CN112199692A - Encrypted data verification method, device, equipment and storage medium - Google Patents

Encrypted data verification method, device, equipment and storage medium Download PDF

Info

Publication number
CN112199692A
CN112199692A CN202011057756.1A CN202011057756A CN112199692A CN 112199692 A CN112199692 A CN 112199692A CN 202011057756 A CN202011057756 A CN 202011057756A CN 112199692 A CN112199692 A CN 112199692A
Authority
CN
China
Prior art keywords
encrypted
subdata
order
data
preserving
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011057756.1A
Other languages
Chinese (zh)
Inventor
贾牧
谢丹力
陆陈一帆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
OneConnect Smart Technology Co Ltd
OneConnect Financial Technology Co Ltd Shanghai
Original Assignee
OneConnect Financial Technology Co Ltd Shanghai
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by OneConnect Financial Technology Co Ltd Shanghai filed Critical OneConnect Financial Technology Co Ltd Shanghai
Priority to CN202011057756.1A priority Critical patent/CN112199692A/en
Publication of CN112199692A publication Critical patent/CN112199692A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Computing Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the application discloses a method, a device, equipment and a storage medium for verifying encrypted data, which are applied to the field of zero knowledge certification and the field of digital medical treatment, and the method comprises the following steps: acquiring first encrypted data, second encrypted data, an order-preserving signature and an equivalent signature from a block chain; the first encrypted data is composed of a plurality of first encrypted subdata, and the second encrypted data is composed of a plurality of second encrypted subdata; determining a first public key based on the sequencing of the first encrypted subdata and the sequencing of the second encrypted subdata and the second encrypted subdata, and checking the signature of the order-preserving signature; and if the signature verification of the order-preserving signature does not pass, determining a second public key based on the first encrypted subdata and the second encrypted subdata, and verifying the equivalent signature based on the second public key. By adopting the embodiment of the invention, the verification scenes of the encrypted data can be enriched, and the verification efficiency is improved.

Description

Encrypted data verification method, device, equipment and storage medium
Technical Field
The present application relates to the field of block chain technologies, and in particular, to a method, an apparatus, a device, and a storage medium for verifying encrypted data.
Background
With the development of the block chain technology, in order to realize safe data sharing, all data are encrypted and stored in a ciphertext mode, and inconvenience is brought while the data security is ensured. For example, in the field of digital medical care, there is a need to build an electronic information archive for supply information of medical equipment. In the conventional blockchain project, if it is desired to determine whether data of multiple batches of goods ordered by a supplier is consistent with data of multiple batches of goods to be produced by a manufacturer, the encrypted data stored in the blockchain by the supplier and the manufacturer needs to be verified, and the data sharing between the supplier and the manufacturer can be realized only by verifying the encrypted data when the numerical values of the data of the supplier and the data of the manufacturer are equal and the storage sequence of the data of the supplier and the manufacturer is consistent. However, the downstream dealer only knows the value and the arrival sequence of the goods, does not know the order sequence of the supplier, does not know the production sequence of the producer, and cannot pass the verification and realize the data sharing, which brings inconvenience to the operation.
Disclosure of Invention
The embodiment of the application provides an encrypted data verification method, an encrypted data verification device, encrypted data verification equipment and a storage medium, so that verification can be respectively passed when two parties master equivalent data in the same sequence and equivalent data in different sequences, verification scenes are enriched, and verification efficiency is improved.
In a first aspect, an embodiment of the present application provides an encrypted data verification method, where the method includes:
acquiring first encrypted data, second encrypted data, an order-preserving signature and an equivalent signature from a block chain, wherein the first encrypted data consists of a plurality of first encrypted subdata, the second encrypted data consists of a plurality of second encrypted subdata, the order-preserving signature is used for verifying the sequence and the numerical value of plaintext data corresponding to each first encrypted subdata and plaintext data corresponding to each second encrypted subdata, and the equivalent signature is used for verifying the numerical value of the plaintext data corresponding to each first encrypted subdata and plaintext data corresponding to each second encrypted subdata;
determining a first public key based on the sequencing of the first encrypted subdata and the sequencing of the second encrypted subdata and the second encrypted subdata, and verifying the signature of the order-preserving signature based on the first public key;
and if the signature verification of the order-preserving signature does not pass, determining a second public key based on the first encrypted subdata and the second encrypted subdata, and verifying the equivalent signature based on the second public key.
With reference to the first aspect, in one possible implementation manner, each of the first encrypted sub-data and each of the second encrypted sub-data is generated by elliptic curve cryptography ECC encryption, and conforms to the pearsen complex Pedersen comment format in cryptography.
With reference to the first aspect, in one possible implementation manner, the order-preserving signature is obtained by encrypting an order-preserving private key. Wherein, the order-preserving private key is composed of a first encryption order-preserving blind factor and KAWith a second encryption order-preserving blinding factor and KBAnd (4) determining. Wherein, K isADetermined by the order-preserving blind factor of the first encrypted subdata, KBAnd the order-preserving blind factor of the second encrypted subdata is determined. The order-preserving blind factor of the first encrypted subdata is determined by the sequence of the first encrypted subdata and the first encrypted subdata, and the order-preserving blind factor of the second encrypted subdata is determined by the sequence of the second encrypted subdata and the second encrypted subdata.
With reference to the first aspect, in a possible implementation manner, the determining a first public key based on the first encrypted data and the second encrypted data includes:
determining each first encrypted order-preserving sub-data based on the sequence of each first encrypted sub-data and each first encrypted sub-data, and determining a first encrypted order-preserving sum C of each first encrypted order-preserving sub-dataA
Determining second encrypted sub-data based on the second encrypted sub-data and the sequence of the second encrypted sub-data, and determining a second encrypted order-preserving sum C of the second encrypted order-preserving sub-dataB
Mixing the above CAAnd the above-mentioned CBAnd subtracting to obtain the first public key.
With reference to the first aspect, in a possible implementation manner, the equivalent signature is obtained by encrypting an equivalent private key; wherein, the order-preserving private key consists of a first encryption equivalent blind factor and KdAEquivalence of blinding factor and Kd to second encryptionBDetermining; wherein, the above KdADetermined by the blinding factor of the first encrypted subdata, the KdBAnd the blind factor of the second encrypted subdata is determined.
With reference to the first aspect, in a possible implementation manner, the determining a second public key based on the first encrypted data and the second encrypted data includes: accumulating the first encrypted subdata in the first encrypted subdata group to obtain a first encrypted equivalent sum DA(ii) a Accumulating the second encrypted subdata in the second encrypted subdata group to obtain a second encrypted equivalent sum DB(ii) a Subjecting the above D toAAnd the above DBAnd subtracting to obtain the second public key.
In a second aspect, an embodiment of the present application provides an encrypted data verification apparatus, including:
the data acquisition module is used for acquiring first encrypted data, second encrypted data, an order-preserving signature and an equivalent signature from a block chain, wherein the first encrypted data consists of a plurality of first encrypted subdata, the second encrypted data consists of a plurality of second encrypted subdata, the order-preserving signature is used for verifying the order and the numerical value of the plaintext data corresponding to each first encrypted subdata and each second encrypted subdata, and the equivalent signature is used for verifying the numerical value of the plaintext data corresponding to each first encrypted subdata and each second encrypted subdata.
And the order preserving verification module is used for determining a first public key based on the sequence of the first encrypted subdata and the sequence of the second encrypted subdata and verifying the signature of the order preserving signature based on the first public key.
And the equivalence verification module is used for determining a second public key based on the first encrypted subdata and the second encrypted subdata and verifying the equivalent signature based on the second public key.
With reference to the second aspect, in a possible implementation manner, the order-preserving signature is obtained by encrypting an order-preserving private key.
Wherein, the order-preserving private key is composed of a first encryption order-preserving blind factor and KAWith a second encryption order-preserving blinding factor and KBAnd (4) determining.
Wherein, K isADetermined by the order-preserving blind factor of the first encrypted subdata, KBAnd the order-preserving blind factor of the second encrypted subdata is determined.
The order-preserving blind factor of the first encrypted subdata is determined by the sequence of the first encrypted subdata and the first encrypted subdata, and the order-preserving blind factor of the second encrypted subdata is determined by the sequence of the second encrypted subdata and the second encrypted subdata.
In a third aspect, an embodiment of the present application provides an encrypted data verification device, which includes a processor and a memory, where the processor and the memory are connected to each other. The memory is configured to store a computer program that supports the terminal to execute the method provided by the first aspect and/or any one of the possible implementation manners of the first aspect, where the computer program includes program instructions, and the processor is configured to call the program instructions to execute the method provided by the first aspect and/or any one of the possible implementation manners of the first aspect.
In a fourth aspect, the present application provides a computer-readable storage medium, which stores a computer program, where the computer program is executed by a processor to implement the method provided by the first aspect and/or any one of the possible implementation manners of the first aspect.
In the embodiment of the application, by performing order-preserving verification and equivalence verification on the encrypted data, the data with equal values and same sequence and equal values but different sequences can be verified. Application scenes of encrypted data verification are greatly enriched, and verification efficiency is improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
Fig. 1 is a schematic view of a scene of encrypted data verification provided in an embodiment of the present invention;
FIG. 2 is a flow chart of a verification method for encrypted data according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an encrypted data authentication apparatus according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an apparatus provided in an embodiment of the present invention.
Detailed Description
The encrypted data verification method provided by the embodiment of the invention can be applied to nodes of any block chain, any computer and related equipment thereof, is suitable for verifying the ciphertext obtained by various encryption algorithms, can be determined according to actual application scenes, and is not limited herein. The encrypted data verification method provided by the embodiment of the invention can be executed by any terminal or block link point with the encrypted data verification function. For convenience of description, the embodiment of the present invention will be described in an application scenario in which a blockchain is used to verify encrypted data.
Referring to fig. 1, fig. 1 is a schematic view of an application scenario of an encrypted data verification method according to an embodiment of the present invention. As shown in fig. 1, the terminals related to the application scenario include a terminal 3000a, a terminal 3000b, and a terminal 3000n, and a node 2000a, a node 2000b, a node 2000c, and a node 2000 n. Each terminal corresponds to a node, and the node receives data sent by the terminal and uploads the data to a block chain; meanwhile, the node can also receive and verify the data of the block chain, and if the verification is passed, the node can share the data with the block chain. The plurality of terminals encrypt the data to generate encrypted data, the encrypted data are uploaded to corresponding block chain nodes to be stored, the block chain nodes can transmit the data to other nodes while storing the encrypted data, and the obtained encrypted data are verified, so that the safety of data storage is guaranteed. Here, the data transferred in the blockchain may be an electronic information archive established for the supply information of the medical device in the digital medical field, and the encrypted data may be data obtained by encrypting the electronic information archive.
In the field of digital medical treatment, it is usually necessary to create an electronic information file for the supply information of medical equipment, and in an application scenario example of an orderer, a producer and a distributor of the medical equipment, the orderer, the producer and the distributor are respectively three parties, each party corresponds to a terminal and a node for data transmission, the orderer sends n encrypted orders to a node 2000a through a terminal 3000a, the producer sends n encrypted production information to a node 2000b through a terminal 3000b, and the distributor sends n encrypted delivery information to a node 3000c through a terminal 3000 c. Wherein n is a positive integer greater than 1, the order information is equivalent to the production information in the same order, and the production information is equivalent to the arrival information in a different order. Here, equivalence and identity may be understood as meaning or indicating that the number of first ordered items in the order information is equal to the number of first produced items in the production information, the number of second ordered items in the order information is equal to the number of second produced items in the production information, the number of third ordered items in the order information is equal to the number of third produced items in the production information … …, and so on, and that the data of the ith item in the order information is equal to the data of the ith item in the production information, where i is any positive integer less than or equal to n. The equivalence but different order can be understood as or indicate that the number of first produced goods in the production information is equal to the third arrival information in the arrival information, the number of second produced goods in the production information is equal to the first arrival information in the arrival information, the number of third produced goods in the production information is equal to … … in the arrival information, and so on, the data of the ith item in the production information is equal to the data of the kth item in the arrival information, wherein i and k are any positive integer less than or equal to n respectively, and i ≠ k. Taking a manufacturer as an example, the specific application scenario may be that the verification node corresponding to the manufacturer terminal acquires data (data of an orderer, data of a distributor, or data of another person) in the block chain, and the manufacturer terminal uploads the data to the block chain through the node and then performs verification.
The verification process comprises the following steps: the verification node respectively obtains two groups of encrypted data, an order-preserving signature and an equivalent signature from a block chain, the first encrypted data consists of a plurality of first encrypted subdata, the second encrypted data consists of a plurality of second encrypted subdata, the order-preserving signature is used for verifying the order and the numerical value of the plaintext data corresponding to each first encrypted subdata and each second encrypted subdata, and the equivalent signature is used for verifying the numerical value of the plaintext data corresponding to each first encrypted subdata and each second encrypted subdata. The method comprises the steps of firstly calculating a first public key to check and sign an order-preserving signature, if two groups of encrypted data are equivalent and in the same order through checking and sign judging, a verification node can judge that the two groups of encrypted data are order information and production information after encryption, and accordingly a data provider is judged to be an order supplier and a manufacturer, all permissions can be opened, and all data can be shared between the order supplier and the manufacturer. If the two groups of encrypted data are identical but in different orders, the verification node can judge that the two groups of encrypted data are encrypted production information and delivery information, so that a data provider is judged to be a manufacturer and a distributor, partial authority can be opened, and partial data can be shared between the manufacturer and the distributor.
It should be noted that the application scenario of the encrypted data verification method provided in fig. 1 is only used to illustrate the technical solution of the present application, and is not used to limit the technical solution of the present application, and the connection relationship and the application scenario may have other forms.
Referring to fig. 2, fig. 2 is a flow chart illustrating an encrypted data verification method according to an embodiment of the present invention. As shown in fig. 2, the method comprises the steps of:
s101: and acquiring first encrypted data, second encrypted data, an order-preserving signature and an equivalent signature from the block chain, wherein the first encrypted data consists of a plurality of first encrypted subdata, and the second encrypted data consists of a plurality of second encrypted subdata.
In some possible embodiments, the first encrypted data is composed of a plurality of first encrypted sub-data, the second encrypted data is composed of a plurality of second encrypted sub-data, the order-preserving signature is used to verify the order and value of the plaintext data corresponding to each first encrypted sub-data and each second encrypted sub-data, and the equivalent signature is used to verify the value of the plaintext data corresponding to each first encrypted sub-data and each second encrypted sub-data.
In some possible embodiments, each of the first encrypted sub-data and the second encrypted sub-data is generated by ECC encryption, and conforms to the peddson complex Pedersen commit format Pedersen in cryptography, i.e., Comm ═ m × U + k × V, where Comm is encrypted sub-data, m is a plaintext corresponding to the encrypted sub-data, k is a blind factor, and U and V are points generated on a specific elliptic curve and are disclosed. Comm generated in this manner is difficult to factorize, i.e., even if U and V and m U and k V are known, values of m and k cannot be obtained.
Specifically, for convenience of description, in the present embodiment, each encrypted data includes three encrypted sub-data, where a represents the first encrypted data, and a represents the second encrypted data1、A2、A3Respectively represent a pair of plaintext a1、a2、a3Three first encrypted subdata obtained by encrypting by elliptic curve encryption method, wherein A can be represented as A1||A2||A3Is represented by A1,A2,A3The combination is A in this order. Representing the second encrypted data by B1、B2、B3Respectively represent the pair of plaintext b1、b2、b3If three second encrypted subdata obtained by encrypting by elliptic curve encryption method are used, B can be represented as B1||B2||B3Is represented by B1、B2、B3The combination is B in this order. Wherein, a first encrypted subdata and a second encrypted subdata are generatedThe encryption curve used for encrypting the sub-data may be one of a P256 curve, a P224 curve, a P384 curve, a P512 curve, and the like.
Each of the first encrypted sub-data and each of the second encrypted sub-data may be represented by the following formula (1) to formula (6):
A1=a1*G+ka1*H, (1)
A2=a2*G+ka2*H, (2)
A3=a3*G+ka3*H, (3)
B1=b1*G+kb1*H, (4)
B2=b2*G+kb2*H, (5)
B3=b3*G+kb3*H, (6)
wherein G is a base point, ka1、ka2、ka3、kb1、kb2And kb3And H is a point obtained by encrypting G by using H as an encryption private key, the size of the point is equal to H G, and G and H are on an encryption curve. Wherein H is called an encryption private key, and H is an encryption public key. Because the product of two large prime numbers is easy to calculate, but the prime factor decomposition of the product is difficult, when H is unknown, and only H is known, the encrypted private key H cannot be obtained through the encrypted public key H to decrypt the ciphertext, so that the data confidentiality is improved.
In some possible embodiments, the order-preserving signature is encrypted by an order-preserving private key. Wherein, the order-preserving private key is composed of a first encryption order-preserving blind factor and KAWith a second encryption order-preserving blinding factor and KBAnd (4) determining. Wherein, K isADetermined by the order-preserving blind factor of the first encrypted subdata, KBAnd the order-preserving blind factor of the second encrypted subdata is determined. The order-preserving blind factor of the first encrypted subdata is determined by the sequence of the first encrypted subdata and the first encrypted subdata, and the order-preserving blind factor of the second encrypted subdata is determined by the second encrypted subdata and the second encrypted subdataThe ordering of the encrypted sub-data is determined.
Specifically, as shown in the following formula (7) to formula (8):
KA=1*ka1+2*ka2+3*ka3, (7)
KB=1*kb1+2*kb2+3*kb3, (8)
wherein, 1 x ka1、2*ka2、3*ka3、1*kb1、2*kb2And 3 x kb3The order-preserving blind factor can be obtained by the order of the blind factor and the corresponding encrypted sub-data in the encrypted data, that is, the encrypted sub-data is multiplied by several in the order of several items. Calculating KAAnd KBThe order-preserving private key is obtained, data (such as a hash value of A, a hash value of B and the like) is encrypted by the order-preserving private key to generate a signature as an order-preserving signature, and the order-preserving signature is provided to a verification node of the block chain for signature verification.
In some possible embodiments, the equivalent signature is encrypted by an equivalent private key. Wherein the equivalent private key is composed of a first encrypted equivalent blind factor and K'AEqual-value blind factor and K 'to second encryption'BAnd (4) determining. Wherein, K 'is'AK 'is determined by the equivalent blind factor of the first encrypted subdata'BThe value of the blind factor of the second encrypted subdata is determined.
Specifically, K'AAnd K'BAs shown in the following equation (9) to equation (10):
K’A=ka1+ka2+ka3, (9)
K’B=kb1+kb2+kb3, (10)
wherein k isa1、ka2、ka3、kb1、kb2And kb3For the equivalent blind factor, the equivalent blind factor can also be obtained by multiplying the blind factor of the encrypted sub-data by an integer independent of the number of terms, e.g. 2 × ka1、2*ka2、2*ka3、2*kb1、2*kb2And2*kb3and also as an equivalent blind factor. Calculating K'AAnd K'BAnd obtaining an equivalent private key, encrypting data (such as the hash value of A, the hash value of B and the like) by using the equivalent private key to generate a signature, taking the signature as an equivalent signature, and providing the equivalent signature to a verification node of the block chain for signature verification.
The ordering business, the producer and the distributor upload own data to the block chain through encryption, a signature is generated according to information of relevant blind factors, and the verification node acquires two groups of encrypted data and relevant verification signatures from the block chain for verification.
S102: and determining a first public key based on the sequencing of the first encrypted subdata and the sequencing of the second encrypted subdata and the second encrypted subdata, and verifying the signature of the order-preserving signature based on the first public key.
In some possible embodiments, the first encrypted sub-data in the first encrypted data may be multiplied by the sequence in the encrypted data, that is, the encrypted sub-data may be multiplied by several items to obtain a first encrypted security group, and the items in the first encrypted security group are accumulated to obtain a first encrypted security sum CA(ii) a Multiplying second encrypted subdata in the second encrypted data by the sequence in the encrypted data, namely multiplying the encrypted subdata by several items to obtain a second encrypted security group, and accumulating the items in the second encrypted security group to obtain a second encrypted security sum CB. As shown in the following equation (11) to equation (12):
CA=1*A1+2*A2+3*A3, (11)
CB=1*B1+2*B2+3*B3, (12)
accumulating the items in the second encryption and order-preserving group to obtain a second encryption and order-preserving sum CB. Mixing the above CAAnd the above-mentioned CBSubtracting to obtain the first public key P1As shown in equation (13):
P1=CA-CB=1*(A1-B1)+2*(A2-B2)+3*(A3-B3), (13)
if and only if a1=b1,a2=b2And a is3=b3I.e. the plaintext corresponding to the first encrypted data and the second encrypted data are equal and in the same order, P1Can be represented by formula (14):
P1=1*(ka1-kb1)*H+2*(ka2-kb2)*H+3*(ka3-kb3)*H, (14)
at this time, using P1And checking the order-preserving signature, wherein the plaintext corresponding to the first encrypted data and the second encrypted data is equal and in the same order through checking the signature, otherwise, the signature cannot be checked.
If the signature passes the verification, the verification node judges that the encrypted data provider is an orderer and a producer, and can open all rights and share all producer data between the orderer and the producer. If the signature does not pass the verification, the verification node determines that the data provider is not an orderer or producer (possibly a distributor or other person or producer) and further verification is to be performed.
S103: and if the signature verification of the order-preserving signature does not pass, determining a second public key based on the first encrypted data and the second encrypted data, and verifying the equivalent signature by using the second public key.
In some possible embodiments, the equivalent signature is encrypted by an equivalent private key. Wherein the equivalent private key is composed of a first encrypted equivalent blind factor and KdAEquivalence of blinding factor and Kd to second encryptionBAnd (4) determining. Wherein, the above KdADetermined by the blinding factor of the first encrypted subdata, the KdBAnd the blind factor of the second encrypted subdata is determined. As shown in the following equation (15) to equation (16):
KdA=ka1+ka2+ka3, (15)
KdB=kb1+kb2+kb3, (16)
wherein k isa1、ka2、ka3、kb1、kb2And kb3Calculating Kd for the blindness factorAAnd KdBAnd (4) obtaining an equivalent private key, encrypting the data (such as the hash value of A, the hash value of B and the like) by using the equivalent private key to generate a signature, and providing the signature as the equivalent signature for the block link point to verify.
In some possible embodiments, the determining the second public key based on the first encrypted data and the second encrypted data includes: accumulating the first encrypted subdata in the first encrypted subdata group to obtain a first encrypted equivalent sum DA(ii) a Accumulating the second encrypted subdata in the second encrypted subdata group to obtain a second encrypted equivalent sum DB(ii) a Subjecting the above D toAAnd the above DBSubtracting to obtain the second public key P2
Specifically, the first encrypted sub-data in the first encrypted data may be multiplied by the order in the encrypted data, that is, the encrypted sub-data may be multiplied by several at the several, to obtain a first encrypted equal value group, and the first encrypted equal value group may be accumulated to obtain a first encrypted equal value sum DA(ii) a Multiplying the second encrypted sub-data in the rearranged second encrypted data by the sequence in the encrypted data, i.e. multiplying the encrypted sub-data by several in the order of several items, to obtain a second encrypted equal value group, and accumulating the items in the second encrypted equal value group to obtain a second encrypted equal value sum DB. As shown in the following equation (17) to equation (18):
DA=A1+A2+A3, (17)
DB=B1+B2+B3, (18)
accumulating each item in the second encryption equivalence group to obtain a second encryption equivalence sum DB. Subjecting the above D toAAnd the above DBSubtracting to obtain the second public key P2As shown in equation (19):
P2=DA-DB=A1-B1+A2-B2+A3-B3, (19)
p is determined if and only if the plaintext corresponding to the first encrypted data and the second encrypted data is equal2Can be expressed by equation (20):
P2=(ka1+ka2+ka3)*H-(kb1+kb2+kb3)*H, (20)
at this time, using P2And checking the equivalent signature, wherein the verification shows that the corresponding plaintexts of the first encrypted data and the second encrypted data are equal but in different sequences, otherwise, the verification fails.
If the signature passes the verification, the verification node judges that the encrypted data provider is a distributor and a producer, and can open part of authority to share part of producer data between the orderer and the producer. If the signature fails verification, the verification node determines that the data provider is not a distributor and producer (and possibly others) and does not open the rights to share data with it.
In the embodiment of the invention, the order-preserving blind factor and the order-preserving private key are obtained by associating the blind factor with the number of items, so that the process of generating the order-preserving signature can realize the strict detection on whether the plaintext data corresponding to the two encrypted data are equivalent and in the same order under the condition of no decryption; the equivalent private key is obtained by calculating the sum of the equivalent blind factors, the influence of the number of terms is eliminated, and whether the plaintexts corresponding to the two encrypted data are equivalent or not and are detected in different sequences can be realized under the condition of no decryption, so that the verification scenes are enriched, and the verification efficiency is improved.
Referring to fig. 3, fig. 3 is a schematic structural diagram of an encrypted data verification apparatus according to an embodiment of the present invention. The encrypted data verification apparatus as shown in the figure includes:
a data obtaining module 401, configured to obtain first encrypted data, second encrypted data, an order-preserving signature, and an equivalent signature from a block chain, where the first encrypted data is composed of a plurality of first encrypted subdata, the second encrypted data is composed of a plurality of second encrypted subdata, the order-preserving signature is used to verify an order and a numerical value of plaintext data corresponding to each first encrypted subdata and corresponding to each second encrypted subdata, and the equivalent signature is used to verify a numerical value of plaintext data corresponding to each first encrypted subdata and corresponding to each second encrypted subdata.
In some possible embodiments, each of the first encrypted sub-data and the second encrypted sub-data is generated by ECC encryption, and conforms to the peddson complex Pedersen commit format Pedersen in cryptography, i.e., Comm ═ m × U + k × V, where Comm is encrypted sub-data, m is a plaintext corresponding to the encrypted sub-data, k is a blind factor, and U and V are points generated on a specific elliptic curve and are disclosed. Comm generated in this manner is difficult to factorize, i.e., even if U and V and m U and k V are known, values of m and k cannot be obtained.
Specifically, for convenience of description, in the present embodiment, each encrypted data includes three encrypted sub-data, where a represents the first encrypted data, and a represents the second encrypted data1、A2、A3Respectively represent a pair of plaintext a1、a2、a3Three first encrypted subdata obtained by encrypting by elliptic curve encryption method, wherein A can be represented as A1||A2||A3Is represented by A1,A2,A3The combination is A in this order. Representing the second encrypted data by B1、B2、B3Respectively represent the pair of plaintext b1、b2、b3If three second encrypted subdata obtained by encrypting by elliptic curve encryption method are used, B can be represented as B1||B2||B3Is represented by B1、B2、B3The combination is B in this order. The encryption curve used for generating the first encrypted sub-data and the second encrypted sub-data is the same, and may be one of a P256 curve, a P224 curve, a P384 curve, a P512 curve, and the like.
Each of the first encrypted sub-data and each of the second encrypted sub-data may be represented by the following formula (21) to formula (26):
A1=a1*G+ka1*H, (21)
A2=a2*G+ka2*H, (22)
A3=a3*G+ka3*H, (23)
B1=b1*G+kb1*H, (24)
B2=b2*G+kb2*H, (25)
B3=b3*G+kb3*H, (26)
wherein G is a base point, ka1、ka2、ka3、kb1、kb2And kb3And H is a point obtained by encrypting G by using H as an encryption private key, the size of the point is equal to H G, and G and H are on an encryption curve. Wherein H is called an encryption private key, and H is an encryption public key. Because the product of two large prime numbers is easy to calculate, but the prime factor decomposition of the product is difficult, when H is unknown, and only H is known, the encrypted private key H cannot be obtained through the encrypted public key H to decrypt the ciphertext, so that the data confidentiality is improved.
In some possible embodiments, the order-preserving signature is encrypted by an order-preserving private key. Wherein, the order-preserving private key is composed of a first encryption order-preserving blind factor and KAWith a second encryption order-preserving blinding factor and KBAnd (4) determining. Wherein, K isADetermined by the order-preserving blind factor of the first encrypted subdata, KBAnd the order-preserving blind factor of the second encrypted subdata is determined. The order-preserving blind factor of the first encrypted subdata is determined by the sequence of the first encrypted subdata and the first encrypted subdata, and the order-preserving blind factor of the second encrypted subdata is determined by the sequence of the second encrypted subdata and the second encrypted subdata.
Specifically, it can be expressed as the following formula (27) to formula (28):
KA=1*ka1+2*ka2+3*ka3, (27)
KB=1*kb1+2*kb2+3*kb3, (28)
wherein, 1 x ka1、2*ka2、3*ka3、1*kb1、2*kb2And 3 x kb3The order-preserving blind factor can be obtained by the order of the blind factor and the corresponding encrypted sub-data in the encrypted data, that is, the encrypted sub-data is multiplied by several in the order of several items. Calculating KAAnd KBThe order-preserving private key is obtained, data (such as a hash value of A, a hash value of B and the like) is encrypted by the order-preserving private key to generate a signature as an order-preserving signature, and the order-preserving signature is provided to a verification node of the block chain for signature verification.
In some possible embodiments, the equivalent signature is encrypted by an equivalent private key. Wherein the equivalent private key is composed of a first encrypted equivalent blind factor and K'AEqual-value blind factor and K 'to second encryption'BAnd (4) determining. Wherein, K 'is'AK 'is determined by the equivalent blind factor of the first encrypted subdata'BThe value of the blind factor of the second encrypted subdata is determined.
Specifically, K'AAnd K'BAs shown in the following equation (29) to equation (30):
K’A=ka1+ka2+ka3, (29)
K’B=kb1+kb2+kb3, (30)
wherein k isa1、ka2、ka3、kb1、kb2And kb3For the equivalent blind factor, the equivalent blind factor can also be obtained by multiplying the blind factor of the encrypted sub-data by an integer independent of the number of terms, e.g. 2 × ka1、2*ka2、2*ka3、2*kb1、2*kb2And 2 x kb3And also as an equivalent blind factor. Calculating K'AAnd K'BThe equivalent private key is obtained, data (such as a hash value of A, a hash value of B, or a sum of the hash values of A and B) is encrypted by the equivalent private key to generate a signature which is used as an equivalent signature, and the equivalent signature is provided for a verification node of the block chain for signature verification.
The ordering business, the producer and the distributor upload own data to the block chain through encryption, a signature is generated according to information of relevant blind factors, and the verification node acquires two groups of encrypted data and relevant verification signatures from the block chain for verification.
A sequence preserving verification module 402, configured to determine a first public key based on the sequence of the first encrypted sub-data and the first encrypted sub-data, and the sequence of the second encrypted sub-data and the second encrypted sub-data, and verify the signature of the sequence preserving signature based on the first public key.
In some possible embodiments, the first encrypted sub-data in the first encrypted data may be multiplied by the sequence in the encrypted data, that is, the encrypted sub-data may be multiplied by several items to obtain a first encrypted security group, and the items in the first encrypted security group are accumulated to obtain a first encrypted security sum CA(ii) a Multiplying second encrypted subdata in the second encrypted data by the sequence in the encrypted data, namely multiplying the encrypted subdata by several items to obtain a second encrypted security group, and accumulating the items in the second encrypted security group to obtain a second encrypted security sum CB. As shown in the following equation (31) to equation (32):
CA=1*A1+2*A2+3*A3, (31)
CB=1*B1+2*B2+3*B3, (32)
accumulating the items in the second encryption and order-preserving group to obtain a second encryption and order-preserving sum CB. Mixing the above CAAnd the above-mentioned CBSubtracting to obtain the first public key P1As shown in formula (33):
P1=CA-CB=1*(A1-B1)+2*(A2-B2)+3*(A3-B3), (33)
if and only if a1=b1,a2=b2And a is3=b3I.e. the plaintext corresponding to the first encrypted data and the second encrypted data are equal and in the same order, P1Can be represented by formula (34)) Represents:
P1=1*(ka1-kb1)*H+2*(ka2-kb2)*H+3*(ka3-kb3)*H, (34)
at this time, using P1And checking the order-preserving signature, wherein the plaintext corresponding to the first encrypted data and the second encrypted data is equal and in the same order through checking the signature, otherwise, the signature cannot be checked.
If the signature passes the verification, the verification node judges that the encrypted data provider is an orderer and a producer, and can open all rights and share all producer data between the orderer and the producer. If the signature does not pass the verification, the verification node determines that the data provider is not an orderer or producer (possibly a distributor or other person or producer) and further verification is to be performed.
And an equivalent verification module 404, configured to determine a second public key based on the first encrypted sub-data and the second encrypted sub-data, and verify the equivalent signature based on the second public key.
In some possible embodiments, the equivalent signature is encrypted by an equivalent private key. Wherein, the equivalent private key is composed of a first encryption equivalent blind factor and KdAEquivalence of blinding factor and Kd to second encryptionBAnd (4) determining. Wherein, the above KdADetermined by the blinding factor of the first encrypted subdata, the KdBAnd the blind factor of the second encrypted subdata is determined. As shown in the following equation (35) to equation (36):
KdA=ka1+ka2+ka3, (35)
KdB=kb1+kb2+kb3, (36)
wherein k isa1、ka2、ka3、kb1、kb2And kb3Calculating Kd for the blindness factorAAnd KdBObtaining an equivalent private key, encrypting data (such as the hash value of A, the hash value of B, or the sum of the hash values of A and B) with the equivalent private key to generate a signature, and providing the signature as an equivalent signature to the areaAnd checking and signing the block chain nodes.
In some possible embodiments, the determining the second public key based on the first encrypted data and the second encrypted data includes: accumulating the first encrypted subdata in the first encrypted subdata group to obtain a first encrypted equivalent sum DA(ii) a Accumulating the second encrypted subdata in the second encrypted subdata group to obtain a second encrypted equivalent sum DB(ii) a Subjecting the above D toAAnd the above DBSubtracting to obtain the second public key P2
Specifically, the first encrypted sub-data in the first encrypted data may be multiplied by the order in the encrypted data, that is, the encrypted sub-data may be multiplied by several at the several, to obtain a first encrypted equal value group, and the first encrypted equal value group may be accumulated to obtain a first encrypted equal value sum DA(ii) a Multiplying the second encrypted sub-data in the rearranged second encrypted data by the sequence in the encrypted data, i.e. multiplying the encrypted sub-data by several in the order of several items, to obtain a second encrypted equal value group, and accumulating the items in the second encrypted equal value group to obtain a second encrypted equal value sum DB. As shown in the following equation (37) to equation (38):
DA=A1+A2+A3, (37)
DB=B1+B2+B3, (38)
accumulating each item in the second encryption equivalence group to obtain a second encryption equivalence sum DB. Subjecting the above D toAAnd the above DBSubtracting to obtain the second public key P2As shown in equation (39):
P2=DA-DB=A1-B1+A2-B2+A3-B3, (39)
p2 can be expressed by equation (40) if and only if the plaintext corresponding to the first encrypted data and the second encrypted data is equal:
P2=(ka1+ka2+ka3)*H-(kb1+kb2+kb3)*H, (40)
at this time, using P2And checking the equivalent signature, wherein the verification shows that the corresponding plaintexts of the first encrypted data and the second encrypted data are equal but in different sequences, otherwise, the verification fails.
If the signature passes the verification, the verification node judges that the encrypted data provider is a distributor and a producer, and can open part of authority to share part of producer data between the orderer and the producer. If the signature fails verification, the verification node determines that the data provider is not a distributor and producer (and possibly others) and does not open the rights to share data with it.
In the embodiment of the invention, the order-preserving blind factor and the order-preserving private key are obtained by associating the blind factor with the number of items, so that the process of generating the order-preserving signature can realize the strict detection on whether the plaintext data corresponding to the two encrypted data are equivalent and in the same order under the condition of no decryption; the equivalent private key is obtained by calculating the sum of the equivalent blind factors, the influence of the number of terms is eliminated, and whether the plaintexts corresponding to the two encrypted data are equivalent or not and are detected in different sequences can be realized under the condition of no decryption, so that the verification scenes are enriched, and the verification efficiency is improved.
Fig. 4 is a schematic structural diagram of an apparatus according to an embodiment of the present invention. As shown in fig. 4, the apparatus in this embodiment may include: one or more input devices 100; memory 200, one or more processors 300, and one or more output devices 400. The processor 300, the input device 100, the output device 400, and the memory 200 are connected by a bus 500. The memory 200 is used to store a computer program comprising program instructions and the processor 300 is used to execute the program instructions stored by the memory 200.
It should be understood that, in the embodiment of the present invention, the Processor 300 may be a Central Processing Unit (CPU), and the Processor may also be other general processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The input device 100 may include a touch pad, a fingerprint sensor (for collecting fingerprint information of a user and direction information of the fingerprint), a microphone, etc., and the output device 400 may include a display (LCD, etc.), a speaker, etc.
The memory 200 may include both read-only memory and random access memory and provides instructions and data to the processor 300. A portion of memory 200 may also include non-volatile random access memory. For example, the memory 200 may also store device type information.
The processor 300 is configured to execute the program instructions of the memory 200, and may execute operations executed by the data obtaining module 401, the order preserving verification module 402, the ciphertext rearrangement module 403, and the equivalence verification module 404 in the encrypted data verification apparatus described in the embodiment of the present invention, and feed back the file identification result to the output device 400.
In a specific implementation, the processor 300, the input device 100, and the output device 200 described in the embodiments of the present invention may execute the implementation manners described in the embodiments of the encrypted data verification method provided in the embodiments of the present invention, and may also execute the implementation manners of the encrypted data verification apparatus described in the embodiments of the present invention, which is not described herein again.
In another embodiment of the present invention, a computer-readable storage medium is provided, the computer-readable storage medium storing a computer program, the computer program comprising program instructions that when executed by a processor implement: acquiring first encrypted data, second encrypted data, an order-preserving signature and an equivalent signature from a block chain, wherein the first encrypted data consists of a plurality of first encrypted subdata, the second encrypted data consists of a plurality of second encrypted subdata, the order-preserving signature is used for verifying the sequence and the numerical value of plaintext data corresponding to each first encrypted subdata and plaintext data corresponding to each second encrypted subdata, and the equivalent signature is used for verifying the numerical value of the plaintext data corresponding to each first encrypted subdata and plaintext data corresponding to each second encrypted subdata; determining a first public key based on the sequencing of the first encrypted subdata and the sequencing of the second encrypted subdata and the second encrypted subdata, and verifying the signature of the order-preserving signature based on the first public key; and if the signature verification of the order-preserving signature does not pass, determining a second public key based on the first encrypted subdata and the second encrypted subdata, and verifying the equivalent signature based on the second public key.
The computer readable storage medium may be an internal storage unit of the device according to any of the foregoing embodiments, for example, a hard disk or a memory of the device. The computer readable storage medium may be an external storage device of the apparatus, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like provided in the apparatus. Further, the computer-readable storage medium may include both an internal storage unit and an external storage device of the device. The computer-readable storage medium is used for storing the computer program and other programs and data required by the apparatus. The above-described computer-readable storage medium may also be used to temporarily store data that has been output or is to be output.
It should be understood that the terms "first," "second," "third," and "fourth," etc. in the description and claims of this application and in the above-described drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus. Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments. The term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
While the invention has been described with reference to specific embodiments, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (10)

1. A method for encrypted data verification, the method comprising:
acquiring first encrypted data, second encrypted data, an order-preserving signature and an equivalent signature from a block chain, wherein the first encrypted data consists of a plurality of first encrypted subdata, the second encrypted data consists of a plurality of second encrypted subdata, the order-preserving signature is used for verifying the sequence and the numerical value of plaintext data corresponding to each first encrypted subdata and plaintext data corresponding to each second encrypted subdata, and the equivalent signature is used for verifying the numerical value of the plaintext data corresponding to each first encrypted subdata and plaintext data corresponding to each second encrypted subdata;
determining a first public key based on the sequencing of the first encrypted subdata and the sequencing of the second encrypted subdata and the second encrypted subdata, and verifying the signature of the order-preserving signature based on the first public key;
and if the signature verification of the order-preserving signature does not pass, determining a second public key based on the first encrypted subdata and the second encrypted subdata, and verifying the equivalent signature based on the second public key.
2. The method of claim 1, wherein each of the first encrypted sub-data and the second encrypted sub-data is generated by Elliptic Curve Cryptography (ECC) encryption and conforms to the Pedersen Committee format in cryptography.
3. The method of claim 2, wherein the order-preserving signature is encrypted by an order-preserving private key;
wherein the order-preserving private key is composed of a first encryption order-preserving blind factor and KAWith a second encryption order-preserving blinding factor and KBDetermining;
wherein, K isADetermined by the order-preserving blindness factor of the first encrypted subdata, KBDetermining by the order-preserving blind factor of the second encrypted subdata;
the order-preserving blind factor of the first encrypted subdata is determined by the sequence of the first encrypted subdata and the sequence of each first encrypted subdata, and the order-preserving blind factor of the second encrypted subdata is determined by the sequence of the second encrypted subdata and each second encrypted subdata.
4. The method of claim 3, wherein determining the first public key based on the first encrypted data and the second encrypted data comprises:
based on theDetermining each first encrypted subdata and the sequence of each first encrypted subdata to determine each first encrypted order-preserving subdata, and determining the first encrypted order-preserving sum C of each first encrypted order-preserving subdataA
Determining each second encrypted order-preserving sub-data based on the sequence of each second encrypted sub-data and each second encrypted sub-data, and determining a second encrypted order-preserving sum C of each second encrypted order-preserving sub-dataB
Subjecting said C toAAnd said CBAnd subtracting to obtain the first public key.
5. The method of claim 2, wherein the equivalent signature is encrypted by an equivalent private key;
wherein the order-preserving private key is composed of a first encryption equivalent blind factor and KdAEquivalence of blinding factor and Kd to second encryptionBDetermining;
wherein, the KdADetermined by a blind factor of the first encrypted subdata, the KdBDetermined by a blinding factor of the second encrypted sub-data.
6. The method of claim 5, wherein determining a second public key based on the first encrypted data and the second encrypted data comprises:
accumulating the first encrypted subdata in the first encrypted subdata group to obtain a first encrypted equivalent sum DA
Accumulating the second encrypted subdata in the second encrypted subdata group to obtain a second encrypted equivalent sum DB
Subjecting said D toAAnd said DBAnd subtracting to obtain the second public key.
7. An encrypted data authentication apparatus, comprising:
the data acquisition module is used for acquiring first encrypted data, second encrypted data, an order-preserving signature and an equivalent signature from a block chain, wherein the first encrypted data consists of a plurality of first encrypted subdata, the second encrypted data consists of a plurality of second encrypted subdata, the order-preserving signature is used for verifying the order and the numerical value of the plaintext data corresponding to each first encrypted subdata and each second encrypted subdata, and the equivalent signature is used for verifying the numerical value of the plaintext data corresponding to each first encrypted subdata and each second encrypted subdata;
the order preserving verification module is used for determining a first public key based on the sequencing of the first encrypted subdata and the sequencing of the second encrypted subdata and verifying the signature of the order preserving signature based on the first public key;
and the equivalence verification module is used for determining a second public key based on the first encrypted subdata and the second encrypted subdata and verifying the equivalent signature based on the second public key.
8. The apparatus of claim 7, wherein the order-preserving signature is encrypted by an order-preserving private key;
wherein the order-preserving private key is composed of a first encryption order-preserving blind factor and KAWith a second encryption order-preserving blinding factor and KBDetermining;
wherein, K isADetermined by the order-preserving blindness factor of the first encrypted subdata, KBDetermining by the order-preserving blind factor of the second encrypted subdata;
the order-preserving blind factor of the first encrypted subdata is determined by the sequence of the first encrypted subdata and the sequence of each first encrypted subdata, and the order-preserving blind factor of the second encrypted subdata is determined by the sequence of the second encrypted subdata and each second encrypted subdata.
9. An encrypted data authentication device, comprising a processor and a memory, said processor and memory being interconnected;
the memory for storing a computer program comprising program instructions, the processor being configured to invoke the program instructions to perform the method of any of claims 1 to 6.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program which is executed by a processor to implement the method of any one of claims 1 to 6.
CN202011057756.1A 2020-09-29 2020-09-29 Encrypted data verification method, device, equipment and storage medium Pending CN112199692A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011057756.1A CN112199692A (en) 2020-09-29 2020-09-29 Encrypted data verification method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011057756.1A CN112199692A (en) 2020-09-29 2020-09-29 Encrypted data verification method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN112199692A true CN112199692A (en) 2021-01-08

Family

ID=74008198

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011057756.1A Pending CN112199692A (en) 2020-09-29 2020-09-29 Encrypted data verification method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN112199692A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH10153956A (en) * 1996-09-27 1998-06-09 Toshiba Corp Electronic signing method, electronic signing system and recording medium
US20080001752A1 (en) * 2005-04-21 2008-01-03 Skyetek, Inc. System and method for securing rfid tags
CN110069939A (en) * 2019-03-12 2019-07-30 平安科技(深圳)有限公司 Encryption data consistency desired result method, apparatus, computer equipment and storage medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH10153956A (en) * 1996-09-27 1998-06-09 Toshiba Corp Electronic signing method, electronic signing system and recording medium
US20080001752A1 (en) * 2005-04-21 2008-01-03 Skyetek, Inc. System and method for securing rfid tags
CN110069939A (en) * 2019-03-12 2019-07-30 平安科技(深圳)有限公司 Encryption data consistency desired result method, apparatus, computer equipment and storage medium

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
叶俊;于天娇;郭祯;荆兆星;: "基于区块链的可验证医疗数据统计方案", 网络空间安全, no. 12, 25 December 2019 (2019-12-25) *
肖辉远;肖培森;葛利军;: "基于ECC的数字签名方案在网络可信身份认证中的设计与实现", 警察技术, no. 04, 7 July 2017 (2017-07-07) *

Similar Documents

Publication Publication Date Title
JP7304398B2 (en) Methods and systems implemented by blockchain
EP3850786B1 (en) System and method for secure multi-party computation based blockchain transactions
CN107770159B (en) Vehicle accident data recording method and related device and readable storage medium
CN111628868A (en) Digital signature generation method and device, computer equipment and storage medium
CN112737779B (en) Cryptographic machine service method, device, cryptographic machine and storage medium
CA3048425A1 (en) System and method for an electronic identity brokerage
CN109067801A (en) A kind of identity identifying method, identification authentication system and computer-readable medium
CN108900533A (en) A kind of shared data method for secret protection, system, terminal and medium
CN108292402A (en) The determination of the public secret of secure exchange for information and level certainty key
WO2022068354A1 (en) Data verification method, apparatus and device, and storage medium
JP2020530726A (en) NFC tag authentication to remote servers with applications that protect supply chain asset management
CN110597836B (en) Information inquiry request response method and device based on block chain network
CN112804217B (en) Block chain technology-based evidence storing method and device
CN109978543B (en) Contract signing method and device, electronic equipment and storage medium
CN110224984A (en) A kind of multi-party authorization method and device based on block chain technology
US20020091932A1 (en) Qualification authentication method using variable authentication information
CN104012036A (en) Combined digital certificate
US11856095B2 (en) Apparatus and methods for validating user data by using cryptography
CN107104788B (en) Terminal and non-repudiation encryption signature method and device thereof
CN117436043A (en) Method and device for verifying source of file to be executed and readable storage medium
CN112948789A (en) Identity authentication method and device, storage medium and electronic equipment
US20030097559A1 (en) Qualification authentication method using variable authentication information
CN109660490A (en) Data processing method, device, system and storage medium
CN112199692A (en) Encrypted data verification method, device, equipment and storage medium
CN115344882A (en) Multi-party computing method, device and storage medium based on trusted computing environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination