CN112995205A - Query method, device, equipment and storage medium based on block chain - Google Patents

Query method, device, equipment and storage medium based on block chain Download PDF

Info

Publication number
CN112995205A
CN112995205A CN202110392181.7A CN202110392181A CN112995205A CN 112995205 A CN112995205 A CN 112995205A CN 202110392181 A CN202110392181 A CN 202110392181A CN 112995205 A CN112995205 A CN 112995205A
Authority
CN
China
Prior art keywords
data
public key
initiator
request
responder
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110392181.7A
Other languages
Chinese (zh)
Other versions
CN112995205B (en
Inventor
荆博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Baidu Netcom Science and Technology Co Ltd
Original Assignee
Beijing Baidu Netcom Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Baidu Netcom Science and Technology Co Ltd filed Critical Beijing Baidu Netcom Science and Technology Co Ltd
Priority to CN202110392181.7A priority Critical patent/CN112995205B/en
Publication of CN112995205A publication Critical patent/CN112995205A/en
Application granted granted Critical
Publication of CN112995205B publication Critical patent/CN112995205B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/24Querying
    • G06F16/245Query processing
    • G06F16/2455Query execution
    • G06F16/24553Query execution of query operations
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Computational Linguistics (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The disclosure provides a query method, a query device, equipment and a storage medium based on a block chain, relates to the technical field of computers, particularly relates to the technical field of the block chain, and can be used for cloud computing and cloud services. The specific implementation scheme is as follows: determining first data query information and second data query information, and determining an initiator public key of a request initiator; sending a query request including the first data query information, the second data query information and the initiator public key to the request responder, and instructing the request responder to execute: respectively determining a first data ciphertext and a second data ciphertext according to the first data query information, the second data query information, the initiator public key and the responder private key based on the block chain; and acquiring the first data ciphertext and the second data ciphertext from the request responder, and decrypting one of the first data ciphertext and the second data ciphertext. The embodiment of the disclosure can improve the data query safety based on the block chain.

Description

Query method, device, equipment and storage medium based on block chain
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to the field of blockchain technologies, which can be used for cloud computing and cloud services, and in particular, to a query method, apparatus, device, and storage medium based on blockchains.
Background
With the development of the blockchain technology, the application of the blockchain network is more and more extensive. In a federated network, a blockchain network may be formed from M mechanisms providing blockchain nodes, providing computing and storage capabilities, for use with N mechanisms, where N is greater than M.
In addition, some mechanisms select to build and deploy a block chain network through cloud services, and part or even all of block chain nodes are built in the cloud. How the blockchain network handles the query request is important.
Disclosure of Invention
The disclosure provides a query method, device, equipment and storage medium based on a block chain.
According to an aspect of the present disclosure, there is provided a block chain-based query method, including:
determining first data query information and second data query information, and determining an initiator public key of a request initiator;
sending a query request including the first data query information, the second data query information and the initiator public key to a request responder, for instructing the request responder to perform: respectively determining a first data ciphertext and a second data ciphertext according to the first data query information, the second data query information, the initiator public key and the responder private key based on the block chain;
and acquiring the first data ciphertext and the second data ciphertext from the request responder, and decrypting one of the first data ciphertext and the second data ciphertext.
According to another aspect of the present disclosure, there is provided another block chain-based query method, including:
acquiring a query request comprising first data query information, second data query information and an initiator public key of a request initiator from the request initiator;
respectively determining a first data ciphertext and a second data ciphertext according to the first data query information, the second data query information, the initiator public key and the responder private key based on the block chain;
and sending the first data ciphertext and the second data ciphertext to the request initiator, so as to instruct the request initiator to decrypt one of the first data ciphertext and the second data ciphertext.
According to another aspect of the present disclosure, there is provided a block chain-based query apparatus, including:
the query request determining module is used for determining the first data query information and the second data query information and determining an initiator public key of a request initiator;
a query request sending module, configured to send a query request including the first data query information, the second data query information, and the initiator public key to a request responder, and instruct the request responder to perform: respectively determining a first data ciphertext and a second data ciphertext according to the first data query information, the second data query information, the initiator public key and the responder private key based on the block chain;
and the data decryption module is used for acquiring the first data ciphertext and the second data ciphertext from the request responder and decrypting one of the first data ciphertext and the second data ciphertext.
According to another aspect of the present disclosure, there is provided a block chain-based query apparatus, including:
the query request acquisition module is used for acquiring a query request comprising first data query information, second data query information and an initiator public key of a request initiator from the request initiator;
the data ciphertext determining module is used for determining a first data ciphertext and a second data ciphertext respectively according to the first data query information, the second data query information, the initiator public key and the responder private key based on the block chain;
and the data ciphertext sending module is used for sending the first data ciphertext and the second data ciphertext to the request initiator, and is used for indicating the request initiator to decrypt one of the first data ciphertext and the second data ciphertext.
According to still another aspect of the present disclosure, there is provided an electronic device including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform a blockchain based query method provided by any embodiment of the disclosure.
According to yet another aspect of the present disclosure, there is provided a non-transitory computer readable storage medium having stored thereon computer instructions for causing a computer to execute a blockchain based query method provided by any embodiment of the present disclosure.
According to yet another aspect of the present disclosure, there is provided a computer program product comprising a computer program which, when executed by a processor, implements the blockchain based query method provided by any embodiment of the present disclosure.
According to the technology disclosed by the invention, the data query safety based on the block chain can be improved.
It should be understood that the statements in this section do not necessarily identify key or critical features of the embodiments of the present disclosure, nor do they limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
Drawings
The drawings are included to provide a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:
FIG. 1 is a schematic diagram of a block chain based query method according to an embodiment of the present disclosure;
FIG. 2 is a schematic diagram of another block chain based query method according to an embodiment of the present disclosure;
FIG. 3 is a schematic diagram of yet another block chain based query method according to an embodiment of the present disclosure;
FIG. 4 is a schematic diagram of yet another block chain based query method according to an embodiment of the present disclosure;
FIG. 5 is a schematic diagram of an interaction between a request initiator and a request responder according to an embodiment of the present disclosure;
FIG. 6 is a schematic diagram of a block chain based query device according to an embodiment of the present disclosure;
FIG. 7 is a schematic diagram of another block chain based query device according to an embodiment of the present disclosure;
fig. 8 is a block diagram of an electronic device for implementing a blockchain-based query method according to an embodiment of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure are described below with reference to the accompanying drawings, in which various details of the embodiments of the disclosure are included to assist understanding, and which are to be considered as merely exemplary. Accordingly, those of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
The scheme provided by the embodiment of the disclosure is described in detail below with reference to the accompanying drawings.
In the embodiment of the present disclosure, the request responder may be a full-scale node in the blockchain network, and the request initiator may be a lightweight node in the blockchain network. The lightweight nodes are similar to the full-scale nodes, and are deployed with deployment data of block chains, such as intelligent contracts and consensus mechanisms. Therefore, can participate in the transaction request interaction process of the block chain, but not store all block data. When the lightweight node needs to query the transaction data in the block chain, a query request can be sent to the full-scale node in real time to acquire the block data, and the block data can be verified in a set mode. The lightweight node has lower requirements on the hardware configuration of the deployed equipment, can be integrated on the operating system level, controls the hardware in the electronic equipment, can interact with upper-layer application software at the same time, and provides block chain support for the functions of the application software.
Fig. 1 is a schematic diagram of a block chain-based query method provided according to an embodiment of the present disclosure, which is applicable to a case where a request initiator uses a block chain of a request responder to perform data query. The method can be executed by a block chain-based query device, which can be implemented in hardware and/or software and can be configured in the electronic equipment of the request initiator. Referring to fig. 1, the method specifically includes the following steps:
s110, determining first data query information and second data query information, and determining an initiator public key of a request initiator;
s120, sending an inquiry request including the first data inquiry information, the second data inquiry information, and the initiator public key to a request responder, where the inquiry request is used to instruct the request responder to perform: respectively determining a first data ciphertext and a second data ciphertext according to the first data query information, the second data query information, the initiator public key and the responder private key based on the block chain;
s130, the first data ciphertext and the second data ciphertext are obtained from the request responder, and one of the first data ciphertext and the second data ciphertext is decrypted.
Wherein, the request initiator can be a lightweight node with a query request. The first data query information is used for querying first data from the block chain, the second data query information is used for querying second data from the block chain, and the first data query information and the second data query information can be identifications of the data in the block chain.
In the embodiment of the present disclosure, when a request initiator needs to query a certain data, not only query information of the data but also query information of another data are determined, and first data query information and second data query information are obtained, respectively, that is, one of the first data and the second data is data that the request initiator needs to use, and the other is data that the request initiator does not need to use.
In the case where the request originator needs to use the first data, the originator public key of the request originator is different from that in the case where the request originator needs to use the second data.
The request initiator also sends a query request comprising the first data query information, the second data query information and the initiator public key to the request responder, so that the request responder executes: and respectively inquiring from the block chain according to the first data inquiry information and the second data inquiry information to obtain first data and second data, and respectively encrypting the first data and the second data by adopting an initiator public key and a responder private key to obtain a first data ciphertext and a second data ciphertext. It should be noted that, since the initiator public key is different between the case where the first data is selected to be used and the case where the second data is selected to be used, the encryption key of the first data and the encryption key of the second data determined based on the initiator public key are also different in both cases.
After the request initiator acquires the first data ciphertext and the second data ciphertext from the request responder, one of the first data ciphertext and the second data ciphertext can be decrypted to obtain a decryption result, namely, the first data ciphertext can be decrypted under the condition that the request initiator selects to use the first data; in case the request originator chooses to use the second data, the second data cryptogram can be decrypted. When the request initiator needs to use one piece of data, the first data query information and the second data query information are respectively determined, and when the request initiator selects to use different data, the public key of the initiator, the encryption key of the first data and the encryption key of the second data are all different, so that the request initiator can decrypt the data ciphertext selected to be used, and the data query request of the request initiator can be met; under the condition that one data is needed to be used, two data are inquired from the request responder, so that the request responder cannot obtain the data use requirement of the request initiator, namely the data use requirement of the request initiator can be prevented from being leaked, and the inquiry request security of the request initiator is improved.
According to the technical scheme of the embodiment of the disclosure, under the condition that one part of data needs to be used, not only is the query information of the data determined, but also the query information of the other part of data is determined, and different initiator public keys are determined under the condition that different data are selected to be used, so that one part of two parts of data in a secret text can be decrypted, and the data use request of a request initiator can be met; moreover, the data use requirement of the request initiator can be prevented from being revealed to the request responder, and the query request security of the request initiator can be improved.
Fig. 2 is a schematic flowchart of another block chain-based query method according to an embodiment of the present disclosure. The present embodiment is an alternative proposed on the basis of the above-described embodiments. Referring to fig. 2, the query method based on the blockchain provided in this embodiment includes:
s210, determining first data query information and second data query information;
s220, determining whether to select to use the first data or the second data; and, in case the first data is selected, S230 is continuously performed; in the case where the second data is selected, S240 is performed;
s230, taking the inquiry public key generated for the inquiry request as the initiator public key of the request initiator; and, proceed to S250;
s240, determining an initiator public key of the request initiator according to the inquiry public key and a responder public key of the request responder; and, proceed to S250;
s250, sending an inquiry request including the first data inquiry information, the second data inquiry information, and the initiator public key to a request responder, where the inquiry request is used to instruct the request responder to perform: respectively determining a first data ciphertext and a second data ciphertext according to the first data query information, the second data query information, the initiator public key and the responder private key based on the block chain;
s260, acquiring the first data ciphertext and the second data ciphertext from the request responder;
s270, under the condition that first data are selected, determining a first data private key according to a public key of a responder and a query private key generated for a query request, and decrypting the first data ciphertext by adopting the first data private key; and under the condition of selecting second data, determining a second data private key according to the responder public key and the inquiry private key, and decrypting the second data ciphertext by adopting the second data private key.
Specifically, an inquiry public key and an inquiry private key are generated for the inquiry request, and the inquiry public key is used as an initiator public key of a request initiator under the condition that the first data is selected to be used; and under the condition that the second data is selected to be used, determining an initiator public key according to the inquiry public key and a responder public key of the request responder, so that under the condition that the first data and the second data are selected to be used, the initiator public key is different. Through different public keys of the initiator, the request responder encrypts data by adopting different encryption keys under the condition of selecting to use the first data and the second data, so that the request responder can decrypt different data ciphertexts. It should be noted that different query public keys and query private keys can be generated for different query requests, that is, the query public key and the query private key can be disposable, so that the query public key and the query private key are prevented from being leaked, and the data use requirement is prevented from being leaked.
In addition, under the condition that the request initiator selects to use the first data, the request initiator can only decrypt the first data ciphertext but cannot decrypt the second data ciphertext; under the condition that the request initiator selects to use the second data, the request initiator can only decrypt the second data ciphertext but cannot decrypt the first data ciphertext, namely, the request initiator can only decrypt the data to be used but cannot decrypt another data, so that the leakage of the other data can be avoided, and the block chain data processing safety is improved.
In an alternative embodiment, the first data ciphertext and the second data ciphertext are generated by: inquiring first data and second data from the block chain according to the first data inquiry information and the second data inquiry information respectively; determining a first data public key according to the initiator public key and the responder private key; determining an auxiliary public key according to the initiator public key and the responder public key, and determining a second data public key according to the auxiliary public key and the responder private key; and encrypting the first data by adopting the first data public key to obtain the first data ciphertext, and encrypting the second data by adopting the second data public key to obtain the second data ciphertext.
In the embodiment of the present disclosure, the first data public key and the second data public key are determined in different manners. Specifically, the first data public key and the second data public key may be respectively determined by the following formulas:
Pub'0=Hash(Pub'B^Prv'A)×G,Pub'1=Hash[(Pub'B-Pub'A)^Prv'A]×G;
the method comprises the following steps that Pub '0 is a first data public key, Pub '1 is a second data public key, Pub ' B is an initiator public key, Prv ' A is a responder private key, Pub ' A is a responder public key, ^ is a power operator on an elliptic curve, a subtracter on the elliptic curve, x is a multiplication algorithm on the elliptic curve, G is a base point of the elliptic curve, and Hash () can be a Hash function. And the Pub 'B-Pub' A is an auxiliary public key. It should be noted that, in the embodiment of the present disclosure, a determination manner of the second data public key is not specifically limited, that is, a determination manner of the auxiliary public key is not specifically limited. The first data public key and the second data public key are determined in different modes, so that the request initiator can only determine the first data private key or the second data private key, wherein the first data public key and the first data private key are mutually asymmetric key pairs, and the second data public key and the second data private key are mutually asymmetric key pairs.
In an alternative embodiment, the elliptic curve used in generating the query public key is the same as the elliptic curve used in generating the responder public key; and a first operator of the responder public key in the auxiliary public key and a second operator of the responder public key in the first data private key under the condition that the second data is selected to be used are opposite operators, so that the request initiator can decrypt one of the first data ciphertext and the second data ciphertext and cannot decrypt the other one of the first data ciphertext and the second data ciphertext.
Because the same elliptic curve is adopted in the generation process of the inquiry public key and the responder public key, PubB ^ Prv 'A = (g ^ b) ^ a = (g ^ a) ^ b = Pub' A ^ PrvB; wherein g is a base point position on the elliptic curve, b is an inquiry private key value of a request initiator, a is a responder private key value of a request responder, and a and b can be large integers; PubB is the query public key of the query request, and PrvB is the query private key of the query request.
In the case that the first operator is a subtracter on the elliptic curve, the second operator is an adder on the elliptic curve, that is, in the case that the difference between the initiator public key and the responder public key is used as the auxiliary public key, and in the case that the second data is selected to be used, the sum of the query public key and the responder public key may be used as the initiator public key. In addition, in the case where the first operator is an addition operator on the elliptic curve, the second operator is a subtraction operator on the elliptic curve, that is, in the case where the sum of the initiator public key and the responder public key is used as the auxiliary public key, and in the case where the second data is selected to be used, the difference between the inquiry public key and the responder public key may be used as the initiator public key. The first operator and the second operator are opposite operators, so that when the request initiator selects to use the first data, only the data to be used can be decrypted, but the other data cannot be decrypted, the leakage of the other data can be avoided, and the data processing safety of the block chain is improved.
Specifically, taking the first operator as a subtracter and the second operator as an adder as an example, when the first data is selected to be used, Pub' B = PubB; the first data public key and the second data public key are respectively obtained through the following formulas:
Pub'0=Hash(Pub'B^Prv'A)×G=Hash(PubB^Prv'A)×G;
Pub'1=Hash[(Pub'B-Pub'A)^Prv'A]×G =Hash[(PubB-Pub'A)^Prv'A] ×G;
since PubB ^ Prv 'a = Pub' a ^ PrvB, there is the following relationship:
Pub'0= Hash(Pub'A ^ PrvB) ×G,Prv'0= Hash(Pub'A ^ PrvB);
Pub'1= Hash(Pub'A ^ PrvB- Pub'A^Prv'A)×G,
Prv'1= Hash(Pub'A ^ PrvB- Pub'A^Prv'A);
wherein, Prv '0 is the first data private key, and Prv'1 is the second data private key. Under the condition that the first data is selected to be used, the request initiator can determine the first data private key by adopting the inquiry private key and the responder public key so as to decrypt the first data ciphertext, and the second data private key cannot be determined due to the lack of the responder private key so as to decrypt the second data ciphertext.
Also taking the first operator as a subtracter and the second operator as an adder as an example, in the case of selecting to use the second data, Pub 'B = PubB + Pub' a; the first data public key and the second data public key are respectively obtained through the following formulas:
Pub'0 = Hash[(PubB+Pub'A)^Prv'A] ×G;
Pub'1=Hash[PubB+Pub'A-Pub'A)^Prv'A]×G=Hash(PubB^Prv'A)×G;
as PubB ^ Prv 'a = Pub' a ^ PrvB; has the following relationship:
Pub'0= Hash(Pub'A ^ PrvB+Pub'A^Prv'A) ×G,
Prv'0=Hash(Pub'A^PrvB+Pub'A^Prv'A);
Pub'1= Hash(Pub'A ^ PrvB)×G,Prv'1= Hash(Pub'A ^ PrvB;
under the condition that the second data is selected to be used, the request initiator can determine the second data private key by adopting the inquiry private key and the responder public key so as to decrypt the second data ciphertext, and the first data private key cannot be determined due to the lack of the responder private key so as to decrypt the first data ciphertext.
According to the technical scheme of the embodiment of the disclosure, different public keys of the initiator are determined under the condition that different data are selected to be used, so that one of the two data in the encrypted text can be decrypted, and the other data cannot be decrypted, thereby not only avoiding the data use requirement of the request initiator from being revealed to the request responder, but also avoiding the other data in the block chain from being revealed to the request initiator, and further improving the safety of the data of the block chain.
Fig. 3 is a schematic diagram of a block chain-based query method according to an embodiment of the present disclosure, which is applicable to a case where a request initiator uses a block chain of a request responder to perform data query. The method can be executed by a block chain-based query device, which can be implemented in hardware and/or software and can be configured in an electronic device of a request responder. Referring to fig. 3, the method specifically includes the following steps:
s310, acquiring a query request comprising first data query information, second data query information and an initiator public key of a request initiator from the request initiator;
s320, respectively determining a first data ciphertext and a second data ciphertext according to the first data query information, the second data query information, the initiator public key and the responder private key based on the block chain;
s330, sending the first data ciphertext and the second data ciphertext to the request initiator, wherein the first data ciphertext and the second data ciphertext are used for instructing the request initiator to decrypt one of the first data ciphertext and the second data ciphertext.
The request responder may be a full quantum node in the blockchain network, and stores blockchain data. The first data query information is used to query the first data from the block chain, and the second data query information is used to query the second data from the block chain. In the case where the request originator needs to use the first data, the originator public key of the request originator is different from that in the case where the request originator needs to use the second data.
Specifically, in response to a query request of a request initiator, first data and second data are respectively obtained by querying from a block chain according to first data query information and second data query information, and a first data ciphertext and a second data ciphertext are obtained by respectively encrypting the first data and the second data by adopting an initiator public key and a responder private key; and the first data ciphertext and the second data ciphertext are sent to the request initiator, so that the request initiator can decrypt the required one of the first data ciphertext and the second data ciphertext.
Because the initiator public key is different under the condition that the first data is selected to be used and the second data is selected to be used, the encryption key of the first data and the encryption key of the second data determined according to the initiator public key are different under the two conditions, so that the request initiator can decrypt the data ciphertext selected to be used, the data query request of the request initiator can be met, and the data use requirement of the request initiator cannot be obtained by querying two data from the block chain under the condition that the request initiator needs to use one data, thereby avoiding the data use requirement of the request initiator from being leaked, and improving the query request security of the request initiator.
According to the technical scheme of the embodiment of the disclosure, under the condition that a request initiator needs to use first data or second data, the first data and the second data are inquired from a block chain, and a first data ciphertext and a second data ciphertext are fed back to the request initiator, so that the data use requirement of the request initiator is met; in addition, the data use requirement of the request initiator cannot be obtained, so that the data use requirement of the request initiator can be prevented from being leaked, and the query request security of the request initiator is improved.
Fig. 4 is a schematic flowchart of another block chain-based query method provided in an embodiment of the present disclosure. The present embodiment is an alternative proposed on the basis of the above-described embodiments. Referring to fig. 4, the query method based on the blockchain provided in this embodiment includes:
s410, acquiring a query request comprising first data query information, second data query information and an initiator public key of a request initiator from the request initiator;
s420, inquiring first data and second data from the block chain respectively according to the first data inquiry information and the second data inquiry information;
s430, determining a first data public key according to the initiator public key and the responder private key;
s440, determining an auxiliary public key according to the initiator public key and the responder public key, and determining a second data public key according to the auxiliary public key and the responder private key;
s450, encrypting the first data by adopting the first data public key to obtain the first data ciphertext, and encrypting the second data by adopting the second data public key to obtain the second data ciphertext.
S460, sending the first data ciphertext and the second data ciphertext to the request initiator, so as to instruct the request initiator to decrypt one of the first data ciphertext and the second data ciphertext.
In the embodiment of the present disclosure, the first data public key and the second data public key are determined in different manners. Specifically, the first data public key and the second data public key may be respectively determined by the following formulas:
Pub'0=Hash(Pub'B^Prv'A)×G,Pub'1=Hash[(Pub'B-Pub'A)^Prv'A]×G;
the method comprises the following steps that Pub '0 is a first data public key, Pub '1 is a second data public key, Pub ' B is an initiator public key, Prv ' A is a responder private key, Pub ' A is a responder public key, ^ is a power operator on an elliptic curve, a subtracter on the elliptic curve, x is a multiplication algorithm on the elliptic curve, G is a base point of the elliptic curve, and Hash () can be a Hash function. And the Pub 'B-Pub' A is an auxiliary public key. The first data public key and the second data public key are determined in different modes, so that the request initiator can only determine the first data private key or the second data private key but cannot simultaneously determine the first data private key and the second data private key, namely cannot simultaneously use two data.
In an optional embodiment, the initiator public key of the request initiator is generated by: under the condition that the request initiator selects to use the first data, taking a query public key generated for the query request as an initiator public key of the request initiator; and under the condition that the request initiator selects to use the second data, determining the initiator public key of the request initiator according to the inquiry public key and the responder public key of the request responder.
Specifically, the request initiator further generates a query public key and a query private key for the query request. In case that the request initiator chooses to use the first data, the initiator public key may be the query public key itself; in the case where the second data is selected for use, the initiator public key may be determined from the query public key and the responder public key of the request responder such that in the case where the first data and the second data are selected for use, the initiator public key is different and different encryption keys for data encryption are determined from the different initiator public keys.
The request responder also encrypts data by adopting different encryption keys through different initiator public keys. It should be noted that, the query public key and the query private key may be disposable, so as to avoid the disclosure of the query public key and the query private key, which may result in the disclosure of data use requirements.
In an alternative embodiment, the elliptic curve used in generating the query public key is the same as the elliptic curve used in generating the responder public key; and a first operator of the responder public key in the auxiliary public key is opposite to a second operator of the responder public key in the first data private key when the second data is selected to be used. And the first operator and the second operator are opposite operators, so that the request initiator can decrypt one of the first data ciphertext and the second data ciphertext and cannot decrypt the other one of the first data ciphertext and the second data ciphertext.
According to the technical scheme of the embodiment of the disclosure, the request initiator acquires the first data ciphertext and the second data ciphertext from the request responder, and only one of the data can be decrypted, so that the data use requirement of the request initiator can be prevented from being leaked to the request responder, and the security of the data used by the request responder is improved; and another part of data in the block chain can be prevented from being leaked to the request initiator, so that the safety of the block chain data is improved.
The embodiment provides a specific scheme on the basis of the above embodiment. Fig. 5 is a schematic diagram of an interaction between a request initiator and a request responder according to an embodiment of the present disclosure.
Referring to fig. 5, the request originator and the request responder use the same elliptic curve in the disclosed embodiment. The request initiator is a lightweight node, and the request responder is a full-scale node.
The request responder generates a responder public key and a responder private key and sends the responder public key to the request initiator; the method comprises the steps that a request initiator determines first data query information and second data query information under the condition that data use requirements exist, generates a query public key and a query private key for a query request, and determines a requester public key according to the query public key; and sending a query request including the first data query information, the second data query information, and the initiator public key to the request responder.
Taking the inquiry public key as an initiator public key under the condition that the request initiator needs to use the first data, namely Pub' B = PubB; under the condition that a request initiator needs to use second data, taking the sum of the inquiry public key and the responder public key as an initiator public key, namely Pub 'B = PubB + Pub' A; the public key of the inquiry public key, the public key of the requester and the public key of the responder are respectively PubB, Pub 'B and Pub' A, and the + is an adder of an elliptic curve.
The request responder queries first data and second data from the block chain respectively according to the first data query information and the second data query information; the first data public key and the second data public key are respectively determined by:
Pub'0=HP(Pub'B^Prv'A),Pub'1=HP((Pub'B-Pub'A)^Prv'A);
the public key of one elliptic curve can be converted into the public key of the other elliptic curve by the aid of the method, wherein Pub '0 and Pub'1 are a first data public key and a second data public key respectively, and HP (= Hash (). times.G; hash () is the Hash function, G is the base point of the elliptic curve, Prv 'A is the responder's private key for the requesting responder, and x, -and ^ are the multiplier, subtractor and power operator of the elliptic curve, respectively.
Since the request initiator and the request responder use the same elliptic curve, the following relationship is specified: PubB ^ Prv 'a = Pub' a ^ PrvB, where PrvB is the query private key.
In the case where the requesting initiator chooses to use the first data, Pub '0= HP (PubB ^ Prv' a), Pub '1= HP (PubB-Pub' a) ^ Prv 'a) since Pub' B = PubB;
in combination with PubB ^ Prv 'A = Pub' A ^ PrvB,
Pub'0=HP(Pub'A^PrvB),Prv'0=Hash(Pub'A^PrvB),
Pub'1=HP(Pub'A^PrvB-Pub'A^Prv'A),
Prv'1= Hash (Pub'A^PrvB-Pub'A^Prv'A);
wherein, Prv '0 and Prv'1 are the first data private key and the second data private key, respectively.
The request responder encrypts the first data by using the first data public key to obtain a first data ciphertext, namely s0= Enc (M (0), Pub '0), s1= Enc (M (1), Pub' 1);
where M (0) and M (1) represent first data and second data, respectively, s0 and s1 represent first data ciphertext and second data ciphertext, respectively, and Enc () refers to an encryption algorithm.
Since the responder public key and the query private key are known to the request initiator, the request initiator can determine the first data private key, and cannot determine the second data private key because the responder private key is unknown. That is to say, the request initiator can only decrypt the first data ciphertext to obtain the first data, that is, M (0) = Dec (s0, Prv'0), where Dec () refers to a decryption algorithm; however, the second data ciphertext cannot be decrypted, i.e., the second data cannot be obtained.
In the case where the requesting initiator chooses to use the second data, Pub '0= HP (PubB + Pub ' a) ^ Prv ' a), Pub '1= HP (PubB ^ Prv ' a) since Pub ' B = PubB + Pub ' a;
in combination with PubB ^ Prv 'A = Pub' A ^ PrvB,
Pub'0=HP(Pub'A^PrvB+Pub'A^Prv'A),
Prv'0= Hash (Pub'A^PrvB+Pub'A^Prv'A);
Pub'1=HP(Pub'A^PrvB),Prv'1=Hash(Pub'A^PrvB);
the request responder encrypts the first data by using the first data public key to obtain a first data ciphertext, namely s0= Enc (M (0), Pub '0), s1= Enc (M (1), Pub' 1);
where M (0) and M (1) represent first data and second data, respectively, s0 and s1 represent first data ciphertext and second data ciphertext, respectively, and Enc () refers to an encryption algorithm.
Since the responder public key and the query private key are known to the request initiator, the request initiator can determine the second data private key, and cannot determine the first data private key because the responder private key is unknown. That is to say, the request initiator can only decrypt the second data ciphertext to obtain the second data, i.e. M (1) = Dec (s1, Prv'1), where Dec () refers to a decryption algorithm; however, the first data ciphertext cannot be decrypted, i.e., the first data cannot be obtained.
According to the technical scheme of the embodiment of the disclosure, the data use requirement of the request initiator can be prevented from being leaked to the request responder, and the safety of the data used by the request responder is improved; the security of the blockchain data can also be improved.
Fig. 6 is a schematic diagram of an inquiry apparatus based on a blockchain according to an embodiment of the present disclosure, where this embodiment is applicable to a case where a request initiator uses a blockchain of a request responder to perform a data inquiry, and the apparatus is configured in an electronic device of the request initiator, so that the method for querying based on a blockchain according to any embodiment of the present disclosure can be implemented. The block chain-based query apparatus 600 specifically includes the following:
a query request determining module 601, configured to determine first data query information and second data query information, and determine an initiator public key of a request initiator;
a query request sending module 602, configured to send a query request including the first data query information, the second data query information, and the initiator public key to a request responder, and instruct the request responder to perform: respectively determining a first data ciphertext and a second data ciphertext according to the first data query information, the second data query information, the initiator public key and the responder private key based on the block chain;
a data decryption module 603, configured to obtain the first data ciphertext and the second data ciphertext from the request responder, and decrypt one of the first data ciphertext and the second data ciphertext.
In an alternative embodiment, the query request determining module 601 includes:
a first initiator public key unit, configured to, in a case where the first data is selected for use, use a query public key generated for the query request as an initiator public key of the request initiator;
and the second initiator public key unit is used for determining the initiator public key of the request initiator according to the inquiry public key and the responder public key of the request responder under the condition that the second data is selected to be used.
In an alternative embodiment, the first data ciphertext and the second data ciphertext are generated by:
inquiring first data and second data from the block chain according to the first data inquiry information and the second data inquiry information respectively;
determining a first data public key according to the initiator public key and the responder private key;
determining an auxiliary public key according to the initiator public key and the responder public key, and determining a second data public key according to the auxiliary public key and the responder private key;
and encrypting the first data by adopting the first data public key to obtain the first data ciphertext, and encrypting the second data by adopting the second data public key to obtain the second data ciphertext.
In an alternative embodiment, the elliptic curve used in generating the query public key is the same as the elliptic curve used in generating the responder public key; and the number of the first and second electrodes,
the first operator of the responder public key in the auxiliary public key is the opposite operator to the second operator of the responder public key in the first data private key if the second data is selected for use.
In an optional implementation, the data decryption module 603 includes:
the first data decryption unit is used for determining a first data private key according to a public key of a responder and a query private key generated for the query request under the condition that first data is selected to be used, and decrypting the first data ciphertext by adopting the first data private key;
and the second data decryption unit is used for determining a second data private key according to the responder public key and the query private key under the condition that the second data is selected to be used, and decrypting the second data ciphertext by adopting the second data private key.
According to the technical scheme of the embodiment of the disclosure, not only can the data use requirement of the request initiator be prevented from being revealed to the request responder, but also the data which is not required to be used by the request initiator in the block chain can be prevented from being revealed to the request initiator, namely, the data use requirement of the request initiator and the safety of the data in the block chain can be both considered.
Fig. 7 is a schematic diagram of an inquiry apparatus based on a block chain according to an embodiment of the present disclosure, where this embodiment is applicable to a case where a request initiator uses a block chain of a request responder to perform a data inquiry, and the apparatus is configured in an electronic device of the request responder, so that the block chain-based inquiry method according to any embodiment of the present disclosure can be implemented. The block chain-based query apparatus 700 specifically includes the following:
a query request obtaining module 701, configured to obtain, from a request initiator, a query request including first data query information, second data query information, and an initiator public key of the request initiator;
a data ciphertext determining module 702, configured to determine, based on the block chain, a first data ciphertext and a second data ciphertext according to the first data query information, the second data query information, the initiator public key, and the responder private key, respectively;
a data cipher text sending module 703 is configured to send the first data cipher text and the second data cipher text to the request initiator, and to instruct the request initiator to decrypt one of the first data cipher text and the second data cipher text.
In an optional embodiment, the initiator public key of the request initiator is generated by:
under the condition that the request initiator selects to use the first data, taking a query public key generated for the query request as an initiator public key of the request initiator;
and under the condition that the request initiator selects to use the second data, determining the initiator public key of the request initiator according to the inquiry public key and the responder public key of the request responder.
In an optional implementation, the data ciphertext determining module 702 includes:
a block chain query unit, configured to query first data and second data from the block chain according to the first data query information and the second data query information, respectively;
the first data public key unit is used for determining a first data public key according to the initiator public key and the responder private key;
the second data public key unit is used for determining an auxiliary public key according to the initiator public key and the responder public key and determining a second data public key according to the auxiliary public key and the responder private key;
and the data ciphertext determining unit is used for encrypting the first data by adopting the first data public key to obtain the first data ciphertext and encrypting the second data by adopting the second data public key to obtain the second data ciphertext.
In an alternative embodiment, the elliptic curve used in generating the query public key is the same as the elliptic curve used in generating the responder public key; and the number of the first and second electrodes,
the first operator of the responder public key in the auxiliary public key is the opposite operator to the second operator of the responder public key in the first data private key if the second data is selected for use.
According to the technical scheme of the embodiment of the disclosure, not only can the data use requirement of the request initiator be prevented from being revealed to the request responder, but also the data which is not required to be used by the request initiator in the block chain can be prevented from being revealed to the request initiator, namely, the data use requirement of the request initiator and the safety of the data in the block chain can be both considered.
The present disclosure also provides an electronic device, a readable storage medium, and a computer program product according to embodiments of the present disclosure.
FIG. 8 illustrates a schematic block diagram of an example electronic device 800 that can be used to implement embodiments of the present disclosure. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular phones, smart phones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be examples only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
As shown in fig. 8, the apparatus 800 includes a computing unit 801 that can perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM) 802 or a computer program loaded from a storage unit 808 into a Random Access Memory (RAM) 803. In the RAM 803, various programs and data required for the operation of the device 800 can also be stored. The calculation unit 801, the ROM 802, and the RAM 803 are connected to each other by a bus 804. An input/output (I/O) interface 805 is also connected to bus 804.
A number of components in the device 800 are connected to the I/O interface 805, including: an input unit 806, such as a keyboard, a mouse, or the like; an output unit 807 such as various types of displays, speakers, and the like; a storage unit 808, such as a magnetic disk, optical disk, or the like; and a communication unit 809 such as a network card, modem, wireless communication transceiver, etc. The communication unit 809 allows the device 800 to exchange information/data with other devices via a computer network such as the internet and/or various telecommunication networks.
Computing unit 801 may be a variety of general and/or special purpose processing components with processing and computing capabilities. Some examples of the computing unit 801 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various dedicated Artificial Intelligence (AI) computing chips, various computing units that perform machine learning model algorithms, a digital information processor (DSP), and any suitable processor, controller, microcontroller, and the like. The calculation unit 801 performs the respective methods and processes described above, such as a block chain-based query method. For example, in some embodiments, the blockchain-based query method may be implemented as a computer software program tangibly embodied in a machine-readable medium, such as storage unit 808. In some embodiments, part or all of the computer program can be loaded and/or installed onto device 800 via ROM 802 and/or communications unit 809. When loaded into RAM 803 and executed by computing unit 801, a computer program may perform one or more steps of the blockchain based query method described above. Alternatively, in other embodiments, the computing unit 801 may be configured to perform the blockchain-based query method by any other suitable means (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, Field Programmable Gate Arrays (FPGAs), Application Specific Integrated Circuits (ASICs), Application Specific Standard Products (ASSPs), system on a chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs that are executable and/or interpretable on a programmable system including at least one programmable processor, which may be special or general purpose, receiving data and instructions from, and transmitting data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for implementing the methods of the present disclosure may be written in any combination of one or more programming languages. These program codes may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the program codes, when executed by the processor or controller, cause the functions/operations specified in the flowchart and/or block diagram to be performed. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user can be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic, speech, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a back-end component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such back-end, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), Wide Area Networks (WANs), blockchain networks, and the internet.
The computer system may include clients and servers. A client and server are generally remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs executing on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical host and VPS service are overcome.
It should be understood that various forms of the flows shown above may be used, with steps reordered, added, or deleted. For example, the steps described in the present disclosure may be executed in parallel, sequentially, or in different orders, and are not limited herein as long as the information desired by the technical solution disclosed in the present disclosure can be realized.
The above detailed description should not be construed as limiting the scope of the disclosure. It should be understood by those skilled in the art that various modifications, combinations, sub-combinations and substitutions may be made in accordance with design requirements and other factors. Any modification, equivalent replacement, and improvement made within the spirit and principle of the present disclosure should be included in the scope of protection of the present disclosure.

Claims (20)

1. The block chain-based query method comprises the following steps:
determining first data query information and second data query information, and determining an initiator public key of a request initiator;
sending a query request including the first data query information, the second data query information and the initiator public key to a request responder, for instructing the request responder to perform: respectively determining a first data ciphertext and a second data ciphertext according to the first data query information, the second data query information, the initiator public key and the responder private key based on the block chain;
and acquiring the first data ciphertext and the second data ciphertext from the request responder, and decrypting one of the first data ciphertext and the second data ciphertext.
2. The method of claim 1, wherein determining an initiator public key of a requesting initiator comprises:
taking a query public key generated for the query request as an initiator public key of the request initiator under the condition that the first data is selected to be used;
and under the condition that the second data is selected to be used, determining an initiator public key of the request initiator according to the inquiry public key and a responder public key of the request responder.
3. The method of claim 2, wherein the first data cipher text and the second data cipher text are generated by:
inquiring first data and second data from the block chain according to the first data inquiry information and the second data inquiry information respectively;
determining a first data public key according to the initiator public key and the responder private key;
determining an auxiliary public key according to the initiator public key and the responder public key, and determining a second data public key according to the auxiliary public key and the responder private key;
and encrypting the first data by adopting the first data public key to obtain the first data ciphertext, and encrypting the second data by adopting the second data public key to obtain the second data ciphertext.
4. The method of claim 3, wherein the elliptic curve employed in generating the query public key is the same as the elliptic curve employed in generating the responder public key; and the number of the first and second electrodes,
the first operator of the responder public key in the auxiliary public key is the opposite operator to the second operator of the responder public key in the first data private key if the second data is selected for use.
5. The method of claim 2, wherein said decrypting one of the first data cipher text and the second data cipher text comprises:
under the condition that the first data is selected to be used, determining a first data private key according to a public key of a responder and a query private key generated for the query request, and decrypting the first data ciphertext by adopting the first data private key;
and under the condition that the second data is selected to be used, determining a second data private key according to the responder public key and the inquiry private key, and decrypting the second data ciphertext by adopting the second data private key.
6. The block chain-based query method comprises the following steps:
acquiring a query request comprising first data query information, second data query information and an initiator public key of a request initiator from the request initiator;
respectively determining a first data ciphertext and a second data ciphertext according to the first data query information, the second data query information, the initiator public key and the responder private key based on the block chain;
and sending the first data ciphertext and the second data ciphertext to the request initiator, so as to instruct the request initiator to decrypt one of the first data ciphertext and the second data ciphertext.
7. The method of claim 6, wherein the initiator public key of the request initiator is generated by:
taking a query public key generated for the query request as an initiator public key of the request initiator under the condition that the request initiator selects to use the first data;
and under the condition that the request initiator selects to use the second data, determining the initiator public key of the request initiator according to the inquiry public key and the responder public key of the request responder.
8. The method of claim 7, wherein the determining, based on the blockchain, a first data cipher text and a second data cipher text from the first data query information, the second data query information, the initiator public key, and a responder private key, respectively, comprises:
inquiring first data and second data from the block chain according to the first data inquiry information and the second data inquiry information respectively;
determining a first data public key according to the initiator public key and the responder private key;
determining an auxiliary public key according to the initiator public key and the responder public key, and determining a second data public key according to the auxiliary public key and the responder private key;
and encrypting the first data by adopting the first data public key to obtain the first data ciphertext, and encrypting the second data by adopting the second data public key to obtain the second data ciphertext.
9. The method of claim 8, wherein the elliptic curve employed in generating the query public key is the same as the elliptic curve employed in generating the responder public key; and the number of the first and second electrodes,
the first operator of the responder public key in the auxiliary public key is the opposite operator to the second operator of the responder public key in the first data private key if the second data is selected for use.
10. The block chain-based query device comprises:
the query request determining module is used for determining the first data query information and the second data query information and determining an initiator public key of a request initiator;
a query request sending module, configured to send a query request including the first data query information, the second data query information, and the initiator public key to a request responder, and instruct the request responder to perform: respectively determining a first data ciphertext and a second data ciphertext according to the first data query information, the second data query information, the initiator public key and the responder private key based on the block chain;
and the data decryption module is used for acquiring the first data ciphertext and the second data ciphertext from the request responder and decrypting one of the first data ciphertext and the second data ciphertext.
11. The apparatus of claim 10, wherein the query request determination module comprises:
a first initiator public key unit, configured to, in a case where the first data is selected for use, use a query public key generated for the query request as an initiator public key of the request initiator;
and the second initiator public key unit is used for determining the initiator public key of the request initiator according to the inquiry public key and the responder public key of the request responder under the condition that the second data is selected to be used.
12. The apparatus of claim 11, wherein the first data cipher text and the second data cipher text are generated by:
inquiring first data and second data from the block chain according to the first data inquiry information and the second data inquiry information respectively;
determining a first data public key according to the initiator public key and the responder private key;
determining an auxiliary public key according to the initiator public key and the responder public key, and determining a second data public key according to the auxiliary public key and the responder private key;
and encrypting the first data by adopting the first data public key to obtain the first data ciphertext, and encrypting the second data by adopting the second data public key to obtain the second data ciphertext.
13. The apparatus of claim 12, wherein an elliptic curve employed in generating the query public key is the same as an elliptic curve employed in generating the responder public key; and the number of the first and second electrodes,
the first operator of the responder public key in the auxiliary public key is the opposite operator to the second operator of the responder public key in the first data private key if the second data is selected for use.
14. The apparatus of claim 11, wherein the data decryption module comprises:
the first data decryption unit is used for determining a first data private key according to a public key of a responder and a query private key generated for the query request under the condition that first data is selected to be used, and decrypting the first data ciphertext by adopting the first data private key;
and the second data decryption unit is used for determining a second data private key according to the responder public key and the query private key under the condition that the second data is selected to be used, and decrypting the second data ciphertext by adopting the second data private key.
15. The block chain-based query device comprises:
the query request acquisition module is used for acquiring a query request comprising first data query information, second data query information and an initiator public key of a request initiator from the request initiator;
the data ciphertext determining module is used for determining a first data ciphertext and a second data ciphertext respectively according to the first data query information, the second data query information, the initiator public key and the responder private key based on the block chain;
and the data ciphertext sending module is used for sending the first data ciphertext and the second data ciphertext to the request initiator, and is used for indicating the request initiator to decrypt one of the first data ciphertext and the second data ciphertext.
16. The apparatus of claim 15, wherein the initiator public key of the request initiator is generated by:
taking a query public key generated for the query request as an initiator public key of the request initiator under the condition that the request initiator selects to use the first data;
and under the condition that the request initiator selects to use the second data, determining the initiator public key of the request initiator according to the inquiry public key and the responder public key of the request responder.
17. The apparatus of claim 16, wherein the data cipher text determination module comprises:
a block chain query unit, configured to query first data and second data from the block chain according to the first data query information and the second data query information, respectively;
the first data public key unit is used for determining a first data public key according to the initiator public key and the responder private key;
the second data public key unit is used for determining an auxiliary public key according to the initiator public key and the responder public key and determining a second data public key according to the auxiliary public key and the responder private key;
and the data ciphertext determining unit is used for encrypting the first data by adopting the first data public key to obtain the first data ciphertext and encrypting the second data by adopting the second data public key to obtain the second data ciphertext.
18. The apparatus of claim 17, wherein an elliptic curve employed in generating the query public key is the same as an elliptic curve employed in generating the responder public key; and the number of the first and second electrodes,
the first operator of the responder public key in the auxiliary public key is the opposite operator to the second operator of the responder public key in the first data private key if the second data is selected for use.
19. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein the content of the first and second substances,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-9.
20. A non-transitory computer readable storage medium having stored thereon computer instructions for causing a computer to perform the method of any one of claims 1-9.
CN202110392181.7A 2021-04-13 2021-04-13 Query method, device, equipment and storage medium based on block chain Active CN112995205B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110392181.7A CN112995205B (en) 2021-04-13 2021-04-13 Query method, device, equipment and storage medium based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110392181.7A CN112995205B (en) 2021-04-13 2021-04-13 Query method, device, equipment and storage medium based on block chain

Publications (2)

Publication Number Publication Date
CN112995205A true CN112995205A (en) 2021-06-18
CN112995205B CN112995205B (en) 2021-08-20

Family

ID=76338037

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110392181.7A Active CN112995205B (en) 2021-04-13 2021-04-13 Query method, device, equipment and storage medium based on block chain

Country Status (1)

Country Link
CN (1) CN112995205B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106357839A (en) * 2016-09-28 2017-01-25 中国互联网络信息中心 DNS (domain name server) query method and device
CN108563788A (en) * 2018-04-27 2018-09-21 腾讯科技(深圳)有限公司 Data query method, apparatus, server and storage medium based on block chain
CN110070926A (en) * 2019-03-21 2019-07-30 深圳壹账通智能科技有限公司 Data query method, apparatus, equipment and readable storage medium storing program for executing based on block chain
EP3547198A1 (en) * 2016-11-24 2019-10-02 Alibaba Group Holding Limited Data access method, system and apparatus
CN110535659A (en) * 2019-09-03 2019-12-03 北京海益同展信息科技有限公司 Method and apparatus for handling request of data
US20200213331A1 (en) * 2018-12-27 2020-07-02 Silver Rocket Data Technology (Shanghai) Co., Ltd Data service system
CN111475849A (en) * 2019-11-08 2020-07-31 支付宝(杭州)信息技术有限公司 Private data query method and device based on block chain account

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106357839A (en) * 2016-09-28 2017-01-25 中国互联网络信息中心 DNS (domain name server) query method and device
EP3547198A1 (en) * 2016-11-24 2019-10-02 Alibaba Group Holding Limited Data access method, system and apparatus
CN108563788A (en) * 2018-04-27 2018-09-21 腾讯科技(深圳)有限公司 Data query method, apparatus, server and storage medium based on block chain
US20200213331A1 (en) * 2018-12-27 2020-07-02 Silver Rocket Data Technology (Shanghai) Co., Ltd Data service system
CN110070926A (en) * 2019-03-21 2019-07-30 深圳壹账通智能科技有限公司 Data query method, apparatus, equipment and readable storage medium storing program for executing based on block chain
CN110535659A (en) * 2019-09-03 2019-12-03 北京海益同展信息科技有限公司 Method and apparatus for handling request of data
CN111475849A (en) * 2019-11-08 2020-07-31 支付宝(杭州)信息技术有限公司 Private data query method and device based on block chain account

Also Published As

Publication number Publication date
CN112995205B (en) 2021-08-20

Similar Documents

Publication Publication Date Title
EP3916604B1 (en) Method and apparatus for processing privacy data of block chain, device, storage medium and computer program product
Liu et al. Efficient and privacy-preserving outsourced calculation of rational numbers
US10601585B1 (en) Methods and apparatus for blockchain encryption
US11784801B2 (en) Key management method and related device
CN111131317B (en) Data processing method, device, equipment and medium based on block chain
CN112019541B (en) Data transmission method and device, computer equipment and storage medium
US20180302220A1 (en) User attribute matching method and terminal
CN111586142A (en) Safe multi-party computing method and system
Dong et al. Fog computing: Comprehensive approach for security data theft attack using elliptic curve cryptography and decoy technology
CN115801220A (en) Acceleration apparatus, computing system, and acceleration method
CN113794706B (en) Data processing method and device, electronic equipment and readable storage medium
CN113422832B (en) File transmission method, device, equipment and storage medium
CN112261015B (en) Information sharing method, platform, system and electronic equipment based on block chain
CN111400743B (en) Transaction processing method, device, electronic equipment and medium based on blockchain network
CN112995205B (en) Query method, device, equipment and storage medium based on block chain
CN110545320A (en) Intranet data interaction method and equipment
CN113806795B (en) Two-party privacy set union calculation method and device
CN115858914A (en) Method, device and system for inquiring hiding trace, terminal equipment and storage medium
CN113806760B (en) Method, device, electronic equipment and storage medium for acquiring correlation coefficient between features
CN116108496B (en) Method, device, equipment and storage medium for inquiring trace
Prakash et al. Secure access of multiple keywords over encrypted data in cloud environment using ECC-PKI and ECC ElGamal
CN115580489B (en) Data transmission method, device, equipment and storage medium
CN112131596B (en) Encryption and decryption method, equipment and storage medium
CN117828191A (en) Resource pushing method and device, electronic equipment and storage medium
CN112615712A (en) Data processing method, related device and computer program product

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant