as the Balance field in different accounts) use the same keys; for example, By using impact factors related to accounts and fields at the same time, privacy protection at the account and field levels can be achieved, that is, different accounts use different keys, and different privacy fields in the same account use different keys.
以密钥被基于安全密钥和至少一个与目标账户相关的影响因子而生成为例。与目标账户相关的影响因子可以包括以下至少之一:目标账户对应的账户创建交易所处区块的区块高度、账户创建交易在所处区块中的位置偏移量、目标账户在所有账户中的创建顺序号、目标账户的账户地址等。Take the example that the key is generated based on the security key and at least one influence factor related to the target account. The impact factor related to the target account can include at least one of the following: the block height of the block where the account creation transaction corresponds to the target account, the position offset of the account creation transaction in the block, and the target account in all accounts The creation sequence number in, the account address of the target account, etc.
影响因子可以包括目标账户对应的账户创建交易所处区块的区块高度。账户创建交易可指用于创建目标账户的交易,区块链节点通过执行该交易来创建目标账户。那么,区块链节点可以通过确定该账户创建交易在区块链中所处区块的区块高度,并将其作为 与该目标账户相关的影响因子之一。因此,当不同账户对应的账户创建交易处于不同高度的区块时,可以确保这些账户对应的影响因子不同,进而使得这些账户对应于不同的密钥,因而这些账户中隐私字段所含的隐私信息可以采用不同的密钥进行加密存储,使得相同明文对应于不同取值的密文,以提升安全性。The impact factor may include the block height of the block at which the account creation exchange corresponds to the target account. The account creation transaction can refer to the transaction used to create the target account, and the blockchain node creates the target account by executing the transaction. Then, the blockchain node can determine the block height of the block in the blockchain where the account creation transaction is located, and use it as one of the influencing factors related to the target account. Therefore, when the account creation transactions corresponding to different accounts are in blocks of different heights, it can be ensured that the impact factors corresponding to these accounts are different, so that these accounts correspond to different keys, and therefore the privacy information contained in the privacy fields in these accounts Different keys can be used for encryption and storage, so that the same plaintext corresponds to ciphertext with different values to improve security.
影响因子可以包括账户创建交易在所处区块中的位置偏移量。区块链上的每一区块包含若干交易,这些交易在区块中依次排列,而位置偏移量可以视为每笔交易在区块中的排列序号或索引号,以用于对交易进行定位。例如,排列在首位的交易的位置偏移量为0,排列在第二位的交易的位置偏移量为1,以此类推。可见,同一区块内的不同交易具有不同的位置偏移量,在指定某一区块后,即可通过位置偏移量来唯一定位各笔交易。因此,当不同账户创建交易的位置偏移量不同时,可以确保相应账户对应的影响因子不同,进而使得这些账户对应于不同的密钥,因而这些账户中隐私字段所含的隐私信息可以采用不同的密钥进行加密存储,使得相同明文对应于不同取值的密文,以提升安全性。The impact factor may include the position offset of the account creation transaction in the block. Each block on the blockchain contains a number of transactions, which are arranged in sequence in the block, and the position offset can be regarded as the sequence number or index number of each transaction in the block, which is used to perform the transaction. position. For example, the position offset of the transaction in the first position is 0, the position offset of the transaction in the second position is 1, and so on. It can be seen that different transactions in the same block have different position offsets. After a certain block is specified, each transaction can be uniquely located by the position offset. Therefore, when the position offsets of different account creation transactions are different, it can be ensured that the corresponding accounts have different impact factors, so that these accounts correspond to different keys, so the privacy information contained in the privacy fields in these accounts can be different. The key is encrypted and stored so that the same plaintext corresponds to the ciphertext of different values to improve security.
影响因子可以包括目标账户在所有账户中的创建顺序号。区块链上的所有账户之间依次创建,而区块链节点可以根据创建顺序为这些账户设定创建顺序号,使得可以基于该创建顺序号对各个账户予以区分,即所有账户对应的创建序列号均不同。因此,基于创建序列号的差异,可以确保各个账户对应的影响因子均不相同,进而使得这些账户对应于不同的密钥,因而这些账户中隐私字段所含的隐私信息可以采用不同的密钥进行加密存储,使得相同明文对应于不同取值的密文,以提升安全性。The impact factor may include the creation sequence number of the target account in all accounts. All accounts on the blockchain are created sequentially, and the blockchain node can set the creation sequence number for these accounts according to the creation sequence, so that each account can be distinguished based on the creation sequence number, that is, the creation sequence corresponding to all accounts The numbers are all different. Therefore, based on the difference in the creation sequence number, it can be ensured that the impact factors corresponding to each account are not the same, so that these accounts correspond to different keys, so the privacy information contained in the privacy fields in these accounts can be processed using different keys. Encrypted storage, so that the same plaintext corresponds to ciphertext with different values, to improve security.
影响因子可以包括目标账户的账户地址。账户地址为相应账户在创建时生成,每个账户均存在唯一对应的账户地址,即所有账户对应的账户地址均不同。因此,基于账户地址的差异,可以确保各个账户对应的影响因子均不相同,进而使得这些账户对应于不同的密钥,因而这些账户中隐私字段所含的隐私信息可以采用不同的密钥进行加密存储,使得相同明文对应于不同取值的密文,以提升安全性。The impact factor may include the account address of the target account. The account address is generated when the corresponding account is created, and each account has a unique corresponding account address, that is, the account address corresponding to all accounts is different. Therefore, based on the difference of account addresses, it can be ensured that the corresponding impact factors of each account are not the same, so that these accounts correspond to different keys, so the private information contained in the privacy fields in these accounts can be encrypted with different keys Storage, so that the same plaintext corresponds to ciphertext with different values, to improve security.
虽然部分影响因子并非唯一对应于各个账户,譬如上述的区块高度、位置偏移量等,但是基于这些影响因子生成密钥时,仍然可以极大地降低不同账户采用相同密钥的概率,以提升安全性。同时,通过将多种类型的影响因子相互结合,可以进一步降低不同账户采用相同密钥的概率,甚至确保所有账户采用的密钥均不相同,从而完全避免相同的明文经过加密后生成相同的密文,防止可以通过比较密文来推测明文的取值。Although some impact factors are not unique to each account, such as the block height and position offset mentioned above, when keys are generated based on these impact factors, the probability that different accounts use the same key can still be greatly reduced to improve safety. At the same time, by combining multiple types of impact factors with each other, it can further reduce the probability of different accounts using the same key, and even ensure that all accounts use different keys, thereby completely preventing the same plaintext from being encrypted to generate the same secret. Text, to prevent the value of the plain text can be inferred by comparing the cipher text.
区块链网络中的所有区块链节点均维护有相同的上述安全密钥,且所有区块链节点 均针对目标账户采用相同的影响因子,使得所有区块链节点针对目标账户均生成相同的密钥,确保所有区块链节点针对目标账户中隐私字段所含的隐私信息进行加密后得到相同的密文,因而可使所有区块链节点维护相同的状态。All blockchain nodes in the blockchain network maintain the same security key mentioned above, and all blockchain nodes use the same impact factor for the target account, so that all blockchain nodes generate the same The key ensures that all blockchain nodes obtain the same ciphertext after encrypting the private information contained in the private field in the target account, so that all blockchain nodes can maintain the same state.
区块链节点可以通过多种方式获得上述的安全密钥。例如,在确定区块链节点通过远程证明后,可由密钥管理(Key Management Service,KMS)服务器将安全密钥下发至区块链节点,并由区块链节点将得到的安全密钥维护于TEE中。那么,KMS服务器向所有通过远程证明的区块链节点下发相同的安全密钥,可以确保所有区块链节点维护的安全密钥一致。再例如,区块链节点之间可以协商得到安全密钥,并由所有区块链节点均在TEE中维护协商得到的安全密钥。Blockchain nodes can obtain the above-mentioned security keys in a variety of ways. For example, after confirming that the blockchain node has passed the remote certification, the key management (KMS) server can issue the security key to the blockchain node, and the blockchain node will maintain the obtained security key In TEE. Then, the KMS server issues the same security key to all blockchain nodes that have passed remote certification, which can ensure that the security keys maintained by all blockchain nodes are consistent. For another example, a security key can be negotiated between blockchain nodes, and all blockchain nodes maintain the negotiated security key in the TEE.
虽然区块链节点可以长期使用同一安全密钥,但是可能存在一些潜在或未知的安全性风险。因此,为了进一步提升安全性,区块链节点维护的安全密钥可以存在版本更新,使得区块链节点可以定期或非定期地更新所使用的安全密钥的版本。安全密钥的版本更新方式很多。例如,区块链节点可以通过前文所述的方式获得更新版本的安全密钥,即通过KMS服务器下发新版本的安全密钥,或者区块链节点之间协商新版本的安全密钥。再例如,区块链节点可以自行实现对安全密钥的版本更新,那么只要所有区块链节点采用的版本更新逻辑一致,即可确保更新后的安全密钥在所有区块链节点处均保持一致。Although blockchain nodes can use the same security key for a long time, there may be some potential or unknown security risks. Therefore, in order to further improve security, the security key maintained by the blockchain node may have a version update, so that the blockchain node can update the version of the security key used regularly or irregularly. There are many ways to update the version of the security key. For example, a blockchain node can obtain an updated version of the security key through the method described above, that is, a new version of the security key is issued through the KMS server, or a new version of the security key is negotiated between the blockchain nodes. For another example, blockchain nodes can implement the version update of the security key by themselves, so as long as the version update logic adopted by all blockchain nodes is consistent, it can ensure that the updated security key is maintained at all blockchain nodes Unanimous.
假定区块链节点最初获得的安全密钥为根密钥,该根密钥的版本最高。区块链节点可以基于高版本的安全密钥计算得到低版本的安全密钥,从而获得版本依次排列的若干版本的安全密钥。同时,区块链节点所采用的计算方式可以为不可逆计算,即高版本的安全密钥可以计算得到低版本的安全密钥,但低版本的安全密钥不可逆向计算得到高版本的安全密钥。It is assumed that the security key initially obtained by the blockchain node is the root key, and the version of the root key is the highest. The blockchain node can calculate the security key of the lower version based on the security key of the higher version, thereby obtaining the security key of several versions arranged in sequence. At the same time, the calculation method adopted by the blockchain node can be irreversible calculation, that is, the security key of the higher version can be calculated to obtain the security key of the lower version, but the security key of the lower version can be calculated irreversibly to obtain the security key of the higher version. .
如图2所示,可以将上述的根密钥作为最高版本的安全密钥,并基于该根密钥依次生成其他低版本的安全密钥,比如版本号分别为0~255的256个版本的安全密钥。例如,通过将根密钥与版本因子0xFF(十进制的取值为255,即需要生成的密钥的版本号;当然,也可以采用其他取值)进行哈希计算,得到版本号为255的安全密钥key-255;通过将安全密钥key-255与版本因子0xFE进行哈希计算,得到版本号为254的安全密钥key-254;……通过将安全密钥key-1与版本因子0x00进行哈希计算,得到版本号为0的安全密钥key-0。由于哈希算法的特性,使得高版本密钥与低版本密钥之间的计算不可逆,比如可以由安全密钥key-1与版本因子0x00计算得到安全密钥key-0,但是不能够通过安全密钥key-0与版本因子0x00反推出安全密钥key-1。As shown in Figure 2, the above-mentioned root key can be used as the highest version of the security key, and based on the root key, other lower versions of the security key can be generated in turn, such as 256 versions with version numbers ranging from 0 to 255. Security key. For example, by hashing the root key and the version factor 0xFF (the decimal value is 255, that is, the version number of the key that needs to be generated; of course, other values can also be used) to obtain the security of the version number 255 Key key-255; by hashing the security key key-255 and the version factor 0xFE, the security key key-254 with the version number of 254 is obtained; ...by combining the security key key-1 with the version factor 0x00 Perform a hash calculation to obtain the security key key-0 with a version number of 0. Due to the characteristics of the hash algorithm, the calculation between the high version key and the low version key is irreversible. For example, the security key key-0 can be calculated from the security key key-1 and the version factor 0x00, but it cannot pass the security The key key-0 and version factor 0x00 deduces the security key key-1.
区块链网络中的所有区块链节点均采用同一版本的安全密钥,即可确保所有区块链节点之间维持相同的世界状态。各个区块链节点可以预先生成所有版本的安全密钥,然后在需要对安全密钥进行版本更新时,选取相应版本的安全密钥,或者可以在需要对安全密钥进行版本更新时才临时生成相应版本的安全密钥,本说明书并不对此进行限制。各个区块链节点之间可以协商实现对安全密钥的版本更新;或者,可以在区块链网络的链代码中添加对于安全密钥的更新逻辑,比如该更新逻辑可以用于确定在哪一时刻将安全密钥更新为哪一版本,使得区块链节点可以基于该更新逻辑实现对安全密钥的自动更新。All blockchain nodes in the blockchain network use the same version of the security key to ensure that all blockchain nodes maintain the same world state. Each blockchain node can generate all versions of the security key in advance, and then select the corresponding version of the security key when it needs to update the version of the security key, or it can temporarily generate it when the version of the security key needs to be updated The security key of the corresponding version is not restricted in this manual. Each blockchain node can negotiate to implement the version update of the security key; or, the update logic for the security key can be added to the chain code of the blockchain network, for example, the update logic can be used to determine where Which version of the security key is updated at any time, so that the blockchain node can automatically update the security key based on the update logic.
如上文所述,由于高版本的密钥可以计算得出低版本的安全密钥,而低版本的安全密钥无法反推高版本的安全密钥,因此各个区块链节点可以从低版本的安全密钥开始使用,并且只允许从低版本的安全密钥向高版本的安全密钥进行更新,这样一方面在低版本的安全密钥丢失后,由于高版本的安全密钥无法由低版本的安全密钥反推,那么只需要对密钥进行版本升级,即可及时止损,另一方面由高版本的安全密钥可以随时计算出低版本的安全密钥,因而可以对先前采用低版本的安全密钥的加密数据实现兼容。As mentioned above, because the high version of the key can be calculated to obtain the low version of the security key, and the low version of the security key cannot reverse the high version of the security key, so each blockchain node can start from the low version of the security key. The security key is used, and only the security key of the lower version is allowed to be updated to the security key of the higher version. On the one hand, when the security key of the lower version is lost, the security key of the higher version cannot be changed from the lower version. If the security key is reversed, you only need to upgrade the version of the key to stop the loss in time. On the other hand, the security key of the higher version can be calculated at any time from the security key of the lower version. The encrypted data of the version of the security key is compatible.
而为了表明每一账户在加密时采用的密钥,区块链节点可以将加密后的每一账户与相应密钥的生成方式描述信息进行关联存储。以目标账户为例,密钥的生成方式描述信息可以包括:安全密钥的版本信息和与目标账户相关的影响因子的取值。例如图3所示,区块链节点可以在Info字段中写入安全密钥的版本信息、在Nounce字段中写入影响因子的取值、在Cipher字段中写入加密后的隐私信息(如Balance字段的取值),而Tag字段用于验证Cipher字段的完整性。In order to indicate the key used in encryption for each account, the blockchain node can associate each encrypted account with the description of the generation method of the corresponding key. Taking the target account as an example, the key generation method description information may include: the version information of the security key and the value of the impact factor related to the target account. For example, as shown in Figure 3, the blockchain node can write the version information of the security key in the Info field, the value of the impact factor in the Nounce field, and the encrypted private information (such as Balance) in the Cipher field. The value of the field), and the Tag field is used to verify the integrity of the Cipher field.
Info字段的长度可以为4Bytes,其中2Bytes用于写入密钥版本号,剩余的2Bytes为保留字节。Nounce字段的长度可以为12Bytes,其中4Bytes用于写入历史区块高度、4Bytes用于写入交易在区块中的位置偏移量、4Bytes用于写入其他信息。Cipher字段的长度可以为8Bytes。Tag字段的长度可以为16Bytes。当然,还可以采用其他的字段长度、字段组合方式等,本说明书并不对此进行限制。其中,区块链节点还可以对密钥的生成方式描述信息进行加密,例如可以采用上述版本最低的key-0进行加密,以提升安全性。The length of the Info field can be 4Bytes, of which 2Bytes is used to write the key version number, and the remaining 2Bytes are reserved bytes. The length of the Nounce field can be 12Bytes, of which 4Bytes is used to write the height of the historical block, 4Bytes is used to write the position offset of the transaction in the block, and 4Bytes is used to write other information. The length of the Cipher field can be 8Bytes. The length of the Tag field can be 16Bytes. Of course, other field lengths, field combinations, etc. can also be used, which are not limited in this specification. Among them, the blockchain node can also encrypt the description information of the key generation method, for example, the above-mentioned lowest version key-0 can be used for encryption to improve security.
因此,当区块链节点对目标账户中隐私字段所含的隐私信息进行加密存储时,可以按照key-value对的形式进行存储,其中value可以采用如图3所示的结构。相应地,当区块链节点需要获取目标账户中隐私字段所含的隐私信息时,采用的处理操作包括:按 照key索引到value,该value的结构如图3所示;采用密钥key-0对Info和Nounce字段进行解密,确定出密钥版本号、历史区块高度、偏移量等信息,基于安全密钥生成相应的密钥,并通过该密钥对Cipher字段的内容进行解密,还可以通过Tag字段来验证数据完整性(如果Tag是基于明文生成,则对解密后的数据进行验证;如果Tag是基于密文生成,则对解密前的数据进行验证),从而得到明文形式的隐私信息。Therefore, when the blockchain node encrypts and stores the private information contained in the private field in the target account, it can be stored in the form of key-value pairs, where the value can adopt the structure shown in Figure 3. Correspondingly, when the blockchain node needs to obtain the private information contained in the private field in the target account, the processing operations adopted include: indexing to the value according to the key, and the structure of the value is shown in Figure 3; using the key key-0 Decrypt the Info and Nounce fields, determine the key version number, historical block height, offset and other information, generate the corresponding key based on the security key, and use the key to decrypt the content of the Cipher field. The data integrity can be verified through the Tag field (if the Tag is generated based on plain text, the decrypted data is verified; if the tag is generated based on cipher text, the data before decryption is verified), so as to obtain privacy in the form of plain text information.
区块链节点在确定查询方对目标账户具有查询权限后,可以获取已存储的密文形式的隐私信息,在TEE中对该密文形式的隐私信息进行解密,以得到相应明文形式的隐私信息。然后,区块链节点可以将该明文形式的隐私信息提供至查询方。After the blockchain node determines that the querying party has the query authority for the target account, it can obtain the stored private information in the form of ciphertext, and decrypt the private information in the form of ciphertext in the TEE to obtain the corresponding private information in the form of plaintext . Then, the blockchain node can provide the private information in plaintext to the querying party.
为了避免在数据传输过程中造成明文形式的隐私信息发生泄漏,区块链节点可以对明文形式的隐私信息进行加密后传输至查询方,并确保只有查询方才能够重新解密得到明文形式的隐私信息。例如,查询方可以维护一对称密钥,并且通过某种方式将该对称密钥共享给区块链节点,使得区块链节点可以在TEE中通过该对称密钥对明文形式的隐私信息进行加密然后发送至查询方,而查询方可以基于该对称密钥进行解密得到明文形式的隐私信息。再例如,查询方可以维护一查询方私钥,而区块链节点可以获知对应的查询方公钥,使得区块链节点可以在TEE中通过该查询方公钥对明文形式的隐私信息进行加密然后发送至查询方,而查询方可以基于查询方私钥进行解密得到明文形式的隐私信息。In order to avoid the leakage of plaintext private information during data transmission, blockchain nodes can encrypt the plaintext private information before transmitting it to the querying party, and ensure that only the querying party can decrypt the plaintext private information again. For example, the inquiring party can maintain a symmetric key, and share the symmetric key with the blockchain node in some way, so that the blockchain node can use the symmetric key to encrypt private information in plaintext in the TEE Then it is sent to the inquiring party, and the inquiring party can decrypt the private information in plaintext based on the symmetric key. For another example, the inquirer can maintain a private key of the inquirer, and the blockchain node can learn the corresponding public key of the inquirer, so that the blockchain node can use the inquirer's public key to encrypt private information in plaintext in the TEE Then it is sent to the inquiring party, and the inquiring party can decrypt the private information based on the private key of the inquiring party to obtain the private information in plain text.
上述查询方维护的对称密钥,可以由查询方与区块链节点之间协商得到。或者,查询方可以自行生成(如随机生成)该对称密钥,然后通过如下方式共享给区块链节点:The symmetric key maintained by the inquiring party can be negotiated between the inquiring party and the blockchain node. Alternatively, the inquiring party can generate (such as randomly generated) the symmetric key, and then share it with the blockchain node in the following way:
查询方希望对目标账户中隐私字段的隐私信息进行查询时,可以生成相应的明文交易内容,通过上述的对称密钥对该明文交易内容进行加密、得到相应的密文交易内容。同时,区块链节点存在一节点公私钥对,由区块链节点将节点私钥维护于TEE内、而节点公钥被公开,譬如查询方可以获知该节点公钥,其中节点私钥可以在区块链节点通过远程证明后,由KMS服务器分发至区块链节点。那么查询方可以通过节点公钥对上述的对称密钥进行加密,得到加密后密钥,而如前所述的查询方提交至区块链节点的交易同时包含密文交易内容和加密后密钥。When the querying party wants to query the private information in the private field in the target account, it can generate the corresponding plaintext transaction content, encrypt the plaintext transaction content with the above-mentioned symmetric key, and obtain the corresponding ciphertext transaction content. At the same time, there is a node public and private key pair on the blockchain node. The node private key is maintained in the TEE by the blockchain node, and the node public key is disclosed. For example, the query party can learn the node public key, and the node private key can be in After the blockchain node passes the remote certification, it is distributed to the blockchain node by the KMS server. Then the query party can encrypt the above symmetric key with the node public key to obtain the encrypted key, and the transaction submitted by the query party to the blockchain node as mentioned above contains both the ciphertext transaction content and the encrypted key .
因此,当区块链节点收到查询方提交的交易后,可以将该交易读入TEE中,并在TEE中通过节点私钥对该交易所含的加密后密钥进行解密、得到上述的对称密钥,然后在TEE中通过该对称密钥对交易所含的密文交易内容进行解密、得到上述的明文交易内容,进而可以执行该明文交易内容,以实现基于本说明书的查询方案。Therefore, when the blockchain node receives the transaction submitted by the querying party, it can read the transaction into the TEE, and use the node private key to decrypt the encrypted key contained in the transaction in the TEE to obtain the above-mentioned symmetric Then use the symmetric key to decrypt the ciphertext transaction content contained in the exchange in the TEE to obtain the above-mentioned plaintext transaction content, and then execute the plaintext transaction content to realize the query scheme based on this specification.
可见,基于上述方式可使区块链节点获得由查询方所维护的对称密钥,该对称密钥在传输过程中处于加密状态且用于加密的节点私钥被维护于区块链节点的TEE中,具有极高的安全性;同时,区块链节点在TEE中解密得到该对称密钥,即该对称密钥在区块链节点处时,仅在TEE中以明文形式存在,可以避免发生泄漏。It can be seen that based on the above method, the blockchain node can obtain the symmetric key maintained by the inquiring party. The symmetric key is in an encrypted state during transmission and the node private key used for encryption is maintained in the TEE of the blockchain node. At the same time, the blockchain node decrypts the symmetric key in the TEE, that is, when the symmetric key is at the blockchain node, it only exists in plain text in the TEE, which can avoid the occurrence of leakage.
需要指出的是:本说明书的查询方案可以应用于仅支持简单处理逻辑的区块链网络,譬如比特币区块链等;同时,本说明书的查询方案同样可以应用于支持复杂处理逻辑的区块链网络,与该区块链网络实现的基于智能合约的复杂处理逻辑并不冲突,可以实现兼容。It should be pointed out that the query scheme in this manual can be applied to blockchain networks that only support simple processing logic, such as Bitcoin blockchain, etc.; at the same time, the query scheme in this manual can also be applied to blocks that support complex processing logic. The chain network does not conflict with the complex processing logic based on smart contracts implemented by the blockchain network, and can be compatible.
图4是一示例性实施例提供的一种设备的示意结构图,该设备可以被配置为本说明书的区块链节点。请参考图4,在硬件层面,该设备包括处理器402、内部总线404、网络接口406、内存408以及非易失性存储器410,当然还可能包括其他业务所需要的硬件。处理器402从非易失性存储器410中读取对应的计算机程序到内存408中然后运行,在逻辑层面上形成区块链中账户隐私信息的查询装置。当然,除了软件实现方式之外,本说明书一个或多个实施例并不排除其他实现方式,比如逻辑器件抑或软硬件结合的方式等等,也就是说以下处理流程的执行主体并不限定于各个逻辑单元,也可以是硬件或逻辑器件。Fig. 4 is a schematic structural diagram of a device provided by an exemplary embodiment. The device can be configured as a blockchain node in this specification. 4, at the hardware level, the device includes a processor 402, an internal bus 404, a network interface 406, a memory 408, and a non-volatile memory 410. Of course, it may also include hardware required for other services. The processor 402 reads the corresponding computer program from the non-volatile memory 410 to the memory 408 and then runs it to form a query device for account privacy information in the blockchain on a logical level. Of course, in addition to software implementation, one or more embodiments of this specification do not exclude other implementations, such as logic devices or a combination of software and hardware, and so on. That is to say, the execution subject of the following processing flow is not limited to each The logic unit can also be a hardware or a logic device.
请参考图5,在软件实施方式中,该区块链中账户隐私信息的查询装置可以包括以下单元。Referring to FIG. 5, in the software implementation, the device for querying account privacy information in the blockchain may include the following units.
接收单元51,使区块链节点接收查询方发起的交易,所述交易用于获取目标账户中隐私字段所含的隐私信息,所述隐私信息被加密存储于所述区块链节点处;判断单元52,使所述区块链节点根据所述目标账户中权限字段所记录的权限管理信息,判断所述查询方是否具有查询权限;信息解密单元53,使所述区块链节点在判断结果为具有查询权限的情况下,将密文形式的所述隐私信息读入可信执行环境中进行解密,以将得到的明文形式的所述隐私信息提供至所述查询方。The receiving unit 51 enables the blockchain node to receive the transaction initiated by the inquiring party, the transaction is used to obtain the private information contained in the private field in the target account, and the private information is encrypted and stored at the blockchain node; judge Unit 52 enables the blockchain node to determine whether the inquiring party has the inquiry authority according to the authority management information recorded in the authority field in the target account; the information decryption unit 53 makes the blockchain node to determine whether the result In the case of having the query authority, the private information in the form of cipher text is read into a trusted execution environment for decryption, so as to provide the obtained private information in the form of plain text to the inquiring party.
可选的,所述判断单元52具体用于:使所述区块链节点读取所述权限管理信息中包含的权限拥有者的公钥;使所述区块链节点通过所述权限拥有者的公钥对所述交易所含的交易签名进行验证,所述交易签名由所述查询方的私钥生成;使所述区块链节点在验证通过的情况下,判定所述查询方具有查询权限;否则,判定所述查询方不具有查询权限。Optionally, the judging unit 52 is specifically configured to: enable the blockchain node to read the public key of the authority owner contained in the authority management information; and enable the blockchain node to pass the authority owner's public key The public key of the exchange verifies the transaction signature contained in the transaction, and the transaction signature is generated by the private key of the querying party; if the blockchain node passes the verification, it is determined that the querying party has the query Authority; otherwise, it is determined that the inquiring party does not have inquiry authority.
可选的,所述权限拥有者包括所述目标账户的所有者;或者,所述权限拥有者包括所述目标账户的所有者和至少一个其他用户。Optionally, the authority owner includes the owner of the target account; or, the authority owner includes the owner of the target account and at least one other user.
可选的,所述判断单元52具体用于:使所述区块链节点确定所述权限字段所记录的对应于所述查询方的特定权限管理信息;使所述区块链节点在所述特定权限管理信息中包含查询权限的情况下,判定所述查询方具有查询权限;否则,判定所述查询方不具有查询权限。Optionally, the judging unit 52 is specifically configured to: enable the blockchain node to determine the specific permission management information corresponding to the inquiring party recorded in the permission field; and enable the blockchain node to be in the In the case that the specific authority management information contains the query authority, it is determined that the query party has the query authority; otherwise, it is determined that the query party does not have the query authority.
可选的,所述目标账户的状态字段包含状态指示信息,所述状态指示信息用于表明所述隐私信息被明文存储或加密存储于所述区块链节点处。Optionally, the status field of the target account includes status indication information, and the status indication information is used to indicate that the private information is stored in plaintext or encrypted and stored at the blockchain node.
可选的,还包括:识别单元54,使所述区块链节点识别所述交易的类型;执行单元55,当所述交易属于预定义的查询类型时,使所述区块链节点在免共识的情况下执行所述交易。Optionally, it further includes: an identification unit 54 to enable the blockchain node to identify the type of the transaction; an execution unit 55 to enable the blockchain node to be free when the transaction belongs to a predefined query type The transaction is executed in the case of consensus.
可选的,所述交易包括密文交易内容和加密后密钥,所述密文交易内容由所述查询方维护的对称密钥对明文交易内容进行加密得到,所述加密后密钥由节点公钥对所述对称密钥进行加密得到,所述节点公钥对应于所述区块链节点维护于所述可信执行环境中的节点私钥;所述装置还包括:密钥解密单元56,使所述区块链节点将所述交易读入所述可信执行环境中,并通过所述节点私钥解密所述加密后密钥、得到所述对称密钥;内容解密单元57,使所述区块链节点在所述可信执行环境中通过所述对称密钥解密所述密文交易内容,得到所述明文交易内容;加密单元58,使所述区块链节点在所述可信执行环境中采用所述对称密钥对明文形式的所述隐私信息进行加密,以将得到的加密后信息提供至所述查询方。Optionally, the transaction includes ciphertext transaction content and an encrypted key, the ciphertext transaction content is obtained by encrypting the plaintext transaction content with a symmetric key maintained by the querying party, and the encrypted key is obtained by the node The public key is obtained by encrypting the symmetric key, and the node public key corresponds to the node private key maintained by the blockchain node in the trusted execution environment; the device further includes: a key decryption unit 56 , Enable the blockchain node to read the transaction into the trusted execution environment, and decrypt the encrypted key through the node's private key to obtain the symmetric key; the content decryption unit 57 makes The blockchain node decrypts the ciphertext transaction content through the symmetric key in the trusted execution environment to obtain the plaintext transaction content; the encryption unit 58 makes the blockchain node available in the In the letter execution environment, the symmetric key is used to encrypt the private information in plain text, so as to provide the obtained encrypted information to the querying party.
可选的,所述隐私信息被所述区块链节点在所述可信执行环境中采用密钥加密后存储,所述密钥被基于维护在所述可信执行环境中的安全密钥而生成。Optionally, the private information is stored after being encrypted by the blockchain node in the trusted execution environment using a key, and the key is based on a security key maintained in the trusted execution environment. generate.
可选的,所述密钥被基于所述安全密钥和至少一个与所述目标账户相关的影响因子而生成。Optionally, the key is generated based on the security key and at least one influence factor related to the target account.
可选的,与所述目标账户相关的影响因子包括以下至少之一:所述目标账户对应的账户创建交易所处区块的区块高度、所述账户创建交易在所处区块中的位置偏移量、所述目标账户在所有账户中的创建顺序号、所述目标账户的账户地址。Optionally, the impact factor related to the target account includes at least one of the following: the block height of the block where the account creation transaction corresponding to the target account is located, and the position of the account creation transaction in the block where the account creation transaction is located. The offset, the creation sequence number of the target account in all accounts, and the account address of the target account.
可选的,所述安全密钥存在版本更新,且低版本的安全密钥由高版本的安全密钥不可逆地计算得到。Optionally, the security key has a version update, and the security key of the lower version is irreversibly calculated from the security key of the higher version.
上述实施例阐明的系统、装置、模块或单元,具体可以由计算机芯片或实体实现,或者由具有某种功能的产品来实现。一种典型的实现设备为计算机,计算机的具体形式可以是个人计算机、膝上型计算机、蜂窝电话、相机电话、智能电话、个人数字助理、媒体播放器、导航设备、电子邮件收发设备、游戏控制台、平板计算机、可穿戴设备或者这些设备中的任意几种设备的组合。The systems, devices, modules, or units illustrated in the above embodiments may be specifically implemented by computer chips or entities, or implemented by products with certain functions. A typical implementation device is a computer. The specific form of the computer can be a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email receiving and sending device, and a game control A console, a tablet computer, a wearable device, or a combination of any of these devices.
在一个典型的配置中,计算机包括一个或多个处理器(CPU)、输入/输出接口、网络接口和内存。In a typical configuration, the computer includes one or more processors (CPU), input/output interfaces, network interfaces, and memory.
内存可能包括计算机可读介质中的非永久性存储器,随机存取存储器(RAM)和/或非易失性内存等形式,如只读存储器(ROM)或闪存(flash RAM)。内存是计算机可读介质的示例。The memory may include non-permanent memory in computer readable media, random access memory (RAM) and/or non-volatile memory, such as read-only memory (ROM) or flash memory (flash RAM). Memory is an example of computer readable media.
计算机可读介质包括永久性和非永久性、可移动和非可移动媒体可以由任何方法或技术来实现信息存储。信息可以是计算机可读指令、数据结构、程序的模块或其他数据。计算机的存储介质的例子包括,但不限于相变内存(PRAM)、静态随机存取存储器(SRAM)、动态随机存取存储器(DRAM)、其他类型的随机存取存储器(RAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、快闪记忆体或其他内存技术、只读光盘只读存储器(CD-ROM)、数字多功能光盘(DVD)或其他光学存储、磁盒式磁带、磁盘存储、量子存储器、基于石墨烯的存储介质或其他磁性存储设备或任何其他非传输介质,可用于存储可以被计算设备访问的信息。按照本文中的界定,计算机可读介质不包括暂存电脑可读媒体(transitory media),如调制的数据信号和载波。Computer-readable media include permanent and non-permanent, removable and non-removable media, and information storage can be realized by any method or technology. The information can be computer-readable instructions, data structures, program modules, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technology, CD-ROM, digital versatile disc (DVD) or other optical storage, Magnetic cassettes, disk storage, quantum memory, graphene-based storage media or other magnetic storage devices, or any other non-transmission media, can be used to store information that can be accessed by computing devices. According to the definition in this article, computer-readable media does not include transitory media, such as modulated data signals and carrier waves.
还需要说明的是,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、商品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、商品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、商品或者设备中还存在另外的相同要素。It should also be noted that the terms "include", "include" or any other variants thereof are intended to cover non-exclusive inclusion, so that a process, method, commodity or equipment including a series of elements not only includes those elements, but also includes Other elements that are not explicitly listed, or also include elements inherent to such processes, methods, commodities, or equipment. If there are no more restrictions, the element defined by the sentence "including a..." does not exclude the existence of other identical elements in the process, method, commodity, or equipment that includes the element.
上述对本说明书特定实施例进行了描述。其它实施例在所附权利要求书的范围内。在一些情况下,在权利要求书中记载的动作或步骤可以按照不同于实施例中的顺序来执行并且仍然可以实现期望的结果。另外,在附图中描绘的过程不一定要求示出的特定顺序或者连续顺序才能实现期望的结果。在某些实施方式中,多任务处理和并行处理也是可以的或者可能是有利的。The foregoing describes specific embodiments of this specification. Other embodiments are within the scope of the appended claims. In some cases, the actions or steps described in the claims can be performed in a different order than in the embodiments and still achieve desired results. In addition, the processes depicted in the drawings do not necessarily require the specific order or sequential order shown in order to achieve the desired results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
在本说明书一个或多个实施例使用的术语是仅仅出于描述特定实施例的目的,而非旨在限制本说明书一个或多个实施例。在本说明书一个或多个实施例和所附权利要求书中所使用的单数形式的“一种”、“所述”和“该”也旨在包括多数形式,除非上下文清楚地表示其他含义。还应当理解,本文中使用的术语“和/或”是指并包含一个或多个相关联的列出项目的任何或所有可能组合。The terms used in one or more embodiments of this specification are only for the purpose of describing specific embodiments, and are not intended to limit one or more embodiments of this specification. The singular forms "a", "said" and "the" used in one or more embodiments of this specification and the appended claims are also intended to include plural forms, unless the context clearly indicates other meanings. It should also be understood that the term "and/or" as used herein refers to and includes any or all possible combinations of one or more associated listed items.
应当理解,尽管在本说明书一个或多个实施例可能采用术语第一、第二、第三等来描述各种信息,但这些信息不应限于这些术语。这些术语仅用来将同一类型的信息彼此区分开。例如,在不脱离本说明书一个或多个实施例范围的情况下,第一信息也可以被称为第二信息,类似地,第二信息也可以被称为第一信息。取决于语境,如在此所使用的词语“如果”可以被解释成为“在……时”或“当……时”或“响应于确定”。It should be understood that although the terms first, second, third, etc. may be used to describe various information in one or more embodiments of this specification, the information should not be limited to these terms. These terms are only used to distinguish the same type of information from each other. For example, without departing from the scope of one or more embodiments of this specification, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information. Depending on the context, the word "if" as used herein can be interpreted as "when" or "when" or "in response to determination".
以上所述仅为本说明书一个或多个实施例的较佳实施例而已,并不用以限制本说明书一个或多个实施例,凡在本说明书一个或多个实施例的精神和原则之内,所做的任何修改、等同替换、改进等,均应包含在本说明书一个或多个实施例保护的范围之内。The above descriptions are only preferred embodiments of one or more embodiments of this specification, and are not intended to limit one or more embodiments of this specification. All within the spirit and principle of one or more embodiments of this specification, Any modification, equivalent replacement, improvement, etc. made should be included in the protection scope of one or more embodiments of this specification.

Claims (14)

  1. 一种区块链中账户隐私信息的查询方法,包括:A query method for account privacy information in the blockchain includes:
    区块链节点接收查询方发起的交易,所述交易用于获取目标账户中隐私字段所含的隐私信息,所述隐私信息被加密存储于所述区块链节点处;The blockchain node receives the transaction initiated by the inquiring party, the transaction is used to obtain the private information contained in the private field in the target account, and the private information is encrypted and stored at the blockchain node;
    所述区块链节点根据所述目标账户中权限字段所记录的权限管理信息,判断所述查询方是否具有查询权限;The blockchain node determines whether the query party has query authority according to the authority management information recorded in the authority field in the target account;
    所述区块链节点在判断结果为具有查询权限的情况下,将密文形式的所述隐私信息读入可信执行环境中进行解密,以将得到的明文形式的所述隐私信息提供至所述查询方。When the result of the judgment is that the blockchain node has query authority, the private information in the form of ciphertext is read into the trusted execution environment for decryption, so as to provide the obtained private information in the form of plaintext to all parties. The query party.
  2. 根据权利要求1所述的方法,所述区块链节点根据所述目标账户中权限字段所记录的权限管理信息,判断所述查询方是否具有查询权限,包括:The method according to claim 1, wherein the blockchain node determines whether the inquiring party has the inquiry authority according to the authority management information recorded in the authority field in the target account, comprising:
    所述区块链节点读取所述权限管理信息中包含的权限拥有者的公钥;The blockchain node reads the public key of the authority owner included in the authority management information;
    所述区块链节点通过所述权限拥有者的公钥对所述交易所含的交易签名进行验证,所述交易签名由所述查询方的私钥生成;The blockchain node verifies the transaction signature contained in the exchange through the public key of the authority owner, and the transaction signature is generated by the private key of the querying party;
    所述区块链节点在验证通过的情况下,判定所述查询方具有查询权限;否则,判定所述查询方不具有查询权限。If the blockchain node passes the verification, it is determined that the inquiring party has the inquiry authority; otherwise, it is determined that the inquiring party does not have the inquiry authority.
  3. 根据权利要求2所述的方法,所述权限拥有者包括所述目标账户的所有者;或者,所述权限拥有者包括所述目标账户的所有者和至少一个其他用户。According to the method of claim 2, the authority owner includes the owner of the target account; or, the authority owner includes the owner of the target account and at least one other user.
  4. 根据权利要求1所述的方法,所述区块链节点根据所述目标账户中权限字段所记录的权限管理信息,判断所述查询方是否具有查询权限,包括:The method according to claim 1, wherein the blockchain node determines whether the inquiring party has the inquiry authority according to the authority management information recorded in the authority field in the target account, comprising:
    所述区块链节点确定所述权限字段所记录的对应于所述查询方的特定权限管理信息;Determining, by the blockchain node, specific authority management information corresponding to the querying party recorded in the authority field;
    所述区块链节点在所述特定权限管理信息中包含查询权限的情况下,判定所述查询方具有查询权限;否则,判定所述查询方不具有查询权限。The blockchain node determines that the inquiring party has the inquiry authority in the case that the specific authority management information includes the inquiry authority; otherwise, it is determined that the inquiry party does not have the inquiry authority.
  5. 根据权利要求1所述的方法,所述目标账户的状态字段包含状态指示信息,所述状态指示信息用于表明所述隐私信息被明文存储或加密存储于所述区块链节点处。The method according to claim 1, wherein the status field of the target account contains status indication information, and the status indication information is used to indicate that the private information is stored in plaintext or encrypted and stored at the blockchain node.
  6. 根据权利要求1所述的方法,还包括:The method according to claim 1, further comprising:
    所述区块链节点识别所述交易的类型;The blockchain node identifies the type of the transaction;
    当所述交易属于预定义的查询类型时,所述区块链节点在免共识的情况下执行所述交易。When the transaction belongs to a predefined query type, the blockchain node executes the transaction without consensus.
  7. 根据权利要求1所述的方法,所述交易包括密文交易内容和加密后密钥,所述密文交易内容由所述查询方维护的对称密钥对明文交易内容进行加密得到,所述加密后 密钥由节点公钥对所述对称密钥进行加密得到,所述节点公钥对应于所述区块链节点维护于所述可信执行环境中的节点私钥;所述方法还包括:The method according to claim 1, wherein the transaction includes a ciphertext transaction content and an encrypted key, the ciphertext transaction content is obtained by encrypting the plaintext transaction content with a symmetric key maintained by the querying party, and the encryption The latter key is obtained by encrypting the symmetric key with the public key of the node, and the public key of the node corresponds to the private key of the node maintained in the trusted execution environment by the blockchain node; the method further includes:
    所述区块链节点将所述交易读入所述可信执行环境中,并通过所述节点私钥解密所述加密后密钥、得到所述对称密钥;The blockchain node reads the transaction into the trusted execution environment, and decrypts the encrypted key through the node's private key to obtain the symmetric key;
    所述区块链节点在所述可信执行环境中通过所述对称密钥解密所述密文交易内容,得到所述明文交易内容;The blockchain node decrypts the ciphertext transaction content through the symmetric key in the trusted execution environment to obtain the plaintext transaction content;
    所述区块链节点在所述可信执行环境中采用所述对称密钥对明文形式的所述隐私信息进行加密,以将得到的加密后信息提供至所述查询方。The blockchain node uses the symmetric key to encrypt the private information in plain text in the trusted execution environment, so as to provide the obtained encrypted information to the querying party.
  8. 根据权利要求1所述的方法,所述隐私信息被所述区块链节点在所述可信执行环境中采用密钥加密后存储,所述密钥被基于维护在所述可信执行环境中的安全密钥而生成。The method according to claim 1, wherein the private information is stored after being encrypted by the blockchain node in the trusted execution environment using a key, and the key is maintained in the trusted execution environment based on The security key is generated.
  9. 根据权利要求8所述的方法,所述密钥被基于所述安全密钥和至少一个与所述目标账户相关的影响因子而生成。According to the method of claim 8, the key is generated based on the security key and at least one influence factor related to the target account.
  10. 根据权利要求9所述的方法,与所述目标账户相关的影响因子包括以下至少之一:The method according to claim 9, wherein the impact factor related to the target account includes at least one of the following:
    所述目标账户对应的账户创建交易所处区块的区块高度、所述账户创建交易在所处区块中的位置偏移量、所述目标账户在所有账户中的创建顺序号、所述目标账户的账户地址。The block height of the block of the account creation exchange corresponding to the target account, the position offset of the account creation transaction in the block where the account creation transaction is located, the creation sequence number of the target account in all accounts, the The account address of the target account.
  11. 根据权利要求8所述的方法,所述安全密钥存在版本更新,且低版本的安全密钥由高版本的安全密钥不可逆地计算得到。According to the method of claim 8, the security key has a version update, and the security key of the lower version is irreversibly calculated from the security key of the higher version.
  12. 一种区块链中账户隐私信息的查询装置,包括:A query device for account privacy information in the blockchain includes:
    接收单元,使区块链节点接收查询方发起的交易,所述交易用于获取目标账户中隐私字段所含的隐私信息,所述隐私信息被加密存储于所述区块链节点处;The receiving unit enables the blockchain node to receive the transaction initiated by the querying party, the transaction is used to obtain the private information contained in the private field in the target account, and the private information is encrypted and stored at the blockchain node;
    判断单元,使所述区块链节点根据所述目标账户中权限字段所记录的权限管理信息,判断所述查询方是否具有查询权限;A judging unit, enabling the blockchain node to judge whether the inquiring party has inquiry authority according to the authority management information recorded in the authority field in the target account;
    解密单元,使所述区块链节点在判断结果为具有查询权限的情况下,将密文形式的所述隐私信息读入可信执行环境中进行解密,以将得到的明文形式的所述隐私信息提供至所述查询方。The decryption unit enables the blockchain node to read the private information in ciphertext form into a trusted execution environment for decryption when the judgment result is that it has query authority, so as to obtain the privacy information in plaintext form. Information is provided to the inquiring party.
  13. 一种电子设备,包括:An electronic device including:
    处理器;processor;
    用于存储处理器可执行指令的存储器;A memory for storing processor executable instructions;
    其中,所述处理器通过运行所述可执行指令以实现如权利要求1-11中任一项所述的方法。Wherein, the processor implements the method according to any one of claims 1-11 by running the executable instruction.
  14. 一种计算机可读存储介质,其上存储有计算机指令,该指令被处理器执行时实现如权利要求1-11中任一项所述方法的步骤。A computer-readable storage medium having computer instructions stored thereon, which, when executed by a processor, implements the steps of the method according to any one of claims 1-11.
PCT/CN2020/139745 2020-03-09 2020-12-26 Method and apparatus for querying account privacy information in blockchain WO2021179743A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010157174.4 2020-03-09
CN202010157174.4A CN111008228A (en) 2020-03-09 2020-03-09 Method and device for inquiring account privacy information in block chain

Publications (1)

Publication Number Publication Date
WO2021179743A1 true WO2021179743A1 (en) 2021-09-16

Family

ID=70121003

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/139745 WO2021179743A1 (en) 2020-03-09 2020-12-26 Method and apparatus for querying account privacy information in blockchain

Country Status (2)

Country Link
CN (1) CN111008228A (en)
WO (1) WO2021179743A1 (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113779637A (en) * 2021-11-10 2021-12-10 腾讯科技(深圳)有限公司 Attribute data processing method, attribute data processing device, attribute data processing equipment and attribute data processing medium
CN113849797A (en) * 2021-09-29 2021-12-28 深圳市电子商务安全证书管理有限公司 Method, device, equipment and storage medium for repairing data security vulnerability
CN114003938A (en) * 2021-11-11 2022-02-01 蓝象智联(杭州)科技有限公司 Secure hidden data query method based on multi-head alliance
CN114826695A (en) * 2022-04-07 2022-07-29 广州腾粤信息科技有限公司 Privacy protection system of transaction data based on block chain
CN115208630A (en) * 2022-06-15 2022-10-18 网易(杭州)网络有限公司 Block chain based data acquisition method and system and block chain system
CN115314502A (en) * 2022-07-12 2022-11-08 地心引力(武汉)科技有限公司 Data tracing and encrypting method and system based on block chain technology
CN115758396A (en) * 2022-08-31 2023-03-07 兰州大学 Database security access control technology based on trusted execution environment
CN115965388A (en) * 2022-12-30 2023-04-14 国网数字科技控股有限公司 Industrial chain financial confidential traceability method and device based on block chain and related equipment
CN117521149A (en) * 2024-01-03 2024-02-06 中电信量子科技有限公司 File system stream encryption and decryption method and system based on quantum cryptography equipment
CN117709947A (en) * 2024-02-05 2024-03-15 广东通莞科技股份有限公司 POS machine settlement authority management method based on blockchain

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111008228A (en) * 2020-03-09 2020-04-14 支付宝(杭州)信息技术有限公司 Method and device for inquiring account privacy information in block chain
CN111552982B (en) * 2020-04-27 2023-03-10 支付宝(杭州)信息技术有限公司 Account association relation identification method and device for protecting privacy
CN111526167A (en) * 2020-07-06 2020-08-11 南京可信区块链与算法经济研究院有限公司 Data transmission method and device applied to block chain
CN111914230B (en) * 2020-07-17 2023-06-23 中国联合网络通信集团有限公司 Identity verification method, system, terminal equipment and storage medium based on block chain
CN111737323B (en) * 2020-08-14 2021-03-16 支付宝(杭州)信息技术有限公司 Information query method and device based on block chain and electronic equipment
CN112019549B (en) * 2020-08-28 2022-07-19 长沙理工大学 Electric power transaction system based on block chain, transaction method and bill query method
CN112087439B (en) * 2020-09-02 2022-05-17 杭州趣链科技有限公司 Block chain transaction query method, system, computer device and storage medium
CN115033919A (en) * 2020-09-04 2022-09-09 支付宝(杭州)信息技术有限公司 Data acquisition method, device and equipment based on trusted equipment
CN114679258A (en) * 2020-12-24 2022-06-28 上海图灵加佳网络科技有限公司 Method for sharing risk client information among banks, storage medium and electronic equipment
CN113034136A (en) * 2021-03-10 2021-06-25 全球能源互联网研究院有限公司 Data management method and device based on block chain and electronic equipment
CN112861102B (en) * 2021-03-12 2024-02-06 杭州溪塔科技有限公司 Method and system for processing electronic file based on block chain
CN113658005A (en) * 2021-04-28 2021-11-16 支付宝(杭州)信息技术有限公司 Method for executing transaction in block chain and block chain system
CN113326250B (en) * 2021-05-28 2024-02-09 中国科学技术大学 Data processing method and system
CN113114476B (en) * 2021-06-15 2021-11-16 支付宝(杭州)信息技术有限公司 Privacy evidence storing method and device based on contract
CN113553615A (en) * 2021-07-07 2021-10-26 深圳前海新心数字科技有限公司 Matching query method of private data sharing system
CN113449293A (en) * 2021-07-14 2021-09-28 上海交通大学 Ciphertext search system and method based on trusted execution environment
CN114547704B (en) * 2022-04-28 2022-08-02 恒生电子股份有限公司 Data processing method and device based on distributed account book
CN114785527B (en) * 2022-06-17 2022-09-16 深圳市深圳通有限公司 Data transmission method, device, equipment and storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108616539A (en) * 2018-05-03 2018-10-02 东莞市翔实信息科技有限公司 A kind of method and system that block chain transaction record accesses
CN109831298A (en) * 2019-01-31 2019-05-31 阿里巴巴集团控股有限公司 The method of security update key and node, storage medium in block chain
CN110046521A (en) * 2019-04-24 2019-07-23 成都派沃特科技股份有限公司 Decentralization method for secret protection
CN110580418A (en) * 2019-11-08 2019-12-17 支付宝(杭州)信息技术有限公司 Private data query method and device based on block chain account
US20200026834A1 (en) * 2018-07-23 2020-01-23 One Kosmos Inc. Blockchain identity safe and authentication system
CN111008228A (en) * 2020-03-09 2020-04-14 支付宝(杭州)信息技术有限公司 Method and device for inquiring account privacy information in block chain

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10013573B2 (en) * 2015-12-16 2018-07-03 International Business Machines Corporation Personal ledger blockchain
CN108537549A (en) * 2018-04-18 2018-09-14 四川众之金科技有限公司 A kind of purview certification method and device
CN108712251A (en) * 2018-05-28 2018-10-26 江苏众享金联科技有限公司 It is a kind of difference trust domain under to block chain be written user privacy information method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108616539A (en) * 2018-05-03 2018-10-02 东莞市翔实信息科技有限公司 A kind of method and system that block chain transaction record accesses
US20200026834A1 (en) * 2018-07-23 2020-01-23 One Kosmos Inc. Blockchain identity safe and authentication system
CN109831298A (en) * 2019-01-31 2019-05-31 阿里巴巴集团控股有限公司 The method of security update key and node, storage medium in block chain
CN110046521A (en) * 2019-04-24 2019-07-23 成都派沃特科技股份有限公司 Decentralization method for secret protection
CN110580418A (en) * 2019-11-08 2019-12-17 支付宝(杭州)信息技术有限公司 Private data query method and device based on block chain account
CN111008228A (en) * 2020-03-09 2020-04-14 支付宝(杭州)信息技术有限公司 Method and device for inquiring account privacy information in block chain

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113849797A (en) * 2021-09-29 2021-12-28 深圳市电子商务安全证书管理有限公司 Method, device, equipment and storage medium for repairing data security vulnerability
CN113779637A (en) * 2021-11-10 2021-12-10 腾讯科技(深圳)有限公司 Attribute data processing method, attribute data processing device, attribute data processing equipment and attribute data processing medium
CN114003938A (en) * 2021-11-11 2022-02-01 蓝象智联(杭州)科技有限公司 Secure hidden data query method based on multi-head alliance
CN114003938B (en) * 2021-11-11 2022-05-31 蓝象智联(杭州)科技有限公司 Secure hidden data query method based on multi-head alliance
CN114826695A (en) * 2022-04-07 2022-07-29 广州腾粤信息科技有限公司 Privacy protection system of transaction data based on block chain
CN115208630B (en) * 2022-06-15 2024-04-09 网易(杭州)网络有限公司 Block chain-based data acquisition method and system and block chain system
CN115208630A (en) * 2022-06-15 2022-10-18 网易(杭州)网络有限公司 Block chain based data acquisition method and system and block chain system
CN115314502A (en) * 2022-07-12 2022-11-08 地心引力(武汉)科技有限公司 Data tracing and encrypting method and system based on block chain technology
CN115758396A (en) * 2022-08-31 2023-03-07 兰州大学 Database security access control technology based on trusted execution environment
CN115965388A (en) * 2022-12-30 2023-04-14 国网数字科技控股有限公司 Industrial chain financial confidential traceability method and device based on block chain and related equipment
CN115965388B (en) * 2022-12-30 2023-12-22 国网数字科技控股有限公司 Block chain-based industrial chain financial secret state tracing method, device and related equipment
CN117521149A (en) * 2024-01-03 2024-02-06 中电信量子科技有限公司 File system stream encryption and decryption method and system based on quantum cryptography equipment
CN117521149B (en) * 2024-01-03 2024-03-19 中电信量子科技有限公司 File system stream encryption and decryption method and system based on quantum cryptography equipment
CN117709947A (en) * 2024-02-05 2024-03-15 广东通莞科技股份有限公司 POS machine settlement authority management method based on blockchain
CN117709947B (en) * 2024-02-05 2024-04-19 广东通莞科技股份有限公司 POS machine settlement authority management method based on blockchain

Also Published As

Publication number Publication date
CN111008228A (en) 2020-04-14

Similar Documents

Publication Publication Date Title
WO2021179743A1 (en) Method and apparatus for querying account privacy information in blockchain
WO2021088547A1 (en) Blockchain-based account private data query method and apparatus
WO2021088548A1 (en) Smart contract based privacy data query method and apparatus
WO2021103794A1 (en) Method for realizing highly efficient privacy-preserving transaction in blockchain, and device
WO2021088536A1 (en) Off-chain authorization-based private data query method and apparatus
WO2021088546A1 (en) Blockchain account-based privacy data query method and device
WO2021082664A1 (en) Blockchain privacy data query method and apparatus
WO2020238255A1 (en) Smart contract management method and apparatus based on blockchain, and electronic device
WO2021184963A1 (en) Contract calling method and apparatus
WO2021088549A1 (en) Permission query configuration method and apparatus based on chain code
WO2020233623A1 (en) Receipt storage method and node combining transaction type and judgment condition
WO2020233631A1 (en) Transaction type-based receipt storage method and node
WO2020238959A1 (en) Method and device for realizing dynamic encryption based on block height
WO2021088533A1 (en) Method and device for sharing private data
WO2021088535A1 (en) Smart contract-based private data query method and device
WO2020233635A1 (en) Receipt storage method combining conditional restrictions of multiple types of dimensions and node
WO2020233625A1 (en) Receipt storage method combining user type and determination conditions and node
WO2020233626A1 (en) Receipt storage method and node in combination with conditional limitation of transaction and user types
WO2021088543A1 (en) Smart contract-based permission query configuration method and apparatus
WO2020233615A1 (en) Receipt storage method combining user type and event function type and node
WO2020233628A1 (en) Receipt storage method and node based on combination of event function type and judgment condition
WO2020233630A1 (en) User type-based receipt storing method and node
WO2020233619A1 (en) Receipt storage method and node in combination with user type and transaction type
WO2020233624A1 (en) Receipt storage method and node employing transaction type in combination with event function type
WO2020233632A1 (en) Receipt storage method and node based on event function type

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20924808

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20924808

Country of ref document: EP

Kind code of ref document: A1