CN109729041A - A kind of publication of encrypted content and acquisition methods and device - Google Patents

A kind of publication of encrypted content and acquisition methods and device Download PDF

Info

Publication number
CN109729041A
CN109729041A CN201711025270.8A CN201711025270A CN109729041A CN 109729041 A CN109729041 A CN 109729041A CN 201711025270 A CN201711025270 A CN 201711025270A CN 109729041 A CN109729041 A CN 109729041A
Authority
CN
China
Prior art keywords
key
content
encryption
encrypted
block chain
Prior art date
Application number
CN201711025270.8A
Other languages
Chinese (zh)
Inventor
徐刚
陈盛东
胡淳一
Original Assignee
上海策赢网络科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 上海策赢网络科技有限公司 filed Critical 上海策赢网络科技有限公司
Priority to CN201711025270.8A priority Critical patent/CN109729041A/en
Publication of CN109729041A publication Critical patent/CN109729041A/en

Links

Abstract

This application discloses a kind of publication of encrypted content and acquisition methods, applied to the decentralization system based on block chain, comprising: sender encrypts object content using the first encryption method using first key;Sender carries out computations to first key using the second encryption method using debit's public key of the recipient of object content and obtains the second key;Sender is by encrypted object content, the second cipher key distribution to the decentralization system based on block chain;Recipient obtains the encrypted object content and the second key included in block chain;Recipient is decrypted the second key using the second decryption method based on the corresponding debit's private key of debit's public key held, to obtain first key;When successful decryption, recipient is decrypted object content using first decryption method using first key, gets the original contents of object content.

Description

A kind of publication of encrypted content and acquisition methods and device

Technical field

This application involves the publication of computer application technology more particularly to a kind of encrypted content and acquisition methods and Device.

Background technique

Block chain technology is that one kind by several calculatings equipment participates in " book keeping operation " jointly, and common maintenance portion completely divides The emerging technology of cloth database.Since there is block chain technology decentralization, open and clear, every calculating equipment can participate in It can be rapidly performed by the synchronous characteristic of data between data-base recording and respectively calculating equipment, taken using block chain technology Decentralization system is built, and includes various execution programs in the distributed data base of block chain and is executed automatically, in crowd It is widely applied in more fields;For example, P2P payment platform is built using block chain technology in financial technology field, and Intelligent contract etc. is issued on block chain and executes program, can be realized under the premise of without bank and other financial mechanism Point-to-point secure payment between different users.

Summary of the invention

The application proposes a kind of dissemination method of encrypted content, described applied to the decentralization system based on block chain Method includes:

Object content is encrypted using the first encryption method using first key;

The first key is carried out using the second encryption method using debit's public key of the recipient of the object content Computations obtain the second key;

By the encrypted object content, second cipher key distribution to the decentralization system based on block chain System, to be included encrypted object content and second key to the block chain by the decentralization system.

The application also proposes a kind of acquisition methods of encrypted content, described for the decentralization system based on block chain Method includes:

The use first key included in the block chain is obtained using the encrypted object content of the first encryption method;With And encryption meter is carried out to the first key using the second encryption method using debit's public key of the recipient of the object content The second obtained key;

The recipient is based on the corresponding debit's private key of debit's public key held using the second decryption method to described Second key is decrypted, to obtain the first key;

When successful decryption, the object content is decrypted using first decryption method using the first key, Get the original contents of the object content.

The application also proposes a kind of distributing device of encrypted content, which is characterized in that applied in going based on block chain Heart system, described device include:

First encrypting module, for being encrypted using the first encryption method to object content using first key;

Second encrypting module, for using debit's public key of recipient of the object content to use the second encryption method pair The first key carries out computations and obtains the second key;

Release module, for the encrypted object content, second cipher key distribution to be based on block chain to described Decentralization system, encrypted object content and second key to be included to institute by the decentralization system State block chain.

A kind of acquisition device of encrypted content of the application proposition, applied to the decentralization system based on block chain, institute Stating device includes:

Module is obtained, after obtaining the use first key included in the block chain using the encryption of the first encryption method Object content;And it is close to described first using the second encryption method using debit's public key of the recipient of the object content Key carries out the second key that computations obtain;

First deciphering module, the recipient is based on the corresponding debit's private key of debit's public key held using the second solution Second key is decrypted in decryption method, to obtain the first key;

Second deciphering module, when successful decryption, using the first key using first decryption method to the target Content is decrypted, and gets the original contents of the object content.

In this application, propose it is a kind of when issuing encrypted content to block chain to the decruption key of the encrypted content into Row is secondary to be encrypted to improve the technical solution of Information Security.When issuing object content to block chain, it is close to can be used first Key encrypts the object content using the first encryption method, and is adopted using debit's public key of the recipient of the object content Computations are carried out with the second encryption method second key and obtain the second key, then by encrypted object content and above-mentioned Second cipher key distribution is to block chain;And the available above-mentioned encrypted object content being embodied in block chain of recipient and Above-mentioned second key, and use the second decryption method to above-mentioned second key based on the corresponding debit's private key of debit's public key held It is decrypted, to obtain first key, the first key after being then based on decryption is using first decryption method to after to the encryption Object content be decrypted, and then available original contents to the encrypted object content;

On the one hand, it is carried out due to first key used in being encrypted to object content based on debit's public key of recipient Secondary encryption, the publisher of the object content in block chain after publishing the encrypted object content, only Hold the recipient of the corresponding debit's private key of used debit's public key when encrypting to above-mentioned first key, just has to adding The permission that first key after close is decrypted, it is hereby ensured that the encrypted contents to only have correct recipient that could successfully solve It is close, data safety when publishing encrypted content in block chain can be obviously improved;

On the other hand, used debit's public key corresponding receipts when being encrypted due to only holding to above-mentioned first key The recipient of square private key just has the permission that the first key is decrypted, therefore in block chain when publication encrypted content, It only needs in the form broadcasted to disclose the content of the encryption to block chain, the notice of active can no longer be needed to receive Side;Moreover, the identity information of recipient can also be no longer carried in the encrypted content published in block chain, so as to Publish to avoid by encrypted content to block chain, and caused by recipient identity information leakage the problem of.

Detailed description of the invention

In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this The some embodiments recorded in application can also be obtained according to these attached drawings other for those of ordinary skill in the art Attached drawing.

Fig. 1 is that the application one implements a kind of publication of the encrypted content exemplified and the flow diagram of acquisition methods;

Fig. 2 is the logic diagram for the distributing device that the application one implements a kind of encrypted content exemplified;

Fig. 3 is the hard of the electronic equipment that the application one implements a kind of distributing device for carrying the encrypted content exemplified Part architecture diagram;

Fig. 4 is the logic diagram for the acquisition device that the application one implements a kind of encrypted content exemplified;

Fig. 5 is the hard of the electronic equipment that the application one implements a kind of acquisition device for carrying the encrypted content exemplified Part architecture diagram.

Specific embodiment

In the decentralization system built based on block chain technology, when needs issue some concerning security matters contents to block chain When, sender can usually encrypt concerning security matters content, and being then based on the address information of recipient, (for example public key is derivatively Location), encrypted content, the corresponding decruption key of the content of encryption are issued on block chain, pass to recipient.

However, since block chain has open and clear characteristic, when sender is by encrypted content and corresponding solution After close cipher key distribution to block chain, other than specified recipient, all node devices can pass through in the block chain The distributed data base for accessing block chain, gets the encrypted content and corresponding decruption key;

On the one hand, other users other than specified recipient be will cause, above-mentioned decruption key pair is also able to use Encrypted content is decrypted, and obtains the original contents of the encrypted content, and concerning security matters content is caused to divulge a secret.

On the other hand, when being issued in block chain due to encrypted content, it will usually the address of intended receiver Information, and the address information of recipient is usually closely bound up with the personally identifiable information of recipient;Therefore when in addition to referring to Other users other than fixed recipient, the distributed data base by accessing block chain can also get the content of the encryption The address information of corresponding recipient, thus the problem of causing the personally identifiable information of recipient to reveal.

In view of this, present applicant proposes it is a kind of to block chain issue encrypted content when it is close to the decryption of the encrypted content Key carries out secondary encryption to improve the technical solution of Information Security.

When realizing, first key is can be used using the first encryption when issuing object content to block chain in publisher Method encrypts the object content, and uses the second encryption method pair using debit's public key of the recipient of the object content Second key carries out computations and obtains the second key, then extremely by encrypted object content and above-mentioned second cipher key distribution Block chain;And the available above-mentioned encrypted object content and above-mentioned second key being embodied in block chain of recipient, And above-mentioned second key is decrypted using the second decryption method based on the corresponding debit's private key of debit's public key held, to obtain First key is obtained, the first key after being then based on decryption solves the encrypted object content using first decryption method It is close, and then the available original contents to the encrypted object content;

On the one hand, it is carried out due to first key used in being encrypted to object content based on debit's public key of recipient Secondary encryption, the publisher of the object content in block chain after publishing the encrypted object content, only Hold the recipient of the corresponding debit's private key of used debit's public key when encrypting to above-mentioned first key, just has to adding The permission that first key after close is decrypted, it is hereby ensured that the encrypted contents to only have correct recipient that could successfully solve It is close, data safety when publishing encrypted content in block chain can be obviously improved;

On the other hand, used debit's public key corresponding receipts when being encrypted due to only holding to above-mentioned first key The recipient of square private key just has the permission that the first key is decrypted, therefore in block chain when publication encrypted content, It only needs in the form broadcasted to disclose the content of the encryption to block chain, the notice of active can no longer be needed to receive Side;Moreover, the identity information of recipient can also be no longer carried in the encrypted content published in block chain, so as to Publish to avoid by encrypted content to block chain, and caused by recipient identity information leakage the problem of.

The application is described below by specific embodiment and in conjunction with specific application scenarios.

Referring to FIG. 1, Fig. 1 is publication and the acquisition methods for a kind of encrypted content that one embodiment of the application provides, answer For the decentralization system based on block chain, following steps are executed:

Step 101, publisher encrypts object content using the first encryption method using first key;

Step 102, publisher uses the second encryption method to institute using debit's public key of the recipient of the object content It states first key progress computations and obtains the second key;

Step 103, by the encrypted object content, second cipher key distribution into the going based on block chain Heart system, to be included encrypted object content and second key to the block by the decentralization system Chain;

Step 104, recipient obtains the encrypted object content and described second included in the block chain Key;

Step 105, the recipient uses the second decryption side based on the corresponding debit's private key of debit's public key held Second key is decrypted in method, to obtain the first key;

Step 106, when successful decryption, using the first key using first decryption method to the object content into Row decryption, gets the original contents of the object content.

Above-mentioned decentralization system specifically can be one and be built based on block chain technology, the distribution of " decentralization " Formula network system.

It wherein, may include several node devices in above-mentioned decentralization system, these node devices can be presented A kind of " decentralization " characteristic of high degree of autonomy, and can be by carrying common recognition mechanism (such as the specific common recognition of block chain Negotiation algorithm), the data that localization is generated, or the execution program of publication are distributed on the block chain, and are newly generated " book keeping operation people " (being commonly called as " miner ") of new block include into the new block, while each node for accessing the block chain can be with All the elements in the block are synchronized to its local, to constitute the distributed data base of the block chain.

In this way, user is not necessarily to disposing large-scale server cluster from the background as " data center ", and Any form of headend equipment (such as mobile terminal, PC terminal) of user side, all can serve as above-mentioned decentralization system In a node device.

Above-mentioned object content, may include it is any form of need to pass to recipient by block chain, and can be Carry out including the concerning security matters content of storage in the distributed data base of block chain.

For example, above-mentioned object content specifically can be such as agreement issued into the decentralization system based on block chain The concerning security matters content of document or other forms.In this application, the data in order to be lifted at when issuing encrypted content to block chain Security level, sender to block chain issue object content when, in addition to above-mentioned object content itself can be encrypted with Outside, secondary encryption can also be carried out to the corresponding decruption key of the encrypted object content.

On the one hand, sender, first can be based on first key using the when issuing above-mentioned object content to block chain The one encryption method object content original to this encrypts, and obtains encrypted object content.

Wherein, above-mentioned first key, used encryption key when as being encrypted to original object content;On and The first encryption method is stated, used encryption method when as encrypting to original object content.

On the other hand, after sender encrypts the object content using the first encryption method using first key, Debit's public key that the recipient of object content can be further used encrypts the first key using the second encryption method The second key is calculated.

Wherein, above-mentioned second key, obtains encrypted first key after as encrypting to first key;Above-mentioned Two encryption methods, used encryption method when as being encrypted to above-mentioned first key.

Due to for object content, it is understood that there may be numerous recipients;And for different recipients, institute The debit's public key held is entirely different;Therefore, sender is carrying out first key based on cipher mode described above After encryption, obtained the second key corresponding to different recipients can certainly will also have difference;To, in this case, It can be the different recipients of object content, generate the second different keys respectively, achieve the effect that " people one is close ".

Wherein, it should be noted that the encryption method that above-mentioned decentralization system is supported can cover any form of Asymmet-ric encryption method can also cover any form of symmetric encipherment algorithm;For example, above-mentioned decentralization system can be supported ECC (Elliptic Curves Cryptography, elliptic curve encryption algorithm) serial algorithm, rsa encryption of mainstream at present The rivest, shamir, adelman of the mainstreams such as algorithm;It can also support symmetric encipherment algorithms such as DES, 3DES and AES, etc..

In this application, when sending direction block chain issues above-mentioned object content, symmetric encipherment algorithm can be both used, Rivest, shamir, adelman can be used, the object content and above-mentioned decruption key are encrypted.

Wherein, it should be noted that sender used first encryption side when being encrypted to above-mentioned object content Method and sender used second encryption method when encrypting to first key can be the same or different, at this Without being particularly limited in application.

For example, in practical applications, encrypting to original object content, general symmetric cryptography side can be used Method;And above-mentioned first key is encrypted, it can be to be multiplied to obtain ECDH using originating party private key and debit's public key and exchange key Symmetric encryption method;Alternatively, being also possible to the asymmet-ric encryption method, etc. encrypted using debit's public key.Lead to below Different embodiments is crossed, the above various situations are described respectively.

In a kind of embodiment shown, above-mentioned first encryption method can specifically include general symmetric cryptography side Method, in this application without being particularly limited to;For example, above-mentioned first encryption method can be using such as DES, 3DES and AES Etc. mainstreams symmetric encipherment algorithm method that original object content is encrypted.

Correspondingly, above-mentioned first key then can be what arbitrary form was used to encrypt the original contents of object content Symmetric key, in this application also without being particularly limited to;For example, in practical applications, above-mentioned symmetric key can be one Random generate can not be by character string that third party is known or password etc..

First key can be used using the first encryption side when needing to issue above-mentioned object content to block chain in sender Method encrypts object content, obtains encrypted object content.After the completion of being encrypted to object content, it can be used above-mentioned Debit's public key of the recipient of object content further encrypts above-mentioned first key using the second encryption method, obtains Second key.

In a kind of embodiment shown, above-mentioned second encryption method specifically be can be using originating party private key and debit The symmetric encryption method that the symmetrical exchange key that public key is multiplied is encrypted;For example, in one implementation, above-mentioned Two encryption methods specifically can be the symmetric key machinery of consultation based on ECDH algorithm.

Above-mentioned ECDH algorithm is one kind that ECC algorithm and DH (Diffie-Hellman) Diffie-Hellman are used in combination Algorithm for key consultation.By ECDH algorithm, key exchange both sides can negotiate in the case where not sharing any secret A symmetric key out.

Wherein, the key consultation process of above-mentioned ECDH algorithm is by the inclusion of following procedure:

Assuming that key exchange both sides are party A-subscriber and party B-subscriber, party A-subscriber and party B-subscriber hold some shared parameters of curve;Than Such as, elliptic curve E, rank N and basic point G etc..

Party A-subscriber can generate a random number a based on ECC algorithm and be multiplied to obtain A with G point as private key, and by random number a The public key A=a*G of user;

Party B-subscriber can generate a random number b based on ECC algorithm and be multiplied to obtain B with G point as private key, and by random number b The public key B=b*G of user;

Public key A can be passed to party B-subscriber by party A-subscriber;Public key B can be passed to party A-subscriber by party B-subscriber.

After party A-subscriber receives the public key B of party B-subscriber, public key B can be multiplied to obtain symmetrical public key Q=B* with the private key a of oneself a;

After party B-subscriber receives the public key A of party A-subscriber, public key A can be multiplied to obtain with the private key b of oneself symmetrical public key Q '= A*b;

Based on law of communication and associative law, Q=b*A=b* (a*G)=(b*a) * G=(a*b) * G=a* (b*G)=a*B= Q', therefore user A and user B can negotiate a complete phase by transmitting the public key generated based on ECC algorithm mutually Same symmetric key Q.

In this application, if above-mentioned decentralization system supports ECC serial algorithm, the sender of above-mentioned object content can In a manner of being multiplied by using originating party private key with debit's public key, it is above-mentioned to construct a full symmetric ECDH exchange key pair First key is encrypted.Above-mentioned ECDH exchange key is the encryption key encrypted to above-mentioned first key at this time.It connects Debit is multiplied after the object content for receiving encryption and the second key, using own private key with the public key of sender, can be obtained The ECDH that above-mentioned second key is decrypted exchanges key.

In this case, it is completed when sender encrypts object content using the first encryption method using first key Afterwards, the random private-key that sender can will be generated based on ECC algorithm at this time is based on identical with the recipient of above-mentioned object content The public key multiplication that algorithm generates calculates above-mentioned ECDH exchange key, right then using ECDH exchange key as encryption key Above-mentioned first key is encrypted to obtain above-mentioned second key.

In the present solution, sender can be according to specific demand for security, when such as different recipients or different transmissions Between section etc., generate different private keys at random, to generate different ECDH exchange keys to encrypt first key, therefore send It, can also will be with the encryption first key other than the object content of encryption, the second key when Fang Xiang block chain issues content ECDH exchange key is relevant, corresponding with above-mentioned random private-key public key publication to block chain, so that recipient uses itself Private key public key corresponding with above-mentioned random private-key be multiplied to obtain identical ECDH exchange key to decrypt above-mentioned second key, from And obtain first key.

Certainly, those skilled in the art are known, and sender can also be directly used on above-mentioned block chain and own identification Relevant private key exchanges key to generate the ECDH, since public key relevant to its identity on block chain is usually that can look into, Public key relevant to its identity can not be retransmited in the publication content of sender, to save the space of block chain.

In the another embodiment shown, above-mentioned second encryption method is specifically also possible to the receipts using recipient The symmetric encryption method that square public key is encrypted.Debit's public key that above-mentioned recipient holds at this time be to above-mentioned first key into The encryption key of row encryption.

In this case, it is completed when sender encrypts object content using the first encryption method using first key Afterwards, sender can be with debit's public key disclosed in inquire-receive side, then using debit's public key as encryption key, to above-mentioned at this time First key is encrypted to obtain above-mentioned second key.

In this example, when sender to above-mentioned first key encrypt after the completion of, first key will can be encrypted Obtained above-mentioned second key, and encrypted above-mentioned object content is carried out based on above-mentioned first key and is distributed to decentralization System, to be included the encrypted object content and above-mentioned second key to the distributed number of block chain by decentralization system According to library.In addition, in practical applications, when sender is by encrypted object content and above-mentioned second cipher key distribution to block chain Afterwards, if debit's public key of recipient occurs to update (for example recipient has replaced authorization identity), sender can be according at this time Cipher mode described above, using the updated debit's public key of recipient, using the second encryption method to above-mentioned first key It re-starts computations and obtains updated above-mentioned second key, updated second key is then distributed to base again In the decentralization system of block chain, to be updated to original second key included to block chain.

Correspondingly, if above-mentioned object content has increased recipient newly in block chain, sender still can be according at this time Cipher mode described above, using debit's public key of newly-increased recipient, using the second encryption method to above-mentioned first key It re-starts computations and obtains updated above-mentioned second key, updated second key is then distributed to base again In the decentralization system of block chain, to be included and be broadcasted in block chain.

Under normal circumstances, it obtains and consults for the ease of recipient, the object content of encryption and the second key can be placed on The content record (i.e. transaction or Transaction) of same block chain is published.If in face of same object content have compared with More recipients causes to issue maximum size or recipient that required data capacity has exceeded a content record in the later period The concrete conditions such as increase or other variations occur, the object content of encryption and the second key can also be in different content records It is published in (i.e. transaction or Transaction).

In a kind of embodiment shown, since for object content, corresponding recipient may become Change;For example, recipient may be increased newly;Therefore, when the recipient of object content changes, usually require that sender can and When issue corresponding with recipient the second key and object content to block chain.

In this case, in order to neatly corresponding with the recipient of object content second close to the publication of block chain Key, sender issuing encrypted object content to block chain and when above-mentioned second key, can be using issuing respectively Mode;I.e. sender can be by encrypted object content and above-mentioned second key, by different content records respectively in area It is issued in block chain;

For example, sender first can be distributed to base for encrypted object content as a content record when realizing It in the decentralization system of block chain, is successfully included in the object content to block chain, the object content can be based on again Recipient actual conditions, the second key is generated respectively for each recipient, then by the second cipher key distribution of generation to area Block chain.

In this way, due to the second key corresponding with each recipient, by the way of Stand-alone distribution, not It needs to issue together with encrypted object content, therefore flexibly the second key corresponding with each recipient can be carried out It updates, when the recipient of object content changes, it is close only can to issue corresponding with recipient second again to block chain Key.

In this example, above-mentioned after sender is by encrypted object content and above-mentioned second cipher key distribution to block chain " the book keeping operation people " for the new block that encrypted object content and above-mentioned second key can be newly generated includes to the new block In, while all the elements in the block can be synchronized to its local by each node for accessing the block chain.

Wherein, in a kind of embodiment shown, above-mentioned encrypted object content and above-mentioned second key can be received It records in content records different within a block;

For example, in one implementation, encrypted object content can be first distributed to based on block chain by sender Decentralization system include by " the book keeping operation people " of the new block that is newly generated by the encrypted content into the block In first content record, and the identification information that the identification information of the block or the first content record is returned into the sender; For example, the identification information of above-mentioned block specifically can be block height, Address-Hash value, block cryptographic Hash or the address ipv4 etc.; In the transaction system built based on block chain, the identification information of above-mentioned first content record specifically can be transaction Hash TXID。

After encrypted object content is successfully included into above-mentioned first content record, sender will can generate again The second key and the identification information of above-mentioned first content record that returns of block catenary system be distributed in going based on block chain Heart system is received the identification information of above-mentioned second key and first content record by " the book keeping operation people " of the new block being newly generated It records in the second content record into the block.

It, can be according to being recorded in the second content record after above-mentioned second content record of recipient's uppick in block chain The identification information (such as TXID) of first content record, inquires the object content of the encryption, thus further in the block chain Complete the decryption to the object content.

It, can be with it follows that issue the object content and the second key of encryption on block chain using above-mentioned technical proposal An object content is only issued, (the second key of publication is that can be considered awarding for docking debit in the authorization to recipient behind Power) it only needs to link the second key and above-mentioned object content using the method for record identification information, avoid the weight on block chain The object content for recurring cloth encryption, has largely saved the space of block chain, reach " primary encryption, repeatedly authorization, unidirectionally The technical effect of communication, safe and convenient ".

In a kind of embodiment shown, for the recipient to above-mentioned object content, more sets may be held Public key;For example, there may be multiple authorization identity, each authorization identity on block chain for the same user It can an independent independent public key and private key;Therefore, sender is carrying out first key based on above-mentioned second encryption method When encryption, used debit's public key may be only one of them in multiple public keys that recipient holds.

In this case, sender is issuing encrypted object content to block chain and when above-mentioned second key, It is corresponding sender can also to be based on to used debit's public key when above-mentioned second encryption method encrypts first key Generating algorithm ID (generates the algorithm ID of public key), block chain is also distributed to together, so that recipient can be based on the life Determine that sender used debit when encrypting based on above-mentioned second encryption method to first key is public at algorithm ID Key.

It specifically, can be by above-mentioned life when issuing encrypted object content and above-mentioned second key to block chain It is carried at algorithm ID in object content or above-mentioned second key after encryption;For example, can be to encrypted internal standard content And above-mentioned second key carries out field extension respectively, is filled in encrypted mesh for above-mentioned generating algorithm ID as a field It marks in content or above-mentioned second key.It certainly, can also object content after encryption and above-mentioned second close when realizing Above-mentioned generating algorithm ID is carried in key simultaneously.

In the another embodiment shown, sender is issuing encrypted object content and above-mentioned to block chain When the second key, in addition to sender can be based on to used receipts when above-mentioned second encryption method encrypts first key The corresponding generating algorithm ID of square public key, is distributed to other than block chain, can also also issue together above-mentioned second encryption method ID To block chain, so that recipient can be corresponding with second encryption method to determine based on second encryption method ID Above-mentioned second key is decrypted in second decryption method.

Wherein, above-mentioned second encryption method ID specifically can be specific algorithm ID;For example, working as above-mentioned second encryption method When for symmetric key machinery of consultation based on ECDH algorithm, above-mentioned second encryption method ID specifically can be the algorithm of ECDH algorithm ID;Alternatively, in practical applications, above-mentioned second encryption method ID, is also possible to sender and recipient unifies formulation, it can The other types of unique identification of above-mentioned second encryption method of unique identification, in this application without being particularly limited to.

In the technical solution of the publication encryption object content described herein on block chain, due to sender and receive Side is entirely the unidirectional transmission of sender and logical interacting any content (recipient's identity information is completely hidden) in advance Authorization of the form broadcasted on block chain to recipient is crossed, the energy uppick sender publication of the arbitrary node on block chain Any message, in order to enable the receiver to determine that really sender is issued to the letter of the recipient for the object content of above-mentioned encryption Breath, in practical applications, sender can also be issued when issuing above-mentioned object content to block chain based on above-mentioned object content Original contents calculate corresponding check information;For example, the check information, which specifically can be sender, is based on hash algorithm pair Original contents carry out the discrete value that hash is calculated;After the completion of sender is to the encryption of above-mentioned object content, it can encrypt The check information is carried in object content afterwards.

In this way, when any recipient is after completing the decryption to original object content, it can be by using the mesh after decryption It marks content and carries out information checking, hash calculating such as is carried out to the object content after decryption, if check results are encrypted with original The check information carried in object content is identical, illustrates the recipient to the successful decryption of the object content of encryption.

Wherein, above-mentioned check information can specifically be issued in the form of plaintext, can also carry out encryption publication by sender, In this application without being particularly limited to.

In the another embodiment shown, sender is when issuing object content to block chain, in addition to that can issue Other than the original contents of object content, in practical applications, the access address of the object content can also be only issued to block chain; For example, the URL link etc. of original object content.In this case, when recipient is by manner described above, to publication The object content decryption after, the access address of the original contents of the available object content, so can by access should Address obtains the original contents of the object content.

In this example, when encrypted object content and above-mentioned second key are successfully distributed to block chain by sender, And after successfully being included in the distributed data base of block chain, received in the available block chain of the recipient of the object content The object content and above-mentioned second key of the above-mentioned encryption of record, and attempt to carry out second key based on the debit's public key held Decryption.

In a kind of embodiment shown, it is assumed that the object content of above-mentioned encryption and above-mentioned second key are incorporated in In same block in different content records;

For example, can the encrypted object content, include into the block first content record in, by above-mentioned second The identification information of key and first content record is included in the second content record into the block.

In this case, recipient can read in second content record and remember after the second content record of uppick The identification information (such as TXID) and above-mentioned second key of the first content record of load, and the mark based on first content record Information inquires above-mentioned first content record in the block chain.

After inquiring above-mentioned first content record, it can read in first content record and include above-mentioned encrypted mesh Content is marked, is then based on from above-mentioned second key read in above-mentioned second content record and completes in the encrypted target The decryption of appearance.

In the another embodiment shown, when recipient reads out above-mentioned encrypted object content from block chain And after above-mentioned second key, it can read and send respectively from above-mentioned encrypted object content and/or above-mentioned second key Used debit's public key corresponding generating algorithm ID when side encrypts first key based on above-mentioned second encryption method, with And above-mentioned second encryption method ID;

On the one hand, recipient can be based on the above-mentioned generating algorithm ID read, and determination is obtained above-mentioned by computations The recipient's public key used when the second key;For example, recipient may hold multiple debit's public keys, it can be based on the calculation of the generation Method ID determines debit's public key for above-mentioned second key to be decrypted;

On the other hand, recipient can be determined and above-mentioned encryption side based on the above-mentioned second encryption method ID read Corresponding second decryption method of method;For example, above-mentioned second encryption method is for the symmetric key machinery of consultation based on ECDH algorithm When, above-mentioned second encryption method ID specifically can be the algorithm ID of ECDH algorithm;Recipient can be determined based on algorithm ID Above-mentioned second key will be decrypted using ECDH algorithm.

Further, when recipient determines the debit's public key be decrypted to above-mentioned second key and the second decryption side After method, it can be based on debit's public key and above-mentioned second decryption method first, above-mentioned second key is decrypted, is obtained State first key;

On the one hand, if above-mentioned second encryption method is the symmetric key machinery of consultation based on ECDH algorithm, recipient What the random private-key generated based on ECC algorithm and sender can be issued carries out phase based on the calculated public key of ECC algorithm Multiply, calculate above-mentioned ECDH exchange key, then can will calculate the ECDH generated exchange key as decruption key, use The symmetrical decryption method of ECDH algorithm is decrypted above-mentioned second key, obtains above-mentioned first key.

On the other hand, if above-mentioned second encryption method is the symmetric cryptography encrypted using debit's public key of recipient Method, then recipient can be using the corresponding debit's private key of the debit's public key determined as decruption key, using public based on debit The asymmetric decryption method that the corresponding debit's private key of key is decrypted, is decrypted above-mentioned second key, obtains above-mentioned first Key.

In this example, if the recipient can be with base after obtaining above-mentioned first key to above-mentioned second key successful decryption In the first key, and first decryption method corresponding with above-mentioned first encryption method, further to above-mentioned encrypted mesh Mark content is decrypted, to obtain the original contents of the object content;Wherein, specific decrypting process is opposite with ciphering process It answers, is no longer described in detail in this application.

It, can after recipient successfully obtains the encrypted content of above-mentioned object content in the another embodiment shown To carry out that check information is calculated to the original contents, then confirms and carried in the check information and encrypted object content Check information it is whether consistent, completeness check is carried out to the original contents of the object content;If the two is consistent, show The object content is the information that the recipient is issued to by sender, is legal object content;Conversely, showing the object content Illegal user may be had been subjected to distort, be not legal object content, in this case, recipient can directly abandon solution Object content after close.

It is visible by the above various embodiments, on the one hand, due to first key base used in being encrypted to object content Carried out secondary encryption in debit's public key of recipient, the publisher of the object content by the encrypted object content in area After publishing in block chain, it is private only to hold the corresponding debit of used debit's public key when encrypting to above-mentioned first key The recipient of key just has the permission that encrypted first key is decrypted, and it is hereby ensured that the encrypted contents to only have Correct recipient's ability successful decryption can be obviously improved data peace when publishing encrypted content in block chain Entirely;

Although for example, the distributed data that the illegal user in block chain on other node devices passes through access block chain Library, it is also possible to obtain encrypted object content, and the corresponding private key of public key that can also be held based on itself is attempted to carry out Decryption;However, private key has uniqueness, even if illegal user due in the system for the decentralization built based on block chain Object content after secret can be obtained but can not normally decrypt the object content of the encryption, therefore pass through this side Formula, can be in the open and clear network environment of block chain, to be promoted in the target for having included the encryption into distributed data base The security level of appearance.

On the other hand, used debit's public key corresponding receipts when being encrypted due to only holding to above-mentioned first key The recipient of square private key just has the permission that the first key is decrypted, therefore in block chain when publication encrypted content, It only needs in the form broadcasted to disclose the content of the encryption to block chain, the notice of active can no longer be needed to receive Side;Moreover, the identity information of recipient can also be no longer carried in the encrypted content published in block chain, so as to Publish to avoid by encrypted content to block chain, and caused by recipient identity information leakage the problem of.

For example, sender is when passing to recipient for encrypted object content by block chain, after the encryption Object content only have correct recipient to hold private key can successful decryption can be no longer therefore for sender Proactive notification recipient is needed, the address information for carrying recipient in object content after encryption is not needed yet.When the encryption Object content afterwards is included to the distributed data base of block chain, for the potential recipient of the encrypted object content For (covering user all in block chain), it can attempt to solve the object content of the encryption based on the private key held It is close;If successful decryption, the legitimate receipt side for the object content that itself is the encryption can be determined.As it can be seen that passing through this side Formula, recipient is when to the object content of block chain publication encryption, it is only necessary to by the object content of the encryption in the form of broadcast It is open to block chain, in the object content of encryption can no longer intended receiver address, thus can be to avoid recipient Identity information leakage the problem of.

Corresponding with above method embodiment, present invention also provides the embodiments of device.

Fig. 2 is referred to, the application proposes a kind of distributing device 20 of encrypted content, goes to center applied to based on block chain In change system;

Wherein, Fig. 3 is referred to, hardware involved in the electronic equipment as the distributing device 20 for carrying the encrypted content In framework, processor, memory, nonvolatile memory, network interface and internal bus etc. are generally included;It is implemented in software to be Example, the distributing device 20 of the encrypted content is it is generally understood that the computer program of load in memory, passes through processor The logic device that the software and hardware formed after operation combines, the distributing device 20 of the encrypted content include:

First encrypting module 201, for being encrypted using the first encryption method to object content using first key;

Second encrypting module 202, for using debit's public key of recipient of the object content to use the second encryption side Method carries out computations to the first key and obtains the second key;

Release module 203, for the encrypted object content, second cipher key distribution to be based on block to described The decentralization system of chain, with by the decentralization system by encrypted object content and second key include to The block chain.

In the present embodiment, the release module 203 further,

The encrypted object content, second key are distributed to the decentralization based on block chain respectively System.

In the present embodiment, second encrypting module 202 further,

Occurring to update in debit's public key of the recipient of the object content is, using updated debit's public key using the Two encryption methods re-start computations to the first key and obtain updated second key, and will be described updated Second cipher key distribution is to the decentralization system based on block chain, with original second close to the block chain to including Key is updated;

When the object content has increased recipient newly, the second encryption side is used using debit's public key of newly-increased recipient Method carries out computations to the first key and obtains the second newly-increased key, and by the second newly-increased cipher key distribution to institute State the decentralization system based on block chain.

In the present embodiment, the release module 203 further,

The encrypted object content is first distributed to the decentralization system based on block chain, described will be added Content after close is included into the first content record in the block of the block chain;

The first content is recorded again identification information and second cipher key distribution are to described based on block chain Decentralization system includes identification information that the first content records and second key to the block chain The second content record in.

In the present embodiment, the encrypted object content of the decentralization system publication to described based on block chain, and/ Or in second key, generating algorithm ID corresponding with debit's public key of the recipient is carried.

In the present embodiment, the encrypted object content of the decentralization system publication to described based on block chain, and/ Or in second key, the second encryption method ID is carried.

In the present embodiment, the first encryption method is symmetric encryption method;Second encryption method is using originating party private The symmetrical symmetric encryption method for exchanging key and being encrypted that key is multiplied with debit's public key;Alternatively, the second encryption side Method is the asymmet-ric encryption method encrypted using debit's public key.

In the present embodiment, second encryption method is the symmetric key machinery of consultation based on ECDH algorithm.

It in the present embodiment, further include based on the original contents of the object content in the encrypted object content Obtained check information.

Fig. 4 is referred to, the application proposes a kind of acquisition device 40 of encrypted content, goes to center applied to based on block chain In change system;

Wherein, Fig. 5 is referred to, hardware involved in the electronic equipment as the acquisition device 40 for carrying the encrypted content In framework, processor, memory, nonvolatile memory, network interface and internal bus etc. are generally included;It is implemented in software to be Example, the acquisition device 40 of the encrypted content is it is generally understood that the computer program of load in memory, passes through processor The logic device that the software and hardware formed after operation combines, the acquisition device 40 of the encrypted content include:

Module 401 is obtained, is added for obtaining the use first key included in the block chain using the first encryption method Object content after close;And using the object content recipient debit's public key using the second encryption method to described the One key carries out the second key that computations obtain;

First deciphering module 402, the recipient is based on the corresponding debit's private key of debit's public key held using the Second key is decrypted in two decryption methods, to obtain the first key;

Second deciphering module 403, when successful decryption, using the first key using first decryption method to the mesh Mark content is decrypted, and gets the original contents of the object content.

In the present embodiment, the encrypted object content is included in the record of first content within a block;Described The identification information of one content record and above-mentioned second key are included in the second content record within a block;

The acquisition module 401:

When recipient in block chain the second content record described in uppick, from second content record read described in Second key;And

The identification information of the first content record is read from second content record;

Based on the identification information of first content record, the first content record is further searched in block chain, And read the encrypted object content included in first content record.

In the present embodiment, it in the encrypted object content and/or second key, carries through encryption meter Calculation obtains the corresponding generating algorithm ID of recipient's public key used when second key;

Second deciphering module 403 further,

Using the second decryption method to second key based on the corresponding debit's private key of debit's public key held Before being decrypted, the generating algorithm ID is read from the encrypted object content and/or second key;Base In the generating algorithm ID read, determine that the recipient used when obtaining second key by computations is public Key.

In the present embodiment, in the encrypted object content and/or second key, carry described second plus Decryption method ID.

Second deciphering module 403 further,

Using the second decryption method to second key based on the corresponding debit's private key of debit's public key held Before being decrypted, second encryption method is read from the encrypted object content and/or second key ID;Based on the second encryption method ID read, the second decryption method corresponding with second encryption method is determined.

In the present embodiment, the first encryption method is symmetric encryption method, and first decryption method is symmetrical decryption method.

In the present embodiment, second encryption method is the symmetrical friendship being multiplied using originating party private key with debit's public key Change the symmetric encryption method that key is encrypted;Second decryption method is to be multiplied to obtain with originating party public key using debit's private key The symmetrical decryption method that is decrypted of symmetrical exchange key.

In the present embodiment, second encryption method and second decryption method are based on the symmetrical close of ECDH algorithm Key machinery of consultation.

In the present embodiment, second encryption method is the asymmet-ric encryption method encrypted using debit's public key; Second decryption method is the asymmetric decryption method being decrypted using debit's private key.

It in the present embodiment, further include based on the original contents of the object content in the encrypted object content Obtained check information;

Second deciphering module 403 further,

Original contents based on the object content got calculate check information;

Determine whether the check information carried in the check information and the encrypted object content that are calculated is consistent; If consistent, determine that the object content is legal object content;Conversely, the object content is abandoned.

System that the above various embodiments illustrates, module can specifically realize by computer chip or entity, or by having The product of certain function is realized.It is a kind of typically to realize that equipment is computer or server.Wherein, the specific shape of computer Formula can be personal computer, laptop computer, cellular phone, camera phone, smart phone, personal digital assistant, media Player, navigation equipment, E-mail receiver/send equipment, game console, tablet computer, wearable device or these equipment In any several equipment combination.As seen through the above description of the embodiments, those skilled in the art can understand Recognize that the application can realize by means of software and necessary general hardware platform in ground.Based on this understanding, this Shen Substantially the part that contributes to existing technology can be embodied in the form of software products technical solution please in other words, The computer software product can store in storage medium, such as ROM/RAM, magnetic disk, CD, including some instructions are to make It obtains a computer equipment (can be personal computer, server or the network equipment etc.) and executes each embodiment of the application Or method described in certain parts of embodiment.

All the embodiments in this specification are described in a progressive manner, same and similar portion between each embodiment Dividing may refer to each other, and each embodiment focuses on the differences from other embodiments.Especially for device reality For applying example, since it is substantially similar to the method embodiment, so describing fairly simple, related place is referring to embodiment of the method Part explanation.The apparatus embodiments described above are merely exemplary, wherein described be used as separate part description Module may or may not be physically separated, the function of each module can be existed when implementing application scheme It is realized in same or multiple software and/or hardwares.Some or all of mould therein can also be selected according to the actual needs Block achieves the purpose of the solution of this embodiment.Those of ordinary skill in the art are without creative efforts To understand and implement.

The above is only the specific embodiment of the application, it is noted that for the ordinary skill people of the art For member, under the premise of not departing from the application principle, several improvements and modifications can also be made, these improvements and modifications are also answered It is considered as the protection scope of the application.

Claims (21)

1. a kind of dissemination method of encrypted content, which is characterized in that applied to the decentralization system based on block chain, the side Method includes:
Object content is encrypted using the first encryption method using first key;
The first key is encrypted using the second encryption method using debit's public key of the recipient of the object content The second key is calculated;
By the encrypted object content, second cipher key distribution to the decentralization system based on block chain, with Encrypted object content and second key are included to the block chain by the decentralization system.
2. the method according to claim 1, wherein described by the encrypted object content, described second Cipher key distribution is to the decentralization system based on block chain, comprising:
The encrypted object content, second key are distributed to the decentralization system based on block chain respectively System.
3. according to the method described in claim 2, it is characterized by further comprising:
When debit's public key of the recipient of the object content updates, using updated debit's public key using the second encryption Method re-starts computations to the first key and obtains updated second key, and close by described updated second Key is distributed to the decentralization system based on block chain, to carry out to original second key included to the block chain It updates;
When the object content has increased recipient newly, using debit's public key of newly-increased recipient using the second encryption method to institute It states first key progress computations and obtains the second newly-increased key, and the second newly-increased cipher key distribution is based on to described The decentralization system of block chain.
4. according to the method described in claim 2, it is characterized in that, described by the encrypted object content, described second Key is distributed to the decentralization system based on block chain respectively, comprising:
The encrypted object content is first distributed to the decentralization system based on block chain, after the encryption Content include in the block of the block chain first content record in;
Again by identification information that the first content records and second cipher key distribution into the going based on block chain Heart system includes identification information that the first content records and second key to the of the block chain In two content records.
5. the method according to claim 1, wherein to the decentralization system publication based on block chain In encrypted object content and/or second key, generating algorithm corresponding with debit's public key of the recipient is carried ID。
6. the method according to claim 1, wherein to the decentralization system publication based on block chain In encrypted object content and/or second key, the second encryption method ID is carried.
7. the method according to claim 1, wherein the first encryption method is symmetric encryption method.
8. the method according to claim 1, wherein second encryption method is to use originating party private key and debit The symmetric encryption method that the symmetrical exchange key that public key is multiplied is encrypted;Alternatively, second encryption method is to use The asymmet-ric encryption method that debit's public key is encrypted.
9. according to the method described in claim 8, it is characterized in that, second encryption method is based on the symmetrical of ECDH algorithm Cryptographic key negotiation method.
10. the method according to claim 1, wherein further including based on institute in the encrypted object content State the check information that the original contents of object content are calculated.
11. a kind of acquisition methods of encrypted content, which is characterized in that described applied to the decentralization system based on block chain Method includes:
The use first key included in the block chain is obtained using the encrypted object content of the first encryption method;And make Computations are carried out to the first key using the second encryption method with debit's public key of the recipient of the object content to obtain The second key arrived;
The recipient is based on the corresponding debit's private key of debit's public key held using the second decryption method to described second Key is decrypted, to obtain the first key;
When successful decryption, the object content is decrypted using first decryption method using the first key, is obtained To the original contents of the object content.
12. according to the method described in claim 10, it is characterized in that, the encrypted object content is included within a block In first content record;The identification information and above-mentioned second key of the first content record are included within a block second Hold in record;
The use first key included in the block chain that obtains is using the encrypted object content of the first encryption method;With And encryption meter is carried out to the first key using the second encryption method using debit's public key of the recipient of the object content The second obtained key, comprising:
When recipient in block chain the second content record described in uppick, read described second from second content record Key;And
The identification information of the first content record is read from second content record;
Based on the identification information of first content record, the first content record is further searched in block chain, and is read Take the encrypted object content included in first content record.
13. according to the method described in claim 10, it is characterized in that, the encrypted object content and/or described second In key, the corresponding generating algorithm of recipient's public key used when obtaining second key by computations is carried ID;
It is described based on the corresponding debit's private key of debit's public key held using the second decryption method to second key into Before row decryption, further includes:
The generating algorithm ID is read from the encrypted object content and/or second key;
Based on the generating algorithm ID read, determine used when obtaining second key by computations described in connect Debit's public key.
14. according to the method described in claim 10, it is characterized in that, the encrypted object content and/or described second In key, the second encryption method ID is carried.
It is described based on the corresponding debit's private key of debit's public key held using the second decryption method to second key into Before row decryption, further includes:
The second encryption method ID is read from the encrypted object content and/or second key;
Based on the second encryption method ID read, the second decryption method corresponding with second encryption method is determined.
15. according to the method described in claim 10, it is characterized in that, the first encryption method is symmetric encryption method, the first solution Decryption method is symmetrical decryption method.
16. according to the method described in claim 10, it is characterized in that, second encryption method is using originating party private key and to receive The symmetric encryption method that the symmetrical exchange key that square public key is multiplied is encrypted;Second decryption method is to use debit The symmetrical symmetrical decryption method for exchanging key and being decrypted that private key is multiplied with originating party public key.
17. according to the method for claim 16, which is characterized in that second encryption method and second decryption method For the symmetric key machinery of consultation based on ECDH algorithm.
18. according to the method described in claim 10, it is characterized in that, second encryption method is to be carried out using debit's public key The asymmet-ric encryption method of encryption;Second decryption method is the asymmetric decryption method being decrypted using debit's private key.
19. according to the method described in claim 10, it is characterized in that, further including based on institute in the encrypted object content State the check information that the original contents of object content are calculated;
The method also includes:
Original contents based on the object content got calculate check information;
Determine whether the check information carried in the check information and the encrypted object content that are calculated is consistent;If Unanimously, determine that the object content is legal object content;Conversely, the object content is abandoned.
20. a kind of distributing device of encrypted content, which is characterized in that described applied to the decentralization system based on block chain Device includes:
First encrypting module, for being encrypted using the first encryption method to object content using first key;
Second encrypting module, for using debit's public key of recipient of the object content to use the second encryption method to described First key carries out computations and obtains the second key;
Release module, for going the encrypted object content, second cipher key distribution based on block chain to described Centralized system, to be included encrypted object content and second key to the area by the decentralization system Block chain.
21. a kind of acquisition device of encrypted content, which is characterized in that described applied to the decentralization system based on block chain Device includes:
Module is obtained, for obtaining the use first key included in the block chain using the encrypted mesh of the first encryption method Mark content;And using the object content recipient debit's public key using the second encryption method to the first key into The second key that row computations obtain;
First deciphering module, the recipient use the second decryption side based on the corresponding debit's private key of debit's public key held Second key is decrypted in method, to obtain the first key;
Second deciphering module, when successful decryption, using the first key using first decryption method to the object content It is decrypted, gets the original contents of the object content.
CN201711025270.8A 2017-10-27 2017-10-27 A kind of publication of encrypted content and acquisition methods and device CN109729041A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711025270.8A CN109729041A (en) 2017-10-27 2017-10-27 A kind of publication of encrypted content and acquisition methods and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711025270.8A CN109729041A (en) 2017-10-27 2017-10-27 A kind of publication of encrypted content and acquisition methods and device

Publications (1)

Publication Number Publication Date
CN109729041A true CN109729041A (en) 2019-05-07

Family

ID=66292032

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711025270.8A CN109729041A (en) 2017-10-27 2017-10-27 A kind of publication of encrypted content and acquisition methods and device

Country Status (1)

Country Link
CN (1) CN109729041A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1832398A (en) * 2006-04-14 2006-09-13 中国软件与技术服务股份有限公司 Method and system of file encipher share
US20150269570A1 (en) * 2014-03-21 2015-09-24 Charles Phan Systems and methods in support of authentication of an item
CN107181765A (en) * 2017-07-25 2017-09-19 光载无限(北京)科技有限公司 Network digital identity identifying method based on block chain technology
CN107220820A (en) * 2017-05-16 2017-09-29 腾讯科技(深圳)有限公司 Resource transfers method, device and storage medium
CN107294709A (en) * 2017-06-27 2017-10-24 阿里巴巴集团控股有限公司 A kind of block chain data processing method, apparatus and system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1832398A (en) * 2006-04-14 2006-09-13 中国软件与技术服务股份有限公司 Method and system of file encipher share
US20150269570A1 (en) * 2014-03-21 2015-09-24 Charles Phan Systems and methods in support of authentication of an item
CN107220820A (en) * 2017-05-16 2017-09-29 腾讯科技(深圳)有限公司 Resource transfers method, device and storage medium
CN107294709A (en) * 2017-06-27 2017-10-24 阿里巴巴集团控股有限公司 A kind of block chain data processing method, apparatus and system
CN107181765A (en) * 2017-07-25 2017-09-19 光载无限(北京)科技有限公司 Network digital identity identifying method based on block chain technology

Similar Documents

Publication Publication Date Title
JP6799061B2 (en) Secure multi-party loss resistant storage and transfer of cryptographic keys for blockchain-based systems combined with wallet management systems
US20190305953A1 (en) Methods for secure cryptogram generation
JP6515246B2 (en) Determination of common secrets for the secure exchange of information and hierarchical and deterministic encryption keys
AU2016211551B2 (en) Methods for secure credential provisioning
CN106664206B (en) Efficient method for authenticated communication
EP3050011B1 (en) Transaction authentication
Li et al. Full verifiability for outsourced decryption in attribute based encryption
Chaudhry et al. A secure and efficient authenticated encryption for electronic payment systems using elliptic curve cryptography
Li et al. Blockchain for large-scale internet of things data storage and protection
WO2019007396A1 (en) Method and device for conducting encrypted transaction based on smart contract, and blockchain
JP5680725B2 (en) Method and apparatus for providing low complexity device authentication and confidentiality
He et al. A strong user authentication scheme with smart cards for wireless communications
Kumar et al. Secure storage and access of data in cloud computing
CN104521178B (en) The method and system of the multi-party cloud computing of safety
EP2639997B1 (en) Method and system for secure access of a first computer to a second computer
Zhu et al. A secure anti-collusion data sharing scheme for dynamic groups in the cloud
CN107911216A (en) A kind of block chain transaction method for secret protection and system
JP4866863B2 (en) Security code generation method and user device
JP4855940B2 (en) Efficient management of cryptographic key generation
Wu et al. Secure key agreement and key protection for mobile device user authentication
He et al. Anonymous two-factor authentication for consumer roaming service in global mobility networks
Sanka et al. Secure data access in cloud computing
Zhao et al. Trusted Data Sharing over Untrusted Cloud Storage Providers.
Zhou et al. TR-MABE: White-box traceable and revocable multi-authority attribute-based encryption and its applications to multi-level privacy-preserving e-healthcare cloud computing systems
KR100406754B1 (en) Forward-secure commercial key escrow system and escrowing method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination