CN112003889B - Distributed cross-link system and cross-link information interaction and system access control method - Google Patents
Distributed cross-link system and cross-link information interaction and system access control method Download PDFInfo
- Publication number
- CN112003889B CN112003889B CN202010661140.9A CN202010661140A CN112003889B CN 112003889 B CN112003889 B CN 112003889B CN 202010661140 A CN202010661140 A CN 202010661140A CN 112003889 B CN112003889 B CN 112003889B
- Authority
- CN
- China
- Prior art keywords
- cross
- relay node
- chain
- block chain
- link
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3252—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Abstract
The invention discloses a distributed cross-link system and a cross-link information interaction and system access control mechanism. The access control mechanism comprises a relay node verification block chain user, the relay node adapts block chain attributes and proxies a cross-chain message and encrypted transmission of the block chain attributes, an attribute authority issues an attribute key and a cross-chain certification for the relay node, a target block chain peer relay node receives an encrypted file, decrypts and compares the cross-chain certification, and finally the cross-chain message is received by the target block chain user so as to realize cross-chain communication. The invention can flexibly set the relay node to meet the cross-link message proxy requirement of a specific block chain, has stronger flexibility and expandability, and simultaneously utilizes a de-centralized attribute revocable and updatable attribute password mechanism to provide a fine-grained access control strategy for block chain cross-link communication and improve the safety of a block chain cross-link system.
Description
Technical Field
The invention relates to the technical field of block chains, in particular to a distributed cross-chain system based on an attribute cryptosystem, and also relates to a cross-chain information interaction and system access control mechanism.
Background
With the rapid development of the blockchain technology, many blockchains oriented to different application scenarios and having different characteristics are continuously present, but due to the large difference between blockchains, data communication and value transfer between different blockchains are difficult. Meanwhile, cross-link communication data between block chains often include important privacy information of the block chain where the cross-link communication data is located, and leakage of the information can seriously affect the safety of related services of the block chains.
Disclosure of Invention
The purpose of the invention is as follows: aiming at the problems of cross-chain existing requirements and cross-chain privacy protection of a blockchain, the invention aims to provide a distributed cross-chain system based on an attribute cryptosystem, so that a cross-chain client can simultaneously initiate cross-chain messages to different blockchains, and a fine-grained access control mechanism is provided for the cross-chain system by using the attribute cryptosystem, wherein an introduced attribute revocable and accountability strategy can improve the flexibility and the safety of the cross-chain system access control mechanism. Another object of the present invention is to provide a cross-link information interaction and system access control mechanism with strong flexibility and scalability.
The technical scheme is as follows: a distributed, cross-chaining system comprising:
when any block chain user needs to carry out cross-chain interaction, the block chain user needs to log in the cross-chain client, initiate cross-chain information through the client and upload materials for the relay node or the attribute authority to carry out audit authentication;
when an idle relay node is selected to be responsible for docking a block chain, the relay node is responsible for monitoring, verifying and proxying all cross-chain messages from the block chain in a specified time period, and encrypts and transmits the cross-chain messages and cross-chain certificates received from various attribute authorities to the relay node corresponding to a target block chain;
when a certain relay node starts to proxy the cross-link message of the corresponding block chain, the attribute authority checks and analyzes the block chain related to the cross-link message, and distributes an attribute key and a cross-link certificate managed by the attribute authority to each relay node according to the block chain attribute monitored by the attribute authority;
and before a certain relay node sends the cross-link message to another relay node, firstly, an attribute encryption access structure is constructed by using an access strategy set by a user and an encryption key is generated, then, the cross-link message and the cross-link certificate received from the attribute authority are encrypted by using the encryption key, and finally, the cross-link message and the cross-link certificate are transmitted to a target relay node in a point-to-point communication mode.
Further, the chain cross-chain message includes the identification information and the access policy of the user in the blockchain.
Further, the relay node is a public idle node in a state before being selected, is adapted to be a private relay node of the blockchain after being selected, and is responsible for monitoring and proxying cross-link interaction information of all users of the blockchain, and if no user sends or receives a new cross-link message on the blockchain within a specified time period, the relay node terminates the connection with the blockchain, is converted into a public idle state again, and waits for being selected next time.
Furthermore, the attribute authority is responsible for monitoring and managing different types of attributes according to different governance functions of the attribute authority, and when the relay node starts to proxy a cross-link message of a certain block link system, the attribute authority audits and analyzes block link information and account asset information contained in the cross-link message, generates a cross-link certificate, and distributes the cross-link certificate and an attribute key to the relay node; the attribute key is distributed to the relay node only once, but if the attribute authority finds that the block chain of the relay node proxy changes and does not meet the monitored attribute, the attribute authority revokes the attribute key originally distributed to the relay node.
Preferably, the cross-link client and the relay node use digital signature and elliptic curve encryption to perform signature and encryption protection on the cross-link message.
Preferably, the relay node and the attribute authority use attribute encryption to realize key generation, distribution and message encryption.
Preferably, a zero-knowledge proof is adopted among the relay nodes to strengthen the privacy protection function. Due to the introduction of the zero-knowledge proof technique, the relay node can enable the verifier to believe that it is decryption-compliant without providing any useful information.
Further, when cross-link message transmission is performed between the relay nodes, a point-to-point communication mode is adopted through an internal intelligent contract.
Further, when receiving encrypted data containing a cross-link message sent by other relay nodes, the relay node needs to decode by using its own attribute key, and meanwhile, needs to compare whether the cross-link certificate therein matches with a cross-link certificate sent by an attribute authority center, so as to prevent the cross-link message from being tampered.
A cross-chain information interaction and system access control mechanism based on the distributed cross-chain system, comprising the following contents:
(1) A source block chain user logs in a cross-chain client and initiates a cross-chain message to a target block chain user;
(2) Checking whether a relay node for butting a source block chain and a target block chain related to the cross-link message exists in the system; if the docking relay node exists, the cross-link interactive data of a certain block chain user still completely proxy through the docking relay node; if the butt joint relay node does not exist, the system selects an idle relay node or creates a new relay node for the block chain through a PAXOS algorithm; after the relay node becomes the docking relay node of the block chain, if no chain-crossing message from any user of the block chain is received within a specified time period, the docking relay node ends the docking work with the block chain and simultaneously turns to an idle state;
(3) After a relay node of a source block chain is subjected to agent interlinkage information, target block chain information in the interlinkage information is sent to an attribute authority, the operation of the attribute authority on the target block chain comprises authenticity check, on-chain value accounting and service characteristic analysis, and a managed attribute key is further distributed, updated or cancelled to the relay node of the target block chain; meanwhile, the attribute authority sends a cross-link certificate to the relay nodes of the butt joint source block chain and the target block chain respectively, wherein the cross-link certificate comprises an evaluation report, a value evaluation and a request validity certificate of the attribute authority to a cross-link message initiator;
(4) Constructing an access structure of an attribute cryptosystem and a corresponding encryption key by a relay node of a source block chain according to an access strategy set by a user in a cross-chain message, taking the cross-chain message and a cross-chain certificate as a plaintext, generating a ciphertext containing the access structure of the source block chain user, and finally sending the ciphertext to the relay node of a target block chain in a point-to-point communication mode;
(5) The relay node which is in butt joint with the target block chain decrypts the received ciphertext by using the attribute key distributed by the attribute authority, if the attribute key accords with the access structure of the ciphertext, the ciphertext is untied by the relay node, otherwise, the ciphertext cannot be decoded correctly;
(6) After the relay node connected with the target block chain unlocks the ciphertext, the cross-chain certification in the message is compared with the cross-chain certification received from the attribute authority; if the two cross-chain proofs are the same, the comparison is successful, and the cross-chain message is further sent to a cross-chain client used by the target block chain user to complete information interaction; if the two cross-link proofs are different, the comparison fails, the cross-link message is further discarded, and error information is fed back to the relay node of the source block chain.
Has the advantages that: the block chain cross-chain system can flexibly set the relay node to meet the cross-chain message agent requirement of a specific block chain, and has stronger flexibility and expandability; by utilizing a de-centralized attribute revocable and updatable attribute password mechanism, a fine-grained access control strategy is provided for block chain cross-chain communication, and the safety of a block chain cross-chain system is improved.
Drawings
FIG. 1 is a schematic diagram of a distributed cross-chain system structure based on an attribute cryptosystem;
FIG. 2 is a distributed cross-chain interaction flow diagram;
FIG. 3 is a schematic diagram of one-to-one blockchain inter-chain data interaction and transaction processing;
FIG. 4 is a diagram of a pair of multi-partition chain inter-chain data interactions and transactions.
Detailed Description
The technical solution of the present invention is further described in detail with reference to the accompanying drawings and specific embodiments.
As shown in fig. 1, the distributed cross-link system based on the attribute cryptosystem of the present invention is composed of a plurality of cross-link clients, a relay node, an attribute authority, and a point-to-point encryption channel, and the main interaction flow is shown in fig. 2.
Embodiments of one-to-one and one-to-many inter-chaining interactions by blockchain a users to blockchain B users and blockchain C users to blockchain B and D users, respectively, are described in detail below in conjunction with fig. 3 and 4.
Example 1:
fig. 3 is a one-to-one block chain cross-chain data interaction and transaction processing manner, as shown in the figure, a user of a block chain a may log in a cross-chain system client through a PC end or a mobile end, and by binding an account of the block chain a, when the user sends a cross-chain message M with private data, the message data is added with a relevant tag of the block chain a, and further indicates that the message comes from the block chain a.
Step 1: before sending the cross-link message M, a user of the block chain A needs to fill in a user address of a target block chain B, an access control strategy is designed to stipulate which attributes of the system can be checked by the user, identity information of the user is uploaded, and the like, wherein the client signs and encrypts the cross-link message M through a digital signature technology and an elliptic curve encryption technology.
When the distributed cross-chain system receives a cross-chain message M, the user of a certain block chain A of the message is known by analyzing the digital signature of M, and whether a relay node for butting the block chain A exists in the system is checked. If the relay node 1 exists in the system, the relay node 1 decrypts the cross-link message M and firstly verifies a user identity certificate contained in the cross-link message M, if the identity of the user passes the verification, namely the user is a legal user of the block link A and the information type participating in cross-link interaction conforms to the specification of the cross-link interaction system, the relay node 1 is responsible for proxying the cross-link message M, otherwise, the relay node 1 discards the cross-link message M and sends out a warning to a client and the system; if no relay node 1 exists in the system, the system selects an idle relay node or creates a relay node for the block chain a by using the PAXOS algorithm, and the relay node is specially responsible for the cross-link mutual information agent forwarding work of all users of the block chain a.
The distributed cross-chain system designed by the invention sets a 48-hour life cycle for all the relay nodes, the life cycle starts to calculate when the relay nodes receive cross-chain interactive data for the last time, and after the life cycle is exceeded, the relay nodes end the relationship with the originally connected block chain, set the current state as an idle public state and wait for the system to reselect and connect a new block chain.
And 2, step: the relay node 1 sends the address of the target block chain B in the block chain A user cross-chain message M to all attribute authorities of the system, including a trusted auditing organization, a legal organization, a financial settlement organization, a government supervision organization and the like of system access, wherein the attribute authorities have good credit endorsements, each attribute authority supervises, maintains and distributes one attribute or different attributes in the cross-chain system, and updates, revokes or distributes the attribute key to the relay node.
Step 3-step 4: multiple attribute authorities will perform independent verification audits on blockchain B, such as legal organization AA i If the verification authentication of the blockchain B is passed, the blockchain attribute a corresponding to 'legal' can be identified i Attribute key of (2)
Distributing to the relay node 2 interfacing with the blockchain B, while simultaneously distributing the same cross-chain certificate C 1i And C 2i And respectively sending the information to a relay node 1 and a relay node 2, wherein G is a generator of a bilinear group G with a prime number p of an order set by a cross-chain system. Wherein, if the relay node 2 already possesses a correct attribute key, the attribute key will not be updated; if the attribute key is incorrect, the methodThe attribute key will be revoked or updated by the attribute authority.
And 5: when the relay node 1 receives the cross-chain certificates sent by all the attribute authorities, the relay node 1 constructs an access structure AC containing an AND gate, an OR gate and a NOT gate according to the access control policy filled in by the user on the client side in the blockchain A, for example, AC = a 1 ∪{a 2 ∩a 3 }∧a 4 If the attribute a is assumed 1 、a 2 、a 3 And a 4 Respectively, indicates "blockchain B user", "own class I account", "own class II account", and "illegal", so it is possible to access the fabric AC 1 Can be described as a "legal blockchain B user owning class I or II accounts", i.e. a user owning the corresponding attribute key will be able to correctly decrypt the cross-chain message of the relay node 1 proxy. The relay node 1 will then use the generated access structure AC 1 Constructing corresponding encryption key, and verifying the cross-chain message M sent by user in block chain A and the cross-chain certificate C received from all attribute authorities 1 ={C 11 ,...,C 1n And (5) encrypting, and then transmitting the ciphertext to the relay node 2 in a point-to-point communication mode, wherein n is the number of the attribute authorities.
Step 6-step 7: the relay node 2 decrypts the ciphertext by using the attribute key, and when the attribute key of the relay node 2 meets the decryption requirement of the access structure AC, the relay node 2 can obtain the correct cross-chain message M and the cross-chain certificate C therein 1 . Further, the relay node 2 certifies the cross-link in the cross-link message by the cross-link certificate C 1 Cross-chain attestation C received from attribute authority 2 Comparing; when the relay node 2 compares successfully, the relay node 2 displays the data in the cross-link message M on the cross-link client of the user in the blockchain B, and returns a success message M to the relay node 1 S (ii) a When the relay node 2 fails to compare or the attribute key of the relay node 2 cannot satisfy the requirement of correctly decrypting the ciphertext, the relay node 2 discards the cross-link message M and returns an error feedback message M to the relay node 1 E Wherein the error feedback message M E Types include, but are not limited to, "cannot decrypt correctly",unsuccessful alignment-source lacking "," unsuccessful alignment-target lacking "," unsuccessful alignment-different ", and the like. Due to the introduction of the zero-knowledge proof technique, the relay node 2 can prove itself to the verifier that it conforms to the access structure without providing any useful information.
And 8: the relay node 2 first utilizes an access structure AC which generates access only by the cross-chain message sender 2 And will succeed message M S Or error feedback message M E The relay node 1 is encrypted and transmitted, and after the relay node 1 decrypts by using the attribute key of the relay node 1, the feedback message of the relay node 2 is sent to a cross-link client of a cross-link message sender, so that a one-to-one cross-link interaction process is realized.
Example 2:
fig. 4 shows a one-to-many blockchain inter-chain data interaction and transaction manner, as shown in the figure, steps 1, 2 and 4 are the same as the method shown in fig. 3, and the other steps, the relay node 2 and the relay node 4, are executed independently. Because the setting of the access structure in the attribute cryptosystem has strong flexibility and can better support a one-to-many secret sharing scheme, the relay node 3 can construct a fine-grained access control strategy aiming at different message receivers only by setting a group of access structures, and the workload of the relay node of a sender can be greatly reduced.
Claims (10)
1. A distributed, inter-chain system, comprising:
when any block chain user needs to carry out cross-chain interaction, the block chain user needs to log in the cross-chain client, initiate cross-chain information through the client and upload materials for the relay node or the attribute authority to check and authenticate;
when an idle relay node is selected to be responsible for docking a block chain, the relay node is responsible for monitoring, verifying and proxying all cross-chain messages from the block chain in a specified time period, and encrypts and transmits the cross-chain messages and cross-chain certificates received from various attribute authorities to the relay node corresponding to a target block chain;
when a certain relay node starts to proxy the cross-link message of the corresponding block chain, the attribute authority checks and analyzes the block chain related to the cross-link message, and distributes an attribute key and a cross-link certificate managed by the attribute authority to each relay node according to the block chain attribute monitored by the attribute authority;
and before a certain relay node sends the cross-link message to another relay node, firstly, an encryption key is generated by using an access strategy set by a user, then, the cross-link message and the cross-link certificate received from the attribute authority are encrypted by using the encryption key, and finally, the cross-link message and the cross-link certificate are transmitted to a target relay node in a point-to-point communication mode.
2. The distributed, cross-chain system of claim 1, wherein: the cross-chain message comprises the identification information and the access policy of the user in the blockchain.
3. The distributed cross-chaining system of claim 1, wherein: the relay node is a public idle node in a state before being selected, is adapted to be a private relay node of the block chain after being selected, and is responsible for monitoring and proxying cross-chain interaction information of all users of the block chain, if no user sends or receives a new cross-chain message on the block chain within a specified time period, the relay node terminates the butt joint with the block chain, is converted into a public idle state again, and waits for being selected next time.
4. The distributed cross-chaining system of claim 1, wherein: the attribute authority is responsible for monitoring and managing different types of attributes according to different administration functions of the attribute authority, and when the relay node starts to proxy a cross-link message of a certain block link system, the attribute authority audits and analyzes block link information and account asset information contained in the cross-link message, generates a cross-link certificate, and distributes the cross-link certificate and an attribute key to the relay node;
the attribute key is distributed to the relay node only once, but if the attribute authority finds that the block chain of the relay node agent changes and does not meet the monitored attribute, the attribute authority revokes the attribute key originally distributed to the relay node.
5. The distributed cross-chaining system of claim 1, wherein: and the cross-link client and the relay node utilize digital signature and elliptic curve encryption to sign and encrypt the cross-link message.
6. The distributed cross-chaining system of claim 1, wherein: and the relay node and the attribute authority realize key generation, distribution and message encryption by using attribute encryption.
7. The distributed, cross-chain system of claim 1, wherein: and a zero-knowledge proof is adopted among all relay nodes to strengthen the privacy protection function.
8. The distributed cross-chaining system of claim 1, wherein: when the relay nodes transmit cross-link messages, a point-to-point communication mode is adopted through an internal intelligent contract.
9. The distributed cross-chaining system of claim 1, wherein: when receiving encrypted data containing a cross-link message sent by other relay nodes, the relay node needs to decode by using its own attribute key, and meanwhile, needs to compare whether a cross-link certificate therein is consistent with a cross-link certificate sent by an attribute authority center, so as to prevent the cross-link message from being tampered.
10. A method for cross-chain information interaction and system access control based on the distributed cross-chain system according to any one of claims 1 to 9, comprising the following steps:
(1) A source block chain user logs in a cross-chain client and initiates a cross-chain message to a target block chain user;
(2) Checking whether a relay node for interfacing a source block chain and a target block chain related to the cross-link message exists in the system; if the docking relay node exists, the cross-link interactive data of the source block chain user and the target block chain user still completely proxy through the docking relay node; if the butt joint relay node does not exist, the system selects an idle relay node or creates a new relay node for the block chain through a PAXOS algorithm; after the relay node becomes the docking relay node of the block chain, if no chain-crossing message from any user of the block chain is received within a specified time period, the docking relay node ends the docking work with the block chain and simultaneously turns to an idle state;
(3) After a relay node of a source block chain is subjected to agent interlinkage information, target block chain information in the interlinkage information is sent to an attribute authority, the operation of the attribute authority on the target block chain comprises authenticity check, on-chain value accounting and service characteristic analysis, and a managed attribute key is further distributed, updated or cancelled to the relay node of the target block chain; meanwhile, the attribute authority respectively sends a cross-chain certification to the relay nodes of the butt joint source block chain and the target block chain, wherein the cross-chain certification comprises an evaluation report, a value evaluation and a request validity certification of the attribute authority to a cross-chain message initiator;
(4) Constructing an access structure of an attribute cryptosystem and a corresponding encryption key by a relay node of a source block chain according to an access strategy set by a user in a cross-chain message, taking the cross-chain message and a cross-chain certificate as plain texts, generating a cipher text containing the access structure of the source block chain user, and finally sending the cipher text to the relay node of a target block chain in a point-to-point communication mode;
(5) The relay node which is in butt joint with the target block chain decrypts the received ciphertext by using the attribute key distributed by the attribute authority, if the attribute key accords with the access structure of the ciphertext, the ciphertext is untied by the relay node, otherwise, the ciphertext cannot be decoded correctly;
(6) After the relay node connected with the target block chain unlocks the ciphertext, the cross-chain certification in the message is compared with the cross-chain certification received from the attribute authority; if the two cross-link proofs are the same, the comparison is successful, and the cross-link message is further sent to a cross-link client used by a target block link user to complete information interaction; if the two cross-link proofs are different, the comparison fails, the cross-link message is further discarded, and error information is fed back to the relay node of the butt joint source block chain.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010661140.9A CN112003889B (en) | 2020-07-10 | 2020-07-10 | Distributed cross-link system and cross-link information interaction and system access control method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010661140.9A CN112003889B (en) | 2020-07-10 | 2020-07-10 | Distributed cross-link system and cross-link information interaction and system access control method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112003889A CN112003889A (en) | 2020-11-27 |
| CN112003889B true CN112003889B (en) | 2022-11-08 |
Family
ID=73467403
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010661140.9A Active CN112003889B (en) | 2020-07-10 | 2020-07-10 | Distributed cross-link system and cross-link information interaction and system access control method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112003889B (en) |
Families Citing this family (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112822181B (en) * | 2020-12-30 | 2022-08-16 | 杭州趣链科技有限公司 | Verification method of cross-chain transaction, terminal device and readable storage medium |
| CN112804354B (en) * | 2021-03-19 | 2021-07-06 | 腾讯科技(深圳)有限公司 | Method and device for data transmission across chains, computer equipment and storage medium |
| CN112738139B (en) * | 2021-03-30 | 2021-07-06 | 支付宝(杭州)信息技术有限公司 | Cross-link access control method and device |
| CN113656780B (en) * | 2021-03-30 | 2023-12-19 | 支付宝(杭州)信息技术有限公司 | Cross-chain access control method and device |
| CN112804358B (en) * | 2021-03-30 | 2021-07-23 | 支付宝(杭州)信息技术有限公司 | Method and device for transferring data in cross-link mode based on relay equipment network |
| CN112861190B (en) * | 2021-04-23 | 2021-07-16 | 腾讯科技(深圳)有限公司 | Data cross-chain cooperation method, system and device |
| CN113364735B (en) * | 2021-05-01 | 2022-08-19 | 西安电子科技大学 | Data cross-link access control method, system, equipment and terminal under multi-link scene |
| CN112948153B (en) * | 2021-05-14 | 2021-08-10 | 支付宝(杭州)信息技术有限公司 | Method and device for message cross-link transmission |
| CN113364869B (en) * | 2021-06-04 | 2022-07-15 | 杭州复杂美科技有限公司 | Block chain message transmission method, equipment and storage medium |
| CN113452701B (en) * | 2021-06-28 | 2023-04-18 | 上海计算机软件技术开发中心 | Cross-chain system and distributed user identity authentication method facing cross-chain system |
| CN113783949A (en) * | 2021-08-26 | 2021-12-10 | 浙商银行股份有限公司 | Cross-chain decentralized method based on contract management |
| CN113783854B (en) * | 2021-08-30 | 2023-10-17 | 湖南天河国云科技有限公司 | Credit data cross-chain sharing method and device based on block chain |
| CN113922996B (en) * | 2021-09-29 | 2022-12-30 | 昆明信息港传媒有限责任公司 | Electronic school roll file privacy protection method based on block chain crossing technology |
| CN113923044B (en) * | 2021-10-29 | 2023-10-03 | 博雅正链(北京)科技有限公司 | Cross-chain system and method based on trusted execution environment |
| CN113722285B (en) * | 2021-11-03 | 2022-02-11 | 江苏荣泽信息科技股份有限公司 | Multi-chain-based cross-chain distributed file storage and verification system |
| CN114006911B (en) * | 2021-12-31 | 2022-04-26 | 杭州趣链科技有限公司 | Data processing method and device, terminal equipment and storage medium |
| CN114760288B (en) * | 2022-03-18 | 2024-02-06 | 国网四川省电力公司天府新区供电公司 | File cross-chain transmission method based on block chain |
| CN115225709B (en) * | 2022-07-29 | 2024-03-26 | 蚂蚁区块链科技(上海)有限公司 | Data transmission system, method, electronic device and readable storage medium |
| CN116506104B (en) * | 2023-06-25 | 2023-08-29 | 天津市城市规划设计研究总院有限公司 | Method and system for information security interaction of different departments based on cross-chain blockchain |
| CN116800435B (en) * | 2023-08-21 | 2023-12-19 | 成都信息工程大学 | Access control method, system and storage medium based on zero knowledge proof and cross-chain |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110245517A (en) * | 2019-05-29 | 2019-09-17 | 杭州秘猿科技有限公司 | A kind of across chain method, apparatus, system and the electronic equipment of block chain |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110266655B (en) * | 2019-05-30 | 2021-11-12 | 中国工商银行股份有限公司 | Cross-chain interconnection method, device and system based on block chain |
| CN110650189B (en) * | 2019-09-20 | 2022-01-18 | 深圳供电局有限公司 | Relay-based block chain interaction system and method |
-
2020
- 2020-07-10 CN CN202010661140.9A patent/CN112003889B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110245517A (en) * | 2019-05-29 | 2019-09-17 | 杭州秘猿科技有限公司 | A kind of across chain method, apparatus, system and the electronic equipment of block chain |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112003889A (en) | 2020-11-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112003889B (en) | Distributed cross-link system and cross-link information interaction and system access control method | |
| CN110581854B (en) | Intelligent terminal safety communication method based on block chain | |
| CN113194469B (en) | 5G unmanned aerial vehicle cross-domain identity authentication method, system and terminal based on block chain | |
| EP0651533B1 (en) | Method and apparatus for privacy and authentication in a mobile wireless network | |
| JP5432999B2 (en) | Encryption key distribution system | |
| EP2984782B1 (en) | Method and system for accessing device by a user | |
| CN111147460B (en) | Block chain-based cooperative fine-grained access control method | |
| CN112887338A (en) | Identity authentication method and system based on IBC identification password | |
| CN111884805A (en) | Data hosting method and system based on block chain and distributed identity | |
| CN113541970B (en) | Method and system for using distributed identifier | |
| CN113630248B (en) | Session key negotiation method | |
| CN113612610B (en) | Session key negotiation method | |
| CN114884698B (en) | Kerberos and IBC security domain cross-domain authentication method based on alliance chain | |
| CN104468074A (en) | Method and equipment for authentication between applications | |
| Zhang et al. | Ndn-mps: Supporting multiparty authentication over named data networking | |
| CN110752934B (en) | Method for network identity interactive authentication under topological structure | |
| CN115174277B (en) | Data communication and file exchange method based on block chain | |
| CN113676330B (en) | Digital certificate application system and method based on secondary secret key | |
| CN113329003B (en) | Access control method, user equipment and system for Internet of things | |
| Nait-Hamoud et al. | Certificateless Public Key Systems Aggregation: An enabling technique for 5G multi-domain security management and delegation | |
| Lu et al. | Distributed Ledger Technology Based Architecture for Decentralized Device-to-Device Communication Network | |
| WO2008004174A2 (en) | Establishing a secure authenticated channel | |
| Boeyen et al. | Liberty trust models guidelines | |
| Su et al. | Consortium Blockchain Based Anonymous and Trusted Authentication Mechanism for IoT | |
| Jiwa et al. | Beacon based authentication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 210003, 66 new model street, Gulou District, Jiangsu, Nanjing Applicant after: NANJING University OF POSTS AND TELECOMMUNICATIONS Address before: 210000 No. 186 Software Avenue, Yuhuatai District, Nanjing, Jiangsu Province Applicant before: NANJING University OF POSTS AND TELECOMMUNICATIONS |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |