CN111447174A - Data encryption method based on block chain - Google Patents
Data encryption method based on block chain Download PDFInfo
- Publication number
- CN111447174A CN111447174A CN202010101177.6A CN202010101177A CN111447174A CN 111447174 A CN111447174 A CN 111447174A CN 202010101177 A CN202010101177 A CN 202010101177A CN 111447174 A CN111447174 A CN 111447174A
- Authority
- CN
- China
- Prior art keywords
- data
- blockchain network
- network node
- hash value
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/04—Protocols for data compression, e.g. ROHC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Power Engineering (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a data encryption method based on a block chain, which comprises the following steps: s1, encrypting the source data through the symmetric secret key to form encrypted data; s2, encrypting the symmetric key through the public key of the data owner to form a key ciphertext; s3, compressing the encrypted data, the key ciphertext and the signature command into a compressed data packet and uploading the compressed data packet to a server through a data gateway; s4, acquiring a first hash value of the first blockchain network node through a hash algorithm; s5, the server analyzes the compressed data packet to obtain data to be transmitted and a signature command; s6, acquiring a second hash value and using the second hash value as a public key of the second blockchain network node; s7, acquiring the time stamp by using a digital signature algorithm; s8, firstly confirming that the received data gateway is a second blockchain network node; s9, acquiring a second hash value through a hash algorithm; s10, through circulating the steps S7-S9, determining the blockchain network nodes step by step, generating an intelligent contract and uploading the intelligent contract to a server; has the advantage of good safety.
Description
Technical Field
The invention belongs to the technical field of data encryption, and particularly relates to a data encryption method based on a block chain.
Background
With the continuous progress of network technology, cloud storage services are widely applied. Through the cloud storage service, a user can conveniently store data to the remote server, in order to ensure the confidentiality of the data stored in the cloud, the data uploading terminal often encrypts the data, and the encrypted ciphertext is stored in the cloud server. However, in the conventional public key infrastructure, management and distribution of the keys of the whole network are realized in a centralized manner, such as a key management center, and if the security of the key center is attacked, a significant threat is caused to the security of the keys of the whole network and the security of encrypted data, so that the confidentiality of data stored in a cloud cannot be ensured.
Disclosure of Invention
The invention aims to provide a data encryption method based on a block chain, and the data encryption method is used for solving the problems that the existing key encryption mode has an unsatisfactory effect on widely used cloud storage services, and the safety cannot be guaranteed.
The invention provides the following technical scheme:
a data encryption method based on a block chain comprises the following steps: s1, encrypting the source data by the data owner through the symmetric secret key to form encrypted data; s2, encrypting the symmetric key through the public key of the data owner to form a key ciphertext; s3, compressing the encrypted data, the key ciphertext and the signature command into a compressed data packet and uploading the compressed data packet to a server through a data gateway; s4, taking the data gateway as a first blockchain network node, and obtaining a first hash value of the first blockchain network node through a hash algorithm; s5, the server analyzes the compressed data packet to obtain data to be transmitted and a signature command; s6, obtaining a second hash value by applying a hash algorithm to the first hash value and the private key of the first blockchain network node and using the second hash value as the public key of the second blockchain network node; s7, obtaining a time stamp by the signature command and a private key of the first blockchain network node through a digital signature algorithm; s8, each data gateway receives data to be transmitted from the server and compares the data with the timestamp, and the received data gateway is confirmed as a second block chain network node at first; s9, combining the private key of the second blockchain network node with the first hash value to obtain a second hash value through a hash algorithm; and S10, determining the blockchain network nodes step by looping the steps S7 to S9, generating an intelligent contract and uploading the intelligent contract to a server.
Furthermore, the number of the data gateways is plural and at least 6.
Furthermore, each data gateway is respectively provided with a graphics processor for improving the data processing capacity of the data gateway.
Further, the data gateway is diffused in a block chain network in a point-to-point mode.
Further, the contract-only also includes access control policies written by the data owner.
Further, the access control policy is generated based on an authorized access policy and an authorized access object of the encrypted data; wherein the authorized access policy includes at least one of a file path of access, a file list, an access time limit, and an access right validity.
The invention has the beneficial effects that:
the invention relates to a data encryption method based on a block chain, which is based on the characteristics of non-falsification, decentralization, data encryption and trust transfer of a block chain technology on the basis of a trusted network constructed by an intelligent contract.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a schematic flow diagram of the process of the present invention.
Detailed Description
As shown in fig. 1, a block chain-based data encryption method includes the following steps:
s1, encrypting the source data by the data owner through the symmetric secret key to form encrypted data;
s2, encrypting the symmetric key through the public key of the data owner to form a key ciphertext;
s3, compressing the encrypted data, the key ciphertext and the signature command into a compressed data packet and uploading the compressed data packet to a server through a data gateway;
s4, taking the data gateway as a first blockchain network node, and obtaining a first hash value of the first blockchain network node through a hash algorithm;
s5, the server analyzes the compressed data packet to obtain data to be transmitted and a signature command;
s6, obtaining a second hash value by applying a hash algorithm to the first hash value and the private key of the first blockchain network node and using the second hash value as the public key of the second blockchain network node;
s7, obtaining a time stamp by the signature command and a private key of the first blockchain network node through a digital signature algorithm;
s8, each data gateway receives data to be transmitted from the server and compares the data with the timestamp, and the received data gateway is confirmed as a second block chain network node at first;
s9, combining the private key of the second blockchain network node with the first hash value to obtain a second hash value through a hash algorithm;
and S10, determining the blockchain network nodes step by looping the steps S7 to S9, generating an intelligent contract and uploading the intelligent contract to a server.
Specifically, the number of the data gateways is plural and at least 6, each data gateway is provided with a graphics processor for improving the data processing capability of the data gateway, and the data gateways are diffused in the block chain network in a point-to-point mode.
Specifically, the contract only includes an access control policy written by the data owner, the access control policy being generated based on an authorized access policy and an authorized access object of the encrypted data; wherein the authorized access policy includes at least one of a file path of access, a file list, an access time limit, and an access right validity.
Although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (6)
1. A data encryption method based on a block chain is characterized by comprising the following steps:
s1, encrypting the source data by the data owner through the symmetric secret key to form encrypted data;
s2, encrypting the symmetric key through the public key of the data owner to form a key ciphertext;
s3, compressing the encrypted data, the key ciphertext and the signature command into a compressed data packet and uploading the compressed data packet to a server through a data gateway;
s4, taking the data gateway as a first blockchain network node, and obtaining a first hash value of the first blockchain network node through a hash algorithm;
s5, the server analyzes the compressed data packet to obtain data to be transmitted and a signature command;
s6, obtaining a second hash value by applying a hash algorithm to the first hash value and the private key of the first blockchain network node and using the second hash value as the public key of the second blockchain network node;
s7, obtaining a time stamp by the signature command and a private key of the first blockchain network node through a digital signature algorithm;
s8, each data gateway receives data to be transmitted from the server and compares the data with the timestamp, and the received data gateway is confirmed as a second block chain network node at first;
s9, combining the private key of the second blockchain network node with the first hash value to obtain a second hash value through a hash algorithm;
and S10, determining the blockchain network nodes step by looping the steps S7 to S9, generating an intelligent contract and uploading the intelligent contract to a server.
2. The blockchain-based data encryption method according to claim 1, wherein the number of the data gateways is plural and at least 6.
3. The blockchain-based data encryption method according to claim 2, wherein a graphics processor is respectively disposed on each data gateway for improving data processing capability of the data gateway.
4. The blockchain-based data encryption method of claim 3, wherein the data gateway is spread in the blockchain network in a point-to-point manner.
5. A blockchain-based data encryption method according to claim 1, wherein the contract-only further includes an access control policy written by a data owner.
6. The blockchain-based data encryption method according to claim 5, wherein the access control policy is generated based on an authorized access policy and an authorized access object of the encrypted data; wherein the authorized access policy includes at least one of a file path of access, a file list, an access time limit, and an access right validity.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010101177.6A CN111447174A (en) | 2020-02-19 | 2020-02-19 | Data encryption method based on block chain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010101177.6A CN111447174A (en) | 2020-02-19 | 2020-02-19 | Data encryption method based on block chain |
Publications (1)
Publication Number | Publication Date |
---|---|
CN111447174A true CN111447174A (en) | 2020-07-24 |
Family
ID=71650652
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010101177.6A Pending CN111447174A (en) | 2020-02-19 | 2020-02-19 | Data encryption method based on block chain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111447174A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112184441A (en) * | 2020-09-29 | 2021-01-05 | 平安科技(深圳)有限公司 | Data processing method, data processing device, node equipment and storage medium |
CN113302612A (en) * | 2020-11-25 | 2021-08-24 | 支付宝(杭州)信息技术有限公司 | Trusted platform based on block chain |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160380937A1 (en) * | 2015-06-24 | 2016-12-29 | Private Giant | Method and system for sender-controlled messaging and content sharing |
CN109120639A (en) * | 2018-09-26 | 2019-01-01 | 众安信息技术服务有限公司 | A kind of data cloud storage encryption method and system based on block chain |
CN109815748A (en) * | 2019-01-24 | 2019-05-28 | 黄冈 | A kind of centre data source method for monitoring based on block chain |
CN110290094A (en) * | 2018-03-19 | 2019-09-27 | 华为技术有限公司 | A kind of control method and device of data access authority |
CN110310176A (en) * | 2019-06-26 | 2019-10-08 | 上海迪维欧电子设备有限公司 | A kind of data ciphering method and device based on block chain network |
CN110417556A (en) * | 2019-07-02 | 2019-11-05 | 北京交通大学 | Encryption and stamped signature verification method in block chain |
WO2020002366A1 (en) * | 2018-06-26 | 2020-01-02 | Bityoga As | Decentralised data management |
-
2020
- 2020-02-19 CN CN202010101177.6A patent/CN111447174A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160380937A1 (en) * | 2015-06-24 | 2016-12-29 | Private Giant | Method and system for sender-controlled messaging and content sharing |
CN110290094A (en) * | 2018-03-19 | 2019-09-27 | 华为技术有限公司 | A kind of control method and device of data access authority |
WO2020002366A1 (en) * | 2018-06-26 | 2020-01-02 | Bityoga As | Decentralised data management |
CN109120639A (en) * | 2018-09-26 | 2019-01-01 | 众安信息技术服务有限公司 | A kind of data cloud storage encryption method and system based on block chain |
CN109815748A (en) * | 2019-01-24 | 2019-05-28 | 黄冈 | A kind of centre data source method for monitoring based on block chain |
CN110310176A (en) * | 2019-06-26 | 2019-10-08 | 上海迪维欧电子设备有限公司 | A kind of data ciphering method and device based on block chain network |
CN110417556A (en) * | 2019-07-02 | 2019-11-05 | 北京交通大学 | Encryption and stamped signature verification method in block chain |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112184441A (en) * | 2020-09-29 | 2021-01-05 | 平安科技(深圳)有限公司 | Data processing method, data processing device, node equipment and storage medium |
CN112184441B (en) * | 2020-09-29 | 2024-01-19 | 平安科技(深圳)有限公司 | Data processing method, device, node equipment and storage medium |
CN113302612A (en) * | 2020-11-25 | 2021-08-24 | 支付宝(杭州)信息技术有限公司 | Trusted platform based on block chain |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Ma et al. | Privacy-oriented blockchain-based distributed key management architecture for hierarchical access control in the IoT scenario | |
Jemel et al. | Decentralized access control mechanism with temporal dimension based on blockchain | |
JP3816337B2 (en) | Security methods for transmission in telecommunications networks | |
Khalid et al. | A survey on privacy and access control schemes in fog computing | |
Badsha et al. | Blocynfo-share: Blockchain based cybersecurity information sharing with fine grained access control | |
CN112487443A (en) | Energy data fine-grained access control method based on block chain | |
US20050027979A1 (en) | Secure transmission of data within a distributed computer system | |
Murugesan et al. | Analysis on homomorphic technique for data security in fog computing | |
CN114944963B (en) | Government affair data opening method and system | |
CN114036539A (en) | Safety auditable Internet of things data sharing system and method based on block chain | |
CN113872760A (en) | SM9 key infrastructure and security system | |
CN114024686A (en) | Intelligent community Internet of things information sharing model based on block chain | |
CN111444268A (en) | Data encryption method based on block chain | |
Xue et al. | A blockchain based user subscription data management and access control scheme in mobile communication networks | |
US9762554B2 (en) | Handling of performance monitoring data | |
CN111447174A (en) | Data encryption method based on block chain | |
CN113434875A (en) | Lightweight access method and system based on block chain | |
CN108833113A (en) | A kind of authentication method and system of the enhancing communication security calculated based on mist | |
Deepika et al. | A review on data privacy using attribute-based encryption | |
Youn et al. | Authorized client‐side deduplication using CP‐ABE in cloud storage | |
Zhu et al. | An edge re‐encryption‐based access control mechanism in NDN | |
GB2543359A (en) | Methods and apparatus for secure communication | |
WO2023010688A1 (en) | Key management method and apparatus | |
CN106790185B (en) | CP-ABE-based method and device for safely accessing authority dynamic update centralized information | |
CN112906032B (en) | File secure transmission method, system and medium based on CP-ABE and block chain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200724 |