CN111865563A - Civil aviation passenger data safety protection and anti-falsification scheme based on alliance chain - Google Patents

Civil aviation passenger data safety protection and anti-falsification scheme based on alliance chain Download PDF

Info

Publication number
CN111865563A
CN111865563A CN202010730686.5A CN202010730686A CN111865563A CN 111865563 A CN111865563 A CN 111865563A CN 202010730686 A CN202010730686 A CN 202010730686A CN 111865563 A CN111865563 A CN 111865563A
Authority
CN
China
Prior art keywords
information
block
passenger
airport
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010730686.5A
Other languages
Chinese (zh)
Other versions
CN111865563B (en
Inventor
罗喜伶
王晓超
柏艺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beihang University
Original Assignee
Beihang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beihang University filed Critical Beihang University
Priority to CN202010730686.5A priority Critical patent/CN111865563B/en
Publication of CN111865563A publication Critical patent/CN111865563A/en
Application granted granted Critical
Publication of CN111865563B publication Critical patent/CN111865563B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0861Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The invention relates to a civil aviation passenger data security protection and anti-falsification scheme based on a alliance chain, which adopts the technical means of digital signature, symmetric encryption, block chains and the like and aims to solve the problems of the current civil aviation passenger data privacy protection, security storage and the like. The passenger needs to register an id account, the airport generates a symmetric encryption key Msk related to the id account, and the private information M is operated by an AES symmetric encryption algorithm to obtain a ciphertext C. And uploading the C to a cloud service database by the airport, obtaining a data address pointer P, and publicly releasing the airport number, the passenger ID, the ciphertext hash, the BLS signature and the address pointer P as a message body. And after obtaining the message body, each node of the alliance chain carries out BLS signature verification, and after the verification is passed, the message is added into the block body information list of the node. In establishing a new block, an improved BLS threshold signature algorithm needs to be performed to ensure security and authority. Because the information uploaded to the database is in a ciphertext form, and the information in the block chain cannot be tampered and permanently stored, the invention provides powerful guarantee for the privacy and the safety of the passenger information.

Description

Civil aviation passenger data safety protection and anti-falsification scheme based on alliance chain
Technical Field
The invention relates to the technical field of information privacy protection and block chaining, in particular to a civil aviation passenger data security protection and anti-falsification scheme based on a alliance chain.
Background
With the rapid development of Chinese economy, China's civil aviation industry has also gained rapid development. By the end of 2018 years, China civil aviation completes 6.60 hundred million passenger traffic all the year, which is 7.9 percent higher than the last year, and completes 11705.12 hundred million passenger kilometers, which is 9.3 percent higher than the last year. Wherein, the passenger traffic of domestic airlines is 5.75 hundred million people and is increased by 7.0%, and the passenger throughput of civil aviation transport airports is 13.52 hundred million people and is increased by 6.9% compared with the last year. The finished goods and mail throughput is 1710.0 ten thousand tons, and the increase is 2.1 percent.
More and more people select airplanes as vehicles when going out, thereby bringing a series of personal information safety problems. There are many insecure factors in the internet, and passive attacks such as network eavesdropping cause great harm to the security and privacy of passenger information. Once the passenger information is revealed, it can be used by lawbreakers to obtain improper benefits. In addition, the history information of the passenger may be deleted or tampered by others, and the unpredictable effect is also brought.
At present, the research on the civil aviation passenger information security scheme is less in China, the invention provides a civil aviation passenger data security and privacy protection method based on an alliance chain aiming at the problems that the safety and privacy protection capability of the civil aviation passenger data is not strong, the civil aviation passenger data is easy to be distorted by others, the information is lost and the like, and the problems are successfully solved.
Disclosure of Invention
The invention provides a civil aviation passenger data security protection and anti-falsification scheme based on a alliance chain, which adopts the technical means of digital signature, symmetric encryption, block chains and the like and aims to solve the problems of the privacy protection, the security storage and the like of the current civil aviation passenger data.
A civil aviation passenger data security protection and anti-falsification scheme based on a alliance chain comprises the following steps:
s1: system initialization, by trusted authority for each airport AiGenerating a key pair
Figure BDA0002603129330000021
And publishes the public key.
S2: passenger BiTo airport AiProviding own private information (such as certificate information and fingerprints) to register an ID account, and operating a deterministic encryption algorithm by a trusted authorization center to obtain a unique identity identifier ID of a passenger;
s3: passenger BiAfter personal information M (such as flight information, seat codes, departure arrival time, additional services and the like) is generated during the activity of the airport, the personal information M is automatically uploaded to a cache area to be encrypted, and the airport AiGenerating an AES encryption key for the current message M according to the information such as the ID of the user
Figure BDA0002603129330000022
S4: airport AiBy using
Figure BDA0002603129330000023
And carrying out AES encryption on the plaintext M to obtain a ciphertext C, calculating the hash value of the ciphertext C and the global hash value h containing other identity information, and uploading the hash value to a cloud service database.
S5: after uploading the data, airport AiObtaining C address pointer P in databaseiUsing a private key
Figure BDA0002603129330000024
Computing a BLS digital signature for a message M
Figure BDA0002603129330000025
And combining the signature and other information into a message body, publishing the message body in an open mode, and waiting for the next operation of the alliance chain node.
S6: after information in a message body acquired by each node of a alliance chain, firstly, a BLS signature is verified
Figure BDA0002603129330000026
If not, directly deleting; otherwise, the next step is carried out.
S7: according to the pointer position PiVerifying whether a ciphertext C in the cloud service database exists or not, if so, calculating the hash value of SHA-256 of the cloud data, and comparing the hash value with the messageHash value H in volumeSHA-256(C) If not, rejecting the information and feeding back to the airport to wait for the retransmission; otherwise, the message body can be added into the block body information list.
S8: when a new block is generated, the federation link node z needs to compress all records in the block body information list into a Merkle root by using a Merkle hash algorithm, and calculate the SHA-256 hash value H of the block head of the previous blockpAnd generating a current time stamp T, wherein the three data are used for generating a signature sigma of a node z of the federation chainz
Will (sigma)z,HpT, Merkle, block body information list) as a quasi block, and the rest of the federation chain nodes verify the quasi block content. In the scheme, the threshold signature of the alliance chain is an improved algorithm based on the BLS signature. If t-1 alliance chain nodes pass the verification, each alliance chain node sends the signature sigma of the node z to the node z12,...,σt-1Node z can generate a threshold signature. Node z can then create a new tile and publish it all over the network. After the rest nodes of the alliance chain verify the threshold signature by using the group public key, adding the generated new block into the existing block chain to complete the block chain updating; and deleting the messages in the block body related to the respective message pools to finish the updating of the message pools.
S9: when the passenger wants to inquire his/her information, he/she first goes to airport AiAnd submitting an application, including information such as ID and the like. After passing the verification, the airport sends the encryption key to the passenger
Figure BDA0002603129330000031
And a pointer PiAnd the passenger can download the ciphertext C from the cloud service database and decrypt the ciphertext C to obtain the information M.
As a further supplement of the invention, when a passenger registers and generates an id account, the passenger binds a mobile phone number, a mailbox, an address and the like according to the identity number, the biological characteristic information (fingerprint, iris) and the like of the passenger. And the unique ID authentication corresponding to the unique ID information or the biological characteristics is obtained by utilizing the unique identity information or the biological characteristics, so that the safety and the reliability of the ID account are ensured.
As a further supplement to the present invention, personal information is sent to the airport via short messages, emails or other private channels, further enhancing the reliability of the information. And when the system is deemed unsafe, authentication needs to be performed again, for example, a camera is turned on for face recognition.
As a further supplement to the present invention, airport AiPassenger information M is encrypted by adopting a symmetric encryption algorithm AES, and an obtained ciphertext C is stored in a cloud end, so that direct leakage of the information M is avoided; the method adopts the BLS digital signature system to sign the message blocks including the message M, can efficiently obtain short signatures shorter than RSA signatures, saves space, and also ensures the source safety and reliability of the cloud end message C. The threshold signature in the alliance chain is an improved algorithm based on the BLS signature, can be efficiently realized, and further guarantees that the block chain cannot be tampered by the participation of all nodes in the alliance chain in verification.
As a further supplement to the present invention, in step S3, the hash function and the truncation function are used to generate the AES encryption key, so as to ensure that the 128-bit key meeting the AES encryption length requirement is obtained, for example, the specific example is
Figure BDA0002603129330000046
Where F' is a truncation function. Because the encryption information M is encrypted by the AES symmetric encryption algorithm, the security is sufficiently ensured. And the secret key generated by the method
Figure BDA0002603129330000041
Different messages for the same user are different, and even if the key is leaked, the leakage of the information can be reduced to the maximum extent.
As a further supplement of the invention, the cloud database stores data and stores information according to an agreed protocol, so that the information is convenient to read. The user can integrate own information at any time, and after submitting the information M to be encrypted and integrated, a new encryption key can be generated according to the protocol
Figure BDA0002603129330000042
And rewriting the data into the cloud server and recording the data by the blockchain.
As a further complement to the inventionEach piece of information in the district block comprises an airport AiPassenger ID, ciphertext Hash HSHA-256(C) Airport signature
Figure BDA0002603129330000043
File pointer PiThe above five contents constitute a complete block information record. Airport AiPublic key information is provided when signature is verified, passenger identification ID is convenient for rapidly recovering AES key
Figure BDA0002603129330000044
Ciphertext Hash is used for confirming information integrity and airport signature in cloud server
Figure BDA0002603129330000045
Providing source and authority, file pointer PiThe corresponding ciphertext C is indicated.
As a further complement to the present invention, the block header includes: threshold signature sigma, coalition link point signature sigma for generating the blockzHash value of previous block header HpAnd a timestamp of T, Merkle.
The invention provides a civil aviation passenger data security protection and anti-tampering scheme based on a alliance chain, which adopts a BLS digital signature technology to ensure verifiability and authority of cloud storage data, adopts an AES symmetric encryption technology to ensure privacy security, and adopts a block chain technology to ensure that the data can be tracked and cannot be tampered. Because the information uploaded to the database is in a ciphertext form, and the information in the block chain cannot be tampered and permanently stored, the invention provides powerful guarantee for the privacy and the safety of passenger data.
Drawings
FIG. 1 is a flow chart of a coalition-chain-based civil aviation passenger data security protection and tamper prevention scheme provided by the invention.
FIG. 2 is a system model of a coalition-chain-based civil aviation passenger data security protection and anti-tampering scheme according to the present invention.
Fig. 3 is a block diagram of an embodiment of the invention.
Detailed Description
The present invention is described in detail below with reference to the detailed description and the attached drawings, but it should be understood that the examples and the attached drawings are only used for the illustrative description of the present invention and do not limit the protection scope of the present invention in any way. All reasonable variations and combinations that fall within the spirit of the invention are intended to be within the scope of the invention.
FIG. 1 is a flow chart of a civil aviation passenger data security protection and tamper prevention scheme based on a alliance chain, which comprises the following specific implementation steps:
s1: system initialization, by trusted authority for each airport AiRunning the key generation algorithm, the system selects two cyclic groups (G) of order prime q1,G2),g1And g2Is G1And G2Is a generator of (A), and (G)1,G2) Is a co-GDH cluster pair, i.e., the CDH problem on the cluster is difficult and the DDH problem is simple. Randomly selecting x ← ZpCalculating v ← g2 x∈G2. Then A isiIs a key pair of
Figure BDA0002603129330000051
S2 passenger BiTo airport AiProviding own private information (such as certificate information and fingerprints) registration ID account, and operating a deterministic encryption algorithm (such as an HMAC algorithm) by a trusted authorization center to obtain a unique identity identifier ID of a passenger;
s3: passenger BiAfter personal information M (such as flight information, seat codes, departure arrival time, additional services and the like) is generated in airport activities, the personal information M is automatically uploaded to a cache area to be encrypted, namely an airport Ai(i.e., the data owner) takes different inputs to compute the AES key based on different information categories. For example, for service information surrounding a flight and a series of flights, the Hash ← H can be calculated using ID, flight number and flight date as input to SHA-256 Hash functionSHA-256(ID||date||idplane) Is aThe method ensures that the requirement that the length of the AES encryption key is 128 bits is met in the next step, and the key is obtained by using a truncation function
Figure BDA0002603129330000061
S4 airport AiUsing cryptographic keys
Figure BDA0002603129330000062
AES encryption is carried out on the plaintext M to obtain a ciphertext C, and then the hash value H of the ciphertext C is calculatedSHA-256(C) And H ← H (A)i||ID||HSHA-256(C) Note that the hash function H here is a global hash function satisfying H {0,1}*→G1. After the above calculation is completed, airport AiAnd uploading the ciphertext C to a cloud service database through a secure channel.
S5: airport A after uploading data to the cloud service databaseiCiphertext C address pointer P stored in database can be obtainedi. Then based on the private key
Figure BDA0002603129330000063
And h ∈ G1At G1Upper calculation
Figure BDA0002603129330000069
Can obtain information about the passenger BiBLS signature of message M
Figure BDA0002603129330000064
To transmit information
Figure BDA0002603129330000065
And marking as a message body, publishing the message body to a message pool in a public mode, and waiting for the next operation of the block alliance link node.
S6: after each node of the federation chain acquires the message in the message pool, whether the message is legal or not needs to be verified firstly, and the message can be verified to be a BLS signature
Figure BDA0002603129330000066
And (5) realizing. Alliance link node airport sequence number A by searchingiObtaining its public key in public key base
Figure BDA0002603129330000067
Calculate H' ← H (A)i||ID||HSHA-256(C) Verify that
Figure BDA0002603129330000068
If the message is a co-DDH group, if not, the message is a pseudo message and is directly deleted; otherwise, the next step is carried out.
S7: according to the pointer position PiVerifying whether data in the cloud service database exist or not, if so, calculating the hash value of SHA-256 of the cloud data, and comparing the hash value with the hash value H in the message bodySHA-256(C) If not, rejecting the information and feeding back the information to the airport to wait for the retransmission check; otherwise, the message body can be added into the block body information list. Whether the hash values are equal is verified, and the fact that information stored in the cloud service is not missed or tampered is further guaranteed.
S8: in the block chain establishment, the initialization is performed by the trusted authority first. In the scheme, the threshold signature of the alliance chain is an improved algorithm based on the BLS signature. And taking the number of the alliance chain nodes as n, and taking the number of the executing threshold signature alliance chain nodes as t. Let p be a large prime number, the algorithm is built in group ZpAnd there is one cyclic group G satisfying the bilinear property, where G is one generator of the cyclic group. The scheme uses a global hash function to satisfy the following conditions: h {0,1}*→G。
First, a central mechanism generates a private key x ← ZpU ← G, and public key v ← Gx. Then randomly selecting a polynomial omega epsilon Z with the degree of at most t-1p[X]So that ω (0) is x. For n nodes, each node is given a respective private key ωi=xiAfter that, the group public key pk ═ (v, u) and the public keys of the n nodes are issued
Figure BDA0002603129330000071
When generating a new block, the federation chain node z needs to beCompressing all records in the block information list into a Merkle root by using Merkle hash algorithm, and calculating SHA-256 hash value H of block head of the previous blockpAnd generating a current time stamp T, wherein the three data are used for generating a signature sigma of a node z of the federation chainz
Let M ← (H)p||T||merkle)∈{0,1}*Node z can use its own private key omegaz=xzGenerating signatures
Figure BDA0002603129330000072
Will (sigma)z,HpT, Merkle, block body information list) as a quasi block, and the rest of the federation chain nodes verify the quasi block content, i.e., verify e (σ)z,g)=e(H(M)·uM,vz) Whether or not this is true. After verification, each alliance chain node sends own signature to the node z
Figure BDA0002603129330000073
Without loss of generality, assume that a total of t node signatures complete σ12,...,σtNode z can generate a complete threshold signature under the group public key pk ═ v, u):
Figure BDA0002603129330000074
wherein:
Figure BDA0002603129330000075
node z can then create a new tile and publish it across the network, the contents of this tile being shown in fig. 3. After the rest nodes of the alliance chain verify the threshold signature by using the group public key, adding the generated new block into the existing block chain to complete the block chain updating; and deleting the messages in the block body related to the respective message pools to finish the updating of the message pools.
S9: when passenger BiWhen wanting to inquire about own information, firstly submit the inquiry application to the airport through id account number, fingerprint or other identity information. After the verification is passed, the airport can recover the information to be inquired according to different information records to be inquiredOf AES
Figure BDA0002603129330000076
(due to different master key generation modes for different messages), sending key and ciphertext pointer PiTo the passenger. The passenger can download the ciphertext C from the cloud service database and decrypt the ciphertext C to obtain the information M.
The above examples are merely preferred embodiments of the present invention, and the scope of the present invention is not limited to the above examples. All technical schemes belonging to the idea of the invention belong to the protection scope of the invention. It should be noted that all other embodiments obtained by a person skilled in the art without making any inventive step should also be considered as the scope of protection of the present invention.

Claims (8)

1. A civil aviation passenger data security protection and anti-falsification scheme based on a alliance chain is characterized by comprising the following steps:
s1: system initialization, by trusted authority for each airport AiGenerating a key pair
Figure FDA0002603129320000011
And publishes the public key.
S2: passenger BiTo airport AiProviding own private information (such as certificate information and fingerprints) to register an ID account, and operating a deterministic encryption algorithm by a trusted authorization center to obtain a unique identity identifier ID of a passenger;
s3: passenger BiAfter personal information M (such as flight information, seat codes, departure arrival time, additional services and the like) is generated during the activity of the airport, the personal information M is automatically uploaded to a cache area to be encrypted, and the airport AiGenerating an AES encryption key for the current message M according to the information such as the ID of the user
Figure FDA0002603129320000012
S4: airport AiBy using
Figure FDA0002603129320000013
And carrying out AES encryption on the plaintext M to obtain a ciphertext C, calculating the hash value of the ciphertext C and the global hash value h containing other identity information, and uploading the hash value to a cloud service database.
S5: after uploading the data, airport AiObtaining C address pointer P in databaseiUsing a private key
Figure FDA0002603129320000014
Computing a BLS digital signature for a message M
Figure FDA0002603129320000015
And combining the signature and other information into a message body, publishing the message body in an open mode, and waiting for the next operation of the alliance chain node.
S6: after information in a message body acquired by each node of a alliance chain, firstly, a BLS signature is verified
Figure FDA0002603129320000016
If not, directly deleting; otherwise, the next step is carried out.
S7: according to the pointer position PiVerifying whether a ciphertext C in the cloud service database exists or not, if so, calculating the hash value of SHA-256 of the cloud data, and comparing the hash value with the hash value H in the message bodySHA-256(C) If not, rejecting the information and feeding back to the airport to wait for the retransmission; otherwise, the message body can be added into the block body information list.
S8: when a new block is generated, the federation link node z needs to compress all records in the block body information list into a Merkle root by using a Merkle hash algorithm, and calculate the SHA-256 hash value H of the block head of the previous blockpAnd generating a current time stamp T, wherein the three data are used for generating a signature sigma of a node z of the federation chainz
Will (sigma)z,HpT, Merkle, block body information list) as a quasi block, and the rest of the federation chain nodes verify the quasi block content. In this scenario, the threshold signature of the federation chain is oneAn improved algorithm based on BLS signatures. If t-1 alliance chain nodes pass the verification, each alliance chain node sends the signature sigma of the node z to the node z12,...,σt-1Node z can generate a threshold signature. Node z can then create a new tile and publish it all over the network. After the rest nodes of the alliance chain verify the threshold signature by using the group public key, adding the generated new block into the existing block chain to complete the block chain updating; and deleting the messages in the block body related to the respective message pools to finish the updating of the message pools.
S9: when the passenger wants to inquire his/her information, he/she first goes to airport AiAnd submitting an application, including information such as ID and the like. After passing the verification, the airport sends the encryption key to the passenger
Figure FDA0002603129320000021
And a pointer PiAnd the passenger can download the ciphertext C from the cloud service database and decrypt the ciphertext C to obtain the information M.
2. The method as claimed in claim 1, wherein when the passenger registers and generates the id account, the passenger binds the mobile phone number, mailbox, address, etc. according to his/her identity number and biometric information (fingerprint, iris), etc.
3. The method of claim 1, wherein the personal information is sent to the airport via sms, mail or other private channel.
4. The method of claim 1, wherein airport aiPassenger information M is encrypted by adopting a symmetric encryption algorithm AES, and message blocks including the message M are signed by adopting a BLS digital signature system; threshold signatures in federation chains are an improved algorithm based on BLS signatures.
5. The method of claim 1, wherein in step S3, the AES encryption key generation uses a hash function and a truncation function to ensure that a key that meets the length requirement is obtainedExamples of bodies are
Figure FDA0002603129320000031
Where F' is a truncation function.
6. The method of claim 1, wherein the cloud database stores data for easy reading by storing the information according to a well-agreed protocol. The user can integrate own information at any time, rewrite the information into the cloud server and record the information by the block chain.
7. The method of claim 1, wherein each piece of information in the block of zones comprises airport aiPassenger ID, ciphertext Hash HSHA-256(C) Airport signature
Figure FDA0002603129320000032
File pointer PiThe above five contents constitute a complete block information record.
8. The method of claim 1, wherein the block header comprises: threshold signature sigma, coalition link point signature sigma for generating the blockzHash value of previous block header HpAnd a timestamp of T, Merkle.
CN202010730686.5A 2020-07-27 2020-07-27 Civil aviation passenger data security protection and anti-falsification method based on alliance chain Active CN111865563B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010730686.5A CN111865563B (en) 2020-07-27 2020-07-27 Civil aviation passenger data security protection and anti-falsification method based on alliance chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010730686.5A CN111865563B (en) 2020-07-27 2020-07-27 Civil aviation passenger data security protection and anti-falsification method based on alliance chain

Publications (2)

Publication Number Publication Date
CN111865563A true CN111865563A (en) 2020-10-30
CN111865563B CN111865563B (en) 2022-01-14

Family

ID=72947705

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010730686.5A Active CN111865563B (en) 2020-07-27 2020-07-27 Civil aviation passenger data security protection and anti-falsification method based on alliance chain

Country Status (1)

Country Link
CN (1) CN111865563B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112261154A (en) * 2020-11-23 2021-01-22 国网能源研究院有限公司 Power grid data file storage method and device and electronic equipment
CN112906067A (en) * 2021-03-22 2021-06-04 北京送好运信息技术有限公司 Block chain data preservation method based on e-mail transfer mode
CN112988678A (en) * 2021-05-11 2021-06-18 江苏荣泽信息科技股份有限公司 Wisdom cloud data safety protection system based on block chain
CN115001720A (en) * 2022-08-05 2022-09-02 北京融数联智科技有限公司 Optimization method, device, medium and equipment for safe transmission of federal learning modeling
CN115150417A (en) * 2022-07-01 2022-10-04 南方电网电力科技股份有限公司 Data storage method based on block chain and related device
CN115348114A (en) * 2022-10-19 2022-11-15 浙江浩普智能科技有限公司 Intelligent power plant data safety transmission method and system, electronic equipment and medium
CN116760651A (en) * 2023-08-22 2023-09-15 中国航空结算有限责任公司 Data encryption method and device, electronic equipment and readable storage medium
CN117372019A (en) * 2023-12-01 2024-01-09 青岛民航凯亚系统集成有限公司 Civil aviation airport settlement system and method based on blockchain platform alliance chain

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110457926A (en) * 2019-08-13 2019-11-15 重庆邮电大学 It is a kind of industry Internet of Things in based on data encryption storage data sharing method
CN110930251A (en) * 2019-10-18 2020-03-27 如般量子科技有限公司 Anti-quantum computing cloud storage method and system based on alliance chain and implicit certificate
US20200162251A1 (en) * 2018-11-09 2020-05-21 Ares Technologies, Inc. Systems and methods for distributed key storage

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200162251A1 (en) * 2018-11-09 2020-05-21 Ares Technologies, Inc. Systems and methods for distributed key storage
CN110457926A (en) * 2019-08-13 2019-11-15 重庆邮电大学 It is a kind of industry Internet of Things in based on data encryption storage data sharing method
CN110930251A (en) * 2019-10-18 2020-03-27 如般量子科技有限公司 Anti-quantum computing cloud storage method and system based on alliance chain and implicit certificate

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
呼阳,陈亮: "基于区块链的生产线数据共享方案研究", 《应用天地》 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112261154A (en) * 2020-11-23 2021-01-22 国网能源研究院有限公司 Power grid data file storage method and device and electronic equipment
CN112906067A (en) * 2021-03-22 2021-06-04 北京送好运信息技术有限公司 Block chain data preservation method based on e-mail transfer mode
CN112906067B (en) * 2021-03-22 2024-02-23 北京送好运信息技术有限公司 Block chain data preservation method based on e-mail transmission mode
CN112988678A (en) * 2021-05-11 2021-06-18 江苏荣泽信息科技股份有限公司 Wisdom cloud data safety protection system based on block chain
CN115150417A (en) * 2022-07-01 2022-10-04 南方电网电力科技股份有限公司 Data storage method based on block chain and related device
CN115001720A (en) * 2022-08-05 2022-09-02 北京融数联智科技有限公司 Optimization method, device, medium and equipment for safe transmission of federal learning modeling
CN115001720B (en) * 2022-08-05 2022-10-04 北京融数联智科技有限公司 Optimization method, device, medium and equipment for safe transmission of federal learning modeling
CN115348114A (en) * 2022-10-19 2022-11-15 浙江浩普智能科技有限公司 Intelligent power plant data safety transmission method and system, electronic equipment and medium
CN115348114B (en) * 2022-10-19 2023-02-28 浙江浩普智能科技有限公司 Intelligent power plant data safety transmission method and system, electronic equipment and medium
CN116760651A (en) * 2023-08-22 2023-09-15 中国航空结算有限责任公司 Data encryption method and device, electronic equipment and readable storage medium
CN117372019A (en) * 2023-12-01 2024-01-09 青岛民航凯亚系统集成有限公司 Civil aviation airport settlement system and method based on blockchain platform alliance chain
CN117372019B (en) * 2023-12-01 2024-03-12 青岛民航凯亚系统集成有限公司 Civil aviation airport settlement system and method based on blockchain platform alliance chain

Also Published As

Publication number Publication date
CN111865563B (en) 2022-01-14

Similar Documents

Publication Publication Date Title
CN111865563B (en) Civil aviation passenger data security protection and anti-falsification method based on alliance chain
US11062106B2 (en) Large data transfer using visual codes with feedback confirmation
CN107196966B (en) Identity authentication method and system based on block chain multi-party trust
CN106548345B (en) Method and system for realizing block chain private key protection based on key partitioning
CN109067524B (en) Public and private key pair generation method and system
CN105592100B (en) A kind of government affairs cloud access control method based on encryption attribute
CA2976795C (en) Implicitly certified digital signatures
US10559049B2 (en) Digital passport country entry stamp
CN107493273A (en) Identity identifying method, system and computer-readable recording medium
US10148422B2 (en) Implicitly certified public keys
CN101331706A (en) Secure threshold decryption protocol computation
US9600690B2 (en) Secure access for sensitive digital information
JP2003234729A (en) Revocation and updating of token in public key infrastructure system
CN105376064B (en) A kind of anonymity message authentication system and its message signing method
US11165592B2 (en) Systems and methods for a butterfly key exchange program
CN110060403A (en) The more ticket electronic voting methods of a people and system based on block chain
WO1999012144A1 (en) Digital signature generating server and digital signature generating method
CN103634788A (en) Certificateless multi-proxy signcryption method with forward secrecy
CN108551435A (en) A kind of Verifiable Encryptosystem group signature method with anonymity
CN110336673A (en) A kind of block chain design method based on secret protection
CN113079177B (en) Remote sensing data sharing method based on time and decryption frequency limitation
CN110417555A (en) A kind of safe encryption method and system of personal electric signature
CN113761578A (en) Document true checking method based on block chain
CN111984959A (en) Anonymous information publishing and verifying method and device
CN113158250B (en) Privacy protection network car booking method and system for eliminating once-matched drivers

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant