CN110826110A - Distributed account book data tamper-proofing method and system - Google Patents
Distributed account book data tamper-proofing method and system Download PDFInfo
- Publication number
- CN110826110A CN110826110A CN201911076656.0A CN201911076656A CN110826110A CN 110826110 A CN110826110 A CN 110826110A CN 201911076656 A CN201911076656 A CN 201911076656A CN 110826110 A CN110826110 A CN 110826110A
- Authority
- CN
- China
- Prior art keywords
- data
- hardware encryption
- encryption card
- data segment
- account book
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses a distributed account book data tamper-proofing method and a distributed account book data tamper-proofing system.A first hardware encryption card acquires a first data segment from an account book and sends the first data segment to a second hardware encryption card, a first hardware encryption card is deployed in each accounting server, and a second hardware encryption card is deployed in each consensus server; the second hardware encryption card compares all the received first data segments, judges whether all the received first data segments are consistent or not, and sends an alarm if the received first data segments are inconsistent; according to the data tamper-proofing reinforced security scheme based on the hardware encryption card, even if part of servers are controlled by an attacker, since the consistency check of the account book is implemented in the hardware encryption card, under the condition that the attacker cannot control all hardware encryption cards on all server nodes, malicious attack behavior exposure caused by data security alarm of the scheme cannot be prevented, so that malicious attack is effectively resisted, and data security is protected.
Description
Technical Field
The invention relates to the technical field of block chain application, in particular to a distributed ledger data tamper-proofing method and system.
Background
A federation chain is one of the block chains. The alliance chain is limited to the participation of alliance members, and the read-write authority and the participation accounting authority on the block chain are formulated according to the alliance rule. The whole network is maintained by member organization, the network access is generally accessed by gateway node of member organization, and the consensus process is controlled by the node selected in advance. The blockchain is actually a database technology and a distributed shared book, and is a data structure formed by orderly connecting blocks containing transaction information from back to front. The alliance chain data is stored in a memory in a block chain data structure at the operation period and is stored in a database in a persistent mode.
A PBFT consensus algorithm is commonly adopted in a alliance chain, and typical distributed consistency problems such as message disorder, participant abnormity, network differentiation and the like under the condition of multi-node participation are effectively solved. Meanwhile, on the premise of allowing a certain proportion of byzantine participants, few errors are eliminated, and final consistency is achieved.
In a alliance-link network, a gossip consistency protocol is adopted for the synchronization blocks among nodes. Each node randomly sends current snapshots of local accounts to adjacent nodes at regular time, such as the summary information of some accounts, including the highest block height, the highest block hash value, the state tree hash value and the like, receives the account snapshot sent by other nodes, and performs account comparison and block request among the nodes through the snapshots, so that all nodes in the whole network finally reach an account consistent state in a short time.
In a federation chain, the system can realize the consistency of the current blocks of the distributed account book through a self-recognition mechanism, when a malicious attacker modifies some historical account book data through a hacker technology, the block chain system cannot timely find out that the data cannot pass through the hash value verification only when the transaction related to the modified content occurs, so that an error is found out. When the amount of data is tampered with, the performance of the blockchain transaction service is often affected, which causes service delay and affects the use of the user.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: the distributed account book data tamper-proofing method and system are provided, and an alarm is given in time under the condition of attack of the distributed account book data, so that malicious attack is effectively resisted, and data security is protected.
In order to solve the technical problems, the invention adopts the technical scheme that:
a distributed ledger data tamper-proofing method comprises the following steps:
s1, the first hardware encryption card acquires a first data segment from the account book and sends the first data segment to a second hardware encryption card, one first hardware encryption card is deployed in each accounting server, and one second hardware encryption card is deployed in each consensus server;
s2, the second hardware encryption card compares all the received first data segments, judges whether all the received first data segments are consistent, and sends out an alarm if the received first data segments are inconsistent.
In order to solve the technical problem, the invention adopts another technical scheme as follows:
a distributed account book data tamper-proofing system comprises M account book servers and N consensus servers, wherein each account book server is internally provided with a first hardware encryption card, each consensus server is internally provided with a second hardware encryption card, the first hardware encryption card comprises a first memory, a first processor and a first computer program which is stored on the first memory and can run on the first processor, the second hardware encryption card comprises a second memory, a second processor and a second computer program which is stored on the second memory and can run on the second processor, and the first processor executes the first computer program to realize the following steps:
s1, acquiring a first data segment from the book, and sending the first data segment to a second hardware encryption card;
the second processor, when executing the second computer program, implements the steps of:
and S2, comparing all the received first data segments, judging whether all the received first data segments are consistent, and if not, sending an alarm.
The invention has the beneficial effects that: a distributed account book data tamper-proofing method and system are based on a data tamper-proofing reinforced security scheme of a hardware encryption card, even if part of servers including important consensus servers are controlled by an attacker, data security alarm cannot be prevented to cause malicious attack behavior exposure under the condition that the attacker cannot control all hardware encryption cards on all server nodes due to the fact that consistency check of an account book is implemented inside the hardware encryption card, and therefore malicious attack is effectively resisted to protect data security.
Drawings
Fig. 1 is a schematic flowchart of a distributed ledger data tamper-proofing method according to an embodiment of the present invention;
fig. 2 is a schematic data flow diagram of a distributed ledger data tamper-proofing method according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a distributed ledger data tamper-proofing system according to an embodiment of the present invention.
Description of reference numerals:
1. a distributed ledger data tamper-proofing system; 2. a billing server; 3. a first hardware encryption card; 4. a first processor; 5. a first memory; 6. a consensus server; 7. a second hardware encryption card; 8. a second processor; 9. a second memory.
Detailed Description
In order to explain technical contents, achieved objects, and effects of the present invention in detail, the following description is made with reference to the accompanying drawings in combination with the embodiments.
Referring to fig. 1 and fig. 2, a distributed ledger data tamper-proofing method includes the steps of:
s1, the first hardware encryption card acquires a first data segment from the account book and sends the first data segment to a second hardware encryption card, one first hardware encryption card is deployed in each accounting server, and one second hardware encryption card is deployed in each consensus server;
s2, the second hardware encryption card compares all the received first data segments, judges whether all the received first data segments are consistent, and sends out an alarm if the received first data segments are inconsistent.
From the above description, the beneficial effects of the present invention are: the data tamper-proofing reinforced security scheme based on the hardware encryption card can not prevent the data security alarm of the scheme from exposing malicious attack behaviors under the condition that an attacker cannot control all hardware encryption cards on all server nodes because the consistency check of the account book is implemented in the hardware encryption card even if part of servers including an important consensus server are controlled by the attacker, so that the malicious attack can be effectively resisted to protect the data security.
Further, the step S1 is specifically:
s11, acquiring data with a first length at a first address of the first hardware encryption card on the account book, and recording the data as a first data segment mm (i), wherein mm () is a data segment, i is the sequence of the accounting server where the current first hardware encryption card is located in all accounting servers, i is 1,2, … M, M is the number of the accounting servers, and one first hardware encryption card is deployed in each accounting server;
s12, the first hardware encryption card performs HASH calculation and encryption on the first data segment mm (i) to obtain encrypted data cc (i) ═ E (k (i), HASH (mm (i))), the HASH () is a HASH function, the E () is an encryption algorithm, the k (i) is a key, and the key is stored in the first hardware encryption card;
s13, the first hardware encryption card sends the encrypted data cc (i) to the second hardware encryption cards of the N pieces of common identification servers at the same time, and each piece of common identification server is provided with one second hardware encryption card;
the step S2 specifically includes:
s21, the second hardware encryption card decrypts each received encrypted data cc (i) with a corresponding key to obtain decrypted data hh (i) ═ D (k (i), cc (i)), where D () is a decryption algorithm, and the second hardware encryption card in each identified server stores keys { k (i) } of all billing servers, where i ═ 1.., M };
s22, the second hardware encryption card compares all the decrypted data hh (i), judges whether all the decrypted data hh (i) are consistent, if not, an alarm is sent out.
From the above description, it can be known that the same data is obtained for consistency comparison, and a data stream encryption and decryption processing mechanism is adopted to improve the encryption and decryption speed; meanwhile, the hardware encryption card is used for encryption, the secret key is stored in the respective hardware encryption card, and the stolen data cannot be decrypted, so that the data security is further protected.
Further, in the step S1, the "the first hardware encryption card obtains the first data segment from the ledger" specifically includes: the first hardware encryption card randomly acquires a first data segment from the account book.
As can be seen from the above description, by randomly acquiring the data segment, under the condition that the book data is large, malicious attack behaviors can be rapidly discovered.
Further, the step S1, the "the first hardware encryption card randomly obtains the first data segment from the account book" specifically includes: the first hardware encryption card randomly acquires a J-th data segment from the account book, the J is recorded as a first data segment, the account book is divided into J data segments, J is 1,2 and … J, each time J is acquired, a period is formed, and the data segments randomly acquired each time in each period are different.
As can be seen from the above description, the speed of discovering malicious attack behavior can be further increased by randomly acquiring data segments without repeatedly acquiring previously acquired data segments until all data segments are acquired.
Further, in the step S1, the "the first hardware encryption card obtains the first data segment from the ledger" specifically includes: the first hardware encryption card sequentially acquires a J-th data segment from the account book according to a sequence, the J-th data segment is recorded as a first data segment, the account book is totally divided into J data segments, and J is 1,2 and … J.
As can be seen from the above description, the malicious attack behaviors can be quickly and comprehensively discovered when the ledger data is small and the data segments are few, by sequentially acquiring the data.
Referring to fig. 2 and fig. 3, a distributed ledger data tamper-proofing system includes M accounting servers and N consensus servers, each accounting server is disposed with a first hardware encryption card, each consensus server is disposed with a second hardware encryption card, the first hardware encryption card includes a first memory, a first processor and a first computer program stored on the first memory and operable on the first processor, the second hardware encryption card includes a second memory, a second processor and a second computer program stored on the second memory and operable on the second processor, and the first processor implements the following steps when executing the first computer program:
s1, acquiring a first data segment from the book, and sending the first data segment to a second hardware encryption card;
the second processor, when executing the second computer program, implements the steps of:
and S2, comparing all the received first data segments, judging whether all the received first data segments are consistent, and if not, sending an alarm.
From the above description, the beneficial effects of the present invention are: the data tamper-proofing reinforced security scheme based on the hardware encryption card can not prevent the data security alarm of the scheme from exposing malicious attack behaviors under the condition that an attacker cannot control all hardware encryption cards on all server nodes because the consistency check of the account book is implemented in the hardware encryption card even if part of servers including an important consensus server are controlled by the attacker, so that the malicious attack can be effectively resisted to protect the data security.
Further, a first hardware encryption card in each billing server stores a key k (i), a second hardware encryption card in each consensus server stores keys { k (i) } 1.., M } of all billing servers, and the first processor implements the following steps when executing the step S1 in the first computer program:
s11, acquiring data with a first length at a first address on the account book, and recording the data as a first data segment mm (i), where mm () is a data segment, i is a sequence of all accounting servers where the current first hardware encryption card is located, and i is 1,2, … M;
s12, performing HASH calculation and encryption on the first data segment mm (i) to obtain encrypted data cc (i) ═ E (k (i), HASH (mm (i))), wherein HASH () is a HASH function and E () is an encryption algorithm;
s13, sending the encrypted data cc (i) to the second hardware encryption cards of the N pieces of consensus servers at the same time;
when the second processor executes the step S2 in the second computer program, the following steps are specifically implemented:
s21, decrypting each received encrypted data cc (i) with a corresponding key to obtain decrypted data hh (i) ═ D (k (i), cc (i)), where D () is a decryption algorithm;
s22, comparing all the decrypted data hh (i), judging whether all the decrypted data hh (i) are consistent, if not, sending out an alarm.
From the above description, it can be known that the same data is obtained for consistency comparison, and a data stream encryption and decryption processing mechanism is adopted to improve the encryption and decryption speed; meanwhile, the hardware encryption card is used for encryption, the secret key is stored in the respective hardware encryption card, and the stolen data cannot be decrypted, so that the data security is further protected.
Further, the step S1 of executing the first data segment from the ledger by the first hardware encryption card in the first computer program by the first processor is specifically: the first hardware encryption card randomly acquires a first data segment from the account book.
As can be seen from the above description, by randomly acquiring the data segment, under the condition that the book data is large, malicious attack behaviors can be rapidly discovered.
Further, the step S1 of executing the first data segment randomly obtained by the first hardware encryption card from the account book by the first processor in the first computer program is specifically: the first hardware encryption card randomly acquires a J-th data segment from the account book, the J is recorded as a first data segment, the account book is divided into J data segments, J is 1,2 and … J, each time J is acquired, a period is formed, and the data segments randomly acquired each time in each period are different.
As can be seen from the above description, the speed of discovering malicious attack behavior can be further increased by randomly acquiring data segments without repeatedly acquiring previously acquired data segments until all data segments are acquired.
Further, the step S1 of executing the first data segment from the ledger by the first hardware encryption card in the first computer program by the first processor is specifically: the first hardware encryption card sequentially acquires a J-th data segment from the account book according to a sequence, the J-th data segment is recorded as a first data segment, the account book is totally divided into J data segments, and J is 1,2 and … J.
As can be seen from the above description, the malicious attack behaviors can be quickly and comprehensively discovered when the ledger data is small and the data segments are few, by sequentially acquiring the data.
Referring to fig. 1 and fig. 2, a first embodiment of the present invention is:
a distributed ledger data tamper-proofing method comprises the following steps:
s1, the first hardware encryption card randomly acquires a first data segment from the account book and sends the first data segment to the second hardware encryption card, a first hardware encryption card is deployed in each accounting server, and a second hardware encryption card is deployed in each consensus server;
in this embodiment, step S1 specifically includes:
s11, as shown in fig. 2, the first hardware encryption card obtains data of a first length at a first address on the account book, which is recorded as a first data segment mm (i), mm () is a data segment, i is a sequence of the current accounting server where the first hardware encryption card is located in all accounting servers, i is 1,2, … M, and M is the number of the accounting servers, and each accounting server is deployed with one first hardware encryption card, wherein the first hardware encryption cards of M accounting servers all obtain data of the first length at the first address, so that the first hardware encryption cards of M accounting servers respectively obtain a segment of data of the same length at the same address on the account book, and the segments of data are theoretically consistent when no data tampering occurs;
s12, as shown in fig. 2, the first hardware encryption card performs HASH calculation and encryption on the first data segment mm (i) to obtain encrypted data cc (i) ═ E (k (i), HASH (mm (i)), HASH () is a HASH function, E () is an encryption algorithm, k (i) is a key, and the key is stored in the first hardware encryption card;
s13, as shown in fig. 2, the first hardware encryption card sends the encrypted data cc (i) to the second hardware encryption cards of the N consensus servers simultaneously, and each consensus server is deployed with one second hardware encryption card;
s2, the second hardware encryption card compares all the received first data segments, judges whether all the received first data segments are consistent, and sends out an alarm if the received first data segments are inconsistent;
in this embodiment, step S2 specifically includes:
s21, as shown in fig. 2, the second hardware encryption card decrypts each received encrypted data cc (i) with a corresponding key to obtain decrypted data hh (i) ═ D (k (i), cc (i)), where D () is a decryption algorithm, and the second hardware encryption card in each consensus server stores keys { k (i) (i), i ═ 1,. said., M }, of all accounting servers;
s22, the second hardware encryption card compares all the decrypted data hh (i), judges whether all the decrypted data hh (i) are consistent, if not, an alarm is sent out.
In other equivalent embodiments, in order to further increase the speed of detecting the malicious attack behavior, the step S1, "the first hardware encryption card randomly obtains the first data segment from the ledger" specifically includes: the first hardware encryption card randomly acquires a J-th data segment from the account book, the J is recorded as a first data segment, the account book is divided into J data segments, J is 1,2 and … J, each acquisition J time is a period, and the data segments randomly acquired each time in each period are different.
In other equivalent embodiments, in order to further increase the speed of detecting the malicious attack behavior, the step S1, "the first hardware encryption card randomly obtains the first data segment from the ledger" specifically includes: the first hardware encryption card randomly acquires a jth data segment from the account book, the jth data segment is recorded as a first data segment, the account book is divided into J data segments, J is 1,2 and … J, the data segments randomly acquired each time in each preset time are different, the preset time is less than a period, and the time spent in acquiring J times is a period. Therefore, the situation that a period takes too long to cause that a certain piece of data which is compared before is attacked before the next period comes and the long time is needed to be waited for recognition can be avoided.
In other equivalent embodiments, in order to be able to quickly and comprehensively detect malicious attack behaviors, the step S1, "the first hardware encryption card obtains the first data segment from the ledger" specifically includes: the first hardware encryption card sequentially acquires the jth data segment from the account book according to the sequence, records the jth data segment as the first data segment, and the account book is totally divided into J data segments, wherein J is 1,2 and … J. Assuming that j is 10, the first data segment is acquired for the first time, the second data segment is acquired for the second time, and the eleventh acquisition is started as a new period after the tenth acquisition of the tenth data segment, and the steps are repeated.
Referring to fig. 2 and fig. 3, a second embodiment of the present invention is:
a distributed accounting data tamper-proofing system 1 comprises M accounting servers 2 and N consensus servers 6, wherein each accounting server 2 is internally provided with a first hardware encryption card 3, each consensus server 6 is internally provided with a second hardware encryption card 7, each first hardware encryption card 3 comprises a first memory 5, a first processor 4 and a first computer program which is stored on the first memory 5 and can run on the first processor 4, each second hardware encryption card 7 comprises a second memory 9, a second processor 8 and a second computer program which is stored on the second memory 9 and can run on the second processor 8, and the steps in the first embodiment are realized when the first processor 4 executes the first computer program; the second processor 8 realizes the steps in the second embodiment described above when executing the second computer program.
In summary, according to the distributed ledger data tamper-proofing method and system provided by the present invention, even if part of servers including important consensus servers are controlled by an attacker, since the data stream encryption/decryption processing mechanism and the data comparison operation are both implemented inside the hardware encryption card, the attacker cannot prevent the data security alarm of the scheme under the condition that the attacker cannot control all hardware encryption cards on all server nodes, so that malicious attack behavior is exposed, and the secret keys are stored in the respective hardware encryption cards, so that the stolen data cannot be decrypted, thereby effectively resisting malicious attack and protecting data security; meanwhile, according to the data size of the account book, the data segments are selected to be acquired randomly or sequentially, so that the speed and the quality of identifying the malicious attack behaviors are considered, and the malicious attack behaviors are identified better and faster.
The above description is only an embodiment of the present invention, and not intended to limit the scope of the present invention, and all equivalent changes made by using the contents of the present specification and the drawings, or applied directly or indirectly to the related technical fields, are included in the scope of the present invention.
Claims (10)
1. A distributed ledger data tamper-proofing method is characterized by comprising the following steps:
s1, the first hardware encryption card acquires a first data segment from the account book and sends the first data segment to a second hardware encryption card, one first hardware encryption card is deployed in each accounting server, and one second hardware encryption card is deployed in each consensus server;
s2, the second hardware encryption card compares all the received first data segments, judges whether all the received first data segments are consistent, and sends out an alarm if the received first data segments are inconsistent.
2. The distributed ledger data tamper-proofing method of claim 1, characterized in that, the step S1 specifically is:
s11, acquiring data with a first length at a first address of the first hardware encryption card on the account book, and recording the data as a first data segment mm (i), wherein mm () is a data segment, i is the sequence of the accounting server where the current first hardware encryption card is located in all accounting servers, i is 1,2, … M, M is the number of the accounting servers, and one first hardware encryption card is deployed in each accounting server;
s12, the first hardware encryption card performs HASH calculation and encryption on the first data segment mm (i) to obtain encrypted data cc (i) ═ E (k (i), HASH (mm (i))), the HASH () is a HASH function, the E () is an encryption algorithm, the k (i) is a key, and the key is stored in the first hardware encryption card;
s13, the first hardware encryption card sends the encrypted data cc (i) to the second hardware encryption cards of the N pieces of common identification servers at the same time, and each piece of common identification server is provided with one second hardware encryption card;
the step S2 specifically includes:
s21, the second hardware encryption card decrypts each received encrypted data cc (i) with a corresponding key to obtain decrypted data hh (i) ═ D (k (i), cc (i)), where D () is a decryption algorithm, and the second hardware encryption card in each identified server stores keys { k (i) } of all billing servers, where i ═ 1.., M };
s22, the second hardware encryption card compares all the decrypted data hh (i), judges whether all the decrypted data hh (i) are consistent, if not, an alarm is sent out.
3. The distributed ledger data tamper-proofing method according to claim 1, wherein in step S1, "the first hardware encryption card obtains the first data segment from the ledger" specifically includes: the first hardware encryption card randomly acquires a first data segment from the account book.
4. The distributed ledger data tamper-proofing method of claim 3, wherein in step S1, "the first hardware encryption card randomly obtains the first data segment from the ledger" specifically includes: the first hardware encryption card randomly acquires a J-th data segment from the account book, the J is recorded as a first data segment, the account book is divided into J data segments, J is 1,2 and … J, each time J is acquired, a period is formed, and the data segments randomly acquired each time in each period are different.
5. The distributed ledger data tamper-proofing method of claim 1, wherein in step S1, "the first hardware encryption card obtains the first data segment from the ledger" specifically includes: the first hardware encryption card sequentially acquires a J-th data segment from the account book according to a sequence, the J-th data segment is recorded as a first data segment, the account book is totally divided into J data segments, and J is 1,2 and … J.
6. A distributed account book data tamper-proofing system comprises M account book servers and N consensus servers, wherein each account book server is internally provided with a first hardware encryption card, each consensus server is internally provided with a second hardware encryption card, the first hardware encryption card comprises a first memory, a first processor and a first computer program which is stored on the first memory and can run on the first processor, the second hardware encryption card comprises a second memory, a second processor and a second computer program which is stored on the second memory and can run on the second processor, and the first processor executes the first computer program to realize the following steps:
s1, acquiring a first data segment from the book, and sending the first data segment to a second hardware encryption card;
the second processor, when executing the second computer program, implements the steps of:
and S2, comparing all the received first data segments, judging whether all the received first data segments are consistent, and if not, sending an alarm.
7. A distributed ledger data tamper-proofing system according to claim 6, wherein a first hardware encryption card in each accounting server stores key k (i), a second hardware encryption card in each consensus server stores keys { k (i) } 1...., M } of all accounting servers, the first processor when executing the step S1 in the first computer program specifically implements the following steps:
s11, acquiring data with a first length at a first address on the account book, and recording the data as a first data segment mm (i), where mm () is a data segment, i is a sequence of all accounting servers where the current first hardware encryption card is located, and i is 1,2, … M;
s12, performing HASH calculation and encryption on the first data segment mm (i) to obtain encrypted data cc (i) ═ E (k (i), HASH (mm (i))), wherein HASH () is a HASH function and E () is an encryption algorithm;
s13, sending the encrypted data cc (i) to the second hardware encryption cards of the N pieces of consensus servers at the same time;
when the second processor executes the step S2 in the second computer program, the following steps are specifically implemented:
s21, decrypting each received encrypted data cc (i) with a corresponding key to obtain decrypted data hh (i) ═ D (k (i), cc (i)), where D () is a decryption algorithm;
s22, comparing all the decrypted data hh (i), judging whether all the decrypted data hh (i) are consistent, if not, sending out an alarm.
8. The distributed ledger data tamper-proofing system of claim 6, wherein the first processor executes the step S1 of the first computer program that the first hardware encryption card obtains the first data segment from the ledger specifically: the first hardware encryption card randomly acquires a first data segment from the account book.
9. The distributed ledger data tamper-proofing system of claim 8, wherein the first processor executes the step S1 of the first computer program that "the first hardware encryption card randomly acquires the first data segment from the ledger" specifically: the first hardware encryption card randomly acquires a J-th data segment from the account book, the J is recorded as a first data segment, the account book is divided into J data segments, J is 1,2 and … J, each time J is acquired, a period is formed, and the data segments randomly acquired each time in each period are different.
10. The distributed ledger data tamper-proofing system of claim 6, wherein the first processor executes the step S1 of the first computer program that the first hardware encryption card obtains the first data segment from the ledger specifically: the first hardware encryption card sequentially acquires a J-th data segment from the account book according to a sequence, the J-th data segment is recorded as a first data segment, the account book is totally divided into J data segments, and J is 1,2 and … J.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911076656.0A CN110826110B (en) | 2019-11-06 | 2019-11-06 | Distributed account book data tamper-proofing method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911076656.0A CN110826110B (en) | 2019-11-06 | 2019-11-06 | Distributed account book data tamper-proofing method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110826110A true CN110826110A (en) | 2020-02-21 |
| CN110826110B CN110826110B (en) | 2021-09-07 |
Family
ID=69553015
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911076656.0A Active CN110826110B (en) | 2019-11-06 | 2019-11-06 | Distributed account book data tamper-proofing method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110826110B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140096267A1 (en) * | 2012-10-02 | 2014-04-03 | Roberto M. CASSO | Methods, systems, and computer readable media for securely collecting, safeguarding, and disseminating electronically stored information |
| CN106649632A (en) * | 2016-12-07 | 2017-05-10 | 北京众享比特科技有限公司 | Data synchronism method and system |
| CN107392528A (en) * | 2017-06-30 | 2017-11-24 | 海航创新科技研究有限公司 | Container operation data treating method and apparatus |
| CN108171489A (en) * | 2017-12-18 | 2018-06-15 | 深圳前海微众银行股份有限公司 | Data liquidation method, system and computer readable storage medium |
| CN109948348A (en) * | 2018-11-15 | 2019-06-28 | 陕西医链区块链集团有限公司 | A kind of proof of identification system and its application method based on medical block chain technology |
| CN109995536A (en) * | 2019-03-15 | 2019-07-09 | 广州杰赛科技股份有限公司 | A kind of block chain common recognition method, apparatus and readable storage medium storing program for executing |
| CN110019986A (en) * | 2018-09-27 | 2019-07-16 | 福建福链科技有限公司 | The method for sequencing and terminal of message in a kind of directed acyclic graph |
-
2019
- 2019-11-06 CN CN201911076656.0A patent/CN110826110B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140096267A1 (en) * | 2012-10-02 | 2014-04-03 | Roberto M. CASSO | Methods, systems, and computer readable media for securely collecting, safeguarding, and disseminating electronically stored information |
| CN106649632A (en) * | 2016-12-07 | 2017-05-10 | 北京众享比特科技有限公司 | Data synchronism method and system |
| CN107392528A (en) * | 2017-06-30 | 2017-11-24 | 海航创新科技研究有限公司 | Container operation data treating method and apparatus |
| CN108171489A (en) * | 2017-12-18 | 2018-06-15 | 深圳前海微众银行股份有限公司 | Data liquidation method, system and computer readable storage medium |
| CN110019986A (en) * | 2018-09-27 | 2019-07-16 | 福建福链科技有限公司 | The method for sequencing and terminal of message in a kind of directed acyclic graph |
| CN109948348A (en) * | 2018-11-15 | 2019-06-28 | 陕西医链区块链集团有限公司 | A kind of proof of identification system and its application method based on medical block chain technology |
| CN109995536A (en) * | 2019-03-15 | 2019-07-09 | 广州杰赛科技股份有限公司 | A kind of block chain common recognition method, apparatus and readable storage medium storing program for executing |
Non-Patent Citations (2)
| Title |
|---|
| BEYOND BITCOIN: "BlockChain Technology", 《网页在线公开:HTTP://SCET.BERKELEY.EDU/WP-CONTENT/UPLOADS/BLOCKCHAINPAPER.PDF》 * |
| 斯雪明等: "区块链安全研究综述", 《密码学报》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110826110B (en) | 2021-09-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109154971B (en) | Verification of the integrity of data | |
| US9967096B2 (en) | Rewritable blockchain | |
| US20170264428A1 (en) | Data storage system with blockchain technology | |
| US20200067697A1 (en) | Method for operating a blockchain | |
| US20170228371A1 (en) | Blockchain-enhanced database | |
| Schneier et al. | Secure audit logs to support computer forensics | |
| US8683561B2 (en) | Fixed client identification system for positive identification of client to server | |
| US8176163B1 (en) | Dual cookie security system | |
| US20190050598A1 (en) | Secure data storage | |
| US8769675B2 (en) | Clock roll forward detection | |
| US8943309B1 (en) | Cookie security system with interloper detection and remedial actions to protest personal data | |
| EP3391587A1 (en) | System and methods for tamper proof interaction recording and timestamping | |
| CN112217835A (en) | Message data processing method and device, server and terminal equipment | |
| WO2020224235A1 (en) | Cross-chain transaction method and apparatus, device, and storage medium | |
| CN109447809B (en) | Video active identification method combined with block chain | |
| CN110958239B (en) | Method and device for verifying access request, storage medium and electronic device | |
| CN109308421A (en) | A kind of information tamper resistant method, device, server and computer storage medium | |
| US8850520B1 (en) | Dual cookie security system with interlocking validation requirements and remedial actions to protect personal data | |
| CN114422143B (en) | Data dynamic encryption method, device, equipment and medium based on artificial intelligence | |
| CN111932261A (en) | Asset data management method and device based on verifiable statement | |
| CN114969786A (en) | Block chain-based insurance function data processing method, node and system | |
| US20070028116A1 (en) | Data collation system and method | |
| US20040243828A1 (en) | Method and system for securing block-based storage with capability data | |
| CN110826110B (en) | Distributed account book data tamper-proofing method and system | |
| CN113722749A (en) | Data processing method and device for block chain BAAS service based on encryption algorithm |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |