CN110826082A - Privacy protection method and device for block chain - Google Patents
Privacy protection method and device for block chain Download PDFInfo
- Publication number
- CN110826082A CN110826082A CN201910936542.2A CN201910936542A CN110826082A CN 110826082 A CN110826082 A CN 110826082A CN 201910936542 A CN201910936542 A CN 201910936542A CN 110826082 A CN110826082 A CN 110826082A
- Authority
- CN
- China
- Prior art keywords
- uplink
- data
- key
- node
- viewing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/389—Keeping log of transactions for guaranteeing non-repudiation of a transaction
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Abstract
The embodiment of the invention provides a privacy protection method and equipment for a block chain, wherein the method is used for a data uplink node in the block chain and comprises the following steps: acquiring data to be uplink; performing key agreement by using a public key and a private key stored by the user and the data viewing node to obtain an uplink key; the data viewing node is a node capable of viewing the data to be uplink; encrypting the data to be uplink by using the uplink key to obtain encrypted uplink data; the method provided by the embodiment of the invention encrypts the data in the block chain before uploading, and only the key used for encryption by the block chain and the data viewing node is used, so that the data privacy protection of a user is realized on the premise of ensuring that the block chain data is not tampered.
Description
Technical Field
The embodiment of the invention relates to the technical field of block chains, in particular to a privacy protection method and device for a block chain.
Background
Block chains: the block chain is a decentralized distributed account book, and can be simply understood as a distributed database distributed at each node, the database is formed by connecting blocks in time sequence, and a plurality of transactions are recorded in the blocks. It is based on cryptographic principles rather than credit, allowing any agreed party to pay directly without the involvement of a third party intermediary.
Federation chain: only aiming at members of a certain group and limited third parties, a plurality of preselected nodes are internally designated as bookers, the generation of each block is jointly determined by all the preselected nodes, other access nodes can participate in transactions, but the billing process is not asked, and other third parties can carry out limited inquiry through the API opened by the block chain. To achieve better performance, the federation chain places certain requirements on the configuration and network environment of the consensus or authentication node. With the admission mechanism, the transaction performance can be improved more easily, and problems caused by the participants with uneven participation can be avoided.
According to the difference of centralization degree of the block chain network, the block chain under 3 different application scenes is differentiated:
(1) the whole network is public, and a block chain without a user authorization mechanism is called a public chain;
(2) authorized nodes are allowed to join the network, information can be viewed according to the authority, and the information is often used for a block chain between organizations, which is called a alliance chain or an industry chain;
(3) all nodes in the network are held in one organization, called a private chain.
The federation chain and private chain are also collectively referred to as the license chain, and the public chain is referred to as the non-license chain.
Examples of federation chains are many, such as educational chains, judicial chains, medical chains, and so forth.
An education chain is constituted by elements of an education system such as schools, education offices, training institutions, human units, parents, students, etc. as nodes (natural persons such as parents, students, etc. can entrust and authorize a company entity to participate in the alliance chain on their behalf).
The judicial chain is formed by taking elements of the education system, such as a public security bureau, a court, a quarantine bureau, a judicial bureau, lawyer, a party and the like as nodes (natural persons such as the lawyer, the party and the like can entrust and authorize a company entity to participate in the alliance chain on behalf of the company entity).
The medicine chain is composed of various elements of a medicine system, such as hospitals, health offices, medicine companies, medicine sales agent companies, doctors, patients, medical accident identification organizations, strong judicial departments, such as courts and the like (natural persons such as doctors, patients and the like can entrust and authorize a company entity to participate in the alliance chain on behalf of the company entity).
We illustrate this in the medical chain. The blockchain is a distributed account book, and the greatest benefit of the blockchain is loss resistance. Initial cryptography can guarantee the quadpartition: confidentiality, authenticity, integrity, non-repudiation, but most initial cryptography does not achieve loss resistance. For example, medical accidents occur, in order to divide responsibility, the law department requires hospitals and doctors to give medical records, examination reports, prescriptions, inpatient treatment records, examination results, specimen information and the like generated in the process of the patients' treatment at that time, wherein the information includes copies of the patients, original records only mastered by the hospitals, and copies of the patients stored in any other places can be lost due to poor storage or careless loss because the patients are not professional institutions. At this time, in order to avoid responsibility in the aspect of a hospital doctor, it can be said that the material which is mastered only by one side of the doctor is lost, and the material which the patient cannot give a copy does not mean that the patient is lost. At this time of the court, it is difficult to divide the responsibility for the medical incident clearly because of insufficient evidence.
The block chain achieves loss resistance. Any service in the diagnosis and treatment process is linked up, and once the link up is carried out, the link up can not be changed any more and can not be deleted. Thus achieving loss resistance.
However, the blockchain has a great disadvantage that information on the chain is disclosed to each node participating in the blockchain. For example, in the medical chain, the examination result of a patient may be very private personal health data, and if the medical chain is up, the examination result of the patient can be viewed by all nodes in the chain, such as hospitals, health offices, medical companies, medical sales agent companies, doctors, patients, medical accident identification organizations, and strong judicial departments, such as courts, at any time. This is not desirable for the patient, not for his own privacy of health to be disclosed within the federation chain. Public links are more fearful in terms of privacy disclosure, such as bitcoin, ether house, any transaction is globally visible, and under which account number, how many properties are globally visible.
Therefore, it is an urgent technical problem to be solved by those skilled in the art how to provide a blockchain privacy scheme to protect data privacy of a user on the premise of ensuring that blockchain data is not tampered.
Disclosure of Invention
Therefore, embodiments of the present invention provide a privacy protection method and device for a blockchain, which are used for implementing data privacy protection of a user on the premise of ensuring that blockchain data is not tampered.
In order to achieve the above object, the embodiments of the present invention provide the following technical solutions:
in a first aspect, an embodiment of the present invention provides a privacy protection method for a block chain, where the privacy protection method is used for a data uplink node in the block chain, and includes:
acquiring data to be uplink;
performing key agreement by using a public key and a private key stored by the user and the data viewing node to obtain an uplink key; the data viewing node is a node capable of viewing the data to be uplink;
encrypting the data to be uplink by using the uplink key to obtain encrypted uplink data;
and transmitting the encrypted uplink data to a block chain storage to ensure the integrity of the encrypted uplink data.
Preferably, the performing key agreement with the data viewing node by using the public key and the private key stored in the node itself to obtain the uplink key includes:
acquiring a second public key of the data viewing node;
multiplying a first private key stored by the user by a second public key of the data viewing node to obtain a first uplink key;
sending a first public key stored by the data viewing node to the data viewing node, so that the data viewing node multiplies a second private key of the data viewing node by using the first public key to obtain a second uplink key;
determining the first uplink key and the second uplink key which are equal to each other as an uplink key.
Preferably, the block chain comprises: medical, educational, judicial, and industrial chains.
Preferably, after transmitting the encrypted uplink data to a block chain for storage, the method further comprises:
and locally storing the name of the encrypted uplink data on the blockchain and a corresponding uplink key of the encrypted uplink data so as to facilitate the subsequent viewing of the encrypted uplink data.
In a second aspect, an embodiment of the present invention provides a privacy protection method for a blockchain, where the privacy protection method is used for a data viewing node in the blockchain, and includes:
obtaining a key negotiation request sent by the data uplink node, where the key negotiation request includes: a first public key stored by the data uplink node;
sending a second public key stored by the data viewing node to the data uplink node, so that the data uplink node multiplies a first private key stored by the data viewing node by the second public key of the data viewing node to obtain a first uplink key;
multiplying the first public key by a second private key of the data viewing node to obtain a second uplink key;
determining the first uplink key and the second uplink key which are equal to each other as uplink keys so as to encrypt data to be uplink to obtain encrypted uplink data;
and when the data viewing node needs to view the encrypted uplink data, the encrypted uplink data is decrypted by using the uplink key so as to obtain a plaintext of the uplink data for viewing.
In a third aspect, an embodiment of the present invention provides a data uplink node, which is applied to the privacy protection method for a block chain according to any of the foregoing first aspects, and includes:
the data acquisition module is used for acquiring data to be linked;
the uplink key negotiation module is used for carrying out key negotiation with the data viewing node by using a public key and a private key stored by the uplink key negotiation module to obtain an uplink key; the data viewing node is a node capable of viewing the data to be uplink;
the data encryption module is used for encrypting the data to be uplink by using the uplink key to obtain encrypted uplink data;
and the encrypted data uplink module is used for transmitting the encrypted uplink data to a block chain for storage so as to ensure the integrity of the encrypted uplink data.
Preferably, the uplink key negotiation module includes:
the public key acquisition unit is used for acquiring a second public key of the data viewing node;
the first key calculation unit is used for multiplying a first private key stored by the first key calculation unit by a second public key of the data viewing node to obtain a first uplink key;
the first public key sending unit is used for sending a first public key stored by the first public key sending unit to the data viewing node so that the data viewing node can multiply a second private key of the data viewing node by using the first public key to obtain a second uplink key;
an uplink key confirmation unit, configured to determine the first uplink key and the second uplink key that are equal to each other as an uplink key.
In a fourth aspect, an embodiment of the present invention provides a data viewing node, which is applied to the privacy protection method for a block chain according to the second aspect, and includes:
a negotiation request obtaining module, configured to obtain a key negotiation request sent by the uplink data node, where the key negotiation request includes: a first public key stored by the data uplink node;
the second public key sending module is used for sending a second public key stored by the data viewing node to the data uplink node so that the data uplink node multiplies a first private key stored by the data viewing node by the second public key of the data viewing node to obtain a first uplink key;
the second key calculation module is used for multiplying the first public key by a second private key of the data viewing node to obtain a second uplink key;
a uplink key determining module, configured to determine the first uplink key and the second uplink key that are equal to each other as an uplink key, so as to encrypt data to be uplink data to obtain encrypted uplink data;
and the data viewing module is used for decrypting the encrypted uplink data by using the uplink key when the data viewing node needs to view the encrypted uplink data so as to obtain a plaintext of the uplink data for viewing.
In a fifth aspect, an embodiment of the present invention provides a privacy protection apparatus for a block chain, including:
a memory for storing a computer program;
a processor configured to implement the steps of the privacy protection method for a blockchain according to any one of the above first aspects when the computer program is executed.
In a sixth aspect, an embodiment of the present invention provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the privacy protection method for a blockchain according to any one of the first aspect.
The embodiment of the invention provides a privacy protection method for a block chain, which is used for a data uplink node in the block chain and comprises the following steps: acquiring data to be uplink; performing key agreement by using a public key and a private key stored by the user and the data viewing node to obtain an uplink key; the data viewing node is a node capable of viewing the data to be uplink; encrypting the data to be uplink by using the uplink key to obtain encrypted uplink data; the method provided by the embodiment of the invention encrypts the data in the block chain before uploading, and only the key used for encryption by the block chain and the data viewing node is used, so that the data privacy protection of a user is realized on the premise of ensuring that the block chain data is not tampered.
The privacy protection method and device for the block chain provided by the embodiment of the invention have the same beneficial effects, and are not repeated herein.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It should be apparent that the drawings in the following description are merely exemplary, and that other embodiments can be derived from the drawings provided by those of ordinary skill in the art without inventive effort.
The structures, ratios, sizes, and the like shown in the present specification are only used for matching with the contents disclosed in the specification, so as to be understood and read by those skilled in the art, and are not used to limit the conditions that the present invention can be implemented, so that the present invention has no technical significance, and any structural modifications, changes in the ratio relationship, or adjustments of the sizes, without affecting the effects and the achievable by the present invention, should still fall within the range that the technical contents disclosed in the present invention can cover.
Fig. 1 is a flowchart of a privacy protection method for a blockchain according to an embodiment of the present invention;
fig. 2 is a flowchart of determining an uplink key for a privacy protection method of a block chain according to an embodiment of the present invention;
fig. 3 is another flowchart of a privacy protection method for a blockchain according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a CA certificate approach for a privacy protection method of a blockchain according to an embodiment of the present invention;
fig. 5 is a schematic diagram illustrating uplink key storage for a privacy protection method for a block chain according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a data uplink node according to an embodiment of the present invention;
fig. 7 is a schematic diagram illustrating an uplink key negotiation module of a data uplink node according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a data viewing node according to an embodiment of the present invention;
fig. 9 is a schematic structural diagram of a privacy protecting apparatus for a blockchain according to an embodiment of the present invention.
Detailed Description
The present invention is described in terms of particular embodiments, other advantages and features of the invention will become apparent to those skilled in the art from the following disclosure, and it is to be understood that the described embodiments are merely exemplary of the invention and that it is not intended to limit the invention to the particular embodiments disclosed. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, fig. 1 is a flowchart of a privacy protection method for a block chain according to an embodiment of the present invention; fig. 2 is a flowchart of determining an uplink key for a privacy protection method of a block chain according to an embodiment of the present invention; fig. 3 is another flowchart of a privacy protection method for a blockchain according to an embodiment of the present invention.
The embodiment of the invention provides a privacy protection method for a block chain, which is used for a data uplink node in the block chain and comprises the following steps:
step S11: acquiring data to be uplink;
step S12: performing key agreement by using a public key and a private key stored by the user and the data viewing node to obtain an uplink key; the data viewing node is a node capable of viewing the data to be uplink;
step S13: encrypting the data to be uplink by using the uplink key to obtain encrypted uplink data;
step S14: and transmitting the encrypted uplink data to a block chain storage to ensure the integrity of the encrypted uplink data.
In the embodiment of the present invention, it is first required to acquire the data to be uplink, for example, in some embodiments, if the blockchain is a healthcare alliance chain, for a patient, the identity information and medical information of the patient can be timely entered into the healthcare alliance chain, and then the identity information and medical information of the patient are the data to be uplink.
After obtaining the data to be uplink, the patient agent node where the patient is located can communicate with the node which needs to check the identity information and the medical information in the later period, and negotiate together to obtain the uplink key. For example, in practice, if a medical dispute occurs, the court may need the original identity information and medical information of the patient, so that the node where the court is located may be used as a data viewing node to negotiate with the court node to generate the uplink key.
After the cochain key is obtained, cochain data to be cochain can be encrypted, and the cochain key is obtained by negotiation between the court node serving as the data viewing node and the local node, so that the cochain key also exists in the data viewing node, and the cochain key is used for decryption when the court views the cochain data to be cochain in the later period, so that plaintext data required by the court is obtained.
Moreover, the data uploaded to the blockchain is encrypted uplink data, and other nodes in the blockchain can only ensure that the data is not tampered, but cannot check specific contents, so that the data privacy protection of a user is realized on the premise of ensuring that the blockchain data is not tampered.
Further, in order to perform key agreement with the data viewing node by using the public key and the private key stored in the node, the method for obtaining the uplink key includes:
step S21: acquiring a second public key of the data viewing node;
step S22: multiplying a first private key stored by the user by a second public key of the data viewing node to obtain a first uplink key;
step S23: sending a first public key stored by the data viewing node to the data viewing node, so that the data viewing node multiplies a second private key of the data viewing node by using the first public key to obtain a second uplink key;
step S24: determining the first uplink key and the second uplink key which are equal to each other as an uplink key.
In particular, in practice, a CA (certificate authority) may be used to issue certificates for each node participating in the federation chain, each node having its own private and public keys after having a certificate. The court, which is the strong judicial division in the middle, negotiates the uplink keys with the rest of the parties. Namely, the private key of the user and the public key of the other party are used, and the ECDH algorithm is adopted for carrying out key agreement. The negotiated information is used as the uplink key. Specifically, the block chain to which the technique can be applied includes: medical, educational, judicial, and industrial chains. Of course, the method can also be applied to other block chains such as a federation chain.
Furthermore, in order to facilitate the clear text viewing of the data locally, the following steps may be performed after the encrypted uplink data is transmitted to the blockchain storage: and locally storing the name of the encrypted uplink data on the blockchain and a corresponding uplink key of the encrypted uplink data so as to facilitate the subsequent viewing of the encrypted uplink data. That is to say, the encrypted data uploaded to the block chain may be associated with the used uplink key to form a file and a list of uplink keys, so as to facilitate subsequent key calling and file viewing.
As another aspect of the one-sided writing, another embodiment of the present invention provides a privacy protecting method for a blockchain, for a data viewing node in the blockchain, including:
step S31: obtaining a key negotiation request sent by the data uplink node, where the key negotiation request includes: a first public key stored by the data uplink node;
step S32: sending a second public key stored by the data viewing node to the data uplink node, so that the data uplink node multiplies a first private key stored by the data viewing node by the second public key of the data viewing node to obtain a first uplink key;
step S33: multiplying the first public key by a second private key of the data viewing node to obtain a second uplink key;
step S34: determining the first uplink key and the second uplink key which are equal to each other as uplink keys so as to encrypt data to be uplink to obtain encrypted uplink data;
step S35: and when the data viewing node needs to view the encrypted uplink data, the encrypted uplink data is decrypted by using the uplink key so as to obtain a plaintext of the uplink data for viewing.
That is to say, as a data viewing node, in the process of transmitting data to a block chain by another user node, in order to implement the function of viewing encrypted uplink data, it is necessary to send its own public key to the other user node, and negotiate to generate an uplink key, so that the clear text of the user data can be decrypted and viewed by using the uplink key.
Referring to fig. 4 and 5, fig. 4 is a schematic diagram illustrating a CA certificate method for a privacy protection method of a block chain according to an embodiment of the present invention; fig. 5 is a schematic diagram illustrating an uplink key storage for a privacy protection method of a block chain according to an embodiment of the present invention.
The CA (certification center) is a certificate of node solutions in hospitals 1, 2, health offices, courts, pharmaceutical enterprises, doctor agents, patient agents, etc. in the medical chain, so that each node is used for its own private key and public key. Then, when each node uploads data, the node needs to negotiate with the court to obtain a patient uplink key, a doctor uplink key, a medicine enterprise uplink key, a health bureau uplink key, a hospital 2 uplink key and a hospital 1 uplink key, so that the data uploaded by each node can be checked by the node and the court.
The embodiment of the invention provides a privacy protection method for a block chain, which is used for encrypting data in the block chain before uploading, and only keys used for encryption by the block chain and a data viewing node are used, so that the data privacy protection of a user is realized on the premise of ensuring that the data in the block chain is not tampered.
Referring to fig. 6 and 7, fig. 6 is a schematic structural diagram of a data uplink node according to an embodiment of the present invention; fig. 7 is a block diagram of an uplink key negotiation module of a data uplink node according to an embodiment of the present invention.
An embodiment of the present invention provides a data uplink node 600, which is applied to the privacy protection method for a block chain according to any of the above embodiments, and includes:
a data obtaining module 610, configured to obtain data to be uplink;
the uplink key negotiation module 620 is configured to perform key negotiation with the data viewing node by using a public key and a private key stored in the uplink key negotiation module 620, so as to obtain an uplink key; the data viewing node is a node capable of viewing the data to be uplink;
a data encryption module 630, configured to encrypt the to-be-uplink data by using the uplink key to obtain encrypted uplink data;
an encrypted data uplink module 640 is configured to transmit the encrypted uplink data to a blockchain storage to ensure integrity of the encrypted uplink data.
Preferably, the uplink key negotiation module 620 includes:
a public key obtaining unit 621, configured to obtain a second public key of the data viewing node;
the first key calculation unit 622 is configured to multiply a first private key stored in the first key calculation unit by a second public key of the data viewing node to obtain a first uplink key;
a first public key sending unit 623, configured to send a first public key stored by the first public key sending unit to the data viewing node, so that the data viewing node multiplies a second private key of the data viewing node by using the first public key to obtain a second uplink key;
an uplink key confirmation unit 624 is configured to determine the first uplink key and the second uplink key that are equal to each other as uplink keys.
Referring to fig. 8, fig. 8 is a schematic structural diagram of a data viewing node according to an embodiment of the present invention.
An embodiment of the present invention provides a data viewing node 800, which is applied to the privacy protection method for a block chain according to any of the above embodiments, and includes:
a negotiation request obtaining module 810, configured to obtain a key negotiation request sent by the uplink data node, where the key negotiation request includes: a first public key stored by the data uplink node;
a second public key sending module 820, configured to send a second public key stored by the data view node to the data uplink node, so that the data uplink node multiplies the first private key stored by the data view node by the second public key of the data view node to obtain a first uplink key;
a second key calculation module 830, configured to multiply the first public key by a second private key of the data viewing node to obtain a second uplink key;
an uplink key determining module 840, configured to determine the first uplink key and the second uplink key that are equal to each other as an uplink key, so as to encrypt data to be uplink data to obtain encrypted uplink data;
a data viewing module 850, configured to decrypt the encrypted uplink data by using the uplink key when the data viewing node needs to view the encrypted uplink data, so as to obtain a plaintext of the uplink data for viewing.
Referring to fig. 9, fig. 9 is a schematic structural diagram of a privacy protecting apparatus for a blockchain according to an embodiment of the present invention.
An embodiment of the present invention provides a privacy protecting apparatus 900 for a block chain, including:
a memory 910 for storing a computer program;
a processor 920 configured to implement the steps of the privacy protection method for a blockchain according to any of the above embodiments when the computer program is executed.
Embodiments of the present invention provide a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the privacy protection method for a block chain according to any one of the embodiments described above.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory. The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). The memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (10)
1. A privacy protection method for a blockchain, used for a data uplink node in the blockchain, comprising:
acquiring data to be uplink;
performing key agreement by using a public key and a private key stored by the user and the data viewing node to obtain an uplink key; the data viewing node is a node capable of viewing the data to be uplink;
encrypting the data to be uplink by using the uplink key to obtain encrypted uplink data;
and transmitting the encrypted uplink data to a block chain storage to ensure the integrity of the encrypted uplink data.
2. The privacy protection method of claim 1,
the method for performing key agreement with the data viewing node by using the public key and the private key stored by the user to obtain the uplink key comprises the following steps:
acquiring a second public key of the data viewing node;
multiplying a first private key stored by the user by a second public key of the data viewing node to obtain a first uplink key;
sending a first public key stored by the data viewing node to the data viewing node, so that the data viewing node multiplies a second private key of the data viewing node by using the first public key to obtain a second uplink key;
determining the first uplink key and the second uplink key which are equal to each other as an uplink key.
3. The privacy protection method of claim 1,
the block chain includes: medical, educational, judicial, and industrial chains.
4. The privacy protection method according to any one of claims 1 to 3,
after transmitting the encrypted uplink data to a blockchain storage, further comprising:
and locally storing the name of the encrypted uplink data on the blockchain and a corresponding uplink key of the encrypted uplink data so as to facilitate the subsequent viewing of the encrypted uplink data.
5. A privacy protection method for a blockchain, which is used for a data viewing node in the blockchain, is characterized by comprising the following steps:
obtaining a key negotiation request sent by the data uplink node, where the key negotiation request includes: a first public key stored by the data uplink node;
sending a second public key stored by the data viewing node to the data uplink node, so that the data uplink node multiplies a first private key stored by the data viewing node by the second public key of the data viewing node to obtain a first uplink key;
multiplying the first public key by a second private key of the data viewing node to obtain a second uplink key;
determining the first uplink key and the second uplink key which are equal to each other as uplink keys so as to encrypt data to be uplink to obtain encrypted uplink data;
and when the data viewing node needs to view the encrypted uplink data, the encrypted uplink data is decrypted by using the uplink key so as to obtain a plaintext of the uplink data for viewing.
6. A data uplink node for use in the method for privacy protection of a blockchain according to any one of claims 1 to, comprising:
the data acquisition module is used for acquiring data to be linked;
the uplink key negotiation module is used for carrying out key negotiation with the data viewing node by using a public key and a private key stored by the uplink key negotiation module to obtain an uplink key; the data viewing node is a node capable of viewing the data to be uplink;
the data encryption module is used for encrypting the data to be uplink by using the uplink key to obtain encrypted uplink data;
and the encrypted data uplink module is used for transmitting the encrypted uplink data to a block chain for storage so as to ensure the integrity of the encrypted uplink data.
7. The data uplink node of claim 6,
the uplink key negotiation module includes:
the public key acquisition unit is used for acquiring a second public key of the data viewing node;
the first key calculation unit is used for multiplying a first private key stored by the first key calculation unit by a second public key of the data viewing node to obtain a first uplink key;
the first public key sending unit is used for sending a first public key stored by the first public key sending unit to the data viewing node so that the data viewing node can multiply a second private key of the data viewing node by using the first public key to obtain a second uplink key;
an uplink key confirmation unit, configured to determine the first uplink key and the second uplink key that are equal to each other as an uplink key.
8. A data viewing node applied to the privacy protection method for a blockchain according to claim 5, comprising:
a negotiation request obtaining module, configured to obtain a key negotiation request sent by the uplink data node, where the key negotiation request includes: a first public key stored by the data uplink node;
the second public key sending module is used for sending a second public key stored by the data viewing node to the data uplink node so that the data uplink node multiplies a first private key stored by the data viewing node by the second public key of the data viewing node to obtain a first uplink key;
the second key calculation module is used for multiplying the first public key by a second private key of the data viewing node to obtain a second uplink key;
a uplink key determining module, configured to determine the first uplink key and the second uplink key that are equal to each other as an uplink key, so as to encrypt data to be uplink data to obtain encrypted uplink data;
and the data viewing module is used for decrypting the encrypted uplink data by using the uplink key when the data viewing node needs to view the encrypted uplink data so as to obtain a plaintext of the uplink data for viewing.
9. A privacy preserving device for a blockchain, comprising:
a memory for storing a computer program;
a processor for implementing the steps of the privacy protection method for a blockchain according to any one of claims 1 to 4 when executing the computer program.
10. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, carries out the steps of the privacy protection method for a blockchain according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910936542.2A CN110826082A (en) | 2019-09-29 | 2019-09-29 | Privacy protection method and device for block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910936542.2A CN110826082A (en) | 2019-09-29 | 2019-09-29 | Privacy protection method and device for block chain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110826082A true CN110826082A (en) | 2020-02-21 |
Family
ID=69548511
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910936542.2A Pending CN110826082A (en) | 2019-09-29 | 2019-09-29 | Privacy protection method and device for block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110826082A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111400763A (en) * | 2020-03-21 | 2020-07-10 | 贵州云尚物联科技股份有限公司 | Method for determining property preservation sequence based on block chain |
| CN114697350A (en) * | 2020-12-31 | 2022-07-01 | 福建凯米网络科技有限公司 | Data storage method and storage medium based on block chain |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108681853A (en) * | 2018-05-11 | 2018-10-19 | 阿里巴巴集团控股有限公司 | Logistics information transmission method, system and device based on block chain |
| CN109583215A (en) * | 2018-09-28 | 2019-04-05 | 阿里巴巴集团控股有限公司 | It is a kind of to handle the method and device of collage-credit data, block chain data-sharing systems |
| CN109729041A (en) * | 2017-10-27 | 2019-05-07 | 上海策赢网络科技有限公司 | A kind of publication of encrypted content and acquisition methods and device |
-
2019
- 2019-09-29 CN CN201910936542.2A patent/CN110826082A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109729041A (en) * | 2017-10-27 | 2019-05-07 | 上海策赢网络科技有限公司 | A kind of publication of encrypted content and acquisition methods and device |
| CN108681853A (en) * | 2018-05-11 | 2018-10-19 | 阿里巴巴集团控股有限公司 | Logistics information transmission method, system and device based on block chain |
| CN109583215A (en) * | 2018-09-28 | 2019-04-05 | 阿里巴巴集团控股有限公司 | It is a kind of to handle the method and device of collage-credit data, block chain data-sharing systems |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111400763A (en) * | 2020-03-21 | 2020-07-10 | 贵州云尚物联科技股份有限公司 | Method for determining property preservation sequence based on block chain |
| CN114697350A (en) * | 2020-12-31 | 2022-07-01 | 福建凯米网络科技有限公司 | Data storage method and storage medium based on block chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110622165B (en) | Security measures for determining privacy set intersections | |
| Sharma et al. | Blockchain-based interoperable healthcare using zero-knowledge proofs and proxy re-encryption | |
| CN110008746A (en) | Medical records storage, shared and safety Claims Resolution model and method based on block chain | |
| US8566247B1 (en) | System and method for secure communications involving an intermediary | |
| TW201914254A (en) | Method, apparatus and system for data encryption and decryption | |
| CN109639753A (en) | A kind of data sharing method and system based on block chain | |
| CN111368324A (en) | Credible electronic license platform system based on block chain and authentication method thereof | |
| AU2015409938B2 (en) | System and method for secure digital sharing based on an inter-system exchange of a two-tier double encrypted digital information key | |
| CN111933292B (en) | Block chain-based hospital body and medical data interaction method and storage medium | |
| CN108022194A (en) | Law-enforcing recorder and its data safety processing method, server and system | |
| T. de Oliveira et al. | A break-glass protocol based on ciphertext-policy attribute-based encryption to access medical records in the cloud | |
| Ray et al. | A Certificate Authority (CA)-based cryptographic solution for HIPAA privacy/security regulations | |
| CN110826082A (en) | Privacy protection method and device for block chain | |
| CN112991045A (en) | Medical health consumption financing method, device, equipment and medium based on block chain | |
| CN111081331B (en) | Patient file privacy protection method and system | |
| CN113965370B (en) | Data transmission method and device, computer equipment and readable storage medium | |
| CN114065261A (en) | Block chain-based distributed trusted data sharing platform, method and system | |
| Hussain et al. | Sharing is caring–design and demonstration of a data privacy tool for interorganizational transfer of data | |
| Mittal et al. | A novel two-level secure access control approach for blockchain platform in healthcare | |
| Samala et al. | Transforming Healthcare Data Management: A Blockchain-Based Cloud EHR System for Enhanced Security and Interoperability. | |
| Hardjono et al. | Privacy-preserving claims exchange networks for virtual asset service providers | |
| CN113746829B (en) | Multi-source data association method, device, equipment and storage medium | |
| Rafi et al. | CERTIFICATE MANAGEMENT AND VALIDATION SYSTEM USING BLOCKCHAIN | |
| Ghaffaripour et al. | Cryptographically Enforced Access Control in Blockchain-Based Platforms | |
| CN114065253B (en) | Method for anonymous sharing and verification of certificate and result |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200221 |