CN111447174A - Data encryption method based on block chain - Google Patents

Data encryption method based on block chain Download PDF

Info

Publication number
CN111447174A
CN111447174A CN202010101177.6A CN202010101177A CN111447174A CN 111447174 A CN111447174 A CN 111447174A CN 202010101177 A CN202010101177 A CN 202010101177A CN 111447174 A CN111447174 A CN 111447174A
Authority
CN
China
Prior art keywords
data
blockchain network
network node
hash value
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010101177.6A
Other languages
Chinese (zh)
Inventor
王剑
张辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Rongzer Information Technology Co Ltd
Original Assignee
Jiangsu Rongzer Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Rongzer Information Technology Co Ltd filed Critical Jiangsu Rongzer Information Technology Co Ltd
Priority to CN202010101177.6A priority Critical patent/CN111447174A/en
Publication of CN111447174A publication Critical patent/CN111447174A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/04Protocols for data compression, e.g. ROHC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Power Engineering (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention provides a data encryption method based on a block chain, which comprises the following steps: s1, encrypting the source data through the symmetric secret key to form encrypted data; s2, encrypting the symmetric key through the public key of the data owner to form a key ciphertext; s3, compressing the encrypted data, the key ciphertext and the signature command into a compressed data packet and uploading the compressed data packet to a server through a data gateway; s4, acquiring a first hash value of the first blockchain network node through a hash algorithm; s5, the server analyzes the compressed data packet to obtain data to be transmitted and a signature command; s6, acquiring a second hash value and using the second hash value as a public key of the second blockchain network node; s7, acquiring the time stamp by using a digital signature algorithm; s8, firstly confirming that the received data gateway is a second blockchain network node; s9, acquiring a second hash value through a hash algorithm; s10, through circulating the steps S7-S9, determining the blockchain network nodes step by step, generating an intelligent contract and uploading the intelligent contract to a server; has the advantage of good safety.

Description

Data encryption method based on block chain
Technical Field
The invention belongs to the technical field of data encryption, and particularly relates to a data encryption method based on a block chain.
Background
With the continuous progress of network technology, cloud storage services are widely applied. Through the cloud storage service, a user can conveniently store data to the remote server, in order to ensure the confidentiality of the data stored in the cloud, the data uploading terminal often encrypts the data, and the encrypted ciphertext is stored in the cloud server. However, in the conventional public key infrastructure, management and distribution of the keys of the whole network are realized in a centralized manner, such as a key management center, and if the security of the key center is attacked, a significant threat is caused to the security of the keys of the whole network and the security of encrypted data, so that the confidentiality of data stored in a cloud cannot be ensured.
Disclosure of Invention
The invention aims to provide a data encryption method based on a block chain, and the data encryption method is used for solving the problems that the existing key encryption mode has an unsatisfactory effect on widely used cloud storage services, and the safety cannot be guaranteed.
The invention provides the following technical scheme:
a data encryption method based on a block chain comprises the following steps: s1, encrypting the source data by the data owner through the symmetric secret key to form encrypted data; s2, encrypting the symmetric key through the public key of the data owner to form a key ciphertext; s3, compressing the encrypted data, the key ciphertext and the signature command into a compressed data packet and uploading the compressed data packet to a server through a data gateway; s4, taking the data gateway as a first blockchain network node, and obtaining a first hash value of the first blockchain network node through a hash algorithm; s5, the server analyzes the compressed data packet to obtain data to be transmitted and a signature command; s6, obtaining a second hash value by applying a hash algorithm to the first hash value and the private key of the first blockchain network node and using the second hash value as the public key of the second blockchain network node; s7, obtaining a time stamp by the signature command and a private key of the first blockchain network node through a digital signature algorithm; s8, each data gateway receives data to be transmitted from the server and compares the data with the timestamp, and the received data gateway is confirmed as a second block chain network node at first; s9, combining the private key of the second blockchain network node with the first hash value to obtain a second hash value through a hash algorithm; and S10, determining the blockchain network nodes step by looping the steps S7 to S9, generating an intelligent contract and uploading the intelligent contract to a server.
Furthermore, the number of the data gateways is plural and at least 6.
Furthermore, each data gateway is respectively provided with a graphics processor for improving the data processing capacity of the data gateway.
Further, the data gateway is diffused in a block chain network in a point-to-point mode.
Further, the contract-only also includes access control policies written by the data owner.
Further, the access control policy is generated based on an authorized access policy and an authorized access object of the encrypted data; wherein the authorized access policy includes at least one of a file path of access, a file list, an access time limit, and an access right validity.
The invention has the beneficial effects that:
the invention relates to a data encryption method based on a block chain, which is based on the characteristics of non-falsification, decentralization, data encryption and trust transfer of a block chain technology on the basis of a trusted network constructed by an intelligent contract.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a schematic flow diagram of the process of the present invention.
Detailed Description
As shown in fig. 1, a block chain-based data encryption method includes the following steps:
s1, encrypting the source data by the data owner through the symmetric secret key to form encrypted data;
s2, encrypting the symmetric key through the public key of the data owner to form a key ciphertext;
s3, compressing the encrypted data, the key ciphertext and the signature command into a compressed data packet and uploading the compressed data packet to a server through a data gateway;
s4, taking the data gateway as a first blockchain network node, and obtaining a first hash value of the first blockchain network node through a hash algorithm;
s5, the server analyzes the compressed data packet to obtain data to be transmitted and a signature command;
s6, obtaining a second hash value by applying a hash algorithm to the first hash value and the private key of the first blockchain network node and using the second hash value as the public key of the second blockchain network node;
s7, obtaining a time stamp by the signature command and a private key of the first blockchain network node through a digital signature algorithm;
s8, each data gateway receives data to be transmitted from the server and compares the data with the timestamp, and the received data gateway is confirmed as a second block chain network node at first;
s9, combining the private key of the second blockchain network node with the first hash value to obtain a second hash value through a hash algorithm;
and S10, determining the blockchain network nodes step by looping the steps S7 to S9, generating an intelligent contract and uploading the intelligent contract to a server.
Specifically, the number of the data gateways is plural and at least 6, each data gateway is provided with a graphics processor for improving the data processing capability of the data gateway, and the data gateways are diffused in the block chain network in a point-to-point mode.
Specifically, the contract only includes an access control policy written by the data owner, the access control policy being generated based on an authorized access policy and an authorized access object of the encrypted data; wherein the authorized access policy includes at least one of a file path of access, a file list, an access time limit, and an access right validity.
Although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (6)

1. A data encryption method based on a block chain is characterized by comprising the following steps:
s1, encrypting the source data by the data owner through the symmetric secret key to form encrypted data;
s2, encrypting the symmetric key through the public key of the data owner to form a key ciphertext;
s3, compressing the encrypted data, the key ciphertext and the signature command into a compressed data packet and uploading the compressed data packet to a server through a data gateway;
s4, taking the data gateway as a first blockchain network node, and obtaining a first hash value of the first blockchain network node through a hash algorithm;
s5, the server analyzes the compressed data packet to obtain data to be transmitted and a signature command;
s6, obtaining a second hash value by applying a hash algorithm to the first hash value and the private key of the first blockchain network node and using the second hash value as the public key of the second blockchain network node;
s7, obtaining a time stamp by the signature command and a private key of the first blockchain network node through a digital signature algorithm;
s8, each data gateway receives data to be transmitted from the server and compares the data with the timestamp, and the received data gateway is confirmed as a second block chain network node at first;
s9, combining the private key of the second blockchain network node with the first hash value to obtain a second hash value through a hash algorithm;
and S10, determining the blockchain network nodes step by looping the steps S7 to S9, generating an intelligent contract and uploading the intelligent contract to a server.
2. The blockchain-based data encryption method according to claim 1, wherein the number of the data gateways is plural and at least 6.
3. The blockchain-based data encryption method according to claim 2, wherein a graphics processor is respectively disposed on each data gateway for improving data processing capability of the data gateway.
4. The blockchain-based data encryption method of claim 3, wherein the data gateway is spread in the blockchain network in a point-to-point manner.
5. A blockchain-based data encryption method according to claim 1, wherein the contract-only further includes an access control policy written by a data owner.
6. The blockchain-based data encryption method according to claim 5, wherein the access control policy is generated based on an authorized access policy and an authorized access object of the encrypted data; wherein the authorized access policy includes at least one of a file path of access, a file list, an access time limit, and an access right validity.
CN202010101177.6A 2020-02-19 2020-02-19 Data encryption method based on block chain Pending CN111447174A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010101177.6A CN111447174A (en) 2020-02-19 2020-02-19 Data encryption method based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010101177.6A CN111447174A (en) 2020-02-19 2020-02-19 Data encryption method based on block chain

Publications (1)

Publication Number Publication Date
CN111447174A true CN111447174A (en) 2020-07-24

Family

ID=71650652

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010101177.6A Pending CN111447174A (en) 2020-02-19 2020-02-19 Data encryption method based on block chain

Country Status (1)

Country Link
CN (1) CN111447174A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112184441A (en) * 2020-09-29 2021-01-05 平安科技(深圳)有限公司 Data processing method, data processing device, node equipment and storage medium
CN113302612A (en) * 2020-11-25 2021-08-24 支付宝(杭州)信息技术有限公司 Trusted platform based on block chain

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160380937A1 (en) * 2015-06-24 2016-12-29 Private Giant Method and system for sender-controlled messaging and content sharing
CN109120639A (en) * 2018-09-26 2019-01-01 众安信息技术服务有限公司 A kind of data cloud storage encryption method and system based on block chain
CN109815748A (en) * 2019-01-24 2019-05-28 黄冈 A kind of centre data source method for monitoring based on block chain
CN110290094A (en) * 2018-03-19 2019-09-27 华为技术有限公司 A kind of control method and device of data access authority
CN110310176A (en) * 2019-06-26 2019-10-08 上海迪维欧电子设备有限公司 A kind of data ciphering method and device based on block chain network
CN110417556A (en) * 2019-07-02 2019-11-05 北京交通大学 Encryption and stamped signature verification method in block chain
WO2020002366A1 (en) * 2018-06-26 2020-01-02 Bityoga As Decentralised data management

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160380937A1 (en) * 2015-06-24 2016-12-29 Private Giant Method and system for sender-controlled messaging and content sharing
CN110290094A (en) * 2018-03-19 2019-09-27 华为技术有限公司 A kind of control method and device of data access authority
WO2020002366A1 (en) * 2018-06-26 2020-01-02 Bityoga As Decentralised data management
CN109120639A (en) * 2018-09-26 2019-01-01 众安信息技术服务有限公司 A kind of data cloud storage encryption method and system based on block chain
CN109815748A (en) * 2019-01-24 2019-05-28 黄冈 A kind of centre data source method for monitoring based on block chain
CN110310176A (en) * 2019-06-26 2019-10-08 上海迪维欧电子设备有限公司 A kind of data ciphering method and device based on block chain network
CN110417556A (en) * 2019-07-02 2019-11-05 北京交通大学 Encryption and stamped signature verification method in block chain

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112184441A (en) * 2020-09-29 2021-01-05 平安科技(深圳)有限公司 Data processing method, data processing device, node equipment and storage medium
CN112184441B (en) * 2020-09-29 2024-01-19 平安科技(深圳)有限公司 Data processing method, device, node equipment and storage medium
CN113302612A (en) * 2020-11-25 2021-08-24 支付宝(杭州)信息技术有限公司 Trusted platform based on block chain

Similar Documents

Publication Publication Date Title
Ma et al. Privacy-oriented blockchain-based distributed key management architecture for hierarchical access control in the IoT scenario
Jemel et al. Decentralized access control mechanism with temporal dimension based on blockchain
JP3816337B2 (en) Security methods for transmission in telecommunications networks
Khalid et al. A survey on privacy and access control schemes in fog computing
Badsha et al. Blocynfo-share: Blockchain based cybersecurity information sharing with fine grained access control
CN112487443A (en) Energy data fine-grained access control method based on block chain
US20050027979A1 (en) Secure transmission of data within a distributed computer system
Murugesan et al. Analysis on homomorphic technique for data security in fog computing
CN114944963B (en) Government affair data opening method and system
CN114036539A (en) Safety auditable Internet of things data sharing system and method based on block chain
CN113872760A (en) SM9 key infrastructure and security system
CN114024686A (en) Intelligent community Internet of things information sharing model based on block chain
CN111444268A (en) Data encryption method based on block chain
Xue et al. A blockchain based user subscription data management and access control scheme in mobile communication networks
US9762554B2 (en) Handling of performance monitoring data
CN111447174A (en) Data encryption method based on block chain
CN113434875A (en) Lightweight access method and system based on block chain
CN108833113A (en) A kind of authentication method and system of the enhancing communication security calculated based on mist
Deepika et al. A review on data privacy using attribute-based encryption
Youn et al. Authorized client‐side deduplication using CP‐ABE in cloud storage
Zhu et al. An edge re‐encryption‐based access control mechanism in NDN
GB2543359A (en) Methods and apparatus for secure communication
WO2023010688A1 (en) Key management method and apparatus
CN106790185B (en) CP-ABE-based method and device for safely accessing authority dynamic update centralized information
CN112906032B (en) File secure transmission method, system and medium based on CP-ABE and block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200724