CN111478764A - Data processing method, node and storage medium in block chain network - Google Patents
Data processing method, node and storage medium in block chain network Download PDFInfo
- Publication number
- CN111478764A CN111478764A CN201910067249.7A CN201910067249A CN111478764A CN 111478764 A CN111478764 A CN 111478764A CN 201910067249 A CN201910067249 A CN 201910067249A CN 111478764 A CN111478764 A CN 111478764A
- Authority
- CN
- China
- Prior art keywords
- data
- ciphertext
- storage
- transaction
- consensus
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
Abstract
The invention provides a data processing method, a node and a storage medium in a block chain network, wherein the method comprises the following steps: receiving a processing transaction aiming at ciphertext data, wherein the processing transaction indicates that target operation is carried out on the ciphertext data, and the ciphertext data is obtained by encrypting plaintext data based on a preset encryption mode; executing the processing transaction and performing consensus on transaction results to obtain consensus results, wherein the consensus results comprise target operation results of the ciphertext data; and returning the consensus result to decrypt the target operation result to obtain target data, wherein the target data is the same as the result obtained by performing the target operation on the plaintext data.
Description
Technical Field
The present invention relates to communications technologies, and in particular, to a data processing method, a node, and a storage medium in a block chain network.
Background
In the related art, storage data is encrypted and then stored in the blockchain network, however, in some cases, a user needs to process the stored data (for example, process a stored image), in this case, the user needs to first obtain the stored encrypted data from the blockchain network, decrypt the encrypted data, and then process the decrypted data, so that the operation is cumbersome and the data security is also reduced.
Disclosure of Invention
Embodiments of the present invention provide a data processing method, a node, and a storage medium in a block chain network, which can implement data processing on stored ciphertext data instead of data processing on corresponding plaintext data, and improve data security.
The technical scheme of the embodiment of the invention is realized as follows:
in a first aspect, an embodiment of the present invention provides a data processing method in a blockchain network, where the method includes:
receiving a processing transaction aiming at ciphertext data, wherein the processing transaction indicates that target operation is carried out on the ciphertext data, and the ciphertext data is obtained by encrypting plaintext data based on a preset encryption mode;
executing the processing transaction and performing consensus on transaction results to obtain consensus results, wherein the consensus results comprise target operation results of the ciphertext data;
and returning the consensus result to decrypt the target operation result to obtain target data, wherein the target data is the same as the result obtained by performing the target operation on the plaintext data.
In the foregoing solution, before receiving a transaction to be processed for ciphertext data, the method further includes:
receiving a storage transaction for the ciphertext data, the storage transaction instructing storage of the ciphertext data to at least one node of the blockchain network;
executing the stored transaction and consensus on the transaction results;
and updating the account book of the block chain network to record the storage information of the ciphertext data to the blocks of the block chain network.
In the above scheme, before receiving the storage transaction for the ciphertext data, the method further includes:
receiving a query request, wherein the query request is used for querying storage nodes capable of providing data storage space in the blockchain network;
inquiring storage node information capable of providing a data storage space according to the storage information recorded in the account book of the block chain network;
and returning the storage node information obtained by query, so that the storage node for storing the ciphertext data is selected based on the storage node information.
In the above scheme, the method further comprises:
receiving a data query request carrying a ciphertext keyword, wherein the ciphertext keyword is obtained by encrypting a plaintext keyword of the target plaintext data;
acquiring a first mapping relation table storing the corresponding relation between the ciphertext keywords and the ciphertext data;
and returning a corresponding data query result based on the ciphertext keyword and the first mapping relation table.
In the above scheme, the method further comprises:
receiving a data query request carrying a hash value, wherein the hash value is obtained by performing hash operation on a plaintext keyword of the target plaintext data and a serial result of a query code;
acquiring a second mapping relation table storing the corresponding relation between the hash value and the ciphertext data;
and returning a corresponding data query result based on the hash value and the second mapping relation table.
In the above scheme, the encryption mode is an encryption mode based on a Simple encryption algorithm function library (SEA L, Simple encrypt algorithm L ibrary);
the target operation comprises at least one of: addition, multiplication, subtraction, division.
In a second aspect, an embodiment of the present invention further provides a node in a blockchain network, where the node includes:
the system comprises a receiving unit, a processing unit and a processing unit, wherein the receiving unit is used for receiving a processing transaction aiming at ciphertext data, the processing transaction indicates that target operation is carried out on the ciphertext data, and the ciphertext data is obtained by encrypting plaintext data based on a preset encryption mode;
the consensus unit is used for executing the processing transaction and performing consensus on a transaction result to obtain a consensus result, wherein the consensus result comprises a target operation result of the ciphertext data;
and the sending unit is used for returning the consensus result so as to decrypt the target operation result to obtain target data, and the target data is the same as the result obtained by performing the target operation on the plaintext data.
In the foregoing solution, the receiving unit is further configured to receive a storage transaction for the ciphertext data, where the storage transaction indicates to store the ciphertext data to at least one node of the blockchain network;
the consensus unit is also used for executing the storage transaction and performing consensus on the transaction result;
and updating the account book of the block chain network to record the storage information of the ciphertext data to the blocks of the block chain network.
In the foregoing solution, the receiving unit is further configured to receive an inquiry request, where the inquiry request is used to inquire a storage node capable of providing a data storage space in the blockchain network;
the consensus unit is further configured to query, according to storage information recorded in an account book of the block chain network, storage node information capable of providing a data storage space;
the sending unit is further configured to return the storage node information obtained through the query, so that the storage node storing the ciphertext data is selected based on the storage node information.
In the above scheme, the receiving unit is further configured to receive a data query request carrying a ciphertext keyword, where the ciphertext keyword is obtained by encrypting a plaintext keyword of the target plaintext data;
the consensus unit is further used for acquiring a first mapping relation table which stores the corresponding relation between the ciphertext keywords and the ciphertext data;
and the sending unit is further configured to return a corresponding data query result based on the ciphertext keyword and the first mapping relation table.
In the above scheme, the receiving unit is further configured to receive a data query request carrying a hash value, where the hash value is obtained by performing a hash operation on a plaintext keyword of the target plaintext data and a serial result of the query code;
the consensus unit is further used for acquiring a second mapping relation table storing the corresponding relation between the hash value and the ciphertext data;
and the sending unit is further configured to return a corresponding data query result based on the hash value and the second mapping relation table.
In the above scheme, the encryption mode is an encryption mode based on SEA L;
the target operation comprises at least one of: addition, multiplication, subtraction, division.
In a third aspect, an embodiment of the present invention provides a node in a blockchain network, where the node includes:
a memory for storing executable instructions;
and the processor is used for implementing the data processing method in the block chain network provided by the embodiment of the invention when the executable instructions stored in the memory are executed.
In a fourth aspect, an embodiment of the present invention provides a storage medium, which stores executable instructions for causing a processor to implement the data processing method in the blockchain network provided in the embodiment of the present invention when the processor executes the executable instructions.
By applying the data processing method, the node and the storage medium in the block chain network provided by the embodiment of the invention, the block chain network receives a processing transaction aiming at ciphertext data, the processing transaction indicates to perform target operation on the ciphertext data, and the ciphertext data is obtained by encrypting plaintext data based on a preset encryption mode; executing the processing transaction and performing consensus on transaction results to obtain consensus results, wherein the consensus results comprise target operation results of the ciphertext data; and returning the consensus result to decrypt the target operation result to obtain target data, wherein the target data is the same as the result obtained by performing the target operation on the plaintext data. Therefore, when a user needs to perform data processing, the complex process of acquiring encrypted data from the block chain, decrypting the encrypted data, performing data processing, encrypting the processed data and then storing the encrypted data in the block chain network does not need to be performed, the encrypted data in the block chain is directly processed, the process of performing data processing by the user is greatly simplified, the user experience is improved, meanwhile, the encrypted data are directly operated, plaintext data are not exposed, leakage of data information is avoided, and the safety of the data is improved.
Drawings
Fig. 1 is a schematic functional architecture diagram of a block chain network according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of an organization of a blockchain network according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a node according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of a data processing method in a blockchain network according to an embodiment of the present invention;
fig. 5 is a schematic flowchart of data storage in a blockchain network according to an embodiment of the present invention;
fig. 6 is a flowchart illustrating a data processing method in a blockchain network according to an embodiment of the present invention;
fig. 7 is a schematic diagram illustrating a data processing principle in a blockchain network according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of a node in a block chain network according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be further described in detail with reference to the accompanying drawings, the described embodiments should not be construed as limiting the present invention, and all other embodiments obtained by a person of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used herein is for the purpose of describing embodiments of the invention only and is not intended to be limiting of the invention.
In the following description, reference is made to "some embodiments" which describe a subset of all possible embodiments, but it is understood that "some embodiments" may be the same subset or different subsets of all possible embodiments, and may be combined with each other without conflict.
It should be noted that the terms "first", "second", and the like in the embodiments of the present invention are used for distinguishing similar objects and not for representing a specific ordering of the objects, and it should be understood that "first", "second", and the like may be interchanged with one another in a specific order or sequence, where possible, to enable the embodiments of the present invention described herein to be performed in an order other than that illustrated or described herein.
Before further detailed description of the embodiments of the present invention, terms and expressions mentioned in the embodiments of the present invention are explained, and the terms and expressions mentioned in the embodiments of the present invention are applied to the following explanations.
1) Transactions (transactions), equivalent to the computer term "Transaction," does not refer solely to transactions in the business context, and embodiments of the present invention follow this convention in view of the convention in blockchain technology that colloquially uses the term "Transaction. In a blockchain network employing an account-based model, transactions include three different transaction types: deployment (deployment), invocation (Invoke) and Query (Query). The deployment transaction is used for installing a specified chain code to a node of the blockchain network, and the call and query type transaction is used for calling the chain code of the deployment number so as to realize the operation of relevant data of a target account in the ledger, wherein the operation of adding, deleting, checking and changing modifies the data in the form of Key-Value pairs in the account, or adds a new account in the ledger.
2) A Block (Block) recording a data structure of the ledger data updated by the exchange within a period of time, marked with a timestamp and a unique mark (e.g. a digital fingerprint) of a previous Block, and after the Block is subjected to consensus verification by nodes in the Block chain network, the Block is appended to the end of the Block chain to become a new Block.
3) Block chains (Block chains), a chain of data structures composed of blocks in a sequentially contiguous manner, each Block having a hash value of the previous Block or a subset thereof referenced therein, to cryptographically secure the recorded transaction against tampering and forgery.
4) A blockchain network incorporates new blocks into a set of centerless nodes of the blockchain in a consensus manner.
5) Consensus (Consensus), a process in a blockchain network, is used to agree on the transaction results among the nodes involved, and the mechanisms for achieving Consensus include Proof of workload (PoW), Proof of rights and interests (PoS, Proof of approval of stamp), Proof of share authorization (DPoS), Proof of Elapsed Time (PoET, Proof of Elapsed Time), and so on.
For example, in a blockchain system, a node verifies the validity of a new block submitted by other nodes, and if the verification is successful, an acknowledgement is sent to the node sending the new block, and the new block is added to the tail of a blockchain stored by the corresponding node.
6) Homomorphic encryption, an encryption method, processes homomorphic encrypted data to obtain an output, decrypts the output, and the result is the same as the output result obtained by processing unencrypted original data by the same method.
Homomorphic encryption comprises four types, namely addition homomorphism, multiplication homomorphism, subtraction homomorphism and division homomorphism; the simultaneous satisfaction of the addition homomorphism and the multiplication homomorphism is an algebraic homomorphism, and the simultaneous satisfaction of four homomorphism is called arithmetic homomorphism.
An exemplary functional architecture of a block chain network for implementing the embodiment of the present invention is described below, and referring to fig. 1, fig. 1 is a schematic functional architecture diagram of a block chain network provided in the embodiment of the present invention, which includes an application layer 101, a consensus layer 102, a network layer 103, a data layer 104, and a resource layer 105, which are described below respectively.
The resource layer 105 encapsulates various available computing and storage resources, such as those in computers, servers/clusters, and clouds, abstracts and provides a uniform interface to the data layer 104 to mask the variability of the underlying hardware implementing the resource layer 105.
The computing resources include various forms of processors such as a Central Processing Unit (CPU), an Application Specific Integrated Circuit (ASIC), and a Field-Programmable Gate Array (FPGA).
The storage resources include various types of storage media such as various volatile memories and nonvolatile memories. The nonvolatile Memory may be a Read Only Memory (ROM) or a Programmable Read-Only Memory (PROM). Volatile Memory can be Random Access Memory (RAM), which acts as external cache Memory.
The computing resources and storage resources of the resource layer 105 may be mapped to various types of nodes in a blockchain network, and the storage medium implementing an embodiment of the present invention stores executable instructions for implementing the blockchain network deployment method of an embodiment of the present invention, and once the executable instructions deployed to the nodes are executed, the underlying resources (e.g., various types of processors) implementing the nodes will implement the deployment of various types of nodes in the blockchain network and perform the functions of the various types of nodes, thereby implementing ledgers for transactions in business processes and various applications based on the ledgers.
By way of example, executable instructions may be written in any form of programming language, including compiled or interpreted languages, or declarative or procedural languages, in the form of software (including system programs and applications), software modules, scripts, plug-ins, and the like, and may be deployed in any form, including as a stand-alone program or as a module, component, or other unit suitable for use in a computing environment.
Data layer 104 encapsulates various data structures that implement the ledger, including ledger data implemented in a file system, ledger state and presence proofs implemented in a database form.
Network layer 103 encapsulates point-to-point (P2P) network protocols, data propagation and verification mechanisms, access and authentication mechanisms, and service agent identities. The P2P network protocol realizes communication among nodes in the blockchain network, a data propagation mechanism ensures the propagation of transaction/transaction results in the blockchain network, and a data verification mechanism is used for realizing the reliability of data transmission among the nodes based on an encryption method (such as a digital certificate, a digital signature and a public/private key pair); the access and authentication mechanism is used for managing the access and authentication of the terminal based on the identity of the service subject.
The consensus layer 102 encapsulates mechanisms for achieving consistency of transaction results propagated in the block chain, including POS, POW, DPOS, etc., and supports pluggable consensus mechanisms.
The application layer 101 encapsulates various services that the blockchain network can implement, including transaction settlement, tracing, and evidence storage.
An exemplary organization architecture of a blockchain network implementing an embodiment of the present invention is described below, referring to fig. 2, fig. 2 is a schematic organization architecture diagram of a blockchain network provided by an embodiment of the present invention, and includes at least two consensus nodes 110, and fig. 2 only shows a consensus node 110-1 and a consensus node 110-2 as an example; the consensus node 110-1 and the consensus node 110-2 are correspondingly deployed for the roles implemented in the service by two different service entities participating in the service. The blockchain network 100 responds to transactions submitted by the terminal 300 from the business entity to update the ledger or to query the ledger and displays various intermediate or final results in the user interface 310 of the terminal 300.
Next, a node in a blockchain network provided by an embodiment of the present invention is described, where the node may be one or more servers, and according to the structure of the node, other exemplary structures of the node may be foreseen, so that the structure described herein should not be considered as a limitation, for example, some components described below may be omitted, or components not described below may be added to adapt to special needs of some application scenarios. Fig. 3 is a schematic diagram of a structure of a node provided in an embodiment of the present invention, and referring to fig. 3, the node provided in the embodiment of the present invention includes: at least one processor 210, memory 240, at least one network interface 220, and a user interface 230. The various components in a node are coupled together by a bus system 250. It will be appreciated that the bus system 250 is used to enable communications among the components. The bus system 250 includes a power bus, a control bus, and a status signal bus in addition to a data bus. For clarity of illustration, however, the various buses are labeled as bus system 250 in fig. 3.
The user interface 230 may include a display, keyboard, mouse, trackball, click wheel, keys, buttons, touch pad or touch screen, etc.
The memory 240 may be either volatile memory or nonvolatile memory, and may include both volatile and nonvolatile memory. Among them, the nonvolatile Memory may be a Read Only Memory (ROM), a Programmable Read Only Memory (PROM), an Erasable Programmable Read Only Memory (EPROM), a Flash Memory (Flash Memory), and the like. Volatile Memory can be Random Access Memory (RAM), which acts as external cache Memory.
The Processor 210 may be an integrated circuit chip having Signal processing capabilities, such as a general purpose Processor, a Digital Signal Processor (DSP), or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, or the like, wherein the general purpose Processor may be a microprocessor or any conventional Processor, or the like.
Next, a data processing method in a blockchain network according to an embodiment of the present invention will be described. Fig. 4 is a schematic flowchart of a data processing method in a block chain network according to an embodiment of the present invention, and referring to fig. 4, the data processing method in the block chain network according to the embodiment of the present invention includes:
step 301: the block chain network receives a processing transaction aiming at ciphertext data, the processing transaction indicates that target operation is carried out on the ciphertext data, and the ciphertext data is obtained by encrypting plaintext data based on a preset encryption mode.
Here, in practical applications, the block chain network may be a private chain, a public chain, or a federation chain, where ciphertext data of a user is stored in the block chain network, and specifically, when the user needs to store data in the block chain network, the user terminal encrypts plaintext data to be stored, and then stores the ciphertext data obtained by encryption to the block chain network, and the encryption method is used to enable a result obtained by processing the ciphertext data to be the same as a result obtained by processing the plaintext data and then encrypting the plaintext data by using the encryption method.
In one embodiment, the block chain network may implement storage of the ciphertext data as follows:
the block chain network receives a storage transaction aiming at the ciphertext data submitted by a user terminal, wherein the storage transaction indicates that the ciphertext data is stored to at least one node of the block chain network; and the blockchain network executes the storage transaction, identifies the transaction result, and updates an account book of the blockchain network so as to record the storage information of the ciphertext data to the blocks of the blockchain network. In one embodiment, to encourage user participation, the consensus mechanism employed may be PoS.
In an embodiment, after receiving the query request, the blockchain network queries storage node information capable of providing the data storage space according to storage information recorded in an account book of the blockchain network, and returns the queried storage node information, so that the user terminal selects the storage node for storing the ciphertext data based on the storage node information.
Exemplarily, fig. 5 is a schematic flowchart of a data storage process in a blockchain network according to an embodiment of the present invention, and referring to fig. 5, the data storage process in the blockchain network according to the embodiment of the present invention includes:
and (1) the user terminal inquires the storable space from the block chain network.
In actual implementation, the user terminal sends a query request of the storage node to the blockchain network so as to query the storage node capable of storing the ciphertext data.
And (2) returning the storage node information capable of storing the ciphertext data by the block chain network.
In actual implementation, after receiving an inquiry request sent by a user terminal, a node in a block chain network inquires available data storage nodes based on data storage records in a block, and returns available storage node information to the user terminal.
And (3) storing the ciphertext data.
In actual implementation, the user terminal selects a target storage node for storing the ciphertext data based on the storage node information returned by the blockchain network, submits storage transaction aiming at the ciphertext data to the blockchain network, and the nodes in the blockchain network execute the storage transaction and carry out consensus on transaction results so as to realize storage of the ciphertext data.
And (4) recording the storage information.
In actual implementation, after completing the above consensus based on the storage transaction submitted by the user terminal, the blockchain network updates the ledger of the blockchain network to record the storage information (storage location, storage time, data size, etc.) of the ciphertext data to the blocks of the blockchain network.
By adopting the data storage mode in the block chain network, the distributed encrypted storage of the user plaintext data in the block chain network is realized, the distributed storage of the data is realized on the premise of ensuring the data security, the storage spaces of different nodes are fully utilized, and the data access efficiency is improved.
In an embodiment, the encryption method used by the user terminal for the plaintext data encryption lock may be a homomorphic encryption method, such as SEA L based on BFV and CKKS.
Compared with a common encryption algorithm, the homomorphic encryption can realize various calculation functions among ciphertexts besides basic encryption operation, namely calculation first and decryption second can be equivalent to calculation first and decryption second. By utilizing the homomorphic encryption technology, a plurality of ciphertexts can be decrypted after being calculated, and the high calculation cost caused by decryption of each cipher text is not needed; the homomorphic encryption technology can be used for realizing the calculation of a cipher text by a non-key party, and the calculation of the cipher text does not need to pass through a key party, thereby not only reducing the communication cost, but also transferring the calculation task, and balancing the calculation cost of each party; by using the homomorphic encryption technology, the decryption party can only obtain the final result but cannot obtain the message of each ciphertext, and the safety of the information can be improved.
In essence, homomorphic encryption refers to an encryption function that performs a ring addition and multiplication operation on a plaintext for re-encryption, and performs a corresponding operation on a ciphertext after encryption, and the result is equivalent.
1) If f (a) + f (B) ═ f (a + B) is satisfied, this encryption function is called additive homomorphism;
2) if f (a) × f (B) ═ f (a × B) f (a) × f (B) ═ f (a × B) is satisfied, this cryptographic function is called a multiplicative homomorphism;
if an encryption function f only satisfies the addition homomorphism, only addition and subtraction operation can be carried out;
if an encryption function f only satisfies the multiplication homomorphism, only multiplication and division operation can be carried out;
if an encryption function satisfies both the addition homomorphism and the multiplication homomorphism, which is called fully homomorphic encryption, various encrypted operations can be completed by using the encryption function, such as: addition, subtraction, multiplication, division, polynomial evaluation, exponents, logarithms, trigonometric functions, and the like.
In practical applications, when a user needs to process ciphertext data stored in the blockchain network, a processing transaction for the ciphertext data is submitted to the blockchain network, where the processing transaction indicates a processing manner (which may be represented by a function f (-) in an embodiment) for the ciphertext data, that is, a target operation to be performed on the ciphertext data, where the target operation mentioned here may be at least one of the following operations: addition, multiplication, subtraction, division.
Step 302: and the block chain network executes the processing transaction and performs consensus on the transaction result to obtain a consensus result, wherein the consensus result comprises a target operation result of the ciphertext data.
In actual implementation, after receiving a processing transaction for ciphertext data submitted by a user terminal, a node in the block chain network packages the processing transaction to form a block, and performs consensus on the formed block, specifically, a consensus node in the block chain network performs the processing transaction and performs consensus on a transaction result to obtain a consensus result, where the consensus result includes a target operation result after target operation is performed on the ciphertext data.
Step 303: and returning the consensus result to decrypt a target operation result to obtain target data, wherein the target data is the same as the result obtained by performing the target operation on the plaintext data.
In practical application, after completing the target operation on the ciphertext data (i.e. implementing the function f (-) based on the processing transaction submitted by the user terminal), the blockchain network returns the corresponding target operation result to the user terminal in the form of the consensus result, the user terminal decrypts the target operation result in the corresponding decryption mode to obtain the target data, and the obtained target data is the same as the result obtained by directly implementing the function f (-) on the plaintext data.
Taking plaintext data stored by a user as an enterprise database as an example: assuming that the user wishes to find the median of all employee salaries, which requires a trusted individual or team to obtain the employee's salary details, which may violate privacy, however, using homomorphic encryption, the number can be extracted and the median derived without decrypting the data, exposing the individual salary, and once processed and decrypted, only the final number can be seen.
In practical applications, the blockchain network can also implement encrypted search of a user on encrypted data, in an embodiment, a mapping relation table between ciphertext keywords and encrypted data is stored in the blockchain network, that is, the user stores ciphertext data corresponding to plaintext data into the blockchain network, and simultaneously encrypts and transmits keyword(s) of the plaintext data to the blockchain network, so that the block chain network establishes the corresponding relationship between the ciphertext keyword and the ciphertext data to form a first mapping relationship table, when the block chain network receives a data query request carrying a ciphertext keyword, a first mapping relation table storing the corresponding relation between the ciphertext keyword and ciphertext data is obtained, and a corresponding data query result is returned to the user terminal based on the ciphertext keyword and the first mapping relation table, so that the user terminal obtains plaintext data to be queried after decryption.
In an embodiment, the user terminal stores ciphertext data corresponding to plaintext data in the blockchain network, connects plaintext keywords of target plaintext data in series with a preset query code (such as an alphanumeric combination), performs hash calculation on a series result, uses a hash operation result as a key, uses ciphertext data obtained by encrypting the plaintext data corresponding to the plaintext keywords as a value, establishes a second mapping relation table storing a mapping relation between the key and the value (i.e., a corresponding relation between a hash value and the ciphertext data), and stores the second mapping relation table in the blockchain network. When the block chain network receives a data query request carrying a hash value, a second mapping relation table storing the corresponding relation between the hash value and ciphertext data is obtained, and a corresponding data query result is returned based on the hash value carried by the data query request and the second mapping relation table, so that the user terminal obtains plaintext data to be queried after decryption.
Fig. 6 is a flowchart illustrating a data processing method in a blockchain network according to an embodiment of the present invention,
fig. 7 is a schematic diagram of a data processing principle in a block chain network according to an embodiment of the present invention, and with reference to fig. 6 and 7, a data processing method in the block chain network according to the embodiment of the present invention includes:
step 401: and the user terminal encrypts plaintext data in a homomorphic encryption mode to obtain ciphertext data.
In some embodiments, the homomorphic encryption method used may be SEA L based on BFV and CKKS, see fig. 7, and the user terminal encrypts the plaintext data (data) with the private key sk according to the homomorphic encryption method of SEA L to obtain ciphertext data C, C ═ Encrypt (sk, data).
Step 402: and the user terminal sends a storage transaction aiming at the ciphertext data to the blockchain network, and the storage transaction indicates to store the ciphertext data to a target storage node in the blockchain network.
Here, in actual implementation, the user terminal may perform query on nodes of a blockchain that can be used for data storage in advance, specifically, the user terminal sends a query request to the blockchain network to query storage nodes that can provide a data storage space in the blockchain network, and after the blockchain network receives the query request, the blockchain network queries storage node information that can provide the data storage space according to storage information recorded in an account book of the blockchain network and returns the queried storage node information, so that the user terminal selects a target storage node(s) that stores ciphertext data based on the storage node information.
Step 403: the blockchain network stores the ciphertext data to the target storage node based on the received storage transaction.
In actual implementation, a node of the blockchain network packages a received storage transaction into a block, implements execution of the storage transaction (i.e., storage of ciphertext data) and consensus on a transaction result in a process of consensus on the block, and updates an account book of the blockchain network to record storage information of the ciphertext data to the block of the blockchain network. In practical applications, to encourage user participation, the consensus mechanism employed may be PoS.
Step 404: and the user terminal sends a processing transaction aiming at the ciphertext data to the block chain network, and the processing transaction indicates to carry out target operation on the ciphertext data.
Here, when the user needs to perform the target operation on the ciphertext data, the processing mode of the ciphertext is sent to the blockchain network in the form of transaction, and the target operation may be at least one of the following operations: addition, multiplication, subtraction, division.
After receiving a processing transaction for ciphertext data submitted by a user terminal, a node in the block chain network packages the processing transaction to form a block, and performs consensus on the formed block, specifically, the consensus node in the block chain network performs the processing transaction and performs consensus on a transaction result (i.e., a processing result of the ciphertext data) to obtain a consensus result, where the consensus result includes a target operation result after the target operation is performed on the ciphertext data.
In actual implementation, a target operation corresponding to ciphertext data is represented by a function f (·), and a consensus node in a block chain network implements the function f (·) on the ciphertext data to obtain a processing result C', C ═ Evaluate (f, C) ═ Encrypt (sk, f (data)).
Step 405: and returning a transaction processing result aiming at the ciphertext data by the block chain network.
In actual implementation, the block chain network returns the target operation result to the user terminal in the form of the transaction processing result after performing the target operation on the ciphertext data based on the received processing transaction.
Step 406: and the user terminal decrypts the transaction processing result returned by the blockchain network to obtain the target data.
Here, after receiving the transaction processing result C ' (i.e. ciphertext data after processing) returned by the block chain network, the user terminal decrypts the transaction processing result C ' by using the private key sk used in encrypting the plaintext data to obtain target data, which is the same as a result obtained by directly applying a function f (·) to the plaintext data, i.e. f (data) ═ Decrypt (sk, C '); therefore, under the condition of not exposing plaintext data, the plaintext data is directly processed by processing the ciphertext data instead, and the block chain network has no knowledge of the stored and retrieved information in the processing process, so that the data security is ensured.
Fig. 8 is a schematic diagram of a structure of a node in a block chain network according to an embodiment of the present invention, and referring to fig. 8, the node in the block chain network according to the embodiment of the present invention includes:
a receiving unit 81, configured to receive a processing transaction for ciphertext data, where the processing transaction indicates to perform a target operation on the ciphertext data, and the ciphertext data is obtained by encrypting plaintext data based on a preset encryption manner;
a consensus unit 82, configured to perform the transaction processing and perform consensus on a transaction result to obtain a consensus result, where the consensus result includes a target operation result of the ciphertext data;
and a sending unit 83, configured to return the consensus result to decrypt the target operation result to obtain target data, where the target data is the same as the result obtained by performing the target operation on the plaintext data.
In some embodiments, the receiving unit is further configured to receive a storage transaction for the ciphertext data, the storage transaction instructing storage of the ciphertext data to at least one node of the blockchain network;
the consensus unit is also used for executing the storage transaction and performing consensus on the transaction result;
and updating the account book of the block chain network to record the storage information of the ciphertext data to the blocks of the block chain network.
In some embodiments, the receiving unit is further configured to receive a query request, where the query request is used to query a storage node capable of providing a data storage space in the blockchain network;
the consensus unit is further configured to query, according to storage information recorded in an account book of the block chain network, storage node information capable of providing a data storage space;
the sending unit is further configured to return the storage node information obtained through the query, so that the storage node storing the ciphertext data is selected based on the storage node information.
In some embodiments, the receiving unit is further configured to receive a data query request carrying a ciphertext keyword, where the ciphertext keyword is obtained by encrypting a plaintext keyword of the target plaintext data;
the consensus unit is further used for acquiring a first mapping relation table which stores the corresponding relation between the ciphertext keywords and the ciphertext data;
and the sending unit is further configured to return a corresponding data query result based on the ciphertext keyword and the first mapping relation table.
In some embodiments, the receiving unit is further configured to receive a data query request carrying a hash value, where the hash value is obtained by performing a hash operation on a plaintext keyword of the target plaintext data and a concatenation result of the query code;
the consensus unit is further used for acquiring a second mapping relation table storing the corresponding relation between the hash value and the ciphertext data;
and the sending unit is further configured to return a corresponding data query result based on the hash value and the second mapping relation table.
In some embodiments, the encryption scheme is a SEA L-based encryption scheme;
the target operation comprises at least one of: addition, multiplication, subtraction, division.
Here, it should be noted that: the above description related to the node is similar to the above description of the data processing method in the blockchain network, and the description of the beneficial effect of the same method is not repeated. For technical details not disclosed in the node embodiments of the present invention, refer to the description of the method embodiments of the present invention.
The embodiment of the present invention further provides a storage medium, which stores executable instructions for causing a processor to execute the method for processing data in a block chain network according to the embodiment of the present invention.
The above description is only an example of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, and improvement made within the spirit and scope of the present invention are included in the protection scope of the present invention.
Claims (14)
1. A method of data processing in a blockchain network, the method comprising:
receiving a processing transaction aiming at ciphertext data, wherein the processing transaction indicates that target operation is carried out on the ciphertext data, and the ciphertext data is obtained by encrypting plaintext data based on a preset encryption mode;
executing the processing transaction and performing consensus on transaction results to obtain consensus results, wherein the consensus results comprise target operation results of the ciphertext data;
and returning the consensus result to decrypt the target operation result to obtain target data, wherein the target data is the same as the result obtained by performing the target operation on the plaintext data.
2. The method of claim 1, wherein prior to receiving the processed transaction for ciphertext data, the method further comprises:
receiving a storage transaction for the ciphertext data, the storage transaction instructing storage of the ciphertext data to at least one node of the blockchain network;
executing the stored transaction and consensus on the transaction results;
and updating the account book of the block chain network to record the storage information of the ciphertext data to the blocks of the block chain network.
3. The method of claim 2, wherein prior to receiving the storage transaction for the ciphertext data, the method further comprises:
receiving a query request, wherein the query request is used for querying storage nodes capable of providing data storage space in the blockchain network;
inquiring storage node information capable of providing a data storage space according to the storage information recorded in the account book of the block chain network;
and returning the storage node information obtained by query, so that the storage node for storing the ciphertext data is selected based on the storage node information.
4. The method of claim 1, wherein the method further comprises:
receiving a data query request carrying a ciphertext keyword, wherein the ciphertext keyword is obtained by encrypting a plaintext keyword of the target plaintext data;
acquiring a first mapping relation table storing the corresponding relation between the ciphertext keywords and the ciphertext data;
and returning a corresponding data query result based on the ciphertext keyword and the first mapping relation table.
5. The method of claim 1, wherein the method further comprises:
receiving a data query request carrying a hash value, wherein the hash value is obtained by performing hash operation on a plaintext keyword of the target plaintext data and a serial result of a query code;
acquiring a second mapping relation table storing the corresponding relation between the hash value and the ciphertext data;
and returning a corresponding data query result based on the hash value and the second mapping relation table.
6. The method of any one of claims 1 to 5,
the encryption mode is based on a simple encryption algorithm function library SEA L;
the target operation comprises at least one of: addition, multiplication, subtraction, division.
7. A node in a blockchain network, the node comprising:
the system comprises a receiving unit, a processing unit and a processing unit, wherein the receiving unit is used for receiving a processing transaction aiming at ciphertext data, the processing transaction indicates that target operation is carried out on the ciphertext data, and the ciphertext data is obtained by encrypting plaintext data based on a preset encryption mode;
the consensus unit is used for executing the processing transaction and performing consensus on a transaction result to obtain a consensus result, wherein the consensus result comprises a target operation result of the ciphertext data;
and the sending unit is used for returning the consensus result so as to decrypt the target operation result to obtain target data, and the target data is the same as the result obtained by performing the target operation on the plaintext data.
8. The node of claim 7,
the receiving unit is further configured to receive a storage transaction for the ciphertext data, where the storage transaction indicates to store the ciphertext data to at least one node of the blockchain network;
the consensus unit is also used for executing the storage transaction and performing consensus on the transaction result;
and updating the account book of the block chain network to record the storage information of the ciphertext data to the blocks of the block chain network.
9. The node of claim 8,
the receiving unit is further configured to receive an inquiry request, where the inquiry request is used to inquire a storage node capable of providing a data storage space in the blockchain network;
the consensus unit is further configured to query, according to storage information recorded in an account book of the block chain network, storage node information capable of providing a data storage space;
the sending unit is further configured to return the storage node information obtained through the query, so that the storage node storing the ciphertext data is selected based on the storage node information.
10. The node of claim 7,
the receiving unit is further configured to receive a data query request carrying a ciphertext keyword, where the ciphertext keyword is obtained by encrypting a plaintext keyword of the target plaintext data;
the consensus unit is further used for acquiring a first mapping relation table which stores the corresponding relation between the ciphertext keywords and the ciphertext data;
and the sending unit is further configured to return a corresponding data query result based on the ciphertext keyword and the first mapping relation table.
11. The node of claim 7,
the receiving unit is further configured to receive a data query request carrying a hash value, where the hash value is obtained by performing hash operation on a plaintext keyword of the target plaintext data and a serial result of the query code;
the consensus unit is further used for acquiring a second mapping relation table storing the corresponding relation between the hash value and the ciphertext data;
and the sending unit is further configured to return a corresponding data query result based on the hash value and the second mapping relation table.
12. The node according to any of the claims 7 to 11,
the encryption mode is based on a simple encryption algorithm function library SEA L;
the target operation comprises at least one of: addition, multiplication, subtraction, division.
13. A node in a blockchain network, the node comprising:
a memory for storing executable instructions;
a processor for implementing the method of data processing in a blockchain network of any one of claims 1 to 6 when executing executable instructions stored in the memory.
14. A storage medium storing executable instructions for causing a processor to perform a method of data processing in a blockchain network according to any one of claims 1 to 6 when executed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910067249.7A CN111478764A (en) | 2019-01-24 | 2019-01-24 | Data processing method, node and storage medium in block chain network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910067249.7A CN111478764A (en) | 2019-01-24 | 2019-01-24 | Data processing method, node and storage medium in block chain network |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111478764A true CN111478764A (en) | 2020-07-31 |
Family
ID=71743456
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910067249.7A Pending CN111478764A (en) | 2019-01-24 | 2019-01-24 | Data processing method, node and storage medium in block chain network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111478764A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112685790A (en) * | 2021-03-19 | 2021-04-20 | 中企链信(北京)科技有限公司 | Block chain data security and privacy protection method |
| CN112906016A (en) * | 2021-01-28 | 2021-06-04 | 北京金山云网络技术有限公司 | Data processing method and device and electronic equipment |
| CN112948083A (en) * | 2021-02-25 | 2021-06-11 | 北京金山云网络技术有限公司 | Data processing method and device and electronic equipment |
| CN112202612B (en) * | 2020-09-29 | 2023-06-20 | 东软集团股份有限公司 | Block link point management method, storage medium, node and block chain system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160261404A1 (en) * | 2015-03-02 | 2016-09-08 | Dell Products L.P. | Methods and systems for obfuscating data and computations defined in a secure distributed transaction ledger |
| CN106549749A (en) * | 2016-12-06 | 2017-03-29 | 杭州趣链科技有限公司 | A kind of block chain method for secret protection encrypted based on additive homomorphism |
| CN106682528A (en) * | 2016-12-31 | 2017-05-17 | 杭州复杂美科技有限公司 | Blockchain encryption retrieval scheme |
-
2019
- 2019-01-24 CN CN201910067249.7A patent/CN111478764A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20160261404A1 (en) * | 2015-03-02 | 2016-09-08 | Dell Products L.P. | Methods and systems for obfuscating data and computations defined in a secure distributed transaction ledger |
| CN106549749A (en) * | 2016-12-06 | 2017-03-29 | 杭州趣链科技有限公司 | A kind of block chain method for secret protection encrypted based on additive homomorphism |
| CN106682528A (en) * | 2016-12-31 | 2017-05-17 | 杭州复杂美科技有限公司 | Blockchain encryption retrieval scheme |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112202612B (en) * | 2020-09-29 | 2023-06-20 | 东软集团股份有限公司 | Block link point management method, storage medium, node and block chain system |
| CN112906016A (en) * | 2021-01-28 | 2021-06-04 | 北京金山云网络技术有限公司 | Data processing method and device and electronic equipment |
| CN112906016B (en) * | 2021-01-28 | 2023-10-27 | 北京金山云网络技术有限公司 | Data processing method and device and electronic equipment |
| CN112948083A (en) * | 2021-02-25 | 2021-06-11 | 北京金山云网络技术有限公司 | Data processing method and device and electronic equipment |
| CN112948083B (en) * | 2021-02-25 | 2023-10-27 | 北京金山云网络技术有限公司 | Data processing method and device and electronic equipment |
| CN112685790A (en) * | 2021-03-19 | 2021-04-20 | 中企链信(北京)科技有限公司 | Block chain data security and privacy protection method |
| CN112685790B (en) * | 2021-03-19 | 2021-06-25 | 中企链信(北京)科技有限公司 | Block chain data security and privacy protection method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Zhao et al. | Secure multi-party computation: theory, practice and applications | |
| CN109144961B (en) | Authorization file sharing method and device | |
| US11019040B2 (en) | Cloud key escrow system | |
| US10735202B2 (en) | Anonymous consent and data sharing on a blockchain | |
| US10333696B2 (en) | Systems and methods for implementing an efficient, scalable homomorphic transformation of encrypted data with minimal data expansion and improved processing efficiency | |
| US11422981B2 (en) | Information management and access control in a database | |
| US20220318907A1 (en) | Systems and methods for generating secure, encrypted communications across distributed computer networks for authorizing use of cryptography-based digital repositories in order to perform blockchain operations in decentralized applications | |
| US20190386814A1 (en) | Systems and Methods for Implementing an Efficient, Scalable Homomorphic Transformation of Encrypted Data with Minimal Data Expansion and Improved Processing Efficiency | |
| US20200052880A1 (en) | Ad-hoc trusted groups on a blockchain | |
| US11362805B2 (en) | Database encryption layer | |
| WO2020042822A1 (en) | Cryptographic operation method, method for creating work key, and cryptographic service platform and device | |
| CN111478764A (en) | Data processing method, node and storage medium in block chain network | |
| US11764943B2 (en) | Methods and systems for somewhat homomorphic encryption and key updates based on geometric algebra for distributed ledger/blockchain technology | |
| US11917088B2 (en) | Integrating device identity into a permissioning framework of a blockchain | |
| KR20090095635A (en) | Method for the secure storing of program state data in an electronic device | |
| CN111475538A (en) | Data processing method, device and storage medium | |
| JP2022531593A (en) | Systems and methods for adding and comparing integers encrypted by quasigroup operations in AES counter mode encryption | |
| WO2019094303A1 (en) | Systems and methods for implementing an efficient, scalable homomorphic transformation of encrypted data with minimal data expansion and improved processing efficiency | |
| Liu et al. | Efficient data integrity auditing with corrupted data recovery for edge computing in enterprise multimedia security | |
| CN115495768A (en) | Secret-related information processing method and system based on block chain and multi-party security calculation | |
| Fugkeaw | Enabling trust and privacy-preserving e-KYC system using blockchain | |
| Fugkeaw et al. | Secure and Lightweight Blockchain-enabled Access Control for Fog-Assisted IoT Cloud based Electronic Medical Records Sharing | |
| US11018857B2 (en) | Encryption scheme using multiple parties | |
| US20200142979A1 (en) | Information transparency control | |
| US20230246817A1 (en) | Systems and methods for generating secure, encrypted communications across distributed computer networks for authorizing use of cryptography-based digital repositories in order to perform blockchain operations in decentralized applications |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |