CN110740038B - Blockchain and communication method, gateway, communication system and storage medium thereof - Google Patents

Blockchain and communication method, gateway, communication system and storage medium thereof Download PDF

Info

Publication number
CN110740038B
CN110740038B CN201810786957.1A CN201810786957A CN110740038B CN 110740038 B CN110740038 B CN 110740038B CN 201810786957 A CN201810786957 A CN 201810786957A CN 110740038 B CN110740038 B CN 110740038B
Authority
CN
China
Prior art keywords
user
gateway
communication data
communication
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810786957.1A
Other languages
Chinese (zh)
Other versions
CN110740038A (en
Inventor
柴鹏辉
姜南
张伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jingdong Century Trading Co Ltd
Beijing Jingdong Shangke Information Technology Co Ltd
Original Assignee
Beijing Jingdong Century Trading Co Ltd
Beijing Jingdong Shangke Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jingdong Century Trading Co Ltd, Beijing Jingdong Shangke Information Technology Co Ltd filed Critical Beijing Jingdong Century Trading Co Ltd
Priority to CN201810786957.1A priority Critical patent/CN110740038B/en
Publication of CN110740038A publication Critical patent/CN110740038A/en
Application granted granted Critical
Publication of CN110740038B publication Critical patent/CN110740038B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The disclosure provides a blockchain and a communication method, a gateway, a communication system and a storage medium thereof, and relates to the field of communication. The method comprises the following steps: and searching the stored public key of the user by using the identification of the user carried by the incoming chain request, decrypting the signature data of the communication data by using the searched public key of the user, comparing the communication data obtained by decryption with the communication data requested to enter the chain, if the comparison result is consistent, storing the communication data carried by the incoming chain request into the content corresponding to the identification of the user, and then distributing the chain code corresponding to the communication data. The scheme of the disclosure can confirm the integrity of the communication data, prevent the communication data from being tampered with, and confirm the source of the communication data, so that the sender of the communication data cannot repudiate.

Description

Blockchain and communication method, gateway, communication system and storage medium thereof
Technical Field
The present disclosure relates to the field of communications, and in particular, to a blockchain and a communication method, a gateway, a communication system, and a storage medium thereof.
Background
The gateway may implement interworking of networks. The gateway provides a communication interface to the outside, and a user can communicate through the gateway. The data of the user and the gateway can be transmitted in the public network, and the security of the data transmission is difficult to ensure because the public network is an open network environment.
Disclosure of Invention
One technical problem to be solved by the present disclosure is to prevent communication data from being tampered with.
According to one aspect of the present disclosure, a blockchain-based communication method is presented, comprising:
the block chain stores the user identification and the public key of the user sent by the gateway;
the blockchain responds to a link-in request sent by the gateway, and searches a stored public key of the user by using the user identifier carried by the link-in request, wherein the link-in request carries the user identifier, communication data and signature data of the communication data, and the signature data of the communication data is obtained by signing the communication data by using a private key of the user;
the blockchain decrypts the signature data of the communication data carried by the link entering request by using the searched public key of the user, compares the communication data obtained by decryption with the communication data of the link entering request, and if the comparison result is consistent, the authentication is passed;
under the condition that the block chain passes the authentication, storing communication data carried by the incoming chain request to content corresponding to the identification of the user;
and the block chain allocates a chain code corresponding to the communication data.
Optionally, the identity of the user is an authorization code generated by the gateway for each session of the user.
According to yet another aspect of the present disclosure, there is provided a blockchain-based communication method including:
the gateway obtains a public key of a user;
the gateway writes the identification of the user and the public key of the user into a blockchain;
the gateway receives a communication request sent by a client of the user, wherein the communication request carries communication data, signature data of the communication data and an identifier of the user, and the signature data of the communication data is obtained by signing the communication data by utilizing a private key of the user;
the gateway sends a chain entering request to the blockchain, wherein the chain entering request carries the identification of the user, the communication data and the signature data of the communication data, so that the blockchain performs signature verification and chain entering operation based on the information carried by the chain entering request;
the gateway records a chain code of the communication data in the blockchain.
Optionally, the identity of the user is an authorization code generated by the gateway for each session of the user;
the communication method further comprises the steps of: and the gateway verifies the authorization code sent by the client of the user, and sends a chain entering request to the blockchain under the condition that the authorization code passes verification.
Optionally, the public key of the user is obtained by the gateway responding to the authorization request sent by the client of the user and decrypting the authorization request by using the private key of the gateway,
wherein the authorization request carries the public key of the user, the authorization request being encrypted by the public key of the gateway.
Optionally, the public key of the gateway is that the gateway responds to a registration request sent by the client of the user, verifies the user name and the password carried in the registration request, and returns to the client of the user when the verification is passed.
Optionally, the public key and the private key of the gateway are generated by an authority of the gateway invoking the blockchain.
Optionally, the communication method further comprises:
the gateway decrypts the communication request using the private key of the gateway, wherein the communication request is encrypted by the client of the user using the public key of the gateway.
According to yet another aspect of the present disclosure, there is provided a blockchain for communication, comprising: a plurality of blockchain nodes;
wherein any one blockchain node is configured to:
storing an identification of a user and a public key of the user sent by a gateway;
searching a stored public key of the user by using the identifier of the user carried by the incoming link request in response to the incoming link request sent by the gateway, wherein the incoming link request carries the identifier of the user, communication data and signature data of the communication data, and the signature data of the communication data is obtained by signing the communication data by using a private key of the user;
decrypting the signature data of the communication data carried by the link entering request by using the searched public key of the user, comparing the communication data obtained by decryption with the communication data of the link entering request, and if the comparison result is consistent, passing the authentication;
under the condition that authentication is passed, storing communication data carried by the link entering request to content corresponding to the identification of the user;
and distributing the chain code corresponding to the communication data.
Optionally, the identity of the user is an authorization code generated by the gateway for each session of the user.
According to yet another aspect of the present disclosure, there is provided a gateway for communication, comprising:
the acquisition module is used for acquiring the public key of the user;
the writing module is used for writing the identification of the user and the public key of the user into a blockchain;
the receiving module is used for receiving a communication request sent by a client of the user, wherein the communication request carries communication data, signature data of the communication data and an identifier of the user, and the signature data of the communication data is obtained by signing the communication data by utilizing a private key of the user;
the sending module is used for sending a chain entering request to the blockchain, wherein the chain entering request carries the identification of the user, the communication data and the signature data of the communication data, so that the blockchain can carry out signature verification and chain entering operation based on the information carried by the chain entering request;
and the recording module is used for recording the chain code of the communication data in the block chain.
Optionally, the identity of the user is an authorization code generated by the gateway for each session of the user;
the gateway further comprises: the verification module is used for verifying the authorization code sent by the client of the user, and the sending module is used for sending a chain entering request to the blockchain under the condition that the authorization code passes verification.
Optionally, the public key of the user is obtained by the gateway responding to the authorization request sent by the client of the user and decrypting the authorization request by using the private key of the gateway,
wherein the authorization request carries the public key of the user, the authorization request being encrypted by the public key of the gateway.
Optionally, the public key of the gateway is that the gateway responds to a registration request sent by the client of the user, verifies the user name and the password carried in the registration request, and returns to the client of the user when the verification is passed.
According to yet another aspect of the present disclosure, there is provided a blockchain for communication, comprising: a plurality of blockchain nodes;
wherein, any one of the block chain link points includes:
a memory; and
a processor coupled to the memory, the processor configured to perform any of the foregoing communication methods based on instructions stored in the memory.
According to yet another aspect of the present disclosure, there is provided a gateway for communication, comprising:
a memory; and
a processor coupled to the memory, the processor configured to perform any of the foregoing communication methods based on instructions stored in the memory.
According to yet another aspect of the present disclosure, there is provided a communication system including:
a gateway as claimed in any preceding claim;
the method comprises the steps of,
the blockchain of any of the foregoing.
According to yet another aspect of the present disclosure, a computer-readable storage medium is presented, on which a computer program is stored, which program, when being executed by a processor, implements the steps of any of the aforementioned communication methods.
The scheme of the disclosure can confirm the integrity of the communication data, prevent the communication data from being tampered with, and confirm the source of the communication data, so that the sender of the communication data cannot repudiate.
Drawings
The drawings that are required for use in the description of the embodiments or the related art will be briefly described below. The present disclosure will be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings,
it will be apparent to those of ordinary skill in the art that the drawings in the following description are merely examples of the disclosure and that other drawings may be derived from them without inventive faculty.
Fig. 1 is a flow diagram of some embodiments of a blockchain-based communication method of the present disclosure.
Fig. 2 is a flow chart of other embodiments of a blockchain-based communication method of the present disclosure.
Fig. 3 is a schematic diagram of some embodiments of a communication system 300 of the present disclosure.
Fig. 4 is a schematic diagram of some embodiments of gateway 310 of the present disclosure.
Fig. 5 is a schematic diagram of some embodiments of a blockchain 320 of the present disclosure.
Fig. 6 is a schematic diagram of other embodiments of a gateway 310 or blockchain 320 of the present disclosure.
Detailed Description
The technical solutions in the embodiments of the present disclosure will be clearly and completely described below with reference to the drawings in the embodiments of the present disclosure.
Fig. 1 is a flow diagram of some embodiments of a communication method of the present disclosure. As shown in fig. 1, the method of this embodiment includes: steps 110-150.
In step 110, the gateway obtains the public key of the user.
In some embodiments, the user's public key and corresponding private key may be generated by the user's client, for example.
In some embodiments, the client of the user sends an authorization request to the gateway, the authorization request carries the public key of the user, and the authorization request is encrypted by the public key of the gateway, so that the security of the public key transmission of the user is ensured. Correspondingly, the gateway responds to the authorization request sent by the client of the user, and decrypts the authorization request by utilizing the private key of the gateway to obtain the public key of the user.
The public key of the gateway responds to a registration request sent by a client of a user, verifies a user name and a password carried in the registration request, and returns to the client of the user under the condition that the verification is passed.
The public and private keys of the gateway may be generated by, for example, a gateway invoking a blockchain authority (CA, certificate Authority).
In step 120, the gateway writes the identity of the user and the user's public key to the blockchain. The information in the blockchain is not easily tampered with.
In step 130, the blockchain stores the identity of the user and the public key of the user sent by the gateway.
In step 140, the gateway receives a communication request sent by the client of the user, where the communication request carries communication data, signature data of the communication data, and an identifier of the user, and the signature data of the communication data is obtained by signing the communication data with a private key of the user.
In some embodiments, the identity of the user may be, for example, an authorization code generated by the gateway for each session of the user. The gateway sends the generated authorization code to the client of the user, the communication request sent by the client of the user can carry the authorization code, for example, the gateway verifies the authorization code sent by the client of the user, thereby confirming the validity of the current session of the user, and when the authorization code verification is passed, the gateway executes the request of sending the link-in to the blockchain in step 140.
In some embodiments, to further increase the security of the information transfer, the communication request may be encrypted by the user's client using the public key of the gateway, and accordingly, the gateway may decrypt the communication request using the private key of the gateway.
In step 150, the gateway sends an in-link request to the blockchain, the in-link request carrying the user's identification, communication data, signature data of the communication data.
At step 160, the blockchain performs signature verification and in-chain operations based on the information carried by the in-chain request.
Specifically, the public key of the stored user is searched by using the user identification carried by the incoming link request, the signature data of the communication data is decrypted by using the public key of the user, the communication data obtained by decryption is compared with the communication data of the incoming link request, if the comparison result is consistent, the communication data is written into the content corresponding to the user identification in the blockchain, and the chain code of the communication data in the blockchain is distributed and returned to the gateway. If the comparison result is inconsistent, the authentication is not passed, and the communication data which is requested to enter the chain can be discarded.
In some embodiments, to reduce the amount of data transmitted and further improve the security of the data transmission, the in-link request may carry the user's identification, the communication data, signature data of summary information of the communication data (i.e., data obtained by signing the summary information of the communication data). Correspondingly, the blockchain generates summary information of communication data requesting to enter the chain, decrypts signature data of the summary information of the communication data by utilizing a public key of a user, compares the summary information of the communication data obtained through decryption with the generated summary information of the communication data requesting to enter the chain, and writes the communication data into content corresponding to the identification of the user in the blockchain if the comparison results are consistent. Wherein, the abstract generation algorithm used by the client and the gateway is consistent. The digest generation algorithm may be, for example, a hash algorithm.
The content written into the blockchain may be synchronized into the various nodes of the blockchain by blockchain synchronization techniques.
At step 170, the gateway records the chain code of the communication data in the blockchain. Communication data of the corresponding user can be queried from the blockchain through the chain code.
The above embodiments can confirm the integrity of the communication data, prevent the communication data from being tampered with, and confirm the source of the communication data, so that the sender of the communication data cannot repudiate.
Fig. 2 is a flow chart illustrating further embodiments of the communication method of the present disclosure. As shown in fig. 2, the method of this embodiment includes: steps 210 to 2120.
In step 210, the gateway receives a registration request sent by a client of a user, where the registration request carries a user name and a password.
In step 220, the gateway verifies the user name and the password carried in the registration request, and in case of passing the verification, invokes the authority of the blockchain to generate the public key and the private key of the gateway.
In step 230, if the registration is successful, the gateway returns a registration success response to the client, and the registration success response carries the public key of the gateway, so that the client obtains the public key of the gateway; if the registration fails, the gateway returns a registration failure response to the client.
In step 240, the client of the user generates the public key and the private key of the user, and sends an authorization request to the gateway, wherein the authorization request carries the public key of the user, and the authorization request is encrypted by the public key of the gateway, so that the security of the public key transmission of the user is ensured.
In step 250, the gateway responds to the authorization request sent by the client of the user, decrypts the authorization request by using the private key of the gateway to obtain the public key of the user, and generates the authorization code of the current session for the user. The gateway writes the user's authorization code and the user's public key to the blockchain.
In step 260, the gateway returns an authorization response to the client of the user, where the authorization response carries an authorization code, so that the client of the user obtains the authorization code of the current session.
In step 270, the gateway receives a communication request sent by the client of the user, where the communication request carries communication data, signature data of the communication data, and an authorization code of the user, and the signature data of the communication data is obtained by signing the communication data with a private key of the user.
In step 280, the gateway verifies the authorization code sent from the user's client, thereby confirming the legitimacy of the user.
In step 290, in the event that the authorization code is verified, the gateway sends an in-link request to the blockchain, the in-link request carrying the authorization code of the user, the communication data, the signature data of the communication data.
In step 2100, the blockchain searches the public key of the stored user by using the authorization code of the user carried by the incoming link request, decrypts the signature data of the communication data by using the public key of the user, compares the communication data obtained by decryption with the communication data requested to enter the link, if the comparison result is consistent, writes the communication data into the content corresponding to the identifier of the user in the blockchain, and distributes and returns the link code of the communication data in the blockchain. If the comparison result is inconsistent, the authentication is not passed, and the communication data which is requested to enter the chain can be discarded.
In step 2110, the gateway records the chain code of the communication data in the blockchain. Communication data of the corresponding user can be queried from the blockchain through the chain code.
In step 2120, the gateway returns a communication response to the user's client, and if the communication data is successfully chained, the communication response may carry the chain code of the communication data in the blockchain.
Alternatively, the public and private keys of the user and the authorization code of the user may be generated once for each session of the user, respectively, i.e. the public and private keys of the user and the authorization code of the user used by different sessions of the same user may also be different. Thus, the security of the communication data is further improved.
Optionally, in order to reduce the amount of data transmitted and further improve the security of the data transmission, the in-link request may carry the user's identification, the communication data, signature data of summary information of the communication data (i.e., data obtained by signing the summary information of the communication data). Correspondingly, the blockchain generates summary information of communication data requesting to enter the chain, decrypts signature data of the summary information of the communication data by utilizing a public key of a user, compares the summary information of the communication data obtained through decryption with the generated summary information of the communication data requesting to enter the chain, and writes the communication data into content corresponding to the identification of the user in the blockchain if the comparison results are consistent. Wherein, the abstract generation algorithm used by the client and the gateway is consistent. The digest generation algorithm may be, for example, a hash algorithm.
The above embodiments can confirm the integrity of the communication data, prevent the communication data from being tampered with, and confirm the source of the communication data, so that the sender of the communication data cannot repudiate.
Fig. 3 is a schematic diagram of some embodiments of a communication system 300 of the present disclosure.
As shown in fig. 3, the communication system 300 of this embodiment includes: gateway 310 and blockchain 320. Gateway 310 is communicatively coupled to blockchain 320.
Gateway 310 and blockchain 320 are described below, respectively.
Fig. 4 is a schematic diagram of some embodiments of gateway 310 of the present disclosure.
As shown in fig. 4, the gateway 310 of this embodiment includes: modules 311-315. Optionally, a module 316 may also be included.
The obtaining module 311 is configured to obtain a public key of a user.
A writing module 312 for writing the identification of the user and the public key of the user to the blockchain.
The receiving module 313 is configured to receive a communication request sent by a client of a user, where the communication request carries communication data, signature data of the communication data, and an identifier of the user, and the signature data of the communication data is obtained by signing the communication data with a private key of the user.
And a sending module 314, configured to send an in-link request to the blockchain, where the in-link request carries an identifier of a user, communication data, and signature data of the communication data, so that the blockchain performs signature verification and in-link operation based on information carried by the in-link request (that is, the blockchain searches a stored public key of the user by using the identifier of the user, decrypts the signature data of the communication data by using the public key of the user, compares the decrypted communication data with the communication data requested to enter the chain, if the comparison result is consistent, writes the communication data into content corresponding to the identifier of the user in the blockchain, and returns a chain code of the communication data in the blockchain).
A recording module 315 for recording a chain code of the communication data in the blockchain.
In some embodiments, the identity of the user may be an authorization code generated by the gateway for each session of the user. And the verification module 316 is used for verifying the authorization code sent by the client of the user. Correspondingly, the sending module 314 sends the link-in request to the blockchain again if the authorization code passes verification.
In some embodiments, the public key of the user is obtained by the gateway responding to the authorization request sent by the client of the user and decrypting the authorization request by using the private key of the gateway, wherein the authorization request carries the public key of the user, and the authorization request is encrypted by the public key of the gateway.
In some embodiments, the public key of the gateway is that the gateway responds to a registration request sent by a client of a user, verifies a user name and a password carried in the registration request, and returns to the client of the user if the verification is passed.
Fig. 5 is a schematic diagram of some embodiments of a blockchain 320 of the present disclosure.
As shown in fig. 5, the blockchain 320 of this embodiment includes: a plurality of blockchain nodes 1, …, n. Information may be synchronized between the plurality of blockchain nodes 1, …, n using blockchain synchronization techniques.
Wherein any one of blockchain nodes 1, …, n is configured to:
storing an identification (such as an authorization code) of a user and a public key of the user sent by the gateway;
responding to a link entering request sent by a gateway, and searching a stored public key of a user by using a user identifier carried by the link entering request, wherein the link entering request carries the user identifier, communication data and signature data of the communication data, and the signature data of the communication data is obtained by signing the communication data by using a user private key;
decrypting the signature data of the communication data carried by the link-in request by using the searched public key of the user, comparing the communication data obtained by decryption with the communication data of the link-in request, and if the comparison result is consistent, passing the authentication;
under the condition that authentication is passed, storing communication data carried by the link entering request into content corresponding to the user identification;
and allocating a chain code corresponding to the communication data.
Fig. 6 is a schematic diagram of other embodiments of a gateway 310 or blockchain 320 of the present disclosure.
As shown in fig. 6, the gateway 310 or blockchain 320 of this embodiment includes: a memory 610 and a processor 620 coupled to the memory 610, the processor 620 being configured to perform the communication method of any of the foregoing embodiments based on instructions stored in the memory 610.
The memory 610 may include, for example, system memory, fixed nonvolatile storage media, and the like. The system memory stores, for example, an operating system, application programs, boot Loader (Boot Loader), and other programs.
Gateway 310 or blockchain 320 may also include input-output interfaces 630, network interfaces 640, storage interfaces 650, and the like. These interfaces 630, 640, 650 and the memory 610 and processor 620 may be connected by, for example, a bus 660. The input/output interface 630 provides a connection interface for input/output devices such as a display, a mouse, a keyboard, and a touch screen. Network interface 640 provides a connection interface for various networking devices. The storage interface 650 provides a connection interface for external storage devices such as SD cards, U-discs, and the like.
The present disclosure also proposes a computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, implements the steps of the communication method in any of the aforementioned embodiments.
It will be appreciated by those skilled in the art that embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flowchart and/or block of the flowchart illustrations and/or block diagrams, and combinations of flowcharts and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing description of the preferred embodiments of the present disclosure is not intended to limit the disclosure, but rather to enable any modification, equivalent replacement, improvement or the like, which fall within the spirit and principles of the present disclosure.

Claims (10)

1. A blockchain-based communication method, comprising:
the gateway obtains a public key of a user;
the gateway generates an authorization code for each session of the user and writes the user identification and the public key of the user into a blockchain as the user identification;
the block chain stores the user identification and the public key of the user sent by the gateway;
the gateway receives a communication request sent by a client of the user, wherein the communication request carries communication data, signature data of the communication data and an identifier of the user, and the signature data of the communication data is obtained by signing the communication data by utilizing a private key of the user;
the gateway verifies the authorization code sent by the client of the user, and sends a link-in request to the blockchain under the condition that the authorization code passes verification, wherein the link-in request carries the identification of the user, the communication data and the signature data of the communication data;
the blockchain responds to a link-in request sent by the gateway, and searches a stored public key of the user by utilizing the user identification carried by the link-in request;
the blockchain decrypts the signature data of the communication data carried by the link entering request by using the searched public key of the user, compares the communication data obtained by decryption with the communication data of the link entering request, and if the comparison result is consistent, the authentication is passed;
under the condition that the block chain passes the authentication, storing communication data carried by the incoming chain request to content corresponding to the identification of the user;
the block chain allocates a chain code corresponding to the communication data,
the public key and the private key of the user are generated by the client of the user for each session of the user, and the public key and the private key of the user and the authorization code used by different sessions of the user are different.
2. The communication method of claim 1, further comprising:
and the gateway records the chain code of the communication data in the blockchain, and returns a communication response to the client of the user, wherein the communication response carries the chain code of the communication data in the blockchain.
3. The communication method of claim 2, wherein,
the public key of the user is obtained by the gateway responding to the authorization request sent by the client of the user and decrypting the authorization request by utilizing the private key of the gateway,
wherein the authorization request carries the public key of the user, the authorization request being encrypted by the public key of the gateway.
4. The communication method according to claim 3, wherein,
and the public key of the gateway is used for responding to a registration request sent by the client of the user, verifying the user name and the password carried in the registration request, and returning to the client of the user under the condition that the verification is passed.
5. The communication method according to claim 3, wherein,
the public key and the private key of the gateway are generated by an authority of the gateway calling the blockchain.
6. The communication method of claim 2, further comprising:
the gateway decrypts the communication request using the private key of the gateway, wherein the communication request is encrypted by the client of the user using the public key of the gateway.
7. A communication system, comprising: the gateway, and, in addition, the blockchain,
the blockchain includes: a plurality of blockchain nodes;
wherein any one blockchain node is configured to:
storing an identification of a user and a public key of the user sent by a gateway;
searching a stored public key of the user by using the identifier of the user carried by the incoming link request in response to the incoming link request sent by the gateway, wherein the incoming link request carries the identifier of the user, communication data and signature data of the communication data, and the signature data of the communication data is obtained by signing the communication data by using a private key of the user;
decrypting the signature data of the communication data carried by the link entering request by using the searched public key of the user, comparing the communication data obtained by decryption with the communication data of the link entering request, and if the comparison result is consistent, passing the authentication;
under the condition that authentication is passed, storing communication data carried by the link entering request to content corresponding to the identification of the user;
the chain code corresponding to the communication data is allocated,
the gateway comprises:
the acquisition module is used for acquiring the public key of the user;
the writing module is used for writing the identification of the user and the public key of the user into a blockchain;
the receiving module is used for receiving a communication request sent by a client of the user, wherein the communication request carries communication data, signature data of the communication data and an identifier of the user, and the signature data of the communication data is obtained by signing the communication data by utilizing a private key of the user;
the verification module is used for verifying the authorization code sent by the client of the user;
the sending module is used for sending a chain entering request to the blockchain under the condition that the authorization code verification passes, wherein the chain entering request carries the identification of the user, the communication data and the signature data of the communication data, so that the blockchain can carry out signature verification and chain entering operation based on the information carried by the chain entering request;
a recording module for recording the chain code of the communication data in the block chain,
the identification of the user is an authorization code generated by the gateway for each session of the user, the public key and the private key of the user are generated by the client of the user for each session of the user, and the public key and the private key of the user and the authorization code used by different sessions of the user are different.
8. The communication system of claim 7, wherein,
the public key of the user is obtained by the gateway responding to the authorization request sent by the client of the user and decrypting the authorization request by utilizing the private key of the gateway,
wherein the authorization request carries the public key of the user, the authorization request being encrypted by the public key of the gateway.
9. The communication system of claim 8, wherein,
and the public key of the gateway is used for responding to a registration request sent by the client of the user, verifying the user name and the password carried in the registration request, and returning to the client of the user under the condition that the verification is passed.
10. A computer readable storage medium having stored thereon a computer program which when executed by a processor realizes the steps of the communication method of any of claims 1-6.
CN201810786957.1A 2018-07-18 2018-07-18 Blockchain and communication method, gateway, communication system and storage medium thereof Active CN110740038B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810786957.1A CN110740038B (en) 2018-07-18 2018-07-18 Blockchain and communication method, gateway, communication system and storage medium thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810786957.1A CN110740038B (en) 2018-07-18 2018-07-18 Blockchain and communication method, gateway, communication system and storage medium thereof

Publications (2)

Publication Number Publication Date
CN110740038A CN110740038A (en) 2020-01-31
CN110740038B true CN110740038B (en) 2023-05-30

Family

ID=69234274

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810786957.1A Active CN110740038B (en) 2018-07-18 2018-07-18 Blockchain and communication method, gateway, communication system and storage medium thereof

Country Status (1)

Country Link
CN (1) CN110740038B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113452516A (en) * 2020-03-27 2021-09-28 山东浪潮质量链科技有限公司 Block chain-based asymmetric key generation and distribution method, equipment and medium
CN113761585B (en) * 2020-06-17 2024-06-18 北京沃东天骏信息技术有限公司 Data processing method, device and system
CN113709128A (en) * 2021-08-19 2021-11-26 山东新一代信息产业技术研究院有限公司 IROS system communication method and device based on block chain
CN113872986B (en) * 2021-10-15 2023-10-24 南方电网数字电网科技(广东)有限公司 Power distribution terminal authentication method and device and computer equipment
CN114785529B (en) * 2022-06-20 2022-10-04 广东名阳信息科技有限公司 Method and system for establishing trusted communication link based on block chain

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101626294A (en) * 2008-07-07 2010-01-13 华为技术有限公司 Certifying method based on identity, method, equipment and system for secure communication
CN107994991A (en) * 2017-10-31 2018-05-04 深圳市轱辘车联数据技术有限公司 A kind of data processing method, data processing server and storage medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8972717B2 (en) * 2000-06-15 2015-03-03 Zixcorp Systems, Inc. Automatic delivery selection for electronic content
CN108200079A (en) * 2018-01-19 2018-06-22 深圳四方精创资讯股份有限公司 Block chain method for secret protection and device based on symmetrical and asymmetric Hybrid Encryption

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101626294A (en) * 2008-07-07 2010-01-13 华为技术有限公司 Certifying method based on identity, method, equipment and system for secure communication
CN107994991A (en) * 2017-10-31 2018-05-04 深圳市轱辘车联数据技术有限公司 A kind of data processing method, data processing server and storage medium

Also Published As

Publication number Publication date
CN110740038A (en) 2020-01-31

Similar Documents

Publication Publication Date Title
CN110740038B (en) Blockchain and communication method, gateway, communication system and storage medium thereof
US10601801B2 (en) Identity authentication method and apparatus
CN110750803B (en) Method and device for providing and fusing data
CN111090875A (en) Contract deployment method and device
US11831753B2 (en) Secure distributed key management system
CN108199847B (en) Digital security processing method, computer device, and storage medium
CN116601912A (en) Post-secret provisioning service providing encryption security
CN113438205B (en) Block chain data access control method, node and system
CN113609213B (en) Method, system, device and storage medium for synchronizing device keys
CN107729760B (en) CSP implementation method based on Android system and intelligent terminal
CN111901287B (en) Method and device for providing encryption information for light application and intelligent equipment
CN106789963B (en) Asymmetric white-box password encryption method, device and equipment
CN115150821A (en) Offline package transmission and storage method and device
CN111414640A (en) Key access control method and device
US20190305940A1 (en) Group shareable credentials
CN111131160B (en) User, service and data authentication system
CN112448810B (en) Authentication method and device
US11570008B2 (en) Pseudonym credential configuration method and apparatus
CN113452519B (en) Key synchronization method and device, computer equipment and storage medium
CN111404680B (en) Password management method and device
CN115022012A (en) Data transmission method, device, system, equipment and storage medium
CN114285557A (en) Communication encryption method, system and device
CN112182009A (en) Data updating method and device of block chain and readable storage medium
CN114039721B (en) Key management method and device for vehicle-mounted multimedia system
US20230155842A1 (en) Method and apparatus for certifying an application-specific key and for requesting such certification

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant