CA3162736A1 - Data transmission method and device based on consortium blockchain - Google Patents
Data transmission method and device based on consortium blockchainInfo
- Publication number
- CA3162736A1 CA3162736A1 CA3162736A CA3162736A CA3162736A1 CA 3162736 A1 CA3162736 A1 CA 3162736A1 CA 3162736 A CA3162736 A CA 3162736A CA 3162736 A CA3162736 A CA 3162736A CA 3162736 A1 CA3162736 A1 CA 3162736A1
- Authority
- CA
- Canada
- Prior art keywords
- node
- blockchain
- cyphertext
- key
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 73
- 230000005540 biological transmission Effects 0.000 title claims description 49
- 230000008569 process Effects 0.000 description 13
- 238000013475 authorization Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 238000013500 data storage Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/302—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Disclosed are a consortium blockchain-based data transfer method and device. The method comprises: dividing data into a plurality of data blocks, correspondingly encrypting the data blocks using different symmetric keys to generate a plurality of data block cyphertexts, and numbering the data block cyphertexts and then uploading same to a blockchain; encrypting the symmetric keys using a public key of a first node to generate a first key ciphertext and then uploading the first key ciphertext to the blockchain; decrypting a numbered cyphertext from the blockchain using a private key of the first node to obtain a number of a data block ciphertext to be queried of a second node; and if the second node is allowed to perform querying, encrypting the corresponding symmetric key using a public key of the second node to generate a second key ciphertext, and sending the second key ciphertext to the second node by means of the blockchain, such that the second node uses its own private key to decrypt the second key ciphertext to obtain the corresponding symmetric key. The present invention ensures the security, controllability, and restorability of data, and improves the encryption/decryption efficiency.
Description
DATA TRANSMISSION METHOD AND DEVICE BASED ON CONSORTIUM
BLOCKCHAIN
BACKGROUND OF THE INVENTION
Technical Field [0001] The present invention relates to the field of blockchain technology, and more particularly to a data transmission method and device based on consortium blockchain.
Description of Related Art
BLOCKCHAIN
BACKGROUND OF THE INVENTION
Technical Field [0001] The present invention relates to the field of blockchain technology, and more particularly to a data transmission method and device based on consortium blockchain.
Description of Related Art
[0002] Blockchain is a novel application pattern that merges together such computer techniques as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithm, etc. In accordance with differences in the extents of centralization of the blockchain network, the following three types of blockchains are subdivided under different application scenarios:
[0003] 1. the blockchain, which is made public to the entire network without any user authorization mechanism, is referred to as a public chain;
[0004] 2. the blockchain that allows authorized nodes to access the network, in which information can be checked according to permission, and which is usually used between organizations, is referred to as consortium blockchain;
[0005] 3. the blockchain, all nodes in whose network are controlled by a single organization, is referred to as a private chain.
[0006] Currently speaking, consortium blockchain exhibits more practical significance and brighter commercial prospect. The consortium blockchain can better exert the functions of interconnection and intercommunication, and sharing of information of the internet.
However, with the gradual abundance of application scenarios for the consortium Date Recue/Date Received 2022-05-24 blockchain, higher and higher demands are being put on the safety and privacy of data transmission.
However, with the gradual abundance of application scenarios for the consortium Date Recue/Date Received 2022-05-24 blockchain, higher and higher demands are being put on the safety and privacy of data transmission.
[0007] At present, data transmission within the alliance channel mainly employs the technology of bulk encryption and transmission of messages, and specific techniques involved therein include symmetric encryption, asymmetric encryption, and digital signature verification, of which:
[0008] by the symmetric encryption technique, the same secret key is used for encryption and decryption;
[0009] by the asymmetric encryption technique, a pair of secret keys is created, of which the secret key not made public is called a private key, and the secret key made public is called a public key; the public key encrypts data, while the corresponding private key decrypts data;
[0010] by the digital signature verification technique, the asymmetric key encryption technique is combined for use with the digital digest technique; a pair of secret keys is created, of which the private key performs digital signature on digital digest, while the corresponding public key verifies the same.
[0011] However, the aforementioned methods are problematic as specified below:
on the one hand, by the bulk encryption and decryption of data, the receiving party can view only the whole message after receiving the secret key, as it is impossible for the transmitting party to control fine granularity, for example, to allow the receiving party to view only designated sections; on the other hand, although symmetric encryption is advantageous in terms of quick speed and high efficiency, the safety for transmitting secret keys over the network is not so high, whereas asymmetric encryption has the advantage of high safety, but the speed of encryption and decryption is relatively low.
SUMMARY OF THE INVENTION
Date Recue/Date Received 2022-05-24
on the one hand, by the bulk encryption and decryption of data, the receiving party can view only the whole message after receiving the secret key, as it is impossible for the transmitting party to control fine granularity, for example, to allow the receiving party to view only designated sections; on the other hand, although symmetric encryption is advantageous in terms of quick speed and high efficiency, the safety for transmitting secret keys over the network is not so high, whereas asymmetric encryption has the advantage of high safety, but the speed of encryption and decryption is relatively low.
SUMMARY OF THE INVENTION
Date Recue/Date Received 2022-05-24
[0012] In order to address the problems pending in the state of the art, embodiments of the present invention provide a data transmission method and device based on consortium blockchain, so as to overcome such prior-art problems as by the bulk encryption and decryption, the receiving party can view only the whole message after receiving the secret key, as it is impossible for the transmitting party to control fine granularity (for example, to allow the receiving party to view only designated sections), safety for transmitting secret keys over the network in the symmetric encryption technique is not so high, and the speed of encryption and decryption in the asymmetric encryption technique is low.
[0013] In order to solve the above technical problems, the present invention employs the following technical solutions.
[0014] According to the first aspect, there is a data transmission method based on consortium blockchain, and the method is applied to a first node on a blockchain and comprises the following steps:
[0015] splitting data into plural data blocks, employing different symmetric keys to correspondingly encrypt the plural data blocks, generating plural data block cyphertexts, numbering the same and uploading the same to the blockchain;
[0016] employing a public key of the first node to encrypt the symmetric keys, generating a first secret key cyphertext and uploading the same to the blockchain;
[0017] employing a private key of the first node to decrypt a numbered cyphertext coming from the blockchain, and obtaining a number of a to-be-enquired data block cyphertext of a second node, wherein the numbered cyphertext is generated by the second node employing the public key of the first node to encrypt the number of the to-be-enquired data block cyphertext; and
[0018] employing, when the second node is allowed to enquire, a public key of the second node to encrypt a corresponding symmetric key, generating a second secret key cyphertext, and transmitting the same to the second node through the blockchain, so that the second node employs its own private key to decrypt the second secret key cyphertext and obtain the Date Recue/Date Received 2022-05-24 corresponding symmetric key.
[0019] Moreover, the step of splitting data into plural data blocks, employing different symmetric keys to respectively and correspondingly encrypt the data blocks, generating plural data block cyphertexts, numbering the same and uploading the same to the blockchain specifically includes:
[0020] splitting data into plural data blocks according to types of information in the data;
[0021] generating one symmetric key corresponding to each data block; and
[0022] employing the symmetric keys respectively to encrypt corresponding data blocks, generating data block cyphertexts, numbering the same and uploading the same to the blockchain.
[0023] Moreover, before the step of employing a public key of the first node to encrypt the symmetric keys, the method further comprises:
[0024] locally generating a public key and a private key of the first node, and uploading the public key of the first node to the blockchain.
[0025] Moreover, the step of employing, when the second node is allowed to enquire, a public key of the second node to encrypt a corresponding symmetric key, generating a second secret key cyphertext, and transmitting the same to the second node through the blockchain specifically includes:
[0026] employing the private key of the first node to decrypt the first secret key cyphertext obtained from the blockchain, and obtaining the symmetric key;
[0027] obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the symmetric key;
[0028] employing the public key of the second node to encrypt the symmetric key to which the to-be-enquired data block cyphertext corresponds, and generating a second secret key cyphertext; and
[0029] transmitting the second secret key cyphertext to the second node through the blockchain.
Date Recue/Date Received 2022-05-24
Date Recue/Date Received 2022-05-24
[0030] Moreover, when the second node is not allowed to enquire, an enquiry rejecting message is generated and transmitted to the second node through the blockchain.
[0031] According to the second aspect, there is a data transmission method based on consortium blockchain, and the method is applied to a second node on a blockchain and comprises the following steps:
[0032] when the second node is not allowed to enquire, an enquiry rejecting message is generated and transmitted to the second node through the blockchain (sic).
[0033] Moreover, before the step of obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the blockchain, the method further comprises:
[0034] locally generating a public key and a private key of a second node, and transmitting the public key of the second node to the blockchain.
[0035] Moreover, the step of obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the blockchain, decrypting the to-be-enquired data block cyphertext, and obtaining a data block as required specifically includes:
[0036] obtaining a second secret key cyphertext from the blockchain, wherein the second secret key cyphertext is generated by the first node employing the public key of the second node to encrypt the symmetric key to which the to-be-enquired data block cyphertext corresponds;
[0037] employing the private key of the second node to decrypt the second secret key cyphertext, and obtaining a corresponding symmetric key; and
[0038] employing the corresponding symmetric key to decrypt the to-be-enquired data block cyphertext, and obtaining a data block required to be enquired.
[0039] According to the third aspect, there is a data transmission device based on consortium blockchain, and the device is applied to a first node on a blockchain and at least comprises:
Date Recue/Date Received 2022-05-24
Date Recue/Date Received 2022-05-24
[0040] a data splitting module, for splitting data into plural data blocks;
[0041] a first encrypting module, for employing different symmetric keys to respectively and correspondingly encrypt the plural data blocks, generating plural data block cyphertexts, numbering the same and uploading the same to the blockchain;
[0042] wherein the first encrypting module is further employed for employing a public key of the first node to encrypt the symmetric keys, generating a first secret key cyphertext and uploading the same to the blockchain;
[0043] a first decrypting module, for employing a private key of the first node to decrypt a numbered cyphertext coming from the blockchain, and obtaining a number of a to-be-enquired data block cyphertext of a second node, wherein the numbered cyphertext is generated by the second node employing the public key of the first node to encrypt the number of the to-be-enquired data block cyphertext;
[0044] wherein the first encrypting module is further employed for employing a public key of the second node to encrypt a corresponding symmetric key, and generating a second secret key cyphertext; and
[0045] a transmitting module, for transmitting the second secret key cyphertext to the second node through the blockchain.
[0046] Moreover, the device further comprises:
[0047] a first generating module, for generating one symmetric key corresponding to each data block.
[0048] Moreover, the device further comprises:
[0049] a second generating module, for locally generating a public key and a private key of the first node, and uploading the public key of the first node to the blockchain.
[0050] According to the fourth aspect, there is a data transmission device based on consortium blockchain, and the device is applied to a second node on a blockchain and at least comprises:
Date Recue/Date Received 2022-05-24
Date Recue/Date Received 2022-05-24
[0051] a second encrypting module, for employing a public key of a first node obtained from a blockchain to encrypt a number of a to-be-enquired data block cyphertext, and generating a numbered cyphertext;
[0052] a signing module, for signing the numbered cyphertext and transmitting the same to the blockchain;
[0053] an obtaining module, for obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the blockchain; and
[0054] a second decrypting module, for decrypting the to-be-enquired data block cyphertext, and obtaining a data block as required.
[0055] Moreover, the device further comprises:
[0056] a third generating module, for locally generating a public key and a private key of a second node, and transmitting the public key of the second node to the blockchain.
[0057] The technical solutions provided by the embodiments of the present invention bring about the following advantageous effects.
[0058] 1. In the data transmission method and device based on consortium blockchain as provided by the embodiments of the present invention, the first node on the blockchain of the data sharing system can self-define the block encryption strategy.
Through the block encryption method, the first node can flexibly control the message accessing strategy to control fine granularity, for instance, to allow only the second node to view designated sections, and authorization from the first node is required for the second node to view certain blocks in the message, whereby controllability of data is guaranteed.
Through the block encryption method, the first node can flexibly control the message accessing strategy to control fine granularity, for instance, to allow only the second node to view designated sections, and authorization from the first node is required for the second node to view certain blocks in the message, whereby controllability of data is guaranteed.
[0059] 2. In the data transmission method and device based on consortium blockchain as provided by the embodiments of the present invention, block encryption is performed on the message by means of a symmetric encryption algorithm, and symmetric keys are encrypted by means of an asymmetric encryption algorithm, whereby efficiency of Date Recue/Date Received 2022-05-24 encryption and decryption is enhanced as far as possible while data safety is guaranteed.
[0060] 3. In the data transmission method and device based on consortium blockchain as provided by the embodiments of the present invention, data is encrypted and thereafter stored on the blockchain, unless authorization is made, it is impossible for other persons to decrypt the data; moreover, when data blocks are encrypted and thereafter transmitted, what is stored on the blockchain is all the encrypted data, so that safety and privacy of the data are guaranteed.
[0061] 4. In the data transmission method and device based on consortium blockchain as provided by the embodiments of the present invention, all symmetric keys are temporarily generated and stored on the blockchain, as long as the local asymmetric private key is not lost, decryption can be made again from the blockchain very conveniently, so that restorability of data is guaranteed.
BRIEF DESCRIPTION OF THE DRAWINGS
BRIEF DESCRIPTION OF THE DRAWINGS
[0062] To more clearly describe the technical solutions in the embodiments of the present invention, drawings required to be used in the description of the embodiments will be briefly introduced below. Apparently, the drawings introduced below are merely directed to some embodiments of the present invention, while it is possible for persons ordinarily skilled in the art to acquire other drawings based on these drawings without spending creative effort in the process.
[0063] Fig. 1 is a flowchart of the data transmission method based on consortium blockchain according to an exemplary embodiment;
[0064] Fig. 2 is a flowchart illustrating the process of splitting data into plural data blocks, employing different symmetric keys to correspondingly encrypt the data blocks, Date Recue/Date Received 2022-05-24 generating plural data block cyphertexts, numbering the same and uploading the same to the blockchain according to an exemplary embodiment;
[0065] Fig. 3 is a flowchart illustrating the process of employing, when the second node is allowed to enquire, a public key of the second node to encrypt a corresponding symmetric key, generating a second secret key cyphertext, and transmitting the same to the second node through the blockchain according to an exemplary embodiment;
[0066] Fig. 4 is a flowchart of the data transmission method based on consortium blockchain according to an exemplary embodiment;
[0067] Fig. 5 is a flowchart illustrating the process of obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the blockchain, decrypting the to-be-enquired data block cyphertext, and obtaining a data block as required according to an exemplary embodiment;
[0068] Fig. 6 is a view schematically illustrating the structure of the data transmission device based on consortium blockchain according to an exemplary embodiment; and
[0069] Fig. 7 is a view schematically illustrating the structure of the data transmission device based on consortium blockchain according to an exemplary embodiment.
DETAILED DESCRIPTION OF THE INVENTION
DETAILED DESCRIPTION OF THE INVENTION
[0070] In order to make clearer the objectives, technical solutions and advantages of the present invention, the technical solutions in the embodiments of the present invention will be more clearly and comprehensively described below with reference to the accompanying drawings in the embodiments of the present invention. Apparently, the embodiments as described are merely partial, rather than the entire, embodiments of the present invention.
Date Recue/Date Received 2022-05-24 All other embodiments obtainable by persons ordinarily skilled in the art on the basis of the embodiments in the present invention without spending creative effort shall all fall within the protection scope of the present invention.
Date Recue/Date Received 2022-05-24 All other embodiments obtainable by persons ordinarily skilled in the art on the basis of the embodiments in the present invention without spending creative effort shall all fall within the protection scope of the present invention.
[0071] Fig. 1 is a flowchart of the data transmission method based on consortium blockchain according to an exemplary embodiment. The method is applied to a first node on a blockchain, and with reference to Fig. 1, the method comprises the following steps.
[0072] S101 - splitting data into plural data blocks, employing different symmetric keys to correspondingly encrypt the plural data blocks, generating plural data block cyphertexts, numbering the same and uploading the same to the blockchain.
[0073] Specifically, the first node (namely a data transmitting party) can split data (namely a plaintext message) into plural data blocks according to business requirement, temporarily generate symmetric keys, employ the symmetric keys to encrypt the data blocks to generate plural first encrypted data blocks, wherein each data block corresponds to one symmetric key, and all symmetric keys are different from one another;
thereafter, after the plural first encrypted data blocks have been sequentially numbered, these first encrypted data blocks and their numbers are uploaded to the blockchain for storage. As should be noted here, the same and single symmetric key can also be used to encrypt the data blocks.
thereafter, after the plural first encrypted data blocks have been sequentially numbered, these first encrypted data blocks and their numbers are uploaded to the blockchain for storage. As should be noted here, the same and single symmetric key can also be used to encrypt the data blocks.
[0074] S102 - employing a public key of the first node to encrypt the symmetric keys, generating a first secret key cyphertext and uploading the same to the blockchain.
[0075] Further, before the public key of the first node is employed to encrypt the symmetric keys, the first node locally generates the public key and the private key of the first node, and uploads the public key of the first node to the blockchain.
Date Recue/Date Received 2022-05-24
Date Recue/Date Received 2022-05-24
[0076] Specifically, the first node firstly employs the public key of the first node to encrypt the symmetric keys to generate a first secret key cyphertext, and then uploads the first secret key cyphertext to the blockchain for storage. Since all symmetric keys are temporarily generated, and stored on the blockchain after having been encrypted by means of the public key of the first node, as long as the local asymmetric private key is not lost, decryption can be made again from the blockchain very conveniently, so that restorability of data is guaranteed. Moreover, the symmetric keys are encrypted and thereafter stored on the blockchain, whereby loss of the symmetric keys due to invalidation of the local node can be avoided. In addition, the public key of the first node is uploaded to the blockchain, whereby it can be conveniently shared with other users in the blockchain.
[0077] S103 - employing a private key of the first node to decrypt a numbered cyphertext coming from the blockchain, and obtaining a number of a to-be-enquired data block cyphertext of a second node, wherein the numbered cyphertext is generated by the second node employing the public key of the first node to encrypt the number of the to-be-enquired data block cyphertext.
[0078] Specifically, the first node (namely the data transmitting party) monitors the data in the blockchain, when the signed numbered cyphertext is received, it firstly employs its own private key to decrypt the cyphertext, and obtains the number of the data block cyphertext (namely the number of the to-be-enquired data block cyphertext) desired to be enquired by the second node (namely the data receiving party).
[0079] S104 - employing, when the second node is allowed to enquire, a public key of the second node to encrypt a corresponding symmetric key, generating a second secret key cyphertext, and transmitting the same to the second node through the blockchain, so that the second node employs its own private key to decrypt the second secret key cyphertext and obtain the corresponding symmetric key.
Date Recue/Date Received 2022-05-24
Date Recue/Date Received 2022-05-24
[0080] Specifically, if the first node agrees the second node to enquire the to-be-enquired data block cyphertext, the symmetric key used for encrypting the to-be-enquired data block cyphertext is uploaded to the blockchain, before such uploading, a public key of a second node obtained from the blockchain is employed to encrypt the corresponding symmetric key, and a second secret key cyphertext is generated and thereafter uploaded to the blockchain.
[0081] Fig. 2 is a flowchart illustrating the process of splitting data into plural data blocks, employing different symmetric keys to correspondingly encrypt the data blocks, generating plural data block cyphertexts, numbering the same and uploading the same to the blockchain according to an exemplary embodiment, and with reference to Fig. 2, the process includes the following steps.
[0082] S101.1 ¨ splitting data into plural data blocks according to types of information in the data.
[0083] Specifically, the first node (namely the data transmitting party) can flexibly split data (namely a message) into plural data blocks according to business requirement.
For instance, a message contains three types of information, namely username, mobile phone number, and mail address, and the transmitting terminal can split this message into three blocks.
For instance, a message contains three types of information, namely username, mobile phone number, and mail address, and the transmitting terminal can split this message into three blocks.
[0084] S101.2 - generating one symmetric key corresponding to each data block.
[0085] Specifically, the first node traverses the plural data blocks, and one symmetric key is generated corresponding to each data block, in other words, the symmetric keys can be temporarily generated.
[0086] S101.3 - employing the symmetric keys respectively to encrypt corresponding data blocks, Date Recue/Date Received 2022-05-24 generating data block cyphertexts, numbering the same and thereafter uploading the same to the blockchain.
[0087] Specifically, different symmetric keys are respectively employed to encrypt corresponding data blocks to generate first encrypted data blocks, and the first encrypted data blocks are sequentially numbered and thereafter uploaded together with their numbers to the blockchain for storage, i.e., symmetric keys used by different data blocks are also different.
[0088] Fig. 3 is a flowchart illustrating the process of employing, when the second node is allowed to enquire, a public key of the second node to encrypt a corresponding symmetric key, generating a second secret key cyphertext, and transmitting the same to the second node through the blockchain according to an exemplary embodiment, and with reference to Fig. 3, the process includes the following steps.
[0089] S104.1 ¨ employing the private key of the first node to decrypt the first secret key cyphertext obtained from the blockchain, and obtaining the symmetric keys.
[0090] Specifically, if the first node agrees with the enquiring request of the second node, the first node firstly obtains the first secret key cyphertext from the blockchain, employs its own private key to decrypt the cyphertext, and obtains all symmetric keys.
[0091] S104.2 - obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the symmetric keys.
[0092] Specifically, the first node can enquire the symmetric keys according to the number of the to-be-enquired data block cyphertext or by any other means to obtain therefrom the symmetric key corresponding to the to-be-enquired data block cyphertext.
Date Recue/Date Received 2022-05-24
Date Recue/Date Received 2022-05-24
[0093] S104.3 - employing the public key of the second node to encrypt the symmetric key to which the to-be-enquired data block cyphertext corresponds, and generating a second secret key cyphertext.
[0094] Specifically, the first node obtains from the blockchain a public key of the second node shared by the second node, and then employs the public key of the second node to encrypt the symmetric key to which the to-be-enquired data block cyphertext corresponds to generate a second secret key cyphertext.
[0095] S104.4 - transmitting the second secret key cyphertext to the second node through the blockchain.
[0096] Specifically, the second node monitors the data in the blockchain, when the first node uploads the second secret key cyphertext to the blockchain, the second node obtains the second secret key cyphertext from the blockchain.
[0097] In another exemplary embodiment of the present invention, the method further comprises:
[0098] generating an enquiry rejecting message when the second node is not allowed to enquire, and transmitting the same to the second node through the blockchain.
[0099] Specifically, the rejecting message does not contain the symmetric key used for encrypting the to-be-enquired data block cyphertext, so the second node cannot obtain the data block required to be enquired.
[0100] Fig. 4 is a flowchart of a data transmission method based on consortium blockchain according to an exemplary embodiment, and with reference to Fig. 4, the method comprises the following steps.
[0101] S201 - employing a public key of a first node obtained from a blockchain to encrypt a Date Recue/Date Received 2022-05-24 number of a to-be-enquired data block cyphertext, generating a numbered cyphertext, signing the numbered cyphertext and transmitting the same to the blockchain.
[0102] Specifically, the second node (namely the data receiving party) monitors data in the blockchain. When a data block cyphertext is received and it is desired to enquire certain data blocks therein, the second node employs the public key of the first node obtained from the blockchain to encrypt the number of the to-be-enquired data block cyphertext, generates a numbered cyphertext, signs the numbered cyphertext and thereafter transmits the same to the blockchain. As should be noted here, it is the number of the to-be-enquired data block cyphertext that is encrypted and thereafter transmitted to the blockchain, rather than that the to-be-enquired data block cyphertext is encrypted and thereafter transmitted to the blockchain, whereby the load of data transmission can be reduced on the one hand, while on the other hand, it is made possible to keep secret the data block(s) desired to be enquired by the second node, and to prevent other nodes in the blockchain from obtaining the information. Additionally, signing the numbered cyphertext can facilitate the first node to make identification authentication on the second node, and to judge whether to consent to the enquiring request of the second node on the corresponding data block(s).
[0103] S202 - obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the blockchain, decrypting the to-be-enquired data block cyphertext, and obtaining a data block as required.
[0104] Moreover, before the symmetric key to which the to-be-enquired data block cyphertext corresponds is obtained from the blockchain, a public key and a private key of the second node are locally generated, and the public key of the second node is transmitted to the blockchain.
[0105] Fig. 5 is a flowchart illustrating the process of obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the blockchain, decrypting the to-Date Recue/Date Received 2022-05-24 be-enquired data block cyphertext, and obtaining a data block as required according to an exemplary embodiment, and with reference to Fig. 5, the process includes the following steps.
[0106] S202.1 - obtaining a second secret key cyphertext from the blockchain, wherein the second secret key cyphertext is generated by the first node employing the public key of the second node to encrypt the symmetric key to which the to-be-enquired data block cyphertext corresponds.
[0107] Specifically, the second node monitors data on the blockchain, when the first node employs the public key of the second node to encrypt the symmetric key to which the to-be-enquired data block cyphertext corresponds, generates the second secret key cyphertext and transmits the same to the blockchain, the second node obtains the second secret key cyphertext from the blockchain.
[0108] S202.2 - employing the private key of the second node to decrypt the second secret key cyphertext, and obtaining a corresponding symmetric key.
[0109] Specifically, the second node employs the private key that matches the public key of the second node to decrypt the second secret key cyphertext, and obtains the symmetric key used when the to-be-enquired data block cyphertext is encrypted.
[0110] S202.3 - employing the corresponding symmetric key to decrypt the to-be-enquired data block cyphertext, and obtaining a data block required to be enquired.
[0111] Specifically, the second node employs the corresponding symmetric key to decrypt the to-be-enquired data block cyphertext, and finally obtains the data block required thereby, thus facilitating enquiring by itself.
Date Recue/Date Received 2022-05-24
Date Recue/Date Received 2022-05-24
[0112] An exemplary example is taken below to help understand the specific data transmitting process of the data transmission method based on consortium blockchain provided by the embodiments of the present invention.
[0113] Suppose there are one data transmitting party S (namely a first node), and two data receiving parties A and B (namely a second node and a third node). Data transmitting party S, data receiving party A and data receiving party B employ an RSA
algorithm to each generate a pair of public and private keys locally.
algorithm to each generate a pair of public and private keys locally.
[0114] Data transmitting party S firstly splits a plaintext message Plain (namely data) into n blocks according to specific business requirement, i.e., Plain=Plain[1,2,...n]. Each data block is then encrypted and numbered. The Plain array is cyclically traversed, and an AES KEY (namely a symmetric key) is temporarily generated by means of an AES
algorithm for each Plain element, i.e., Ci=AES encrypt(Pi, AES KEY). The AES
KEY
is employed to perform symmetric encryption on the element to obtain a cyphertext (namely a data block cyphertext), the cyphertext is numbered and then added to a cyphertext array, i.e., Cipher=[C1,C2...Cn]. Moreover, data transmitting party S employs its own public key RSA to encrypt the n number of AES KEYs to generate a first secret key cyphertext Ck=RSA encrypt(AES KEY, Pub S). Finally, the data block cyphertext Cipher and its number, and the first secret key cyphertext Ck are all uploaded to the blockchain for storage.
algorithm for each Plain element, i.e., Ci=AES encrypt(Pi, AES KEY). The AES
KEY
is employed to perform symmetric encryption on the element to obtain a cyphertext (namely a data block cyphertext), the cyphertext is numbered and then added to a cyphertext array, i.e., Cipher=[C1,C2...Cn]. Moreover, data transmitting party S employs its own public key RSA to encrypt the n number of AES KEYs to generate a first secret key cyphertext Ck=RSA encrypt(AES KEY, Pub S). Finally, the data block cyphertext Cipher and its number, and the first secret key cyphertext Ck are all uploaded to the blockchain for storage.
[0115] On receiving the data block cyphertext Cipher and its number, data receiving party A
desires to know certain blocks therein, which are supposed to be the xth and the yth blocks here (x and y are both smaller than or equal to n). Data receiving party A
firstly employs the public key of data transmitting party S to subject the numbers (namely x and y) of the xth and yth data block cyphertexts to RSA encryption, generates a numbered cyphertext, signs the same and thereafter stores the same in the blockchain, namely stores ReqA=RSA encrypt(x,y),Pub S) in the blockchain.
Date Recue/Date Received 2022-05-24
desires to know certain blocks therein, which are supposed to be the xth and the yth blocks here (x and y are both smaller than or equal to n). Data receiving party A
firstly employs the public key of data transmitting party S to subject the numbers (namely x and y) of the xth and yth data block cyphertexts to RSA encryption, generates a numbered cyphertext, signs the same and thereafter stores the same in the blockchain, namely stores ReqA=RSA encrypt(x,y),Pub S) in the blockchain.
Date Recue/Date Received 2022-05-24
[0116] On receiving the ReqA, data transmitting party S decrypts the same with its own private key, and obtains numbers x, y. If data transmitting party S consents to the request of data receiving party A to view Plain x, Plain y, corresponding secret keys AES
KEYx, AES KEYy are stored in the blockchain. The specific process is as follows:
KEYx, AES KEYy are stored in the blockchain. The specific process is as follows:
[0117] Ck is enquired from the blockchain, and decryption is made with its own private key to obtain all symmetric keys: AES KEY=RSA decrypt(Ck, Priv S). The xth and yth AES KEYs are extracted from the AES KEYs, and the public key of data receiving party A is subsequently employed to encrypt the same to a second secret key cyphertext RespA, in which RespA = RSA encrypt(AES KEYx, AES KEYy), Pub A).
[0118] On receiving the RespA, data receiving party A firstly employs its private key to decrypt the same, and obtains AES KEYx, AES KEYy , namely: (AES KEYx, AES KEYy) =
RSA decrypt(RespA, Priv A). Subsequently, data receiving party A decrypts the cyphertext according to the secret key as obtained, and obtains the required message blocks, namely:
RSA decrypt(RespA, Priv A). Subsequently, data receiving party A decrypts the cyphertext according to the secret key as obtained, and obtains the required message blocks, namely:
[0119] Plainx=AES decrypt(Cx, AES KEYx)
[0120] Plainy=AES decrypt(Cy, AES KEYy)
[0121] In addition, on receiving the Cipher, data receiving party B desires to know a certain block therein, which is supposed to be the zth block (z is smaller than or equal to n). Data receiving party B employs the public key of data transmitting party S to subject z to RSA
encryption, signs the same and thereafter stores the same in the blockchain, namely ReqB=RSA encrypt((z),Pub S).
encryption, signs the same and thereafter stores the same in the blockchain, namely ReqB=RSA encrypt((z),Pub S).
[0122] On receiving the ReqB, data transmitting party S decrypts the same with its own private key, and obtains the number z. If data transmitting party S does not consent to the request of B, a response message is stored in the blockchain. The response message obtained by data receiving party B does not contain AES KEYz, in other words, data receiving party Date Recue/Date Received 2022-05-24 B cannot obtain any required message block.
[0123] Fig. 6 is a view schematically illustrating the structure of the data transmission device based on consortium blockchain according to an exemplary embodiment, and the device is applied to a first node on a blockchain, which does not belong to the structure of the device and is hence framed by dotted lines. With reference to Fig. 6, the device at least comprises:
[0124] a data splitting module, for splitting data into plural data blocks;
[0125] a first encrypting module, for employing different symmetric keys to respectively and correspondingly encrypt the plural data blocks, generating plural data block cyphertexts, numbering the same and uploading the same to the blockchain;
[0126] wherein the first encrypting module is further employed for employing a public key of the first node to encrypt the symmetric keys, generating a first secret key cyphertext and uploading the same to the blockchain;
[0127] a first decrypting module, for employing a private key of the first node to decrypt a numbered cyphertext coming from the blockchain, and obtaining a number of a to-be-enquired data block cyphertext of a second node, wherein the numbered cyphertext is generated by the second node employing the public key of the first node to encrypt the number of the to-be-enquired data block cyphertext;
[0128] wherein the first encrypting module is further employed for employing a public key of the second node to encrypt a corresponding symmetric key, and generating a second secret key cyphertext; and
[0129] a transmitting module, for transmitting the second secret key cyphertext to the second node through the blockchain.
[0130] Moreover, the device further comprises:
[0131] a first generating module, for generating one symmetric key corresponding to each data block.
Date Recue/Date Received 2022-05-24
Date Recue/Date Received 2022-05-24
[0132] Moreover, the device further comprises:
[0133] a second generating module, for locally generating a public key and a private key of the first node, and uploading the public key of the first node to the blockchain.
[0134] In another exemplary embodiment of the present invention, the first decrypting module is further employed for employing the private key of the first node to decrypt the first secret key cyphertext obtained from the blockchain, and obtaining the symmetric keys.
[0135] The first encrypting module is further employed for employing a public key of the second node to encrypt the symmetric key to which the to-be-enquired data block cyphertext corresponds, and generating a second secret key cyphertext.
[0136] The transmitting module is further employed for generating an enquiry rejecting message when the second node is now allowed to enquire, and transmitting the same to the second node through the blockchain.
[0137] The device can further comprise:
[0138] an enquiring module, for obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the symmetric keys.
[0139] Fig. 7 is a view schematically illustrating the structure of the data transmission device based on consortium blockchain according to an exemplary embodiment, and the device is applied to a second node on a blockchain, which does not belong to the structure of the device and is hence framed by dotted lines. With reference to Fig. 7, the device at least comprises:
[0140] a second encrypting module, for employing a public key of a first node obtained from a blockchain to encrypt a number of a to-be-enquired data block cyphertext, and generating a numbered cyphertext;
[0141] a signing module, for signing the numbered cyphertext and transmitting the same to the Date Recue/Date Received 2022-05-24 blockchain;
[0142] an obtaining module, for obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the blockchain; and
[0143] a second decrypting module, for decrypting the to-be-enquired data block cyphertext, and obtaining a data block as required.
[0144] Moreover, the device further comprises:
[0145] a third generating module, for locally generating a public key and a private key of a second node, and transmitting the public key of the second node to the blockchain.
[0146] In another exemplary embodiment of the present invention, the device can further comprise:
[0147] a receiving module, for obtaining a second secret key cyphertext from the blockchain, wherein the second secret key cyphertext is generated by the first node employing the public key of the second node to encrypt the symmetric key to which the to-be-enquired data block cyphertext corresponds.
[0148] The second decrypting module is further employed for employing the private key of the second node to decrypt the second secret key cyphertext, and obtaining corresponding symmetric keys.
[0149] In summary, the technical solutions provided by the embodiments of the present invention bring about the following advantageous effects.
[0150] 1. In the data transmission method and device based on consortium blockchain as provided by the embodiments of the present invention, the first node on the blockchain of the data sharing system can self-define the block encryption strategy, through the block encryption method, the first node can flexibly control the message accessing strategy to control fine granularity, for instance, to allow the second node to view designated sections Date Recue/Date Received 2022-05-24 only, and authorization from the first node is required for the second node to view certain blocks in the message, whereby controllability of data is guaranteed.
[0151] 2. In the data transmission method and device based on consortium blockchain as provided by the embodiments of the present invention, block encryption is performed on the message by means of a symmetric encryption algorithm, and symmetric keys are encrypted by means of an asymmetric encryption algorithm, whereby efficiency of encryption and decryption is enhanced as far as possible while data safety is guaranteed.
[0152] 3. In the data transmission method and device based on consortium blockchain as provided by the embodiments of the present invention, data is encrypted and thereafter stored on the blockchain, unless authorization is made, it is impossible for other persons to decrypt the data; moreover, when data blocks are encrypted and thereafter transmitted, what is stored on the blockchain is all the encrypted data, so that safety and privacy of the data are guaranteed.
[0153] 4. In the data transmission method and device based on consortium blockchain as provided by the embodiments of the present invention, all symmetric keys are temporarily generated and stored on the blockchain, as long as the local asymmetric private key is not lost, decryption can be made again from the blockchain very conveniently, so that restorability of data is guaranteed.
[0154] All the above optional technical solutions are randomly combinable to form selectable embodiments of the present invention, and these are not redundantly described in a one-by-one basis.
[0155] As should be noted, when the data transmission device based on consortium blockchain applied to a first node and a second node on a blockchain as provided by the aforementioned embodiments triggers a data transmission business, the division into the Date Recue/Date Received 2022-05-24 aforementioned various functional modules is merely by way of example, while it is possible, in actual application, to base on requirements to assign the functions to different functional modules for completion, that is to say, to divide the internal structure of the device into different functional modules to complete the entire or partial functions described above. In addition, the data transmission device based on consortium blockchain applied to a first node on a blockchain provided by the aforementioned embodiment pertains to the same conception as the data transmission method based on consortium blockchain provided by the method embodiment, and the data transmission device based on consortium blockchain applied to a second node on a blockchain pertains to the same conception as the data transmission method based on consortium blockchain provided by the method embodiment ¨ see the corresponding method embodiments for their specific realization processes, while no repetition will be made in this context.
[0156] As understandable by persons ordinarily skilled in the art, realization of the entire or partial steps of the aforementioned embodiments can be completed by hardware, or by a program to instruct relevant hardware. The program can be stored in a computer-readable storage medium, and the storage medium can be a read-only memory, a magnetic disk, or an optical disk, etc.
[0157] What the above describes is merely directed to preferred embodiments of the present invention, and is not meant to restrict the present invention. Any amendment, equivalent replacement or improvement makeable within the spirit and principle of the present invention shall all be covered by the protection scope of the present invention.
Date Recue/Date Received 2022-05-24
Date Recue/Date Received 2022-05-24
Claims (13)
1. A data transmission method based on consortium blockchain, characterized in that the method is applied to a first node on a blockchain, and the method comprises the following steps:
splitting data into plural data blocks, employing different symmetric keys to correspondingly encrypt the plural data blocks, generating plural data block cyphertexts, numbering the same and uploading the same to the blockchain;
employing a public key of the first node to encrypt the symmetric keys, generating a first secret key cyphertext and uploading the same to the blockchain;
employing a private key of the first node to decrypt a numbered cyphertext coming from the blockchain, and obtaining a number of a to-be-enquired data block cyphertext of a second node, wherein the numbered cyphertext is generated by the second node employing the public key of the first node to encrypt the number of the to-be-enquired data block cyphertext; and employing, when the second node is allowed to enquire, a public key of the second node to encrypt a corresponding symmetric key, generating a second secret key cyphertext, and transmitting the same to the second node through the blockchain, so that the second node employs its own private key to decrypt the second secret key cyphertext and obtain the corresponding symmetric key.
splitting data into plural data blocks, employing different symmetric keys to correspondingly encrypt the plural data blocks, generating plural data block cyphertexts, numbering the same and uploading the same to the blockchain;
employing a public key of the first node to encrypt the symmetric keys, generating a first secret key cyphertext and uploading the same to the blockchain;
employing a private key of the first node to decrypt a numbered cyphertext coming from the blockchain, and obtaining a number of a to-be-enquired data block cyphertext of a second node, wherein the numbered cyphertext is generated by the second node employing the public key of the first node to encrypt the number of the to-be-enquired data block cyphertext; and employing, when the second node is allowed to enquire, a public key of the second node to encrypt a corresponding symmetric key, generating a second secret key cyphertext, and transmitting the same to the second node through the blockchain, so that the second node employs its own private key to decrypt the second secret key cyphertext and obtain the corresponding symmetric key.
2. The data transmission method based on consortium blockchain according to Claim 1, characterized in that the step of splitting data into plural data blocks, employing different symmetric keys to correspondingly encrypt the data blocks, generating plural data block cyphertexts, numbering the same and uploading the same to the blockchain specifically includes:
splitting data into plural data blocks according to types of information in the data;
generating one symmetric key corresponding to each data block; and employing the symmetric keys respectively to encrypt corresponding data blocks, generating data block cyphertexts, numbering the same and uploading the same to the blockchain.
Date Recue/Date Received 2022-05-24
splitting data into plural data blocks according to types of information in the data;
generating one symmetric key corresponding to each data block; and employing the symmetric keys respectively to encrypt corresponding data blocks, generating data block cyphertexts, numbering the same and uploading the same to the blockchain.
Date Recue/Date Received 2022-05-24
3. The data transmission method based on consortium blockchain according to Claim 1 or 2, characterized in that, before the step of employing a public key of the first node to encrypt the symmetric keys, the method further comprises:
locally generating a public key and a private key of the first node, and uploading the public key of the first node to the blockchain.
locally generating a public key and a private key of the first node, and uploading the public key of the first node to the blockchain.
4. The data transmission method based on consortium blockchain according to Claim 3, characterized in that the step of employing, when the second node is allowed to enquire, a public key of the second node to encrypt a corresponding symmetric key, generating a second secret key cyphertext, and transmitting the same to the second node through the blockchain specifically includes:
employing the private key of the first node to decrypt the first secret key cyphertext obtained from the blockchain, and obtaining the symmetric key;
obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the symmetric key;
employing the public key of the second node to encrypt the symmetric key to which the to-be-enquired data block cyphertext corresponds, and generating a second secret key cyphertext; and transmitting the second secret key cyphertext to the second node through the blockchain.
employing the private key of the first node to decrypt the first secret key cyphertext obtained from the blockchain, and obtaining the symmetric key;
obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the symmetric key;
employing the public key of the second node to encrypt the symmetric key to which the to-be-enquired data block cyphertext corresponds, and generating a second secret key cyphertext; and transmitting the second secret key cyphertext to the second node through the blockchain.
5. The data transmission method based on consortium blockchain according to Claim 1 or 2, characterized in that, when the second node is not allowed to enquire, an enquiry rejecting message is generated and transmitted to the second node through the blockchain.
6. A data transmission method based on consortium blockchain, characterized in that the method is applied to a second node on a blockchain, and the method comprises the following steps:
employing a public key of a first node obtained from a blockchain to encrypt a number of a to-be-enquired data block cyphertext, generating a numbered cyphertext, signing the numbered cyphertext and transmitting the same to the blockchain; and Date Recue/Date Received 2022-05-24 obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the blockchain, decrypting the to-be-enquired data block cyphertext, and obtaining a data block as required.
employing a public key of a first node obtained from a blockchain to encrypt a number of a to-be-enquired data block cyphertext, generating a numbered cyphertext, signing the numbered cyphertext and transmitting the same to the blockchain; and Date Recue/Date Received 2022-05-24 obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the blockchain, decrypting the to-be-enquired data block cyphertext, and obtaining a data block as required.
7. The data transmission method based on consortium blockchain according to Claim 6, characterized in that, before the step of obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the blockchain, the method further comprises:
locally generating a public key and a private key of a second node, and transmitting the public key of the second node to the blockchain.
locally generating a public key and a private key of a second node, and transmitting the public key of the second node to the blockchain.
8. The data transmission method based on consortium blockchain according to Claim 7, characterized in that the step of obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the blockchain, decrypting the to-be-enquired data block cyphertext, and obtaining a data block as required specifically includes:
obtaining a second secret key cyphertext from the blockchain, wherein the second secret key cyphertext is generated by the first node employing the public key of the second node to encrypt the symmetric key to which the to-be-enquired data block cyphertext corresponds;
employing the private key of the second node to decrypt the second secret key cyphertext, and obtaining a corresponding symmetric key; and employing the corresponding symmetric key to decrypt the to-be-enquired data block cyphertext, and obtaining a data block required to be enquired.
obtaining a second secret key cyphertext from the blockchain, wherein the second secret key cyphertext is generated by the first node employing the public key of the second node to encrypt the symmetric key to which the to-be-enquired data block cyphertext corresponds;
employing the private key of the second node to decrypt the second secret key cyphertext, and obtaining a corresponding symmetric key; and employing the corresponding symmetric key to decrypt the to-be-enquired data block cyphertext, and obtaining a data block required to be enquired.
9. A data transmission device based on consortium blockchain, characterized in that the device is applied to a first node on a blockchain, and that the device at least comprises:
a data splitting module, for splitting data into plural data blocks;
a first encrypting module, for employing different symmetric keys to respectively and correspondingly encrypt the plural data blocks, generating plural data block cyphertexts, numbering the same and uploading the same to the blockchain;
wherein the first encrypting module is further employed for employing a public key of the first Date Recue/Date Received 2022-05-24 node to encrypt the symmetric keys, generating a first secret key cyphertext and uploading the same to the blockchain;
a first decrypting module, for employing a private key of the first node to decrypt a numbered cyphertext coming from the blockchain, and obtaining a number of a to-be-enquired data block cyphertext of a second node, wherein the numbered cyphertext is generated by the second node employing the public key of the first node to encrypt the number of the to-be-enquired data block cyphertext;
wherein the first encrypting module is further employed for employing a public key of the second node to encrypt a corresponding symmetric key, and generating a second secret key cyphertext;
and a transmitting module, for transmitting the second secret key cyphertext to the second node through the blockchain.
a data splitting module, for splitting data into plural data blocks;
a first encrypting module, for employing different symmetric keys to respectively and correspondingly encrypt the plural data blocks, generating plural data block cyphertexts, numbering the same and uploading the same to the blockchain;
wherein the first encrypting module is further employed for employing a public key of the first Date Recue/Date Received 2022-05-24 node to encrypt the symmetric keys, generating a first secret key cyphertext and uploading the same to the blockchain;
a first decrypting module, for employing a private key of the first node to decrypt a numbered cyphertext coming from the blockchain, and obtaining a number of a to-be-enquired data block cyphertext of a second node, wherein the numbered cyphertext is generated by the second node employing the public key of the first node to encrypt the number of the to-be-enquired data block cyphertext;
wherein the first encrypting module is further employed for employing a public key of the second node to encrypt a corresponding symmetric key, and generating a second secret key cyphertext;
and a transmitting module, for transmitting the second secret key cyphertext to the second node through the blockchain.
10. The data transmission device based on consortium blockchain according to Claim 9, characterized in that the device further comprises:
a first generating module, for generating one symmetric key corresponding to each data block.
a first generating module, for generating one symmetric key corresponding to each data block.
11. The data transmission device based on consortium blockchain according to Claim 9 or 10, characterized in that the device further comprises:
a second generating module, for locally generating a public key and a private key of the first node, and uploading the public key of the first node to the blockchain.
a second generating module, for locally generating a public key and a private key of the first node, and uploading the public key of the first node to the blockchain.
12. A data transmission device based on consortium blockchain, characterized in that the device is applied to a second node on a blockchain, and the device at least comprises:
a second encrypting module, for employing a public key of a first node obtained from a blockchain to encrypt a number of a to-be-enquired data block cyphertext, and generating a numbered cyphertext;
a signing module, for signing the numbered cyphertext and transmitting the same to the blockchain;
Date Recue/Date Received 2022-05-24 an obtaining module, for obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the blockchain; and a second decrypting module, for decrypting the to-be-enquired data block cyphertext, and obtaining a data block as required.
a second encrypting module, for employing a public key of a first node obtained from a blockchain to encrypt a number of a to-be-enquired data block cyphertext, and generating a numbered cyphertext;
a signing module, for signing the numbered cyphertext and transmitting the same to the blockchain;
Date Recue/Date Received 2022-05-24 an obtaining module, for obtaining a symmetric key to which the to-be-enquired data block cyphertext corresponds from the blockchain; and a second decrypting module, for decrypting the to-be-enquired data block cyphertext, and obtaining a data block as required.
13. The data transmission device based on consortium blockchain according to Claim 12, characterized in that the device further comprises:
a third generating module, for locally generating a public key and a private key of a second node, and transmitting the public key of the second node to the blockchain.
Date Recue/Date Received 2022-05-24
a third generating module, for locally generating a public key and a private key of a second node, and transmitting the public key of the second node to the blockchain.
Date Recue/Date Received 2022-05-24
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811449441.4 | 2018-11-29 | ||
| CN201811449441.4A CN109587132B (en) | 2018-11-29 | 2018-11-29 | Data transmission method and device based on alliance chain |
| PCT/CN2019/106022 WO2020108019A1 (en) | 2018-11-29 | 2019-09-16 | Consortium blockchain-based data transfer method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA3162736A1 true CA3162736A1 (en) | 2020-06-04 |
Family
ID=65923853
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA3162736A Pending CA3162736A1 (en) | 2018-11-29 | 2019-09-16 | Data transmission method and device based on consortium blockchain |
Country Status (3)
| Country | Link |
|---|---|
| CN (1) | CN109587132B (en) |
| CA (1) | CA3162736A1 (en) |
| WO (1) | WO2020108019A1 (en) |
Families Citing this family (25)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109587132B (en) * | 2018-11-29 | 2021-03-26 | 南京苏宁软件技术有限公司 | Data transmission method and device based on alliance chain |
| CN110046521B (en) * | 2019-04-24 | 2023-04-18 | 成都派沃特科技股份有限公司 | Decentralized privacy protection method |
| CN110059503B (en) * | 2019-04-24 | 2023-03-24 | 成都派沃特科技股份有限公司 | Traceable social information anti-leakage method |
| CN110224989B (en) * | 2019-05-10 | 2022-01-28 | 深圳壹账通智能科技有限公司 | Information interaction method and device, computer equipment and readable storage medium |
| CN110223064B (en) * | 2019-05-27 | 2020-07-28 | 四川大学 | Non-repudiation safety data transmission method based on block chain |
| CN110336673B (en) * | 2019-06-03 | 2022-03-08 | 江苏科技大学 | Block chain design method based on privacy protection |
| CN110299964B (en) * | 2019-06-28 | 2020-11-24 | 京东数字科技控股有限公司 | Data transmission method and device, computer storage medium |
| CN110555318A (en) * | 2019-09-17 | 2019-12-10 | 山东爱城市网信息技术有限公司 | privacy data protection method based on block chain |
| CN112787976B (en) * | 2019-11-06 | 2023-04-07 | 阿里巴巴集团控股有限公司 | Data encryption, decryption and sharing method, device, system and storage medium |
| CN111131311A (en) * | 2019-12-31 | 2020-05-08 | 北京中电普华信息技术有限公司 | Data transmission method based on block chain and block chain link point |
| CN111431857B (en) * | 2020-02-27 | 2022-09-27 | 深圳壹账通智能科技有限公司 | Authorized access method and device for super account book and storage medium |
| CN111614643B (en) * | 2020-05-12 | 2022-11-25 | 傲林科技有限公司 | Key management method and block chain system |
| CN113761543B (en) * | 2020-06-01 | 2024-04-02 | 菜鸟智能物流控股有限公司 | Data processing method, device, equipment and machine-readable medium based on alliance chain |
| CN111740827B (en) * | 2020-07-28 | 2022-10-28 | 北京金山云网络技术有限公司 | Data transmission method and device, computer equipment and storage medium |
| CN114629901A (en) * | 2020-12-14 | 2022-06-14 | 北京金山云网络技术有限公司 | BaaS-based block chain data sharing method, device and equipment |
| CN112714120B (en) * | 2020-12-24 | 2021-10-29 | 四川长虹电器股份有限公司 | Chained data encryption and decryption method and separated storage method of encrypted data |
| CN112597527B (en) * | 2021-03-05 | 2021-06-08 | 浙江数秦科技有限公司 | Data access method for preventing alliance chain data leakage |
| CN112907247B (en) * | 2021-03-18 | 2024-01-26 | 上海零数众合信息科技有限公司 | Block chain authorization calculation control method |
| CN112968782B (en) * | 2021-04-07 | 2023-04-28 | 北京安天网络安全技术有限公司 | Security evaluation method and system based on alliance chain |
| CN113301018B (en) * | 2021-04-22 | 2022-05-24 | 浙江数秦科技有限公司 | Data sharing method based on alliance chain |
| CN113507468A (en) * | 2021-07-08 | 2021-10-15 | 上海欧冶金融信息服务股份有限公司 | Encryption method, decryption method and authorization method based on block chain technology |
| CN113572617B (en) * | 2021-07-20 | 2023-05-26 | 广州炒米信息科技有限公司 | Distributed inter-node identity authentication method based on alliance chain |
| CN114025346B (en) * | 2021-10-12 | 2024-03-29 | 杭州趣链科技有限公司 | Data transmission method for data security and effectiveness between mobile self-setting networks |
| CN113987594A (en) * | 2021-10-26 | 2022-01-28 | 深圳前海微众银行股份有限公司 | Block chain signature management method and device |
| CN114745181A (en) * | 2022-04-11 | 2022-07-12 | 中国南方电网有限责任公司 | Data processing method and device |
Family Cites Families (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6948067B2 (en) * | 2002-07-24 | 2005-09-20 | Qualcomm, Inc. | Efficient encryption and authentication for data processing systems |
| CN100594691C (en) * | 2007-10-09 | 2010-03-17 | 华中科技大学 | Data transmission encryption method of MANET network |
| CN101222509B (en) * | 2008-01-22 | 2011-10-26 | 中兴通讯股份有限公司 | Data protection transmission method of P2P network |
| CN102968423A (en) * | 2012-03-27 | 2013-03-13 | 广州市国迈科技有限公司 | Design of high-performance private cloud storage node file system on basis of data container |
| CN103685162A (en) * | 2012-09-05 | 2014-03-26 | 中国移动通信集团公司 | File storing and sharing method |
| CN103118089A (en) * | 2013-01-22 | 2013-05-22 | 华中科技大学 | Safe storage method based on a plurality of cloud storage systems and system thereof |
| CN103179114B (en) * | 2013-03-15 | 2015-09-23 | 华中科技大学 | Data fine-grained access control method during a kind of cloud stores |
| CN104023085A (en) * | 2014-06-25 | 2014-09-03 | 武汉大学 | Security cloud storage system based on increment synchronization |
| CN104601563B (en) * | 2015-01-06 | 2017-09-15 | 南京信息工程大学 | The method of the sharable content object cloud storage data property held based on MLE |
| CN105260668B (en) * | 2015-10-10 | 2018-07-24 | 北京搜狗科技发展有限公司 | A kind of file encrypting method and electronic equipment |
| CN105721485B (en) * | 2016-03-04 | 2019-02-01 | 安徽大学 | Towards majority according to the safe nearest neighbor method of owner under outsourcing cloud environment |
| CN106101257B (en) * | 2016-07-07 | 2019-07-02 | 广东工业大学 | A kind of cloud storage data managing method and device based on Bloom filter |
| CN107370595A (en) * | 2017-06-06 | 2017-11-21 | 福建中经汇通有限责任公司 | One kind is based on fine-grained ciphertext access control method |
| CN107241417A (en) * | 2017-06-12 | 2017-10-10 | 郑州云海信息技术有限公司 | A kind of method, system, transmitting terminal and the receiving terminal of file transmission |
| CN107659567A (en) * | 2017-09-19 | 2018-02-02 | 北京许继电气有限公司 | The ciphertext access control method and system of fine granularity lightweight based on public key cryptosyst |
| CN108062202A (en) * | 2017-12-15 | 2018-05-22 | 中链科技有限公司 | A kind of file block storage method and system |
| CN108108127B (en) * | 2017-12-15 | 2021-07-02 | 苏州朗润创新知识产权运营有限公司 | File reading method and system |
| CN108108633B (en) * | 2017-12-20 | 2021-07-13 | 中国科学院深圳先进技术研究院 | Data file and access method, device and equipment thereof |
| CN108092982B (en) * | 2017-12-22 | 2020-10-23 | 广东工业大学 | Data storage method and system based on alliance chain |
| CN108200079A (en) * | 2018-01-19 | 2018-06-22 | 深圳四方精创资讯股份有限公司 | Block chain method for secret protection and device based on symmetrical and asymmetric Hybrid Encryption |
| CN108462568B (en) * | 2018-02-11 | 2021-08-06 | 西安电子科技大学 | Block chain-based secure file storage and sharing method and cloud storage system |
| CN108183973A (en) * | 2018-02-23 | 2018-06-19 | 苏州汉辰数字科技有限公司 | A kind of Streaming Media quantum flow block data structure and encipher-decipher method |
| CN108768930A (en) * | 2018-04-09 | 2018-11-06 | 华北水利水电大学 | A kind of encrypted transmission method of data |
| CN110245144B (en) * | 2018-04-27 | 2022-02-22 | 腾讯科技(深圳)有限公司 | Protocol data management method, device, storage medium and system |
| CN108681898B (en) * | 2018-05-15 | 2021-09-17 | 广东工业大学 | Data transaction method and system based on block chain |
| CN108876383A (en) * | 2018-08-27 | 2018-11-23 | 广东工业大学 | A kind of data trade method, device and equipment based on block chain |
| CN109587132B (en) * | 2018-11-29 | 2021-03-26 | 南京苏宁软件技术有限公司 | Data transmission method and device based on alliance chain |
-
2018
- 2018-11-29 CN CN201811449441.4A patent/CN109587132B/en active Active
-
2019
- 2019-09-16 WO PCT/CN2019/106022 patent/WO2020108019A1/en active Application Filing
- 2019-09-16 CA CA3162736A patent/CA3162736A1/en active Pending
Also Published As
| Publication number | Publication date |
|---|---|
| WO2020108019A1 (en) | 2020-06-04 |
| CN109587132B (en) | 2021-03-26 |
| CN109587132A (en) | 2019-04-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA3162736A1 (en) | Data transmission method and device based on consortium blockchain | |
| EP3761588B1 (en) | Data access rights control method and device | |
| US11818262B2 (en) | Method and system for one-to-many symmetric cryptography and a network employing the same | |
| CN109120639B (en) | Data cloud storage encryption method and system based on block chain | |
| WO2019214070A1 (en) | Encryption method for user communication on block chain, apparatus, terminal device and storage medium | |
| US9197410B2 (en) | Key management system | |
| CN107005413A (en) | Secure connection and the efficient startup of related service | |
| AU2003202511A1 (en) | Methods for authenticating potential members invited to join a group | |
| US20190044922A1 (en) | Symmetric key identity systems and methods | |
| TW202031010A (en) | Data storage method and device, and apparatus | |
| CA3056814A1 (en) | Symmetric cryptographic method and system and applications thereof | |
| CN112039883A (en) | Data sharing method and device for block chain | |
| US10848312B2 (en) | Zero-knowledge architecture between multiple systems | |
| CN113535852A (en) | File processing method, file access method, device and system based on block chain | |
| EP3598689B1 (en) | Managing central secret keys of a plurality of user devices associated with a single public key | |
| US20220385453A1 (en) | Secure file transfer | |
| CN112398818B (en) | Software activation method and related device thereof | |
| US20220360429A1 (en) | Location-key encryption system | |
| KR20090071874A (en) | Method for producing node id or lamport signature key and its using method for node certification in wireless network | |
| JP2017108212A (en) | Key generation method, key generation system, and computer program | |
| JP2015015674A (en) | Communication system, key supply device, communication method and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request |
Effective date: 20220916 |
|
| EEER | Examination request |
Effective date: 20220916 |
|
| EEER | Examination request |
Effective date: 20220916 |
|
| EEER | Examination request |
Effective date: 20220916 |
|
| EEER | Examination request |
Effective date: 20220916 |