CN110740038B - Blockchain and communication method, gateway, communication system and storage medium thereof - Google Patents
Blockchain and communication method, gateway, communication system and storage medium thereof Download PDFInfo
- Publication number
- CN110740038B CN110740038B CN201810786957.1A CN201810786957A CN110740038B CN 110740038 B CN110740038 B CN 110740038B CN 201810786957 A CN201810786957 A CN 201810786957A CN 110740038 B CN110740038 B CN 110740038B
- Authority
- CN
- China
- Prior art keywords
- user
- gateway
- communication data
- communication
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The disclosure provides a blockchain and a communication method, a gateway, a communication system and a storage medium thereof, and relates to the field of communication. The method comprises the following steps: and searching the stored public key of the user by using the identification of the user carried by the incoming chain request, decrypting the signature data of the communication data by using the searched public key of the user, comparing the communication data obtained by decryption with the communication data requested to enter the chain, if the comparison result is consistent, storing the communication data carried by the incoming chain request into the content corresponding to the identification of the user, and then distributing the chain code corresponding to the communication data. The scheme of the disclosure can confirm the integrity of the communication data, prevent the communication data from being tampered with, and confirm the source of the communication data, so that the sender of the communication data cannot repudiate.
Description
Technical Field
The present disclosure relates to the field of communications, and in particular, to a blockchain and a communication method, a gateway, a communication system, and a storage medium thereof.
Background
The gateway may implement interworking of networks. The gateway provides a communication interface to the outside, and a user can communicate through the gateway. The data of the user and the gateway can be transmitted in the public network, and the security of the data transmission is difficult to ensure because the public network is an open network environment.
Disclosure of Invention
One technical problem to be solved by the present disclosure is to prevent communication data from being tampered with.
According to one aspect of the present disclosure, a blockchain-based communication method is presented, comprising:
the block chain stores the user identification and the public key of the user sent by the gateway;
the blockchain responds to a link-in request sent by the gateway, and searches a stored public key of the user by using the user identifier carried by the link-in request, wherein the link-in request carries the user identifier, communication data and signature data of the communication data, and the signature data of the communication data is obtained by signing the communication data by using a private key of the user;
the blockchain decrypts the signature data of the communication data carried by the link entering request by using the searched public key of the user, compares the communication data obtained by decryption with the communication data of the link entering request, and if the comparison result is consistent, the authentication is passed;
under the condition that the block chain passes the authentication, storing communication data carried by the incoming chain request to content corresponding to the identification of the user;
and the block chain allocates a chain code corresponding to the communication data.
Optionally, the identity of the user is an authorization code generated by the gateway for each session of the user.
According to yet another aspect of the present disclosure, there is provided a blockchain-based communication method including:
the gateway obtains a public key of a user;
the gateway writes the identification of the user and the public key of the user into a blockchain;
the gateway receives a communication request sent by a client of the user, wherein the communication request carries communication data, signature data of the communication data and an identifier of the user, and the signature data of the communication data is obtained by signing the communication data by utilizing a private key of the user;
the gateway sends a chain entering request to the blockchain, wherein the chain entering request carries the identification of the user, the communication data and the signature data of the communication data, so that the blockchain performs signature verification and chain entering operation based on the information carried by the chain entering request;
the gateway records a chain code of the communication data in the blockchain.
Optionally, the identity of the user is an authorization code generated by the gateway for each session of the user;
the communication method further comprises the steps of: and the gateway verifies the authorization code sent by the client of the user, and sends a chain entering request to the blockchain under the condition that the authorization code passes verification.
Optionally, the public key of the user is obtained by the gateway responding to the authorization request sent by the client of the user and decrypting the authorization request by using the private key of the gateway,
wherein the authorization request carries the public key of the user, the authorization request being encrypted by the public key of the gateway.
Optionally, the public key of the gateway is that the gateway responds to a registration request sent by the client of the user, verifies the user name and the password carried in the registration request, and returns to the client of the user when the verification is passed.
Optionally, the public key and the private key of the gateway are generated by an authority of the gateway invoking the blockchain.
Optionally, the communication method further comprises:
the gateway decrypts the communication request using the private key of the gateway, wherein the communication request is encrypted by the client of the user using the public key of the gateway.
According to yet another aspect of the present disclosure, there is provided a blockchain for communication, comprising: a plurality of blockchain nodes;
wherein any one blockchain node is configured to:
storing an identification of a user and a public key of the user sent by a gateway;
searching a stored public key of the user by using the identifier of the user carried by the incoming link request in response to the incoming link request sent by the gateway, wherein the incoming link request carries the identifier of the user, communication data and signature data of the communication data, and the signature data of the communication data is obtained by signing the communication data by using a private key of the user;
decrypting the signature data of the communication data carried by the link entering request by using the searched public key of the user, comparing the communication data obtained by decryption with the communication data of the link entering request, and if the comparison result is consistent, passing the authentication;
under the condition that authentication is passed, storing communication data carried by the link entering request to content corresponding to the identification of the user;
and distributing the chain code corresponding to the communication data.
Optionally, the identity of the user is an authorization code generated by the gateway for each session of the user.
According to yet another aspect of the present disclosure, there is provided a gateway for communication, comprising:
the acquisition module is used for acquiring the public key of the user;
the writing module is used for writing the identification of the user and the public key of the user into a blockchain;
the receiving module is used for receiving a communication request sent by a client of the user, wherein the communication request carries communication data, signature data of the communication data and an identifier of the user, and the signature data of the communication data is obtained by signing the communication data by utilizing a private key of the user;
the sending module is used for sending a chain entering request to the blockchain, wherein the chain entering request carries the identification of the user, the communication data and the signature data of the communication data, so that the blockchain can carry out signature verification and chain entering operation based on the information carried by the chain entering request;
and the recording module is used for recording the chain code of the communication data in the block chain.
Optionally, the identity of the user is an authorization code generated by the gateway for each session of the user;
the gateway further comprises: the verification module is used for verifying the authorization code sent by the client of the user, and the sending module is used for sending a chain entering request to the blockchain under the condition that the authorization code passes verification.
Optionally, the public key of the user is obtained by the gateway responding to the authorization request sent by the client of the user and decrypting the authorization request by using the private key of the gateway,
wherein the authorization request carries the public key of the user, the authorization request being encrypted by the public key of the gateway.
Optionally, the public key of the gateway is that the gateway responds to a registration request sent by the client of the user, verifies the user name and the password carried in the registration request, and returns to the client of the user when the verification is passed.
According to yet another aspect of the present disclosure, there is provided a blockchain for communication, comprising: a plurality of blockchain nodes;
wherein, any one of the block chain link points includes:
a memory; and
a processor coupled to the memory, the processor configured to perform any of the foregoing communication methods based on instructions stored in the memory.
According to yet another aspect of the present disclosure, there is provided a gateway for communication, comprising:
a memory; and
a processor coupled to the memory, the processor configured to perform any of the foregoing communication methods based on instructions stored in the memory.
According to yet another aspect of the present disclosure, there is provided a communication system including:
a gateway as claimed in any preceding claim;
the method comprises the steps of,
the blockchain of any of the foregoing.
According to yet another aspect of the present disclosure, a computer-readable storage medium is presented, on which a computer program is stored, which program, when being executed by a processor, implements the steps of any of the aforementioned communication methods.
The scheme of the disclosure can confirm the integrity of the communication data, prevent the communication data from being tampered with, and confirm the source of the communication data, so that the sender of the communication data cannot repudiate.
Drawings
The drawings that are required for use in the description of the embodiments or the related art will be briefly described below. The present disclosure will be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings,
it will be apparent to those of ordinary skill in the art that the drawings in the following description are merely examples of the disclosure and that other drawings may be derived from them without inventive faculty.
Fig. 1 is a flow diagram of some embodiments of a blockchain-based communication method of the present disclosure.
Fig. 2 is a flow chart of other embodiments of a blockchain-based communication method of the present disclosure.
Fig. 3 is a schematic diagram of some embodiments of a communication system 300 of the present disclosure.
Fig. 4 is a schematic diagram of some embodiments of gateway 310 of the present disclosure.
Fig. 5 is a schematic diagram of some embodiments of a blockchain 320 of the present disclosure.
Fig. 6 is a schematic diagram of other embodiments of a gateway 310 or blockchain 320 of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure.
Fig. 1 is a flow diagram of some embodiments of a communication method of the present disclosure. As shown in fig. 1, the method of this embodiment includes: steps 110-150.
In step 110, the gateway obtains the public key of the user.
In some embodiments, the user's public key and corresponding private key may be generated by the user's client, for example.
In some embodiments, the client of the user sends an authorization request to the gateway, the authorization request carries the public key of the user, and the authorization request is encrypted by the public key of the gateway, so that the security of the public key transmission of the user is ensured. Correspondingly, the gateway responds to the authorization request sent by the client of the user, and decrypts the authorization request by utilizing the private key of the gateway to obtain the public key of the user.
The public key of the gateway responds to a registration request sent by a client of a user, verifies a user name and a password carried in the registration request, and returns to the client of the user under the condition that the verification is passed.
The public and private keys of the gateway may be generated by, for example, a gateway invoking a blockchain authority (CA, certificate Authority).
In step 120, the gateway writes the identity of the user and the user's public key to the blockchain. The information in the blockchain is not easily tampered with.
In step 130, the blockchain stores the identity of the user and the public key of the user sent by the gateway.
In step 140, the gateway receives a communication request sent by the client of the user, where the communication request carries communication data, signature data of the communication data, and an identifier of the user, and the signature data of the communication data is obtained by signing the communication data with a private key of the user.
In some embodiments, the identity of the user may be, for example, an authorization code generated by the gateway for each session of the user. The gateway sends the generated authorization code to the client of the user, the communication request sent by the client of the user can carry the authorization code, for example, the gateway verifies the authorization code sent by the client of the user, thereby confirming the validity of the current session of the user, and when the authorization code verification is passed, the gateway executes the request of sending the link-in to the blockchain in step 140.
In some embodiments, to further increase the security of the information transfer, the communication request may be encrypted by the user's client using the public key of the gateway, and accordingly, the gateway may decrypt the communication request using the private key of the gateway.
In step 150, the gateway sends an in-link request to the blockchain, the in-link request carrying the user's identification, communication data, signature data of the communication data.
At step 160, the blockchain performs signature verification and in-chain operations based on the information carried by the in-chain request.
Specifically, the public key of the stored user is searched by using the user identification carried by the incoming link request, the signature data of the communication data is decrypted by using the public key of the user, the communication data obtained by decryption is compared with the communication data of the incoming link request, if the comparison result is consistent, the communication data is written into the content corresponding to the user identification in the blockchain, and the chain code of the communication data in the blockchain is distributed and returned to the gateway. If the comparison result is inconsistent, the authentication is not passed, and the communication data which is requested to enter the chain can be discarded.
In some embodiments, to reduce the amount of data transmitted and further improve the security of the data transmission, the in-link request may carry the user's identification, the communication data, signature data of summary information of the communication data (i.e., data obtained by signing the summary information of the communication data). Correspondingly, the blockchain generates summary information of communication data requesting to enter the chain, decrypts signature data of the summary information of the communication data by utilizing a public key of a user, compares the summary information of the communication data obtained through decryption with the generated summary information of the communication data requesting to enter the chain, and writes the communication data into content corresponding to the identification of the user in the blockchain if the comparison results are consistent. Wherein, the abstract generation algorithm used by the client and the gateway is consistent. The digest generation algorithm may be, for example, a hash algorithm.
The content written into the blockchain may be synchronized into the various nodes of the blockchain by blockchain synchronization techniques.
At step 170, the gateway records the chain code of the communication data in the blockchain. Communication data of the corresponding user can be queried from the blockchain through the chain code.
The above embodiments can confirm the integrity of the communication data, prevent the communication data from being tampered with, and confirm the source of the communication data, so that the sender of the communication data cannot repudiate.
Fig. 2 is a flow chart illustrating further embodiments of the communication method of the present disclosure. As shown in fig. 2, the method of this embodiment includes: steps 210 to 2120.
In step 210, the gateway receives a registration request sent by a client of a user, where the registration request carries a user name and a password.
In step 220, the gateway verifies the user name and the password carried in the registration request, and in case of passing the verification, invokes the authority of the blockchain to generate the public key and the private key of the gateway.
In step 230, if the registration is successful, the gateway returns a registration success response to the client, and the registration success response carries the public key of the gateway, so that the client obtains the public key of the gateway; if the registration fails, the gateway returns a registration failure response to the client.
In step 240, the client of the user generates the public key and the private key of the user, and sends an authorization request to the gateway, wherein the authorization request carries the public key of the user, and the authorization request is encrypted by the public key of the gateway, so that the security of the public key transmission of the user is ensured.
In step 250, the gateway responds to the authorization request sent by the client of the user, decrypts the authorization request by using the private key of the gateway to obtain the public key of the user, and generates the authorization code of the current session for the user. The gateway writes the user's authorization code and the user's public key to the blockchain.
In step 260, the gateway returns an authorization response to the client of the user, where the authorization response carries an authorization code, so that the client of the user obtains the authorization code of the current session.
In step 270, the gateway receives a communication request sent by the client of the user, where the communication request carries communication data, signature data of the communication data, and an authorization code of the user, and the signature data of the communication data is obtained by signing the communication data with a private key of the user.
In step 280, the gateway verifies the authorization code sent from the user's client, thereby confirming the legitimacy of the user.
In step 290, in the event that the authorization code is verified, the gateway sends an in-link request to the blockchain, the in-link request carrying the authorization code of the user, the communication data, the signature data of the communication data.
In step 2100, the blockchain searches the public key of the stored user by using the authorization code of the user carried by the incoming link request, decrypts the signature data of the communication data by using the public key of the user, compares the communication data obtained by decryption with the communication data requested to enter the link, if the comparison result is consistent, writes the communication data into the content corresponding to the identifier of the user in the blockchain, and distributes and returns the link code of the communication data in the blockchain. If the comparison result is inconsistent, the authentication is not passed, and the communication data which is requested to enter the chain can be discarded.
In step 2110, the gateway records the chain code of the communication data in the blockchain. Communication data of the corresponding user can be queried from the blockchain through the chain code.
In step 2120, the gateway returns a communication response to the user's client, and if the communication data is successfully chained, the communication response may carry the chain code of the communication data in the blockchain.
Alternatively, the public and private keys of the user and the authorization code of the user may be generated once for each session of the user, respectively, i.e. the public and private keys of the user and the authorization code of the user used by different sessions of the same user may also be different. Thus, the security of the communication data is further improved.
Optionally, in order to reduce the amount of data transmitted and further improve the security of the data transmission, the in-link request may carry the user's identification, the communication data, signature data of summary information of the communication data (i.e., data obtained by signing the summary information of the communication data). Correspondingly, the blockchain generates summary information of communication data requesting to enter the chain, decrypts signature data of the summary information of the communication data by utilizing a public key of a user, compares the summary information of the communication data obtained through decryption with the generated summary information of the communication data requesting to enter the chain, and writes the communication data into content corresponding to the identification of the user in the blockchain if the comparison results are consistent. Wherein, the abstract generation algorithm used by the client and the gateway is consistent. The digest generation algorithm may be, for example, a hash algorithm.
The above embodiments can confirm the integrity of the communication data, prevent the communication data from being tampered with, and confirm the source of the communication data, so that the sender of the communication data cannot repudiate.
Fig. 3 is a schematic diagram of some embodiments of a communication system 300 of the present disclosure.
As shown in fig. 3, the communication system 300 of this embodiment includes: gateway 310 and blockchain 320. Gateway 310 is communicatively coupled to blockchain 320.
Fig. 4 is a schematic diagram of some embodiments of gateway 310 of the present disclosure.
As shown in fig. 4, the gateway 310 of this embodiment includes: modules 311-315. Optionally, a module 316 may also be included.
The obtaining module 311 is configured to obtain a public key of a user.
A writing module 312 for writing the identification of the user and the public key of the user to the blockchain.
The receiving module 313 is configured to receive a communication request sent by a client of a user, where the communication request carries communication data, signature data of the communication data, and an identifier of the user, and the signature data of the communication data is obtained by signing the communication data with a private key of the user.
And a sending module 314, configured to send an in-link request to the blockchain, where the in-link request carries an identifier of a user, communication data, and signature data of the communication data, so that the blockchain performs signature verification and in-link operation based on information carried by the in-link request (that is, the blockchain searches a stored public key of the user by using the identifier of the user, decrypts the signature data of the communication data by using the public key of the user, compares the decrypted communication data with the communication data requested to enter the chain, if the comparison result is consistent, writes the communication data into content corresponding to the identifier of the user in the blockchain, and returns a chain code of the communication data in the blockchain).
A recording module 315 for recording a chain code of the communication data in the blockchain.
In some embodiments, the identity of the user may be an authorization code generated by the gateway for each session of the user. And the verification module 316 is used for verifying the authorization code sent by the client of the user. Correspondingly, the sending module 314 sends the link-in request to the blockchain again if the authorization code passes verification.
In some embodiments, the public key of the user is obtained by the gateway responding to the authorization request sent by the client of the user and decrypting the authorization request by using the private key of the gateway, wherein the authorization request carries the public key of the user, and the authorization request is encrypted by the public key of the gateway.
In some embodiments, the public key of the gateway is that the gateway responds to a registration request sent by a client of a user, verifies a user name and a password carried in the registration request, and returns to the client of the user if the verification is passed.
Fig. 5 is a schematic diagram of some embodiments of a blockchain 320 of the present disclosure.
As shown in fig. 5, the blockchain 320 of this embodiment includes: a plurality of blockchain nodes 1, …, n. Information may be synchronized between the plurality of blockchain nodes 1, …, n using blockchain synchronization techniques.
Wherein any one of blockchain nodes 1, …, n is configured to:
storing an identification (such as an authorization code) of a user and a public key of the user sent by the gateway;
responding to a link entering request sent by a gateway, and searching a stored public key of a user by using a user identifier carried by the link entering request, wherein the link entering request carries the user identifier, communication data and signature data of the communication data, and the signature data of the communication data is obtained by signing the communication data by using a user private key;
decrypting the signature data of the communication data carried by the link-in request by using the searched public key of the user, comparing the communication data obtained by decryption with the communication data of the link-in request, and if the comparison result is consistent, passing the authentication;
under the condition that authentication is passed, storing communication data carried by the link entering request into content corresponding to the user identification;
and allocating a chain code corresponding to the communication data.
Fig. 6 is a schematic diagram of other embodiments of a gateway 310 or blockchain 320 of the present disclosure.
As shown in fig. 6, the gateway 310 or blockchain 320 of this embodiment includes: a memory 610 and a processor 620 coupled to the memory 610, the processor 620 being configured to perform the communication method of any of the foregoing embodiments based on instructions stored in the memory 610.
The memory 610 may include, for example, system memory, fixed nonvolatile storage media, and the like. The system memory stores, for example, an operating system, application programs, boot Loader (Boot Loader), and other programs.
The present disclosure also proposes a computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, implements the steps of the communication method in any of the aforementioned embodiments.
It will be appreciated by those skilled in the art that embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flowchart and/or block of the flowchart illustrations and/or block diagrams, and combinations of flowcharts and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing description of the preferred embodiments of the present disclosure is not intended to limit the disclosure, but rather to enable any modification, equivalent replacement, improvement or the like, which fall within the spirit and principles of the present disclosure.
Claims (10)
1. A blockchain-based communication method, comprising:
the gateway obtains a public key of a user;
the gateway generates an authorization code for each session of the user and writes the user identification and the public key of the user into a blockchain as the user identification;
the block chain stores the user identification and the public key of the user sent by the gateway;
the gateway receives a communication request sent by a client of the user, wherein the communication request carries communication data, signature data of the communication data and an identifier of the user, and the signature data of the communication data is obtained by signing the communication data by utilizing a private key of the user;
the gateway verifies the authorization code sent by the client of the user, and sends a link-in request to the blockchain under the condition that the authorization code passes verification, wherein the link-in request carries the identification of the user, the communication data and the signature data of the communication data;
the blockchain responds to a link-in request sent by the gateway, and searches a stored public key of the user by utilizing the user identification carried by the link-in request;
the blockchain decrypts the signature data of the communication data carried by the link entering request by using the searched public key of the user, compares the communication data obtained by decryption with the communication data of the link entering request, and if the comparison result is consistent, the authentication is passed;
under the condition that the block chain passes the authentication, storing communication data carried by the incoming chain request to content corresponding to the identification of the user;
the block chain allocates a chain code corresponding to the communication data,
the public key and the private key of the user are generated by the client of the user for each session of the user, and the public key and the private key of the user and the authorization code used by different sessions of the user are different.
2. The communication method of claim 1, further comprising:
and the gateway records the chain code of the communication data in the blockchain, and returns a communication response to the client of the user, wherein the communication response carries the chain code of the communication data in the blockchain.
3. The communication method of claim 2, wherein,
the public key of the user is obtained by the gateway responding to the authorization request sent by the client of the user and decrypting the authorization request by utilizing the private key of the gateway,
wherein the authorization request carries the public key of the user, the authorization request being encrypted by the public key of the gateway.
4. The communication method according to claim 3, wherein,
and the public key of the gateway is used for responding to a registration request sent by the client of the user, verifying the user name and the password carried in the registration request, and returning to the client of the user under the condition that the verification is passed.
5. The communication method according to claim 3, wherein,
the public key and the private key of the gateway are generated by an authority of the gateway calling the blockchain.
6. The communication method of claim 2, further comprising:
the gateway decrypts the communication request using the private key of the gateway, wherein the communication request is encrypted by the client of the user using the public key of the gateway.
7. A communication system, comprising: the gateway, and, in addition, the blockchain,
the blockchain includes: a plurality of blockchain nodes;
wherein any one blockchain node is configured to:
storing an identification of a user and a public key of the user sent by a gateway;
searching a stored public key of the user by using the identifier of the user carried by the incoming link request in response to the incoming link request sent by the gateway, wherein the incoming link request carries the identifier of the user, communication data and signature data of the communication data, and the signature data of the communication data is obtained by signing the communication data by using a private key of the user;
decrypting the signature data of the communication data carried by the link entering request by using the searched public key of the user, comparing the communication data obtained by decryption with the communication data of the link entering request, and if the comparison result is consistent, passing the authentication;
under the condition that authentication is passed, storing communication data carried by the link entering request to content corresponding to the identification of the user;
the chain code corresponding to the communication data is allocated,
the gateway comprises:
the acquisition module is used for acquiring the public key of the user;
the writing module is used for writing the identification of the user and the public key of the user into a blockchain;
the receiving module is used for receiving a communication request sent by a client of the user, wherein the communication request carries communication data, signature data of the communication data and an identifier of the user, and the signature data of the communication data is obtained by signing the communication data by utilizing a private key of the user;
the verification module is used for verifying the authorization code sent by the client of the user;
the sending module is used for sending a chain entering request to the blockchain under the condition that the authorization code verification passes, wherein the chain entering request carries the identification of the user, the communication data and the signature data of the communication data, so that the blockchain can carry out signature verification and chain entering operation based on the information carried by the chain entering request;
a recording module for recording the chain code of the communication data in the block chain,
the identification of the user is an authorization code generated by the gateway for each session of the user, the public key and the private key of the user are generated by the client of the user for each session of the user, and the public key and the private key of the user and the authorization code used by different sessions of the user are different.
8. The communication system of claim 7, wherein,
the public key of the user is obtained by the gateway responding to the authorization request sent by the client of the user and decrypting the authorization request by utilizing the private key of the gateway,
wherein the authorization request carries the public key of the user, the authorization request being encrypted by the public key of the gateway.
9. The communication system of claim 8, wherein,
and the public key of the gateway is used for responding to a registration request sent by the client of the user, verifying the user name and the password carried in the registration request, and returning to the client of the user under the condition that the verification is passed.
10. A computer readable storage medium having stored thereon a computer program which when executed by a processor realizes the steps of the communication method of any of claims 1-6.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810786957.1A CN110740038B (en) | 2018-07-18 | 2018-07-18 | Blockchain and communication method, gateway, communication system and storage medium thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810786957.1A CN110740038B (en) | 2018-07-18 | 2018-07-18 | Blockchain and communication method, gateway, communication system and storage medium thereof |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110740038A CN110740038A (en) | 2020-01-31 |
CN110740038B true CN110740038B (en) | 2023-05-30 |
Family
ID=69234274
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810786957.1A Active CN110740038B (en) | 2018-07-18 | 2018-07-18 | Blockchain and communication method, gateway, communication system and storage medium thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110740038B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113452516A (en) * | 2020-03-27 | 2021-09-28 | 山东浪潮质量链科技有限公司 | Block chain-based asymmetric key generation and distribution method, equipment and medium |
CN113761585B (en) * | 2020-06-17 | 2024-06-18 | 北京沃东天骏信息技术有限公司 | Data processing method, device and system |
CN113709128A (en) * | 2021-08-19 | 2021-11-26 | 山东新一代信息产业技术研究院有限公司 | IROS system communication method and device based on block chain |
CN113872986B (en) * | 2021-10-15 | 2023-10-24 | 南方电网数字电网科技(广东)有限公司 | Power distribution terminal authentication method and device and computer equipment |
CN114785529B (en) * | 2022-06-20 | 2022-10-04 | 广东名阳信息科技有限公司 | Method and system for establishing trusted communication link based on block chain |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101626294A (en) * | 2008-07-07 | 2010-01-13 | 华为技术有限公司 | Certifying method based on identity, method, equipment and system for secure communication |
CN107994991A (en) * | 2017-10-31 | 2018-05-04 | 深圳市轱辘车联数据技术有限公司 | A kind of data processing method, data processing server and storage medium |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8972717B2 (en) * | 2000-06-15 | 2015-03-03 | Zixcorp Systems, Inc. | Automatic delivery selection for electronic content |
CN108200079A (en) * | 2018-01-19 | 2018-06-22 | 深圳四方精创资讯股份有限公司 | Block chain method for secret protection and device based on symmetrical and asymmetric Hybrid Encryption |
-
2018
- 2018-07-18 CN CN201810786957.1A patent/CN110740038B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101626294A (en) * | 2008-07-07 | 2010-01-13 | 华为技术有限公司 | Certifying method based on identity, method, equipment and system for secure communication |
CN107994991A (en) * | 2017-10-31 | 2018-05-04 | 深圳市轱辘车联数据技术有限公司 | A kind of data processing method, data processing server and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN110740038A (en) | 2020-01-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110740038B (en) | Blockchain and communication method, gateway, communication system and storage medium thereof | |
US10601801B2 (en) | Identity authentication method and apparatus | |
CN110750803B (en) | Method and device for providing and fusing data | |
CN111090875A (en) | Contract deployment method and device | |
US11831753B2 (en) | Secure distributed key management system | |
CN108199847B (en) | Digital security processing method, computer device, and storage medium | |
CN116601912A (en) | Post-secret provisioning service providing encryption security | |
CN113438205B (en) | Block chain data access control method, node and system | |
CN113609213B (en) | Method, system, device and storage medium for synchronizing device keys | |
CN107729760B (en) | CSP implementation method based on Android system and intelligent terminal | |
CN111901287B (en) | Method and device for providing encryption information for light application and intelligent equipment | |
CN106789963B (en) | Asymmetric white-box password encryption method, device and equipment | |
CN115150821A (en) | Offline package transmission and storage method and device | |
CN111414640A (en) | Key access control method and device | |
US20190305940A1 (en) | Group shareable credentials | |
CN111131160B (en) | User, service and data authentication system | |
CN112448810B (en) | Authentication method and device | |
US11570008B2 (en) | Pseudonym credential configuration method and apparatus | |
CN113452519B (en) | Key synchronization method and device, computer equipment and storage medium | |
CN111404680B (en) | Password management method and device | |
CN115022012A (en) | Data transmission method, device, system, equipment and storage medium | |
CN114285557A (en) | Communication encryption method, system and device | |
CN112182009A (en) | Data updating method and device of block chain and readable storage medium | |
CN114039721B (en) | Key management method and device for vehicle-mounted multimedia system | |
US20230155842A1 (en) | Method and apparatus for certifying an application-specific key and for requesting such certification |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |