CN112165472A - Internet of things data security sharing method based on privacy protection - Google Patents

Abstract

The invention provides an Internet of things data security sharing method based on privacy protection, which comprises the following steps: initializing protocol parameters in an information sharing network domain; registering a terminal member; the terminal member acquires the attribute authority parameters of the terminal member, calculates an encryption key according to the Chinese remainder theorem, encrypts the shared information resources and stores the encrypted information resources in a linked database; calculating intermediate parameters required by the stored information resources, generating index information of the shared ciphertext and encapsulating the index information in a block, and so on, wherein each terminal member stores the related information of the ciphertext in the block to generate a block chain; access and sharing of ciphertext. According to the invention, identity and attribute parameter matching double authentication is adopted to prevent collusion attack and protect personal privacy, an attribute matching access control strategy is combined with a block chain technology to ensure the safety of shared resource information, the storage burden is reduced, the information resource sharing in the industrial Internet of things is more flexible, efficient and practical, and the method has important field research significance and commercial application value.

Description

Internet of things data security sharing method based on privacy protection

Technical Field

The invention relates to the technical field of information security, in particular to a privacy protection-based industrial Internet of things data security sharing method.

Background

The rapid development and continuous innovation of the computer technology and the Internet of things improve the efficiency of information storage and real-time exchange. Modern industrial systems require the application of industrial internet of things systems to realize higher-level data sharing, which necessitates data interaction between different internet of things systems in the form of an open network. However, such a highly open network is vulnerable to illegal attacks, which may cause various data to be damaged or lost, and may seriously affect the normal operation of the industrial system. Privacy protection and data security are security problems needing to be guaranteed for resource sharing, access control is one of the fundamental technologies for data information protection, and data can be guaranteed to be accessed only by users with corresponding permissions. And information resources are obtained and decrypted through attribute parameter matching, so that fine-grained, safe and flexible access to shared data is guaranteed.

The important foundation and core of industrial internet of things technology remains the internet. Through the integration of various wired networks, wireless networks and the Internet, in the industrial Internet of things, in order to guarantee the confidentiality and the leakage resistance of shared information and the personal privacy of information sharers among mobile terminals, shared resources are uploaded to a linked database of a block chain after being encrypted, the linked storage addresses and index information of the shared resources are stored in the block chain, a data visitor determines and downloads ciphertext resources according to the index information in the blocks, and then a decryption key is calculated to decrypt the ciphertext. Because the access to the internet of things is not limited by time and regions, the encryption of the shared resource information in the network environment is an important guarantee for the safety of information resources.

In order to prevent an illegal terminal from joining in inter-domain data sharing, a terminal member needs to perform identity authentication in the process of information resource sharing. The traditional identity authentication method is easy to expose personal identity information in the identity authentication process, and the identity authentication with hidden attributes is adopted, so that the personal privacy can be well protected. At present, research aiming at an industrial internet of things data security sharing method based on privacy protection does not appear yet. A series of challenging problems need to be solved, and the work of setting an access control strategy, identity authentication, personal privacy protection and the like in the information sharing process is unprecedented.

Disclosure of Invention

Aiming at the technical problems that personal identity information is easy to expose and sensitive data cannot be flexibly protected in the identity authentication process of the existing information resource sharing method, the invention provides the privacy protection-based Internet of things data security sharing method.

In order to achieve the purpose, the technical scheme of the invention is realized as follows: a method for safely sharing data of an Internet of things based on privacy protection comprises the following steps:

the method comprises the following steps: initialization of protocol parameters in an information sharing network domain: the CA and each terminal member generate respective public/private key pairs;

step two: registration of terminal members:

A) the authentication center CA selects network attribute parameters which are in one-to-one correspondence with the network attributes in the network attribute set, simultaneously generates attribute serial numbers which are in correspondence with the ordered network attribute set, and broadcasts the network attributes in the network attribute set, the corresponding network attribute parameters and the attribute serial numbers to all terminal members in the domain;

B) each terminal member calculates intermediate parameters required by terminal member registration by using the attributes in the respective ordered attribute set, and then sends the intermediate parameters to a Certificate Authority (CA);

C) after receiving the message sent by each terminal member, the CA verifies the identity of each terminal member, if the verification is passed, the CA selects a series of random numbers, calculates the attribute authority parameters and the signature, and sends the attribute authority parameters, the signature and the public key to each registered terminal member;

D) after each terminal member receives the message sent by the authentication center CA, the terminal member calculates the attribute authority parameters and intermediate parameters required by the registration of the terminal member, the terminal member verifies the identity of the authentication center CA and the correctness of the attribute authority parameters, if the verification is passed, each terminal member obtains the attribute authority parameters corresponding to the attributes, and the registration of each terminal member is successful;

E) the CA sends the public key, the attribute authority parameter, the attribute serial number and the corresponding network attribute parameter to each terminal member and stores the public key, the attribute authority parameter, the attribute serial number and the corresponding network attribute parameter in a block of each terminal member;

step three: information resource encryption storage:

F) the terminal member acquires the attribute authority parameters of the terminal member, calculates an encryption key by using the attribute serial number and the corresponding network attribute parameters according to the Chinese remainder theorem, encrypts the shared information resource into a ciphertext and stores the ciphertext in a linked database of the block chain;

G) the terminal members calculate intermediate parameters required by information resource storage according to the IP address sequencing, generate index information of a shared ciphertext, send the intermediate parameters required by the ciphertext, a public key, the IP address of the next terminal member and the attribute authority parameters acquired from the authentication center CA to the next terminal member, and package the information, the storage address of the ciphertext and a timestamp in a block;

H) after the next terminal member acquires the message sent by the last terminal member, the IP address and the attribute authority parameters are compared, if the message is correct, the terminal member writes a new block, calculates the intermediate parameters required by the stored ciphertext, generates the index information of the shared ciphertext, sends the intermediate parameters required by the stored resource, the public key, the IP address of the next terminal member and the attribute authority parameters acquired from the authentication center CA to the next terminal member, and encapsulates the information, the stored address of the ciphertext and the timestamp in a block; by analogy, each terminal member stores the relevant information of the ciphertext in the block to generate a block chain so that other terminal members can access the ciphertext;

step four: ciphertext access and sharing:

I) each terminal member determines a ciphertext which the terminal member wants to access according to the index information of the ciphertext resource in the block chain, then sends a public key, an attribute authority parameter and a signature of the terminal member to the terminal member possessing the ciphertext resource, and the terminal member possessing the ciphertext resource verifies the identity of the terminal member and returns a storage address to the terminal member; the terminal member downloads the ciphertext information from the linked database according to the storage address, selects the corresponding attribute authority parameters and the network attribute parameters according to the attribute serial number in the terminal member block with the ciphertext resource, calculates a decryption key according to the Chinese remainder theorem, and decrypts the ciphertext information to obtain the shared ciphertext.

The index information comprises the category, brief description, keywords and attribute serial numbers required by encryption of the ciphertext resources.

The method for generating the respective public/private key pair by the authentication center CA and each terminal member in the first step comprises the following steps:

(1) the CA randomly selects the master key and uses the generator of the additive groupCalculating a public/private key pair: the authentication center CA randomly selects a positive integer

As a system private key, and calculates a public key PK_A＝SK_Ag₁The authentication center CA will (SK)_A,PK_A) As a public/private key pair of the system; wherein, g₁Is an addition group G₁The generation element of (a) is generated,

representing a set of integers of order q, q being an addition group G₁Prime order of;

(2) each terminal member u in the domain_iRandomly selecting a public key, and calculating a private key of the public key by using a generator of an addition group: each terminal member u_iSelecting a random positive integer

Computing terminal member u_iPrivate key of

And public key

Wherein i is more than or equal to 1 and less than or equal to n, n is the number of terminal members in the domain,

is a terminal member u_iThe identity of (2) is identified,

is a hash function, {0,1}^*Representing a set of numeric strings of arbitrary length consisting of binary 0 and 1.

The method for registering the terminal member in the second step comprises the following steps:

A) the CA selects a group of positive integers p of pairwise reciprocity elements₁,p₂,....,p_RThe certification center CA sets the ordered network attribute set Attr as { a ═ a₁,A₂,...,A_ν,...,A_RAnd an attribute order number S corresponding to the set of network attributes₁,S₂,...,S_ν,...,S_RAnd positive integer p₁,p₂,....,p_ν,....p_RComposition message { (A)₁,S₁,p₁),(A₂,S₂,p₂),...,(A_R,S_R,p_R) Broadcasting to all terminal members in the domain; wherein, the network attribute A_ν＜A_ν+1，1≤ν≤R，R∈N^*Representing the number of network attributes, N^*Denotes a positive integer, S_νThe representation corresponds to the network attribute A_νAttribute sequence number of p_νThe representation corresponds to an attribute A_νAn attribute parameter;

B) terminal member u_iUsing its ordered set of attributes

The attribute element in (1) calculates an intermediate variable

And

terminal member u_iTo transmit information

Sending the information to a certification center CA; wherein i is more than or equal to 1 and less than or equal to n,

and o_iRepresenting intermediate variables, attribute sets, required for registration of a terminal member

r_i∈N^*And attribute

r_iIs a terminal member u_iNumber of attributes of (a)_i,kIs a terminal member u_iKth of (1)The number of the attributes is one,

indicating terminal member u_iThe identity of (2) is identified,

indicating terminal member u_iThe public key of (2); PK_ARepresenting the public key of the certificate authority CA,

indicating terminal member u_iA random positive integer of the public key and the private key is calculated,

is a hash function, | | is a connection symbol;

C) CA receiving terminal member u of authentication center_iTransmitted message

Thereafter, the certificate authority CA calculates intermediate variables

And passes the verification

Whether to authenticate terminal member u in standing_iIf the equality holds, the certificate authority CA selects the identity corresponding to each attribute a_i,kRandom number of

1≤k≤r_iThen, the intermediate variable χ is calculated_i，k＝ι_i，kθ_i，kAnd

authentication center CA will information

To registered terminalsPerson u_i(ii) a If the equality is not satisfied, the authentication center CA will use the terminal member u_iEliminating the region; wherein k represents a terminal member u_iThe kth attribute of (1), χ_i,kIs a terminal member u_iThe k-th attribute parameter of (2),_iis terminal member u_iRegistering required intermediate parameters;

D) terminal member u_iReceiving the information sent by the authentication center CA

Then, terminal member u_iComputing attribute rights parameters

And intermediate variables

Terminal member u_iBy verifying equation e: (_i,g₁)＝e(Φ_i,PK_A) Whether the identity and the attribute a of the authentication center CA are established or not_i,kCorresponding attribute authority parameter T_i,kIf the equation holds, the terminal member u_iObtain each attribute a thereof_i,kCorresponding attribute authority parameter, terminal member u_iThe registration is successful; if the equality is not true, terminal member u_iThe registration fails; wherein the content of the first and second substances,

attribute authority parameter, phi, representing terminal member_iRepresenting intermediate variables required for verifying the identity of the certificate authority CA; e (-) is a computable bilinear mapping function;

E) authentication center CA will information

Send to terminal member u_iAnd stored to terminal member u_iOn the block of (a).

Said verification equation

The method comprises the following steps:

the verification equation e: (_i,g₁)＝e(Φ_i,PK_A) The method comprises the following steps:

the method for encrypting the shared information resource into a ciphertext and storing the ciphertext in the downlink database of the block chain in the step F) comprises the following steps:

1) each having an ordered set of attributes

Terminal member u_iWhen sharing its information resource, terminal member u_iAccording to attribute serial number corresponding to its attribute

Obtaining corresponding network attribute parameters

Computing equation by using own attribute authority parameters

Calculating a unique solution according to the Chinese remainder theoremWherein the content of the first and second substances,

(ii) a Group key

1≤υ≤r_i，P、p_υAnd y_υIntermediate variables required for key calculation; mod represents a remainder function;

2) each terminal member u_iCalculate group key group_keyThen, for the information to be shared

And (3) encryption: terminal member u_iComputing an encrypted ciphertext

Encrypting information m; terminal member u_iSharing the encrypted ciphertext c_i,mUpload to the down-link database and forward the ciphertext c_i,mIs stored at the address

Returning to the down-link database in the block for storage; wherein the content of the first and second substances,

is a plaintext space.

The method for storing the index information of the ciphertext shared in the steps G) and H) comprises the following steps:

1) in the domain, each terminal member u participating in resource sharing_iBroadcasting its IP address and public key;

2) after the terminal members in the domain receive the messages broadcast by other members, each terminal member sorts according to the size of the IP address, and each terminal member stores the public keys and the IP addresses of the former terminal member and the latter terminal member; ordered set ordered according to the size of the IP address as

n is the number of terminal members in the domain,

indicating terminal member u_iOf public key, IP_iIndicating terminal member u_iThe IP address of (2);

3) terminal member u_iAccording to information shared by Certificate Authority (CA)

Computing signatures

Terminal member u_iInformation shared to it

Categorizing acquisition of categories of shared resources

Giving a short overview of shared resources

Extracting keywords of shared information

Attribute serial number corresponding to attribute used when encrypting information m

Generating index information of the shared resource information

Terminal member u_iObtaining the storage address of the shared information m in the down-link database

Terminal member u_iSending messages

Giving IP address as IP_i+1Terminal member u_i+1(ii) a Terminal member u_iRecording time information time_iAnd will transmit the message

Packaging into a block; therein, Sig_iIs terminal member u_iTime, signature of_iDenoted as time stamp;

respectively representing attribute serial numbers corresponding to the attributes used in encryption;

4) terminal member u_i+1Receiving terminal member u_iTransmitted information

Then, terminal member u_i+1The IP address of the user and the terminal member u_iComparing IP addresses in the blocks of (1), and comparing information

If the attribute authority parameters are the same as those stored in the block by the authentication center CA, if the IP address and the information are the same

Are all the same, terminal member u_i+1Writing a new tile, terminal member u_i+1Computing

And passes the verification equation

Verifying terminal member u_iIf the equality holds, terminal member u_i+1Determining that the message was sent by the previous member, terminal member u_i+1According to information shared by Certificate Authority (CA)

Computing signatures

Terminal member u_i+1Information shared to it

Categorizing acquisition of categories of shared resources

Give a short summary of shared resourcesDescription of (1)

Extracting keywords of shared resources

Attribute serial number corresponding to attribute used when encrypting the shared information m

Thereby generating index information of the shared resource information

Obtaining storage address of shared resource in down-link database

Terminal member u_i+1Sending messages

Giving IP address as IP_i+2Terminal member u_i+2(ii) a Terminal member u_i+1Recording time information time_i+1And will transmit the message

Packaging into a block; if the equality is not true, terminal member u_i+1Determining that the message was not sent by a previous terminal member, ignoring the message, and kicking the terminal member sending the message out of the network domain; therein, Sig_i+1Is terminal member u_i+1Time, signature of_i+1Denoted as time stamp;

5) each terminal member u_iThe index information and identity information of the shared information are encapsulated in their respective tiles and linked into a chain of tiles.

Said verification equation

The method comprises the following steps:

the method for accessing and sharing the resources in the fourth step comprises the following steps:

(1) each terminal member u in the domain_jDetermining the information to be accessed according to the index information in the block chain, and the terminal member u_jTerminal member u of owner viewing the information_iIndex information in the block to obtain corresponding attribute serial number

And sends information according to the attribute sequence number

To the owner u_iWherein, signing

Terminal member u_iCalculating intermediate variables

Terminal member u_iBy verifying the equation

Whether a verification terminal member u is established_jThe identity of (a); if the equation holds, terminal member u_iThe linked database address of the shared resource

Returned to terminal member u_j(ii) a If the equality is not satisfied, then the terminal member u is represented_jThe identity is in a problem and the resource cannot be accessed; wherein j is more than or equal to 1 and less than or equal to n, i is not equal to j, i is more than or equal to 1 and less than or equal to n, u_iTerminal member, mu, representing the owner of the resource information_iIntermediate variables required for resource access, H₂(. -) represents a hash function; r is_jIs a terminal member u_jThe number of the attributes of (a) is,

indicating terminal member u_jThe private key of (1);

(2) terminal member u_jAccording to owner u_kShared resource of (2)

Downloading information c of corresponding cipher text_k,mThen according to the obtained attribute serial number

Selecting corresponding attribute authority parameters and network attribute parameters, and calculating decryption key according to Chinese remainder theorem

According to the decryption key x_jAnd decrypting the ciphertext c_k,mCalculating to obtain plaintext, i.e. shared resource

Said verification equation

The method comprises the following steps:

compared with the prior art, the invention has the beneficial effects that: terminal members in the domain perform identity authentication through an identity authentication technology with hidden attributes before performing information resource sharing; after the identity of each terminal member is confirmed, attribute authority parameters corresponding to the attribute of each terminal member are calculated, an encryption key is calculated according to the Chinese remainder theorem, then shared data resources are encrypted and uploaded to a down-link database, the storage address of the ciphertext resource is returned to an on-link block for storage, and meanwhile, index information and personal identity information of the shared resources are stored in the on-link block, so that the safety and leakage resistance of the information resources can be guaranteed, the storage burden of the block chain can be reduced, and users can conveniently search the data resources. The terminal members in the domain of the invention adopt a symmetric encryption algorithm to encrypt the shared information, the members who need to access the information and have attribute parameter matching can download the data resource according to the down-link storage address, and the attribute serial number in the index information selects the corresponding attribute authority parameter and the network attribute parameter to calculate the decryption key for decryption and viewing; the identity authentication technology with hidden attributes is adopted to realize the effects of personal privacy protection and identity authentication in the identity authentication process of resource information sharing, and the traceability that data information cannot be falsified and illegal attacks is guaranteed by utilizing the advantages of the block chain technology, and meanwhile, the problem of large communication traffic and calculation amount is avoided. When accessing the resources of the data, the shared resources can be decrypted only by passing identity authentication and successfully matching the attribute authority parameters, so that collusion attack of illegal terminals is avoided. According to the invention, a ciphertext attribute authentication technology is adopted to protect personal privacy, an attribute matching access control strategy is applied, and a block chain technology is combined to ensure the safety of shared resource information and the transparency of data storage, and a data resource storage mode combining block chain on-index storage and chain off-database storage is adopted to reduce the storage burden, so that the calculation and communication in the information sharing process are lighter; the safety of shared data and illegal attack tracing are guaranteed by utilizing the characteristics of non-tampering and traceability of the block chain technology; when accessing information resources, the identity and attribute parameter matching double authentication is adopted to prevent collusion attack, so that the information resource sharing in the industrial Internet of things is more flexible, efficient and practical, and the method has important field research significance and commercial application value.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.

FIG. 1 is a schematic flow chart of the present invention.

Fig. 2 is a diagram illustrating specific information transmission for resource information sharing according to embodiment 1 of the present invention.

FIG. 3 is a block diagram of data storage for resource information sharing according to the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without inventive effort based on the embodiments of the present invention, are within the scope of the present invention.

Aiming at the problems of confidentiality, integrity and leakage resistance of data resources when information is safely shared among mobile terminals in a network under the complex communication environment of the industrial Internet of things; meanwhile, in the internet of things, a mobile terminal can access the internet of things at any time and any place to cause the problems of complexity, randomness and the like of communication environment personnel. Firstly, a CA in a domain randomly selects a main encryption key and calculates a corresponding public/private key pair, each terminal member in the domain randomly selects a public key, and then calculates a private key of the terminal member by using a generating element of an addition group; secondly, the authentication center CA selects corresponding prime numbers as network attribute parameters according to the number of the attributes in the intra-domain network attribute set, generates corresponding attribute serial numbers, and broadcasts the information to each terminal member in the domain; each terminal member calculates the intermediate variable required by the registration of the terminal member by using the attribute of the terminal member and sends the intermediate variable to an authentication center CA in the domain, the authentication center CA verifies the identity of each terminal member and then calculates the corresponding attribute parameter, the authentication center CA sends the intermediate parameter, the attribute parameter and the public key required by the registration of the terminal to each terminal member, each terminal member calculates the attribute authority parameter corresponding to the attribute of the terminal member after receiving the message, then verifies the identity of the authentication center CA and the correctness of the attribute authority parameter, and if the verification is passed, the registration of each terminal is completed. The CA in the domain sends the public key, the attribute parameters, the corresponding attribute serial number and the corresponding network attribute parameters to each terminal member and stores the public key, the attribute parameters, the corresponding attribute serial number and the corresponding network attribute parameters in a block. And then, the terminal member calculates an encryption key according to the Chinese remainder theorem by using the corresponding attribute authority parameter and the corresponding network attribute parameter, encrypts shared resource information by using the encryption key to generate an encryption ciphertext, uploads the ciphertext to a downlink database of the block chain, and stores a downlink storage address of the shared resource in the uplink block. The terminal members classify the ciphertext resources, combine the category, the general description, the keywords and the serial numbers of the attributes required by encryption of the ciphertext resources into index information to be stored in the blocks on the chain of the terminal members, and store the identity information of the terminal members in the blocks to generate block chains; finally, the terminal members determine the ciphertext which the terminal members want to access according to the index information in the block, and after the ciphertext which the terminal members want to access is determined, the terminal members sign and send the related parameter information to all the terminal members of the resource; all the terminal members of the resource verify the identity of the access terminal member, and if the identity passes the verification, the storage address of the shared resource is sent to the access terminal member; and after downloading the corresponding ciphertext according to the ciphertext storage address, the access terminal member selects the corresponding attribute authority parameter and the network attribute parameter according to the attribute serial number, calculates a corresponding decryption key according to the Chinese remainder theorem, and then decrypts the ciphertext.

1. Theoretical basic knowledge and associated definitions to which the invention relates

1.1 bilinear mapping problem

Definition 1. bilinear mapping: let G₁Is an additive group with a generator g₁I.e. G₁＝<g1>，G₂Is a multiplicative cyclic group. Addition group G₁And multiplication cyclic group G₂Having a common large prime order q,

is a safety parameter, and adds group G₁And multiplication cyclic group G₂The discrete logarithm of (1) is difficult, adding group G₁And multiplication cyclic group G₂Is a pair of bilinear groups, e is a computable bilinear map, and e: G₁×G₁→G₂It has the following properties:

properties 2. non-degradability: there is a generator ω, ρ ∈ G₁So that e (ω, ρ) ≠ 1.

Property 3. calculability: there are efficient algorithms, for the generator ω, ρ ∈ G₁E (ω, ρ) can be calculated.

Inference 1. for all generative elements ρ₁,ρ₂,ω∈G₁With e (ρ)₁+ρ₂,ω)＝e(ρ₁,ω)e(ρ₂,ω)。

1.2 computational complexity problem

Definition 1 Discrete Logarithm Problem (DLP): for the equation Y aQ, where the generator Y, Q e G₁Parameter of

If the parameter a and the generator Q are known, the generator Y can be easily calculated. However, given the generator Q and the generator Y, the probability of calculating the parameter a is negligible in polynomial time.

Definition 2.Diffie-Hellman inverse problem operation (ICDH): give g₁,ag₁And abg₁For the parameters

Calculating (ab/a) g₁。

1.3 theorem of Chinese remainder

Giving a series of positive integers p of pairwise reciprocity₁,p₂,...,p_nI.e. gcd (p)_i,p_j) 1(i ≠ j); wherein p ═ p₁p₂...p_n＝p_iD_i，D_i＝p₁p₂...p_i-1p_i+1...p_nCalculating the equation

To derive a unique solution

Wherein, y_i·D_i mod p_i1, i 1,2, n, gcd () represents a function that verifies whether positive integers are prime, p_i、l_i、y_iThe intermediate variables required for the key calculation, mod represents the remainder function and x represents the key.

Example 1

Under the condition of complex data sharing, an authentication center CA in a domain needs to perform identity authentication on a terminal member sharing data information, but when the identity information is provided, the identity information is easy to leak or be stolen. For safety, when information is shared and authenticated by multiple parties, personal identity privacy needs to be protected. During information sharing, confidentiality, integrity and leakage resistance of communication information are guaranteed, and members meeting an access policy are required to share the information. In view of the application background, the invention provides a privacy protection-based industrial internet of things data security sharing method, as shown in fig. 1, comprising the following steps: firstly, initializing parameters of terminal members participating in information resource sharing, and respectively generating respective public/private key pairs; registering terminal members in the domain, performing hidden attribute identity authentication on the terminal members in the domain before information encryption storage and information resource access, calculating corresponding attribute authority parameters according to respective attribute sets of the terminal members, and sending public keys, attribute parameters, attribute serial numbers and network attribute parameters of the terminal members to the terminal members and storing the public keys, the attribute parameters, the attribute serial numbers and the network attribute parameters in blocks of the terminal members by an authentication center CA; thirdly, information encryption storage, each terminal member selects corresponding attribute authority parameters and network attribute parameters according to the own attribute, then calculates an encryption key by using the Chinese remainder theorem, encrypts the data information shared by the terminal members by using the encryption key, uploads the encrypted ciphertext to a down-link database of a block chain, returns the storage address of the encrypted ciphertext to an on-link block, generates index information consisting of the category, brief description, keywords and serial numbers of the attribute used for encryption of the shared ciphertext, stores the index information in the block, uploads the identity information of each terminal member to each block, generates a block chain, and the structure of the block is shown in FIG. 3; and fourthly, each terminal member determines the shared resource which the terminal member wants to access according to the index information in the block chain, then sends the identity information of the terminal member to the terminal member which has the resource which the terminal member wants to access, the terminal member which has the data resource verifies the identity of the access terminal, after the authentication is passed, the storage address of the shared resource is sent to the access terminal, the terminal member downloads the ciphertext according to the storage address of the ciphertext, selects the corresponding attribute authority parameter and the network attribute parameter according to the attribute serial number in the index information, and then calculates a decryption key according to the Chinese remainder theorem to decrypt the ciphertext so as to obtain the shared resource. A model diagram of the entire system is shown in fig. 2. The method comprises the following specific steps:

the method comprises the following steps: information sharing network initialization protocol parameters: and generating a public/private key pair of the authentication center CA and each terminal member.

Suppose that the information sharing network comprises an authentication center CA and n terminal members, wherein the authentication center CA is used for generating system parameters and a system master key, and the authentication center CA is also used for verifying the identity of a terminal member entity so as to track the identity of an anonymous terminal member in a block chain. Set of n terminal members with U ═ U₁,u₂,...,u_nDenotes that the identities of the respective n terminal members are set

And (4) showing. The authentication center CA defines a network attribute sequence ATTR ═ a arranged in a specified order₁|A₂|...|A_RThe corresponding network attribute set is Attr ═ a₁,A₂,...,A_j,...,A_RAnd network attribute A_j＜A_j+1,j＜R，R∈N^*Representing the number of network attributes, N^*Representing a positive integer.

1≤r_iR is less than or equal to terminal member u in network_iOrdered attribute set of (2), arranged with the ordered attribute setSequence-wise corresponding property sequences

r∈N^*And attribute a_i,r-1＜a_i,r，r_iIndicating terminal member u_iR of_iAnd null indicates that the attribute value is null.

If the terminal member wants to store the shared resource on the blockchain, or the terminal member wants to access the resource on the blockchain, the terminal member must be a legal authenticated member and have corresponding access right.

The method for generating respective public/private key pairs by the authentication center CA in the information sharing network domain and each terminal member in the network comprises the following steps:

the certificate authority CA within the domain runs the key generation algorithm KeyGen (1)^λ) Obtaining public and private key pair (SK)_A,PK_A) Wherein the authentication center CA randomly selects a positive integer

As a system private key, and calculates a public key PK_A＝SK_Ag₁(ii) a Authentication center CA will (SK)_A,PK_A) As a public/private key pair of the system. Each terminal member u in the domain_iSelecting a random positive integer from E to U

Computing

Is terminal member u_iThe private key of (1). Calculate its public key

The system parameter is params ═ (PK)_A,q,G₁,G₂,g₁,e,H₁,H₂) (ii) a Wherein, g₁Is an addition group G₁The generation element of (a) is generated,

representing a set of integers of order q, q being an addition group G₁KeyGen () represents a key generation algorithm, and λ represents an intermediate variable required for key calculation; i is more than or equal to 1 and less than or equal to n, n is the number of terminal members in the domain, and U is { U ═₁,u₂,...,u_nIs a set of n terminal members,

is a terminal member u_iThe private key of (a) is used,

is a terminal member u_iThe public key of (a) is stored,

is a terminal member u_iThe identity of (2) is identified,

are two hash functions, {0,1}^*Representing a set of numeric strings of arbitrary length consisting of binary 0 and 1.

Step two: and registering the terminal member.

In order to prevent unauthorized terminal members from participating in information resource sharing, only terminal members with authority are allowed to participate in information encryption storage and information resource access. The invention adopts the identity authentication mode of hidden attribute, and the identity authentication is carried out on the terminal members in the domain before information uploading and information access, thereby avoiding the participation of other unauthorized users. Each terminal member interacts with the authentication center CA to generate an attribute authority parameter corresponding to each attribute. And finally, the authentication center CA sends the public key, the attribute authority parameter, the network attribute parameter and the attribute serial number of the authentication center CA to each block and stores the public key, the attribute authority parameter, the network attribute parameter and the attribute serial number in the blocks on the chain.

The invention realizes the safe sharing of intra-domain information, has the function of traditional identity authentication, can protect the personal privacy problem, matches and accesses according to the attribute authority parameters, and terminal members with different attribute authority parameters access data with different sensitivity degrees, thereby avoiding the leakage of sensitive information. The specific implementation method for registering the terminal member comprises the following steps:

(1) the CA selects a group of positive integers p of pairwise reciprocity elements₁,p₂,....,p_RI.e. gcd (p)_ν,p_α) R, ν ≠ α,1, 2, · v ≠ α; the authentication center CA combines the network attribute set and the attribute sequence number corresponding to the network attribute set and the positive integer into a message { (A)₁,S₁,p₁),(A₂,S₂,p₂),...,(A_R,S_R,p_R) Broadcasting to all terminal members in the network domain; wherein A is_ν(1. ltoreq. v. ltoreq.R) represents a network attribute, and the network attribute A_α＜A_α+1，α＜R，R∈N^*Representing the number of network attributes, N^*Denotes a positive integer, S_νThe representation corresponds to the network attribute A_νAttribute sequence number of p_νThe representation corresponds to an attribute A_νAn attribute parameter;

(2) owning property sets

Terminal member u_iComputing intermediate variables using attribute elements in attribute sets

And

then terminal member u_iTo transmit information

Sending the information to a certification center CA; wherein i is more than or equal to 1 and less than or equal to n,

and o_iRepresenting intermediate variables, attribute sets, required for registration of a terminal member

r∈N^*And attribute a_i,r-1＜a_i,r，r_iIs a terminal member u_iThe number of the attributes of (a) is,

indicating terminal member u_iThe ID of (a) is stored in the memory,

indicating terminal member u_iThe public key of (2); PK_ARepresenting the public key of the certificate authority CA,

representation of terminal Member u_iCalculating positive integers required by the public key and the private key,

is a hash function and represents a concatenation symbol.

(3) Receiving terminal member u by authentication center CA_iTransmitted message

Thereafter, the certificate authority CA calculates intermediate variables

And according to the formula

Whether to authenticate terminal member u in standing_iIf the equality holds, the certificate authority CA selects the identity corresponding to each attribute a_i,kRandom number of

1≤k≤r_iThen calculating the intermediate variable χ_i，k＝ι_i，kθ_i，kAnd

authentication center CA will information

Sent to registered terminal member u_i. If the verification is not passed, the authentication center CA rejects the terminal member from the domain of the information sharing network. Wherein k represents a terminal member u_iThe kth attribute of (1), χ_i,kIs a terminal member u_iThe k-th attribute parameter of (2),_iis terminal member u_iThe intermediate parameters required for registration. Note that: for two different terminal members u_iAnd u_l(i ≠ l) two attributes a corresponding to each other_i,jAnd a_l,kIf j is k, then the random number iota_i,j＝ι_l,k。

Wherein the equation

The proving method comprises the following steps:

。

(4) terminal member u_iReceiving the information sent by the authentication center CA

Then, terminal member u_iComputing attribute rights parameters

And intermediate variables

Then, terminal member u_iBy verifying equation e: (_i,g₁)＝e(Φ_i,PK_A) Whether the identity and the attribute a of the authentication center CA are established or not_i,kCorresponding attribute authority parameter T_i,kIf the verification is passed, the terminal member u_iObtain each attribute a thereof_i,kCorresponding attribute authority parameter, terminal member u_iThe registration is successful; if the verification fails, the terminal member is indicated to fail to register; wherein the content of the first and second substances,

attribute authority parameters representing terminal members, which are terminal member mu_iIntermediate variable, Φ, required for registration_iRepresenting an intermediate variable, PK, required for verifying the identity of a certificate authority CA_ARepresenting the public key of the certificate authority CA, e (-) is a computable bilinear mapping function formula. Wherein, equation e: (_i,g₁)＝e(Φ_i,PK_A) The proving method comprises the following steps:

(5) finally, the authentication center CA sends the information

Send to terminal member u_iAnd stored to terminal member u_iOn the block of (a).

Step three: and (5) encrypting and storing the information resource.

Terminal members in the domain calculate an encryption key by using the Chinese remainder theorem, encrypt shared resource information and upload the encrypted resource information to a downlink database, and then store a storage address in an uplink block; and simultaneously, generating index information of the shared ciphertext and the identity information of each terminal member, uploading the index information and the identity information to each block, and generating a block chain. The index information comprises the category of the ciphertext, brief description of the ciphertext, keywords and a serial number corresponding to an attribute parameter used during encryption of the ciphertext. The process is as follows:

(1) the method for encrypting the shared resources and storing the shared resources under the link comprises the following steps:

1) each owning attribute set

Terminal member u_iWhen sharing the data resource, firstly, according to the attribute sequence number corresponding to the attribute of the user

Obtaining corresponding network attribute parameters

Then, the self attribute authority parameters are used for calculation

According to the Chinese remainder theorem, a unique solution can be calculated

Wherein the content of the first and second substances,

the shared information is encrypted and decrypted as a group key, so that the information sharing safety between terminal members in the network domain is ensured. Wherein, k is more than or equal to 1 and less than or equal to n, k is not equal to i, group_keyAnd x_iPresentation key, P, p_υAnd y_υIntermediate variables required for key calculation; mod represents the remainder function.

2) Each terminal member u_iCalculate the secret x_iThen, for the information he wants to share

Encryption: terminal member u_iBy calculation of

Resource m is encrypted. Then, terminal member u_iCiphertext resource c to be shared_i,mUploading to the on-chain database and transmitting the cipher text resource c_i,mIs stored at the address

Returning to the chain storage in the blocks; wherein the content of the first and second substances,

as a plaintext space, c_i,mIs an encrypted ciphertext.

(2) The method for storing the index information of the shared resources on the chain comprises the following steps:

1) in the network domain, each terminal u participating in resource sharing_iBroadcast his IP address and public key;

2) after the terminal members in the domain receive the messages broadcast by other members, each member is sorted according to the size of the IP address. Each member then stores the public keys and IP addresses of its previous and next members. Assume a sequence set of

3) Terminal member u_iAccording to information shared by Certificate Authority (CA)

Computing signatures

Then, terminal member u_iEncrypted information shared thereto

Categorizing acquisition of categories of shared resources

Then a brief overview of the shared resources is given

Description of the invention

The method is mainly used for searching the resources by the resource accessor. At the same time, extracting keywords of shared resources

Attribute sequence number corresponding to attribute used when encrypting the shared resource

Thereby generating index information of the shared resource information

Finally, the storage address of the shared resource in the down-link database is obtained

Then, terminal member u_iSending messages

Giving IP address as IP_i+1Terminal member u_i+1. Finally, terminal member u_iRecording time information time_iAnd will transmit the message

Packaging into a block; therein, Sig_iIs terminal member u_iTime, signature of_iDenoted as time stamps.

Respectively representing the attribute serial number corresponding to each attribute used in encryption.

4) Terminal member u_i+1Receiving terminal member u_iTransmitted information

Then, terminal member u_i+1The IP address of the user and the terminal member u_iIP address comparison in blocks and comparing information

If the IP address and information are the same as those stored in the block by the authentication center CA

Are all equal, terminal member u_i+1A new block is written. Terminal member u_i+1Computing

And according to the equation

Verifying terminal member u_iIf the equality holds, terminal member u_i+1It may be determined that the message was sent by a previous member; terminal member u_i+1According to information shared by Certificate Authority (CA)

Computing

Then, terminal member u_i+1Resource shared to it

Categorizing acquisition of categories of shared resources

Then a brief overview of the shared resources is given

At the same time, extracting keywords of shared resources

Attribute sequence number corresponding to attribute used when encrypting the shared resource

Thereby generating index information of the shared resource information

Finally, the storage address of the shared resource in the down-link database is obtained

Then, terminal member u_i+1Sending messages

Giving IP address as IP_i+2Is terminal toPerson u_i+2. Finally, terminal member u_i+1Recording time information time_i+1And will transmit the message

Packaging into a block; therein, Sig_i+1Is terminal member u_i+1Time, signature of_i+1Denoted as time stamps.

Equation of

The proving method comprises the following steps:

5) according to the above calculation process, each terminal member encapsulates the index information and identity information of the shared resource in their respective tiles and links them into a chain of tiles.

Step four: resource access and sharing

The terminal members in the domain determine ciphertext resources to be accessed according to the index information in the block, then send the identity information of the terminal members to the terminal members with shared ciphertext resources to be accessed, the terminal members with the access resources verify the identity of the access terminal, after the verification is passed, the terminal members with the access resources return the storage address of the ciphertext resources to the access terminal, the access terminal downloads the ciphertext resources according to the address, then selects corresponding parameters according to the index information and calculates a decryption key by using the Chinese remainder theorem, the ciphertext resources are decrypted to access and view, and the process is as follows:

(1) each terminal member u in the network domain_jDetermining the data resource to be accessed according to the index information in the block chain, and the terminal member u_jView the data resource owner u_iIndex information in the block to obtain corresponding attribute serial number

And sends information according to the attribute sequence number

To the owner u_iWherein, signing

Owner u_iComputing

Then owner u_kBy verifying the equation

Whether a verification terminal member u is established_jThe identity of (c). If the verification passes, the owner u_kThe linked database address of the shared resource

Returned to terminal member u_j. Wherein j is more than or equal to 1 and less than or equal to n, i is not equal to j, i is more than or equal to 1 and less than or equal to n, mu_kIntermediate variables required for resource access, H₂(. -) represents a hash function; r is_jIs a terminal member u_jThe number of the attributes of (a) is,

indicating terminal member u_jThe private key of (1).

Equation of

The proving method comprises the following steps:

(2) terminal member u_jAccording to owner u_kShared resource of (2)

Downloading corresponding cipher text information c_k,mThen according to the obtained attribute serial number

Selecting corresponding attribute authority parameters and network attribute parameters, and calculating decryption key according to Chinese remainder theorem

According to the decryption key x_jAnd decrypting the ciphertext c_k,mCalculating to obtain plaintext, i.e. shared resource

Example 2

Fig. 1 shows a specific embodiment for explaining the contents and implementation methods of the present invention. In this embodiment, for convenience of illustration, the number of terminal members participating in information resource sharing is at most 10, and the entity set of the terminal members is expressed as

The set of corresponding entity terminal membership is represented as

The authentication center CA defines the attribute set of all terminal members as Attr ═ a₁,A₂,A₃U terminal member_i(1. ltoreq. i. ltoreq.10) as attr_i＝{a_i,1,a_i,2,a_i,3U terminal member_υ(1 is more than or equal to upsilon is less than or equal to 10, upsilon is not equal to i) is attr_υ＝{a_υ,1,a_υ,2}. The details introduced in this example are not intended to limit the scope of the claims but to assist in understanding the manner of practicing the invention. Those skilled in the art will understand that: various modifications, changes or substitutions to the preferred embodiment steps are possible without departing from the spirit and scope of the invention and its appended claims. Therefore, the present invention should not be limited to the disclosure of the preferred embodiments and the accompanying drawings.

The method comprises the following steps: initialization

Hypothetical information sharing networkThe network comprises a certification center CA and 10 terminal members, wherein the certification center CA is used for generating system parameters and a system master key. The certification authority CA is also used to verify the identity of the terminal entity to track the identity of the anonymous terminal member in the blockchain. Set of 10 terminal members U ═ U₁,u₂,...,u₁₀Denotes that the identities of the respective 10 terminal members are grouped together

And (4) showing. The authentication center CA defines a network attribute sequence ATTR ═ a arranged in a specified order₁|A₂|A₃The corresponding network attribute set is Attr ═ a₁,A₂,A₃And A is_j＜A_j+1(j＜3)，R∈N^*Indicating the number of network attributes. attr_i＝{a_i,1,a_i,2,a_i,3Is terminal member u in the network_iCorresponding to the network attribute set arrangement order attr_i＝a_i,1|a_i,2|a_i,3，

r∈N^*And attribute a_i,r-1＜a_i,rAnd r represents a terminal member u_iThe r-th attribute of (1). (N)^*Represents a positive integer)

If a terminal member wants to store the shared resource on the blockchain or the terminal wants to access the resource on the blockchain, the terminal member must be a legal authenticated member and have a corresponding access right.

The method for generating respective public/private key pairs by the authentication center CA in the information sharing network domain and each terminal member in the network comprises the following steps:

the certificate authority CA within the domain runs the key generation algorithm KeyGen (1)^λ) Obtaining public and private key pair (SK)_A,PK_A) Wherein, in the step (A),

as a system private key, and calculates a public key PK_A＝SK_Ag₁(ii) a Each terminal member u in the domain_iSelecting a random positive integer from e U (i is more than or equal to 1 and less than or equal to 10)

Computing

Is terminal member u_iThe private key of (1). Then calculates its public key

The system parameter is params ═ (PK)_A,q,G₁,G₂,g₁,e,H₁,H₂) (ii) a Wherein, g₁Is an addition group G₁The generation element of (a) is generated,

representing a set of integers of order q, q being an addition group G₁Prime order of; i is more than or equal to 1 and less than or equal to 10, 10 is the number of terminal members in the domain,

is a terminal member u_iThe private key of (a) is used,

is a terminal member u_iThe public key of (a) is stored,

is a terminal member u_iThe identity of (2) is identified,

are two hash functions.

Suppose G₁Is an addition group, G₂Is a multiplication loop group, calculating an addition group G₁And multiplication cyclic group G₂The discrete logarithm problem of (g) is difficult to solve₁∈G₁Is an addition group G₁A generator of (1), an addition group G₁And multiplication cyclic group G₂With the same prime order q, there is one doubletLinear mapping function e G₁×G₁→G₂。

Are two hash functions.

The certificate authority CA within the domain runs the key generation algorithm KeyGen (1)^λ) Obtaining public and private key pair (SK)_A,PK_A) Wherein, in the step (A),

as a system private key, and calculates a public key PK_A＝SK_Ag₁(ii) a Each terminal member u in the domain_iSelecting a random positive integer from e U (i is more than or equal to 1 and less than or equal to 10)

Computing

Is terminal member u_iThe private key of (1). Then calculates its public key

The system parameter is params ═ (PK)_A,q,G₁,G₂,g₁,e,H₁,H₂) (ii) a Wherein i is more than or equal to 1 and less than or equal to 10.

Step two: terminal member registration

(1) The CA selects a positive integer p of two-two mutualins₁,p₂,p₃The authentication center CA uses the network attribute set and the corresponding attribute serial number and the positive integer { (A)₁,S₁,p₁),(A₂,S₂,p₂),(A₃,S₃,p₃) Broadcasting to all terminal members in the network domain; wherein A is_j(1. ltoreq. j. ltoreq.3) represents a network attribute, the network attribute A_j＜A_j+1，j＜3，S_jThe representation corresponds to an attribute A_jAttribute sequence number of p_jThe representation corresponds to an attribute A_jThe attribute parameter of (2).

(2) Possess attribute set attr_i＝{a_i,1,a_i,2,a_i,3Terminal member u of_iComputing using attribute elements in an attribute set

And

then terminal member u_iTo transmit information

Sending the information to a certification center CA; wherein i is more than or equal to 1 and less than or equal to 10, theta_i，1θ_i，2θ_i，3And o_iRepresenting intermediate variables, attribute sets, required for registration of a terminal member

And attribute a_i,1＜a_i,2＜a_i,3，

Indicating terminal member u_iThe ID of (a) is stored in the memory,

indicating terminal member u_iThe public key of (2).

(3) Receiving terminal member u by authentication center CA_iTransmitted message

Then, the authentication center CA calculates

And passes the verification equation

Whether a verification terminal member u is established_iIf the verification is passed, the certificate authority CA selects the identity corresponding to each attribute a_i,kRandom number of

(1. ltoreq. k. ltoreq.3), and then calculating χ_i，k＝ι_i，kθ_i，kAnd_i＝SK_A(ι_i,1a_i,1+ι_i,2a_i,2+ι_i,3a_i,3)g₁(Note: for two different terminals member u_iAnd u_l(i ≠ l) two attributes a corresponding to each other_i,jAnd a_l,kIf j is k, iota_i,j＝ι_l,k). The authentication center CA then passes the information { PK_A,_i,(χ_i,1,χ_i,2,χ_i,3) Sending it to registered terminal member u_i. If the verification is not passed, the authentication center CA rejects the member from the network domain; wherein, χ_i,kIs the attribute parameter of the terminal member, k is more than or equal to 1 and less than or equal to 3,_iis an intermediate parameter required by the registration of the terminal member; wherein, verifying

The proving method comprises the following steps:

(4) terminal member u_iReceiving information { PK sent by a certification center CA_A,_i,(χ_i,1,χ_i,2,χ_i,3) After that, terminal member u_i(1. ltoreq. i.ltoreq.10) calculation

And phi_i＝(T_i,1+T_i,2+T_i,3). Terminal member u_iBy verifying equation e: (_i,g₁)＝e(Φ_i,PK_A) Whether the identity and the attribute a of the authentication center CA are established or not_i,k(k is more than or equal to 1 and less than or equal to 3) corresponding attribute authority parameter T_i,kIf the verification is passed, the terminal member u_iObtain each attribute a thereof_i,k(k is more than or equal to 1 and less than or equal to 3), and each terminal is successfully registered; if the verification fails, the terminal member is indicated to fail to register; wherein, T_i,1,T_i,2,T_i,3Attribute authority parameter, mu, representing a terminal member_iRegistering required intermediate variables for the terminal members; PK_AA public key representing a certificate authority CA, e (-) being a computable bilinear mapping function formula; wherein, equation e: (_i,g₁)＝e(Φ_i,PK_A) The proving method comprises the following steps:

(5) finally, the authentication center CA sends the information

Send to terminal member u_iAnd store to u_iOn the block of (a).

Step three, resource encryption storage

Terminal members in the domain calculate an encryption key by using the Chinese remainder theorem, encrypt shared resource information and upload the encrypted resource information to a downlink database, and then store a storage address in an uplink block; meanwhile, index information (including the type of the ciphertext, brief description of the ciphertext, keywords and serial numbers corresponding to attribute parameters used during ciphertext encryption) for generating the shared ciphertext and identity information of each terminal member are uploaded to respective blocks, and block chains are generated. The specific process is as follows:

(1) the method for encrypting the shared resources and storing the shared resources under the link comprises the following steps:

1) each owning attribute set { a }_i,1,a_i,2,a_i,3U terminal member_i(i is more than or equal to 1 and less than or equal to 10), when sharing the data resource, firstly, according to the attribute serial number { S corresponding to the own attribute₁,S₂,S₃Get the corresponding network attribute parameter { p }₁,p₂,p₃And then calculating by using the attribute authority parameters of the users

According to the Chinese remainder theorem, a unique solution can be calculated

Wherein the content of the first and second substances,

the shared information is encrypted and decrypted as a group key, so that the information sharing safety between terminals in a network domain is ensured. Wherein i is more than or equal to 1 and less than or equal to 10, group_key，x_iRepresenting a secret key, P, P_υ，y_υIntermediate variables required for key calculation.

2) Each terminal member u_iAfter calculating the key, the information to be shared

Encryption: terminal member u_iBy calculation of

Resource m is encrypted. Then, terminal member u_iCiphertext resource c to be shared_i,mUploading to an on-chain database. Then, the memory address of the cipher text resource is used

Returning to the chain storage in the blocks; wherein the content of the first and second substances,

as a plaintext space, c_i,mIs an encrypted ciphertext.

(2) The method for storing the index information chain of the shared resource comprises the following steps:

1) in the network domain, each terminal u participating in resource sharing_i(1 ≦ i ≦ 10) broadcasting his IP address and public key;

2) after the members in the domain receive the messages broadcast by other members, each member is sorted according to the size of the IP address. Each member then stores the public keys and IP addresses of its previous and next members. We have found thatAssume a sequence set of

3) Terminal member u_iAccording to information shared by Certificate Authority (CA)

Computing

Then u_iResource shared to it

Categorizing acquisition of categories of shared resources

Then a brief overview of the shared resources is given

(mainly for resource visitors to find resources). At the same time, extracting keywords of shared resources

An attribute sequence number (S) corresponding to an attribute used when encrypting the shared resource_1,m,S_2,m,S_3,m) Thereby generating index information of the shared resource information

Finally, the storage address of the shared resource in the down-link database is obtained

Then, terminal member u_iSending messages

Giving IP address as IP_i+1Terminal member u_i+1. Finally, terminal member u_iRecording time information time_iAnd will transmit the message

Packaging into a block; therein, Sig_iIs terminal member u_iTime, signature of_iDenoted as time stamps.

4) Terminal member u_i+1Receiving terminal member u_iTransmitted information

Then, terminal member u_i+1The IP address of the user and the terminal member u_iIP address comparison in blocks and comparison of information (χ)_i,1,χ_i,2,χ_i,3) If the IP address and information (x) are the same as those stored in the block by CA_i,1,χ_i,2,χ_i,3) Are all equal, terminal member u_i+1A new block is written. Terminal member u_i+1Calculating mu_i＝H₂(χ_i,1||χ_i,2||χ_i,3) And according to the equation

Verification of u_iIf the equality holds, terminal member u_i+1It may be determined that the message was sent by a previous member; terminal member u_i+1According to information shared by CA

Computing

Then, terminal member u_i+1Resource shared to it

Categorizing acquisition of categories of shared resources

Then a brief overview of the shared resources is given

(mainly for resource visitors to find resources). At the same time, extracting keywords of shared resources

An attribute sequence number (S) corresponding to an attribute used when encrypting the shared resource_1,m,S_2,m,S_3,m) Thereby generating index information of the shared resource information

Finally, the storage address of the shared resource in the down-link database is obtained

Then, terminal member u_i+1Sending messages

Giving IP address as IP_i+2Terminal member u_i+2. Finally, terminal member u_i+1Recording time information time_i+1And will transmit the message

Packaging into a block; therein, Sig_i+1Is terminal member u_i+1Time, signature of_i+1Denoted as time stamp; wherein the content of the first and second substances,

the proving method comprises the following steps:

5) according to the above calculation process, each terminal member encapsulates the index information and identity information of the shared resource in their respective blocks and links them into block chains;

resource access and sharing

The terminal members in the domain determine the data resources to be accessed according to the index information in the block, then send the identity information of the terminal members to the terminal members with the shared resources to be accessed, the terminal members with the accessed resources verify the identity of the access terminal, after the verification is passed, the terminal members with the accessed resources return the storage address of the resources to the access terminal, the access terminal downloads the resource ciphertext according to the address, then selects the corresponding parameters according to the index information and calculates the decryption key by using the Chinese remainder theorem, decrypts the ciphertext for access and viewing, and the process is as follows:

(1) each terminal member u in the network domain_j(j is more than or equal to 1 and less than or equal to 10, i is not equal to j) determining the data resource which is to be accessed according to the index information in the block chain, and u is_jView the data resource owner u_kIndex information in the block, obtaining corresponding attribute serial number (S)_1,m,S_2,m,S_3,m) And sends information according to the attribute sequence number

Feeding u_k(k is more than or equal to 1 and less than or equal to 10, k is not equal to j), wherein,

u_kcalculating mu_k＝H₂(χ_j,1||χ_j,2||χ_j,3) Then u is_kBy the equation

Verification of u_jThe identity of (c). If the verification passes, u_kThe linked database address of the shared resource

Is returned to u_j. Wherein j is more than or equal to 1 and less than or equal to 10, mu_kIntermediate variables required for resource access, H₂(. -) represents a hash function; wherein the equation

The proving method comprises the following steps:

(2) terminal member u_jAccording to terminal member u_kShared resource of (2)

Downloading corresponding cipher text information c_k,mThen according to the obtained attribute serial number (S)_1,m,S_2,m,S_3,m) Selecting corresponding attribute authority parameters and network attribute parameters, and calculating decryption key according to Chinese remainder theorem

Decipher the ciphertext c_k,mCalculating to obtain a plaintext

The authentication center and the terminal members in the information sharing network domain generate respective public/private key pairs; terminal members in the domain interact with the authentication center CA to perform attribute authentication to obtain attribute authority parameters and other related attribute parameters, and registration is completed; after verifying the identity of each terminal member, the CA sends the public key of the CA, the public key of each terminal member, the attribute parameters, the network attribute parameters and the attribute serial number to each terminal member, and each terminal member stores the information in respective block; the terminal member selects corresponding parameters to calculate an encryption key according to the Chinese remainder theorem and encrypts shared resource information into a ciphertext, stores the ciphertext in a linked database of a block chain, and stores a storage address of the shared ciphertext in a linked block; storing the category of the shared ciphertext resource, the general description information, the key words, index information such as serial numbers corresponding to attribute parameters used in ciphertext encryption and the like and a down-link storage address, namely identity information of each terminal member in each block to generate a block chain; the terminal member determines the data resource to be accessed according to the index information in the block chain, then sends the identity information of the terminal member to the terminal member with the shared resource to be accessed, the terminal member with the accessed resource verifies the identity of the access terminal, after the verification is passed, the terminal member with the accessed resource returns the down-link storage address of the resource to the access terminal, the access terminal downloads the resource ciphertext according to the storage address, then selects the corresponding attribute parameter according to the index information and calculates the decryption key by using the Chinese remainder theorem, decrypts the ciphertext to check the resource information, and thereby obtains the shared resource information.

The invention is based on hidden attribute authentication and block chain technology theory, and is provided on the premise of taking decision bilinear Diffie-Hellman (DBDH) problem as a safety hypothesis, the identity authentication technology adopting hidden attribute realizes personal privacy protection in the identity authentication process of resource information sharing, and the block chain technology is adopted to store data, thereby not only ensuring the safety of data information, but also evenly distributing calculation and communication expenses on each node, adopting identity and attribute authority parameter matching joint authentication, avoiding collusion attack of terminal members without authority, and ensuring the safety and flexibility of information resource safety sharing. The invention realizes identity authentication of each terminal member in the industrial Internet of things, encrypts and uploads information resources to the downlink database, and then downloads, decrypts and checks the resource information to be accessed according to the index information ciphertext storage address and the calculation parameter in the block, so as to realize safety and flexibility of information resource sharing.

The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.

Claims (10)

1. A method for safely sharing data of an Internet of things based on privacy protection is characterized by comprising the following steps:

the method comprises the following steps: initialization of protocol parameters in an information sharing network domain: the CA and each terminal member generate respective public/private key pairs;

step two: registration of terminal members:

A) the authentication center CA selects network attribute parameters which are in one-to-one correspondence with the network attributes in the network attribute set, simultaneously generates attribute serial numbers which are in correspondence with the ordered network attribute set, and broadcasts the network attributes in the network attribute set, the corresponding network attribute parameters and the attribute serial numbers to all terminal members in the domain;

B) each terminal member calculates intermediate parameters required by terminal member registration by using the attributes in the respective ordered attribute set, and then sends the intermediate parameters to a Certificate Authority (CA);

C) after receiving the message sent by each terminal member, the CA verifies the identity of each terminal member, if the verification is passed, the CA selects a series of random numbers, calculates the attribute authority parameters and the signature, and sends the attribute authority parameters, the signature and the public key to each registered terminal member;

D) after each terminal member receives the message sent by the authentication center CA, the terminal member calculates the attribute authority parameters and intermediate parameters required by the registration of the terminal member, the terminal member verifies the identity of the authentication center CA and the correctness of the attribute authority parameters, if the verification is passed, each terminal member obtains the attribute authority parameters corresponding to the attributes, and the registration of each terminal member is successful;

E) the CA sends the public key, the attribute authority parameter, the attribute serial number and the corresponding network attribute parameter to each terminal member and stores the public key, the attribute authority parameter, the attribute serial number and the corresponding network attribute parameter in a block of each terminal member;

step three: information resource encryption storage:

F) the terminal member acquires the attribute authority parameters of the terminal member, calculates an encryption key by using the attribute serial number and the corresponding network attribute parameters according to the Chinese remainder theorem, encrypts the shared information resource into a ciphertext and stores the ciphertext in a linked database of the block chain;

G) the terminal members calculate intermediate parameters required by information resource storage according to the IP address sequencing, generate index information of a shared ciphertext, send the intermediate parameters required by the ciphertext, a public key, the IP address of the next terminal member and the attribute authority parameters acquired from the authentication center CA to the next terminal member, and package the information, the storage address of the ciphertext and a timestamp in a block;

H) after the next terminal member acquires the message sent by the last terminal member, the IP address and the attribute authority parameters are compared, if the message is correct, the terminal member writes a new block, calculates the intermediate parameters required by the stored ciphertext, generates the index information of the shared ciphertext, sends the intermediate parameters required by the stored resource, the public key, the IP address of the next terminal member and the attribute authority parameters acquired from the authentication center CA to the next terminal member, and encapsulates the information, the stored address of the ciphertext and the timestamp in a block; by analogy, each terminal member stores the relevant information of the ciphertext in the block to generate a block chain so that other terminal members can access the ciphertext;

step four: ciphertext access and sharing:

I) each terminal member determines a ciphertext which the terminal member wants to access according to the index information of the ciphertext resource in the block chain, then sends a public key, an attribute authority parameter and a signature of the terminal member to the terminal member possessing the ciphertext resource, and the terminal member possessing the ciphertext resource verifies the identity of the terminal member and returns a storage address to the terminal member; the terminal member downloads the ciphertext information from the linked database according to the storage address, selects the corresponding attribute authority parameters and the network attribute parameters according to the attribute serial number in the terminal member block with the ciphertext resource, calculates a decryption key according to the Chinese remainder theorem, and decrypts the ciphertext information to obtain the shared ciphertext.

2. The Internet of things data security sharing method based on privacy protection as claimed in claim 1, wherein the index information includes category, brief description, keyword of cipher text resource and attribute serial number required for encryption.

3. The Internet of things data security sharing method based on privacy protection as claimed in claim 1 or 2, wherein in the first step, the method for the authentication center CA and each terminal member to generate respective public/private key pairs is as follows:

(1) the CA randomly selects a master key, and calculates a public/private key pair by using a generator of the addition group: the authentication center CA randomly selects a positive integer

As a system private key, and calculates a public key PK_A＝SK_Ag₁The authentication center CA will (SK)_A,PK_A) As a public/private key pair of the system; wherein, g₁Is an addition group G₁The generation element of (a) is generated,

representing a set of integers of order q, q being an addition group G₁Prime order of;

(2) each terminal member u in the domain_iRandomly selecting a public key, and calculating a private key of the public key by using a generator of an addition group: each terminal member u_iSelecting a random positive integer

Computing terminal member u_iPrivate key of

And public key

Wherein i is more than or equal to 1 and less than or equal to n, n is the number of terminal members in the domain,

is a terminal member u_iThe identity of (2) is identified,

is a hash function, {0,1}^*Representing a set of numeric strings of arbitrary length consisting of binary 0 and 1.

4. The Internet of things data security sharing method based on privacy protection as claimed in claim 3, wherein the method for registering the terminal member in the second step is as follows:

A) the CA selects a group of positive integers p of pairwise reciprocity elements₁,p₂,....,p_RThe certification center CA sets the ordered network attribute set Attr as { a ═ a₁,A₂,...,A_ν,...,A_RAnd an attribute order number S corresponding to the set of network attributes₁,S₂,...,S_ν,...,S_RAnd positive integer p₁,p₂,....,p_ν,....p_RComposition message { (A)₁,S₁,p₁),(A₂,S₂,p₂),...,(A_R,S_R,p_R) Broadcasting to all terminal members in the domain; wherein, the network attribute A_ν＜A_ν+1，1≤ν≤R，R∈N^*Representing the number of network attributes, N^*Denotes a positive integer, S_νThe representation corresponds to the network attribute A_νAttribute sequence number of p_νThe representation corresponds to an attribute A_νAn attribute parameter;

B) terminal member u_iUsing its ordered set of attributes attr_i＝{a_i,1,a_i,2,...,a_i,k,...,a_i,riThe attribute elements in the } compute intermediate variables

And

terminal member u_iTo transmit information

Sending the information to a certification center CA; wherein i is more than or equal to 1 and less than or equal to n, theta_i,1,θ_i,2,...,

And o_iRepresenting intermediate variables, attribute sets, required for registration of a terminal member

r_i∈N^*And attribute

r_iIs a terminal member u_iNumber of attributes of (a)_i,kIs a terminal member u_iThe (k) th attribute of (2),

indicating terminal member u_iThe identity of (2) is identified,

indicating terminal member u_iThe public key of (2); PK_ARepresenting the public key of the certificate authority CA,

indicating terminal member u_iA random positive integer of the public key and the private key is calculated,

is a hash function, | | is a connection symbol;

C) CA receiving terminal member u of authentication center_iTransmitted message

Thereafter, the certificate authority CA calculates intermediate variables

And passes the verification

Whether to authenticate terminal member u in standing_iIf the equality holds, the certificate authority CA selects the identity corresponding to each attribute a_i,kRandom number of

Then, the intermediate variable χ is calculated_i,k＝ι_i,kθ_i,kAnd

authentication center CA will information

Sent to registered terminal member u_i(ii) a If the equality is not satisfied, the authentication center CA will use the terminal member u_iEliminating the region; wherein k represents a terminal member u_iThe kth attribute of (1), χ_i,kIs a terminal member u_iThe k-th attribute parameter of (2),_iis terminal member u_iRegistering required intermediate parameters;

D) terminal member u_iReceiving the information sent by the authentication center CA

Then, terminal member u_iComputing attribute rights parameters

And intermediate variables

Terminal member u_iBy verifying equation e: (_i,g₁)＝e(Φ_i,PK_A) Whether the identity and the attribute a of the authentication center CA are established or not_i,kCorresponding attribute authority parameter T_i,kIf the equation holds, the terminal member u_iObtain each attribute a thereof_i,kCorresponding attribute authority parameter, terminal member u_iThe registration is successful; if the equality is not true, terminal member u_iThe registration fails; wherein, T_i,1,T_i,2,...,T_i,riAttribute authority parameter, phi, representing terminal member_iRepresenting intermediate variables required for verifying the identity of the certificate authority CA;e (-) is a computable bilinear mapping function;

E) authentication center CA will information

Send to terminal member u_iAnd stored to terminal member u_iOn the block of (a).

5. The Internet of things data security sharing method based on privacy protection as claimed in claim 4, wherein the verification equation

The method comprises the following steps:

the verification equation e: (_i,g₁)＝e(Φ_i,PK_A) The method comprises the following steps:

6. the Internet of things data security sharing method based on privacy protection as claimed in claim 4, wherein the method for encrypting the information resource shared in step three, namely F), into the ciphertext and storing the ciphertext in the downlink database of the blockchain comprises the following steps:

1) each having an ordered set of attributes

Terminal member u_iWhen sharing its information resource, terminal member u_iAccording to the attribute serial number S corresponding to the attribute₁,S₂,...,S_riGet the corresponding network attribute parameter

Computing equation by using own attribute authority parameters

To produce a unique solution

Wherein the content of the first and second substances,

(ii) a Group key

P、p_υAnd y_υIntermediate variables required for key calculation; mod represents a remainder function;

2) each terminal member u_iCalculating group key group_keyThen, for the information to be shared

And (3) encryption: terminal member u_iComputing an encrypted ciphertext

Encrypting information m; terminal member u_iSharing the encrypted ciphertext c_i,mUpload to the down-link database and forward the ciphertext c_i,mIs stored at the address

Returning to the down-link database in the block for storage; wherein the content of the first and second substances,

is a plaintext space.

7. The Internet of things data security sharing method based on privacy protection as claimed in claim 6, wherein the method for storing the index information of the ciphertext shared in the steps G) and H) is as follows:

1) in the domain, participate in resource sharingEach terminal member u of_iBroadcasting its IP address and public key;

2) after the terminal members in the domain receive the messages broadcast by other members, each terminal member sorts according to the size of the IP address, and each terminal member stores the public keys and the IP addresses of the former terminal member and the latter terminal member; ordered set ordered according to the size of the IP address as

n is the number of terminal members in the domain,

indicating terminal member u_iOf public key, IP_iIndicating terminal member u_iThe IP address of (2);

3) terminal member u_iAccording to information shared by Certificate Authority (CA)

Computing signatures

Terminal member u_iInformation shared to it

Categorizing acquisition of categories of shared resources

Giving a short overview of shared resources

Extracting keywords of shared information

Attribute serial number corresponding to attribute used when encrypting information m

Generating index information of the shared resource information

Terminal member u_iObtaining the storage address of the shared information m in the down-link database

Terminal member u_iSending messages

Giving IP address as IP_i+1Terminal member u_i+1(ii) a Terminal member u_iRecording time information time_iAnd will transmit the message

Packaging into a block; therein, Sig_iIs terminal member u_iTime, signature of_iDenoted as time stamp; s_1,m,S_2,m,...,

Respectively representing attribute serial numbers corresponding to the attributes used in encryption;

4) terminal member u_i+1Receiving terminal member u_iTransmitted information

Then, terminal member u_i+1The IP address of the user and the terminal member u_iComparing IP addresses in the blocks of (1), and comparing information

If the attribute authority parameters are the same as those stored in the block by the authentication center CA, if the IP address and the information are the same

Are all the same, terminal member u_i+1Writing a new tile, terminal member u_i+1Computing

And passes the verification equation

Verifying terminal member u_iIf the equality holds, terminal member u_i+1Determining that the message was sent by the previous member, terminal member u_i+1According to information shared by Certificate Authority (CA)

Computing signatures

Terminal member u_i+1Information shared to it

Categorizing acquisition of categories of shared resources

Giving a short overview of shared resources

Extracting keywords of shared resources

Attribute serial number corresponding to attribute used when encrypting the shared information m

Thereby generating index information of the shared resource information

Obtaining storage address of shared resource in down-link database

Terminal member u_i+1Sending messages

Giving IP address as IP_i+2Terminal member u_i+2(ii) a Terminal member u_i+1Recording time information time_i+1And will transmit the message

Packaging into a block; if the equality is not true, terminal member u_i+1Determining that the message was not sent by a previous terminal member, ignoring the message, and kicking the terminal member sending the message out of the network domain; therein, Sig_i+1Is terminal member u_i+1Time, signature of_i+1Denoted as time stamp;

5) each terminal member u_iThe index information and identity information of the shared information are encapsulated in their respective tiles and linked into a chain of tiles.

8. The Internet of things data security sharing method based on privacy protection as claimed in claim 7, wherein the verification equation

The method comprises the following steps:

9. the Internet of things data security sharing method based on privacy protection as claimed in claim 7, wherein the resource access and sharing method in the fourth step is as follows:

(1) each terminal member u in the domain_jDetermining a desired access based on index information in a block chainInformation asked, terminal member u_jTerminal member u of owner viewing the information_iIndex information in the block to obtain corresponding attribute serial number

And sends information according to the attribute sequence number

To the owner u_iWherein, signing

Terminal member u_iCalculating intermediate variables

Terminal member u_iBy verifying the equation

Whether a verification terminal member u is established_jThe identity of (a); if the equation holds, terminal member u_iThe linked database address of the shared resource

Returned to terminal member u_j(ii) a If the equality is not satisfied, then the terminal member u is represented_jThe identity is in a problem and the resource cannot be accessed; wherein j is more than or equal to 1 and less than or equal to n, i is not equal to j, i is more than or equal to 1 and less than or equal to n, u_iTerminal member, mu, representing the owner of the resource information_iIntermediate variables required for resource access, H₂(. -) represents a hash function; r is_jIs a terminal member u_jThe number of the attributes of (a) is,

indicating terminal member u_jThe private key of (1);

(2) terminal member u_jAccording to owner u_kShared resource of (2)

Downloading information c of corresponding cipher text_k,mThen according to the obtained attribute serial number

Selecting corresponding attribute authority parameters and network attribute parameters, and calculating decryption key according to Chinese remainder theorem

According to the decryption key x_jAnd decrypting the ciphertext c_k,mCalculating to obtain plaintext, i.e. shared resource

10. The privacy protection-based secure sharing method of data of the internet of things according to claim 9, wherein the verification equation is

The method comprises the following steps:

Images