CN111221780A - Server file safe storage method based on block chain - Google Patents
Server file safe storage method based on block chain Download PDFInfo
- Publication number
- CN111221780A CN111221780A CN201911409807.XA CN201911409807A CN111221780A CN 111221780 A CN111221780 A CN 111221780A CN 201911409807 A CN201911409807 A CN 201911409807A CN 111221780 A CN111221780 A CN 111221780A
- Authority
- CN
- China
- Prior art keywords
- value
- key
- hash
- server file
- hash value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/10—File systems; File servers
- G06F16/13—File access structures, e.g. distributed indices
- G06F16/137—Hash-based
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/22—Indexing; Data structures therefor; Storage structures
- G06F16/2228—Indexing structures
- G06F16/2246—Trees, e.g. B+trees
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F16/00—Information retrieval; Database structures therefor; File system structures therefor
- G06F16/20—Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
- G06F16/27—Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Databases & Information Systems (AREA)
- Data Mining & Analysis (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Computing Systems (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
- Storage Device Security (AREA)
Abstract
A safe storage method of a server file based on a block chain is characterized in that the server file is converted into character strings, and each character string is encrypted into a key value pair; encrypting, and storing the final key value pair in a LevelDB database by using a Mercker patricia tree; and verifying the hash value of the block, and automatically judging the hash value when the link points of the block are positioned. The invention has the advantages that: the method has the advantages of preventing tampering, being capable of backing up and updating the server file at any time.
Description
Technical Field
The invention belongs to the field of computer information security, relates to contents and methods such as data encryption, storage, privacy protection and the like, and particularly relates to a server file security storage method based on a block chain.
Background
The blockchain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism and an encryption algorithm. In the block chain system, every time, transaction data generated by each participating main body is packed into a data block, the data blocks are sequentially arranged according to a time sequence to form a chain of the data blocks, each participating main body has the same data chain and cannot be tampered unilaterally, any information can be modified only by a main body agreeing party in a predetermined proportion, new information can be added only, and old information cannot be deleted or modified, so that information sharing and consistent decision among multiple main bodies is realized, and the identity of each main body and the suggested information among the main bodies cannot be tampered, and are transparent.
In block chaining, merkel Patricia tree mpt (merkle Patricia tries) is a key data structure for encryption authentication in etherhouses, which is actually a variant of Trie tree, and can be used to store all [ key, value ] pairs, which is a very important data structure in etherhouses.
Etherum Ethereum is an open-source public blockchain platform with intelligent contract function, and provides an decentralized Etherum Virtual Machine to process point-to-point contracts through the special encryption currency Ether, which is called 'ETH' for short.
Disclosure of Invention
In order to solve the defects of the prior art, the server file safe storage method based on the block chain is provided, and the method can ensure the safety of the server file and prevent the server file from being maliciously changed by other people.
In order to achieve the purpose, the invention adopts the following technical scheme:
a safe storage method for a server file based on a block chain comprises the following steps:
and 6, verifying the hash value of the block, and automatically judging the hash value when the link points of the block are positioned. Because the hash value is stored in the block chain by using the MPT tree structure, and the hash value obtained by the server file through the irreversible one-way single-column algorithm is unique, if the hash value of the server file is the same as the hash value stored by the node in the MPT tree, the internal file of the server is not modified due to hacking; if the hash values are different, the server file is proved to be modified, and the specific node is accurately positioned by contrasting the whole MPT tree.
The key value pair is the simplest organization form in the database, the key is the number of a certain stored value, and the value is the data to be stored. There are a large number of databases currently using key-value pairs for storage, including Redis, MongoDB, memcached, BerkeleyDB, Kyoto cabin, and LevelDB. In the present case, the level db is selected as the storage database. The levelDB database is a very efficient kv database realized by Google, is a single-process service, has very high performance, and has far stronger writing performance than reading performance.
The recursive length prefix coding is RLP coding, which is the main method for data serialization/deserialization in the Ethernet, and data structures such as blocks, transactions and the like are stored in a database after being subjected to RLP coding during persistence.
The Hash value of the root of the tree is the Hash value of the whole block, the MPT tree combines the advantages of the dictionary tree and the Mercker tree, the root node in the compressed dictionary tree is empty, the MPT tree can store the Hash checksum of the whole tree at the root node, and the generation of the checksum adopts a mode consistent with the generation of the Mercker tree. The Etherhouse uses the MPT tree to store, trade, receipt of trade and world state, and has optimized the MPT tree to compress the whole tree height and reduce the complexity of operation. MPT Tree Structure As shown in FIG. 1, it can be seen that there are four states to be stored in the world state MPT tree, and the values to be stored are in the form of key-value pairs. From Top to bottom, we see first the root Hash generated by keccak256, refer to Top Hash of merkel tree, next see Extension Node, where the common prefix shared is a7, merge in a way of compressing prefix tree, next see Branch Node, where there are characters representing hexadecimal and a value, the last value is data part of fullnode, and finally see leaf Node leader Node for storing concrete data, which also compresses path.
The invention relates to a server file security technology based on a block chain, which is characterized in that a server file is stored in each block on the block chain according to the characteristics of decentralization, non-tampering and permanent storage of the block chain, an administrator can verify whether the server file is changed due to hacking according to hash values, if the hash values of the blocks are the same, the server file is proved to be not tampered, otherwise, the server file is tampered, and the specific server file is directly positioned according to different hash values.
The invention has the advantages that:
1. preventing tampering. And storing the server file in the block chain, and ensuring that the server file is not tampered maliciously by using the non-tamper property of the block chain.
2. It can be backed up. The server file is stored in a level DB database in a key-value pair mode, the level DB stores the key-value pair in a log file to prevent a system from being unable to recover data, and the method can recover from the log file of the database if the server file is found to be tampered.
3. And updating the server file at any time. Due to the functional requirements, a developer needs to update a server file, and at this time, the content in the server file is changed, and the corresponding hash value is changed and cannot correspond to the previous hash value, so that a new key value pair needs to be regenerated and inserted into the MPT tree to complete the update of the server file.
Drawings
FIG. 1 is a diagram of an MPT tree structure according to the present invention.
Detailed Description
Referring to the accompanying drawings, a block chain-based server file secure storage method is a server file protection security policy, which uses non-tamper-proof property of a block chain to ensure the security of a server file, and next, taking a single server as an example, specific implementation steps are described:
firstly, converting the server file into character strings (value), and performing an irreversible one-way hash algorithm SHA256 on each character string to obtain a hash value (HashData) of each character string respectively.
And 2, storing the data obtained in the first step into a levelDB database in the form of key value pairs [ key (HashData), value ].
And 3, repeating the first step and the second step until all the server files are stored into the levelDB database in a key value pair mode.
The levelDB is a sustainable KV database engine, data is stored in a database in a key value-to-value mode, data generated by each server file takes HashData as a key, and a character string converted from the server file is stored in the levelDB database as a value. The data base stores the data according to the dictionary sequence of the key.
And 4, the keys and the values obtained in the second step are original keys and values, the original keys are required to be subjected to hash operation once to obtain final keys, and the original values are processed by RLP coding to obtain final values.
There are three encoding forms for the MPT tree node key, but all three encoding are operations performed on the key, and finally continue to be in a K-V form in a levelDB, and value needs to be processed. The key value pair is transcoded by adopting RLP coding before in the Etherhouse, the key value pair is used as value after being coded, the Hash (keccak 256) of the coded data is calculated as key, and the key is stored in the levelDB. To avoid the appearance of the same key, the Etherhouse adds some prefix differentiation to the key.
RLP coding is defined as follows:
for a single byte in the range 0x00, 0x7f, the RLP-encoded content is the byte content itself.
Otherwise, if a string is 0-55 bytes long, the RLP encodes a special value of 0x80 plus the length of the string plus the string binary content. Thus, the expression range of the first byte is [0x80,0xb7].
If the string length exceeds 55 bytes, the RLP encoding consists of a fixed value of 0xb7 plus the number of bytes occupied by the length of the string, plus the encoding of the length of the string, plus the binary content of the string. For example, a 1024-long string will be encoded as \ xb9\ x04\ x00 followed by the string contents. The expression range of the first byte is [0xb8,0xbf ].
If the contents of the list (the combined length of all its entries) is 0-55 bytes long, its RLP encoding consists of a single byte of 0xC0 plus the length of the concatenation of the RLP encodings of all entries, followed by the concatenation of the RLP encodings of all entries. The range of the first byte is thus [0xc0, 0xf7]
If the contents of the list exceed 55 bytes, its RLP encoding consists of a single byte of 0xC0 plus the length of the concatenation of the RLP encodings of all the items, followed by the concatenation of the RLP encodings of all the items. The range of the first byte is thus [0xf8, 0xff ].
And 5, finally, storing the [ key, value ] pair in a LevelDB database by using a Merkle Patricia tree, wherein the root of the Merkle Patricia tree is StorageRoot, and the Hash value of the root of the Merkle Patricia tree is the Hash value of the whole block.
The insertion operation is continuously executed to complete the construction of the MPT tree. One insertion process is: firstly, finding out a Node with the longest path prefix same as that of a newly inserted Node, and marking as a Node; if the Node is a branch Node:
step 5.1, if the rest search paths are not empty, inserting the new node as a leaf node into the corresponding child list;
step 5.2, if the remaining search paths are empty (complete match), the content of the new node is stored in the 17 th child node item of the branch node (Value);
if the node is a leaf/extension node:
step 5.3, if the remaining search paths are consistent with the key of the current node, updating the Val of the current node;
step 5.4, if the remaining search paths are not completely consistent with the key of the current node, replacing child nodes of the leaf/extension node with branch nodes, taking the common prefix of the new node and the key of the current node as the key of the current node, taking the child nodes of the new node and the current node as two children, inserting the two children into a child list of the branch nodes, and simultaneously converting the current node into an extension node (if the new node and the current node do not have the common prefix, directly replacing the current node with the generated branch node);
and 5.5, if the insertion is successful, setting the dirty mark of the modified node to true, setting the hash mark to null (the previous result is impossible to use), and updating the birth mark of the node to the present.
And circulating the processes until the construction of the MPT tree is completed.
And 6, verifying the hash value of the block, proving that the internal file of the server is not modified if the hash value is matched, proving that the file of the server is modified if the hash value is not matched, and accurately positioning the file of the specific server by contrasting the whole MPT tree.
And restoring a complete tree structure according to the hash value of the Storageroot, expanding the hash value of the node, and proving that the server file is not tampered if the hash value of the key-value pair is the same as the hash value of the node.
However, in daily work, the server is often required to be updated, so that files in the server are changed, an update interface is called, and the hash value of the StoragRoot can be obtained again by updating the MPT tree according to the path.
Claims (1)
1. A safe storage method for a server file based on a block chain comprises the following steps:
step 1, converting a server file into character strings value, and performing an irreversible one-way hash algorithm SHA256 on each character string to respectively obtain a hash value HashData of each character string;
step 2, storing the character string and the hash value obtained in the first step into a levelDB database in the form of key value pairs (HashData) and value;
step 3, repeating the first step and the second step until all the server files are stored in a levelDB database in a key value pair mode;
step 4, the key and the value obtained in the second step are the original key and the value, the original key is subjected to one-time hash operation to obtain a final key, and the original value is subjected to recursive length prefix coding processing to obtain a final value;
step 5, finally, storing the [ key, value ] pair obtained in the fourth step in a LevelDB database by using a Mercker patricia tree, wherein the root of the tree is Storageroot;
step 6, verifying the hash value of the block, and automatically judging the hash value when the link points of the block are positioned; because the hash value is stored in the block chain by using the MPT tree structure, and the hash value obtained by the server file through the irreversible one-way single-column algorithm is unique, if the hash value of the server file is the same as the hash value stored by the node in the MPT tree, the internal file of the server is not modified due to hacking; if the hash values are different, the server file is proved to be modified, and the specific node is accurately positioned by contrasting the whole MPT tree.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911409807.XA CN111221780B (en) | 2019-12-31 | 2019-12-31 | Server file safe storage method based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911409807.XA CN111221780B (en) | 2019-12-31 | 2019-12-31 | Server file safe storage method based on block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111221780A true CN111221780A (en) | 2020-06-02 |
| CN111221780B CN111221780B (en) | 2022-05-17 |
Family
ID=70828039
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911409807.XA Active CN111221780B (en) | 2019-12-31 | 2019-12-31 | Server file safe storage method based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111221780B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112269840A (en) * | 2020-11-27 | 2021-01-26 | 阿拉拇 | Block chain big data processing method based on distributed computation |
| CN112511629A (en) * | 2020-11-30 | 2021-03-16 | 上海简苏网络科技有限公司 | Data compression method and system for account tree of MPT structure |
| US20220247583A1 (en) * | 2019-06-14 | 2022-08-04 | Ailia Sa | Method for the execution of an instance of a smart contract by means of a blockchain |
| CN116860707A (en) * | 2023-06-13 | 2023-10-10 | 北京科技大学 | Material genetic engineering big data safe sharing method and system based on block chain |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107391557A (en) * | 2017-03-24 | 2017-11-24 | 北京瑞卓喜投科技发展有限公司 | Block chain Series poll method and system for setting errata outside chain |
| CN108039943A (en) * | 2017-12-06 | 2018-05-15 | 清华大学深圳研究生院 | A kind of encryption searching method that can verify that |
| CN110263544A (en) * | 2019-05-20 | 2019-09-20 | 阿里巴巴集团控股有限公司 | In conjunction with the receipt storage method and node of type of transaction and Rule of judgment |
| US20190370241A1 (en) * | 2018-06-05 | 2019-12-05 | Oracle International Corportion | Authenticated Key-value Stores Supporting Partial State |
-
2019
- 2019-12-31 CN CN201911409807.XA patent/CN111221780B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107391557A (en) * | 2017-03-24 | 2017-11-24 | 北京瑞卓喜投科技发展有限公司 | Block chain Series poll method and system for setting errata outside chain |
| CN108039943A (en) * | 2017-12-06 | 2018-05-15 | 清华大学深圳研究生院 | A kind of encryption searching method that can verify that |
| US20190370241A1 (en) * | 2018-06-05 | 2019-12-05 | Oracle International Corportion | Authenticated Key-value Stores Supporting Partial State |
| CN110263544A (en) * | 2019-05-20 | 2019-09-20 | 阿里巴巴集团控股有限公司 | In conjunction with the receipt storage method and node of type of transaction and Rule of judgment |
Non-Patent Citations (2)
| Title |
|---|
| ZHAOJUN LU等: "A Blockchain-Based Privacy-Preserving Authentication Scheme for VANETs", 《IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS》 * |
| 曹迪迪等: "基于智能合约的以太坊可信存证机制", 《计算机应用》 * |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20220247583A1 (en) * | 2019-06-14 | 2022-08-04 | Ailia Sa | Method for the execution of an instance of a smart contract by means of a blockchain |
| CN112269840A (en) * | 2020-11-27 | 2021-01-26 | 阿拉拇 | Block chain big data processing method based on distributed computation |
| CN112511629A (en) * | 2020-11-30 | 2021-03-16 | 上海简苏网络科技有限公司 | Data compression method and system for account tree of MPT structure |
| CN112511629B (en) * | 2020-11-30 | 2022-11-11 | 上海简苏网络科技有限公司 | Data compression method and system for account tree of MPT structure |
| CN116860707A (en) * | 2023-06-13 | 2023-10-10 | 北京科技大学 | Material genetic engineering big data safe sharing method and system based on block chain |
| CN116860707B (en) * | 2023-06-13 | 2024-02-13 | 北京科技大学 | Material genetic engineering big data safe sharing method and system based on block chain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111221780B (en) | 2022-05-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111221780B (en) | Server file safe storage method based on block chain | |
| EP2302538B1 (en) | Method and system for capturing change of data | |
| CN110321735B (en) | Business handling method, system and storage medium based on zero knowledge certification | |
| CN111177080A (en) | Knowledge graph storage and verification method based on block chain and IPFS | |
| US20190288847A1 (en) | Industrial data verification using secure, distributed ledger | |
| US11308030B2 (en) | Log-structured merge-tree with blockchain properties | |
| CN113826354A (en) | Error correction code based block chain data storage | |
| CN110597814B (en) | Structured data serialization and deserialization method and device | |
| US11070231B2 (en) | Reducing storage of blockchain metadata via dictionary-style compression | |
| KR20210045353A (en) | Indexing and recovery of encoded blockchain data | |
| CN110222067B (en) | Method and system for anchoring trusted external database by block chain intelligent contract | |
| CN113986143A (en) | Block chain log storage-oriented high-reliability low-overhead data storage method | |
| CN115001852B (en) | Method and device for accessing endogenous security database in network operating system | |
| CN111386519B (en) | Dynamic blockchain data storage based on error correction codes | |
| CN111651417B (en) | Log processing method and device | |
| CN115988001A (en) | Consensus voting processing method, device, equipment and medium for block chain system | |
| CN109271797B (en) | Method and system for improving security of database sensitive information | |
| CN114065269B (en) | Method for generating and analyzing bindless heterogeneous token and storage medium | |
| TWI664849B (en) | Method, computer program product and processing system for generating secure alternative representation | |
| CN111460436B (en) | Unstructured data operation method and system based on blockchain | |
| CN104281632B (en) | Coding-decoding method and system based on Object Protocol mapping | |
| CN111767168A (en) | Block chain-based storage system convenient for data backtracking | |
| CN110413691A (en) | Database backup method, restoration methods and device based on block chain | |
| CN114328590A (en) | Transaction execution method, device, equipment and storage medium | |
| US11138158B2 (en) | Binding a local data storage device to remote data storage |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |