CN112865968B - Data ciphertext hosting method and system, computer equipment and storage medium - Google Patents

Data ciphertext hosting method and system, computer equipment and storage medium Download PDF

Info

Publication number
CN112865968B
CN112865968B CN202110172110.6A CN202110172110A CN112865968B CN 112865968 B CN112865968 B CN 112865968B CN 202110172110 A CN202110172110 A CN 202110172110A CN 112865968 B CN112865968 B CN 112865968B
Authority
CN
China
Prior art keywords
data
ciphertext
key
encryption
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110172110.6A
Other languages
Chinese (zh)
Other versions
CN112865968A (en
Inventor
李亚博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Wanxiang Blockchain Inc
Original Assignee
Shanghai Wanxiang Blockchain Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Wanxiang Blockchain Inc filed Critical Shanghai Wanxiang Blockchain Inc
Priority to CN202110172110.6A priority Critical patent/CN112865968B/en
Publication of CN112865968A publication Critical patent/CN112865968A/en
Application granted granted Critical
Publication of CN112865968B publication Critical patent/CN112865968B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB

Abstract

The invention provides a data ciphertext hosting method, a system, computer equipment and a storage medium, wherein a client initiates a request for authorizing and managing own ciphertext data, a DID storage and management center correspondingly generates and stores a public key and a private key, and returns the public key to the client; the client generates a data encryption key and a key primitive image, encrypts plaintext data into ciphertext data in the client, and uploads and stores the corresponding ciphertext data; the client generates a public key of a user, encrypts a key primitive by using the public key, generates a data encryption key ciphertext, generates a plurality of re-encryption keys by using the private key and a public key returned by the client authorization respectively, and uploads the user public key, the data encryption key ciphertext and the re-encryption key to a DID (digital information display) storage center to host re-encrypted data; the requester requests the DID storage and management center to obtain the user DID identifier list. The invention realizes the purpose of protecting the privacy of the user data while multiplexing the user data, and any participant can not independently obtain the plaintext information of the user data.

Description

Data ciphertext hosting method and system, computer equipment and storage medium
Technical Field
The invention relates to the field of data security, in particular to a data ciphertext hosting method, a data ciphertext hosting system, computer equipment and a storage medium.
Background
Everyone has fragmentary information on the network or in various places, such as favorite song lists in the music APP, sick cases in hospitals and identity card information in the payment treasures. Different APPs, or scenarios, may require the user to provide this already available information again, which is cumbersome. And traditional APP, platform and the like need to pass information verification, but user information given usually exceeds the verification range, so that the leakage risk of data information is greatly increased.
The invention collects fragmented information, then manages the information together in a DID storage center (DID BANK), wherein DID represents distributed digital identity, and finally gives the information or result required by the requester according to the content required by the requester, so that the given information is minimized, and the disclosure is avoided, for example, games need to verify whether you are full of years 18, and only need to obtain the result from DID BANK to the requester, but not directly tell the content beyond the requirement such as identification card number and identification card picture. Thereby greatly improving data security.
The invention patent of patent document CN111866018A discloses a data information encryption transmission method, device, computer equipment and storage medium. The method comprises the following steps: generating key information according to a key generation rule and generating a corresponding key array, performing parallel arrangement based on algebraic budget on the key array according to the key arrangement rule to obtain a round key array, encrypting data information to be encrypted input by a user according to the encryption rule and the round key array to obtain encrypted information, and sending the encrypted information and a public key in the key information to a management server to realize encrypted sending of the data information. The invention is based on the information encryption technology, belongs to the technical field of passwords, and adopts a parallel arrangement process based on algebraic budget to perform parallel arrangement processing with higher efficiency on a key array, thereby improving the generation efficiency of the round key array and further improving the efficiency of carrying out encryption transmission processing on data information. But the above scheme cannot realize the controllability of data.
Disclosure of Invention
Aiming at the defects in the prior art, the invention aims to provide a data ciphertext hosting method, a data ciphertext hosting system, computer equipment and a storage medium.
The data ciphertext hosting method provided by the invention comprises the following steps:
and (3) authorization step: the client generates a unique identifier DID, attaches an authorization data field, initiates a request for authorizing and managing the ciphertext data of the client to a decentralized identity DID storage center, receives the authorization request of the client by the decentralized identity DID storage center, generates and stores a public key and returns the public key to the client;
a storage step: the client generates a data encryption key and a key primitive image, plaintext data is encrypted into ciphertext data in the client by using the data encryption key, and the corresponding ciphertext data is uploaded to a centralized identity DID storage center for storage;
an encryption step: the client side generates a user public and private key, encrypts a key primitive by using the user public key, generates a data encryption key ciphertext, generates a plurality of re-encryption keys by using the private key and a public key returned by the client side authorization respectively, uploads the user public key, the data encryption key ciphertext and the re-encryption key to a centralized identity DID storage center, and an agent re-encryption provider hosts re-encryption data;
a request step: the requester specifies a limiting condition of an authorized user to be pushed, and requests the decentralized identity DID storage center to acquire a user DID identification list.
Preferably, in the authorization step, a decryption provider of the decentralized identity DID storage center generates and stores a corresponding public and private key according to an authorization data field attached to the client, and the decentralized identity DID storage center returns a public key corresponding to the field to the client.
Preferably, the client generates a field-corresponding data encryption key and a key original image using a data key generation algorithm.
Preferably, the plaintext data is encrypted at the client by using a data encryption key to generate ciphertext data, and the ciphertext data is stored by the ciphertext service provider.
Preferably, in the encrypting step, the private key is used to encrypt a plurality of field public keys provided by a decryption provider of the decentralized identity DID repository to generate a plurality of re-encrypted keys.
Preferably, the proxy re-encryption provider is a proxy re-encryption provider which is registered in a ciphertext service provider of the decentralized identity DID repository.
Preferably, the requesting step comprises:
step S1: the requesting party specifies the field and the constraint condition of the authorized user to be pushed, the id of the requesting party and the id of the request, and requests a decentralized identity DID (digital identification) storage center;
step S2: a coordination/aggregation service provider in the decentralized identity DID storage center stores the request id, the query field and the mapping relation of the condition and requests a ciphertext service provider;
step S3: the ciphertext service provider takes out a series of ciphertext data, finds out a corresponding re-encryption provider according to the field, obtains corresponding proxy re-encryption data, and performs re-encryption algorithm calculation on the proxy re-encryption data to obtain a re-encryption ciphertext;
step S4: the ciphertext server requests a coordination/aggregation server, and the coordination/aggregation server respectively requests decryption providers corresponding to the fields according to the received different fields;
step S5: the decryption provider decrypts the re-encrypted ciphertext corresponding to the field by using the private key to obtain a data encryption key corresponding to the field, decrypts the received data ciphertext of the ciphertext service provider, filters the data ciphertext according to the condition to obtain a logic value, and returns the logic value to the coordination/aggregation service provider;
step S6: the coordination/aggregation service provider aggregates the results and requests the ciphertext service provider;
step S7: and (5) the ciphertext service provider obtains corresponding requester id information according to the request id according to the mapping relation in the step (S2), obtains the client terminal endpoint corresponding to the requester, and attaches the did result list to the request requester interface.
The invention also provides a data ciphertext hosting system, which comprises the following modules:
an authorization module: the client generates a unique identifier DID, attaches an authorization data field, initiates a request for authorizing and managing the ciphertext data of the client to a DID (digital information display) storage and management center, receives the authorization request of the client by the decentralized identity DID storage and management center, generates and stores a public key, and returns the public key to the client;
a storage module: the client generates a data encryption key and a key primitive image, encrypts plaintext data into ciphertext data in the client, and uploads the corresponding ciphertext data to a centralized identity DID storage and management center for storage;
an encryption module: the client side generates a user public and private key, encrypts a key primitive by using the user public key, generates a data encryption key ciphertext, generates a plurality of re-encryption keys by using the private key, uploads the user public key, the data encryption key ciphertext and the re-encryption keys to a centralized identity DID storage center, and an agent re-encryption provider hosts re-encrypted data;
a request module: the requester specifies a limiting condition of an authorized user to be pushed, and requests the decentralized identity DID storage center to acquire a user DID identification list.
The invention also provides a computer device, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor executes the computer program to realize the data ciphertext hosting method.
The present invention also provides a computer-readable storage medium storing a computer program which, when executed by a processor, causes the processor to execute the above-described data cipher text hosting method.
Compared with the prior art, the invention has the following beneficial effects:
1. the invention realizes the purpose of protecting the data privacy of the user while multiplexing the user data by adopting the proxy re-encryption technology and removing the data encryption key of the centralized identity DID storage and management center without directly contacting the user.
2. The invention adopts a multi-party cooperation mode, and the decentralized identity DID storage center has a plurality of participant roles, thereby realizing that any participant can not independently acquire the corresponding user data plaintext information in the decentralized identity DID storage center.
Drawings
Other features, objects and advantages of the invention will become more apparent upon reading of the detailed description of non-limiting embodiments with reference to the following drawings:
fig. 1 is a schematic diagram of a data ciphertext hosting system.
Fig. 2 is a schematic diagram of a data ciphertext hosting system.
Fig. 3 and 4 are flowcharts of data ciphertext hosting method steps.
Detailed Description
The present invention will be described in detail with reference to specific examples. The following examples will assist those skilled in the art in further understanding the invention, but are not intended to limit the invention in any way. It should be noted that it would be obvious to those skilled in the art that various changes and modifications can be made without departing from the spirit of the invention. All falling within the scope of the present invention.
As shown in fig. 1 to 4, the present invention provides a data ciphertext hosting method, system, computer device and storage medium, in this scheme, the DID Bank adopts a proxy re-encryption technique, and the participant roles mainly include a ciphertext service provider, a re-encryption provider, a coordination/aggregation service provider, a decryption provider, and the like. The user initiates authorization to the DID Bank, after the authorization is successful, the user uploads the ciphertext data, the DID Bank realizes the purpose of protecting the privacy and the safety of the user data while multiplexing the user data in a multi-party cooperation mode, and any participant can not independently acquire the plaintext information of the user data in the DID Bank.
The data ciphertext hosting method comprises the following steps:
step 1: the client generates a unique identifier DID, attaches an authorization data field, initiates an authorization request to a DID Bank, authorizes the DID Bank to manage own ciphertext data, receives the authorization request, generates and stores a corresponding public and private key according to the field by a decryption provider, and returns the public key corresponding to the field to the client by the DID Bank.
Step 2: the client generates a data encryption key and a key original image corresponding to the field by using a data key generation algorithm, encrypts plaintext data at the client by using the encryption key, uploads corresponding ciphertext data to a DID (differential encryption) Bank, attaches a DID identifier, and stores the data by a ciphertext service provider.
And step 3: the client generates a user public key, uses the user public key to encrypt the data encryption key originals corresponding to a plurality of fields respectively to generate a data encryption key ciphertext, uses the private key to encrypt the field public keys provided by a DID Bank decryption provider respectively to generate a plurality of re-encryption keys, and finally uploads the user public key, the data encryption key ciphertext corresponding to the fields and the re-encryption key corresponding to the fields to the DID Bank, and the proxy re-encryption provider registered in a ciphertext service provider is used for hosting the re-encrypted data.
And 4, step 4: the requester specifies the limit condition of the authorized user to be pushed, requests the DID Bank and acquires the user DID identification list.
Specifically, the step 4 comprises the following steps:
step 4.1: the requesting party specifies the field and qualification conditions (e.g. age > 18) of the authorized user to be pushed, the id of the requesting party and the id of the request, and the information as above, and requests DID Bank.
Step 4.2: and the coordination/aggregation service provider in the DID Bank saves the request id, inquires the mapping relation between the field and the condition and requests the ciphertext service provider.
Step 4.3: and the ciphertext service provider takes out a series of ciphertext data according to a certain strategy, finds out a corresponding re-encryption provider according to the field, obtains corresponding proxy re-encryption data by the re-encryption provider, and calculates the proxy re-encryption data through a re-encryption algorithm to obtain a re-encryption ciphertext.
Step 4.4: the ciphertext server requests the coordination/aggregation server, and the coordination/aggregation server respectively requests decryption providers corresponding to the fields according to the received different fields.
Step 4.5: and the decryption provider decrypts the re-encrypted ciphertext corresponding to the field by using the private key to obtain a data encryption key corresponding to the field, decrypts the received data ciphertext of the ciphertext service provider, filters the data ciphertext according to the condition to obtain a logic value, and returns the logic value to the coordination/aggregation service provider.
Step 4.6: the coordination/aggregation facilitator aggregates the results and requests the ciphertext facilitator.
Step 4.7: and 4, the ciphertext service provider obtains corresponding requester id information according to the request id according to the mapping relation in the step 4.2, obtains a client terminal endpoint corresponding to the requester, and attaches a did result list to request the requester interface.
The invention also provides a data ciphertext hosting system, which comprises:
an authorization module: the client generates a unique identifier DID, attaches an authorization data field, initiates a request for authorization management of own ciphertext data to a DID Bank, receives the authorization request of the client, generates and stores a public key and a private key, and returns the public key to the client;
a storage module: the client generates a data encryption key and a key original image corresponding to the field by using a data key generation algorithm, encrypts plaintext data at the client by using the encryption key, uploads corresponding ciphertext data to a DID (differential encryption) Bank, attaches a DID identifier, and stores the data by a ciphertext service provider.
An encryption module: the client generates a user public key, uses the user public key to encrypt the data encryption key originals corresponding to a plurality of fields respectively to generate a data encryption key ciphertext, uses the private key to encrypt the field public keys provided by a DID Bank decryption provider respectively to generate a plurality of re-encryption keys, and finally uploads the user public key, the data encryption key ciphertext corresponding to the fields and the re-encryption key corresponding to the fields to the DID Bank, and the proxy re-encryption provider registered in a ciphertext service provider is used for hosting the re-encrypted data.
A request module: the requester specifies the limit condition of the authorized user to be pushed and requests the DID Bank to acquire the user DID identification list.
Those skilled in the art will appreciate that, in addition to implementing the system and its various devices, modules, units provided by the present invention as pure computer readable program code, the system and its various devices, modules, units provided by the present invention can be fully implemented by logically programming method steps in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Therefore, the system and various devices, modules and units thereof provided by the invention can be regarded as a hardware component, and the devices, modules and units included in the system for realizing various functions can also be regarded as structures in the hardware component; means, modules, units for performing the various functions may also be regarded as structures within both software modules and hardware components for performing the method.
The foregoing description of specific embodiments of the present invention has been presented. It is to be understood that the present invention is not limited to the specific embodiments described above, and that various changes or modifications may be made by one skilled in the art within the scope of the appended claims without departing from the spirit of the invention. The embodiments and features of the embodiments of the present application may be combined with each other arbitrarily without conflict.

Claims (8)

1. A data ciphertext hosting method is characterized by comprising the following steps:
and (3) authorization step: the client generates a unique identifier DID, attaches an authorization data field, initiates a request for authorizing and managing the ciphertext data of the client to a decentralized identity DID storage center, receives the authorization request of the client by the decentralized identity DID storage center, generates and stores a public key and returns the public key to the client;
a storage step: the client generates a data encryption key and a key primitive image, plaintext data is encrypted into ciphertext data in the client by using the data encryption key, and the corresponding ciphertext data is uploaded to a centralized identity DID storage center for storage;
an encryption step: the client side generates a user public and private key, encrypts a key primitive by using the user public key, generates a data encryption key ciphertext, generates a plurality of re-encryption keys by using the private key and a public key returned by the client side authorization respectively, uploads the user public key, the data encryption key ciphertext and the re-encryption key to a centralized identity DID storage center, and an agent re-encryption provider hosts re-encryption data;
a request step: the requester specifies a limiting condition of an authorized user to be pushed, and requests a decentralized identity DID storage center to acquire a user DID identification list;
in the authorization step, a decryption provider of the decentralized identity DID storage center generates and stores a corresponding public and private key according to an authorization data field attached by the client, and the decentralized identity DID storage center returns a public key corresponding to the field to the client;
the requesting step includes:
step S1: the requesting party specifies the field and the constraint condition of the authorized user to be pushed, the id of the requesting party and the id of the request, and requests a decentralized identity DID (digital identification) storage center;
step S2: a coordination/aggregation service provider in the decentralized identity DID storage center stores the request id, the query field and the mapping relation of the condition and requests a ciphertext service provider;
step S3: the ciphertext service provider takes out a series of ciphertext data, finds out a corresponding re-encryption provider according to the field, obtains corresponding proxy re-encryption data, and performs re-encryption algorithm calculation on the proxy re-encryption data to obtain a re-encryption ciphertext;
step S4: the ciphertext server requests a coordination/aggregation server, and the coordination/aggregation server respectively requests decryption providers corresponding to the fields according to the received different fields;
step S5: the decryption provider decrypts the re-encrypted ciphertext corresponding to the field by using the private key to obtain a data encryption key corresponding to the field, decrypts the received data ciphertext of the ciphertext service provider, filters the data ciphertext according to the condition to obtain a logic value, and returns the logic value to the coordination/aggregation service provider;
step S6: the coordination/aggregation service provider aggregates the results and requests the ciphertext service provider;
step S7: and (5) the ciphertext service provider obtains corresponding requester id information according to the request id according to the mapping relation in the step (S2), obtains the client terminal endpoint corresponding to the requester, attaches the did result list and requests the requester interface.
2. The data ciphertext hosting method of claim 1, wherein the client generates the field-corresponding data encryption key and the key primitive using a data key generation algorithm.
3. The data ciphertext hosting method of claim 1, wherein the plaintext data is encrypted at the client using the data encryption key to generate ciphertext data, and the ciphertext data is stored by the ciphertext service provider.
4. The method for escrowing data ciphertext according to claim 1, wherein in the encrypting step, the DID storage center encrypts the plurality of field public keys provided by the decryption provider by using a private key to generate a plurality of re-encrypted keys.
5. The data ciphertext hosting method of claim 1, wherein the proxy re-encryption provider is a proxy re-encryption provider that has registered with a ciphertext facilitator of a decentralized identity DID hosting center.
6. A data ciphertext hosting system, capable of implementing the steps of the data ciphertext hosting method of any one of claims 1 to 5, comprising the following modules:
an authorization module: the client generates a unique identifier DID, attaches an authorization data field, initiates a request for authorizing and managing the ciphertext data of the client to a decentralized identity DID storage center, receives the authorization request of the client by the decentralized identity DID storage center, generates and stores a public key and returns the public key to the client;
a storage module: the client generates a data encryption key and a key primitive image, plaintext data is encrypted into ciphertext data in the client by using the data encryption key, and the corresponding ciphertext data is uploaded to a centralized identity DID storage center for storage;
an encryption module: the client side generates a user public and private key, encrypts a key primitive by using the user public key, generates a data encryption key ciphertext, generates a plurality of re-encryption keys by using the private key and a public key returned by the client side authorization respectively, uploads the user public key, the data encryption key ciphertext and the re-encryption key to a centralized identity DID storage center, and an agent re-encryption provider hosts re-encryption data;
a request module: the requester specifies a limiting condition of an authorized user to be pushed, and requests the decentralized identity DID storage center to acquire a user DID identification list.
7. A computer device comprising a memory, a processor, and a computer program stored on the memory and running on the processor, wherein the processor, when executing the computer program, implements the data ciphertext hosting method of any of claims 1 to 5.
8. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program which, when executed by a processor, causes the processor to perform the data ciphertext hosting method of any one of claims 1 to 5.
CN202110172110.6A 2021-02-08 2021-02-08 Data ciphertext hosting method and system, computer equipment and storage medium Active CN112865968B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110172110.6A CN112865968B (en) 2021-02-08 2021-02-08 Data ciphertext hosting method and system, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110172110.6A CN112865968B (en) 2021-02-08 2021-02-08 Data ciphertext hosting method and system, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN112865968A CN112865968A (en) 2021-05-28
CN112865968B true CN112865968B (en) 2021-12-03

Family

ID=75989194

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110172110.6A Active CN112865968B (en) 2021-02-08 2021-02-08 Data ciphertext hosting method and system, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN112865968B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111191288A (en) * 2019-12-30 2020-05-22 中电海康集团有限公司 Block chain data access authority control method based on proxy re-encryption

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8566247B1 (en) * 2007-02-19 2013-10-22 Robert H. Nagel System and method for secure communications involving an intermediary
US9252942B2 (en) * 2012-04-17 2016-02-02 Futurewei Technologies, Inc. Method and system for secure multiparty cloud computation
CN103442059B (en) * 2013-08-27 2017-02-01 华为终端有限公司 File sharing method and device
CN105610845B (en) * 2016-01-05 2019-07-09 深圳云安宝科技有限公司 A kind of data routing method based on cloud service, apparatus and system
CN107086911B (en) * 2017-03-31 2020-04-07 西安电子科技大学 CCA (clear channel assessment) safe proxy re-encryption method capable of delegating verification
CN110855671B (en) * 2019-11-15 2022-02-08 三星电子(中国)研发中心 Trusted computing method and system
CN111614670A (en) * 2020-05-20 2020-09-01 浙江大华技术股份有限公司 Method and device for sending encrypted file and storage medium

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111191288A (en) * 2019-12-30 2020-05-22 中电海康集团有限公司 Block chain data access authority control method based on proxy re-encryption

Also Published As

Publication number Publication date
CN112865968A (en) 2021-05-28

Similar Documents

Publication Publication Date Title
CN109862041B (en) Digital identity authentication method, equipment, device, system and storage medium
CN108418680B (en) Block chain key recovery method and medium based on secure multi-party computing technology
CN108292402B (en) Determination of a common secret and hierarchical deterministic keys for the secure exchange of information
CN106664202B (en) Method, system and computer readable medium for providing encryption on multiple devices
JP4855940B2 (en) Efficient management of cryptographic key generation
CN112131316B (en) Data processing method and device applied to block chain system
CN108768633B (en) Method and device for realizing information sharing in block chain
US20200344218A1 (en) Secure message search
US20140281520A1 (en) Secure cloud data sharing
CN103763319A (en) Method for safely sharing mobile cloud storage light-level data
CN113162752B (en) Data processing method and device based on hybrid homomorphic encryption
US20200336470A1 (en) Method and apparatus for effecting a data-based activity
US11616643B2 (en) System and method of management of a shared cryptographic account
Selvamani et al. A review on cloud data security and its mitigation techniques
Gajmal et al. Blockchain-based access control and data sharing mechanism in cloud decentralized storage system
Thangavel et al. An analysis of privacy preservation schemes in cloud computing
KR20120002729A (en) Search system and method in multi-user
US20220360429A1 (en) Location-key encryption system
CN112865968B (en) Data ciphertext hosting method and system, computer equipment and storage medium
Sowmiya et al. Secure cloud storage model with hidden policy attribute based access control
CN112400295A (en) Managing central private keys of multiple user devices associated with a single public key
Nandini et al. Implementation of hybrid cloud approach for secure authorized deduplication
Liu et al. Lightweight Fine-Grained Multiowner Search over Encrypted Data in Cloud-Edge Computing
CN114553557B (en) Key calling method, device, computer equipment and storage medium
Chang et al. A dependable storage service system in cloud environment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant