CN110830259A - Method and system for providing originality and integrity certification for multimedia data - Google Patents
Method and system for providing originality and integrity certification for multimedia data Download PDFInfo
- Publication number
- CN110830259A CN110830259A CN201910722521.0A CN201910722521A CN110830259A CN 110830259 A CN110830259 A CN 110830259A CN 201910722521 A CN201910722521 A CN 201910722521A CN 110830259 A CN110830259 A CN 110830259A
- Authority
- CN
- China
- Prior art keywords
- hash
- aggregation
- server
- value
- multimedia data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 230000008569 process Effects 0.000 claims abstract description 23
- 230000002776 aggregation Effects 0.000 claims description 104
- 238000004220 aggregation Methods 0.000 claims description 104
- 238000012795 verification Methods 0.000 claims description 26
- 238000004364 calculation method Methods 0.000 claims description 9
- 230000005540 biological transmission Effects 0.000 claims description 2
- 238000005516 engineering process Methods 0.000 abstract description 15
- 230000006870 function Effects 0.000 description 9
- 230000002427 irreversible effect Effects 0.000 description 4
- 238000013496 data integrity verification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000001172 regenerating effect Effects 0.000 description 2
- 206010039203 Road traffic accident Diseases 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000008447 perception Effects 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method and a system for providing originality and integrity certification for multimedia data, comprising the following steps: when multimedia data are generated, the multimedia data are subjected to hash operation to obtain hash values, the hash values are aggregated into a hash chain, and keyless signing is carried out with the generation time to obtain a signature file; and verifying the signature time and the data integrity of the signed multimedia data through the signature file. The invention signs the multimedia data collected or generated by the mobile terminal by the keyless signing block chain technology, can prove the originality and the integrity of the multimedia data in the life cycle of the multimedia data in real time, does not depend on the trust relationship of any third party in the proving process, and provides powerful guarantee for law enforcement and evidence obtaining. Through keyless signature block chain technology signature, data signature time, origin and originality and integrity certification can be provided when law enforcement is authenticated.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to a method and a system for providing time and position certification for data by using a block chain technology.
Background
With the development of informatization, multimedia digital evidence such as photos, audio, videos, documents and the like is beginning to be applied to the fields of judicial evidence collection, law enforcement record, claim settlement and the like, and the digital evidence becomes legal evidence and becomes an inevitable trend in the law enforcement process. Because the digital evidence has the characteristics of easy tampering, no trace in tampering, counterfeiting and the like, when the digital evidence is used as legal evidence in the law enforcement process, if the digital evidence is questioned and repudiated, the originality and integrity of the digital evidence are difficult to identify. Meanwhile, if the digital evidence is provided as the evidence after being forged and tampered, the discrimination difficulty is high, so that the legal effectiveness of the digital evidence as the evidence obtaining basis is greatly discounted, and a great obstacle is also caused to law enforcement.
For example, taking pictures and obtaining evidence are an important means for on-site recording, obtaining evidence and law enforcement, and especially with the continuous upgrade of the mobile phone shooting function, the intuition and the conciseness of mobile phone shooting and the simplicity of operation become one of the main evidence obtaining tools gradually. However, in the face of a picture that is likely to be tampered or suspected, it will be a significant impediment to the law enforcement process. For example, the picture of the traffic accident scene can change the responsibility right through tampering, and the accident which is about to press the line and violate the rule can be tampered into the non-pressed line.
There is therefore a need for a method of providing originality, integrity certification for multimedia data.
The digital watermarking technology is one of the methods for solving the problem of multimedia data originality and integrity certification. By embedding identification contents such as identification marks, mobile phone time, numbers related to mobile phone hardware and the like into the multimedia information, the use value of an original carrier is not influenced, and the identification contents are not easily perceived or noticed by a human perception system (such as a visual system or an auditory system). Once any tampering is done with the media information embedded with the digital watermark, the digital watermark disappears and cannot be used as digital evidence. And the trusted source of the digital watermarking technology is also the technology provider, namely the multimedia data embedded with the digital watermarking is trusted only if the technology provider is trusted to be truthful and credible. However, the technical provider cannot guarantee that the system of the technical provider is not destroyed by internal personnel or hackers, and does not get rid of the dependence on trust, so that the method has certain potential safety hazard.
Disclosure of Invention
The technical problems to be solved by the invention are as follows: aiming at the problems that the current multimedia digital evidence is easy to be falsified, is falsified tracelessly, is forged and the like, the block chain technology is utilized to provide originality and integrity certification for the multimedia data.
The invention adopts the following technical scheme:
a method of providing originality and integrity proofs for multimedia data, comprising: when multimedia data are generated, the multimedia data are subjected to hash operation to obtain hash values, the hash values are aggregated into a hash chain, and keyless signing is carried out with the generation time to obtain a signature file; and verifying the signature time, origin and data integrity of the signed multimedia data through the signature file.
The client generates multimedia data, the hash value of the multimedia data is calculated on the client, the client submits the hash value to the keyless signing gateway, the keyless signing gateway aggregates the hash values received in the set period and then sends the aggregated hash values to the server, and the server generates the root digital combination value periodically.
And when the client generates the multimedia data, the positioning position data of the client is called, the position data is subjected to hash operation to obtain a hash value, and the hash value of the position data and the hash value of the multimedia data are submitted to the keyless signing gateway together.
The signature step comprises the following steps:
1) the client generates multimedia data and positioning position data, respectively calculates hash values of the multimedia data and the positioning position data, and sends the hash values and the signature request to a gateway server;
2) the gateway server takes the hash value in the received signature request as a bottom node of aggregation calculation, and aggregates every two hash values of the bottom node in a set period to obtain a father node hash value of the bottom node; secondly, performing pairwise aggregation on the hash values of the father nodes layer by layer to finally obtain a gateway hash root value of the gateway server and sending the gateway hash root value to an aggregation server;
3) the aggregation server aggregates the received gateway hash root values layer by layer, and finally obtains an aggregation server hash root value which is sent to a core server connected with the aggregation server;
4) the core server verifies the data integrity of the hash root value of the aggregation server, and after the verification is passed, the core server regularly generates the hash root value of the core server according to the hash root value of the aggregation server and signs the hash root value and the generation time of the hash root value;
5) the core server returns the signature data, the hash value aggregation path of the core server and the service identifier of the core server to the aggregation server;
6) the aggregation server adds the aggregation server hash value aggregation path into the hash value aggregation path, and then returns the signature data, the updated hash value aggregation path and the service identifier to the gateway server;
7) the gateway server adds the hash value aggregation path of the gateway to the hash value aggregation path updated in the step 6), and then returns the signature data, the updated hash value aggregation path and the service identifier to the client; the client saves the signature result corresponding to the service identification of the core service selected during signature.
A multimedia data originality and integrity verification system includes a client and a server, an application program is installed on the client for performing an attestation process and a verification process,
the certification process comprises the following steps: collecting or generating multimedia data, calculating a hash value of the multimedia data, submitting the hash value and a signature request to a block chain server, receiving a returned signature file, and associating the signature file with the multimedia data;
and (3) verification process: checking the multimedia data and the signature file thereof, recalculating the hash value of the data to be verified, and calculating to form a root according to the hash chain in the signature file to acquire the signature time, origin and data integrity of the multimedia data;
taking the hash value in the received signature request as a bottom node of aggregation calculation, performing multi-layer aggregation on the bottom node in a set period, periodically generating a hash root value, signing the hash root value and the generation time, combining the formed final hash root value into a calendar hash chain, and sending the signature data to the client.
The multimedia file is a photo, a video, a sound recording or a document.
The client side is provided with a position positioning module, the current position information is immediately obtained after the multimedia data is generated in the proving process, the hash values of the multimedia data and the position data are respectively calculated, and the two hash values and the signature request are submitted to the server.
The server comprises a gateway server, an aggregation server and a core server, wherein the gateway server takes the hash value in the received signature request as a bottom node of aggregation calculation, and aggregates every two hash values of the bottom node in a set period to obtain a father node hash value of the bottom node; secondly, performing pairwise aggregation on the hash values of the father nodes layer by layer to finally obtain a gateway hash root value of the gateway server and sending the gateway hash root value to an aggregation server;
the aggregation server aggregates the received gateway hash root values layer by layer, and finally obtains an aggregation server hash root value which is sent to a core server connected with the aggregation server;
and the core server verifies the data integrity of the hash root value of the aggregation server, and after the verification is passed, the core server regularly generates the hash root value of the core server according to the hash root value of the aggregation server and signs the hash root value and the generation time of the hash root value.
The signature file comprises a hash value, an aggregation hash chain, a hash root value and signature time submitted by a client; the aggregation hash chain comprises an aggregation path and aggregation coordinates, wherein the aggregation path refers to a transmission path of the hash values, and the aggregation coordinates refer to a combination sequence of the hash values in each aggregation.
The client makes the signature file into a digital watermark and adds the digital watermark into the multimedia file.
The technical principle of the keyless signature block chain technology is as follows:
keyless signed blockchain techniques are ciphers computed based on a hash function, which is a computational process that accepts an arbitrary piece of data and returns a fixed length summary, called the hash value or digest of the original data block.
The hash function has several important characteristics, firstly, the hash operation is one-way irreversible, which means that the result output from the operation cannot be used to deduce the original data, and this ensures the privacy of the input data. Secondly, any modification to the input data will result in a different output result, which ensures the uniqueness of the output hash value. Finally, it is impossible to operate on two different data to obtain the same hash value, and this collision property again indicates that only a single hash value can be generated from one data through operation.
The invention has the beneficial effects that:
the block chain technology is mature in the financial field, and has use value in the field of mobile internet. The multimedia data collected or generated by the mobile terminal is signed by a keyless signature block chain technology, so that the originality and the integrity of the multimedia data in the life cycle of the multimedia data can be proved in real time, the proving process does not depend on the trust relationship of any third party, and the powerful guarantee is provided for law enforcement and evidence obtaining. Through keyless signature block chain technology signature, data signature time, origin and originality and integrity certification can be provided when law enforcement is authenticated.
In the core server, the final root formed every second is stored in the calendar database and is regularly summarized to form a 'complete code', the complete code can regenerate the hash value contained in the calendar after being expanded, namely all the signature data before verification can be verified, and the complete code can be published in the world media in an electronic and paper form, because the publication of the paper media is irreversible, the falsification of all the published paper media cannot be realized. Thus, the verification of keyless signatures is not trust-based and even technical providers cannot cheat within this hierarchy.
Drawings
FIG. 1 is a schematic diagram of a signature flow according to the present invention.
Detailed Description
Preferred embodiments of the present invention will be described in further detail below with reference to the accompanying drawings.
The method for proving originality and integrity of multimedia data without relying on trust provided by the invention collects or generates multimedia data through a mobile terminal application program, and can provide data signature time, origin and originality and integrity proofs when law enforcement is carried out and evidence is obtained through keyless signature block chain technology signature. The specific process is as follows:
1. multimedia data acquisition or generation: the method for acquiring or generating the multimedia data through the mobile terminal application program comprises the following steps: photographing, recording, shooting and writing document
2. Signature: the method comprises the steps of carrying out hash operation on collected or generated multimedia data locally to obtain a hash value, submitting the hash value to a keyless signing gateway for signing, and returning a signature file;
3. and (3) verification: the collected or generated multimedia data can be checked in the application program of the mobile terminal, the verification can be rapidly carried out in the application program, and meanwhile, anyone can independently verify the signature time, origin and data integrity of the signed multimedia data through the signature file;
technical principle of keyless signature block chain technology
Keyless signed blockchain techniques are ciphers computed based on a hash function, which is a computational process that accepts an arbitrary piece of data and returns a fixed length summary, called the hash value or digest of the original data block.
The hash function has several important characteristics, firstly, the hash operation is one-way irreversible, which means that the result output from the operation cannot be used to deduce the original data, and this ensures the privacy of the input data. Secondly, any modification to the input data will result in a different output result, which ensures the uniqueness of the output hash value. Finally, it is impossible to operate on two different data to obtain the same hash value, and this collision property again indicates that only a single hash value can be generated from one data through operation.
The specific process of signature is as follows: (FIG. 1)
1. Uploading the hash value of the local calculation data to a keyless signature distributed network through a keyless signature gateway to perform aggregation operation;
2. connecting every two adjacent hash values generated every second in series, then performing hash operation again to obtain a new hash value, submitting the new hash value to the previous layer, and connecting the new hash value with the adjacent hash values again to calculate hash until a root plant is formed;
3. finally, a signature file is returned, wherein the signature file comprises a hash chain formed by the submitted hash value and the sequence coordinates set for regenerating the hash root value.
The specific verification process comprises the following steps: and recalculating the hash value of the data to be verified, and performing operation according to the hash chain in the signature file to form a root to achieve the function of integrity verification.
The final root formed every second is stored in a calendar database and is gathered regularly to form a 'complete code', the hash value contained in the calendar can be regenerated after the complete code is expanded, namely all the signature data before can be verified, and the complete code can be published in the world media in the form of electronics and paper, because the publication of the paper media is irreversible, the falsification of all the published paper media cannot be realized. Thus, the verification of keyless signatures is not trust-based and even technical providers cannot cheat within this hierarchy.
The first embodiment is as follows: the embodiment is a set of original proof system made according to the current situation of copyright right, according to the existing copyright law in China, the author enjoys the copyright of the work at the date of birth, but when actually obtaining evidence, how to prove the completion time of the work is a difficult problem. The most effective method is to obtain the certification through copyright registration, but the process is more complicated, and the certification of the completion time of the work can be simply and quickly provided by the invention.
The hardware structure of the system mainly comprises a server and a client, wherein the client can be a computer, a tablet, a mobile phone or other intelligent terminals, an application program named as 'original assignment' needs to be installed on the client, the application program can call functions of the intelligent terminal such as photographing, recording, video recording and document editing, the hash value of the electronic multimedia file is immediately calculated after the functions are used for completing the production of photos, the recording, the video recording or other electronic documents (characters, tables and the like), and the hash value and the signature are uploaded to a keyless signature distributed network through a keyless signature gateway for carrying out aggregation operation; connecting every two adjacent hash values generated every second in series, then performing hash operation again to obtain a new hash value, submitting the new hash value to the previous layer, and connecting the new hash value with the adjacent hash values again to calculate hash until a root plant is formed; and finally, returning a signature file, wherein the signature file comprises a hash chain formed by the submitted hash value and the sequence coordinates set for regenerating the hash root value, and associating the signature file and the multimedia file together.
The multimedia file and signature file can be verified on the client: and recalculating the hash value of the data to be verified, forming a root according to hash chain operation in the signature file, and comparing whether the root values are consistent or not so as to verify the signature time, origin and data integrity of the multimedia data.
Example two: in this embodiment, on the basis of the first embodiment, the signature step is further improved, and in fact, the present embodiment applies an existing block chain technology to the present invention to sign data, and the application number is: 201510641207.1, name: a digital record signature and verification method for multi-core infrastructure.
Similarly, an application program is required to be installed on a client (a mobile phone or a computer), the application program can call a multimedia volume data generation function, hash operation is carried out on generated multimedia data or multimedia data stored in a mobile phone memory to generate a hash value, the hash value and a signature request are uploaded to a gateway server, the gateway server takes a digital combination value in the received signature request as a bottom node of aggregation calculation, and the digital combination values of the bottom node in a set period are aggregated pairwise to obtain a father node digital combination value of the bottom node; secondly, performing pairwise aggregation on the digital combination values of the father nodes layer by layer to finally obtain a gateway root digital combination value of the gateway server and sending the gateway root digital combination value to an aggregation server; the aggregation server aggregates the received gateway root digital combination values layer by layer, and finally obtains an aggregation server root digital combination value and sends the aggregation server root digital combination value to a core server connected with the aggregation server; the core server carries out data integrity verification on the root digital combination value of the aggregation server, after the verification is passed, the core server regularly generates the root digital combination value of the core server according to the root digital combination value of the aggregator and signs the root digital combination value and the generation time of the root digital combination value, after the data integrity verification is passed, the core server inputs the root hash value of the aggregator as the bottommost layer of the core service, and a calculation mode similar to that of the aggregator is used for finally generating the root hash value of the core server, namely the root hash value. The root hash values generated by the core server are generated at regular time intervals, so that each root hash value naturally corresponds to a time point; the core server returns the signature data, the digital combination value aggregation path of the core server and the service identifier of the core server to the aggregation server; the aggregation server adds the aggregation path of the digital combination value of the aggregation server into the aggregation path of the digital combination value of the aggregation server, and then returns the signature data, the updated aggregation path of the digital combination value and the service identifier to the gateway server; the gateway server adds the updated digital combined value aggregation path into the digital combined value aggregation path of the gateway, and then returns the signature data, the updated digital combined value aggregation path and the service identifier to the client; the client saves the signature result corresponding to the service identification of the core service selected during signature. The signature result comprises a hash value submitted initially, a hash root value obtained after each aggregation, and a combination sequence during each aggregation,
and (3) verification process: the client sends the core service identifier of the selected core service to the gateway server to acquire a signature certificate corresponding to the core service identifier; the client side verifies the core server root digital combination value in the signature result by using the signature certificate; after the verification is passed, the next step is carried out; the client side calculates the digital combination value of the digital record of the signature according to the digital combination value aggregation path to finally obtain a digital combination value, then compares the root digital combination value with the root digital combination value of the core server in the signature data, and determines whether the digital record is changed or not according to the comparison result.
Example 3: in this embodiment, on the basis of embodiment 2, verification of position location is added, that is, a proof of generating an address of multimedia data can be provided. The client side simultaneously acquires current position data after the multimedia data are manufactured, 2 persons respectively carry out Hash operation to obtain two Hash values, the two Hash values and a signature request are simultaneously submitted to a gateway server to carry out aggregation operation, a final Hash root value is obtained after aggregation operation of an aggregation server and a core server, KPI signature is carried out on the Hash root value and an aggregation process, a signature file is sent back to the client side layer by layer, the final signature file comprises two original Hash values, the root value obtained by aggregation operation each time, the combination mode of aggregation operation each time and the time of the final root value, the hash coordinate chain is called as a Hash coordinate chain and comprises an aggregation Hash chain and a calendar Hash chain. Whether the content of a piece of multimedia data is modified, the generation time and the generation position can be verified on the client side according to the hash coordinate chain.
Claims (10)
1. A method for providing originality and integrity proofs for multimedia data, comprising: when multimedia data are generated, the multimedia data are subjected to hash operation to obtain hash values, the hash values are aggregated into a hash chain, and keyless signing is carried out with the generation time to obtain a signature file; and verifying the signature time and the data integrity of the signed multimedia data through the signature file.
2. A method for providing originality and integrity certification for multimedia data according to claim 1, wherein: the client generates multimedia data, calculates the hash value of the multimedia data on the client, submits the hash value to the keyless signing gateway, the keyless signing gateway aggregates the hash values received in the set period and sends the aggregated hash values to the server, and the server periodically generates a final hash root value and stores the final hash root value in the calendar database.
3. A method for providing originality and integrity certification for multimedia data according to claim 2, wherein: and when the client generates the multimedia data, the positioning position data of the client is called, the position data is subjected to hash operation to obtain a hash value, and the hash value of the position data and the hash value of the multimedia data are submitted to the keyless signing gateway together.
4. The method of claim 3, wherein the step of signing comprises:
1) the client generates multimedia data and positioning position data, respectively calculates hash values of the multimedia data and the positioning position data, and sends the hash values and the signature request to a gateway server;
2) the gateway server takes the hash value in the received signature request as a bottom node of aggregation calculation, and aggregates every two hash values of the bottom node in a set period to obtain a father node hash value of the bottom node; secondly, performing pairwise aggregation on the hash values of the father nodes layer by layer to finally obtain a gateway hash root value of the gateway server and sending the gateway hash root value to an aggregation server;
3) the aggregation server aggregates the received gateway hash root values layer by layer, and finally obtains an aggregation server hash root value which is sent to a core server connected with the aggregation server;
4) the core server verifies the data integrity of the hash root value of the aggregation server, and after the verification is passed, the core server regularly generates the hash root value of the core server according to the hash root value of the aggregation server and signs the hash root value and the generation time of the hash root value;
5) the core server returns the signature data, the hash value aggregation path of the core server and the service identifier of the core server to the aggregation server;
6) the aggregation server adds the aggregation server hash value aggregation path into the hash value aggregation path, and then returns the signature data, the updated hash value aggregation path and the service identifier to the gateway server;
7) the gateway server adds the hash value aggregation path of the gateway to the hash value aggregation path updated in the step 6), and then returns the signature data, the updated hash value aggregation path and the service identifier to the client; the client saves the signature result corresponding to the service identification of the core service selected during signature.
5. A multimedia data originality and integrity verification system comprises a client and a server, and is characterized in that: an application program is installed on the client, and is used for executing an attestation process and an authentication process,
the certification process comprises the following steps: collecting or generating multimedia data, calculating a hash value of the multimedia data, submitting the hash value and a signature request to a block chain server, receiving a returned signature file, and associating the signature file with the multimedia data;
and (3) verification process: checking the multimedia data and the signature file thereof, recalculating the hash value of the data to be verified, and calculating to form a root according to the hash chain in the signature file to acquire the signature time, origin and data integrity of the multimedia data;
taking the hash value in the received signature request as a bottom node of aggregation calculation, performing multi-layer aggregation on the bottom node in a set period, periodically generating a hash root value, signing the hash root value and the generation time, combining the formed final hash root value into a calendar hash chain, and sending the signature data to the client.
6. The multimedia data originality and integrity verification system according to claim 5, wherein: the multimedia file is a photo, a video, a sound recording or a document.
7. The multimedia data originality and integrity verification system according to claim 5, wherein: the client side is provided with a position positioning module, the current position information is immediately obtained after the multimedia data is generated in the proving process, the hash values of the multimedia data and the position data are respectively calculated, and the two hash values and the signature request are submitted to the server.
8. The multimedia data originality and integrity verification system according to claim 6, wherein: the server comprises a gateway server, an aggregation server and a core server, wherein the gateway server takes the hash value in the received signature request as a bottom node of aggregation calculation, and aggregates every two hash values of the bottom node in a set period to obtain a father node hash value of the bottom node; secondly, performing pairwise aggregation on the hash values of the father nodes layer by layer to finally obtain a gateway hash root value of the gateway server and sending the gateway hash root value to an aggregation server;
the aggregation server aggregates the received gateway hash root values layer by layer, and finally obtains an aggregation server hash root value which is sent to a core server connected with the aggregation server;
and the core server verifies the data integrity of the hash root value of the aggregation server, and after the verification is passed, the core server regularly generates the hash root value of the core server according to the hash root value of the aggregation server and signs the hash root value and the generation time of the hash root value.
9. A multimedia data originality and integrity verification system according to claim 8, characterized in that: the signature file comprises a hash value, an aggregation hash chain, a hash root value and signature time submitted by a client; the aggregation hash chain comprises an aggregation path and aggregation coordinates, wherein the aggregation path refers to a transmission path of hash values, the aggregation coordinates refer to a combination sequence of the hash values during each aggregation, and the aggregation coordinates consist of area combination coordinates and calendar combination coordinates.
10. A multimedia data originality and integrity verification system according to claim 9, characterized in that: the client makes the signature file into a digital watermark and adds the digital watermark into the multimedia file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910722521.0A CN110830259A (en) | 2019-08-06 | 2019-08-06 | Method and system for providing originality and integrity certification for multimedia data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910722521.0A CN110830259A (en) | 2019-08-06 | 2019-08-06 | Method and system for providing originality and integrity certification for multimedia data |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110830259A true CN110830259A (en) | 2020-02-21 |
Family
ID=69547771
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910722521.0A Pending CN110830259A (en) | 2019-08-06 | 2019-08-06 | Method and system for providing originality and integrity certification for multimedia data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110830259A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111523151A (en) * | 2020-04-21 | 2020-08-11 | 贵州大学 | Method and system for storing electronic data based on block chain technology |
| CN111680306A (en) * | 2020-03-31 | 2020-09-18 | 贵州大学 | Attribute-based collaborative access control revocation method |
| CN112953722A (en) * | 2021-01-28 | 2021-06-11 | 卜宋博 | Copyright protection method, system, device and readable storage medium |
| CN113553627A (en) * | 2021-09-23 | 2021-10-26 | 四川大学 | Block chain-based data integrity verification method, system, device and medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102339370A (en) * | 2011-09-14 | 2012-02-01 | 福建伊时代信息科技股份有限公司 | Preservation method for electronic file, preservation system and verification system thereof |
| US20150039893A1 (en) * | 2013-08-05 | 2015-02-05 | Guardtime Ip Holdings Limited | Document verification with id augmentation |
| CN105187218A (en) * | 2015-09-30 | 2015-12-23 | 谈建 | Digital record signature method for multicore infrastructure and verification method |
| WO2017003331A1 (en) * | 2015-06-30 | 2017-01-05 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and devices for handling hash-tree based data signatures |
| CN107871063A (en) * | 2017-11-16 | 2018-04-03 | 王磊 | Anti-tamper video and audio recording digital signature method, device and storage medium |
| CN107968708A (en) * | 2017-11-10 | 2018-04-27 | 财付通支付科技有限公司 | Generate method, apparatus, terminal and the server of signature |
| CN109274746A (en) * | 2018-09-29 | 2019-01-25 | 中链科技有限公司 | A kind of proof processing method and processing device based on block chain |
-
2019
- 2019-08-06 CN CN201910722521.0A patent/CN110830259A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102339370A (en) * | 2011-09-14 | 2012-02-01 | 福建伊时代信息科技股份有限公司 | Preservation method for electronic file, preservation system and verification system thereof |
| US20150039893A1 (en) * | 2013-08-05 | 2015-02-05 | Guardtime Ip Holdings Limited | Document verification with id augmentation |
| WO2017003331A1 (en) * | 2015-06-30 | 2017-01-05 | Telefonaktiebolaget Lm Ericsson (Publ) | Methods and devices for handling hash-tree based data signatures |
| CN105187218A (en) * | 2015-09-30 | 2015-12-23 | 谈建 | Digital record signature method for multicore infrastructure and verification method |
| CN107968708A (en) * | 2017-11-10 | 2018-04-27 | 财付通支付科技有限公司 | Generate method, apparatus, terminal and the server of signature |
| CN107871063A (en) * | 2017-11-16 | 2018-04-03 | 王磊 | Anti-tamper video and audio recording digital signature method, device and storage medium |
| CN109274746A (en) * | 2018-09-29 | 2019-01-25 | 中链科技有限公司 | A kind of proof processing method and processing device based on block chain |
Non-Patent Citations (2)
| Title |
|---|
| Y. LIU等: "Study on a provably secure certificateless aggregate signature scheme", 《2016 IEEE 13TH INTERNATIONAL CONFERENCE ON NETWORKING,SENSING,AND CONTROL》 * |
| 何瑜: "云存储数据完整性审计协议研究", 《中国优秀硕士学位论文全文数据库》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111680306A (en) * | 2020-03-31 | 2020-09-18 | 贵州大学 | Attribute-based collaborative access control revocation method |
| CN111680306B (en) * | 2020-03-31 | 2023-04-25 | 贵州大学 | Cooperative access control revocation method based on attribute |
| CN111523151A (en) * | 2020-04-21 | 2020-08-11 | 贵州大学 | Method and system for storing electronic data based on block chain technology |
| CN112953722A (en) * | 2021-01-28 | 2021-06-11 | 卜宋博 | Copyright protection method, system, device and readable storage medium |
| CN113553627A (en) * | 2021-09-23 | 2021-10-26 | 四川大学 | Block chain-based data integrity verification method, system, device and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11233657B2 (en) | Method and system for registering digital documents | |
| CN111460526B (en) | Image data recording, acquiring and verifying method and device based on block chain | |
| CN110830259A (en) | Method and system for providing originality and integrity certification for multimedia data | |
| CN108830109B (en) | Electronic seal application, client implementation method, system and equipment, and storage medium | |
| US20200274715A1 (en) | Method, apparatus, and electronic device for blockchain-based recordkeeping | |
| CN108809932B (en) | Block chain-based deposit certificate system, method and readable medium | |
| JP4206674B2 (en) | A system that generates log entries that can be checked for validity, and a system that checks the validity of log entries | |
| CN109088871B (en) | Data transmission method and system based on block chain technology | |
| CN112507391B (en) | Block chain-based electronic signature method, system, device and readable storage medium | |
| CN109543065B (en) | Video active identification method combined with block chain | |
| WO2020000770A1 (en) | Block chain-based method and apparatus for querying pledge information, and computer device | |
| CN115398857A (en) | Block chain based dispute resolution | |
| CN111445238A (en) | Electronic deposit certificate system based on block chain | |
| CN112950415B (en) | Judicial evidence fixing method, platform and system based on blockchain | |
| CN111444257A (en) | Block chain-based electronic evidence storage method and system | |
| CN110969207A (en) | Electronic evidence processing method, device, equipment and storage medium | |
| CN111259439A (en) | Intangible asset management service platform based on block chain and implementation method thereof | |
| CN114691669A (en) | Electronic certificate storage method and device, electronic equipment and storage medium | |
| CN101534296B (en) | Public network information integrity and time point existence proof method and system | |
| CN110730074A (en) | Implementation method and data structure of nested traceable digital twin body | |
| US20180268380A1 (en) | System and method for electronic deposit and authentication of original electronic information objects | |
| KR101628720B1 (en) | Copied image evidence management system for verifying authenticity and integrity | |
| CN106713297B (en) | Electronic data fixed platform based on cloud service | |
| CN110992219A (en) | Intellectual property protection method and system based on block chain technology | |
| CN103647650A (en) | Rule definition based automatic signature/signature verification device and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200221 |
|
| RJ01 | Rejection of invention patent application after publication |