CN105162766B - Visit protocol systems and communication means based on peer-to-peer network distributed hashtable - Google Patents
Visit protocol systems and communication means based on peer-to-peer network distributed hashtable Download PDFInfo
- Publication number
- CN105162766B CN105162766B CN201510461312.7A CN201510461312A CN105162766B CN 105162766 B CN105162766 B CN 105162766B CN 201510461312 A CN201510461312 A CN 201510461312A CN 105162766 B CN105162766 B CN 105162766B
- Authority
- CN
- China
- Prior art keywords
- request
- module
- bag
- service module
- response
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0892—Network architectures or network communication protocols for network security for authentication of entities by using authentication-authorization-accounting [AAA] servers or protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/55—Push-based network services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Accounting & Taxation (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention provides a kind of visit protocol systems and communication means based on peer-to-peer network distributed hashtable, and the system comprises several network nodes, the network node includes DHT modules, the request module being connect with DHT modules and/or service module;The request module is for initiating access request, the request bag for including at least one access request is sent to service module, the Authority Verification request bag that service module is sent is received, to service module sending permission auth response packet, receives the reply response bag that service module is sent;The service module, to request module sending permission checking request packet, receives Authority Verification response bag and verifying authorization for receiving request bag, is verified post-processing access request, and construction replys response bag and is sent to request module;It is described to reply the reply response that response bag includes corresponding access request.The present invention supports Extended Protocol and purview certification, have many advantages, such as flexibility ratio height, stability it is strong, it is safe, have a wide range of application.
Description
Technical field
The present invention relates to network communication technology fields more particularly to a kind of based on peer-to-peer network distributed hashtable
Visit protocol systems and communication means.
Background technology
Peer-to-peer network, i.e., each network node function having the same in network, no master-slave, a network node
Server is can not only be used for, setting shared resource is used for other network nodes in peer-to-peer network, and can be used as work station.
There is no dedicated server in peer-to-peer network, without dedicated work station yet.
Distributed hashtable (Distributed Hash Table, abbreviation DHT), is a kind of distributed storage method.
In the case of not needing server, each client is responsible for a small-scale routing, and is responsible for storage sub-fraction data, from
And realize the addressing and storage of entire DHT networks.
RSA public key encryption algorithms are one of current most influential public key encryption algorithms, which is based on one very
Simple number theory is true:It is very easy that two Big primes are multiplied, but is intended to extremely tired to its product progress factorization
Difficulty, therefore product can be disclosed as encryption key.The usual Mr. of RSA Algorithm RSA key in a pair, one of them is secrecy
Key is preserved by user;Another is public-key cryptography, can external disclosure, or even can be registered in network server.It is protected to improve
Close intensity, RSA key are at least 500 bit lengths, generally recommend 1024.This just makes encrypted calculation amount very big.To reduce
Calculation amount, when transmitting information, frequently with the mode that conventional encryption methods are combined with public key encryption method, i.e. information is adopted
It is encrypted with improved DES or IDEA session keys, then uses RSA key encryption session key and informative abstract.Other side receives
After information, with different secret key decryptions and can cross-check information make a summary.
Traditional distributed hashtable only provides simple data protocol, without providing other services.
Not intercommunication between traditional p2p networks.According to the design concept of p2p networks, user is while enjoying service
Other users in network provide service.Design of the overwhelming majority based on p2p networks effect when the node for constituting network is more
It is better, and effect can be far short of what is expected when node is very little.Therefore under the premise of can not be with other p2p application common points, if
One application itself can not attract enough users, and then its function can be greatly affected.
And purview certification function needs the authority with public credibility, due to the unstable feature of peer-to-peer network interior joint, leads to
It is difficult often that purview certification function is realized in the distributed hashtable of peer-to-peer network.
Invention content
The brief overview about the present invention is given below, in order to provide the basic reason about certain aspects of the invention
Solution.It should be appreciated that this general introduction is not the exhaustive general introduction about the present invention.It is not intended to determine the key of the present invention
Or pith, nor is it intended to limit the scope of the present invention.Its purpose only provides certain concepts in simplified form, with
This is as the preamble in greater detail discussed later.
The present invention provide it is a kind of realize distributed hashtable purview certification function based on peer-to-peer network distributed hashtable
Visit protocol systems and communication means, and further provide for realize extension function.
The present invention provides a kind of visit protocol systems based on peer-to-peer network distributed hashtable, including several network sections
Point, the network node include DHT modules, the request module being connect with the DHT modules and/or service module.
The request module is sent to the service module comprising at least one access request for initiating access request
Request bag receives the Authority Verification request bag that the service module is sent, to the service module sending permission auth response packet,
Receive the reply response bag that the service module is sent.
The service module sends the Authority Verification request bag for receiving the request bag, to the request module,
The Authority Verification response bag and verifying authorization are received, the post-processing access request is verified, construction replys response bag simultaneously
It is sent to the request module;It is described to reply the reply response that response bag includes the corresponding access request.
The visit protocol communication methods based on peer-to-peer network distributed hashtable that the present invention also provides a kind of, including:
Request module sends the request bag for including at least one access request to service module;
The request module receives the Authority Verification request bag that the service module is sent, to the service module transmission route
Limit auth response packet;
The request module receives the service module and passes through post-processing to the Authority Verification of the Authority Verification response bag
The reply response bag that the access request is constructed and sent;Returning comprising the corresponding access request in the reply response bag
Complex response.
The visit protocol communication methods based on peer-to-peer network distributed hashtable that the present invention also provides another kinds, including:
Service module receives the request bag for including at least one access request that request module is sent;
The service module is to the request module sending permission checking request packet;
The service module receives the Authority Verification response bag that the request module is sent, and carries out Authority Verification;
After the Authority Verification passes through, the service module handles the access request, and construction is replied response bag and sent
To the request module;It is described to reply the reply response that response bag includes the corresponding access request.
The visit protocol communication methods based on peer-to-peer network distributed hashtable that some embodiments of the present invention are provided
RAS public private key pairs and DHT addressing are combined, to which the power that can be used for distinguishing different type node be added in DHT access
Certification is limited, safety is improved, and makes it possible the solutions of some high securities;
Request module and service module in some embodiments of the present invention support expansion module respectively, realize support and expand
Agreement is opened up, the flexibility of agreement is improved, the Technical Architecture is made to can be used for supporting complicated DHT applications, flexibility ratio higher;
Some embodiments of the present invention can be shared in multiple and different DHT application integration to the same peer-to-peer network
Its basic user, to reduce shadow of the number of users for the validity of the healthy and stable and various algorithm of peer network architecture
It rings, stability is stronger;
Some embodiments of the present invention support platform-type framework, formulated on visit layers some apply to Extended Protocol
And can externally be issued after developing related SDK, so that third party developer is very simply accessed network;
The application mode of many embodiments of present invention support access protocol only supports data protocol instead of traditional
Application mode, extend application range;
Some embodiments of the present invention support multi-request package, and the characteristic can save very in more complicated DHT applications
Mostly additional network overhead;
Some embodiments of the present invention also support server-side push protocol, and support service is lacked in traditional DHT application modes
The end design that actively triggering pushes.
Description of the drawings
Below with reference to the accompanying drawings illustrate embodiments of the invention, the above of the present invention and its can be more readily understood that
Its objects, features and advantages.Component in attached drawing is intended merely to show the principle of the present invention.In the accompanying drawings, identical or similar
Technical characteristic or component will be indicated using same or similar reference numeral.
Fig. 1 is according to conduct in the visit protocol systems based on peer-to-peer network distributed hashtable of the embodiment of the present invention
The structural schematic diagram of request end or network node as server-side.
Fig. 2 be according in the visit protocol systems based on peer-to-peer network distributed hashtable of the embodiment of the present invention simultaneously
Structural schematic diagram as request end and the network node of server-side.
Fig. 3 is a kind of protocol communication sides visit based on peer-to-peer network distributed hashtable according to the embodiment of the present invention
The exemplary process diagram of method.
Fig. 4 is the flow chart of step S11 in a kind of preferred embodiment of visit protocol communication methods shown in Fig. 3.
Fig. 5 is the preferred embodiment flow chart of visit protocol communication methods shown in Fig. 3.
Fig. 6 is the preferred embodiment flow chart of visit protocol communication methods shown in Fig. 5.
Fig. 7 is the flow chart of step S11 in another preferred embodiment of visit protocol communication methods shown in Fig. 3.
Fig. 8 is the flow chart of step S15 in visit protocol communication embodiments of the method shown in Fig. 7.
Fig. 9 is the flow chart of step S15 in the preferred embodiment of visit protocol communication methods shown in Fig. 8.
Figure 10 is another visit protocol communications based on peer-to-peer network distributed hashtable according to the embodiment of the present invention
The exemplary process diagram of method.
Figure 11 is a kind of flow chart of preferred embodiment of visit protocol communication methods shown in Figure 10.
Figure 12 is the flow chart of step S23 in visit protocol communication methods shown in Figure 10.
Figure 13 is the flow chart of step S25 in visit protocol communication methods shown in Figure 10.
Figure 14 is the flow chart of step S27 in visit protocol communication methods shown in Figure 10.
Figure 15 is the flow chart of the step S27 of the preferred embodiment of visit protocol communication methods shown in Figure 14.
Figure 16 is the flow chart of the step S273 of visit protocol communication methods shown in Figure 14.
Figure 17 is the primary visit protocol interaction flow diagrams for carrying public private key pair according to the embodiment of the present invention.
Reference sign:
10 DHT modules
20 request modules
30 service modules
40 upper-layer service logic modules
50 Extended Protocol request modules
60 Extended Protocol service modules
Specific implementation mode
Illustrate the embodiment of the present invention with reference to the accompanying drawings.It is retouched in the attached drawing of the present invention or a kind of embodiment
The elements and features stated can be combined with elements and features shown in one or more other attached drawings or embodiment.It answers
When note that for purposes of clarity, being omitted known to unrelated to the invention, those of ordinary skill in the art in attached drawing and explanation
Component and processing expression and description.
Fig. 1 is according to conduct in the visit protocol systems based on peer-to-peer network distributed hashtable of the embodiment of the present invention
The structural schematic diagram of request end or network node as server-side.
Fig. 2 be according in the visit protocol systems based on peer-to-peer network distributed hashtable of the embodiment of the present invention simultaneously
Structural schematic diagram as request end and the network node of server-side.
As depicted in figs. 1 and 2, in the present embodiment, the present invention is based on the visit agreements of peer-to-peer network distributed hashtable
System includes several network nodes, the network node include DHT modules 10, the request module being connect with DHT modules 10 20 and/
Or service module 30.
Request module 20 sends the request for including at least one access request to service module 30 for initiating access request
Packet receives the Authority Verification request bag that service module 30 is sent, and to 30 sending permission auth response packet of service module, receives service
The reply response bag that module 30 is sent.
Service module 30 sends the Authority Verification request bag to request module 20, receives for receiving the request bag
The Authority Verification response bag and verifying authorization, are verified the post-processing access request, and construction is replied response bag and sent
To request module 20.It is described to reply the reply response that response bag includes the corresponding access request.
Preferably, the public private key pair that service module 30 is generated using request module 20 carries out permission to the request bag to be recognized
Card.Request module 20 generates the DHT of each network node in the visit protocol systems according to the public key in the public private key pair
Module 10 corresponds to the key assignments key_id of the request module 20.
Preferably, the key assignments key_id is the hashed value of the public key.
Preferably, request module 20 is additionally operable to declare the permission of private key in the public private key pair in the request bag,
Receive the public key pushed to service module 30 after public key is asked in the public private key pair.
Service module 30 is additionally operable to check whether after receiving the statement of private key permission and possesses public key, to asking modulus if not
Block 20 pushes public key request.
Preferably, in the Authority Verification request bag include the Authority Verification information for utilizing the public key encryption;
Include to be counted after the Authority Verification information is decrypted using the private key in the Authority Verification response bag
Obtained permission proves information.
Preferably, the Authority Verification information is random train of the service module 30 using the public key encryption.
After the permission proves that information is decrypted the Authority Verification information using the private key for request module 20,
The cryptographic Hash for the random train being calculated.
Preferably, request module 20 utilizes DHT algorithms, and n is found by specified key assignments key_id1 and braning factor n
The request bag is respectively sent to the service module 30 of the n network node by a network node;Or,
Request module 20 utilizes DHT algorithms, corresponding network node is found by specified key assignments key_id1, by institute
State the service module 30 that request bag is sent to found network node.
Service module 30 inversely sends the reply response bag according to the transmitting path of the request bag, and the reply is rung
The request module 20 for being sent to and sending the request bag should be wrapped.
Preferably, the network node further includes being connect with request module 20, for handling the reply response bag
Layer service logic module 40.
Preferably, request module 20 receives the reply response bag that the service module 30 of the n network node returns respectively,
Response duplicate removal processing is executed by corresponding upper-layer service logic module 40 or corresponding Extended Protocol request module 50.
Preferably, the visit protocol systems further include at least one Extended Protocol request module 50, and with the extension
The corresponding Extended Protocol service module of agreement request module 60.
Extended Protocol request module 50 is connect with request module 20, and the same service is accessed with request module 20 for initiating
The access request of module 30 handles the reply response that corresponding Extended Protocol service module 60 is beamed back.
Extended Protocol service module 60 is connect with service module 40, for handling corresponding Extended Protocol request module 50
The access request of initiation, and complex response is sent back by the reply response bag.
Specifically, as shown in Figure 1, the network node as request end includes DHT modules 10, request module 20, upper layer industry
Logic module 40 of being engaged in and several Extended Protocol request modules 50;
Network node as server-side includes DHT modules 10, service module 30 and is asked with several Extended Protocols
Module 50 distinguishes one-to-one Extended Protocol service module 60;
As shown in Fig. 2, the network node as request end and server-side includes DHT modules 10, request module 20, clothes simultaneously
Business module 30, upper-layer service logic module 40, the corresponding Extended Protocol request module 50 of several groups and Extended Protocol service mould
Block 60.
Preferably, the request bag is initiated by request module 20 or each Extended Protocol request module 50 respectively comprising multiple
Access same services module access request.
Preferably, Extended Protocol service module 60 is additionally operable to handling what corresponding Extended Protocol request module 50 was initiated
After access request, emit object message_launcher by calling the interface of service module 30 to obtain information, and pass through
The message_launcher objects send push response.Specifically, which can possess for example scheduled service at some
It is used in expansion module.
Preferably, the request bag contains the packet number package_id for being useful for identifying the request bag, and the access is asked
Seek the request number request_index for containing and being useful for identifying the access request.The reply response bag is compiled by the packet
Number package_id specifies corresponding request bag, and the reply response is specified pair by the request number request_index
The access request answered.
Preferably, service module 30 further includes following any one:
For sending push response bag while sending back complex response packet to request module 20;
For being sent to the request module 20 of other network nodes while sending back complex response packet to request module 20
Push response bag;
For after sending back complex response packet to request module 20, push response bag to be sent to request module 20.
The request module and service module of the above-mentioned section Example of the present invention support expansion module respectively, realize support
Extended Protocol improves the flexibility of agreement, and the Technical Architecture is made to can be used for supporting complicated DHT applications, flexibility ratio higher;
The above-mentioned section Example of the present invention can by multiple and different DHT application integration to the same peer-to-peer network,
Its basic user is shared, to reduce validity of the number of users for the healthy and stable and various algorithm of peer network architecture
It influences, stability is stronger;
The above-mentioned section Example of the present invention supports platform-type framework, formulated on visit layers some apply to extension
Agreement simultaneously can be issued externally after developing related SDK, and third party developer is allow very simply to access network.
Fig. 3 is a kind of protocol communication sides visit based on peer-to-peer network distributed hashtable according to the embodiment of the present invention
The exemplary process diagram of method.
As shown in figure 3, in the present embodiment, the peer-to-peer network includes several network nodes, the network node includes
Distributed hashtable DHT modules, the request module being connect with the DHT modules and/or service module, including asking modulus
Block includes as the visit protocol communication methods of the network node side of request end:
S11:Request module 20 sends the request bag for including at least one access request to service module 30;
S13:Request module 20 receives the Authority Verification request bag that service module 30 is sent, to 30 sending permission of service module
Auth response packet;
S15:Request module 20 receives service module 30 and passes through post-processing to the Authority Verification of the Authority Verification response bag
The reply response bag that the access request is constructed and sent.
Reply response comprising the corresponding access request in the reply response bag.
Specifically, in step S15, request module 20 receives the reply response bag of the transmission of service module 30, or, request
Module 20 receives the reply response bag and push response bag of the transmission of service module 30 simultaneously.
Fig. 4 is the flow chart of step S11 in a kind of preferred embodiment of visit protocol communication methods shown in Fig. 3.
As shown in figure 4, in the preferred embodiment of visit protocol communications method shown in Fig. 3, step S11 includes:
S111:Request module 20 generates public private key pair;
S113:Request module 20 has declared the permission of private key in the public private key pair, comprising extremely to the transmission of service module 30
The request bag of a few access request.
Specifically, request module 20 generates the DHT moulds of each network node according to the public key in the public private key pair
Block 10 corresponds to the key assignments key_id of request module 20.The key assignments key_id is the hashed value of the public key.
Preferably, request module 20 utilizes DHT algorithms, and n are found by specified key assignments key_id and braning factor n
The request bag is respectively sent to the service module 30 of the n network node by network node.
Or, request module 20 utilizes DHT algorithms, corresponding network node is found by specified key assignments key_id, it will
The request bag is sent to the service module 30 of found network node.
Fig. 5 is the preferred embodiment flow chart of visit protocol communication methods shown in Fig. 3.
As shown in figure 5, in a preferred embodiment, further including before step S13:
S12:Request module 20 receives the public key request that service module 30 is sent, and the public and private key is pushed to service module 30
The public key of centering.
The public key request is for asking the public key.
Preferably, in the Authority Verification request bag include the Authority Verification information for utilizing the public key encryption;It is described
It include the permission being calculated after the Authority Verification information is decrypted using the private key in Authority Verification response bag
Prove information.
Preferably, the Authority Verification information is the random train using the public key encryption;The permission proves that information is
The cryptographic Hash of the random train.
Request module 20 decrypts the Authority Verification information with the private key and obtains the random train, and calculates described random
The cryptographic Hash of string sends the Authority Verification response bag for including the cryptographic Hash to service module 30.
Fig. 6 is the preferred embodiment flow chart of visit protocol communication methods shown in Fig. 5.
As shown in fig. 6, in a preferred embodiment, further including after step S15:
S16:Request module 20 receives the push response bag that service module 30 is sent.
Fig. 7 is the flow chart of step S11 in another preferred embodiment of visit protocol communication methods shown in Fig. 3.
As shown in fig. 7, in a preferred embodiment, step S11 includes:
S115:Request module establishes request bag;
S116:The request module or Extended Protocol request module call the interface function of the request bag in the request
Access request is added in packet;
S117:The request module sends the request bag to service module.
Specifically, the request bag includes following field:
Packet number package_id, access key value key_id, public key public_key corresponding with access key value key_id
(optional), request content data (optional), private key permission declare signer (optional).
Wherein, the private key permission statement signer is set as arbitrary value and initiates statement, is set as the Kazakhstan of the decryption string
Uncommon value completes application.
The request content data includes following field:Timestamp time_stamp, access request list requests.
The access request includes following field:Label tag, request content data.
Wherein, the label tag is made of Extended Protocol name title, separator and added field, such as " chl.xxxx ".
Fig. 8 is the flow chart of step S15 in visit protocol communication embodiments of the method shown in Fig. 7.
As shown in figure 8, in a preferred embodiment, step S15 includes:
S151:Request module 20 receives service module 30 and handles the reply response that the access request is constructed and sent
Packet;
S152:Request module 20 or Extended Protocol request module 50 transfer institute respectively using the call back function of the request bag
It states and replys the reply response for corresponding to the access request in response bag, and handle the reply response.
Fig. 9 is the flow chart of step S15 in the preferred embodiment of visit protocol communication methods shown in Fig. 8.
As shown in figure 9, in a preferred embodiment, further including after step S152:
S153:The request bag is identified as completion status by Extended Protocol request module 50, and request module 20 no longer receives
The reply response bag of the corresponding request bag.
Figure 10 is another visit protocol communications based on peer-to-peer network distributed hashtable according to the embodiment of the present invention
The exemplary process diagram of method.
As shown in Figure 10, in the present embodiment, the peer-to-peer network includes several network nodes, and the network node includes
Distributed hashtable DHT modules, the request module being connect with the DHT modules and/or service module, including service mould
Block includes as the visit protocol communication methods of the network node side of server-side:
S21:Service module 30 receives the request bag for including at least one access request that request module 20 is sent;
S23:Service module 30 is to 20 sending permission checking request packet of request module;
S25:Service module 30 receives the Authority Verification response bag that request module 20 is sent, and carries out Authority Verification;
S27:After the Authority Verification passes through, service module 30 handles the access request, and it is concurrent that construction replys response bag
It send to request module 20.
It is described to reply the reply response that response bag includes the corresponding access request.
It specifically, in step s 27, can also be to asking while service module 30 sends back complex response packet to request module 20
Modulus block 20 sends push response bag, and/or, the request module 20 into other network nodes sends push response bag.
Preferably, the request bag that service module 30 receives has declared the power of private key in the public private key pair that request module 20 generates
Limit.
Preferably, the DHT modules 10 of each network node of the peer-to-peer network have the key assignments of corresponding requests module 20
Key_id, the key assignments key_id are generated by request module 20 according to the public key in the public private key pair.
Figure 11 is a kind of flow chart of preferred embodiment of visit protocol communication methods shown in Figure 10.
As shown in figure 11, in a preferred embodiment, further include before step S23:
S22:Service module 30 sends public key request to request module 20, receives the public and private key that request module 20 pushes
The public key of centering.Specifically, the public key request is for asking the public key.
Figure 12 is the flow chart of step S23 in visit protocol communication methods shown in Figure 10.
As shown in figure 12, in the present embodiment, step S23 includes:
S231:Service module 30 encrypts random train with the public key to obtain the Authority Verification information;
S233:Service module 30 sends the Authority Verification request bag for including the Authority Verification information to request module 20.
Figure 13 is the flow chart of step S25 in visit protocol communication methods shown in Figure 10.
As shown in figure 13, in the present embodiment, step S25 includes:
S251:Service module 30 receives the Authority Verification response bag that information is proved comprising permission that request module 20 is sent;
Wherein, the permission proves that information is to decrypt the random train being calculated after the Authority Verification information by the private key
Cryptographic Hash;
S253:Service module 30 calculates the cryptographic Hash of the random train, proves that information carries out comparison and tests with the permission
Card.
Figure 14 is the flow chart of step S27 in visit protocol communication methods shown in Figure 10.
As shown in figure 14, in the present embodiment, step S27 includes:
S271:After the Authority Verification passes through, service module 30 marks 20 permission of request module;
S273:Service module 30 handles the access request, and construction replys response bag and is sent to request module 20.
Preferably, step S273 further includes:While service module 30 sends the reply response bag to request module 20
Push response bag is sent to request module 20 or other request modules.
Figure 15 is the flow chart of the step S27 of the preferred embodiment of visit protocol communication methods shown in Figure 14.
As shown in figure 15, in a preferred embodiment, further include after step S273:
S275:Service module 30 sends push response bag to request module 20.
Figure 16 is the flow chart of the step S273 of visit protocol communication methods shown in Figure 14.
As shown in figure 16, in the present embodiment, step S273 includes:
S2731:Service module 30, which is established, replys response bag;
S2733:Service module 30 or Extended Protocol service module 60 handle the corresponding access request respectively, and in institute
It states and replys addition reply response in response bag;
S2735:Service module 30 sends the reply response bag to request module 20.
Specifically, the reply response bag includes following field:
Corresponding requests packet number request_package_id, response contents data.
The response contents data includes following field:Reply Response List replys, push Response List pushs.
The reply response includes following field:Corresponding access request number request_index, response contents data.
The protocol communication sides visit based on peer-to-peer network distributed hashtable that the above-mentioned section Example of the present invention provides
RAS public private key pairs and DHT addressing are combined by method, can be used for distinguishing different type node to be added in DHT access
Purview certification improves safety, and makes it possible the solutions of some high securities.
Figure 17 is the primary visit protocol interaction flow diagrams for carrying public private key pair according to the embodiment of the present invention.
As shown in figure 17, primary typical interaction flow may include:
First request module of the first network node as request end generates public private key pair;
First request module sends statement private key permission to the first service module of the second network node as server-side
Request bag;
First service module, which receives, to be checked whether after the request bag and possesses public key, is sent out to the first request module if not
Public key is sent to ask;
First request module receives the public key request, and public key is pushed to first service module;
First service module checks whether the first request module has private key permission after receiving public key, is not asked to first then
The push of modulus block includes the Authority Verification request bag of the Authority Verification information with the public key encryption;
After first request module receives Authority Verification request bag, using private key decrypted rights verification information, permission is calculated
Information is proved, to first service module sending permission auth response packet;
Whether the response of first service module verification is correct;
After being verified, the first request module of first service module marks possesses private key permission;
First service module and each Extended Protocol service module handle corresponding access request, first service module structure respectively
It makes and sends back complex response packet to the first request module;
First service module sends push response bag while sending back complex response packet to the first request module;And/or
First service module sends push response bag while sending back complex response packet to the request module of other network nodes;With/
Or, first service module pushes response bag in rear sent to the first request module for sending back complex response packet.
The application mode of the above-mentioned section Example of present invention support access protocol only supports data instead of traditional
The application mode of agreement, extends application range;
The above-mentioned section Example of the present invention supports multi-request package, and the characteristic can save in more complicated DHT applications
About many additional network overheads;
The above-mentioned section Example of the present invention also supports server-side push protocol, lacks support in traditional DHT application modes
The server-side design that actively triggering pushes.
In conclusion the present invention supports Extended Protocol and purview certification, have flexibility ratio is high, stability is strong, it is safe,
The advantages that having a wide range of application.
Finally it should be noted that:The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although
Present invention has been described in detail with reference to the aforementioned embodiments, it will be understood by those of ordinary skill in the art that:It still may be used
With technical scheme described in the above embodiments is modified or equivalent replacement of some of the technical features;
And these modifications or replacements, various embodiments of the present invention technical solution that it does not separate the essence of the corresponding technical solution spirit and
Range.
Claims (31)
1. a kind of visit protocol systems based on peer-to-peer network distributed hashtable, including several network nodes, feature exist
In the network node includes distributed hashtable DHT modules, the request module being connect with the DHT modules and/or service mould
Block;
The request module sends the request for including at least one access request to the service module for initiating access request
Packet receives the Authority Verification request bag that the service module is sent, and to the service module sending permission auth response packet, receives
The reply response bag that the service module is sent;
The service module sends the Authority Verification request bag for receiving the request bag, to the request module, receives
The Authority Verification response bag and verifying authorization, are verified the post-processing access request, and construction is replied response bag and sent
To the request module;It is described to reply the reply response that response bag includes the corresponding access request;
The service module carries out purview certification using the public private key pair that the request module is generated to the request bag;It is described
Request module generates the DHT modules of each network node in the visit protocol systems according to the public key in the public private key pair
Corresponding to the key assignments of the request module.
2. visit protocol systems according to claim 1, which is characterized in that the key assignments is the hashed value of the public key.
3. visit protocol systems according to claim 1, which is characterized in that the request module is additionally operable to ask described
The permission that private key in the public private key pair is declared in packet is sought, it is described public and private to service module push after receiving public key request
The public key of key centering;
The service module, which is additionally operable to check whether after receiving the statement of private key permission, possesses public key, to the request if not
Module pushes public key request.
4. visit protocol systems according to claim 3, which is characterized in that include in the Authority Verification request bag
Utilize the Authority Verification information of the public key encryption;
Include to be calculated after the Authority Verification information is decrypted using the private key in the Authority Verification response bag
The permission arrived proves information.
5. visit protocol systems according to claim 4, which is characterized in that the Authority Verification information is the service
Module utilizes the random train of the public key encryption;
The permission proves that information is meter after the request module is decrypted the Authority Verification information using the private key
The cryptographic Hash of the obtained random train.
6. visit protocol systems according to claim 1, which is characterized in that
The request module utilizes DHT algorithms, and n network node is found by specified key assignments and braning factor n, will be described
Request bag is respectively sent to the service module of the n network node;Or, the request module utilizes DHT algorithms, by specified
Key assignments find corresponding network node, the request bag is sent to the service module of found network node;
The service module inversely sends the reply response bag according to the transmitting path of the request bag, and the reply is responded
Packet is sent to the request module for sending the request bag.
7. visit protocol systems according to claim 6, which is characterized in that the network node further includes being asked with described
Modulus block connects, for handling the upper-layer service logic module for replying response bag;
The request module receives the reply response bag that the service module of the n network node returns respectively, by corresponding institute
It states upper-layer service logic module and executes response duplicate removal processing.
8. visit protocol systems according to claim 1, which is characterized in that further include at least one Extended Protocol request
Module, and Extended Protocol service module corresponding with the Extended Protocol request module;
The Extended Protocol request module is connect with the request module, and same services are accessed with the request module for initiating
The access request of module handles the reply response that corresponding Extended Protocol service module is beamed back;
The Extended Protocol service module is connect with the service module, for handling corresponding Extended Protocol request module hair
The access request risen, and send back complex response.
9. visit protocol systems according to claim 8, which is characterized in that the request bag includes multiple respectively by institute
State the access request for the access same services module that request module or the Extended Protocol request module are initiated.
10. visit protocol systems according to claim 8, which is characterized in that the Extended Protocol service module is additionally operable to
After handling the access request that the corresponding Extended Protocol request module is initiated, by calling connecing for the service module
Mouth obtains information and emits object, and passes through described information transmitting object transmission and push response.
11. visit protocol systems according to claim 1, which is characterized in that the request bag, which contains, to be useful for described in mark
The packet number of request bag, the access request contain the request number for being useful for identifying the access request;The reply response bag
Corresponding request bag is specified by the packet number, the reply response is numbered by the request specifies corresponding access to ask
It asks.
12. according to the visit protocol systems described in claim 1-11 any one, which is characterized in that the service module is also
Including following any one:
For sending push response bag while sending back complex response packet to the request module;
For sending push response bag to other request modules while sending back complex response packet to the request module;
For after sending back complex response packet to the request module, push response bag to be sent to the request module.
13. a kind of visit protocol communication methods based on peer-to-peer network distributed hashtable, the peer-to-peer network includes several nets
Network node, the network node include distributed hashtable DHT modules, the request module being connect with the DHT modules and/or clothes
Business module, which is characterized in that the method includes:
Request module sends the request bag for including at least one access request to service module;
The request module receives the Authority Verification request bag that the service module is sent, and is tested to the service module sending permission
Demonstrate,prove response bag;
The request module receives the service module and passes through described in post-processing to the Authority Verification of the Authority Verification response bag
The reply response bag that access request is constructed and sent;Reply comprising the corresponding access request in the reply response bag is rung
It answers;
The request module sends the request bag comprising at least one access request to service module:
Request module generates public private key pair;
The DHT modules that the request module generates each network node according to the public key in the public private key pair correspond to institute
State the key assignments of request module;
The request module has declared the permission of private key in the public private key pair to service module transmission, has included at least one access
The request bag of request.
14. visit protocol communications method according to claim 13, which is characterized in that the key assignments is the public key
Hashed value.
15. the visit protocol communication methods according to claim 13 or 14, which is characterized in that the request module utilizes
DHT algorithms find n network node by specified key assignments and braning factor n, the request bag are respectively sent to described
The service module of n network node;
Or, the request module utilizes DHT algorithms, corresponding network node is found by specified key assignments, by the request
Packet is sent to the service module of found network node.
16. visit protocol communications method according to claim 13, which is characterized in that described in the request module receives
The Authority Verification request bag that service module is sent, to further including before the service module sending permission auth response packet:
The request module receive that the service module sends for asking the public key of public key to be asked, pushed away to the service module
Send the public key in the public private key pair.
17. visit protocol communications method according to claim 13, which is characterized in that in the Authority Verification request bag
Include the Authority Verification information using the public key encryption;
Include to be calculated after the Authority Verification information is decrypted using the private key in the Authority Verification response bag
The permission arrived proves information.
18. visit protocol communications method according to claim 17, which is characterized in that the Authority Verification information is profit
With the random train of the public key encryption;The permission proves that information is the cryptographic Hash of the random train;
The request module decrypts the Authority Verification information with the private key and obtains the random train, and calculates the random train
Cryptographic Hash, sent to the service module and include the Authority Verification response bag of the cryptographic Hash.
19. visit protocol communications method according to claim 13, which is characterized in that described in the request module receives
Time that service module is constructed and sent by post-processing the access request to the Authority Verification of the Authority Verification response bag
Further include after complex response packet:
The request module receives the push response bag that the service module is sent.
20. visit protocol communications method according to claim 13, which is characterized in that the network node further include to
A few Extended Protocol request module and/or at least one Extended Protocol service module, the request module are sent out to service module
The request bag comprising at least one access request is sent to include:
Request module establishes request bag;
The request module or Extended Protocol request module call the interface of the request bag to add access in the request bag
Request;
The request module sends the request bag to service module.
21. visit protocol communications method according to claim 20, which is characterized in that described in the request module receives
Time that service module is constructed and sent by post-processing the access request to the Authority Verification of the Authority Verification response bag
Complex response packet includes:
The request module receives the service module and handles the reply response bag that the access request is constructed and sent;
The request module or Extended Protocol request module are transferred the reply using the call back function of the request bag and are rung respectively
The reply response of the access request is corresponded in should wrapping, and handles the reply response.
22. visit protocol communications method according to claim 21, which is characterized in that the request module or extension association
View request module is transferred using the call back function of the request bag in the reply response bag respectively corresponds to the access request
Response is replied, and handles the reply response and further includes later:
The request bag is identified as completion status by the Extended Protocol request module, and the request module no longer receives corresponding institute
State the reply response bag of request bag.
23. a kind of visit protocol communication methods based on peer-to-peer network distributed hashtable, the peer-to-peer network includes several nets
Network node, the network node include distributed hashtable DHT modules, the request module being connect with the DHT modules and/or clothes
Business module, which is characterized in that the method includes:
Service module receives the request bag for including at least one access request that request module is sent;
The service module is to the request module sending permission checking request packet;
The service module receives the Authority Verification response bag that the request module is sent, and carries out Authority Verification;
After the Authority Verification passes through, the service module handles the access request, and construction replys response bag and is sent to institute
State request module;It is described to reply the reply response that response bag includes the corresponding access request;
The request bag that the service module receives has declared the permission of private key in the public private key pair that the request module generates.
24. visit protocol communications method according to claim 23, which is characterized in that each net of the peer-to-peer network
The DHT modules of network node have the key assignments of the corresponding request module, and the key assignments is by the request module according to described public and private
The public key of key centering generates.
25. visit protocol communications method according to claim 23, which is characterized in that the service module is asked to described
Further include before modulus block sending permission checking request packet:
The service module sends public key request to the request module, receives the public private key pair of the request module push
In public key.
26. visit protocol communications method according to claim 23, which is characterized in that the service module is asked to described
Modulus block sending permission checking request packet includes:
The service module encrypts random train with the public key in the public private key pair to obtain the Authority Verification information;
The service module sends the Authority Verification request bag for including the Authority Verification information to the request module.
27. visit protocol communications method according to claim 26, which is characterized in that described in the service module receives
The Authority Verification response bag that request module is sent, carrying out Authority Verification includes:
The service module receives the Authority Verification response bag that information is proved comprising permission that the request module is sent;The power
Limit proves that information is that the cryptographic Hash for the random train being calculated after the Authority Verification information is decrypted by the private key;
The service module calculates the cryptographic Hash of the random train, proves that information carries out contrast verification with the permission.
28. visit protocol communications method according to claim 27, which is characterized in that after the Authority Verification passes through, institute
It states service module and handles the access request, construction, which replys response bag and is sent to the request module, includes:
After the Authority Verification passes through, the service module marks the request module permission;
The service module handles the access request, and construction replys response bag and is sent to the request module.
29. visit protocol communications method according to claim 28, which is characterized in that described in the service module processing
Access request, construction, which replys response bag and is sent to the request module, further includes:
It to the request module or other is asked while the service module sends the reply response bag to the request module
Modulus block sends push response bag.
30. visit protocol communications method according to claim 28, which is characterized in that described in the service module processing
Access request, construction, which replys response bag and is sent to the request module, further includes later:
The service module sends push response bag to the request module.
31. visit protocol communications method according to claim 28, which is characterized in that the network node further include to
A few Extended Protocol request module and/or at least one Extended Protocol service module, it is described " described in the service module processing
Access request, construction reply response bag and are sent to the request module " include:
The service module, which is established, replys response bag;
The service module or Extended Protocol service module handle the corresponding access request respectively, and are responded in the reply
Response is replied in addition in packet;
The service module sends the reply response bag to the request module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510461312.7A CN105162766B (en) | 2015-07-30 | 2015-07-30 | Visit protocol systems and communication means based on peer-to-peer network distributed hashtable |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510461312.7A CN105162766B (en) | 2015-07-30 | 2015-07-30 | Visit protocol systems and communication means based on peer-to-peer network distributed hashtable |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105162766A CN105162766A (en) | 2015-12-16 |
| CN105162766B true CN105162766B (en) | 2018-10-02 |
Family
ID=54803520
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510461312.7A Active CN105162766B (en) | 2015-07-30 | 2015-07-30 | Visit protocol systems and communication means based on peer-to-peer network distributed hashtable |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105162766B (en) |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101291216B (en) * | 2007-04-16 | 2011-11-16 | 华为技术有限公司 | P2p network system and authentication method thereof |
| KR100953095B1 (en) * | 2007-12-18 | 2010-04-19 | 한국전자통신연구원 | Super peer based peer-to-peer network system and peer authentication method therefor |
| CN101374159B (en) * | 2008-10-08 | 2012-05-23 | 中国科学院计算技术研究所 | Credible control method and system for P2P network |
-
2015
- 2015-07-30 CN CN201510461312.7A patent/CN105162766B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN105162766A (en) | 2015-12-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3014803B1 (en) | A method and apparatus for anonymous and trustworthy authentication in pervasive social networking | |
| JP2023179761A (en) | Computer-implemented system and method for performing atomic swap using block-chain | |
| CN113256290A (en) | Decentralized encrypted communication and transaction system | |
| CN107005569A (en) | Peer-to-peer services layer certification | |
| Nagy et al. | Do i know you? efficient and privacy-preserving common friend-finder protocols and applications | |
| US20210192446A1 (en) | Anonymity system for goods delivery | |
| KR20100134745A (en) | Method for distributed identification, a station in a network | |
| Yeh et al. | Blockchain-based privacy-preserving and sustainable data query service over 5G-VANETs | |
| Li et al. | A Provably Secure and Lightweight Identity‐Based Two‐Party Authenticated Key Agreement Protocol for Vehicular Ad Hoc Networks | |
| Khan et al. | [Retracted] An Efficient Certificate‐Based Aggregate Signature Scheme for Internet of Drones | |
| CN104662839B (en) | The link identification in multiple domains | |
| CN108632237A (en) | A kind of position service method based on the anonymity of more Anonymizers | |
| EP3509246B1 (en) | Key exchange method and key exchange system | |
| CN107196919A (en) | A kind of method and apparatus of matched data | |
| CN114448730A (en) | Packet forwarding method and device based on block chain network and transaction processing method | |
| Ullah et al. | A secure NDN framework for Internet of Things enabled healthcare | |
| Gupta et al. | A hybrid location privacy solution for mobile LBS | |
| KR102290605B1 (en) | Message transmission system, communication terminal, server device, message transmission method and program | |
| US20240072996A1 (en) | System and method for key establishment | |
| Sharma et al. | A Detail dominant approach for IoT and blockchain with their research challenges | |
| CN102209066B (en) | Network authentication method and equipment | |
| CN105162766B (en) | Visit protocol systems and communication means based on peer-to-peer network distributed hashtable | |
| Chiou et al. | Mobile common friends discovery with friendship ownership and replay-attack resistance | |
| CN114866267B (en) | Method and device for realizing secure multicast in block chain network | |
| Ramezanian et al. | Lightweight privacy-preserving ride-sharing protocols for autonomous cars |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |