CN111859446A - Agricultural product traceability information sharing-privacy protection method and system - Google Patents
Agricultural product traceability information sharing-privacy protection method and system Download PDFInfo
- Publication number
- CN111859446A CN111859446A CN202010549491.0A CN202010549491A CN111859446A CN 111859446 A CN111859446 A CN 111859446A CN 202010549491 A CN202010549491 A CN 202010549491A CN 111859446 A CN111859446 A CN 111859446A
- Authority
- CN
- China
- Prior art keywords
- key
- agricultural product
- data
- traceability information
- product traceability
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 73
- 238000013475 authorization Methods 0.000 claims description 13
- 238000003860 storage Methods 0.000 claims description 10
- 238000004590 computer program Methods 0.000 claims description 8
- 238000012545 processing Methods 0.000 claims description 6
- 230000008569 process Effects 0.000 description 11
- 238000005516 engineering process Methods 0.000 description 6
- 238000007726 management method Methods 0.000 description 6
- 238000004891 communication Methods 0.000 description 5
- 230000008901 benefit Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000013500 data storage Methods 0.000 description 3
- 230000007547 defect Effects 0.000 description 2
- 238000009826 distribution Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 150000003839 salts Chemical class 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000004880 explosion Methods 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Abstract
The embodiment of the invention provides a method and a system for agricultural product traceability information sharing-privacy protection, which comprises the steps of decrypting key value pairs in a block chain network by using a private key of an authorized viewing node to obtain privacy data; the key-value pair comprises a public key of the authorized viewing node and a secret key of the secondary encryption. The method further comprises the steps of determining privacy data in the agricultural product traceability information; encrypting the private data for one time to obtain an encrypted secret key; carrying out secondary encryption on the public key of the authorized viewing node and the key encrypted for the first time to obtain a key encrypted for the second time; and forming a key value pair by the public key of the authorized viewing node and the secret key of the secondary encryption, and uploading the key value pair to the block chain network. According to the agricultural product traceability information sharing-privacy protection method and system provided by the embodiment of the invention, the authorized viewing nodes in the block chain network only acquire the secondary encryption key of the encrypted data by viewing and authorizing part of the nodes, so that the security of the traceability data is effectively improved while the encrypted data is shared.
Description
Technical Field
The embodiment of the invention relates to the technical field of block chains, in particular to a method and a system for agricultural product traceability information sharing-privacy protection.
Background
Along with the improvement of the living standard of people, the quality safety of agricultural products is more and more important, and the quality safety problem of the agricultural products not only relates to the health of the public, but also has great influence on agricultural development, farmer income increase, agricultural trade and agricultural modernization construction. At present, on the research of agricultural product supply chains, governments of various countries construct agricultural product supply chain information supervision systems, and related enterprises successively establish supply chain information management systems.
The block chain technology is integrated through technologies such as distributed data storage, point-to-point transmission, a consensus mechanism and an encryption algorithm, has the characteristics of no tampering, distribution, decentralization, traceability, high availability and the like, and can effectively solve the problem of counterfeiting of data in the system circulation process in the traditional transaction mode, so that a trusted transaction environment is constructed. The method is consistent with the tracing requirement, combines the block chain technology with the agricultural product tracing, performs distributed resource centralized management and centralized resource distributed service, and provides possibility for solving the problems of the traditional agricultural product tracing system at present.
The blockchain enables traceable, non-tamperable data because it has a distributed database based on cryptographic links established, forming a non-tamperable data source. Therefore, complete information recording can be realized in the whole process from production to circulation of the product, and comprehensive data information of the product is provided for supervision departments, so that the product quality inspection and data interconnection and mutual sharing can be completed more efficiently.
Although the block chain can effectively solve the tracing problem of the traditional agricultural products, the block chain technology has exposed defects in the explosion growth of internet data, the irreversibility of data, the leakage of private data and the like. The block chain technology is different from the traditional centralized system, one party in the centralized system can check all data and control the access authority of the data, the distributed system is provided that all data are shared with all participants, the sharing needs to enable all the parties to agree with the validity of the transaction, the process is called consensus, but the data safety on the chain cannot be guaranteed due to the characteristics of simple admission threshold and data disclosure, and all the participants who are in consensus can freely request the whole history of the transaction, so that the private data are leaked.
In view of the above drawbacks, a main solution is to store summary information corresponding to key privacy data to a distributed ledger based on the key privacy data chain. The strategy is combined with a secure hash algorithm to calculate the abstract information, and even if the abstract information exists, the original text cannot be directly deduced reversely. However, the simple processing also has the problem of privacy disclosure, and particularly for data with limited and general values such as identity numbers and sexes, dictionary attack and brute force cracking are easy to be implemented by an attacker. For such data, SALT (SALT) is added and then hashed for uplink. The off-link storage has strong privacy protection and is generally used in the field of data storage. This approach has disadvantages, however, because the original text is not on the chain and the secure storage of the original text requires the parties to be careful in maintaining it. Meanwhile, if the original text of one party is lost during the evidence-taking, the opponent party probably considers the economic benefit of the opponent party and intentionally does not provide the original text, the evidence can not be really stored, and the evidence-taking effect is poor.
Aiming at the defect of insufficient privacy protection in the agricultural product traceability information sharing process in the prior art, a new traceability information sharing method based on a block chain is urgently needed to be provided.
Disclosure of Invention
The embodiment of the invention provides an agricultural product traceability information sharing-privacy protection method and system, which are used for overcoming or partially solving the problem that in the prior art, all nodes share data and the privacy data are easy to leak in agricultural product traceability information sharing-privacy protection.
In a first aspect, an embodiment of the present invention provides a method for sharing agricultural product traceability information-protecting privacy, which mainly includes: decrypting key value pairs in the block chain network by using a private key of an authorized viewing node to obtain private data; the key-value pair comprises a private key of the authorized viewing node and a secondarily encrypted key.
Optionally, before decrypting the key-value pair in the blockchain network with the private key of the authorized viewing node, the method may further include:
determining private data in agricultural product traceability information; the method comprises the steps of encrypting privacy data for the first time, obtaining a key encrypted for the first time, and encrypting a public key of an authorized view node and the key encrypted for the first time for the second time to obtain a key encrypted for the second time; and forming a key value pair by the private key of the authorized viewing node and the secondarily encrypted secret key, and uploading the key value pair to the block chain network.
Optionally, the uploading, to the blockchain network, a key-value pair composed of a private key of the authorized viewing node and a key of the secondary encryption includes: and uploading the key value pair to a block chain network after storing the key value pair in the world state of the intelligent contract.
Optionally, the determining the private data in the agricultural product traceability information may include: calling an intelligent contract to verify the agricultural product traceability information; if the agricultural product traceability information needs encryption processing, defining the agricultural product traceability information as private data; if the agricultural product traceability information does not need encryption processing, the agricultural product traceability information is defined as public data and is directly uploaded to the block chain network.
Optionally, the decrypting the key value pair in the blockchain network by using the private key of the authorized view node to obtain the private data may include: decrypting the secondarily encrypted secret key by using a private key of the authorization check node according to the public key of the authorization check node to obtain a primary encrypted secret key; and decrypting the once encrypted ciphertext by using the once encrypted secret key to obtain the private data.
Optionally, the first encryption is a symmetric encryption and the second encryption is an asymmetric encryption.
Alternatively, the symmetric encryption method may specifically be a cipher block chaining mode in the AES encryption algorithm; the asymmetric encryption method may be embodied as an elliptic curve algorithm.
In a second aspect, an embodiment of the present invention provides a system for sharing agricultural product traceability information-protecting privacy, which mainly includes: the private data reading unit is used for decrypting the key value pair in the block chain network by using a private key of the authorized viewing node to obtain private data; the key-value pair mainly comprises a public key of the authorized viewing node and a secret key of secondary encryption.
In a third aspect, an embodiment of the present invention provides an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the agricultural product traceability information sharing-privacy protection method according to any one of the first aspect when executing the program.
In a fourth aspect, an embodiment of the present invention provides a non-transitory computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the agricultural product traceability information sharing-privacy protection method according to any one of the first aspects.
According to the agricultural product traceability information sharing-privacy protection method and system, viewing authorization is carried out on part of nodes, only authorized viewing nodes in the block chain network are enabled to obtain the secondary encryption key of the encrypted data, and the traceability data is effectively improved while sharing of the encrypted data is achieved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
Fig. 1 is a schematic flow chart of a method for agricultural product traceability information sharing-privacy protection according to an embodiment of the present invention;
fig. 2 is a schematic diagram illustrating an uploading process of private data in a method for agricultural product traceability information sharing-privacy protection according to an embodiment of the present invention;
fig. 3 is a schematic flow chart of another agricultural product traceability information sharing-privacy protection method provided in an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a system for agricultural product traceability information sharing-privacy protection according to an embodiment of the present invention;
fig. 5 is a physical structure diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the agricultural product traceability information sharing-privacy protection method provided by the embodiment of the invention, the characteristic that a block chain can realize traceability and non-tampering of data is fully utilized, and the method has the characteristics that:
1. Based on the principle of cryptography, the information can not be falsified and is prevented from being forged;
2. the distributed data storage enables the interactive process of the data to be public and transparent;
3. compared with the traditional tracing method, the method can effectively save cost and improve efficiency;
4. the data of the block chain technique shares complete openness.
Aiming at the problem that data is shared by all nodes and privacy data is easy to leak in the existing agricultural product traceability information sharing method based on the block chain technology, the embodiment of the invention provides a novel agricultural product traceability information sharing-privacy protection method, as shown in fig. 1, which includes but is not limited to the following steps:
step S1, decrypting the key value pair in the block chain network by using the private key of the authorized viewing node to obtain private data; the key-value pair comprises a public key of the authorized viewing node and a secret key of the secondary encryption.
All nodes in the block chain network are equal to ensure the disclosure of data, and as the block chain is subjected to decentralized management control, but an admission mechanism and data of the block chain are completely disclosed and shared, the situation of privacy data leakage is inevitable, and the privacy data of an enterprise cannot be protected. In order to ensure that data cannot be tampered, enterprise data must be uploaded to a block link network, in order to protect the private data, the private data needs to be encrypted for chaining, and how to share and authorize the encrypted data becomes a key point for protecting key information.
According to the agricultural product traceability information sharing-privacy protection method provided by the embodiment of the invention, on one hand, before the private data is uploaded to the blockchain network, the private data is encrypted once by using an intelligent contract, so that a ciphertext obtained after the private data is encrypted is stored in the blockchain network, and the private data is prevented from being leaked; on the other hand, the key which is encrypted for the first time is encrypted for the second time, and the key pair which is composed of the key which is encrypted for the second time and the ciphertext which is encrypted for the first time is uploaded and stored into the block chain network; and finally, the permission of data decryption on the authorized check node blockchain is given, so that the private data can be shared in the blockchain network according to the private key of the private data.
According to the method provided by the embodiment of the invention, the primary encrypted secret key is encrypted for the second time, and the intelligent contract is used for only giving the authorized check node the decryption right for the private data, so that the sharing of the encrypted data is realized, and the security of the tracing data is effectively improved.
Based on the content of the foregoing embodiment, as an optional embodiment, before the decrypting the key-value pair in the blockchain network by using the private key of the authorized view node, the method may further include the following steps:
Determining private data in agricultural product traceability information; the method comprises the steps of encrypting privacy data for the first time, obtaining a key encrypted for the first time, and encrypting a public key of an authorized view node and the key encrypted for the first time for the second time to obtain a key encrypted for the second time; and forming a key value pair by the public key of the authorized viewing node and the secret key of the secondary encryption, and uploading the key value pair to the block chain network.
Specifically, in the agricultural product traceability information sharing-privacy protection method provided by the embodiment of the present invention, the authorized viewing node includes a step of uploading the private data to the blockchain network before reading the private data.
As the agricultural product tracing information includes private data that the enterprise needs to perform encryption protection and public data that does not need to perform encryption protection, as shown in fig. 2, in the embodiment of the present invention, whether all the agricultural product tracing information needs to be encrypted is determined, and the private data is screened out. Uploading public data which does not need to be encrypted directly to a blockchain network; for data needing encryption protection, the data are encrypted according to the following method and then uploaded to a block chain network:
firstly, based on the existing block chain encryption method (such as CBC encryption), the private data is encrypted once, including the private data is converted into a fixed encryption format; and encrypting the formatted private data by using the key and the initial vector which are encrypted once to obtain a ciphertext which is encrypted once. The key of the required one-time encryption is randomly generated according to the intelligent contract. And uploading the encrypted ciphertext to a block chain network, and broadcasting to other nodes.
Further, since the encryption process and the decryption process of the conventional encryption algorithm use the same key, the security of the private data depends not only on the strength of the encryption algorithm itself, but also on whether the key encrypted once is safely kept. In the embodiment of the invention, in order to ensure the safety management of the Key encrypted for the first time, the Key is encrypted for the second time, and the Public Key (Pb) used for encryption is the Public Key of the authorized viewing node. And (4) forming a key value pair by the public key of the authorized viewing node and the secondarily encrypted key1, and uploading the key value pair to the blockchain network for storage.
When the authorized checking node needs to read the private data stored on the blockchain network, the key value pair in the blockchain network only needs to be decrypted according to the private key of the authorized checking node, and the public key of the authorized checking node and the secret key of the secondary encryption are obtained; acquiring a primary encrypted key by using the secondary encrypted key; and then, decrypting the once-encrypted ciphertext by using the once-encrypted secret key, so that the private data required to be read by the authorized viewing node can be obtained. It should be noted that, for an unauthorized viewing node, since the unauthorized viewing node does not have an authorized private key, the unauthorized viewing node cannot read the key value pair to decrypt, and therefore cannot read the corresponding private data.
According to the agricultural product traceability information sharing-privacy protection method provided by the embodiment of the invention, the enterprise privacy data is encrypted, so that authorized nodes can see the related information, unauthorized nodes cannot read other node data, and the enterprise privacy data is effectively protected.
Based on the content of the foregoing embodiment, as an optional embodiment, the uploading a key-value pair composed of a public key of an authorized view node and a key of secondary encryption to a block chain network specifically includes: and uploading the key-value pairs to the block chain network after the key-value pairs are stored in the world state in the intelligent contract.
Specifically, the agricultural product traceability information sharing-privacy protection method provided by the embodiment of the invention realizes reasonable authorization of data in the block when the intelligent contract is written. In the process of uploading and storing data at the later stage, when private data of enterprise nodes need to be uploaded to a block chain system, firstly, an intelligent contract needs to be called to verify the private data, the private data is converted into a fixed encryption format after verification, and then, the private data is encrypted for the first time and the secret key encrypted for the first time is encrypted for the second time. And finally, forming a key value pair by the secondarily encrypted secret key and the public key of the authorized viewing node, storing the key value pair in a World State (World State) in the intelligent contract, and writing the key value pair into a block chain.
According to the agricultural product traceability information sharing-privacy protection method provided by the embodiment of the invention, different authorization is carried out on different nodes, so that privacy data stored on a block chain is an encrypted ciphertext, even if all nodes in a block chain network can check the shared data on the chain, the difference of reading current encrypted data among the nodes is caused because unauthorized nodes do not have decrypted keys, and the characteristics of equality of all nodes in the block chain are broken in terms of the reading mode of the current data, so that the purpose of protecting the privacy data is achieved.
Based on the content of the foregoing embodiment, as an optional embodiment, the determining the private data in the agricultural product tracing information may include: calling an intelligent contract to verify the agricultural product traceability information; if the agricultural product traceability information needs encryption processing, defining the agricultural product traceability information as private data; if the agricultural product traceability information does not need encryption processing, the agricultural product traceability information is defined as public data and is directly uploaded to the block chain network.
Specifically, the agricultural product traceability data is uploaded by calling an intelligent contract through a node, when the intelligent contract is made, a convention condition for judging whether data is encrypted or not can be set in the intelligent contract in advance, and when the agricultural product traceability information meets the convention condition, the agricultural product traceability information is judged to need to be encrypted; and if the agricultural product traceability information does not meet the agreed conditions, judging that the agricultural product traceability information does not need to be encrypted, defining the agricultural product traceability information as public data, and directly uploading the public data to the block chain network.
According to the agricultural product traceability information sharing-privacy protection method provided by the embodiment of the invention, the private data required to be protected by an enterprise is differentiated among nodes, the characteristics of a block chain are not changed for other data, and the problems that the enterprise private data needs encryption protection and the supply chain traceability data needs public supervision are considered from the practical situation.
Based on the content of the foregoing embodiment, as an optional embodiment, decrypting the key value pair in the blockchain network by using the private key of the authorized view node to obtain the private data includes:
decrypting the secondarily encrypted secret key by using a private key of the authorization check node according to the public key of the authorization check node to obtain a primary encrypted secret key; and decrypting the once encrypted ciphertext by using the once encrypted secret key to obtain the private data.
Alternatively, the first encryption may be a symmetric encryption and the second encryption may be an asymmetric encryption.
Alternatively, the symmetric encryption method may be a cipher block chaining mode (CBC encryption) in the AES encryption algorithm; the method of asymmetric encryption may be an elliptic curve algorithm (ECC encryption).
Wherein, regarding symmetric encryption, the public key and the private key are the same, which has the advantages that: the encryption and decryption speed is high, the occupied space is small, and the confidentiality is high. The disadvantages are that: all parties need to hold the key, and once a person leaks, the security is damaged; in addition how other keys are distributed is also a problem. Representative algorithms include DES, 3DES, AES, IDEA, etc. The method is suitable for encryption and decryption of a large amount of data and cannot be used for signing scenes.
With regard to asymmetric encryption, the public key and private key are different. The public key is generally public and accessible to a person, and the private key is generally held by the person and cannot be obtained by others. The method has the advantages that the public key and the private key are separated, the management is easy, and the key distribution is easy to complete. The disadvantage is the slow speed of encryption and decryption. The representative algorithm includes: RSA, ElGamal, elliptic curve series algorithm.
The method is generally suitable for signature scenes or key agreement and is not suitable for encryption and decryption of large amount of data.
To further illustrate the agricultural product traceability information sharing-privacy protection method provided by the embodiment of the present invention, the following description is made with reference to fig. 3:
when private data of an enterprise node need to be uploaded to a block chain system, firstly, an intelligent contract needs to be called to verify the private data, and if the private data does not need to be encrypted, the private data is directly uploaded; if encryption is needed, the data is symmetrically encrypted for one time, and meanwhile, a secret key needed by the symmetric encryption is asymmetrically encrypted by using a public key and a private key of a data node needing to be checked. And finally, uploading the encrypted ciphertext and the encrypted key to a block chain network to finish one-time node authorization. If authorization to multiple nodes is required, the step of encrypting the data is performed multiple times.
Specifically, when the private data is encrypted, the private data is firstly converted into a fixed encryption format, then the converted private data is encrypted by using a cipher block chaining mode (CBC) in an AES encryption algorithm, a key (marked as a key) required to be encrypted once is randomly generated according to an intelligent contract, and an encrypted ciphertext is uploaded to a block chain network and then broadcasted to other nodes. Since the same key is used in the encryption process and the decryption process of the symmetric encryption algorithm, the security of the private data depends not only on the strength of the encryption algorithm itself, but also on whether the key is safely kept.
In order to ensure the security management of the Key, an elliptic curve algorithm (ECC) is required to be used for encrypting the Key, a Public Key (denoted as Pb) used for encryption is a Public Key of an authorized view node, Pb and a secondarily encrypted Key (denoted as Key1) form a Key value pair, and the Key value pair is stored in a World State (World State) in an intelligent contract and written into a block chain.
When the authorized node needs to view the private data on the blockchain, the key1 on the blockchain can be decrypted by using a private key PrivateKey (denoted as Pv) of the current node to obtain a key; the private data is then decrypted using the key and viewed. And when other nodes look at the data in the block, only the ciphertext can be seen.
The node authorization method enables the private data stored in the block chain to be encrypted ciphertext, even if all nodes in the block chain network can view the shared data on the chain, the node authorization method enables part of the nodes not to have decrypted keys, so that the current encrypted data among the nodes is differentiated, the characteristics of the block chain such as the node level are broken for the current data, and the purpose of protecting the private data is achieved.
An embodiment of the present invention provides an agricultural product traceability information sharing-privacy protection system, as shown in fig. 3, including but not limited to a private data reading unit 1. The private data reading unit 1 is mainly used for decrypting key value pairs in the block chain network by using a private key of an authorized viewing node to obtain private data; the key-value pair comprises a public key of the authorized viewing node and a secret key of the secondary encryption.
Specifically, in the embodiment of the present invention, for the problem that private data is easily leaked due to data sharing of all nodes on a block chain, when an authorized node needs to check the private data on the block chain, the private data reading unit 1 may be used to decrypt a key value pair in a block chain network by using a private key of the authorized check node, and then decrypt a key1 on the block chain by using a current node private key PrivateKey (denoted as Pv), so as to obtain a key; the private data is then decrypted using the key and viewed.
It should be noted that, during specific operation, the agricultural product traceability information sharing-privacy protection system provided in the embodiment of the present invention may be used to execute the agricultural product traceability information sharing-privacy protection method in any one of the above embodiments, which is not described in detail herein.
According to the agricultural product traceability information sharing-privacy protection system provided by the embodiment of the invention, the authorized viewing nodes in the block chain network are only enabled to obtain the secondary encryption key of the encrypted data by viewing and authorizing part of the nodes, so that the security of the traceability data is effectively improved while the sharing of the encrypted data is realized.
Fig. 5 illustrates a physical structure diagram of an electronic device, which may include, as shown in fig. 5: a processor (processor)510, a communication Interface (Communications Interface)520, a memory (memory)530 and a communication bus 540, wherein the processor 510, the communication Interface 520 and the memory 530 communicate with each other via the communication bus 540. Processor 510 may call logic instructions in memory 530 to perform the following method: decrypting key value pairs in the block chain network by using a private key of an authorized viewing node to obtain private data; the key-value pair comprises a private key of the authorized viewing node and a secondarily encrypted key.
Furthermore, the logic instructions in the memory 530 may be implemented in the form of software functional units and stored in a computer readable storage medium when the software functional units are sold or used as independent products. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In another aspect, an embodiment of the present invention further provides a non-transitory computer-readable storage medium, on which a computer program is stored, where the computer program is implemented to, when executed by a processor, perform the agricultural product traceability information sharing-privacy protection method provided in the foregoing embodiments, for example, including: decrypting key value pairs in the block chain network by using a private key of an authorized viewing node to obtain private data; the key-value pair comprises a private key of the authorized viewing node and a secondarily encrypted key.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. A method for agricultural product traceability information sharing-privacy protection is characterized by comprising the following steps:
decrypting key value pairs in the block chain network by using a private key of an authorized viewing node to obtain private data;
the key-value pair comprises a public key of the authorized viewing node and a secondarily encrypted secret key.
2. The agricultural product traceability information sharing-privacy protecting method of claim 1, further comprising, before decrypting the key-value pairs in the blockchain network with the private key of the authorized view node:
determining private data in agricultural product traceability information;
encrypting the private data for one time to obtain an encrypted secret key;
Performing secondary encryption on the public key of the authorized viewing node and the primary encrypted secret key to obtain a secondary encrypted secret key;
and forming the key value pair by the public key of the authorized viewing node and the secret key of the secondary encryption, and uploading the key value pair to the block chain network.
3. The agricultural product traceability information sharing-privacy protecting method of claim 2, wherein the uploading the key-value pair consisting of the public key of the authorized view node and the secondarily encrypted key to the blockchain network comprises:
and uploading the key-value pairs to the block chain network after storing the key-value pairs in the world state of the intelligent contract.
4. The agricultural product traceability information sharing-privacy protecting method according to claim 2, wherein the determining of privacy data in the agricultural product traceability information comprises:
calling an intelligent contract to verify the agricultural product traceability information;
if the agricultural product traceability information needs to be encrypted, defining the agricultural product traceability information as private data;
and if the agricultural product traceability information does not need encryption processing, defining the agricultural product traceability information as public data, and directly uploading the public data to the block chain network.
5. The agricultural product traceability information sharing-privacy protecting method according to claim 2, wherein the decrypting key-value pairs in the blockchain network by using a private key of an authorized viewing node to obtain private data comprises:
Decrypting the secondarily encrypted secret key by using a private key of the authorization check node according to the public key of the authorization check node to obtain a primary encrypted secret key;
and decrypting the once encrypted ciphertext by using the once encrypted secret key to acquire the privacy data.
6. The agricultural product traceability information sharing-privacy protecting method according to claim 1, wherein the first encryption is a symmetric encryption and the second encryption is an asymmetric encryption.
7. The agricultural product traceability information sharing-privacy protection method of claim 6,
the symmetric encryption method is a cipher block chaining mode in an AES encryption algorithm;
the asymmetric encryption method is an elliptic curve algorithm.
8. A system for agricultural product traceability information sharing-privacy protection, comprising:
the private data reading unit decrypts the key value pair in the block chain network by using a private key of the authorized checking node to obtain private data;
the key-value pair comprises a public key of the authorized viewing node and a secondarily encrypted secret key.
9. An electronic device comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements the steps of the agricultural product traceability information sharing-privacy protection method of any one of claims 1 to 7.
10. A non-transitory computer readable storage medium, having a computer program stored thereon, wherein the computer program, when executed by a processor, implements the steps of the agricultural product traceability information sharing-privacy protection method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010549491.0A CN111859446A (en) | 2020-06-16 | 2020-06-16 | Agricultural product traceability information sharing-privacy protection method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010549491.0A CN111859446A (en) | 2020-06-16 | 2020-06-16 | Agricultural product traceability information sharing-privacy protection method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111859446A true CN111859446A (en) | 2020-10-30 |
Family
ID=72987265
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010549491.0A Pending CN111859446A (en) | 2020-06-16 | 2020-06-16 | Agricultural product traceability information sharing-privacy protection method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111859446A (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112507365A (en) * | 2020-12-16 | 2021-03-16 | 平安银行股份有限公司 | Data matching method, terminal and storage medium |
| CN113592509A (en) * | 2021-06-22 | 2021-11-02 | 北京农业信息技术研究中心 | Data tracing supervision method and system based on supply chain |
| CN114254374A (en) * | 2022-03-01 | 2022-03-29 | 北京市农林科学院信息技术研究中心 | Data tracing method and system |
| CN114266073A (en) * | 2022-03-02 | 2022-04-01 | 环球数科集团有限公司 | Data link privacy processing system based on block chain technology |
| CN114640543A (en) * | 2022-04-22 | 2022-06-17 | 浙江数新网络有限公司 | Method for cross-domain data encryption transmission and data matching in encryption state |
| CN116260662A (en) * | 2023-05-15 | 2023-06-13 | 成都信息工程大学 | Tracing storage method, tracing storage system and tracing system |
| CN116684095A (en) * | 2023-08-02 | 2023-09-01 | 杭州希智电子有限公司 | Sensor data encryption method and system based on Internet of things |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108880784A (en) * | 2018-05-28 | 2018-11-23 | 江苏众享金联科技有限公司 | User privacy information shared system under a kind of different trust domain of solution based on block chain |
| CN108900533A (en) * | 2018-08-01 | 2018-11-27 | 南京荣链科技有限公司 | A kind of shared data method for secret protection, system, terminal and medium |
| CN109711178A (en) * | 2018-12-18 | 2019-05-03 | 北京城市网邻信息技术有限公司 | A kind of storage method of key-value pair, device, equipment and storage medium |
| CN110189140A (en) * | 2019-04-16 | 2019-08-30 | 北京农业信息技术研究中心 | Agricultural product based on block chain, which are traced to the source, deposits card method and deposit system of tracing to the source |
| CN110188243A (en) * | 2019-05-10 | 2019-08-30 | 北京农业信息技术研究中心 | A kind of anti-fake information storage and method for quickly querying and the device of tracing to the source of agricultural product |
| CN110264200A (en) * | 2019-05-29 | 2019-09-20 | 中国工商银行股份有限公司 | Block chain data processing method and device |
| CN110555318A (en) * | 2019-09-17 | 2019-12-10 | 山东爱城市网信息技术有限公司 | privacy data protection method based on block chain |
| US20200153803A1 (en) * | 2018-11-08 | 2020-05-14 | Accenture Global Solutions Limited | Cryptographic datashare control for blockchain |
-
2020
- 2020-06-16 CN CN202010549491.0A patent/CN111859446A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108880784A (en) * | 2018-05-28 | 2018-11-23 | 江苏众享金联科技有限公司 | User privacy information shared system under a kind of different trust domain of solution based on block chain |
| CN108900533A (en) * | 2018-08-01 | 2018-11-27 | 南京荣链科技有限公司 | A kind of shared data method for secret protection, system, terminal and medium |
| US20200153803A1 (en) * | 2018-11-08 | 2020-05-14 | Accenture Global Solutions Limited | Cryptographic datashare control for blockchain |
| CN109711178A (en) * | 2018-12-18 | 2019-05-03 | 北京城市网邻信息技术有限公司 | A kind of storage method of key-value pair, device, equipment and storage medium |
| CN110189140A (en) * | 2019-04-16 | 2019-08-30 | 北京农业信息技术研究中心 | Agricultural product based on block chain, which are traced to the source, deposits card method and deposit system of tracing to the source |
| CN110188243A (en) * | 2019-05-10 | 2019-08-30 | 北京农业信息技术研究中心 | A kind of anti-fake information storage and method for quickly querying and the device of tracing to the source of agricultural product |
| CN110264200A (en) * | 2019-05-29 | 2019-09-20 | 中国工商银行股份有限公司 | Block chain data processing method and device |
| CN110555318A (en) * | 2019-09-17 | 2019-12-10 | 山东爱城市网信息技术有限公司 | privacy data protection method based on block chain |
Non-Patent Citations (4)
| Title |
|---|
| 于合龙;陈邦越;徐大明;杨信廷;孙传恒;: "基于区块链的水稻供应链溯源信息保护模型研究", 农业机械学报, no. 08, pages 328 - 335 * |
| 华师傅咨询 编著: "《数据备份与恢复实用宝典》", vol. 978, 31 October 2008, 中国铁道出版社, pages: 2 - 1 * |
| 许重建 等: "区块链交易数据隐私保护方法", 计算机科学, vol. 47, no. 3, pages 281 - 286 * |
| 陈渊 等: "无线传感器网络中基于身份的加密算法研究", 计算机应用与软件, no. 12, pages 302 - 304 * |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112507365A (en) * | 2020-12-16 | 2021-03-16 | 平安银行股份有限公司 | Data matching method, terminal and storage medium |
| CN112507365B (en) * | 2020-12-16 | 2023-08-22 | 平安银行股份有限公司 | Data matching method, terminal and storage medium |
| CN113592509A (en) * | 2021-06-22 | 2021-11-02 | 北京农业信息技术研究中心 | Data tracing supervision method and system based on supply chain |
| CN113592509B (en) * | 2021-06-22 | 2023-09-12 | 北京农业信息技术研究中心 | Data tracing supervision method and system based on supply chain |
| CN114254374B (en) * | 2022-03-01 | 2022-07-01 | 北京市农林科学院信息技术研究中心 | Data tracing method and system |
| CN114254374A (en) * | 2022-03-01 | 2022-03-29 | 北京市农林科学院信息技术研究中心 | Data tracing method and system |
| CN114266073B (en) * | 2022-03-02 | 2022-05-17 | 环球数科集团有限公司 | Data link privacy processing system based on block chain technology |
| CN114266073A (en) * | 2022-03-02 | 2022-04-01 | 环球数科集团有限公司 | Data link privacy processing system based on block chain technology |
| CN114640543A (en) * | 2022-04-22 | 2022-06-17 | 浙江数新网络有限公司 | Method for cross-domain data encryption transmission and data matching in encryption state |
| CN114640543B (en) * | 2022-04-22 | 2024-02-13 | 浙江数新网络有限公司 | Method for matching data between cross-network domain data encryption transmission and encryption state |
| CN116260662A (en) * | 2023-05-15 | 2023-06-13 | 成都信息工程大学 | Tracing storage method, tracing storage system and tracing system |
| CN116260662B (en) * | 2023-05-15 | 2023-07-18 | 成都信息工程大学 | Tracing storage method, tracing storage system and tracing system |
| CN116684095A (en) * | 2023-08-02 | 2023-09-01 | 杭州希智电子有限公司 | Sensor data encryption method and system based on Internet of things |
| CN116684095B (en) * | 2023-08-02 | 2023-09-29 | 杭州希智电子有限公司 | Sensor data encryption method and system based on Internet of Things |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3451579B1 (en) | Multiple-phase rewritable blockchain | |
| US10305875B1 (en) | Hybrid blockchain | |
| CN111130757B (en) | Multi-cloud CP-ABE access control method based on block chain | |
| CN108418680B (en) | Block chain key recovery method and medium based on secure multi-party computing technology | |
| CN111859446A (en) | Agricultural product traceability information sharing-privacy protection method and system | |
| Gupta et al. | Secure data storage and sharing techniques for data protection in cloud environments: A systematic review, analysis, and future directions | |
| CN107911216A (en) | A kind of block chain transaction method for secret protection and system | |
| US8806200B2 (en) | Method and system for securing electronic data | |
| CN107766724A (en) | A kind of construction method of trusted computer platform software stack function structure | |
| JPH1041932A (en) | Ciphering key recovery method and equipment | |
| JP2023500570A (en) | Digital signature generation using cold wallet | |
| CN111274599A (en) | Data sharing method based on block chain and related device | |
| US11741247B2 (en) | Smart privacy and controlled exposure on blockchains | |
| Kroll et al. | Secure protocols for accountable warrant execution | |
| CN116155483A (en) | Block chain signing machine safety design method and signing machine | |
| Ramprasath et al. | Protected Data Sharing using Attribute Based Encryption for Remote Data Checking in Cloud Environment | |
| CN112673591A (en) | System and method for providing authorized third parties with secure key escrow access to a secret public ledger | |
| US11770263B1 (en) | Systems and methods for enforcing cryptographically secure actions in public, non-permissioned blockchains using bifurcated self-executing programs comprising shared digital signature requirements | |
| Mezher et al. | Secure Health Information Exchange (S-HIE) Protocol with Reduced Round-Trip Count | |
| Mieno et al. | Formal Verification of Authenticated Encryption with Associated Data with Tamarin Prover | |
| CN117216786A (en) | Crowd-sourced platform statistical data on-demand sharing method based on blockchain and differential privacy | |
| CN114553557A (en) | Key calling method, key calling device, computer equipment and storage medium | |
| CN115550006A (en) | Cloud control platform self-adaptive security protection method based on cloud control platform trust authority confirmation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |