CN112003889A - Distributed cross-chain system and cross-chain information interaction and system access control mechanism - Google Patents

Distributed cross-chain system and cross-chain information interaction and system access control mechanism Download PDF

Info

Publication number
CN112003889A
CN112003889A CN202010661140.9A CN202010661140A CN112003889A CN 112003889 A CN112003889 A CN 112003889A CN 202010661140 A CN202010661140 A CN 202010661140A CN 112003889 A CN112003889 A CN 112003889A
Authority
CN
China
Prior art keywords
cross
chain
relay node
block chain
attribute
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010661140.9A
Other languages
Chinese (zh)
Other versions
CN112003889B (en
Inventor
孙知信
刘晨磊
徐玉华
陈松乐
骆冰清
赵学健
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing University of Posts and Telecommunications
Original Assignee
Nanjing University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing University of Posts and Telecommunications filed Critical Nanjing University of Posts and Telecommunications
Priority to CN202010661140.9A priority Critical patent/CN112003889B/en
Publication of CN112003889A publication Critical patent/CN112003889A/en
Application granted granted Critical
Publication of CN112003889B publication Critical patent/CN112003889B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Abstract

The invention discloses a distributed cross-link system and a cross-link information interaction and system access control mechanism. The access control mechanism comprises a relay node verification block chain user, the relay node adapts block chain attributes and proxies a cross-chain message and encrypted transmission of the block chain attributes, an attribute authority issues an attribute key and a cross-chain certification for the relay node, a target block chain peer relay node receives an encrypted file, decrypts and compares the cross-chain certification, and finally the cross-chain message is received by the target block chain user so as to realize cross-chain communication. The invention can flexibly set the relay node to meet the cross-chain message agent requirement of a specific block chain, has stronger flexibility and expandability, and simultaneously provides a fine-grained access control strategy for block chain cross-chain communication by utilizing a de-centralized attribute revocable and updatable attribute password mechanism, thereby improving the safety of a block chain cross-chain system.

Description

Distributed cross-chain system and cross-chain information interaction and system access control mechanism
Technical Field
The invention relates to the technical field of block chains, in particular to a distributed cross-chain system based on an attribute cryptosystem, and also relates to a cross-chain information interaction and system access control mechanism.
Background
With the rapid development of the blockchain technology, many blockchains oriented to different application scenarios and having different characteristics are continuously present, but due to the large difference between blockchains, data communication and value transfer between different blockchains are difficult. Meanwhile, cross-link communication data among the blockchains often include important privacy information of the blockchains, and leakage of the information can seriously affect the safety of business related to the blockchains.
Disclosure of Invention
The purpose of the invention is as follows: aiming at the problems of cross-chain existing requirements and cross-chain privacy protection of a blockchain, the invention aims to provide a distributed cross-chain system based on an attribute cryptosystem, so that a cross-chain client can simultaneously initiate cross-chain messages to different blockchains, and a fine-grained access control mechanism is provided for the cross-chain system by using the attribute cryptosystem, wherein an introduced attribute revocable and accountability strategy can improve the flexibility and the safety of the cross-chain system access control mechanism. Another object of the present invention is to provide a cross-link information interaction and system access control mechanism with strong flexibility and scalability.
The technical scheme is as follows: a distributed, cross-chaining system comprising:
when any block chain user needs to carry out cross-chain interaction, the block chain user needs to log in the cross-chain client, initiate cross-chain information through the client and upload materials for the relay node or the attribute authority to carry out audit authentication;
when an idle relay node is selected to be responsible for docking a block chain, the relay node is responsible for monitoring, verifying and proxying all cross-chain messages from the block chain in a specified time period, and encrypts and transmits the cross-chain messages and cross-chain certificates received from various attribute authorities to the relay node corresponding to a target block chain;
when a certain relay node starts to proxy the cross-link message of the corresponding block chain, the attribute authority checks and analyzes the block chain related to the cross-link message, and distributes an attribute key and a cross-link certificate managed by the relay node to each relay node according to the block chain attribute monitored by the relay node;
and before a certain relay node sends the cross-link message to another relay node, firstly, an attribute encryption access structure is constructed by using an access strategy set by a user and an encryption key is generated, then, the cross-link message and the cross-link certificate received from the attribute authority are encrypted by using the encryption key, and finally, the cross-link message and the cross-link certificate are transmitted to a target relay node in a point-to-point communication mode.
Further, the chain cross-chain message includes the identification information and the access policy of the user in the blockchain.
Further, the relay node is a public idle node in a state before being selected, is adapted to be a private relay node of the blockchain after being selected, and is responsible for monitoring and proxying cross-chain interaction information of all users of the blockchain, and if no user sends or receives a new cross-chain message on the blockchain within a specified time period, the relay node terminates the docking with the blockchain, is converted into a public idle state again, and waits for being selected next time.
Furthermore, the attribute authority is responsible for monitoring and managing different types of attributes according to different governance functions of the attribute authority, and when the relay node starts to proxy a cross-link message of a certain block link system, the attribute authority audits and analyzes block link information and account asset information contained in the cross-link message, generates a cross-link certificate, and distributes the cross-link certificate and an attribute key to the relay node; the attribute key is distributed to the relay node only once, but if the attribute authority finds that the block chain of the relay node agent changes and does not meet the monitored attribute, the attribute authority revokes the attribute key originally distributed to the relay node.
Preferably, the cross-link client and the relay node use digital signatures and elliptic curve encryption to sign and encrypt cross-link messages.
Preferably, the relay node and the attribute authority use attribute encryption to realize key generation, distribution and message encryption.
Preferably, a zero-knowledge proof is adopted among the relay nodes to enhance the privacy protection function. Due to the introduction of the zero-knowledge proof technique, the relay node can enable the verifier to believe that it is decryption-compliant without providing any useful information.
Further, when the relay nodes transmit cross-link messages, a point-to-point communication mode is adopted through an internal intelligent contract.
Further, when receiving encrypted data containing a cross-link message sent by other relay nodes, the relay node needs to decode by using its own attribute key, and meanwhile, needs to compare whether the cross-link certificate therein matches with a cross-link certificate sent by an attribute authority center, so as to prevent the cross-link message from being tampered.
A cross-chain information interaction and system access control mechanism based on the distributed cross-chain system, comprising the following contents:
(1) a source block chain user logs in a cross-chain client and initiates a cross-chain message to a target block chain user;
(2) checking whether a relay node for butting a source block chain and a target block chain related to the cross-link message exists in the system; if the docking relay node exists, the cross-link interactive data of a certain block chain user still completely proxy through the docking relay node; if the butt joint relay node does not exist, the system selects an idle relay node or creates a new relay node for the block chain through a PAXOS algorithm; after the relay node becomes the docking relay node of the block chain, if no chain-crossing message from any user of the block chain is received within a specified time period, the docking relay node ends the docking work with the block chain and simultaneously turns to an idle state;
(3) after a relay node of a source block chain is subjected to agent interlinkage information, target block chain information in the interlinkage information is sent to an attribute authority, the operation of the attribute authority on the target block chain comprises authenticity check, on-chain value accounting and service characteristic analysis, and a managed attribute key is further distributed, updated or cancelled to the relay node of the target block chain; meanwhile, the attribute authority respectively sends a cross-chain certification to the relay nodes of the butt joint source block chain and the target block chain, wherein the cross-chain certification comprises an evaluation report, a value evaluation and a request validity certification of the attribute authority to a cross-chain message initiator;
(4) constructing an access structure of an attribute cryptosystem and a corresponding encryption key by a relay node of a source block chain according to an access strategy set by a user in a cross-chain message, taking the cross-chain message and a cross-chain certificate as plain texts, generating a cipher text containing the access structure of the source block chain user, and finally sending the cipher text to the relay node of a target block chain in a point-to-point communication mode;
(5) the relay node which is in butt joint with the target block chain decrypts the received ciphertext by using the attribute key distributed by the attribute authority, if the attribute key accords with the access structure of the ciphertext, the ciphertext is untied by the relay node, otherwise, the ciphertext cannot be decoded correctly;
(6) after the relay node connected with the target block chain unlocks the ciphertext, the cross-chain certification in the message is compared with the cross-chain certification received from the attribute authority; if the two cross-chain proofs are the same, the comparison is successful, and the cross-chain message is further sent to a cross-chain client used by the target block chain user to complete information interaction; if the two cross-link proofs are different, the comparison fails, the cross-link message is further discarded, and error information is fed back to the relay node of the source block chain.
Has the advantages that: the block chain cross-chain system can flexibly set the relay node to meet the cross-chain message agent requirement of a specific block chain, and has stronger flexibility and expandability; by utilizing a de-centralized attribute revocable and updatable attribute password mechanism, a fine-grained access control strategy is provided for block chain cross-chain communication, and the safety of a block chain cross-chain system is improved.
Drawings
FIG. 1 is a schematic diagram of a distributed cross-chain system structure based on an attribute cryptosystem;
FIG. 2 is a flow diagram of a distributed cross-chain interaction;
FIG. 3 is a schematic diagram of one-to-one blockchain inter-chain data interaction and transaction processing;
FIG. 4 is a diagram of a pair of multi-partition chain inter-chain data interactions and transactions.
Detailed Description
The technical solution of the present invention will be further described in detail with reference to the accompanying drawings and specific embodiments.
As shown in fig. 1, the distributed cross-link system based on the attribute cryptosystem of the present invention is composed of a plurality of cross-link clients, a relay node, an attribute authority, and a point-to-point encryption channel, and the main interaction flow is shown in fig. 2.
Embodiments of one-to-one and one-to-many inter-chaining interactions by blockchain a users to blockchain B users and blockchain C users to blockchain B and D users, respectively, are described in detail below in conjunction with fig. 3 and 4.
Example 1:
fig. 3 is a one-to-one block chain cross-chain data interaction and transaction processing manner, as shown in the figure, a user of a block chain a may log in a cross-chain system client through a PC end or a mobile end, and by binding an account of the block chain a, when the user sends a cross-chain message M with private data, the message data is added with a relevant tag of the block chain a, and further indicates that the message comes from the block chain a.
Step 1: before sending a cross-chain message M, a user of a block chain A needs to fill in a user address of a target block chain B, an access control strategy is designed to specify which attributes of the user in the system can view specific information of a request, identity certification information of the user is uploaded, and the like, wherein a client signs and encrypts the cross-chain message M through a digital signature technology and an elliptic curve encryption technology.
When the distributed cross-chain system receives a cross-chain message M, the user of a certain block chain A of the message is known by analyzing the digital signature of M, and whether a relay node for butting the block chain A exists in the system is checked. If the relay node 1 exists in the system, the relay node 1 decrypts the cross-link message M and firstly verifies a user identity certificate contained in the cross-link message M, if the identity of the user passes the verification, namely the user is a legal user of the block link A and the information type participating in cross-link interaction conforms to the specification of the cross-link interaction system, the relay node 1 is responsible for proxying the cross-link message M, otherwise, the relay node 1 discards the cross-link message M and sends out a warning to a client and the system; if no relay node 1 exists in the system, the system selects an idle relay node or creates a relay node for the block chain a by using the PAXOS algorithm, and the relay node is specially responsible for the cross-link mutual information agent forwarding work of all users of the block chain a.
The distributed cross-chain system designed by the invention sets a 48-hour life cycle for all the relay nodes, the life cycle starts to calculate when the relay nodes receive cross-chain interactive data for the last time, and after the life cycle is exceeded, the relay nodes end the relationship with the originally connected block chain, set the current state as an idle public state and wait for the system to reselect and connect a new block chain.
Step 2: the relay node 1 sends the address of the target block chain B in the block chain A user cross-chain message M to all attribute authorities of the system, including a trusted auditing mechanism, a legal institution, a financial settlement institution, a government supervision institution and the like which are accessed by the system, wherein the attribute authorities have good credit endorsements, each attribute authority supervises, maintains and distributes one attribute or different attributes in the cross-chain system, and updates, revokes or distributes an attribute key to the relay node.
Step 3-step 4: multiple attribute authorities will perform independent verification audits on blockchain B, such as legal organization AAiIf the verification authentication of the blockchain B is passed, the blockchain attribute a corresponding to 'legal' can be identifiediAttribute key of
Figure BDA0002578604080000041
Distributing to the relay node 2 interfacing with the blockchain B, while simultaneously distributing the same cross-chain certificate C1iAnd C2iAnd respectively sending the data to a relay node 1 and a relay node 2, wherein G is a generator of a bilinear group G with prime number p of an order set by a cross-chain system. Wherein, if the relay node 2 already possesses a correct attribute key, the attribute key will not be updated; if the attribute key is incorrect, the attribute key will be revoked or updated by the attribute authority.
And 5: when the relay node 1 receives cross-chain certificates sent by all attribute authorities, the relay node 1 constructs an access structure AC containing an AND gate, an OR gate and a NOT gate according to an access control policy filled in on a client by a user of the blockchain A, wherein the AC is a1∪{a2∩a3}∧a4If the attribute a is assumed1、a2、a3And a4Respectively, indicates "blockchain B user", "own class I account", "own class II account", and "illegal", so it is possible to access the fabric AC1Can be described as a "legal blockchain B user owning class I or II accounts", i.e. a user owning the corresponding attribute key will be able to correctly decrypt the cross-chain message of the relay node 1 proxy. The relay node 1 will then use the generated access structure AC1Constructing corresponding encryption key, and performing cross-chain certification on cross-chain message M sent by user in block chain A and cross-chain certification C received from all attribute authorities1={C11,...,C1nIs encrypted and then point-to-pointThe communication mode transmits the ciphertext to the relay node 2, where n is the number of attribute authorities.
Step 6-step 7: the relay node 2 decrypts the ciphertext by using the attribute key, and when the attribute key of the relay node 2 meets the decryption requirement of the access structure AC, the relay node 2 can obtain the correct cross-chain message M and the cross-chain certificate C therein1. Further, the relay node 2 certifies the cross-link in the cross-link message by C1Cross-chain attestation C with attributes received from an attribute authority2Comparing; when the relay node 2 compares successfully, the relay node 2 displays the data in the cross-link message M on the cross-link client of the user in the blockchain B, and returns a success message M to the relay node 1S(ii) a When the relay node 2 fails to compare or the attribute key of the relay node 2 cannot satisfy the requirement of correctly decrypting the ciphertext, the relay node 2 discards the cross-link message M and returns an error feedback message M to the relay node 1EWherein the error feedback message METypes include, but are not limited to, "not correctly decrypted", "aligned unsuccessful-source missing", "aligned unsuccessful-target missing", "aligned unsuccessful-not identical", and the like. Due to the introduction of the zero-knowledge proof technique, the relay node 2 can prove itself to the verifier that it conforms to the access structure without providing any useful information.
And 8: the relay node 2 first utilizes an access structure AC which generates access only by the cross-chain message sender2And will succeed message MSOr error feedback message METhe relay node 1 is encrypted and transmitted, and after the relay node 1 decrypts by using the attribute key of the relay node 1, the feedback message of the relay node 2 is sent to a cross-link client of a cross-link message sender, so that a one-to-one cross-link interaction process is realized.
Example 2:
fig. 4 shows a one-to-many blockchain inter-chain data interaction and transaction manner, as shown in the figure, steps 1, 2 and 4 are the same as the method shown in fig. 3, and the other steps, the relay node 2 and the relay node 4, are executed independently. Because the setting of the access structure in the attribute cryptosystem has strong flexibility and can better support a one-to-many secret sharing scheme, the relay node 3 can construct a fine-grained access control strategy aiming at different message receivers only by setting a group of access structures, and the workload of the relay node of a sender can be greatly reduced.

Claims (10)

1. A distributed, inter-chain system, comprising:
when any block chain user needs to carry out cross-chain interaction, the block chain user needs to log in the cross-chain client, initiate cross-chain information through the client and upload materials for the relay node or the attribute authority to carry out audit authentication;
when an idle relay node is selected to be responsible for docking a block chain, the relay node is responsible for monitoring, verifying and proxying all cross-chain messages from the block chain in a specified time period, and encrypts and transmits the cross-chain messages and cross-chain certificates received from various attribute authorities to the relay node corresponding to a target block chain;
when a certain relay node starts to proxy the cross-link message of the corresponding block chain, the attribute authority checks and analyzes the block chain related to the cross-link message, and distributes an attribute key and a cross-link certificate managed by the relay node to each relay node according to the block chain attribute monitored by the relay node;
and before a certain relay node sends the cross-link message to another relay node, firstly, an encryption key is generated by using an access strategy set by a user, then, the cross-link message and the cross-link certificate received from the attribute authority are encrypted by using the encryption key, and finally, the cross-link message and the cross-link certificate are transmitted to a target relay node in a point-to-point communication mode.
2. The distributed cross-chaining system of claim 1, wherein: the chain cross-chain message comprises the identification information and the access policy of the user in the blockchain.
3. The distributed cross-chaining system of claim 1, wherein: the relay node is a public idle node in a state before being selected, is adapted to be a private relay node of the block chain after being selected, and is responsible for monitoring and proxying cross-chain interaction information of all users of the block chain, if no user sends or receives a new cross-chain message on the block chain within a specified time period, the relay node terminates the butt joint with the block chain, is converted into a public idle state again, and waits for being selected next time.
4. The distributed cross-chaining system of claim 1, wherein: the attribute authority is responsible for monitoring and managing different types of attributes according to different governance functions of the attribute authority, when the relay node starts to proxy a cross-link message of a certain block link system, the attribute authority audits and analyzes block link information and account asset information contained in the cross-link message, generates a cross-link certificate, and distributes the cross-link certificate and an attribute key to the relay node;
the attribute key is distributed to the relay node only once, but if the attribute authority finds that the block chain of the relay node agent changes and does not meet the monitored attribute, the attribute authority revokes the attribute key originally distributed to the relay node.
5. The cross-chain information interaction and system access control mechanism of claim 1, wherein: and the cross-link client and the relay node are encrypted by using a digital signature and an elliptic curve, and the cross-link message is signed and encrypted.
6. The cross-chain information interaction and system access control mechanism of claim 1, wherein: and the relay node and the attribute authority realize key generation, distribution and message encryption by using attribute encryption.
7. The cross-chain information interaction and system access control mechanism of claim 1, wherein: and a zero-knowledge proof is adopted among all relay nodes to strengthen the privacy protection function.
8. The distributed cross-chaining system of claim 1, wherein: when the relay nodes transmit cross-link messages, a point-to-point communication mode is adopted through an internal intelligent contract.
9. The distributed cross-chaining system of claim 1, wherein: when receiving encrypted data containing a cross-link message sent by other relay nodes, the relay node needs to decode by using its own attribute key, and meanwhile, needs to compare whether a cross-link certificate therein is consistent with a cross-link certificate sent by an attribute authority center, so as to prevent the cross-link message from being tampered.
10. A cross-chain information interaction and system access control mechanism based on the distributed cross-chain system according to any one of claims 1 to 9, comprising the following:
(1) a source block chain user logs in a cross-chain client and initiates a cross-chain message to a target block chain user;
(2) checking whether a relay node for butting a source block chain and a target block chain related to the cross-link message exists in the system; if the docking relay node exists, the cross-link interactive data of a certain block chain user still completely proxy through the docking relay node; if the butt joint relay node does not exist, the system selects an idle relay node or creates a new relay node for the block chain through a PAXOS algorithm; after the relay node becomes the docking relay node of the block chain, if no chain-crossing message from any user of the block chain is received within a specified time period, the docking relay node ends the docking work with the block chain and simultaneously turns to an idle state;
(3) after a relay node of a source block chain is subjected to agent interlinkage information, target block chain information in the interlinkage information is sent to an attribute authority, the operation of the attribute authority on the target block chain comprises authenticity check, on-chain value accounting and service characteristic analysis, and a managed attribute key is further distributed, updated or cancelled to the relay node of the target block chain; meanwhile, the attribute authority respectively sends a cross-chain certification to the relay nodes of the butt joint source block chain and the target block chain, wherein the cross-chain certification comprises an evaluation report, a value evaluation and a request validity certification of the attribute authority to a cross-chain message initiator;
(4) constructing an access structure of an attribute cryptosystem and a corresponding encryption key by a relay node of a source block chain according to an access strategy set by a user in a cross-chain message, taking the cross-chain message and a cross-chain certificate as plain texts, generating a cipher text containing the access structure of the source block chain user, and finally sending the cipher text to the relay node of a target block chain in a point-to-point communication mode;
(5) the relay node which is in butt joint with the target block chain decrypts the received ciphertext by using the attribute key distributed by the attribute authority, if the attribute key accords with the access structure of the ciphertext, the ciphertext is untied by the relay node, otherwise, the ciphertext cannot be decoded correctly;
(6) after the relay node connected with the target block chain unlocks the ciphertext, the cross-chain certification in the message is compared with the cross-chain certification received from the attribute authority; if the two cross-chain proofs are the same, the comparison is successful, and the cross-chain message is further sent to a cross-chain client used by the target block chain user to complete information interaction; if the two cross-link proofs are different, the comparison fails, the cross-link message is further discarded, and error information is fed back to the relay node of the source block chain.
CN202010661140.9A 2020-07-10 2020-07-10 Distributed cross-link system and cross-link information interaction and system access control method Active CN112003889B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010661140.9A CN112003889B (en) 2020-07-10 2020-07-10 Distributed cross-link system and cross-link information interaction and system access control method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010661140.9A CN112003889B (en) 2020-07-10 2020-07-10 Distributed cross-link system and cross-link information interaction and system access control method

Publications (2)

Publication Number Publication Date
CN112003889A true CN112003889A (en) 2020-11-27
CN112003889B CN112003889B (en) 2022-11-08

Family

ID=73467403

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010661140.9A Active CN112003889B (en) 2020-07-10 2020-07-10 Distributed cross-link system and cross-link information interaction and system access control method

Country Status (1)

Country Link
CN (1) CN112003889B (en)

Cited By (20)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112738139A (en) * 2021-03-30 2021-04-30 支付宝(杭州)信息技术有限公司 Cross-link access control method and device
CN112804358A (en) * 2021-03-30 2021-05-14 支付宝(杭州)信息技术有限公司 Method and device for transferring data in cross-link mode based on relay equipment network
CN112804354A (en) * 2021-03-19 2021-05-14 腾讯科技(深圳)有限公司 Method and device for data transmission across chains, computer equipment and storage medium
CN112822181A (en) * 2020-12-30 2021-05-18 杭州趣链科技有限公司 Verification method of cross-chain transaction, terminal device and readable storage medium
CN112861190A (en) * 2021-04-23 2021-05-28 腾讯科技(深圳)有限公司 Data cross-chain cooperation method, system and device
CN112948153A (en) * 2021-05-14 2021-06-11 支付宝(杭州)信息技术有限公司 Method and device for message cross-link transmission
CN113364869A (en) * 2021-06-04 2021-09-07 杭州复杂美科技有限公司 Block chain message transmission method, equipment and storage medium
CN113364735A (en) * 2021-05-01 2021-09-07 西安电子科技大学 Data cross-link access control method, system, equipment and terminal under multi-link scene
CN113452701A (en) * 2021-06-28 2021-09-28 上海计算机软件技术开发中心 Cross-chain system and cross-chain system-oriented distributed user identity authentication model
CN113656780A (en) * 2021-03-30 2021-11-16 支付宝(杭州)信息技术有限公司 Cross-link access control method and device
CN113722285A (en) * 2021-11-03 2021-11-30 江苏荣泽信息科技股份有限公司 Multi-chain-based cross-chain distributed file storage and verification system
CN113783949A (en) * 2021-08-26 2021-12-10 浙商银行股份有限公司 Cross-chain decentralized method based on contract management
CN113783854A (en) * 2021-08-30 2021-12-10 湖南天河国云科技有限公司 Block chain-based credit data cross-chain sharing method and device
CN113923044A (en) * 2021-10-29 2022-01-11 博雅正链(北京)科技有限公司 Chain crossing system and method based on trusted execution environment
CN113922996A (en) * 2021-09-29 2022-01-11 昆明理工大学 Electronic subject file privacy protection method based on block chain crossing technology
CN114006911A (en) * 2021-12-31 2022-02-01 杭州趣链科技有限公司 Data processing method and device, terminal equipment and storage medium
CN114760288A (en) * 2022-03-18 2022-07-15 国网四川省电力公司天府新区供电公司 Block chain-based file cross-chain transmission method
CN115225709A (en) * 2022-07-29 2022-10-21 蚂蚁区块链科技(上海)有限公司 Data transmission system and method
CN116506104A (en) * 2023-06-25 2023-07-28 天津市城市规划设计研究总院有限公司 Method and system for information security interaction of different departments based on cross-chain blockchain
CN116800435A (en) * 2023-08-21 2023-09-22 成都信息工程大学 Access control method, system and storage medium based on zero knowledge proof and cross-chain

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110245517A (en) * 2019-05-29 2019-09-17 杭州秘猿科技有限公司 A kind of across chain method, apparatus, system and the electronic equipment of block chain
CN110266655A (en) * 2019-05-30 2019-09-20 中国工商银行股份有限公司 A kind of across chain interconnected method, equipment and system based on block chain
CN110650189A (en) * 2019-09-20 2020-01-03 深圳供电局有限公司 Relay-based block chain interaction system and method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110245517A (en) * 2019-05-29 2019-09-17 杭州秘猿科技有限公司 A kind of across chain method, apparatus, system and the electronic equipment of block chain
CN110266655A (en) * 2019-05-30 2019-09-20 中国工商银行股份有限公司 A kind of across chain interconnected method, equipment and system based on block chain
CN110650189A (en) * 2019-09-20 2020-01-03 深圳供电局有限公司 Relay-based block chain interaction system and method

Cited By (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112822181A (en) * 2020-12-30 2021-05-18 杭州趣链科技有限公司 Verification method of cross-chain transaction, terminal device and readable storage medium
CN112804354A (en) * 2021-03-19 2021-05-14 腾讯科技(深圳)有限公司 Method and device for data transmission across chains, computer equipment and storage medium
CN113656780A (en) * 2021-03-30 2021-11-16 支付宝(杭州)信息技术有限公司 Cross-link access control method and device
CN112804358A (en) * 2021-03-30 2021-05-14 支付宝(杭州)信息技术有限公司 Method and device for transferring data in cross-link mode based on relay equipment network
WO2022205966A1 (en) * 2021-03-30 2022-10-06 蚂蚁区块链科技(上海)有限公司 Cross-chain access control method and apparatus
CN112738139A (en) * 2021-03-30 2021-04-30 支付宝(杭州)信息技术有限公司 Cross-link access control method and device
CN112738139B (en) * 2021-03-30 2021-07-06 支付宝(杭州)信息技术有限公司 Cross-link access control method and device
CN113656780B (en) * 2021-03-30 2023-12-19 支付宝(杭州)信息技术有限公司 Cross-chain access control method and device
CN112861190A (en) * 2021-04-23 2021-05-28 腾讯科技(深圳)有限公司 Data cross-chain cooperation method, system and device
CN112861190B (en) * 2021-04-23 2021-07-16 腾讯科技(深圳)有限公司 Data cross-chain cooperation method, system and device
CN113364735A (en) * 2021-05-01 2021-09-07 西安电子科技大学 Data cross-link access control method, system, equipment and terminal under multi-link scene
CN112948153A (en) * 2021-05-14 2021-06-11 支付宝(杭州)信息技术有限公司 Method and device for message cross-link transmission
CN113364869A (en) * 2021-06-04 2021-09-07 杭州复杂美科技有限公司 Block chain message transmission method, equipment and storage medium
CN113364869B (en) * 2021-06-04 2022-07-15 杭州复杂美科技有限公司 Block chain message transmission method, equipment and storage medium
CN113452701A (en) * 2021-06-28 2021-09-28 上海计算机软件技术开发中心 Cross-chain system and cross-chain system-oriented distributed user identity authentication model
CN113452701B (en) * 2021-06-28 2023-04-18 上海计算机软件技术开发中心 Cross-chain system and distributed user identity authentication method facing cross-chain system
CN113783949A (en) * 2021-08-26 2021-12-10 浙商银行股份有限公司 Cross-chain decentralized method based on contract management
CN113783854A (en) * 2021-08-30 2021-12-10 湖南天河国云科技有限公司 Block chain-based credit data cross-chain sharing method and device
CN113783854B (en) * 2021-08-30 2023-10-17 湖南天河国云科技有限公司 Credit data cross-chain sharing method and device based on block chain
CN113922996A (en) * 2021-09-29 2022-01-11 昆明理工大学 Electronic subject file privacy protection method based on block chain crossing technology
CN113923044B (en) * 2021-10-29 2023-10-03 博雅正链(北京)科技有限公司 Cross-chain system and method based on trusted execution environment
CN113923044A (en) * 2021-10-29 2022-01-11 博雅正链(北京)科技有限公司 Chain crossing system and method based on trusted execution environment
CN113722285A (en) * 2021-11-03 2021-11-30 江苏荣泽信息科技股份有限公司 Multi-chain-based cross-chain distributed file storage and verification system
CN114006911A (en) * 2021-12-31 2022-02-01 杭州趣链科技有限公司 Data processing method and device, terminal equipment and storage medium
CN114006911B (en) * 2021-12-31 2022-04-26 杭州趣链科技有限公司 Data processing method and device, terminal equipment and storage medium
CN114760288A (en) * 2022-03-18 2022-07-15 国网四川省电力公司天府新区供电公司 Block chain-based file cross-chain transmission method
CN114760288B (en) * 2022-03-18 2024-02-06 国网四川省电力公司天府新区供电公司 File cross-chain transmission method based on block chain
CN115225709A (en) * 2022-07-29 2022-10-21 蚂蚁区块链科技(上海)有限公司 Data transmission system and method
CN115225709B (en) * 2022-07-29 2024-03-26 蚂蚁区块链科技(上海)有限公司 Data transmission system, method, electronic device and readable storage medium
CN116506104A (en) * 2023-06-25 2023-07-28 天津市城市规划设计研究总院有限公司 Method and system for information security interaction of different departments based on cross-chain blockchain
CN116506104B (en) * 2023-06-25 2023-08-29 天津市城市规划设计研究总院有限公司 Method and system for information security interaction of different departments based on cross-chain blockchain
CN116800435A (en) * 2023-08-21 2023-09-22 成都信息工程大学 Access control method, system and storage medium based on zero knowledge proof and cross-chain
CN116800435B (en) * 2023-08-21 2023-12-19 成都信息工程大学 Access control method, system and storage medium based on zero knowledge proof and cross-chain

Also Published As

Publication number Publication date
CN112003889B (en) 2022-11-08

Similar Documents

Publication Publication Date Title
CN112003889B (en) Distributed cross-link system and cross-link information interaction and system access control method
CN110602138B (en) Data processing method and device for block chain network, electronic equipment and storage medium
US9800416B2 (en) Distributed validation of digitally signed electronic documents
CN113194469B (en) 5G unmanned aerial vehicle cross-domain identity authentication method, system and terminal based on block chain
US9565180B2 (en) Exchange of digital certificates in a client-proxy-server network configuration
US7120797B2 (en) Methods for authenticating potential members invited to join a group
CN101212293B (en) Identity authentication method and system
US20030163700A1 (en) Method and system for user generated keys and certificates
CN111147460B (en) Block chain-based cooperative fine-grained access control method
CN111884805A (en) Data hosting method and system based on block chain and distributed identity
CN112887338A (en) Identity authentication method and system based on IBC identification password
CN113541970B (en) Method and system for using distributed identifier
CN113612610B (en) Session key negotiation method
CN113630248B (en) Session key negotiation method
Zhang et al. Ndn-mps: Supporting multiparty authentication over named data networking
CN104468074A (en) Method and equipment for authentication between applications
CN113328854A (en) Service processing method and system based on block chain
CN113676330B (en) Digital certificate application system and method based on secondary secret key
Nait-Hamoud et al. Certificateless Public Key Systems Aggregation: An enabling technique for 5G multi-domain security management and delegation
CN112927026A (en) Coupon processing method and device, electronic equipment and computer storage medium
Lu et al. Distributed Ledger Technology Based Architecture for Decentralized Device-to-Device Communication Network
Boeyen et al. Liberty trust models guidelines
CN115883102B (en) Cross-domain identity authentication method and system based on identity credibility and electronic equipment
Wang et al. RSU-Aided Authentication for VANET Based on Consortium Blockchain
Zhang et al. Basic Techniques for Data Security

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 210003, 66 new model street, Gulou District, Jiangsu, Nanjing

Applicant after: NANJING University OF POSTS AND TELECOMMUNICATIONS

Address before: 210000 No. 186 Software Avenue, Yuhuatai District, Nanjing, Jiangsu Province

Applicant before: NANJING University OF POSTS AND TELECOMMUNICATIONS

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant