CN111818012A - Block chain-based secure multimedia communication method and system - Google Patents
Block chain-based secure multimedia communication method and system Download PDFInfo
- Publication number
- CN111818012A CN111818012A CN202010496579.0A CN202010496579A CN111818012A CN 111818012 A CN111818012 A CN 111818012A CN 202010496579 A CN202010496579 A CN 202010496579A CN 111818012 A CN111818012 A CN 111818012A
- Authority
- CN
- China
- Prior art keywords
- user
- network
- data
- communication
- metadata
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a safe multimedia communication method and system based on a block chain. The invention comprises a set of communication system design scheme combining an Ethereum network and a Filecin network, comprising account registration, network construction, data security, data distribution and data recording. The platform transmits metadata through an Ethereum network and stores real data through a Filecoid network. The system reduces the security risk of user information through a Whisper protocol of Ethereum, and introduces a Filecon network of a block chain file system, so that the system can transmit large files and multimedia data.
Description
Technical Field
The invention belongs to the technical field of block chains, and particularly relates to a safe multimedia communication method and system based on a block chain.
Background
Communication software plays an important role in human life, and people use various kinds of communication software such as Skype, WhatsApp, WeChat, nailing and the like. With the planned exposure of the prism, the issue of communications security becomes a focus of concern. Nowadays, communication technologies aiming at protecting user privacy, such as point-to-point encrypted transmission, block chain technology, etc., are available, and some communication applications using these technologies, such as Tox and Status, are also available.
However, the existing communication systems aiming at protecting the security of user information have disadvantages, such as Status based on Whisper protocol, which can provide the user with a secure point-to-point or group chat function, but have strict limitations on the size of information, which requires that the transmitted information is less than 64 kbytes; for another example, Tox is based on a P2P network, both parties need to establish connection through a worldwide routing network before each communication; the use of Tox can make the IP of the user open to the friend list, so that certain potential safety hazard exists; meanwhile, Tox has a statistic attack hidden danger for flow monitoring; finally, all the histories of Tox are local and cannot be verified.
Disclosure of Invention
Based on the above background and the problems existing in the prior art, the present invention is therefore to be understood that there is no system that can overcome the disadvantages of the above two types of communication systems (Status and Tox), and an ideal communication system can ensure the security of communication information through encryption, and provide large file transmission in a multimedia format and verifiable communication records.
The invention is about to design a safe multimedia communication method based on a block chain, and the method establishes a decentralized communication system by using a block chain technology, thereby ensuring the information safety of a user; the method simultaneously utilizes the block chain file system to provide the storage and extraction of multimedia and large-capacity files for the communication system, so that a user can complete safe and credible multimedia communication through the method.
In order to achieve these objects and other advantages of the present invention, a secure multimedia communication system based on a blockchain is provided, which includes an ethernet network and a fieldoin network as a distributed data storage network, and is based on a system using a double-chain architecture, where the double-chain architecture includes a double-chain architecture composed of the ethernet network and the fieldoin network, and the blockchain file system fieldoin is constructed based on the fieldoin network, and the specific components further include:
the participation main body of the system comprises a user side, a service or auxiliary service providing device and a service providing device, wherein the user side is used for providing service or auxiliary service for the user to access the Ethereum network and the Filecian network;
the Ethereum network comprises user nodes and service nodes, wherein the nodes can also be miners, the user nodes are called Peernode (PN), and metadata of user communication is broadcasted among the Ethereum network user nodes through the Whisper protocol; service nodes (some special nodes in the Ethereum network are called Server nodes, SN) for storing encrypted communication data between users and providing information retransmission service for users when the information is out of date due to user offline;
a Fileoin network, including File nodes, also referred to as File Nodes (FN), for storing encrypted data transmitted between users and receiving corresponding Fileoin network service benefits;
the Whisper protocol, as a communication protocol, is used for transmitting and broadcasting communication metadata between ethernet networks, and includes an identifier CID stored in a fieldbus network.
Further, the block chain-based secure multimedia communication system specifically includes: the generation and login module of the user account comprises: the system is used for generating a private account for a user through a password and a mnemonic word, creating an Ethereum account and a Filecian account, and meanwhile, generating a user address identifier according to an Ethereum account public key, and finally realizing the purpose of helping the user to log in the private account through a private key or a user name and the mnemonic word.
Further, the block chain-based secure multimedia communication system specifically includes: the generation and encryption module of the metadata: the method is used for realizing user communication between Ethereum networks through a Whisper protocol and further transmitting communication metadata through the Whisper protocol.
Further, the block chain-based secure multimedia communication system specifically includes: the Ethereum network joining and transmission module: the method is used for assisting the user to join the Ethereum network and broadcasting the generated metadata in the Ethereum network through the Whisper protocol when the user sends information.
Further, the block chain-based secure multimedia communication system specifically includes: the encryption and uploading module of the communication data comprises: the method is used for generating an AES key through a Curve25519 algorithm according to a public key of a receiving party, a private key of a sending party and a random number when sending information sent by a user, signing data sent by the user to be sent by using an account private key, encrypting the data by using the AES key, uploading the data to a Fileoin network, and acquiring a returned identifier CID.
Further, the block chain-based secure multimedia communication system specifically includes: the download and decryption module of the communication data: the method is used for assisting a user in downloading the encrypted data from the blockchain file system Filecoid through CID after receiving the metadata, and is used for realizing that an AES key in the metadata is decrypted by using a user private key or a group private key, and is used for realizing that the downloaded data is decrypted by using the AES key and finishing information exchange.
Further, the block chain-based secure multimedia communication system specifically includes: the communication record generation, storage and verification module comprises: the system is used for broadcasting and propagating metadata sent among users in the Ethereum network and returning the metadata when the users request; when the communication data is locally stored, the method is used for setting the optional communication record storage modes of the user, wherein the optional communication record storage modes comprise a mode of only storing metadata and a mode of storing real data, and the mode of only storing metadata is used for saving space; all communication data generated in the communication record generation, storage and verification module can be used for verifying authenticity through private key signature.
The invention also discloses an implementation method of the technical result transaction system based on the block chain, the method adopts a double-chain structure based on the system, the double-chain structure comprises a double-chain structure consisting of an Ethereum network and a Filecin network, the Ethereum is an Etherum network, the Filecin is a distributed data storage network, and the block chain file system Filecin is constructed based on the Filecin network. The concrete implementation steps comprise:
(1) generating and transmitting user sending metadata in an Ethereum network through a Whisper protocol;
(2) and based on the metadata, uploading and downloading file data by a user in the Filecon network through a Whisper protocol.
Further, the step (1) further includes:
(1-1) generation and login of user account: in the system, a private account is generated for a user through a password and a mnemonic word, the account generation simultaneously creates an Ethereum account and a Filecian account, a user address identifier is generated according to an Ethereum account public key, and the user is assisted to log in the private account through a private key or a user name and the mnemonic word;
(1-2) generation and encryption of metadata: user communication is realized between Ethereum networks through a Whisper protocol, the Whisper protocol limits the maximum information capacity capable of being transmitted to 64 kilobytes, and due to the limitation, communication metadata is transmitted through the Whisper protocol in the system, the metadata comprises an identifier CID, a timestamp and a random number, and the identifier CID is the encrypted user real communication data stored in the Fileoin network;
(1-3) joining and transmitting of Ethereum network: and through the Ethereum sub-account of the private account, assisting the user to join the Ethereum network, and broadcasting metadata generated when the user sends information in the Ethereum network through a Whisper protocol.
Further, the step (2) further comprises:
(2-1) encryption and uploading of communication data: when information sent by a user is sent, an AES key is generated through a Curve25519 algorithm according to a public key of a receiving party, a private key of a sending party and a random number, data sent by the user to be sent are signed by using an account private key, encrypted by using the AES key and uploaded to a Fileoin network, and a returned identifier CID is obtained;
(2-2) downloading and decrypting communication data: after receiving the metadata, downloading the encrypted data from the Filecin auxiliary user through the identifier CID, then decrypting an AES (advanced encryption standard) key in the metadata by using a user private key or a group private key, decrypting the downloaded data by using the AES key, and finishing one-time information exchange;
(2-3) generating, storing and verifying communication records: metadata sent among users are transmitted in the Ethereum network in a broadcasting mode, and the service node receives and stores the data and returns the data when the user requests the data; when the communication data is locally stored, setting a user selectable communication record storage mode, wherein the record storage mode comprises a mode of only storing metadata and a mode of storing real data, and the mode of only storing the metadata is used for saving space; and all communication data are subjected to private key signature in the process of realizing generation, storage and verification of the communication record and are used for verifying authenticity.
Additional advantages, objects, and features of the invention will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the invention. The invention at least comprises the following beneficial effects:
(1) the invention designs an encryption communication method and system combined with a block chain technology, so that the communication process is safe and credible. The Whisper protocol realizes that any intermediate party cannot control information transmission and cannot trace back the source and the destination of information, thereby preventing potential flow-based statistical attack.
(2) By combining the Filecoid of the block chain file system, the communication system can transmit metadata based on Whisper, and a user extracts data through the Filecoid based on the metadata, so that the defect that the existing communication system based on the Whisper protocol cannot transmit multimedia and high-capacity files is overcome.
(3) By signing data and using symmetric encryption and asymmetric encryption techniques, the system can provide a secure and verifiable communication record.
(4) With the Whisper protocol, the system protects against potential DDoS attacks by PoW (proof of workload).
Drawings
FIG. 1 is a system architecture diagram;
FIG. 2 is a diagram of a metadata structure;
FIG. 3 is a flow chart of sending messages;
fig. 4 is a flow chart of the accept message.
Detailed Description
In order to clearly illustrate the present invention and make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, so that those skilled in the art can implement the technical solutions in reference to the description text. The technology of the present invention will be described in detail below with reference to the accompanying drawings in conjunction with specific embodiments.
The invention relates to the technology and name explanation:
ethereum is an Etherhouse network.
Filecoin is a distributed data storage network.
The Whisper protocol is a communication protocol: all Whisper messages can be received by each node through message forwarding between the nodes.
The Curve25519 algorithm is an elliptic Curve encryption algorithm.
AES is an advanced encryption standard algorithm.
The specific embodiment is as follows:
for the convenience of those skilled in the art to understand, this section will be described in conjunction with the block chain based secure multimedia communication system and the block chain based secure multimedia communication method implemented by the system according to the present invention, and will be described in conjunction with the accompanying drawings so that those skilled in the art can implement the present invention with reference to the description text.
The whole module architecture of the invention is shown in fig. 1, the system uses a double-chain architecture, the double-chain architecture comprises a double-chain structure consisting of an Ethereum network and a Fileoin network, the Ethereum is an Ethermen network, the Fileoin is a distributed data storage network, and the Fileoin network is used for constructing a block chain file system Fileoin. Wherein, the Ethereum network transmits the metadata, the user Node is called Peernode (PN), the service Node storing the communication data is called Server Node (SN). The Filecoin is responsible for uploading, storing and downloading communication data.
The block chain is taken as the bottom technical support of the bitcoin and formally born in early 2009. Although blockchains are born for purely technical purposes, the benefits that they can deliver are well beyond the technical scope itself. The block chain brings an open, shared and decentralized architecture for people, is contrary to the spirit of the current internet technology, and sublimes the information transmission into value transmission, and becomes one of the technologies with the most influence and development prospects at present. However, the bitcoin is not perfect, and its lack of expandability limits the range of use of the bitcoin.
Ethereum (Ethereum) is an open-source, intelligent contract-enabled, common blockchain platform that provides decentralized ethernet virtual machines to process point-to-point contracts through its private cryptocurrency ethernet currency. Essentially, the goal of etherhouses is to introduce the three major characteristics of decentralization, openness and security of blockchain technology into almost all fields that can be calculated.
Whisper is a communication protocol based on EtherFang, and point-to-point communication between nodes in Whisper network is based on D xi Vp2p protocol. Whisper is not designed for instant messaging, nor for transferring data between network terminals. Whisper is designed for simple, efficient broadcast communication and can also be used as the underlying asynchronous communication. To prevent DDoS attacks, Whisper uses the Proof of workload (PoW), whose computation must be done directly before the information is released, otherwise this information will be discarded.
A block chain based file system, such as Filecin, can effectively provide a data storage function for a decentralized communication system. Taking the example of Filecoin, such a file system may provide a function of storing data for users by using its consensus algorithm, and miners obtain benefits by providing storage space or by routing.
The main components of the system specifically comprise:
(1) the participation main body of the system comprises a user side, a service or auxiliary service providing device and a service providing device, wherein the user side is used for providing service or auxiliary service for the user to access the Ethereum network and the Filecian network;
(2) the Ethereum network comprises user nodes and service nodes, wherein metadata for user communication is broadcasted among the Ethereum network user nodes through a Whisper protocol, the service nodes are used for storing encrypted communication data among users, and information retransmission service is provided for the users under the condition that information is out of date due to user offline;
(3) the Filecon network comprises file nodes, and is used for storing encrypted data transmitted among users and receiving corresponding Filecon network service benefits.
Based on the main components of the system, in order to complete the complete functions of the invention, the concrete components also include:
the generation and login module of the user account comprises: the system is used for generating a private account for a user through a password and a mnemonic word, creating an Ethereum account and a Filecin account, and simultaneously generating a user address identifier according to an Ethereum account public key to finally help the user to log in the private account through a private key or a user name and the mnemonic word;
the generation and encryption module of the metadata: the system is used for realizing user communication between Ethereum networks through a Whisper protocol and further transmitting communication metadata through the Whisper protocol;
the Ethereum network joining and transmission module: the method is used for assisting the user to join the Ethereum network and broadcasting the generated metadata in the Ethereum network through the Whisper protocol when the user sends information.
The specific implementation steps depending on the system implementation of the invention comprise:
s1: generating and transmitting user sending metadata in an Ethereum network through a Whisper protocol;
s11: and (3) generating and logging in a user account: the system generates a private account for a user through a password and a mnemonic word, the account generation simultaneously creates an Ethereum account and a Filecian account, simultaneously generates a user address identifier according to an Ethereum account public key, and assists the user to log in the private account through a private key or a user name and the mnemonic word;
s12: generation and encryption of metadata: user communication is realized between Ethereum networks through a Whisper protocol, communication metadata are transmitted through the Whisper protocol, the metadata comprise an identifier CID, a timestamp and a random number, the identifier CID is stored in the Fileoin network after encryption, and the composition of the metadata is shown in figure 2;
s13: joining and transmission of the Ethereum network: through the Ethereum sub-account of the private account, the user is assisted to join the Ethereum network, and metadata generated when the user sends information is broadcasted in the Ethereum network through the Whisper protocol, as shown in fig. 2.
The system transmits metadata through a Whisper protocol in an Ethereum network, and the metadata composition is shown in figure 2. Where the topic is a shared identifier of the information, because of the broadcast nature of Whisper, each piece of information will be sent to all nodes in the network, and the node will not attempt to decrypt each piece of received information, which is very resource consuming. Thus, the system will identify the information by topic, a string of 4-byte identifiers, and the user can define point-to-point communication and group communication by this field. The AES random number 1 is specifically a 12-byte random number used for encrypting and decrypting the metadata information in the Whisper protocol, and the AES random number 2 is specifically a 24-byte random number used for generating an AES key for encrypting user communication data. The CID is a 128-byte file identifier obtained after the user uploads the encrypted data to the filecoid network. The type refers to the type of the file uploaded by the user, and the length of the file is 1 byte.
Based on the main components of the system, in order to realize the complete function of the invention, the concrete components also include:
the encryption and uploading module of the communication data comprises: the device is used for generating an AES key through a Curve25519 algorithm according to a public key of a receiving party, a private key of a sending party and a random number when sending information sent by a user, signing data sent by the user to be sent by using an account private key, encrypting the data by using the AES key and uploading the data to a Fileoin network to obtain a returned identifier CID;
the download and decryption module of the communication data: the device is used for assisting a user to download encrypted data from the Filecoid network through CID after receiving the metadata, decrypting an AES (advanced encryption standard) key in the metadata by using a user private key or a group private key, decrypting the downloaded data by using the AES key and finishing information exchange;
the communication record generation, storage and verification module comprises: the system is used for broadcasting and propagating metadata sent among users in the Ethereum network and returning the metadata when the users request; when the communication data is stored locally, the method is used for setting the optional communication record storage modes of the user, wherein the optional communication record storage modes comprise a mode of only storing metadata and a mode of storing real data, and the mode of only storing metadata is used for saving space. All communication data generated in the module are signed by a private key and can be used for verifying authenticity.
The method also comprises the following steps of:
s2: and based on the metadata, uploading and downloading file data by a user in the Filecon network through a Whisper protocol.
S21: encryption and uploading of communication data: when information sent by a user is sent, an AES key is generated through a Curve25519 algorithm according to a public key of a receiving party, a private key of a sending party and a random number, data sent by the user to be sent are signed by using an account private key, encrypted by using the AES key and uploaded to a Fileoin network, and a returned identifier CID is obtained;
s22: downloading and decrypting communication data: after receiving the metadata, downloading the encrypted data from the Filecin network assistance user through the identifier CID, then decrypting an AES (advanced encryption standard) key in the metadata by using a user private key or a group private key, decrypting the downloaded data by using the AES key, and finishing one-time information exchange;
s23: and (3) generating, storing and verifying communication records: metadata sent among users are transmitted in the Ethereum network in a broadcasting mode, and the service node receives and stores the data and returns the data when the user requests the data; when the communication data is locally stored, setting a user selectable communication record storage mode, wherein the record storage mode comprises a mode of only storing metadata and a mode of storing real data, and the mode of only storing the metadata is used for saving space; and all communication data are subjected to private key signature in the process of realizing generation, storage and verification of the communication record and are used for verifying authenticity.
Fig. 3 introduces a flow of primary information transmission, which is a basic function of the system, and the specific implementation steps include:
step 1: account registration
The information sender generates a private account through the password and the mnemonic words, generates an Ethereum sub-account and a Filecin sub-account simultaneously when the account is registered, and generates an account address identifier through an Ethereum sub-account public key. The account private key is stored locally by the user.
Step 2: data entry
The sender inputs the data which is desired to be sent, and the system does not limit the type and the size of the data.
Step 3: data signing and encryption
The sender uses the private key of the sender account, the public key of the receiver account and the random number to generate an AES key through a Curve25519 algorithm, the private key of the sender account is used for signing data, and then the AES key is used for AES encryption of the data.
Step 4: data upload
And the sender uploads the encrypted data to the Filecin through the Filecin sub-account and obtains the CID.
Step 5: metadata generation and transmission
The sender combines the version of Whisper protocol, expiration time, survival time, topics, AES random numbers, data types, CIDs, public keys of the sender and random numbers into metadata, broadcasts the metadata in the Ethereum network through the Whisper protocol, and stores the metadata or complete data in a local communication record according to the user requirements.
FIG. 4 shows the basic function of the system, namely the process of receiving information once, and the specific implementation steps comprise:
step 1: account registration
The information sender generates a private account through the password and the mnemonic words, generates an Ethereum sub-account and a Filecin sub-account simultaneously when the account is registered, and generates an account address identifier through an Ethereum sub-account public key. The account private key is stored locally by the user.
Step 2: data reception and key generation
And the receiver receives the metadata of the specified topic through the Ethereum network, or the receiver hopes to receive the message when the receiver is off-line, and then sends a request to the SN to obtain the returned metadata. The receiving party decrypts the metadata, and generates an AES key by using a private key of the receiving party, a public key of the sending party and an AES random number 2 through a Curve25519 algorithm, wherein the key is the same as the AES key when the sending party encrypts, namely k is Hash (Curve25519(B, A)) -Hash (Curve25519(a, B)), wherein A and a are the public key and the private key of the sending party, and B and B are the public key and the private key of the receiving party.
Step 3: data download, decryption and verification
And the receiver downloads the encrypted communication data through CID by using the Filecin sub-account, decrypts the data by using the AES key, and then performs signature verification on the data by using the public key of the sender.
Step 4: data rendering, record saving
And correctly rendering the data at the client through the data type. And storing the metadata or the complete data locally according to the user requirements.
The embodiments described above are presented to enable a person having ordinary skill in the art to make and use the invention. It will be readily apparent to those skilled in the art that various modifications to the above-described embodiments may be made, and the generic principles defined herein may be applied to other embodiments without the use of inventive faculty. Therefore, the present invention is not limited to the above embodiments, and those skilled in the art should make improvements and modifications to the present invention based on the disclosure of the present invention within the protection scope of the present invention.
Claims (10)
1. The utility model provides a safe multimedia communication system based on block chain which characterized in that adopts double-stranded structure, double-stranded structure is the double-stranded structure that ether um network and select network are constituteed, ether um is the ether mill network, select is a distributed data storage network to select based on select network construction block chain file system select, concrete component still includes:
the participation main body of the system comprises a user side, a service or auxiliary service providing device and a service providing device, wherein the user side is used for providing service or auxiliary service for the user to access the Ethereum network and the Filecian network;
the Ethereum network comprises user nodes and service nodes, wherein metadata for user communication is broadcasted among the Ethereum network user nodes through a Whisper protocol, the service nodes are used for storing encrypted communication data among users, and information retransmission service is provided for the users under the condition that information is out of date due to user offline;
the Filecon network comprises file nodes, a file management module and a file management module, wherein the file nodes are used for storing encrypted data transmitted among users and receiving corresponding Filecon network service benefits;
the Whisper protocol, as a communication protocol, is used for transmitting and broadcasting communication metadata between ethernet networks, and includes an identifier CID stored in a fieldbus network.
2. The system according to claim 1, further comprising: the generation and login module of the user account comprises: the system is used for generating a private account for a user through a password and a mnemonic word, creating an Ethereum account and a Filecian account, and meanwhile, generating a user address identifier according to an Ethereum account public key, and finally realizing the purpose of helping the user to log in the private account through a private key or a user name and the mnemonic word.
3. The system according to claim 2, further comprising: the generation and encryption module of the metadata: the method is used for realizing user communication between Ethereum networks through a Whisper protocol and further transmitting communication metadata through the Whisper protocol.
4. The system according to claim 3, further comprising: the Ethereum network joining and transmission module: the method is used for assisting the user to join the Ethereum network and broadcasting the generated metadata in the Ethereum network through the Whisper protocol when the user sends information.
5. The system according to claim 1, further comprising: the encryption and uploading module of the communication data comprises: the method is used for generating an AES key through a Curve25519 algorithm according to a public key of a receiving party, a private key of a sending party and a random number when sending information sent by a user, signing data sent by the user to be sent by using an account private key, encrypting the data by using the AES key, uploading the data to a Fileoin network, and acquiring a returned identifier CID.
6. The system according to claim 5, further comprising: the download and decryption module of the communication data: the device is used for downloading the encrypted data from the Filecoid auxiliary user through CID after receiving the metadata, decrypting an AES (advanced encryption standard) key in the metadata by using a user private key or a group private key, decrypting the downloaded data by using the AES key and finishing information exchange.
7. The system according to claim 6, further comprising: the communication record generation, storage and verification module comprises: the system is used for broadcasting and propagating metadata sent among users in the Ethereum network and returning the metadata when the users request; when the communication data is locally stored, the method is used for setting the optional communication record storage modes of the user, wherein the optional communication record storage modes comprise a mode of only storing metadata and a mode of storing real data, and the mode of only storing metadata is used for saving space; all communication data generated in the communication record generation, storage and verification module can be used for verifying authenticity through private key signature.
8. A block chain-based secure multimedia communication method depending on the system of claim 1, wherein the method is implemented based on using a double-chain architecture system, the double-chain structure includes a double-chain structure composed of an Ethereum network and a Filecin network, the Ethereum is an Etherum network, the Filecin is a distributed data storage network, and the block chain file system Filecin is constructed based on the Filecin network, and the specific implementation steps include:
step (1) generating and transmitting user sending metadata in an Ethereum network through a Whisper protocol;
and (2) based on the metadata, uploading and downloading file data by a user in the Filecoid network through a Whisper protocol.
9. The secure multimedia communication method based on the blockchain according to claim 8, wherein in the step (1), the specific implementation steps further include:
(1-1) generation and login of user account: in the system, a private account is generated for a user through a password and a mnemonic word, the account generation simultaneously creates an Ethereum account and a Filecian account, a user address identifier is generated according to an Ethereum account public key, and the user is assisted to log in the private account through a private key or a user name and the mnemonic word;
(1-2) generation and encryption of metadata: user communication is realized between Ethereum networks through a Whisper protocol, communication metadata are transmitted through the Whisper protocol, the Whisper protocol is a communication protocol, the metadata comprise an identifier CID, a timestamp and a random number, and the identifier CID is stored in the Filecian network after encrypted user real communication data;
(1-3) joining and transmitting of Ethereum network: and through the Ethereum sub-account of the private account, assisting the user to join the Ethereum network, and broadcasting metadata generated when the user sends information in the Ethereum network through a Whisper protocol.
10. The method for secure multimedia communication based on blockchain according to claim 8, wherein the step (2) of implementing further comprises:
(2-1) encryption and uploading of communication data: when information sent by a user is sent, an AES key is generated through a Curve25519 algorithm according to a public key of a receiving party, a private key of a sending party and a random number, the Curve25519 algorithm is an elliptic Curve encryption algorithm, AES is an advanced encryption standard algorithm, data sent by the user to be sent are signed by using an account private key, the data are encrypted by using the AES key and then uploaded to a Fileoin network, and a returned identifier CID is obtained;
(2-2) downloading and decrypting communication data: after receiving the metadata, downloading the encrypted data from the Filecin network assistance user through the identifier CID, then decrypting an AES (advanced encryption standard) key in the metadata by using a user private key or a group private key, decrypting the downloaded data by using the AES key, and finishing one-time information exchange;
(2-3) generating, storing and verifying communication records: metadata sent among users are transmitted in the Ethereum network in a broadcasting mode, and the service node receives and stores the data and returns the data when the user requests the data; when the communication data is locally stored, setting a user selectable communication record storage mode, wherein the record storage mode comprises a mode of only storing metadata and a mode of storing real data, and the mode of only storing the metadata is used for saving space; and all communication data are subjected to private key signature in the process of realizing generation, storage and verification of the communication record and are used for verifying authenticity.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010496579.0A CN111818012A (en) | 2020-06-03 | 2020-06-03 | Block chain-based secure multimedia communication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010496579.0A CN111818012A (en) | 2020-06-03 | 2020-06-03 | Block chain-based secure multimedia communication method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111818012A true CN111818012A (en) | 2020-10-23 |
Family
ID=72847969
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010496579.0A Pending CN111818012A (en) | 2020-06-03 | 2020-06-03 | Block chain-based secure multimedia communication method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111818012A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109344628A (en) * | 2018-08-23 | 2019-02-15 | 深圳前海达闼云端智能科技有限公司 | The management method of trusted node, node and storage medium in block chain network |
| US20190089716A1 (en) * | 2016-05-18 | 2019-03-21 | Innogy Innovation Gmbh | Peer-to-peer network and node of a peer-to-peer network |
| CN111181853A (en) * | 2019-12-30 | 2020-05-19 | 布比(北京)网络技术有限公司 | Pure distributed data exchange method and system based on block chain |
-
2020
- 2020-06-03 CN CN202010496579.0A patent/CN111818012A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190089716A1 (en) * | 2016-05-18 | 2019-03-21 | Innogy Innovation Gmbh | Peer-to-peer network and node of a peer-to-peer network |
| CN109344628A (en) * | 2018-08-23 | 2019-02-15 | 深圳前海达闼云端智能科技有限公司 | The management method of trusted node, node and storage medium in block chain network |
| CN111181853A (en) * | 2019-12-30 | 2020-05-19 | 布比(北京)网络技术有限公司 | Pure distributed data exchange method and system based on block chain |
Non-Patent Citations (2)
| Title |
|---|
| KAUSHAL POUDEL,ETAL.: "Photograph Ownership and Authorization using Blockchain", 《2019 ARTIFICIAL INTELLIGENT FOR TRANSFORMING BUSINESS AND SOCIETY》 * |
| 沈济超,许飞龙: "《区块链真相50讲》", 31 August 2019 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9985790B2 (en) | Secure instant messaging system | |
| EP2437469B1 (en) | Method and apparatus for establishing a security association | |
| US20190007198A1 (en) | Transfer of content in a peer-to-peer network | |
| US6725276B1 (en) | Apparatus and method for authenticating messages transmitted across different multicast domains | |
| Tiloca et al. | Axiom: DTLS-based secure IoT group communication | |
| EP0906677A2 (en) | Cryptographic communication system | |
| WO2010025638A1 (en) | Method, equipment and system of peer to peer live broadcast stream transfer | |
| US20240064143A1 (en) | Methods, mediums, and systems for verifying devices in an encrypted messaging system | |
| Park et al. | Survey for secure IoT group communication | |
| Tiloca | Efficient protection of response messages in DTLS-based secure multicast communication | |
| US11265298B2 (en) | Method for end-to-end transmission of a piece of encrypted digital information, application of this method and object implementing this method | |
| US11743035B2 (en) | Methods, mediums, and systems for verifying devices in an encrypted messaging system | |
| US11658955B1 (en) | Methods, mediums, and systems for verifying devices in an encrypted messaging system | |
| CN114765546B (en) | End-to-end hard encryption method, system, encryption equipment and key management server | |
| CN111818012A (en) | Block chain-based secure multimedia communication method and system | |
| Straub et al. | OMEMO Encryption | |
| Fries et al. | On the applicability of various multimedia internet keying (mikey) modes and extensions | |
| US11843636B1 (en) | Methods, mediums, and systems for verifying devices in an encrypted messaging system | |
| CN111865972B (en) | Anonymous communication method and system | |
| US20150127944A1 (en) | Method for secure and anonymous electronic communication via cryptography-facilitated delivery | |
| Chopra | Enabling Use of Signal in a Disconnected Village Environment | |
| CN116886690A (en) | Method for supporting safe transmission of end-to-end message file by multiple persons simultaneously | |
| CN116112458A (en) | Communication method, device, equipment and storage medium | |
| CN112861155A (en) | Public key issuing method in off-center computing scene | |
| Straub et al. | XEP-0384: OMEMO Encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201023 |
|
| RJ01 | Rejection of invention patent application after publication |