CN112272092B - Data editing method applied to block chain - Google Patents
Data editing method applied to block chain Download PDFInfo
- Publication number
- CN112272092B CN112272092B CN202010891283.9A CN202010891283A CN112272092B CN 112272092 B CN112272092 B CN 112272092B CN 202010891283 A CN202010891283 A CN 202010891283A CN 112272092 B CN112272092 B CN 112272092B
- Authority
- CN
- China
- Prior art keywords
- hash
- record
- node
- verification
- tree
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/56—Provisioning of proxy services
- H04L67/568—Storing data temporarily at an intermediate stage, e.g. caching
- H04L67/5682—Policies or rules for updating, deleting or replacing the stored data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Abstract
The invention discloses a data editing method applied to a block chain, which comprises the following steps: a: constructing a record verification tree; b: if the record deleting operation is executed, entering the step C; if the record modification operation is executed, entering the step F; c: the user and the stakeholder want to delete the records and sign the records; d: all nodes hash, verify and broadcast the signature information in the deletion request; e: deleting the record after the deletion message passes the verification, and inserting the deletion message into the request list; f: the user and the stakeholder want to modify the record to sign; g: all nodes hash, verify and broadcast the signature information in the deletion request; h: and after the modification message passes the verification, deleting the records in the block from the block, inserting the modification message into the request list, and inserting the new records into the new record list. The invention can edit, such as modify and delete, the data on the block chain, and can effectively restrict the data editing behavior of the user.
Description
Technical Field
The invention relates to the field of data editing, in particular to a data editing method applied to a block chain.
Background
Since the concept of the blockchain has been proposed, the blockchain has been generally concerned by all the communities, and the application of the blockchain is not limited to virtual currency, but is widely applied to the fields of internet of things, supply chains, medical treatment and the like. The blockchain is used primarily to store transactions and data in these areas. For transactions, the existing block chain can basically meet the requirement of transaction storage; for data, compared with the traditional centralized storage, the blockchain meets the requirements of decentralization, trust establishment, data non-tampering and the like of a user. However, in the process of using the blockchain, the data on the chain cannot be edited, which brings inconvenience to the user, and there are three main aspects: first, the erroneous data cannot be modified. The blockchain is widely used for storing certificates, health records, IoT data, asset information and the like, and the data are stored on the blockchain, so that the authenticity and the legality of the data are guaranteed. However, if the data written to the block chain is read-only, the error information in the recording cannot be corrected. Second, sensitive data is difficult to delete. Data storage is a basic function of the blockchain, but the function of the blockchain to store data is abused. Third, the failed data cannot be cleaned up. Over a period of time, a chain of blocks may run, and an early block may contain a large amount of stale data. These stale data can continue to occupy a large amount of storage space, resulting in wasted resources.
In order to solve the problems, researchers combine chameleon hash, polynomial and other technologies to improve the hash verification structure, the transaction mode and the like of the block, and the block record modification and deletion functions are realized. Most of the schemes realize the modification and deletion of personal data, namely, a user can change the data on the block only through the identity verification of the node, and other users cannot interfere with the change operation of the user. However, such a design may not be suitable in some scenarios. For example, in the food supply chain, data for a food enterprise needs to be uploaded onto the blockchain for other cooperating enterprises or government regulators to view. On the one hand, the food industry needs to modify the wrong data, which can already be met in existing editable blockchains. On the other hand, if the enterprise modifies the relevant data of the quality problem to achieve the purpose of avoiding the penalty, great difficulty is brought to the supervision of the food safety. Therefore, interest-related parties such as government regulatory departments, cooperative enterprises and the like hope to be capable of restricting the data editing behavior of the processing enterprise, so that the uploaded data cannot be modified randomly, and the purpose of protecting the interests of consumers and enterprises is achieved. But this requirement is difficult to meet in existing editable blockchain schemes.
Disclosure of Invention
The invention aims to provide a data editing method applied to a block chain, which can edit, such as modify and delete, data on the block chain and can effectively restrict data editing behaviors of a user.
The invention adopts the following technical scheme:
a data editing method applied to a blockchain comprises the following steps:
a: constructing a record verification tree;
the record verification tree is a binary and trigeminal mixed tree, the record verification tree has n layers, the layers from the 1 st layer to the n-2 th layer are structure trees, each structure tree is a ternary tree, namely each node has three leaf subnodes, and each node of the structure tree represents a threshold gate; the nth layer and the (n-1) th layer are information trees, and each information tree is a binary tree, namely each node has two leaf nodes; n is a positive integer;
b: judging whether the user executes the record deleting operation or the record modifying operation, and if the user executes the record deleting operation, entering the step C; if the record modification operation is executed, entering the step F;
c: suppose the user wants to delete a recording RL on block i ″1;
First, the user records RL1Hash of1=hash(RL1) Signature Sign (hash) is carried out1) And generates a delete request DelInfo ═ { address, del, Sign (hash)1) Wherein address is a record address, del is a deletion mark, Sign () represents signature calculation for any character, Sign (hash)1) Representing a hash1The signature of (2);
secondly, the user sends a deletion request to the interest-related party;
the stakeholder's hash of the delete request is then made2Signing the hash (DelInfo') and sending the signature to a signature collector;
finally, the signature collector collects the signatures of the parties and generates a delete message DelInfo ═ address, del, Sign (hash)1),MuSign(hash2) And broadcasts a delete message DelInfo into the blockchain network, where MuSign (hash)2) Representing a request for delete hash2Multiple signatures of (2); then entering step D;
d: first, all pairs of nodes delete the signature in the requestThe name information is hashed to generate a signed hash abstract hashsign=hash(Sign(hash1));
Secondly, the hash is carried outsignSubstituting the hash set hashlist of other records into a record Verification tree Verification method Verification () to verify, and solving a secret value e (g, g) stored in the record Verification treesCalculating the hash of the verification parameter with the hash of the verification parameter, and then performing hash calculation to obtain a secret value hash3=hash(e(g,g)s·VPHash);
The following validation was then performed:
1) will hash3Comparing the hash value with the secret value Hash to determine whether the hash value is consistent with the secret value Hash;
2) verifying whether the multiple signatures are legal or not;
accepting a delete action if both items pass verification, otherwise not accepting;
finally, broadcasting the verification result to the block chain network; then entering step E;
e: when the deletion message is verified by more than half of nodes in the whole network, the record RL in the block i ″1Deleting the block and inserting a deletion message into the request list;
f: suppose the user wants to modify the recording RL on block i ″1;
First, the user records RL1Hash of1=hash(RL1) Signature Sign (hash) is carried out1) And to newly record RL'1Hash is carried out to obtain hash'1=hash(RL′1) Simultaneously to hash'1Signature Sign (hash) 'is performed'1);
Next, the user generates a modification request ModifyInfo' ═ { address, mod, Sign (hash)1),hash′1,Sign(hash′1) Sending a modification request to a stakeholder, wherein address is a record address, mod is a modification mark, Sign () represents signature calculation on any character, and Sign (hash) represents signature calculation1) Is a hash1Of 'signature, hash'1Is RL'1Hash of (1), Sign (hash)'1) Is hash'1The signature of (2);
the stakeholder's hash of the modification request is then made2Signing the hash (ModifyInfo') and sending the signature to a signature collector;
finally, the signature collector collects the signatures of all parties and generates a modification message ModifyInfo { address, mod, Sign (hash)1),hash′1,Sign(hash′1),MuSign(hash2) And a regenerated record RL1' sent together onto a blockchain network, where MuSign (hash)2) Representing a hash on a modification request2Multiple signatures of (2); then entering step G;
g: firstly, all nodes hash the signature information in the modification request to generate hash abstract hashsign=hash(Sign(hash1));
Secondly, the hash is carried outsignSubstituting the hash set hashlist of other records into the Verification tree Verification () of the record and solving the secret value e (g, g) stored in the Verification tree of the records;
Then, the secret value e (g, g)sCalculating with the verification parameter Hash, and then performing Hash calculation to obtain secret value Hash3=hash(e(g,g)sVPHash) and verified as follows:
1) will hash3Comparing the hash value with the secret value Hash to determine whether the hash value is consistent with the secret value Hash;
2) for newly generated record RL1' Hash calculation is performed, and the calculated record RL is recorded1'Hash value of modification message'1Comparing whether the two are consistent;
3) verifying whether the multiple signatures are legal or not;
if the three items are verified, the modification action is accepted, otherwise, the modification action is not accepted;
finally, broadcasting the verification result to the block chain network; then entering step H;
h: when the modification message is verified by more than half of nodes in the whole network, the RL record in the block is recorded1Deleting from the block, inserting modification messages into the request listThe new record is inserted into the new record list.
The step A comprises the following steps:
a1: an initialization step: initializing by authorization center, selecting a q-order bilinear group with generator gThen, generating a system security parameter SP:
wherein the content of the first and second substances,is a prime order bilinear group, g is a generator, q is a bilinear groupE (g, g) is a bilinear calculation formula;
a2: a generation step: generating (SP, RL) which represents the generation of a record verification tree, RL represents a record set, and the generating step is executed by a block link point;
firstly, the block chain link points construct the record verification tree according to the record set RL and the construction rule
Second, the tree is validated for recordsEach node ofSelect onePolynomial of degreeWherein the content of the first and second substances,represents a node of the log verification tree that records,is a nodeA threshold value for the number of sub-nodes,is a nodeA corresponding polynomial;
again, the secret parameters are randomly selectedAs a log verification treeStoring the secret value and storing the secret parameter s in a log verification treeIn the root node R of (2); then let qR(0) For other nodes, let
Wherein q isR(0) S denotes that the dependent variable of the polynomial corresponding to the root node R when the independent variable is 0 is s,a finite integer field modulo a prime number q,representing nodesThe node of the node (c) is,representing nodesAn index of (2);
finally, let Y be the record verification treeCalculating a verification tree parameter VP, a verification parameter Hash VPHash and a secret value Hash SHAsh:
VPHash=hash(VP) (3)
SHash=hash(VPHash·e(g,g)s) (4)
wherein the content of the first and second substances,verify leaf nodes of the tree for records and andto calculate the composition parameters of the verification tree parameters VP,presentation recordingThe value of the dependent variable when the independent variable of the corresponding polynomial is 0,hash function H () represents the mapping of an arbitrary binary character to a bilinear group A hash digest representing the associated record of the leaf node y,representing a hash digestMapping to bilinear groups Representing attributes for any attribute belonging to the attribute set YAll can calculate to obtain parametersAndfor generating the verification tree parameter VP, hash () is a function of compressing a message of arbitrary length to a message digest of some fixed length;
the block chain node packs the verification tree parameter VP, the verification parameter Hash VPHash, the secret value Hash, the record set RL and other block information together to generate a block, the block is broadcasted to the whole network, the block is stored in a block chain after being confirmed, and the other block information comprises a timestamp, a father block Hash and a version number;
a3: a verification step; verification (RL, VP), which represents the Verification of the record by the record Verification tree; the verification step is executed by the block link point; taking a record set RL and a verification tree parameter VP of the block as input, and outputting a verification result;
in the verification process:
first, decryption is performed by the authentication systemRepresenting a decryption record verification tree to obtain a secret value A saved by a root node;
second, the tree is verified from the recordThe leaf node starts to calculate the value stored by the node, the value of the node of the previous layer is calculated by using recursion, and the secret value stored by the root node R is solved by calculating layer by layer;
then, the secret value a of the root node R of the log verification tree is calculated:
wherein q isR(0) A value of a dependent variable when an argument of a polynomial corresponding to the root node is 0, and z represents a child node of the current node;
finally, the newly calculated secret value hash 'is compared with the original secret value hash, if the hash' is consistent with the original secret value hash, the record is true and valid, and if the hash is inconsistent, the block record is tampered.
In the step a1, e (g, g) is a bilinear calculation formula, and satisfies the following properties:
(2) The non-degradable nature of the coating is not degraded,make itIt is true that the first and second sensors,representsA unit cell of the group;
Wherein the content of the first and second substances,andis a prime order bilinear group,a finite integer field representing modulo a prime number q, the integer a belonging toExponent used in bilinear computations, the integer b belongs toThe number of indices used in the bilinear computation,belong toBase number used in bilinear computing, beta belonging toBase numbers used in bilinear computations.
In the step a3, in the process of calculating the secret value of the root node R:
If t ∈ RL, then
Wherein t is a nodeThe corresponding value of the record is recorded,presentation recordingWhen the independent variable of the corresponding polynomial is 0, the value of the dependent variable is corresponded,. quadrature.represents 'invalid input', and the hash function H (t) represents the nodeMapping of corresponding record values t to bilinear groups
For non-leaf nodes, performing layer-by-layer decryption operation from bottom to topMaking; for all belonging nodesThe child node z calls DecryptNode (VP, z) and outputs the secret value F corresponding to the child node zz;SxRepresents a group ofF iszNot ≠ T node z; wherein the content of the first and second substances,is a nodeZ represents a child node of node x, FzRepresenting the secret value corresponding to node z;
if no such set exists, the function returns ×, if such set exists, then it is calculated according to lagrange interpolation:
wherein the content of the first and second substances,representing nodesThe corresponding value of the secret is used,representing nodesThe set of all children nodes, i' represents the index of node z,representing nodesSet of z indices of corresponding child nodes, qz(0) The value of the dependent variable when the argument of the polynomial corresponding to the node z is 0,denotes an index i' and is aggregatedThe interpolation basis function of the corresponding Lagrange interpolation method, parent (z) represents the father node of the node z, index (z) represents the index of the node z, qparent(z)(index (z)) represents the value of the dependent variable of the polynomial corresponding to the parent node of node z when the argument is the index of node z,representing nodesThe independent variable of the corresponding polynomial is i' and corresponds to the value of the dependent variable.
The invention realizes the editing of the record by constructing the special verification mode of the record verification tree; and then, multiple signatures are introduced into the invention, when a user needs to edit the record, the interest-interested party signs, and the editing operation can be executed only after the signature verification is passed, so that the record can not be edited randomly, and the interests of the interest-interested party are protected in the scenes of a supply chain, the Internet of things and the like. The invention can realize the editing, such as modification and deletion, of the data on the block chain, and can also effectively restrict the data editing behavior of a user.
Drawings
FIG. 1 is a schematic flow chart of the present invention.
Detailed Description
The invention is described in detail below with reference to the following figures and examples:
as shown in fig. 1, the data editing method applied to a block chain according to the present invention includes the following steps:
a: constructing a record verification tree;
the record verification tree is a binary and trigeminal mixed tree, the record verification tree has n layers, the layers from the 1 st layer to the n-2 th layer are structure trees, each structure tree is a ternary tree, namely each node has three leaf subnodes, and each node of the structure tree represents a threshold gate; the nth layer and the (n-1) th layer are information trees, and each information tree is a binary tree, namely each node has two leaf nodes; n is a positive integer;
the block chain system constructs an information tree for each record in the block chain; one leaf node in the information tree stores a hash value of a record for verifying the authenticity of the record, another leaf node in the information tree stores a hash value of a record signature for verifying the validity of modification and deletion operations in data editing, and a parent node in the information tree stores an or gate.
In the invention, the record verification tree is used for verifying not only the original record but also the modification OR deletion operation, the OR is used for connecting the two hash values, when one hash value exists, the modification OR deletion of the record can be realized through the verification of the record verification tree, the occupation of storage space caused by frequently modifying the record can be effectively saved, and the requirement of modifying the record by a user in the scene of the Internet of things and a supply chain is met.
From bottom to top, at the (n-2) th layer, every three information trees form a structure tree, the root node of each structure tree represents an AND gate, from the (n-3) th layer, every three structure trees form a composite structure tree, and the root node of each composite structure tree represents an AND gate; repeating the previous operation until only one node is left, and completing the construction of the record verification tree; if the number of the remaining information trees or the remaining structure trees is less than three, one or two of the remaining information trees or the remaining structure trees are combined into one structure tree or a composite structure tree;
in the invention, the AND gate is used because each information tree represents a record, and all the records in the block can be connected into a whole by connecting the AND gate with the information tree, thereby ensuring the safety of the records. Further, in mapping the record verification tree to the polynomial, the more one node is connected to the information tree, the more calculation amount is required at the time of decryption. Therefore, in order to reduce the amount of computation of the polynomial at the time of decryption, the child nodes of the structure tree do not exceed three.
In the invention, the construction process of the record verification tree comprises the following steps:
a1: an initialization step:
initializing by authorization center, selecting a q-order bilinear group with generator gThen, system safety parameters SP are generated:
wherein the content of the first and second substances,is a prime order bilinear group, g is a generator, q is a bilinear groupE (g, g) is a bilinear calculation formula, and the following well-known properties are satisfied:
(2) The non-degradable nature of the coating is not degraded,make itIt is true that the first and second sensors,representsA unit cell of the group;
Wherein the content of the first and second substances,andis a prime order bilinear group,a finite integer field representing modulo a prime number q, the integer a belonging toExponent used in bilinear computations, the integer b belongs toThe number of indices used in the bilinear computation,belong toBase number used in bilinear computing, beta belonging toBase numbers used in bilinear computations. The above-mentioned known properties are conventional in the art and will not be described in detail herein.
A2: a generation step:
generation (SP, RL) denotes generation of a record verification tree, RL denotes a record set, and the generation step is executed by a block link point.
Firstly, the block chain link points construct the record verification tree according to the record set RL and the construction rule
Second, the tree is validated for recordsEach node ofSelect onePolynomial of degreeWherein the content of the first and second substances,represents a node of the log verification tree that records,is a nodeA threshold value for the number of sub-nodes,is a nodeA corresponding polynomial;
again, the secret parameters are randomly selectedAs a log verification treeStoring the secret value and storing the secret parameter s in a log verification treeIn the root node R of (2); then let qR(0) For other nodes, letWherein q isR(0) S denotes that the dependent variable of the polynomial corresponding to the root node R when the independent variable is 0 is s,a finite integer field modulo a prime number q,representing nodesThe node of the node (c) is,representing nodesAn index of (2);
finally, let Y be the record verification treeCalculating a verification tree parameter VP, a verification parameter Hash VPHash and a secret value Hash SHAsh:
VPHash=hash(VP) (3)
SHash=hash(VPHash·e(g,g)s) (4)
wherein the content of the first and second substances,verify leaf nodes of the tree for records and andto calculate the composition parameters of the verification tree parameters VP,presentation recordingThe hash function H () represents the mapping of an arbitrary binary character to a bilinear group A hash digest representing the associated record of the leaf node y,representing a hash digestMapping to bilinear groups Representing attributes for any attribute belonging to the attribute set YAll can calculate to obtain parametersAndfor generating the verification tree parameter VP, hash () is a function of compressing a message of arbitrary length to a message digest of some fixed length;
and the block chain node packs the verification tree parameter VP, the verification parameter Hash VPHash, the secret value Hash, the record set RL and other block information together to generate a block, broadcasts the block to the whole network, and stores the block in a block chain after the block is confirmed. Other block information includes a timestamp, a parent block hash and a version number, which belong to the conventional technology in the field and are not described herein again.
A3: a verification step;
verification (RL, VP), which represents the Verification of a record by a record Verification tree; the verification step is executed by the block link point; taking a record set RL and a verification tree parameter VP of the block as input, and outputting a verification result;
in the verification process:
first, decryption is performed by the authentication system Representing a decryption record verification tree to obtain a secret value A saved by a root node;
second, the tree is verified from the recordThe leaf node starts to calculate the value stored by the node, the value of the node of the previous layer is calculated by using recursion, and the secret value stored by the root node R is solved by calculating layer by layer;
then, the secret value a of the root node R of the log verification tree is calculated:
wherein q isR(0) A value of a dependent variable when an argument of a polynomial corresponding to the root node is 0, and z represents a child node of the current node (here, the root node R);
finally, the newly calculated secret value hash 'is compared with the original secret value hash, if the hash' is consistent with the original secret value hash, the record is true and valid, and if the hash is inconsistent, the block record is tampered.
In the process of computing the secret value of the root node R:
If t ∈ RL, then
Wherein t is a nodeThe corresponding value of the record is recorded,presentation recordingWhen the independent variable of the corresponding polynomial is 0, the value of the corresponding dependent variable is inverted-Function H (t) represents the nodeMapping of corresponding record values t to bilinear groups
For non-leaf nodes, performing layer-by-layer decryption operation from bottom to top; for all belonging nodesThe child node z calls DecryptNode (VP, z) and outputs the secret value F corresponding to the child node zz;SxRepresents a group ofF iszNot ≠ T node z; wherein the content of the first and second substances,is a nodeZ represents a child node of node x, FzRepresenting the secret value corresponding to node z;
if no such set exists, the function returns ×, if such set exists, then it is calculated according to lagrange interpolation:
wherein the content of the first and second substances,representing nodesThe corresponding value of the secret is used,representing nodesThe set of all children nodes, i' represents the index of node z,representing nodesSet of z indices of corresponding child nodes, qz(0) The value of the dependent variable when the argument of the polynomial corresponding to the node z is 0,denotes an index i' and is aggregatedThe interpolation basis function of the corresponding Lagrange interpolation method, parent (z) represents the father node of the node z, index (z) represents the index of the node z, qparent(z)(index (z)) represents the value of the dependent variable of the polynomial corresponding to the parent node of node z when the argument is the index of node z,representing nodesWhen the independent variable of the corresponding polynomial is i', the value of the corresponding dependent variable is defined as follows:
for an unknown polynomial of degree n, if n +1 different points of the polynomial are known to be at xiFunction value y at (i ═ 0,1, …, n)i(i-0, 1, …, n) (i.e., the function is over (x)i,yi)i=0,1,…,nThese n +1 points), then one lagrange interpolation polynomial can be uniquely determinedWherein Δj(x) For the interpolation basis function, the expression is:
where n is the polynomial power, i represents the number of dots and i is 0,1, …, n, xiIs the abscissa of point i, yiIs the ordinate, P, of point i(x)Represents a lagrange interpolation polynomial, j represents the number of points and j is 0,1, …, n, yjIndicates the corresponding ordinate value, Δ, of the number jj(x) For interpolating basis functions, x represents the argument of the polynomial, xjIs the abscissa of point j;
b: judging whether the user executes the record deleting operation or the record modifying operation, and if the user executes the record deleting operation, entering the step C; if the record modification operation is executed, entering the step F;
c: suppose the user wants to delete a recording RL on block i ″1;
First, the user records RL1Hash of1=hash(RL1) Signature Sign (hash) is carried out1) And generates a delete request DelInfo ═ { address, del, Sign (hash)1) Wherein address is a record address, del is a deletion mark, Sign () represents signature calculation for any character, Sign (hash)1) Representing a hash1The signature of (2);
secondly, the user sends a deletion request to the interest-related party;
the stakeholder's hash of the delete request is then made2The signature is signed by hash (DelInfo') and sent to a signature collector, and the interest-related party generally comprises an enterprise partner, a government regulatory department and the like;
finally, the signature collector collects the signatures of the parties and generates a delete message DelInfo ═ address, del, Sign (hash)1),MuSign(hash2) And broadcasts a delete message DelInfo into the blockchain network, where MuSign (hash)2) Representing a request for delete hash2Multiple signatures of (2); then, the mixture is fed to a reactorEntering the step D;
d: firstly, all nodes hash the signature information in the deletion request to generate a signed hash digest hashsign=hash(Sign(hash1));
Secondly, the hash is carried outsignSubstituting the hash set hashlist of other records into a record Verification tree Verification method Verification () to verify, and solving a secret value e (g, g) stored in the record Verification treesCalculating the hash of the verification parameter with the hash of the verification parameter, and then performing hash calculation to obtain a secret value hash3=hash(e(g,g)s·VPHash);
The following validation was then performed:
1) will hash3Comparing the hash value with the secret value Hash to determine whether the hash value is consistent with the secret value Hash;
2) verifying whether the multiple signatures are legal or not;
accepting a delete action if both items pass verification, otherwise not accepting;
finally, broadcasting the verification result to the block chain network; then entering step E;
e: when the deletion message is verified by more than half of nodes in the whole network, the record RL in the block i ″1Deleting the block and inserting a deletion message into the request list;
f: suppose the user wants to modify the recording RL on block i ″1;
First, the user records RL1Hash of1=hash(RL1) Signature Sign (hash) is carried out1) And to newly record RL'1Hash is carried out to obtain hash'1=hash(RL′1) Simultaneously to hash'1Signature Sign (hash) 'is performed'1);
Next, the user generates a modification request ModifyInfo' ═ { address, mod, Sign (hash)1),hash′1,Sign(hash′1) Sending a modification request to a stakeholder, wherein address is a record address, mod is a modification mark, Sign () represents signature calculation on any character, and Sign (hash) represents signature calculation1) Is a hash1Is signedName, hash'1Is RL'1Hash of (1), Sign (hash)'1) Is hash'1The signature of (2);
the stakeholder's hash of the modification request is then made2Signing the hash (ModifyInfo') and sending the signature to a signature collector;
finally, the signature collector collects the signatures of all parties and generates a modification message ModifyInfo { address, mod, Sign (hash)1),hash′1,Sign(hash′1),MuSign(hash2) And a regenerated record RL1' sent together onto a blockchain network, where MuSign (hash)2) Representing a hash on a modification request2Multiple signatures of (2); then entering step G;
g: firstly, all nodes hash the signature information in the modification request to generate hash abstract hashsign=hash(Sign(hash1));
Secondly, the hash is carried outsignSubstituting the hash set hashlist of other records into the Verification tree Verification () of the record and solving the secret value e (g, g) stored in the Verification tree of the records;
Then, the secret value e (g, g)sCalculating with the verification parameter Hash, and then performing Hash calculation to obtain secret value Hash3=hash(e(g,g)sVPHash) and verified as follows:
1) will hash3Comparing the hash value with the secret value Hash to determine whether the hash value is consistent with the secret value Hash;
2) for newly generated record RL1' Hash calculation is performed, and the calculated record RL is recorded1'Hash value of modification message'1Comparing whether the two are consistent;
3) verifying whether the multiple signatures are legal or not;
if the three items are verified, the modification action is accepted, otherwise, the modification action is not accepted;
finally, broadcasting the verification result to the block chain network; then entering step H;
h: when the modification message is verified by more than half of nodes in the whole networkThen, the record RL in the block1Deleting from the block, inserting the modification message into the request list, and inserting the new record into the new record list.
Claims (3)
1. A data editing method applied to a block chain is characterized by comprising the following steps:
a: constructing a record verification tree;
the record verification tree is a binary and trigeminal mixed tree, the record verification tree has n layers, the layers from the 1 st layer to the n-2 th layer are structure trees, each structure tree is a ternary tree, namely each node has three leaf nodes, and each node of the structure tree represents a threshold gate; the nth layer and the (n-1) th layer are information trees, and each information tree is a binary tree, namely each node has two leaf nodes; n is a positive integer;
b: judging whether the user executes the record deleting operation or the record modifying operation, and entering the step C if the user executes the record deleting operation; if the record modification operation is executed, entering the step F;
c: suppose the user wants to delete a recording RL on block i ″1;
First, the user records RL1Hash of1=hash(RL1) Signature Sign (hash) is carried out1) And generates a delete request DelInfo ═ { address, del, Sign (hash)1) Wherein address is a record address, del is a deletion mark, Sign () represents signature calculation for any character, Sign (hash)1) Representing a hash1The signature of (2);
secondly, the user sends a deletion request to the interest-related party;
the stakeholder's hash of the delete request is then made2Signing the hash (DelInfo') and sending the signature to a signature collector;
finally, the signature collector collects the signatures of the parties and generates a delete message DelInfo ═ address, del, Sign (hash)1),MuSign(hash2) And broadcasts a delete message DelInfo into the blockchain network, where MuSign (hash)2) Representing a request for delete hash2Multiple signatures of (2); however, the device is not suitable for use in a kitchenThen entering the step D;
d: firstly, all nodes hash the signature information in the deletion request to generate a signed hash digest hashsign=hash(Sign(hash1));
Secondly, the hash is carried outsignSubstituting the hash set hashlist of other records into a record Verification tree Verification method Verification () to verify, and solving a secret value e (g, g) stored in the record Verification treesCalculating the hash of the verification parameter with the hash of the verification parameter, and then performing hash calculation to obtain a secret value hash3=hash(e(g,g)s·VPHash);
The following validation was then performed:
1) will hash3Comparing the hash value with the secret value Hash to determine whether the hash value is consistent with the secret value Hash;
2) verifying whether the multiple signatures are legal or not;
accepting a delete action if both items pass verification, otherwise not accepting;
finally, broadcasting the verification result to the block chain network; then entering step E;
e: when the deletion message is verified by more than half of nodes in the whole network, the record RL in the block i ″1Deleting the block and inserting a deletion message into the request list;
f: suppose the user wants to modify the recording RL on block i ″1;
First, the user records RL1Hash of1=hash(RL1) Signature Sign (hash) is carried out1) And to newly record RL'1Hash is carried out to obtain hash'1=hash(RL′1) Simultaneously to hash'1Signature Sign (hash) 'is performed'1);
Next, the user generates a modification request ModifyInfo' ═ { address, mod, Sign (hash)1),hash′1,Sign(hash′1) Sending a modification request to a stakeholder, wherein address is a record address, mod is a modification mark, Sign () represents signature calculation on any character, and Sign (hash) represents signature calculation1) Is a hash1Of 'signature, hash'1Is RL'1Hash of (1), Sign (hash)'1) Is hash'1The signature of (2);
the stakeholder's hash of the modification request is then made2Signing the hash (ModifyInfo') and sending the signature to a signature collector;
finally, the signature collector collects the signatures of all parties and generates a modification message ModifyInfo { address, mod, Sign (hash)1),hash′1,Sign(hash′1),MuSign(hash2) And regenerated record RL'1Sent together onto a blockchain network, where MuSign (hash)2) Representing a hash on a modification request2Multiple signatures of (2); then entering step G;
g: firstly, all nodes hash the signature information in the modification request to generate hash abstract hashsign=hash(Sign(hash1));
Secondly, the hash is carried outsignSubstituting the hash set hashlist of other records into the Verification tree Verification () of the record and solving the secret value e (g, g) stored in the Verification tree of the records;
Then, the secret value e (g, g)sCalculating with the verification parameter Hash, and then performing Hash calculation to obtain secret value Hash3=hash(e(g,g)sVPHash) and verified as follows:
1) will hash3Comparing the hash value with the secret value Hash to determine whether the hash value is consistent with the secret value Hash;
2) for newly generated record RL1' Hash calculation is performed, and the calculated record RL is recorded1'Hash value of modification message'1Comparing whether the two are consistent;
3) verifying whether the multiple signatures are legal or not;
if the three items are verified, the modification action is accepted, otherwise, the modification action is not accepted;
finally, broadcasting the verification result to the block chain network; then entering step H;
h: when the modification message is verified by more than half of nodes in the whole network, the RL record in the block is recorded1From the blockDeleting, inserting the modification message into the request list, and inserting the new record into the new record list;
wherein, the step A comprises the following steps:
a1: an initialization step: initializing by authorization center, selecting a q-order bilinear group with generator gThen, generating a system security parameter SP:
wherein the content of the first and second substances,is a prime order bilinear group, g is a generator, q is a bilinear groupE (g, g) is a bilinear calculation formula;
a2: a generation step: generating (SP, RL) which represents the generation of a record verification tree, RL represents a record set, and the generating step is executed by a block link point;
firstly, the block chain link points construct the record verification tree according to the record set RL and the construction rule
Second, the tree is validated for recordsEach node ofSelect onePolynomial of degreeWherein the content of the first and second substances,represents a node of the log verification tree that records,is a nodeA threshold value for the number of sub-nodes,is a nodeA corresponding polynomial;
again, the secret parameters are randomly selectedAs a log verification treeStoring the secret value and storing the secret parameter s in a log verification treeIn the root node R of (2); then let qR(0) For other nodes, let
Wherein q isR(0) S denotes that the dependent variable of the polynomial corresponding to the root node R when the independent variable is 0 is s,a finite integer field modulo a prime number q,representing nodesThe node of the node (c) is,representing nodesAn index of (2);
finally, let Y be the record verification treeCalculating a verification tree parameter VP, a verification parameter Hash VPHash and a secret value Hash SHAsh:
VPHash=hash(VP) (3)
SHash=hash(VPHash·e(g,g)s) (4)
wherein the content of the first and second substances,verify leaf nodes of the tree for records and andto calculate the composition parameters of the verification tree parameters VP,presentation recordingThe hash function H () represents the mapping of an arbitrary binary character to a bilinear group A hash digest representing the associated record of the leaf node y,representing a hash digestMapping to bilinear groups Representing attributes for any attribute belonging to the attribute set YCan be calculated to obtain parametersAndfor generating the verification tree parameter VP, hash () is a kind of arbitrary lengthA function that compresses messages of degree to a message digest of a certain fixed length;
the block chain node packs the verification tree parameter VP, the verification parameter Hash VPHash, the secret value Hash, the record set RL and other block information together to generate a block, the block is broadcasted to the whole network, the block is stored in a block chain after being confirmed, and the other block information comprises a timestamp, a father block Hash and a version number;
a3: a verification step; verification (RL, VP), which represents the Verification of a record by a record Verification tree; the verification step is executed by the block link point; taking a record set RL and a verification tree parameter VP of the block as input, and outputting a verification result;
in the verification process:
first, decryption is performed by the authentication systemRepresenting a decryption record verification tree to obtain a secret value A saved by a root node;
second, the tree is verified from the recordThe leaf node starts to calculate the value stored by the node, and calculates the value of the node on the upper layer by using recursion until solving the secret value stored by the root node R layer by layer;
then, the secret value a of the root node R of the log verification tree is calculated:
wherein q isR(0) Representing the value of a dependent variable when the independent variable of the polynomial corresponding to the root node is 0, and z represents a child node of the current node;
and finally, comparing the newly calculated secret value Hash 'with Hash (A. VPHash), judging whether the Hash' is consistent with the original secret value Hash, if so, indicating that the record is real and effective, and if not, indicating that the block record is tampered.
2. The data editing method applied to the block chain according to claim 1, characterized in that: in the step a1, e (g, g) is a bilinear calculation formula, and satisfies the following properties:
(2) The non-degradable nature of the coating is not degraded,make itIt is true that the first and second sensors,representsA unit cell of the group;
Wherein the content of the first and second substances,andis a prime order bilinear group,a finite integer field representing modulus as a prime number q, the integer a belonging toExponent used in bilinear computations, the integer b belongs toThe exponents used in the bilinear computation,belong toBase number used in bilinear computing, beta belonging toBase numbers used in bilinear computations.
3. The data editing method applied to the block chain according to claim 2, wherein: in the step a3, in the process of calculating the secret value of the root node R:
If t ∈ RL, then
Wherein t is a nodeThe corresponding value of the record is recorded,presentation recordingWhen the independent variable of the corresponding polynomial is 0, the value of the dependent variable is corresponded,. quadrature.represents 'invalid input', and the hash function H (t) represents the nodeMapping of corresponding record value t to bilinear group
For non-leaf nodes, performing layer-by-layer decryption operation from bottom to top; for all belonging nodesThe child node z calls DecryptNode (VP, z) and outputs the secret value F corresponding to the child node zz;SxRepresents a group ofF iszNot ≠ T node z; wherein the content of the first and second substances,is a nodeZ represents a child node of node x, FzRepresenting correspondences of node zA secret value;
if no such set exists, the function returns ×, if such a set exists, then it is calculated according to lagrange interpolation:
wherein the content of the first and second substances,representing nodesThe corresponding value of the secret is used,representing nodesThe set of all children nodes, i' represents the index of node z,representing nodesSet of z indices of corresponding child nodes, qz(0) The value of the dependent variable when the argument of the polynomial corresponding to the node z is 0,denotes an index i' and is aggregatedThe interpolation basis function of the corresponding Lagrange interpolation method, parent (z) represents the father node of the node z, index (z) represents the index of the node z, qparent(z)(index (z)) indicates that the polynomial corresponding to the parent node of node z is automorphicThe quantity is the value of the dependent variable at the index of node z,representing nodesThe value of the dependent variable when the independent variable of the corresponding polynomial is i'.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010891283.9A CN112272092B (en) | 2020-08-30 | 2020-08-30 | Data editing method applied to block chain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010891283.9A CN112272092B (en) | 2020-08-30 | 2020-08-30 | Data editing method applied to block chain |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112272092A CN112272092A (en) | 2021-01-26 |
CN112272092B true CN112272092B (en) | 2021-07-27 |
Family
ID=74349657
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010891283.9A Active CN112272092B (en) | 2020-08-30 | 2020-08-30 | Data editing method applied to block chain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112272092B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113378213B (en) * | 2021-04-20 | 2022-06-21 | 华南农业大学 | Block chain safety deleting method capable of recording and tracing |
CN113783839B (en) * | 2021-08-06 | 2023-04-07 | 华润数字科技有限公司 | Block chain data updating method and device, computer equipment and storage medium |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10592873B2 (en) * | 2018-05-21 | 2020-03-17 | Microsoft Technology Licensing, Llc | Edit transactions for blockchains |
CN108830602B (en) * | 2018-06-27 | 2022-03-29 | 电子科技大学 | Permission chain construction and management and control method based on chameleon hash function |
CN110061850B (en) * | 2019-04-24 | 2021-04-23 | 电子科技大学 | Collision calculation method of chameleon hash function and editable block chain construction method |
CN110457297B (en) * | 2019-07-10 | 2022-02-15 | 北京航空航天大学 | Editable block chain system and method based on multi-authority attribute encryption |
CN110474762B (en) * | 2019-08-22 | 2021-05-25 | 电子科技大学 | Method for constructing ring-type editable block chain |
CN110489422B (en) * | 2019-08-23 | 2022-04-08 | 电子科技大学 | Automatic block chain repairing method |
CN110730204B (en) * | 2019-09-05 | 2022-09-02 | 创新先进技术有限公司 | Method for deleting nodes in block chain network and block chain system |
CN110572254B (en) * | 2019-09-12 | 2020-12-04 | 中国科学院信息工程研究所 | Lattice-based block chain changeable method |
-
2020
- 2020-08-30 CN CN202010891283.9A patent/CN112272092B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN112272092A (en) | 2021-01-26 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Zheng et al. | Fair and dynamic proofs of retrievability | |
Chepurnoy et al. | Edrax: A cryptocurrency with stateless transaction validation | |
EP2338127B1 (en) | Cryptographic accumulators for authenticated hash tables | |
CN111819817A (en) | Method and system for block chain implementation for bilinear mapping accumulator-based authorization | |
CN109272316B (en) | Block implementing method and system based on block chain network | |
CN112272092B (en) | Data editing method applied to block chain | |
Sengupta et al. | Retricoin: Bitcoin based on compact proofs of retrievability | |
CN101004805A (en) | Digital document management system, digital document management method, and digital document management program | |
CN109525403B (en) | Anti-leakage public cloud auditing method supporting full-dynamic parallel operation of user | |
CN111639935A (en) | Account book modification method applicable to editable block chain | |
CN113612615B (en) | Audit privacy protection authentication method based on SM9 cryptographic algorithm | |
KR20220122977A (en) | How to use blockchain | |
US20090313171A1 (en) | Electronic transaction verification | |
US20240007303A1 (en) | Method and system for digital signatures utilizing multiplicative semigroups | |
Alhaddad et al. | Succinct erasure coding proof systems | |
CN115001730B (en) | Access control system and method based on role attribute in distributed scene | |
Li et al. | Hash-based signature revisited | |
Oualha et al. | Verifying remote data integrity in peer-to-peer data storage: A comprehensive survey of protocols | |
JP6685968B2 (en) | Data management system, data management method, and data management program | |
Lin et al. | Linearly homomorphic signatures from lattices | |
CN108632257B (en) | Method and system for acquiring encrypted health record supporting hierarchical search | |
CN112671712B (en) | Cloud data integrity verification method and system supporting efficient dynamic update | |
CN115964407A (en) | Double-copy power network security audit method, system, medium and equipment | |
Falzon et al. | Short Privacy-Preserving Proofs of Liabilities | |
CN112434281A (en) | Multi-factor identity authentication method oriented to alliance chain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |