CN111342963A - Data uplink method, data storage method and device - Google Patents
Data uplink method, data storage method and device Download PDFInfo
- Publication number
- CN111342963A CN111342963A CN202010412500.1A CN202010412500A CN111342963A CN 111342963 A CN111342963 A CN 111342963A CN 202010412500 A CN202010412500 A CN 202010412500A CN 111342963 A CN111342963 A CN 111342963A
- Authority
- CN
- China
- Prior art keywords
- data
- identity
- private key
- target data
- internet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Storage Device Security (AREA)
Abstract
One or more embodiments of the present specification provide a data uplink method, a data storage method and an apparatus. The data uplink method is applied to the Internet of things equipment comprising a security chip, and comprises the following steps: target data is input into the security chip to trigger a private key generation circuit of the security chip to acquire hardware feature data of the Internet of things equipment, an identity private key of the Internet of things equipment is output to a signature circuit according to the hardware feature data, and a digital signature aiming at the target data is output by the signature circuit according to the identity private key and the target data; and sending the digital signature and the target data to the block chain nodes so that the block chain nodes verify the digital signature according to the pre-acquired identity public key of the Internet of things equipment, and storing the target data to the block chain under the condition that the verification is passed.
Description
Technical Field
One or more embodiments of the present disclosure relate to the field of data processing technologies, and in particular, to a data uplink method, a data storage method, and an apparatus.
Background
To ensure that the received data is authentic and has not been tampered with, the receiving device needs to verify the received data to ensure that the received data is indeed from the sending device and that the data has not been tampered with during transmission.
Digital signature techniques based on asymmetric encryption are used to meet the data verification requirements described above. The device generates a pair of asymmetric keys, where the public key is open to the outside and the private key is maintained by the device. In the above scenario, the sender device may use a private key maintained by itself to sign data to be transmitted, and the receiver device may use a public key disclosed by the sender device to verify the signature, and if the signature verification is successful, it indicates that the received data really comes from the sender device, and the data is not tampered during transmission.
Disclosure of Invention
In view of the above, one or more embodiments of the present disclosure provide a data uplink method, a data storage method and an apparatus.
To achieve the above object, one or more embodiments of the present disclosure provide the following technical solutions:
according to a first aspect of one or more embodiments of the present specification, a data uplink method is provided, which is applied to an internet of things device, where the internet of things device includes a secure chip, and the secure chip includes a private key generation circuit and a signature circuit;
the data uplink method comprises the following steps:
target data are input into the security chip to trigger the private key generation circuit to acquire hardware feature data of the Internet of things equipment, an identity private key of the Internet of things equipment is output to the signature circuit according to the hardware feature data, and the signature circuit is triggered to output a digital signature aiming at the target data according to the identity private key and the target data;
and sending the digital signature and the target data to a block chain node so that the block chain node verifies the digital signature according to a pre-acquired identity public key of the Internet of things equipment, and storing the target data to a block chain when the verification is passed.
According to a second aspect of one or more embodiments of the present specification, a data uplink method is provided, which is applied to a block chain node, and the data uplink method includes:
determining an identity public key of the Internet of things equipment under the condition of receiving a digital signature and target data sent by the Internet of things equipment; the security chip in the internet of things equipment comprises a private key generation circuit and a signature circuit, the digital signature is an output result of the signature circuit after signing the target data according to an identity private key, and the identity private key is generated by the private key generation circuit according to hardware feature data of the internet of things equipment;
verifying the digital signature according to the identity public key;
and storing the target data to a block chain if the digital signature verification is passed.
According to a third aspect of one or more embodiments of the present specification, a data storage method is provided, which is applied to a first device, where the first device includes a secure chip, and the secure chip includes a private key generation circuit and a signature circuit;
the data storage method comprises the following steps:
target data is input into the security chip to trigger the private key generation circuit to acquire hardware feature data of the first device, an identity private key of the first device is output to the signature circuit according to the hardware feature data, and a digital signature aiming at the target data is output by the signature circuit according to the identity private key and the target data;
and sending the digital signature and the target data to second equipment so that the second equipment verifies the digital signature according to the pre-acquired identity public key of the first equipment, and storing the target data under the condition that the verification is passed.
According to a fourth aspect of one or more embodiments of the present specification, there is provided a data storage method applied to a second device, the data storage method including:
under the condition of receiving a digital signature and target data sent by first equipment, determining an identity public key of the first equipment; the security chip in the first device comprises a private key generation circuit and a signature circuit, the digital signature is an output result of the signature circuit after signing the target data according to an identity private key, and the identity private key is generated by the private key generation circuit according to hardware feature data of the first device;
verifying the digital signature according to the identity public key;
and storing the target data when the digital signature passes the verification.
According to a fifth aspect of one or more embodiments of the present specification, a data uplink apparatus is provided, which is applied to an internet of things device, where the internet of things device includes a secure chip, and the secure chip includes a private key generation circuit and a signature circuit;
the data uplink device comprises:
the triggering module is used for inputting target data to the security chip so as to trigger the private key generating circuit to acquire hardware characteristic data of the Internet of things equipment, outputting an identity private key of the Internet of things equipment to the signature circuit according to the hardware characteristic data, and triggering the signature circuit to output a digital signature aiming at the target data according to the identity private key and the target data;
and the sending module is used for sending the digital signature and the target data to a block chain node so that the block chain node verifies the digital signature according to a pre-acquired identity public key of the Internet of things equipment, and stores the target data to a block chain when the verification is passed.
According to a sixth aspect of one or more embodiments of the present specification, there is provided a data uplink apparatus applied to a block chain node, the data uplink apparatus including:
the determining module is used for determining the identity public key of the Internet of things equipment under the condition of receiving the digital signature and the target data sent by the Internet of things equipment; the security chip in the internet of things equipment comprises a private key generation circuit and a signature circuit, the digital signature is an output result of the signature circuit after signing the target data according to an identity private key, and the identity private key is generated by the private key generation circuit according to hardware feature data of the internet of things equipment;
the verification module is used for verifying the digital signature according to the identity public key;
and the storage module is used for storing the target data to the block chain under the condition that the digital signature passes verification.
According to a seventh aspect of one or more embodiments of the present specification, there is provided a data storage apparatus applied to a first device, the first device comprising a secure chip, the secure chip comprising a private key generation circuit and a signature circuit;
the data storage device includes:
the triggering module is used for inputting target data to the security chip so as to trigger the private key generating circuit to acquire hardware characteristic data of the first device, output an identity private key of the first device to the signature circuit according to the hardware characteristic data, and trigger the signature circuit to output a digital signature aiming at the target data according to the identity private key and the target data;
and the sending module is used for sending the digital signature and the target data to second equipment so that the second equipment verifies the digital signature according to the pre-acquired identity public key of the first equipment, and stores the target data under the condition of passing verification.
According to an eighth aspect of one or more embodiments herein, there is provided a data storage apparatus applied to a second device, the data storage apparatus including:
the device comprises a determining module, a judging module and a judging module, wherein the determining module is used for determining an identity public key of a first device under the condition of receiving a digital signature and target data sent by the first device; the security chip in the first device comprises a private key generation circuit and a signature circuit, the digital signature is an output result of the signature circuit after signing the target data according to an identity private key, and the identity private key is generated by the private key generation circuit according to hardware feature data of the first device;
the verification module is used for verifying the digital signature according to the identity public key;
and the storage module is used for storing the target data under the condition that the digital signature passes verification.
According to a ninth aspect of one or more embodiments herein, there is provided an electronic device, comprising:
a processor;
a memory for storing processor-executable instructions;
wherein the processor implements the method of any of the above aspects by executing the executable instructions.
According to a tenth aspect of one or more embodiments of the present specification, there is provided a computer readable storage medium having stored thereon computer instructions which, when executed by a processor, implement the steps of the method of any one of the above aspects.
Drawings
Fig. 1 is a flowchart of a data storage method according to an exemplary embodiment of the present disclosure.
Fig. 2a is a block diagram of a security chip used in a data storage method according to an exemplary embodiment of the present disclosure.
Fig. 2b is a block diagram of another security chip used in the data storage method according to an exemplary embodiment of the present disclosure.
FIG. 3 is a flow chart of another data storage method provided by an exemplary embodiment of the present description.
FIG. 4 is a flow chart of another data storage method provided by an exemplary embodiment of the present description.
Fig. 5 is a flowchart of a data uplink method according to an exemplary embodiment of the present disclosure.
Fig. 6 is a schematic structural diagram of an apparatus provided in an exemplary embodiment of the present specification.
Fig. 7 is a block diagram of a data uplink apparatus according to an exemplary embodiment of the present disclosure.
Fig. 8 is a block diagram of another data uplink apparatus according to an exemplary embodiment of the present disclosure.
Fig. 9 is a schematic structural diagram of an apparatus provided in an exemplary embodiment of the present specification.
Fig. 10 is a block diagram of a data storage device according to an exemplary embodiment of the present disclosure.
FIG. 11 is a block diagram of another data storage device provided in an exemplary embodiment of the present description.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with one or more embodiments of the present specification. Rather, they are merely examples of apparatus and methods consistent with certain aspects of one or more embodiments of the specification, as detailed in the claims which follow.
It should be noted that: in other embodiments, the steps of the corresponding methods are not necessarily performed in the order shown and described herein. In some other embodiments, the method may include more or fewer steps than those described herein. Moreover, a single step described in this specification may be broken down into multiple steps for description in other embodiments; multiple steps described in this specification may be combined into a single step in other embodiments.
Fig. 1 is a flowchart of a data storage method shown in an exemplary embodiment of this specification, where the method is applied to a first device, where the first device includes a security chip, and the first device generates a private key based on the security chip and hardware feature data of the device itself, and the private key does not need to be stored and is generated at any time, so that it is possible to effectively avoid that an attack device steals the private key in the first device, clones the first device, and further ensure the security of data.
Before describing the data storage method, the security chip used in the data storage method is described and explained.
Fig. 2a is a schematic block diagram of a security chip used in a data storage method according to an exemplary embodiment of the present specification, where the security chip includes a private key generation circuit 21, a signature circuit 22, and a public key generation circuit 23, an input end of the private key generation circuit 21 is used as an input end of the security chip for inputting hardware feature data, and an output end of the private key generation circuit 21 is connected to an input end of the signature circuit 22. The other input terminal of the signature circuit 22 is used as the other input terminal of the security chip for inputting the target data, and the output terminal of the signature circuit 22 is used as an output terminal of the security chip. The output end of the private key generating circuit 21 is further connected to the input end of the public key generating circuit 23, and the output end of the public key generating circuit 23 is used as the other output end of the security chip. In the process of generating the public key, the private key generation circuit 21 may convert the input hardware feature data into a private key and output the private key to the public key generation circuit 23, and the public key generation circuit 23 converts the private key into a public key and outputs the public key. In the process of performing digital signature, the private key generation circuit 21 may convert the input hardware feature data into a private key and output the private key to the signature circuit 22, and the signature circuit 22 uses the private key to sign the input target data, obtain a digital signature, and output the digital signature.
The private key generating circuit 21, the signature circuit 22 and the public key generating circuit 23 shown in fig. 2a are integrated on one chip, the output end of the private key generating circuit 21 is directly connected with the signature circuit 22 and the public key generating circuit 23, the private key generated by the private key generating circuit 21 is not stored, and is not output to the outside of the security chip, and the private key generating circuit has the characteristic of being lost when power is turned off, so that the private key generated by the security chip cannot be stolen.
Fig. 2b is a schematic block diagram of another security chip used in the data storage method according to an exemplary embodiment of this specification, where the security chip includes a private key generation circuit 21 and a signature and public key generation circuit 24, an output end of the private key generation circuit 21 is connected to an input end of the signature and public key generation circuit 24, and in this embodiment, the signature and public key generation circuit 24 implements functions of digital signature and public key generation. Under the condition that target data are input, the signature and public key generating circuit 24 carries out signature on the target data according to the private key output by the private key generating circuit 21 to obtain a digital signature and output the digital signature; in the case where no target data is input, the signature and public key generation circuit 24 converts the private key output from the private key generation circuit 21 into a public key and outputs it.
Similar to fig. 2a, the private key generating circuit 21 and the signature and public key generating circuit 24 shown in fig. 2b are integrated on one chip, the output end of the private key generating circuit 21 is directly connected to the signature and public key generating circuit 24, the private key generated by the private key generating circuit 21 is not stored, and is not output to the outside of the security chip, and the private key is characterized in that the private key generated by the security chip can not be stolen when the power is off.
Next, a data storage method according to an embodiment of the present specification will be described in detail by taking the secure chip shown in fig. 2a as an example.
Referring to fig. 1, the data storage method includes the steps of:
The hardware characteristic data may be difference data of the first device caused by random process deviation in the manufacturing process, and the data has uniqueness and non-clonality.
In one embodiment, the first device includes a master control chip, and the hardware feature data may be hardware feature data of the master control chip. Different main control chips can generate random difference of deep submicron level due to process deviation in the manufacturing and packaging processes, and unique and unclonable hardware characteristic data can be obtained after the random difference is sampled.
The hardware feature data of the main control chip generally includes a plurality of feature parameters, such as device size and electrical characteristic difference between chips, random memory distribution value during initialization, current in a power down mode, receiving sensitivity, and data transmission rate. Some characteristic parameters are stable, and the parameter values cannot change; other characteristic parameters are unstable, and the values of the parameters change. In this embodiment, all or part of the feature parameters are selected from the stable feature parameters as the feature parameters for generating the key. The private key generating circuit may be, but is not limited to, implemented using a PUF (physically unclonable function) circuit.
In one embodiment, the integrated circuit of the main control chip and the integrated circuit of the security chip (including the private key generation circuit, the signature circuit, and the public key generation circuit) may be integrated on one chip, and an input end of the private key generation circuit is connected to a node of the integrated circuit of the main control chip related to the hardware characteristic parameter, so as to obtain data (hardware characteristic data) of the nodes when the private key generation circuit is triggered, and convert the data into the private key.
In another embodiment, the main control chip and the security chip may be independent chips, and an input end of the private key generation circuit of the security chip may be connected to a certain pin of the main control chip that can output the hardware feature data, so as to obtain the hardware feature data when the private key generation circuit is triggered, and convert the hardware feature data into the private key.
Since the hardware feature data of the first device is unpredictable, unique, and unclonable, in this embodiment, the security is high because the private key is generated based on the hardware feature data of the first device.
Further, in this embodiment, a secure chip is used to generate a private key and sign target data. Under the condition that the first device needs to store data in the second device, the security chip triggers the private key generation circuit to acquire hardware characteristic data, and the private key generation circuit outputs a private key to the signature circuit according to the acquired hardware characteristic data. Because the private key generating circuit and the signature circuit are both realized by adopting a digital logic circuit (or an analog circuit), the private key does not need to be stored in the process of generating the private key and the digital signature, and the private key has the characteristics of being lost and incapable of being read out when power is off, the private key cannot be stolen from the security chip by an attack device, the first device cannot be cloned, and the security of data storage can be further ensured.
And 104, sending the digital signature and the target data to the second equipment so that the second equipment verifies the digital signature according to the pre-acquired identity public key of the first equipment, and storing the target data under the condition that the verification is passed.
The target data is data that is sent from the first device to the second device and needs to be stored on the second device, and may be, but is not limited to, service data generated by the first device.
It should be noted that, in order to qualify the first device for storing data in the second device, the identity registration of the first device on the second device needs to be completed before step 102 is executed. In the process of identity registration, the first device issues an identity registration instruction to the security chip, and when the security chip receives the identity registration instruction, the security chip triggers the private key generation circuit to obtain hardware characteristic data of the first device, and outputs the identity private key of the first device to the public key generation circuit according to the hardware characteristic data, and triggers the public key generation circuit to output the identity public key of the first device according to the private key. And the first equipment sends a registration request carrying the identity public key to the second equipment, and if the second equipment confirms that the first equipment has the data storage authority, the identity public key of the first equipment is stored so as to complete the identity registration of the first equipment. The identity public key stored by the second device is used for subsequent digital signature verification.
It will be appreciated that the private key is not stored after each generation, but is generated at any time, but since the private key is generated from stable hardware feature data, the private key is in fact the same for each generation. Therefore, the second device can verify the digital signature using the public identity key obtained at the time of identity registration.
In another embodiment, the public key generation circuit may be implemented, but is not limited to, using an asynchronous circuit having the function of an elliptic curve cryptography algorithm.
In a scenario where multiple first devices may store data in one second device, the registration request sent by the first device may further include a device identifier of the first device, so that the second device associates the storage device identifier and the public identity key, so that when performing digital verification, the second device can quickly determine a corresponding public identity key according to the device identifier. Specifically, in the data storage process, the first device may send the device identifier, the digital signature, and the target data to the second device in an associated manner, so that the second device determines the public identity key of the first device according to the device identifier, and verifies the digital signature.
In any of the embodiments, since the private key is generated based on the hardware feature data of the device, and is generated at any time when used, and the private key is not stored, the attack device cannot steal the private key of the device, thereby effectively preventing the device from being attacked by copying, preventing the data from being tampered, and ensuring the security of the service or the provided data or service.
Fig. 3 is a flowchart illustrating another data storage method according to an exemplary embodiment of the present disclosure, applied to a second device, and referring to fig. 3, the data storage method includes the following steps:
The implementation process of the digital signature is shown in step 102, and is not described herein again. When the first device performs identity registration, the second device stores the identity public key of the first device, and in step 302, the second device determines the identity public key of the first device, that is, the second device determines the identity public key of the first device.
And 304, verifying the digital signature according to the identity public key, and storing the target data under the condition that the verification is passed.
The process of verifying a digital signature is briefly described as follows:
the second equipment decrypts the digital signature by using the identity public key of the first equipment to obtain a digital abstract to be verified; performing Hash operation on target data to generate a standard digital abstract; comparing the digital abstract to be verified with the standard digital abstract, if the digital abstract and the standard digital abstract are the same, the digital signature verification is passed, the first equipment is determined to be legal equipment, the target data is not tampered, and the second equipment stores the target data sent by the first equipment; and if the digital abstract to be verified is different from the standard digital abstract, the verification is not passed, the first device is an illegal device, or the target data is tampered, and the second device does not store the target data sent by the first device.
In order to qualify the first device to store data in the second device, it is necessary to complete registration of the first device with the second device. The first equipment sends a registration request to the second equipment, the registration request comprises the identity public key of the first equipment, and the second equipment stores the identity public key of the first equipment under the condition that the second equipment judges that the first equipment has the data storage authority so as to complete identity registration of the first equipment. The first device typically performs identity registration in a secure environment.
In a scenario where multiple first devices may store data in one second device, the second device may further record the device identifier of the first device, and associate the stored device identifier and the public identity key, so that the second device can quickly determine the public identity key of the first device according to the device identifier during digital verification.
The second device may store the public identity key of the first device locally, or store the public identity key on the third device. If the identity public key is stored locally, when the digital signature is verified, the identity public key of the first device can be searched and obtained locally according to the device identification carried by the first device when the digital signature and the target data are sent; if the public key is stored in the third device, when the digital signature is verified, the identity public key of the first device can be searched and obtained from the third device according to the device identifier carried by the first device when the digital signature and the target data are sent.
In any of the above embodiments, since the identity private key is generated based on the hardware feature data of the device, and is generated at any time, and the identity private key is not stored, the attack device cannot steal the identity private key of the device, so that not only can the traditional attacks such as eavesdropping, tampering and replay be resisted, but also the possible copy attack to which the device may be subjected can be effectively prevented.
Fig. 4 is a flowchart of another data storage method shown in an exemplary embodiment of this specification, where this embodiment shows a process in which a first device completes identity registration and data storage on a second device through interaction between the first device and the second device, and referring to fig. 4, the method includes the following steps:
The registration request may be, but is not limited to, generated by the main control chip of the first device and sent to the secure chip. If the first device needs identity registration, the main control chip of the first device may send an identity registration instruction to the security chip to trigger the private key generation circuit of the security chip to obtain hardware feature data of the first device as input, and output the identity private key of the first device to the public key generation circuit, and trigger the public key generation circuit to output the identity public key of the first device according to the input identity private key.
Step 404, the first device sends a registration request carrying the identity public key to the second device.
In another embodiment, the registration request sent by the first device may further include a device identification of the first device in order for the second device to identify which device sent the identity public key. The device identification may, but is not limited to, use of a device serial number that may uniquely identify the device.
In step 406, before the second device stores the identity public key, the authority of the first device may also be verified, and if the second device confirms that the first device has the authority of data storage, the identity public key of the first device is stored in step 406, so as to complete the identity registration of the first device; if the second device confirms that a certain device does not have the authority of data storage, the second device does not store the identity public key sent by the device.
In another embodiment, if the registration request sent by the first device contains a device identification, the second device associates the storage device identification with the public identity key. Therefore, under the condition that the second device stores the identity public keys of a plurality of devices, the identity public key of each device can be quickly searched and determined according to the device identification.
The second device may store the identity public key locally, or may store the identity public key on the third device. If the identity public key is stored locally, when the digital signature is verified, the identity public key of the first device is searched and obtained locally according to the device identification carried by the first device when the digital signature and the target data are sent; if the public key is stored in the third device, when the digital signature is verified, the identity public key of the first device is searched and obtained from the third device according to the device identifier carried by the first device when the digital signature and the target data are sent.
Step 402-step 406 are processes in which the first device completes identity registration on the second device, and after the identity registration is completed, the first device may store target data on the second device according to actual requirements, and a specific implementation process of data storage is described in step 408 and step 414 below.
In step 408, when the first device needs to store the target data in the second device, the main control chip of the first device sends the target data to the security chip to trigger the private key generation circuit of the security chip to obtain the hardware feature data of the first device as input, and outputs the private key to the signature circuit, so that the signature circuit uses the private key to sign the target data, and outputs the digital signature.
In order to facilitate the second device to determine the public identity key of the first device, the first device may send the device identifier, the digital signature, and the target data to the second device, so that the second device determines the public identity key of the first device according to the device identifier.
Verification of the digital signature may be, but is not limited to, in the following manner:
the second equipment decrypts the digital signature by using the identity public key of the first equipment to obtain a digital abstract to be verified; performing Hash operation on target data to generate a standard digital abstract; comparing the digital abstract to be verified with the standard digital abstract, if the two are the same, the verification is passed, the first device is determined to be a legal device, and step 414 is executed to store the target data sent by the first device; if the first device and the second device are different, the verification is not passed, the first device is an illegal device or the target data is tampered, and the target data sent by the first device is not stored.
And step 414, under the condition that the digital signature verification is passed, the second device stores the target data.
In this embodiment, a possible copy attack to the device may be effectively prevented, data tampering is avoided, the security of the processing service of the second device based on the target data is ensured, and the security of the data or service provided by the second device is ensured.
Fig. 5 is a flowchart of a data uplink method according to an exemplary embodiment of the present disclosure, where in this embodiment, an internet of things device is used as a first device, a block link point is used as a second device, and a process of the internet of things device completing identity registration and data uplink on the block link node is shown through interaction between the internet of things device and the block link point. The internet of things device comprises a main control chip and a security chip shown in fig. 2a or fig. 2 b.
Referring to fig. 5, the data uplink method includes the following steps:
The registration request may be, but is not limited to, generated by the main control chip of the internet of things device and sent to the security chip. If the internet of things equipment needs identity registration, the main control chip of the internet of things equipment can send an identity registration instruction to the security chip so as to trigger the private key generation circuit of the security chip to acquire hardware feature data of the internet of things equipment as input, output the identity private key to the public key generation circuit, and trigger the public key generation circuit to output the identity public key of the internet of things equipment according to the input identity private key.
Step 504, the internet of things equipment sends a registration request carrying the identity public key to the block chain node.
In another embodiment, in order to allow the block node to identify which device sent the public identity key, the registration request sent by the internet of things device may further include a device identifier of the internet of things device. The device identification may be, but is not limited to, a device serial number that may uniquely identify the internet of things device.
In step 506, before storing the identity public key, the block link point can also verify the authority of the internet of things equipment, and if the block link point confirms that the internet of things equipment has the authority of data storage, the block link point executes 506 to store the identity public key of the internet of things equipment, so as to complete identity registration of the internet of things equipment; if the block chain link point confirms that a certain device does not have the authority of data storage, the block chain link point does not store the identity public key sent by the device.
In another embodiment, if the registration request sent by the internet of things device includes a device identifier, the blockchain node associates the storage device identifier with the identity public key. Therefore, under the condition that the identity public keys of a plurality of devices are stored in the blockchain node, the identity public key of each device can be quickly searched and determined according to the device identification.
The block chain node may store the identity public key locally, or store the identity public key on a third device. If the identity public key is stored locally, when the digital signature is verified, the identity public key of the Internet of things equipment is searched and obtained locally according to the equipment identifier carried by the Internet of things equipment when the digital signature and the target data are sent; if the public key is stored in the third device, when the digital signature is verified, the identity public key of the internet of things device is searched and obtained from the third device according to the device identifier carried by the internet of things device when the digital signature and the target data are sent.
Step 502-step 506 are processes of the internet of things device completing identity registration on the blockchain node, and after the identity registration is completed, the internet of things device may perform uplink on the target data according to actual requirements, and a specific implementation process of data uplink is shown in step 508 and step 514 below.
And step 508, under the condition that the target data is received, the security chip of the internet of things equipment acquires the hardware characteristic data to generate an identity private key, signs the target data by using the identity private key, and then outputs a digital signature.
In step 508, when the internet of things device needs to store the target data onto the blockchain, the main control chip of the internet of things device sends the target data to the security chip to trigger the private key generation circuit of the security chip to obtain the hardware feature data of the internet of things device as input, and outputs the private key to the signature circuit, so that the signature circuit uses the private key to sign the target data, and outputs the digital signature.
And step 510, the Internet of things equipment sends the target data and the digital signature to the block chain node.
In order to facilitate the determination of the identity public key of the internet of things device by the block chain node, the internet of things device may associate the device identifier with the digital signature and the target data and send the association to the block chain node, so that the block chain node determines the identity public key of the first device according to the device identifier.
And step 512, the block link point verifies the digital signature by using the identity public key of the Internet of things equipment.
The process of verifying a digital signature is briefly described as follows:
the block chain node decrypts the digital signature by using the identity public key of the first equipment to obtain a digital abstract to be verified; performing Hash operation on target data to generate a standard digital abstract; comparing the digital abstract to be verified with the standard digital abstract, if the digital abstract and the standard digital abstract are the same, the digital signature verification is passed, the first equipment is determined to be legal equipment, the target data is not tampered, and the second equipment stores the target data sent by the first equipment; and if the digital abstract to be verified is different from the standard digital abstract, the verification is not passed, the first device is an illegal device, or the target data is tampered, and the second device does not store the target data sent by the first device.
And step 514, storing the target data to the block chain by the block chain node under the condition that the digital signature verification is passed.
In one embodiment, the target data is service data generated by the internet of things device, and in the case that the digital signature verification passes, the blockchain node needs to create a blockchain transaction including the target data first and then store the blockchain transaction to the blockchain.
In another embodiment, the target data is a blockchain transaction containing traffic data, and the blockchain link point stores the blockchain transaction directly onto the blockchain if the digital signature verification passes.
Wherein, the block chain transaction has a narrow transaction and a broad transaction score. A narrowly defined transaction is a transfer of value to a chain of blocks; for example, in a conventional bitcoin blockchain network, the transaction may be a transfer initiated by the user in the blockchain. The generalized transaction refers to a piece of business data with business intention issued to the blockchain; for example, an operator may build a federation chain based on actual business requirements, relying on the federation chain to deploy some other types of online business unrelated to value transfer (e.g., a rental house business, a vehicle dispatching business, an insurance claim settlement business, a credit service, a medical service, etc.), and in such federation chain, the transaction may be a business message or a business request with a business intent issued by a user in the federation chain.
In the embodiment, the copy attack possibly suffered by the Internet of things equipment can be effectively prevented, and the safety of data on the block chain is ensured.
FIG. 6 is a schematic block diagram of an apparatus provided in an exemplary embodiment. Referring to fig. 6, at the hardware level, the apparatus includes a processor 602, an internal bus 604, a network interface 606, a memory 608 and a non-volatile memory 610, but may also include hardware required for other services. The processor 602 reads a corresponding computer program from the non-volatile memory 610 into the memory 608 and runs the computer program to form a data uplink device on a logical level. Of course, besides software implementation, the one or more embodiments in this specification do not exclude other implementations, such as logic devices or combinations of software and hardware, and so on, that is, the execution subject of the following processing flow is not limited to each logic unit, and may also be hardware or logic devices.
Referring to fig. 7, in a software implementation, a data uplink apparatus applied to an internet of things device may include:
the triggering module 71 is configured to input target data to the security chip, so as to trigger the private key generation circuit to obtain hardware feature data of the internet of things device, output an identity private key of the internet of things device to the signature circuit according to the hardware feature data, and trigger the signature circuit to output a digital signature for the target data according to the identity private key and the target data;
a sending module 72, configured to send the digital signature and the target data to a block chain node, so that the block chain node verifies the digital signature according to a pre-obtained public key of the identity of the internet of things device, and stores the target data in the block chain when the verification passes.
Optionally, the triggering module 71 is further configured to, in a case that an identity registration instruction is received, trigger the private key generating circuit to obtain hardware feature data of the internet of things device, output an identity private key of the internet of things device to the public key generating circuit according to the hardware feature data, and trigger the public key generating circuit to output an identity public key of the internet of things device according to the identity private key;
the sending module 72 is further configured to send a registration request to the blockchain node, where the registration request includes the identity public key of the internet of things device, so that the blockchain node stores the identity public key to complete identity registration of the internet of things device.
Optionally, the registration request further includes a device identifier of the internet of things device, so that the blockchain node stores the device identifier and the identity public key in association;
the sending module 72 is further configured to send the device identifier, the digital signature, and the target data to the blockchain node in an associated manner, so that the blockchain node determines the identity public key of the internet of things device according to the device identifier, so as to verify the digital signature.
Optionally, the target data is service data generated by the internet of things device or blockchain transaction containing the service data.
Optionally, the internet of things device further includes a main control chip, and the hardware feature data is feature data of the main control chip.
Referring to fig. 8, in a software implementation, a data uplink apparatus applied to a blockchain node includes:
the determining module 81 is configured to determine an identity public key of the internet of things device when the digital signature and the target data sent by the internet of things device are received; the security chip in the internet of things equipment comprises a private key generation circuit and a signature circuit, the digital signature is an output result of the signature circuit after signing the target data according to an identity private key, and the identity private key is generated by the private key generation circuit according to hardware feature data of the internet of things equipment;
a verification module 82, configured to verify the digital signature according to the identity public key;
a storage module 83, configured to store the target data to a blockchain if the digital signature verification passes.
Optionally, the storage module 83 is configured to:
under the condition that the target data are business data generated by the Internet of things equipment, creating a blockchain transaction containing the target data, and storing the blockchain transaction to a blockchain;
and directly storing the target data to a blockchain under the condition that the target data is a blockchain transaction containing the business data.
FIG. 9 is a schematic block diagram of an apparatus provided in an exemplary embodiment. Referring to fig. 9, at the hardware level, the apparatus includes a processor 902, an internal bus 904, a network interface 906, a memory 908, and a non-volatile memory 910, but may also include hardware required for other services. The processor 902 reads a corresponding computer program from the non-volatile memory 910 into the memory 908 and runs the program, forming a data storage device on a logical level. Of course, besides software implementation, the one or more embodiments in this specification do not exclude other implementations, such as logic devices or combinations of software and hardware, and so on, that is, the execution subject of the following processing flow is not limited to each logic unit, and may also be hardware or logic devices.
Referring to fig. 10, in a software implementation, the data storage applied to the first device may include:
a triggering module 1001, configured to input target data to the security chip, so as to trigger the private key generation circuit to obtain hardware feature data of the first device, output an identity private key of the first device to the signature circuit according to the hardware feature data, and trigger the signature circuit to output a digital signature for the target data according to the identity private key and the target data;
a sending module 1002, configured to send the digital signature and the target data to a second device, so that the second device verifies the digital signature according to a pre-obtained public key of the identity of the first device, and stores the target data when the verification passes.
Optionally, the triggering module is further configured to, in a case that an identity registration instruction is received, trigger the private key generating circuit to obtain hardware feature data of the first device, output an identity private key of the first device to the public key generating circuit according to the hardware feature data, and trigger the public key generating circuit to output an identity public key of the first device according to the identity private key;
the sending module is further configured to send a registration request to the second device, where the registration request includes the identity public key of the first device, so that the second device stores the identity public key to complete identity registration of the first device.
Optionally, the registration request further includes a device identifier of the first device, so that the second device stores the device identifier and the identity public key in association;
the sending module 1002 is further configured to associate the device identifier with the digital signature and the target data, and send the device identifier to the second device, so that the second device determines the identity public key of the first device according to the device identifier, so as to verify the digital signature.
Optionally, the first device further includes a main control chip, and the hardware feature data is feature data of the main control chip.
Referring to fig. 11, in a software embodiment, the data storage applied to the second device may include:
a determining module 1101, configured to determine an identity public key of a first device when a digital signature and target data sent by the first device are received; the security chip in the first device comprises a private key generation circuit and a signature circuit, the digital signature is an output result of the signature circuit after signing the target data according to an identity private key, and the identity private key is generated by the private key generation circuit according to hardware feature data of the first device;
a verification module 1102, configured to verify the digital signature according to the identity public key;
a storage module 1103, configured to store the target data when the digital signature verification passes.
Optionally, the storage module 1103 is configured to:
under the condition that the target data are business data generated by the Internet of things equipment, creating a blockchain transaction containing the target data, and storing the blockchain transaction to a blockchain;
and directly storing the target data to a blockchain under the condition that the target data is a blockchain transaction containing the business data.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. A typical implementation device is a computer, which may take the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email messaging device, game console, tablet computer, wearable device, or a combination of any of these devices.
In a typical configuration, a computer includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement an information store by any method or technology, on which is stored a computer program (information) that, when executed by a processor, implements method steps provided by any of the embodiments described above. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic disk storage, quantum memory, graphene-based storage media or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The foregoing description has been directed to specific embodiments of this disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing may also be possible or may be advantageous.
The terminology used in the description of the one or more embodiments is for the purpose of describing the particular embodiments only and is not intended to be limiting of the description of the one or more embodiments. As used in one or more embodiments of the present specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.
It should be understood that although the terms first, second, third, etc. may be used in one or more embodiments of the present description to describe various information, such information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, first information may also be referred to as second information, and similarly, second information may also be referred to as first information, without departing from the scope of one or more embodiments herein. The word "if" as used herein may be interpreted as "at … …" or "when … …" or "in response to a determination", depending on the context.
The above description is only for the purpose of illustrating the preferred embodiments of the one or more embodiments of the present disclosure, and is not intended to limit the scope of the one or more embodiments of the present disclosure, and any modifications, equivalent substitutions, improvements, etc. made within the spirit and principle of the one or more embodiments of the present disclosure should be included in the scope of the one or more embodiments of the present disclosure.
Claims (16)
1. A data chaining method is applied to Internet of things equipment, wherein the Internet of things equipment comprises a security chip, and the security chip comprises a private key generation circuit and a signature circuit; the data uplink method comprises the following steps:
target data are input into the security chip to trigger the private key generation circuit to acquire hardware feature data of the Internet of things equipment, an identity private key of the Internet of things equipment is output to the signature circuit according to the hardware feature data, and the signature circuit is triggered to output a digital signature aiming at the target data according to the identity private key and the target data;
and sending the digital signature and the target data to a block chain node so that the block chain node verifies the digital signature according to a pre-acquired identity public key of the Internet of things equipment, and storing the target data to a block chain when the verification is passed.
2. The method of claim 1, the security chip further comprising a public key generation circuit;
the data uplink method further comprises the following steps:
under the condition of receiving an identity registration instruction, triggering the private key generation circuit to acquire hardware feature data of the Internet of things equipment, outputting an identity private key of the Internet of things equipment to the public key generation circuit according to the hardware feature data, and triggering the public key generation circuit to output an identity public key of the Internet of things equipment according to the identity private key;
and sending a registration request to the blockchain node, wherein the registration request contains the identity public key of the equipment of the Internet of things, so that the blockchain node stores the identity public key to complete identity registration of the equipment of the Internet of things.
3. The method for uplink data of claim 2, wherein the registration request further includes an equipment identifier of the internet of things device, so that the blockchain node stores the equipment identifier and the identity public key in association; the method further comprises the following steps:
and the device identification, the digital signature and the target data are associated and sent to the block chain node, so that the block chain node determines the identity public key of the Internet of things device according to the device identification, and the digital signature is verified.
4. The method of claim 1, wherein the target data is traffic data generated by the internet of things equipment or a blockchain transaction including traffic data.
5. The data uplink method of claim 1, the internet of things device further comprising a master control chip, and the hardware feature data is feature data of the master control chip.
6. A data uplink method is applied to a block chain node, and comprises the following steps:
determining an identity public key of the Internet of things equipment under the condition of receiving a digital signature and target data sent by the Internet of things equipment; the security chip in the internet of things equipment comprises a private key generation circuit and a signature circuit, the digital signature is an output result of the signature circuit after signing the target data according to an identity private key, and the identity private key is generated by the private key generation circuit according to hardware feature data of the internet of things equipment;
verifying the digital signature according to the identity public key;
and storing the target data to a block chain if the digital signature verification is passed.
7. The method of claim 6, wherein storing the target data to a blockchain comprises:
under the condition that the target data are business data generated by the Internet of things equipment, creating a blockchain transaction containing the target data, and storing the blockchain transaction to a blockchain;
and directly storing the target data to a blockchain under the condition that the target data is a blockchain transaction containing the business data.
8. A data storage method is applied to first equipment, wherein the first equipment comprises a security chip, and the security chip comprises a private key generation circuit and a signature circuit; the data storage method comprises the following steps:
target data is input into the security chip to trigger the private key generation circuit to acquire hardware feature data of the first device, an identity private key of the first device is output to the signature circuit according to the hardware feature data, and a digital signature aiming at the target data is output by the signature circuit according to the identity private key and the target data;
and sending the digital signature and the target data to second equipment so that the second equipment verifies the digital signature according to the pre-acquired identity public key of the first equipment, and storing the target data under the condition that the verification is passed.
9. The data storage method of claim 8, the secure chip further comprising a public key generation circuit;
the data storage method further comprises the following steps:
under the condition of receiving an identity registration instruction, triggering the private key generation circuit to acquire hardware characteristic data of the first device, outputting an identity private key of the first device to the public key generation circuit according to the hardware characteristic data, and triggering the public key generation circuit to output an identity public key of the first device according to the identity private key;
and sending a registration request to the second equipment, wherein the registration request comprises the identity public key of the first equipment, and the second equipment stores the identity public key to complete identity registration of the first equipment.
10. A data storage method is applied to a second device, and comprises the following steps:
under the condition of receiving a digital signature and target data sent by first equipment, determining an identity public key of the first equipment; the security chip in the first device comprises a private key generation circuit and a signature circuit, the digital signature is an output result of the signature circuit after signing the target data according to an identity private key, and the identity private key is generated by the private key generation circuit according to hardware feature data of the first device;
verifying the digital signature according to the identity public key;
and storing the target data when the digital signature passes the verification.
11. A data chaining device is applied to Internet of things equipment, wherein the Internet of things equipment comprises a security chip, and the security chip comprises a private key generation circuit and a signature circuit; the data uplink device comprises:
the triggering module is used for inputting target data to the security chip so as to trigger the private key generating circuit to acquire hardware characteristic data of the Internet of things equipment, outputting an identity private key of the Internet of things equipment to the signature circuit according to the hardware characteristic data, and triggering the signature circuit to output a digital signature aiming at the target data according to the identity private key and the target data;
and the sending module is used for sending the digital signature and the target data to a block chain node so that the block chain node verifies the digital signature according to a pre-acquired identity public key of the Internet of things equipment, and stores the target data to a block chain when the verification is passed.
12. A data uplink device applied to a block chain node comprises:
the determining module is used for determining the identity public key of the Internet of things equipment under the condition of receiving the digital signature and the target data sent by the Internet of things equipment; the security chip in the internet of things equipment comprises a private key generation circuit and a signature circuit, the digital signature is an output result of the signature circuit after signing the target data according to an identity private key, and the identity private key is generated by the private key generation circuit according to hardware feature data of the internet of things equipment;
the verification module is used for verifying the digital signature according to the identity public key;
and the storage module is used for storing the target data to the block chain under the condition that the digital signature passes verification.
13. A data storage device is applied to a first device, wherein the first device comprises a security chip, and the security chip comprises a private key generation circuit and a signature circuit; the data storage device includes:
the triggering module is used for inputting target data to the security chip so as to trigger the private key generating circuit to acquire hardware characteristic data of the first device, output an identity private key of the first device to the signature circuit according to the hardware characteristic data, and trigger the signature circuit to output a digital signature aiming at the target data according to the identity private key and the target data;
and the sending module is used for sending the digital signature and the target data to second equipment so that the second equipment verifies the digital signature according to the pre-acquired identity public key of the first equipment, and stores the target data under the condition of passing verification.
14. A data storage apparatus applied to a second device, the data storage apparatus comprising:
the device comprises a determining module, a judging module and a judging module, wherein the determining module is used for determining an identity public key of a first device under the condition of receiving a digital signature and target data sent by the first device; the security chip in the first device comprises a private key generation circuit and a signature circuit, the digital signature is an output result of the signature circuit after signing the target data according to an identity private key, and the identity private key is generated by the private key generation circuit according to hardware feature data of the first device;
the verification module is used for verifying the digital signature according to the identity public key;
and the storage module is used for storing the target data under the condition that the digital signature passes verification.
15. An electronic device, comprising:
a processor;
a memory for storing processor-executable instructions;
wherein the processor implements the method of any one of claims 1-10 by executing the executable instructions.
16. A computer readable storage medium having stored thereon computer instructions which, when executed by a processor, carry out the steps of the method according to any one of claims 1 to 10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010412500.1A CN111342963A (en) | 2020-05-15 | 2020-05-15 | Data uplink method, data storage method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010412500.1A CN111342963A (en) | 2020-05-15 | 2020-05-15 | Data uplink method, data storage method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111342963A true CN111342963A (en) | 2020-06-26 |
Family
ID=71187494
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010412500.1A Pending CN111342963A (en) | 2020-05-15 | 2020-05-15 | Data uplink method, data storage method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111342963A (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111541725A (en) * | 2020-07-08 | 2020-08-14 | 支付宝(杭州)信息技术有限公司 | Block chain all-in-one machine, password acceleration card thereof, and key management method and device |
| CN111814201A (en) * | 2020-07-17 | 2020-10-23 | 中国工商银行股份有限公司 | Network drone aircraft data recording method, device and system and electronic equipment |
| CN112231767A (en) * | 2020-10-16 | 2021-01-15 | 海尔优家智能科技(北京)有限公司 | Request information processing method and device, storage medium and electronic device |
| CN112422290A (en) * | 2020-10-27 | 2021-02-26 | 中思博安科技(北京)有限公司 | Block chain-based data uplink method, device and system |
| CN112560073A (en) * | 2021-02-19 | 2021-03-26 | 支付宝(杭州)信息技术有限公司 | Method, device and system for verifying data source reliability |
| CN112583826A (en) * | 2020-12-10 | 2021-03-30 | 四川虹微技术有限公司 | Remote measurement method, monitoring method, device and system based on block chain |
| CN112600673A (en) * | 2020-12-01 | 2021-04-02 | 杭州溪塔科技有限公司 | Block chain transaction uplink method and system |
| CN112906064A (en) * | 2020-07-31 | 2021-06-04 | 支付宝(杭州)信息技术有限公司 | Method and device for generating description information |
| CN115021925A (en) * | 2021-02-18 | 2022-09-06 | 熵码科技股份有限公司 | Method for managing information of electronic device and control circuit |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019018557A1 (en) * | 2017-07-18 | 2019-01-24 | Square, Inc. | Devices with physically unclonable functions |
| CN110535656A (en) * | 2019-07-31 | 2019-12-03 | 阿里巴巴集团控股有限公司 | Medical data processing method, device, equipment and server |
| CN110601853A (en) * | 2019-09-17 | 2019-12-20 | 腾讯科技(深圳)有限公司 | Block chain private key generation method and equipment |
| CN110634003A (en) * | 2019-09-25 | 2019-12-31 | 北京艾摩瑞策科技有限公司 | Medicine circulation information tracing method and device based on block chain |
| CN111062716A (en) * | 2019-11-29 | 2020-04-24 | 支付宝(杭州)信息技术有限公司 | Method and device for generating block chain signature data and block chain transaction initiating system |
| CN111125787A (en) * | 2019-12-27 | 2020-05-08 | 上海共链信息科技有限公司 | Gas inspection data cochain system based on block chain and use method thereof |
-
2020
- 2020-05-15 CN CN202010412500.1A patent/CN111342963A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019018557A1 (en) * | 2017-07-18 | 2019-01-24 | Square, Inc. | Devices with physically unclonable functions |
| CN110535656A (en) * | 2019-07-31 | 2019-12-03 | 阿里巴巴集团控股有限公司 | Medical data processing method, device, equipment and server |
| CN110601853A (en) * | 2019-09-17 | 2019-12-20 | 腾讯科技(深圳)有限公司 | Block chain private key generation method and equipment |
| CN110634003A (en) * | 2019-09-25 | 2019-12-31 | 北京艾摩瑞策科技有限公司 | Medicine circulation information tracing method and device based on block chain |
| CN111062716A (en) * | 2019-11-29 | 2020-04-24 | 支付宝(杭州)信息技术有限公司 | Method and device for generating block chain signature data and block chain transaction initiating system |
| CN111125787A (en) * | 2019-12-27 | 2020-05-08 | 上海共链信息科技有限公司 | Gas inspection data cochain system based on block chain and use method thereof |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11626984B2 (en) | 2020-07-08 | 2023-04-11 | Alipay (Hangzhou) Information Technology Co., Ltd. | Blockchain integrated station and cryptographic acceleration card, key management methods and apparatuses |
| CN111541725A (en) * | 2020-07-08 | 2020-08-14 | 支付宝(杭州)信息技术有限公司 | Block chain all-in-one machine, password acceleration card thereof, and key management method and device |
| CN111541725B (en) * | 2020-07-08 | 2021-04-27 | 支付宝(杭州)信息技术有限公司 | Block chain all-in-one machine, password acceleration card thereof, and key management method and device |
| CN111814201A (en) * | 2020-07-17 | 2020-10-23 | 中国工商银行股份有限公司 | Network drone aircraft data recording method, device and system and electronic equipment |
| CN111814201B (en) * | 2020-07-17 | 2023-09-22 | 中国工商银行股份有限公司 | Network target drone data recording method, device and system and electronic equipment |
| CN112906064A (en) * | 2020-07-31 | 2021-06-04 | 支付宝(杭州)信息技术有限公司 | Method and device for generating description information |
| CN112231767A (en) * | 2020-10-16 | 2021-01-15 | 海尔优家智能科技(北京)有限公司 | Request information processing method and device, storage medium and electronic device |
| CN112422290A (en) * | 2020-10-27 | 2021-02-26 | 中思博安科技(北京)有限公司 | Block chain-based data uplink method, device and system |
| CN112600673A (en) * | 2020-12-01 | 2021-04-02 | 杭州溪塔科技有限公司 | Block chain transaction uplink method and system |
| CN112583826A (en) * | 2020-12-10 | 2021-03-30 | 四川虹微技术有限公司 | Remote measurement method, monitoring method, device and system based on block chain |
| CN115021925A (en) * | 2021-02-18 | 2022-09-06 | 熵码科技股份有限公司 | Method for managing information of electronic device and control circuit |
| TWI807614B (en) * | 2021-02-18 | 2023-07-01 | 熵碼科技股份有限公司 | Method and control circuit for managing information of electronic device |
| US11893141B2 (en) | 2021-02-18 | 2024-02-06 | PUFsecurity Corporation | Method and control circuit for managing information of electronic device |
| CN112560073A (en) * | 2021-02-19 | 2021-03-26 | 支付宝(杭州)信息技术有限公司 | Method, device and system for verifying data source reliability |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111342963A (en) | Data uplink method, data storage method and device | |
| CN110245506B (en) | Intelligent contract management method and device based on block chain and electronic equipment | |
| CN110992027B (en) | Efficient transaction method and device for realizing privacy protection in block chain | |
| EP3859647A1 (en) | Blockchain transaction generation method and device | |
| CN111556007B (en) | Identity verification method, device and equipment based on block chain and storage medium | |
| CN110263544B (en) | Receipt storage method and node combining transaction type and judgment condition | |
| EP3961974B1 (en) | Block content editing methods and apparatuses | |
| CN110245942B (en) | Receipt storage method and node combining user type and judgment condition | |
| CN110264192B (en) | Receipt storage method and node based on transaction type | |
| CN110245947B (en) | Receipt storage method and node combining conditional restrictions of transaction and user types | |
| CN110690963B (en) | Key agreement method and device based on FPGA | |
| CN111523110A (en) | Permission query configuration method and device based on chain codes | |
| CN110716728B (en) | Credible updating method and device for FPGA (field programmable Gate array) logic | |
| CN110717203B (en) | Method and device for realizing privacy block chain based on FPGA | |
| CN112669147B (en) | Service request method and device based on block chain | |
| US9553729B2 (en) | Authentication method between a reader and a radio tag | |
| CN110716724B (en) | Method and device for realizing privacy block chain based on FPGA | |
| CN110750329A (en) | Method and device for realizing operation of virtual machine based on FPGA | |
| JP2017524306A (en) | Protection against malicious changes in cryptographic operations | |
| CN110738567B (en) | Transaction processing method and device of safe intelligent contract processor based on FPGA | |
| CN112990925B (en) | Asset certificate management method and device | |
| CN112927077B (en) | Method and device for realizing contract calling based on FPGA | |
| CN117155549A (en) | Key distribution method, key distribution device, computer equipment and storage medium | |
| CN110750303B (en) | Pipelined instruction reading method and device based on FPGA | |
| CN114866409B (en) | Password acceleration method and device based on password acceleration hardware |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200626 |
|
| RJ01 | Rejection of invention patent application after publication |