CN112181308A - Block chain based distributed data storage method and electronic equipment - Google Patents

Block chain based distributed data storage method and electronic equipment Download PDF

Info

Publication number
CN112181308A
CN112181308A CN202011091574.6A CN202011091574A CN112181308A CN 112181308 A CN112181308 A CN 112181308A CN 202011091574 A CN202011091574 A CN 202011091574A CN 112181308 A CN112181308 A CN 112181308A
Authority
CN
China
Prior art keywords
target
storage node
parameter
terminal
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202011091574.6A
Other languages
Chinese (zh)
Inventor
赵书鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ningbo Golden Lion Technology Co Ltd
Original Assignee
Ningbo Golden Lion Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ningbo Golden Lion Technology Co Ltd filed Critical Ningbo Golden Lion Technology Co Ltd
Priority to CN202011091574.6A priority Critical patent/CN112181308A/en
Publication of CN112181308A publication Critical patent/CN112181308A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/062Securing storage systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/22Indexing; Data structures therefor; Storage structures
    • G06F16/2282Tablespace storage structures; Management thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0602Interfaces specially adapted for storage systems specifically adapted to achieve a particular effect
    • G06F3/0614Improving the reliability of storage systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • G06F3/0601Interfaces specially adapted for storage systems
    • G06F3/0668Interfaces specially adapted for storage systems adopting a particular infrastructure
    • G06F3/067Distributed or networked storage systems, e.g. storage area networks [SAN], network attached storage [NAS]

Abstract

The embodiment of the disclosure discloses a distributed data storage method based on a block chain and an electronic device. One embodiment of the method comprises: acquiring a target data block set to be stored; generating a system parameter group; based on the data block identification and the system parameter group, encrypting the target data block set to obtain a ciphertext set; sending the ciphertext set to a first terminal, wherein the ciphertext set is stored by the first terminal, and a storage record table is generated by the first terminal; receiving a storage record table returned by the first terminal; and recording the storage record table into the block chain. The method encrypts the target data block and then sends the target data block to the first terminal, and the first terminal carries out secondary encryption and generates coded data with redundancy and then stores the coded data. And finally, the storage record table is issued to the block chain, so that the confidentiality and fault tolerance requirements of distributed storage based on the block chain can be met, and the fault tolerance of the system can be ensured while the safety of the stored data is improved.

Description

Block chain based distributed data storage method and electronic equipment
Technical Field
The embodiment of the disclosure relates to the field of block chains and data storage, in particular to a distributed data storage method and electronic equipment based on block chains.
Background
The distributed storage is a product combining a distributed technology and a virtualization technology, and integrates various storage devices of different types in a network through technologies such as a cluster, a grid and a distributed file system through software to cooperatively work, so as to provide a new storage mode with data storage and service access functions. With the development of the block chain technology, the confidentiality and the credibility of distributed storage and communication are effectively ensured by chaining the storage terminals of the distributed storage and relying on decentralization and traceability of the block chain.
However, when the method is adopted for large-scale distributed data storage, the following technical problems still face:
first, distributed storage of data poses serious threat and challenge of attack. Any failure of the cloud storage server, such as a broken hard disk, fire, network failure, etc., may result in partial or even complete corruption of the user data. Hidden danger exists in storage confidentiality.
Second, the use of a mirror-based data backup mechanism in the blockchain can solve the fault tolerance problem. However, when the amount of data is large, the space of the data of a large number of images is consumed seriously, and the storage utilization rate is low.
Disclosure of Invention
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
Some embodiments of the present disclosure propose a block chain based distributed data storage method and an electronic device to solve one or more of the technical problems mentioned in the background section above.
In a first aspect, some embodiments of the present disclosure provide a method for block chain-based distributed data storage, the method including: acquiring a target data block set to be stored; generating a system parameter group; based on the data block identification and the system parameter group, encrypting the target data block set to obtain a ciphertext set; sending the ciphertext set to a first terminal, wherein the ciphertext set is stored by the first terminal, and a storage record table is generated by the first terminal; receiving a storage record table returned by the first terminal; and recording the storage record table into the block chain.
In a second aspect, some embodiments of the present disclosure provide a blockchain-based distributed data storage apparatus, the apparatus comprising: the data storage device comprises a first receiving unit, a second receiving unit and a processing unit, wherein the first receiving unit is configured to acquire a target data block set to be stored, the target data block set comprises a first number of target data blocks, and the first number of target data blocks have the same data block identification; a generating unit configured to generate a system parameter group, wherein the system parameter group includes a first parameter, a first generator, a second parameter, and a third parameter; the first processing unit is configured to encrypt a target data block set based on the data block identifier and the system parameter group to obtain a ciphertext set; a storage unit configured to transmit a ciphertext set to a first terminal, wherein the first terminal stores the ciphertext set; the second receiving unit is configured to receive the storage record table returned by the first terminal; and the second processing unit is configured to record the storage record table into the block chain.
In a third aspect, some embodiments of the present disclosure provide an electronic device, comprising: one or more processors; a storage device having one or more programs stored thereon which, when executed by one or more processors, cause the one or more processors to implement a method as in any one of the first aspects.
The above embodiments of the present disclosure have the following advantages: firstly, generating a system parameter group for encryption, and encrypting a target data block set by using the system parameter group and a received data block identifier to obtain a ciphertext set. Second, the set of ciphertexts is transmitted to a first terminal for storing data. The first terminal randomly determines a storage node set and determines a first encryption parameter and a second encryption parameter for each storage node in the storage node set. And the first terminal generates an encoding matrix, and generates an encrypted ciphertext by using the encoding matrix, the first encryption parameter and the second encryption parameter of each storage node in the storage node set and the data block identifier. The encrypted ciphertext is obtained by performing secondary encryption on the basis of the ciphertext set based on the encryption parameter of the first terminal, and the confidentiality of distributed storage data can be improved. In addition, certain storage redundancy can be guaranteed by utilizing the coding matrix. When the problems of data destruction or data loss occur, the data can be quickly recovered. Finally, the storage record table is recorded into the block chain. And realizing distributed data storage based on the block chain by using the characteristics of decentralization and traceability of the block chain. The method transmits the target data block to the first terminal in the form of encrypted ciphertext set, and the system parameter set used for encryption is not transmitted simultaneously with the ciphertext set. And the first terminal carries out secondary encryption and generates and stores coded data with redundancy. And finally, the storage record table is issued to the block chain, so that the confidentiality and fault tolerance requirements of distributed storage based on the block chain can be met, and the fault tolerance of the system can be ensured while the safety of the stored data is improved.
Drawings
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. Throughout the drawings, the same or similar reference numbers refer to the same or similar elements. It should be understood that the drawings are schematic and that elements and features are not necessarily drawn to scale.
FIG. 1 is an architectural diagram of an exemplary system in which some embodiments of the present disclosure may be applied;
FIG. 2 is a flow diagram of some embodiments of a blockchain based distributed data storage method according to some embodiments of the present disclosure;
FIG. 3 is a flow diagram of some embodiments of a blockchain based distributed data storage device according to some embodiments of the present disclosure;
FIG. 4 is a schematic block diagram of an electronic device suitable for use in implementing some embodiments of the present disclosure.
Detailed Description
Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure are shown in the drawings, it is to be understood that the disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided for a more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the disclosure are for illustration purposes only and are not intended to limit the scope of the disclosure.
It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings. The embodiments and features of the embodiments in the present disclosure may be combined with each other without conflict.
It should be noted that the terms "first", "second", and the like in the present disclosure are only used for distinguishing different devices, modules or units, and are not used for limiting the order or interdependence relationship of the functions performed by the devices, modules or units.
It is noted that references to "a", "an", and "the" modifications in this disclosure are intended to be illustrative rather than limiting, and that those skilled in the art will recognize that "one or more" may be used unless the context clearly dictates otherwise.
The names of messages or information exchanged between devices in the embodiments of the present disclosure are for illustrative purposes only, and are not intended to limit the scope of the messages or information.
The present disclosure will be described in detail below with reference to the accompanying drawings in conjunction with embodiments.
Fig. 1 illustrates an exemplary system architecture 100 to which embodiments of the blockchain-based file storage method of the present disclosure may be applied.
As shown in fig. 1, the system architecture 100 may include terminal devices 101, 102, 103, a network 104, and a server 105. The network 104 serves as a medium for providing communication links between the terminal devices 101, 102, 103 and the server 105. Network 104 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
The user may use the terminal devices 101, 102, 103 to interact with the server 105 via the network 104 to receive or send messages or the like. The terminal devices 101, 102, 103 may have installed thereon various communication client applications, such as a file storage application, a data analysis application, a natural language processing application, and the like.
The terminal apparatuses 101, 102, and 103 may be hardware or software. When the terminal devices 101, 102, 103 are hardware, they may be various terminal devices having a display screen, including but not limited to smart phones, tablet computers, laptop portable computers, desktop computers, and the like. When the terminal apparatuses 101, 102, 103 are software, they can be installed in the above-listed terminal apparatuses. Which may be implemented as multiple software or software modules (e.g., to provide targeted data input, etc.), or may be implemented as a single software or software module. And is not particularly limited herein.
The server 105 may be a server that provides various services, such as a server that stores target data input by the terminal apparatuses 101, 102, 103, and the like. The server may encrypt, distribute, store, and the like the received target data, and feed back a processing result (e.g., an encrypted ciphertext set) to the terminal device.
It should be noted that the distributed data storage method based on the block chain provided by the embodiment of the present disclosure may be executed by the server 105, or may be executed by the terminal device.
It should be noted that the local area of the server 105 may also directly store data, and the server 105 may directly extract the local data and obtain encrypted data through encryption processing, in this case, the exemplary system architecture 100 may not include the terminal devices 101, 102, and 103 and the network 104.
It should be noted that the terminal devices 101, 102, and 103 may also have a storage application installed therein, and in this case, the segmentation processing method may also be executed by the terminal devices 101, 102, and 103. At this point, the exemplary system architecture 100 may also not include the server 105 and the network 104.
The server 105 may be hardware or software. When the server 105 is hardware, it may be implemented as a distributed server cluster composed of a plurality of servers, or may be implemented as a single server. When the server is software, it may be implemented as a plurality of software or software modules (for example, for providing storage services), or as a single software or software module. And is not particularly limited herein.
It should be understood that the number of terminal devices, networks, and servers in fig. 1 is merely illustrative. There may be any number of terminal devices, networks, and servers, as desired for implementation.
With continued reference to fig. 2, a flow 200 of some embodiments of a blockchain-based distributed data storage method according to the present disclosure is shown. The distributed data storage method based on the block chain comprises the following steps:
step 201, acquiring a target data block set to be stored.
In some embodiments, an executing agent (e.g., the electronic device shown in fig. 1) of the blockchain-based distributed data storage method may directly obtain a target set of data blocks to be stored by a target user. Optionally, the target user refers to a user who provides a target data block to be stored. The set of target data blocks includes a first number of target data blocks. The first number of target data blocks have the same data block identification. In particular, the data chunk identification may be an element in the group generated by the generator. The first number of target data blocks have the same generator. The data chunk identification is used to characterize the target set of data chunks.
In step 202, a system parameter set is generated.
In some embodiments, the execution agent generates the system parameter set. Specifically, the system parameter set includes a first parameter, a second parameter, and a third parameter.
And 203, encrypting the target data block set based on the data block identifier and the system parameter group to obtain a ciphertext set.
In some embodiments, the execution body generates a public key and a private key based on the system parameter set. Specifically, g is a third parameter. x represents a system randomly generated private key, gxRepresenting a public key.
For each target data block in the target data block set, performing encryption processing by using the following formula to generate a ciphertext of the target data block, so as to obtain the ciphertext set:
Ci=(gr,h,Mie(gx,hr)),
wherein r ∈ ZpP is the first parameter and g is the third parameter. M denotes a target data block set, i denotes a target data block count, MiRepresenting the ith target data block. e denotes a second argument, and e () is a hash function. x represents the private key, gxRepresenting a public key. h represents a data block identifier, C represents a ciphertext, CiA cipher text representing the target data block.
And step 204, sending the ciphertext set to the first terminal.
In some embodiments, the execution body sends the ciphertext set to the first terminal, and the first terminal stores the ciphertext set. Optionally, the first terminal randomly determines a third number of target storage nodes to obtain a target storage node set. And for each ciphertext in the ciphertext set, the first terminal randomly selects a fourth number of storage nodes in the target storage node set, and stores the ciphertext in the fourth number of storage nodes respectively. Wherein the fourth number is less than the third number.
Optionally, the first terminal generates a coding matrix. The encoding matrix includes a first number of rows and a third number of columns. The elements in the coding matrix are all from finite fields GF (2)s) Is generated by randomly extracting elements, GF represents a finite field, and s is a positive integer.
Optionally, for each target storage node in the target storage node set, the first terminal generates a first encryption parameter and a second encryption parameter of the target storage node. The first terminal generates a first encryption parameter of the target storage node using the following formula:
Figure BDA0002722275240000061
where j represents the target storage node count, A represents the first encryption parameter, AjRepresenting the jth first encryption parameter. α represents a first encryption parameter element, α ═ gr。r∈ZpP is the first parameter and g is the third parameter. Alpha is alphajRepresenting the jth first encryption parameter element, q being an element in the coding matrix, qi,jRepresenting the elements of the ith row and the jth column in the coding matrix. C denotes ciphertext, CiThe ciphertext of the ith target data block is represented. N denotes an encrypted ciphertext stored in a storage node, NjAnd representing the encrypted ciphertext of the jth target storage node. Ci∈NjIs represented by CiIs the encrypted ciphertext stored in the jth target storage node that corresponds to the ith target data block.
Optionally, the first terminal generates the second encryption parameter of the target storage node by using the following formula:
Figure BDA0002722275240000071
where j represents the target storage node count, B represents the second encryption parameter, BjRepresenting the jth second encryption parameter. Y represents a second encryption parameter element, y ═ Mie(gx,hr),r∈Zp. p is the first parameter and g is the third parameter. M denotes a target data block set, i denotes a target data block count, MiRepresenting the ith target data block. e denotes a second argument, and e () is a hash function. x represents the private key, gxRepresenting a public key. h denotes a data block identification. Gamma rayjRepresenting the jth second encryption parameter element, q being an element in the coding matrix, qi,jRepresenting the element in the ith row and the jth column of the coding matrix. C denotes ciphertext, CiThe ciphertext of the ith target data block is represented. N denotes an encrypted ciphertext stored in a storage node, NjRepresenting the encrypted ciphertext of the jth target storage node, Ci∈NjIs represented by CiIs the encrypted ciphertext stored in the jth target storage node that corresponds to the ith target data block.
Optionally, for each target storage node in the target storage node set, the first terminal generates an encrypted ciphertext of the target storage node based on the first encryption parameter of the target storage node, the second encryption parameter of the target storage node, the data block identifier, and the encoding matrix. Specifically, the first terminal determines the target storage node count as a fifth number. The first terminal determines a set of elements of a fifth number of columns in the coding matrix as a coding sequence. And the first terminal determines a set of the first encryption parameter of the target storage node, the second encryption parameter of the target storage node, the data block identifier and the coding sequence as an encryption ciphertext of the target storage node.
For each target storage node in the target storage node set, the first terminal stores the encrypted ciphertext of the target storage node.
Optionally, the first terminal generates a storage record table. And generating a storage record table according to the corresponding relation between the fourth number of storage nodes and the ciphertexts in the ciphertexts set stored corresponding to the fourth number of storage nodes. And the elements in the storage record table are the content of the first byte of the ciphertext and the address of the storage node corresponding to the ciphertext.
The above formula is an inventive point of the embodiments of the present disclosure, and solves the technical problems mentioned in the background art. First, the first terminal receives a ciphertext set that has been encrypted. The system parameter group used for generating the ciphertext set is not sent to the first terminal, and the safety of the data block set to be stored is improved. And secondly, the first terminal generates a first encryption parameter and a second encryption parameter to encrypt the coded data stored in the storage node again, and generates an encrypted ciphertext. The method ensures that the first terminal for storage does not master the system parameter group for generating the ciphertext set, the encryption parameters and the system parameter group for generating the final ciphertext are mastered by different terminals, and the confidentiality requirement of distributed storage based on the block chain can be met, so that the technical problem I is solved. And then, the first terminal generates coded data, the coded data has certain redundancy, and elements in the coding matrix are all obtained by random extraction in a finite field. In the process of data recovery, a complete encrypted file can be recovered by using basic exclusive-or operation according to the coding matrix, so that rapid and accurate storage fault recovery is realized. The first terminal determines a set of a first encryption parameter, a second encryption parameter, a data block identifier and a coding sequence in a coding matrix of the target storage node as an encryption ciphertext stored in the target storage node, so that the safety of stored data can be improved, and the fault-tolerant capability of a system can be guaranteed, thereby solving the technical problem two.
Step 205, receiving the storage record table returned by the first terminal.
In some embodiments, the execution body receives the storage record table returned by the first terminal.
Step 206, record the storage record table into the block chain.
In some embodiments, the execution body records the storage record table into the block chain. Optionally, an intelligent contract is invoked, wherein the intelligent contract comprises intelligent contract code, an instance, and execution data. The intelligent contract includes intelligent contract code, an instance, and execution data. An intelligent contract is a set of commitments defined in digital form. The intelligent contract can control data in the block chain and appoint the rights and obligations of each participating terminal in the block chain. The smart contracts may be automatically executed by the computer system. In particular, the intelligent contract includes intelligent contract code, instances, and execution data. The intelligent contract code may be the source code of the intelligent contract. The intelligent contract code may be a piece of code that the computer system is capable of executing. An instance may be an actual service in a blockchain running an intelligent contract. The execution data may be data that remains in the blockchain after execution of an instance.
And operating the intelligent contract code and storing the storage record table in a block chain. Specifically, the storage record table may be determined as one block. And running intelligent contract codes to add the block to the block chain. Specifically, the intelligent contract for recording the block generates an instance and executes data during the operation process. The instance and the execution data are recorded in a blockchain.
One embodiment presented in fig. 2 has the following beneficial effects: firstly, generating a system parameter group for encryption, and encrypting a target data block set by using the system parameter group and a received data block identifier to obtain a ciphertext set. Second, the set of ciphertexts is transmitted to a first terminal for storing data. The first terminal randomly determines a storage node set and determines a first encryption parameter and a second encryption parameter for each storage node in the storage node set. And the first terminal generates an encoding matrix, and generates an encrypted ciphertext by using the encoding matrix, the first encryption parameter and the second encryption parameter of each storage node in the storage node set and the data block identifier. The encrypted ciphertext is obtained by performing secondary encryption on the basis of the ciphertext set based on the encryption parameter of the first terminal, and the confidentiality of distributed storage data can be improved. In addition, certain storage redundancy can be guaranteed by utilizing the coding matrix. When the problems of data destruction or data loss occur, the data can be quickly recovered. Finally, the storage record table is recorded into the block chain. And realizing distributed data storage based on the block chain by using the characteristics of decentralization and traceability of the block chain. The method transmits the target data block to the first terminal in the form of encrypted ciphertext set, and the system parameter set used for encryption is not transmitted simultaneously with the ciphertext set. And the first terminal carries out secondary encryption and generates and stores coded data with redundancy. And finally, the storage record table is issued to the block chain, so that the confidentiality and fault tolerance requirements of distributed storage based on the block chain can be met, and the fault tolerance of the system can be ensured while the safety of the stored data is improved.
With further reference to fig. 3, as an implementation of the above-described methods for the above-described figures, the present disclosure provides some embodiments of a block chain based distributed data storage apparatus, which correspond to those of the above-described method embodiments of fig. 2, and which may be particularly applicable in various electronic devices.
As shown in fig. 3, a block chain based distributed data storage apparatus 300 of some embodiments includes: a first receiving unit 301, a generating unit 302, a first processing unit 303, a storage unit 304, a second receiving unit 305, and a second processing unit 306. The first receiving unit 301 is configured to obtain a target data block set to be stored; a generating unit 302 configured to generate a system parameter set, wherein the system parameter set includes a first parameter, a first generator, a second parameter, and a third parameter; a first processing unit 303, configured to perform encryption processing on the target data block set based on the data block identifier and the system parameter group to obtain a ciphertext set; a storage unit 304 configured to send the ciphertext set to the first terminal, where the first terminal stores the ciphertext set, and the first terminal generates a storage record table; a second receiving unit 305 configured to receive the storage record table returned by the first terminal; the second processing unit 306 is configured to record the storage record table into the block chain.
It will be understood that the units described in the apparatus 300 correspond to the various steps in the method described with reference to fig. 2. Thus, the operations, features and resulting advantages described above with respect to the method are also applicable to the apparatus 300 and the units included therein, and are not described herein again.
Referring now to FIG. 4, a block diagram of a computer system 400 suitable for use in implementing a server of an embodiment of the present disclosure is shown. The server shown in fig. 4 is only an example, and should not bring any limitation to the function and the scope of use of the embodiments of the present disclosure.
As shown in fig. 4, the computer system 400 includes a Central Processing Unit (CPU)401 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 402 or a program loaded from a storage section 408 into a Random Access Memory (RAM) 403. In the RAM 403, various programs and data necessary for the operation of the system 400 are also stored. The CPU 401, ROM 402, and RAM 403 are connected to each other via a bus 404. An Input/Output (I/O) interface 405 is also connected to the bus 404.
The following components are connected to the I/O interface 405: a storage section 406 including a hard disk and the like; and a communication section 407 including a Network interface card such as a LAN (Local Area Network) card, a modem, or the like. The communication section 407 performs communication processing via a network such as the internet. A drive 408 is also connected to the I/O interface 405 as needed. A removable medium 409 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted as necessary on the drive 408, so that a computer program read out therefrom is mounted as necessary in the storage section 406.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 407 and/or installed from the removable medium 409. The above-described functions defined in the method of the present disclosure are performed when the computer program is executed by a Central Processing Unit (CPU) 401. It should be noted that the computer readable medium in the present disclosure may be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer-readable signal medium may include a propagated data signal with computer-readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, and conventional procedural programming languages, such as the C language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The foregoing description is only exemplary of the preferred embodiments of the disclosure and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention in the present disclosure is not limited to the specific combination of the above-mentioned features, but also encompasses other embodiments in which any combination of the above-mentioned features or their equivalents is possible without departing from the inventive concept as defined above. For example, the above features and (but not limited to) the features disclosed in this disclosure having similar functions are replaced with each other to form the technical solution.

Claims (10)

1. A distributed data storage method based on a block chain comprises the following steps:
acquiring a target data block set to be stored, wherein the target data block set comprises a first number of target data blocks, and the first number of target data blocks have the same data block identification;
generating a system parameter group, wherein the system parameter group comprises a first parameter, a second parameter and a third parameter;
based on the data block identification and the system parameter group, carrying out encryption processing on the target data block set to obtain a ciphertext set;
sending the ciphertext set to a first terminal, wherein the first terminal stores the ciphertext set, and the first terminal generates a storage record table;
receiving the storage record table returned by the first terminal;
and recording the storage record table into a block chain.
2. The method of claim 1, wherein the data chunk identification may be an element in a group generated by a generator, the first number of target data chunks having the same generator.
3. The method of claim 2, wherein the encrypting the target set of data blocks based on the data block identification and the set of system parameters to obtain a set of ciphertexts comprises:
generating a public key and a private key based on the system parameter group;
for each target data block in the target data block set, performing encryption processing by using the following formula to generate a ciphertext of the target data block, so as to obtain the ciphertext set:
Ci=(gr,h,Mie(gx,hr)),
wherein r ∈ ZpP is the first parameter, g is the third parameter, M represents a set of target data blocks, i represents a count of target data blocks, M represents a count of target data blocksiRepresents the ith target data block, e represents the second argument, e () is a hash function, x represents the private key, gxRepresenting the public key, h representing the data block identification, C representing the ciphertext, CiA cipher text representing the target data block.
4. The method of claim 3, wherein the first terminal storing the set of ciphertexts comprises:
the first terminal randomly determines a third number of target storage nodes to obtain a target storage node set;
for each ciphertext in the ciphertext set, the first terminal randomly selects a fourth number of storage nodes in the target storage node set, and stores the ciphertext in the fourth number of storage nodes respectively, wherein the fourth number is smaller than the third number;
the first terminal generates a coding matrix;
for each target storage node in the target storage node set, the first terminal generates a first encryption parameter and a second encryption parameter of the target storage node;
for each target storage node in the target storage node set, the first terminal generates an encrypted ciphertext of the target storage node based on the first encryption parameter of the target storage node, the second encryption parameter of the target storage node, the data block identifier and the encoding matrix;
and for each target storage node in the target storage node set, the first terminal stores the encrypted ciphertext of the target storage node.
5. The method of claim 4, wherein the encoding matrix comprises a first number of rows and a third number of columns, the elements in the encoding matrix each being from a finite field GF (2)s) Is generated by randomly extracting elements, GF represents a finite field, and s is a positive integer.
6. The method of claim 5, wherein the first terminal generating the first encryption parameter and the second encryption parameter for the target storage node comprises:
the first terminal generates a first encryption parameter of the target storage node by using the following formula:
Figure FDA0002722275230000021
where j represents the target storage node count, A represents the first encryption parameter, AjDenotes the jth first encryption parameter, α denotes a first encryption parameter element, α ═ gr,r∈ZpP is the first parameter, g is the third parameter, αjRepresenting the jth first encryption parameter element, q being an element in said coding matrix, qi,jRepresenting the elements of the ith row and the jth column in the coding matrix, C representing the ciphertext, CiRepresenting the ciphertext of the ith target data block, N representing the encrypted ciphertext stored in the storage node, NjRepresenting the encrypted ciphertext of the jth target storage node, Ci∈NjIs represented by CiIs the encrypted ciphertext stored in the jth target storage node corresponding to the ith target data block;
the first terminal generates a second encryption parameter of the target storage node by using the following formula:
Figure FDA0002722275230000031
where j represents the target storage node count, B represents the second encryption parameter, BjDenotes a jth second encryption parameter, γ denotes a second encryption parameter element, and γ ═ Mie(gx,hr),r∈ZpP is the first parameter, g is the third parameter, M represents a set of target data blocks, i represents a count of target data blocks, M represents a count of target data blocksiRepresents the ith target data block, e represents the second argument, e () is a hash function, x represents the private key, gxDenotes the public key, h denotes the data block identification, γjRepresenting the jth second encryption parameter element, q being an element in said coding matrix, qi,jRepresenting the elements of the ith row and the jth column in the coding matrix, C representing the ciphertext, CiRepresenting the ciphertext of the ith target data block, N representing the encrypted ciphertext stored in the storage node, NjRepresenting the encrypted ciphertext of the jth target storage node, Ci∈NjIs represented by CiIs the encrypted ciphertext stored in the jth target storage node that corresponds to the ith target data block.
7. The method of claim 6, wherein the generating, by the first terminal, for each target storage node in the set of target storage nodes, an encrypted ciphertext for the target storage node based on the first encryption parameter of the target storage node, the second encryption parameter of the target storage node, the block identification, and the encoding matrix, comprises:
the first terminal determines the target storage node count as a fifth number;
the first terminal determines a fifth number of columns of element sets in the coding matrix as coding sequences;
and the first terminal determines the set of the first encryption parameter of the target storage node, the second encryption parameter of the target storage node, the data block identifier and the coding sequence as the encryption ciphertext of the target storage node.
8. The method of claim 7, wherein the recording the storage record table into a blockchain comprises:
invoking an intelligent contract, wherein the intelligent contract comprises intelligent contract code, an instance, and execution data;
and operating the intelligent contract code and storing the storage record table in a block chain.
9. A data security storage apparatus based on a distributed system, comprising:
a first receiving unit configured to acquire a target data block set to be stored, wherein the target data block set includes a first number of target data blocks, and the first number of target data blocks have the same data block identification;
a generating unit configured to generate a system parameter group, wherein the system parameter group includes a first parameter, a first generator, a second parameter, and a third parameter;
a first processing unit configured to perform encryption processing on the target data block set based on the data block identifier and the system parameter group to obtain a ciphertext set;
a storage unit configured to send the ciphertext set to a first terminal, wherein the first terminal stores the ciphertext set, and the first terminal generates a storage record table;
a second receiving unit configured to receive the storage record table returned by the first terminal;
a second processing unit configured to record the storage record table into a blockchain.
10. A first terminal device comprising:
one or more processors;
a storage device having one or more programs stored thereon;
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-9.
CN202011091574.6A 2020-10-13 2020-10-13 Block chain based distributed data storage method and electronic equipment Withdrawn CN112181308A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011091574.6A CN112181308A (en) 2020-10-13 2020-10-13 Block chain based distributed data storage method and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011091574.6A CN112181308A (en) 2020-10-13 2020-10-13 Block chain based distributed data storage method and electronic equipment

Publications (1)

Publication Number Publication Date
CN112181308A true CN112181308A (en) 2021-01-05

Family

ID=73951166

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011091574.6A Withdrawn CN112181308A (en) 2020-10-13 2020-10-13 Block chain based distributed data storage method and electronic equipment

Country Status (1)

Country Link
CN (1) CN112181308A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112989501A (en) * 2021-05-10 2021-06-18 中国标准化研究院 Balance car safety evaluation method and device and terminal equipment

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112989501A (en) * 2021-05-10 2021-06-18 中国标准化研究院 Balance car safety evaluation method and device and terminal equipment
CN112989501B (en) * 2021-05-10 2022-02-01 中国标准化研究院 Balance car safety evaluation method and device and terminal equipment

Similar Documents

Publication Publication Date Title
CN111460453B (en) Machine learning training method, controller, device, server, terminal and medium
US11283778B2 (en) Data exchange system, method and device
WO2021012574A1 (en) Multisignature method, signature center, medium and electronic device
EP4191430A1 (en) Data processing method and apparatus applied to blockchain system
US20150149763A1 (en) Server-Aided Private Set Intersection (PSI) with Data Transfer
CN111950030A (en) Data sharing storage method based on block chain, terminal equipment and storage medium
CN110750801A (en) Data processing method, data processing device, computer equipment and storage medium
CN110765473A (en) Data processing method, data processing device, computer equipment and storage medium
US10608813B1 (en) Layered encryption for long-lived data
CN110312054B (en) Image encryption and decryption method, related device and storage medium
CN112182109A (en) Distributed data coding storage method based on block chain and electronic equipment
CN111611621A (en) Block chain based distributed data encryption storage method and electronic equipment
CN111629063A (en) Block chain based distributed file downloading method and electronic equipment
CN111950032A (en) Block chain-based data storage method, terminal device and storage medium
CN112765642A (en) Data processing method, data processing apparatus, electronic device, and medium
CN114553532A (en) Data secure transmission method and device, electronic equipment and storage medium
CN111610938B (en) Distributed data code storage method, electronic device and computer readable storage medium
CN111798236B (en) Transaction data encryption and decryption methods, devices and equipment
CN112182108A (en) Block chain based distributed data storage updating method and electronic equipment
CN112181307A (en) Block chain based distributed data redundancy storage method and electronic equipment
CN112181308A (en) Block chain based distributed data storage method and electronic equipment
US11356254B1 (en) Encryption using indexed data from large data pads
CN112182112A (en) Block chain based distributed data dynamic storage method and electronic equipment
CN117240625A (en) Tamper-resistant data processing method and device and electronic equipment
CN111984615A (en) Method, device and system for sharing files

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20210105