CN113312640A - Software data integrity multi-party consensus method based on trusted computing - Google Patents

Software data integrity multi-party consensus method based on trusted computing Download PDF

Info

Publication number
CN113312640A
CN113312640A CN202110599061.4A CN202110599061A CN113312640A CN 113312640 A CN113312640 A CN 113312640A CN 202110599061 A CN202110599061 A CN 202110599061A CN 113312640 A CN113312640 A CN 113312640A
Authority
CN
China
Prior art keywords
data
software
trusted
software data
block
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110599061.4A
Other languages
Chinese (zh)
Other versions
CN113312640B (en
Inventor
王劲松
魏佳佳
张洪玮
林胜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tianjin University of Technology
Original Assignee
Tianjin University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianjin University of Technology filed Critical Tianjin University of Technology
Priority to CN202110599061.4A priority Critical patent/CN113312640B/en
Publication of CN113312640A publication Critical patent/CN113312640A/en
Application granted granted Critical
Publication of CN113312640B publication Critical patent/CN113312640B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Computing Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Storage Device Security (AREA)

Abstract

A software data integrity multi-party consensus method based on trusted computing is disclosed. The method comprises the steps that a software data provider calculates and stores a software trusted identifier and uploads an intelligent contract set; the software data provider performs trusted calculation on the software data in the trusted execution environment module; the software data provider achieves multi-party consensus and links up the trusted computing result; and the software data requiring party carries out integrity verification on the software data and the like. The invention has the following effects: and constructing a distributed file system for storing the software data and uniformly managing the software integrity check information, so that a user can accurately judge whether the software data is tampered. And optimizing the software data integrity verification process by utilizing the consensus and excitation mechanism of the block chain, and ensuring the reliability and the availability of the whole software data integrity verification process. By utilizing the trusted computing optimization block chain multi-party consensus process, the user can efficiently obtain the software trusted identifier computing result under the condition of more bandwidth saving, thereby completing multi-party consensus.

Description

Software data integrity multi-party consensus method based on trusted computing
Technical Field
The invention belongs to the technical field of block chains and trusted computing, and particularly relates to a software data integrity multi-party consensus method based on trusted computing.
Background
With the rapid development of big data technology, people have more and more requirements on software, but in some cases, the software has the problems of missing and damage in the process of storage or transmission, and at this time, it is difficult for users to determine whether the obtained data has integrity. In the face of such problems, the appearance of the software integrity verification method provides powerful guarantee for people to verify the integrity of software data. The integrity of the software data is a precondition for reliable use of the software, so the integrity check of the software data is very important.
Conventional software integrity checks are typically terminal-based software integrity checking methods. In the method, the user needs to calculate each check, so a great amount of different check information is generated, and the waste of resources is caused. Since there is no mechanism for uniformly managing the verification information, it is difficult for the user to determine which is the software that has not been tampered with and which is the software that has been tampered with. In addition, the verification result of the conventional software integrity verification method is easy to be tampered maliciously, so that a user cannot obtain a real verification result easily.
Disclosure of Invention
In order to solve the above problems, the present invention aims to provide a software data integrity multi-party consensus method based on trusted computing.
In order to achieve the above purpose, the present invention provides a trusted computing based software data integrity multi-party consensus method, which comprises the following steps in sequence:
1) creating a distributed file management system; software data provider datan,fferData of softwarei,softUploading to a distributed file management system, and calculating software datai,softCorresponding software trusted identifier SCIDnAnd storing the file into a distributed file management system; simultaneously, the intelligent contract set M is uploaded to a block chain, and the intelligent contractSet M contains four contracts: adding a software contract, computing an identifier contract, storing an identifier and verifying a trusted computing process contract and obtaining an identifier contract;
2) software data provider datan,offerInitiating a calling request, enabling the intelligent reduced set M on the block chain to call the trusted execution environment module Enclave, and checking the trusted state of the trusted execution environment module Enclave; the trusted execution environment module Enclave generates a trusted public and private key pair PKcredible,SKcredibleUsing a trusted public key PKcredibleFor the software data in the distributed file management systemi,softEncrypting by using trusted private key SKcredibleDecrypting and verifying the decrypted data to obtain the software trusted identifier SCID of the decrypted datam(ii) a After the verification is successful, performing trusted calculation, and calculating the result res of the trusted calculationiBroadcasting to the block chain; software data provider datan,offerObtaining a trusted computing result resiThen recording, and destroying the intelligent combination set M on the operation chain;
3) selecting a plurality of software data verifiers idf from block link pointsm(ii) a Software data verifier idfmVerifying the block B to be confirmed provided by the collectorjTrusted hardware information info ofmIf it is correct, trusted hardware information infomIncluding the trusted computing result resi(ii) a Block BjIs to verify the personal idf by software datamGenerated after the negotiation is consistent, wherein the software data provider information data is includedn,offerinfoSoftware datai,softSoftware ExplainsoftAddress of software in distributed file management systemsoftAnd trusted calculation result resi(ii) a If the information is correct, the software data verifies the person idfmThen collect block BjThe availability and validity voting is carried out to obtain the confirmed blocks until the multi-party consensus is achieved; then confirming the block BjAs candidate block BiThen the candidate block B is processediThe information and the export information are uploaded to a block chain; entry data, candidate areaBlock BiBoth the information of (2) and the export information include a trusted computing result resi
4) Software data demand party datan,demandAcquiring required software data through distributed file management systemi,softAnd calculates the corresponding software trusted identifier SUIDt(ii) a Then calling an intelligent contract set M to acquire data containing the software data on the block chaini,softCandidate block B ofiSoftware trusted identifier SUID in (1)mThen the software trusted identifier SUID is usedtAnd candidate block B on the block chainiSoftware trusted identifier SUID in (1)mComparing, if the two are the same, indicating that the software data is datai,softIs complete, otherwise the software data is provedi,softIs incomplete, thereby completing the software datai,softThe integrity of (2).
In step 1), the distributed file management system is created; software data provider datan,fferData of softwarei,softUploading to a distributed file management system, and calculating software datai,softCorresponding software trusted identifier SCIDnThe specific steps of storing the file into the distributed file management system are as follows:
101) creating a distributed file management system that will store software data provider datan,offerAnd the calculated trusted identifier SCID of the softwaren
102) Multiple software data providers datan,offerRespectively transmitting the respective software datai,softUploading to a distributed file management system, and providing data by each software data providern,offerRespectively utilizing secure hash algorithm 1 and domestic hash algorithm to calculate software datai,softCorresponding identifier SUIDi,1,SUIDi,2
SUIDi,1=SHA1(datai,soft);
SUIDi,2=SM3(datai,soft);
103) Two identifiers SUIDi,1,SUIDi,2Forming a new identifier by using SM3 algorithm and adding the first 6 bytes Chd as check bits at the tail end to obtain the SCID (trusted software identifier)n
SCIDn=SM3(SCIDi,1,SCIDi,2)+Chd;
104) Software trusted identifier SCIDnAnd storing the file into the distributed file management system.
In step 2), the software data provider datan,offerInitiating a calling request, enabling the intelligent reduced set M on the block chain to call the trusted execution environment module Enclave, and checking the trusted state of the trusted execution environment module Enclave; the trusted execution environment module Enclave generates a trusted public and private key pair PKcredible,SKcredibleUsing a trusted public key PKcredibleFor the software data in the distributed file management systemi,softEncrypting by using trusted private key SKcredibleDecrypting and verifying the decrypted data to obtain the software trusted identifier SCID of the decrypted datam(ii) a After the verification is successful, performing trusted calculation, and calculating the result res of the trusted calculationiBroadcasting to the block chain; software data provider datan,offerObtaining a trusted computing result resiAnd then recording, and specifically destroying the intelligent combination M on the operation chain according to the following steps:
201) software data provider datan,offerInitiating a request call to enable the intelligent reduced set M on the block chain to call the trusted execution environment module Enclave;
202) software data provider datan,offerApplication program code and software datai,softAll copied to the trusted execution environment module Enclave;
203) software data provider datan,offerLoading an Enclave of the trusted execution environment module into a memory;
204) software data provider datan,offerObtaining signature public key Spk from trusted execution environment module Enclave0Metric value EnclavevalueThereby obtaining an SECS structure: signature public key Spk0Metric value EnclavevalueSoftware unique identifier SUIDn
205) Software data provider datan,offerObtaining the public key Spk from the trusted execution environment module Enclave1Enclave attribute EnclaveaSigner identity SigiThus obtaining the EINITTOKEN structure: public key Spk1Enclave attribute EnclaveaSigner identity Sigi
206) Software data provider datan,offerChecking whether the EINITTOKEN structure allows execution of the trusted execution environment module Enclave, if so, using the public key Spk1Performing identity authentication;
207) software data provider datan,offerMatching MRENCLAVE in the SIGSTUCT structure with corresponding attribute values in the SECS structure and the EINITTOKEN structure, and if the matching is successful, indicating that the execution process of the trusted execution environment module Enclave is trusted;
208) software data provider datan,offerSending out software datai,softAfter the use request, performing trusted computing: TC (data)i,soft);
209) The trusted execution environment module Enclave generates a trusted public and private key pair PKcredible,SKcredibleAnd the credible public key PKcredibleData sent to software data providern,offerThen use the trusted public key PKcredibleFor software datai,softEncrypting to obtain encrypted Data encrypt _ Data0
Encryp_Data0=Encry(datai,soft,PKcredible);
210) Software data provider datan,offerUsing personal private key SKpObtaining signature encrypted data Message after signing the encrypted data0And uploading to the trusted execution environment module Enclave:
Message0=Sign(SKp,Encryp_Data0);
211) the trusted execution environment module Enclave receives the signed encrypted data Message0Then use block on-chain softPiece data provider datan,offerPublic key PKofferVerifying signatures and using trusted private key SKcredibleDecryption is carried out to obtain decrypted Data decrypt _ Data:
Decryp_Data=Decry(Message,PKoffer,SKcredible);
212) the software trusted identifier SCID of the decrypted Data DecrypdatamAnd software data provider datan,offerSoftware trusted identifier (SCID) on distributed file management systemnPerforming comparison calculation to obtain a comparison calculation result Is _ Avail:
Is_Avail=Integrity(SUIDn,SUIDm);
213) the trusted execution environment module Enclave uses the software data provider data with the comparison calculation result Is _ Availn,offerPersonal public key PKpEncrypted to obtain a trusted computing result resiThen the trusted computing result resiReturn software data provider datan,offerThen, destroying the intelligent reduced set M on the operation chain:
resi=Encry(Is_Avail,PKp);
214) if step 212) the software trusted identifier SCID of the decrypted Data DecrypDatamAnd software data provider datan,offerSoftware trusted identifier SCID provided on a distributed file management systemnIf they are the same, then the result res is calculatediSoftware trusted identifier SCID with decrypted Data DecrypData stored thereinmAnd is used for the consensus process.
In step 3), selecting a plurality of software data verifiers idf from the block link pointsm(ii) a Software data verifier idfmVerifying the block B to be confirmed provided by the collectorjTrusted hardware information info ofmIf it is correct, trusted hardware information infomIncluding the trusted computing result resi(ii) a Block BjIs to verify the personal idf by software datamGenerated after the negotiation is consistent, wherein the software data provider information data is includedn,offerinfoSoftware datai,softSoftware ExplainsoftAddress of software in distributed file management systemsoftAnd trusted calculation result resi(ii) a If the information is correct, the software data verifies the person idfmThen collect block BjThe availability and validity voting is carried out to obtain the confirmed blocks until the multi-party consensus is achieved; then confirming the block BjAs candidate block BiThen the candidate block B is processediThe information and the export information are uploaded to a block chain; entry data, candidate Block BiBoth the information of (2) and the export information include a trusted computing result resiThe method comprises the following specific steps:
301) selecting a plurality of software data verifiers idf from block link pointsm
302) Software data verifier idfmVerifying the block B to be confirmed provided by the collectorjTrusted hardware information info ofmWhether correct or not to prevent software data from verifying human idfmCarrying out illegal behaviors; wherein the block B to be confirmedjRefers to an unstructured block; trusted hardware information infomComprises the following steps: trusted status of the block, trusted computing result resi(ii) a Block BjIs to verify the personal idf by software datamGenerated after the negotiation is consistent, wherein the software data provider information data is includedn,offerinfoSoftware datai,softSoftware ExplainsoftAddress of software in distributed file management systemsoftAnd trusted calculation result resi
303) If trusted hardware information infomCorrect, software data verification human idfmThen collect the block B to be confirmedjIncluding trusted computing result resiThen, the availability and validity votes are carried out until the multiple parties agree, thereby completing the block BjConfirmation of (1);
304) software data verifier idfmThe confirmed block BjAs candidate block BiThen the candidate block BiInformation ofAnd uploading the export information to the block chain; wherein the candidate block BiThe information of (1) includes: block head headercAnd other information (es)cTrusted calculation result resi(ii) a The export information includes: block head headercAnd other information (es)c
In step 302), the software data verifies the human idfmVerifying the block B to be confirmed provided by the collectorjTrusted hardware information info ofmThe method comprises the following specific steps:
30201) Software data verifier idfi,mThe method uses a Nominated Proof of merit (NPOS) algorithm to treat the confirmed block BjTrusted hardware information info ofmCarrying out verification;
30202) Suppose all software data providers datan,offerThe software data verifier idf responsible for the ith block and the (i + 1) th block is clearmThe grouping condition of (1), all software data of the ith block are verified to be idfi,mAs a subgroup, ensure that there is at least one software data verifier idf in the ith blocki,m
30203) Will collect human cpsProviding a certain block as the block B to be confirmedjChecking the block B to be confirmedjTo prevent malicious collection of human cpsProviding illegal or recalcitrant blocks to software data verifier idfm(ii) a Wherein human cp is collectedsIs responsible for collecting software datai,softAnd the software data is storedi,softPacking into blocks and providing the blocks to a software data verifier idfm
30204) If human cp is collectedsProviding a block B to be confirmedjIf not, deduct the penalty Ccon from the commission charge as penalty, wherein the penalty Ccon is determined by the validation block time t0Size of block0And collecting human cpsDue commission cash' decision:
Figure BDA0003092251950000081
cash1=cash’-Ccon
wherein, cash1Representing the Collection of persons cpsObtaining the handling fee;
30205) Verifying human idf by checking software datamWhether the illegal verification behavior is performed: the illegal blocks are signed, and the information voted to be valid in the export information is not processed or does not participate in multi-party consensus;
30206) If the software data verifies the human idfmActs that are done illegally or with inconsistent voting states are penalized:
cash2=cash’‘×0.5
wherein, cash2Representing software data verifier idfmThe actual cost, cash '' represents the software data verifier idfmThe cost of the mortgage.
In step 303), the software data verifies the person idfmCollecting blocks B to be confirmedjIncluding trusted computing result resiThen, the availability and validity votes are carried out until the multiple parties agree, thereby completing the block BjThe specific steps of (2) confirmation are as follows:
30301) Software data verifier idf of ith blocki,mCollect as block B to be confirmedjThe ith block B of0Including trusted computing result resiFirstly, performing availability voting, wherein if the entry data is intact, the voting is 'yes', and otherwise, the voting is 'not yes'; then validity voting is carried out: if the result of the trusted calculation resiIf the vote is valid, the vote is 1, which means yes, otherwise the vote is 0, which means no; the ith block B0All software data of (1) verifying the human idfi,mMust vote for a certain time;
30302) Judging whether consensus is achieved according to the following conditions: at least two-thirds of software data verifier idfi,mVote of "1" and require more than one-third of the software data verifier idfi,mFor egress information egrescIs availableVoting for "yes" whether sexual or not;
30303) If the consensus is achieved, the ith block B is finished0Confirmation of (1); otherwise, reselecting the software data verifier idf of the ith blocki,mAnd the multiparty consensus process is performed again.
In step 304), the software data verifies the human idfmThe confirmed block BjAs candidate block BiThen the candidate block BiThe specific steps of uploading the information and the export information to the block chain are as follows:
30401) Software data verifier idfi,mThe confirmed block BjAs candidate block BiThen the candidate block BiInformation of
Figure BDA0003092251950000091
Uploading to a block chain;
Figure BDA0003092251950000092
30402) Software data verifier idfi,mSending candidate block BiEgress information of (2)c
exinfoc=(headerc,egressc)。
The software data integrity multi-party consensus method based on trusted computing provided by the invention has the following beneficial effects:
(1) and constructing a distributed file system for storing the software data and uniformly managing the software integrity check information, so that a user can accurately judge whether the software data is tampered.
(2) And optimizing the software data integrity verification process by utilizing the consensus and excitation mechanism of the block chain, and ensuring the reliability and the availability of the whole software data integrity verification process.
(3) By utilizing the trusted computing optimization block chain multi-party consensus process, the user can efficiently obtain the software trusted identifier computing result under the condition of more bandwidth saving, thereby completing multi-party consensus.
Drawings
Fig. 1 is a flowchart of a trusted computing based software data integrity multi-party consensus method provided by the present invention.
Fig. 2 is a flowchart of the process of calculating and storing a trusted software identifier and completing the blockchain environment building by a software data provider according to the present invention.
Fig. 3 is a flowchart of a process of a software data provider executing trusted computing on software data in the trusted computing environment module Enclave according to the present invention.
Fig. 4 is a flowchart of a process for a software data provider to achieve multi-party consensus and upload candidate tiles to a tile chain according to the present invention.
Detailed Description
The invention is described in detail below with reference to the figures and specific embodiments.
As shown in fig. 1, the trusted computing based software data integrity multi-party consensus method provided by the present invention includes the following steps performed in sequence:
1) creating a Distributed File Management System (DFMS); software data provider datan,fferData of softwarei,softUploading to a distributed file management system, and calculating software datai,softCorresponding software trusted identifier SCIDnAnd storing the file into a distributed file management system; simultaneously, an intelligent contract set M is uploaded to the block chain, and the intelligent contract set M comprises four contracts: adding a software contract, computing an identifier contract, storing an identifier and verifying a trusted computing process contract and obtaining an identifier contract;
as shown in fig. 2, the creation of a distributed file management system is described; software data provider datan,fferData of softwarei,softUploading to a distributed file management system, and calculating software datai,softCorresponding software trusted identifier SCIDnThe specific steps of storing the file into the distributed file management system are as follows:
101) creating a distributed file management system that will store software data provider datan,offerIs softPiece data and computed software trusted identifier SCIDn
102) Multiple software data providers datan,offerRespectively transmitting the respective software datai,softUploading to a distributed file management system, and providing data by each software data providern,offerRespectively calculating the software data by using a Secure Hash Algorithm 1 (SHA 1 Algorithm for short) and a domestic Hash Algorithm (SM 3 Algorithm for short) to obtain the software datai,softCorresponding identifier SUIDi,1,SUIDi,2
SUIdi,1=SHA1(datai,soft);
SUIDi,2=SM3(datai,soft);
103) Two identifiers SUIDi,1,SUIDi,2Forming a new identifier by using SM3 algorithm and adding the first 6 bytes Chd as check bits at the tail end to obtain the SCID (trusted software identifier)n
SCIDn=SM3(SCIDi,1,SCIDi,2)+Chd;
104) Software trusted identifier SCIDnAnd storing the file into the distributed file management system.
2) Software data provider datan,offerInitiating a calling request, enabling the intelligent reduced set M on the block chain to call the trusted execution environment module Enclave, and checking the trusted state of the trusted execution environment module Enclave; the trusted execution environment module Enclave generates a trusted public and private key pair PKcredible,SKcredibleUsing a trusted public key PKcredibleFor the software data in the distributed file management systemi,softEncrypting by using trusted private key SKcredibleDecrypting and verifying the decrypted data to obtain the software trusted identifier SCID of the decrypted datam(ii) a After the verification is successful, performing trusted calculation, and calculating the result res of the trusted calculationiBroadcasting to the block chain; software data provider datan,offerObtaining a trusted computing result resiThen recording, and destroying the intelligent combination set M on the operation chain;
as shown in fig. 3, the specific steps are as follows:
201) software data provider datan,offerInitiating a request call to enable the intelligent reduced set M on the block chain to call the trusted execution environment module Enclave;
202) software data provider datan,offerApplication program code and software datai,softAll copied to the trusted execution environment module Enclave;
203) software data provider datan,offerLoading an Enclave of the trusted execution environment module into a memory;
204) software data provider datan,offerObtaining signature public key Spk from trusted execution environment module Enclave0Metric value EnclavevalueThereby obtaining an SECS structure: signature public key Spk0Metric value EnclavevalueSoftware unique identifier SUIDn
205) Software data provider datan,offerObtaining the public key Spk from the trusted execution environment module Enclave1Enclave attribute EnclaveaSigner identity SigiThus obtaining the EINITTOKEN structure: public key Spk1Enclave attribute EnclaveaSigner identity Sigi
206) Software data provider datan,offerChecking whether the EINITTOKEN structure allows execution of the trusted execution environment module Enclave, if so, using the public key Spk1Performing identity authentication;
207) software data provider datan,offerMatching MRENCLAVE in the SIGSTUCT structure with corresponding attribute values in the SECS structure and the EINITTOKEN structure, and if the matching is successful, indicating that the execution process of the trusted execution environment module Enclave is trusted;
208) software data provider datan,offerSending out software datai,softAfter the use request, performing trusted computing: TC (data)i,soft);
209) The trusted execution environment module Enclave generates a trusted public and private key pair PKcredible,SKcredibleAnd the credible public key PKcredibleData sent to software data providern,offerThen use the trusted public key PKcredibleFor software datai,softEncrypting to obtain encrypted Data encrypt _ Data0
Encryp_Data0=Encry(datai,soft,PKcredible);
210) Software data provider datan,offerUsing personal private key SKpObtaining signature encrypted data Message after signing the encrypted data0And uploading to the trusted execution environment module Enclave:
Message0=Sign(SKp,Encryp_Data0);
211) the trusted execution environment module Enclave receives the signed encrypted data Message0Then, using the software data provider data on the block chainn,offerPublic key PKofferVerifying signatures and using trusted private key SKcredibleDecryption is carried out to obtain decrypted Data decrypt _ Data:
Decryp_Data=Decry(Message,PKoffer,SKcredible);
212) the software trusted identifier SCID of the decrypted Data DecrypdatamAnd software data provider datan,offerSoftware trusted identifier (SCID) on distributed file management systemnPerforming comparison calculation to obtain a comparison calculation result Is _ Avail:
Is_Avail=Integrity(SUIDn,SUIDm);
213) the trusted execution environment module Enclave uses the software data provider data with the comparison calculation result Is _ Availn,offerPersonal public key PKpEncrypted to obtain a trusted computing result resiThen the trusted computing result resiReturn software data provider datan,offerThen, destroying the intelligent reduced set M on the operation chain:
resi=Encry(Is_Avail,PKp);
214) if step 212) the software trusted identifier SCID of the decrypted Data DecrypDatamAnd software dataProvider datan,offerSoftware trusted identifier SCID provided on a distributed file management systemnIf they are the same, then the result res is calculatediSoftware trusted identifier SCID with decrypted Data DecrypData stored thereinmAnd is used for the consensus process.
3) As shown in FIG. 4, a number of software data verifiers idf are selected from the block link pointsm(ii) a Software data verifier idfmVerifying the block B to be confirmed provided by the collectorjTrusted hardware information info ofmIf it is correct, trusted hardware information infomIncluding the trusted computing result resi(ii) a Block BiIs to verify the personal idf by software datamGenerated after the negotiation is consistent, wherein the software data provider information data is includedn,offerinfoData of softwarei,softSoftware ExplainsoftAddress of software in distributed file systemsoftTrusted calculation result resi(ii) a If the information is correct, the software data verifies the person idfmThen collect block BjAnd voting availability and validity to obtain the confirmed block BjUntil reaching the consensus of multiple parties; then confirming the block BjAs candidate block BiThen the candidate block B is processediThe information and the export information are uploaded to a block chain; entry data, candidate Block BiBoth the information of (2) and the export information include a trusted computing result resi
The method comprises the following specific steps:
301) selecting a plurality of software data verifiers idf from block link pointsm
302) Software data verifier idfmVerifying the block B to be confirmed provided by the collectorjTrusted hardware information info ofmWhether correct or not to prevent software data from verifying human idfmCarrying out illegal behaviors; wherein the block B to be confirmedjRefers to an unstructured block; trusted hardware information infomComprises the following steps: trusted status of the block, trusted computing result resi(ii) a Block BjIs verified by software dataHuman idfmGenerated after the negotiation is consistent, wherein the software data provider information data is includedn,offerinfoSoftware datai,softSoftware ExplainsoftAddress of software in distributed file management systemsoftAnd trusted calculation result resi
303) If trusted hardware information infomCorrect, software data verification human idfmThen collect the block B to be confirmedjIncluding trusted computing result resiThen, the availability and validity votes are carried out until the multiple parties agree, thereby completing the block BjConfirmation of (1);
304) software data verifier idfmThe confirmed block BjAs candidate block BiThen the candidate block BiUploading the information and the export information to a block chain; wherein the candidate block BiThe information of (1) includes: block head headercAnd other information (es)cTrusted calculation result resi(ii) a The export information includes: block head headercAnd other information (es)c
In step 302), the software data verifies the human idfmVerifying the block B to be confirmed provided by the collectorjTrusted hardware information info ofmThe method comprises the following specific steps:
30201) Software data verifier idfi,mThe method uses a Nominated Proof of merit (NPOS) algorithm to treat the confirmed block BjTrusted hardware information info ofmAnd (6) carrying out verification.
30202) Suppose all software data providers datan,offerThe software data verifier idf responsible for the ith block and the (i + 1) th block is clearmThe grouping condition of (1), all software data of the ith block are verified to be idfi,mAs a subgroup, ensure that there is at least one software data verifier idf in the ith blocki,m
30203) Will collect human cpsProviding a certain block as the block B to be confirmedjTo be inspectedConfirmed block BjTo prevent malicious collection of human cpsProviding illegal or recalcitrant blocks to software data verifier idfm(ii) a Wherein human cp is collectedsIs responsible for collecting software datai,softAnd the software data is storedi,softPacking into blocks and providing the blocks to a software data verifier idfm
30204) If human cp is collectedsProviding a block B to be confirmedjIf not, deduct the penalty Ccon from the commission charge as penalty, wherein the penalty Ccon is determined by the validation block time t0Size of block0And collecting human cpsDue commission cash' decision:
Figure BDA0003092251950000151
cash1=cash’-Ccon
wherein, cash1Representing the Collection of persons cpsObtaining the handling fee;
30205) Verifying human idf by checking software datamWhether the illegal verification behavior is performed: the illegal blocks are signed, and the information voted to be valid in the export information is not processed or does not participate in multi-party consensus;
30206) If the software data verifies the human idfmActs that are done illegally or with inconsistent voting states are penalized:
cash2=cash’‘×0.5
wherein, cash2Representing software data verifier idfmThe actual cost, cash '' represents the software data verifier idfmThe cost of the mortgage.
In step 303), the software data verifies the person idfmCollecting blocks B to be confirmedjIncluding trusted computing result resiThen, the availability and validity votes are carried out until the multiple parties agree, thereby completing the block BjThe specific steps of (2) confirmation are as follows:
30301) First, thei blocks B0Software data of (1) verifying human idfi,mCollect as block B to be confirmedjThe ith block B of0Including trusted computing result resiFirstly, performing availability voting, wherein if the entry data is intact, the voting is 'yes', and otherwise, the voting is 'not yes'; then validity voting is carried out: if the result of the trusted calculation resiIf the vote is valid, the vote is 1, which means yes, otherwise the vote is 0, which means no; the ith block B0All software data of (1) verifying the human idfi,mMust vote for a certain time;
30302) Judging whether consensus is achieved according to the following conditions: at least two-thirds of software data verifier idfi,mVote of "1" and require more than one-third of the software data verifier idfi,mFor egress information egrescVotes yes for availability or not;
30303) If the consensus is achieved, the ith block B is finished0Confirmation of (1); otherwise, reselecting the software data verifier idf of the ith blocki,mAnd the multiparty consensus process is performed again.
In step 304), the software data verifies the human idfmThe confirmed block BjAs candidate block BiThen the candidate block BiThe specific steps of uploading the information and the export information to the block chain are as follows:
30401) Software data verifier idfi,mThe confirmed block BjAs candidate block BiThen the candidate block BiInformation of
Figure BDA0003092251950000161
Uploading to a block chain;
Figure BDA0003092251950000162
30402) Software data verifier idfi,mSending candidate block BiEgress information of (2)c
exinfoc=(headerc,egressc);
4) Software data demand party datan,demandAcquiring required software data through distributed file management systemi,softAnd calculates the corresponding software trusted identifier SUIDt(ii) a Then calling an intelligent contract set M to acquire data containing the software data on the block chaini,softCandidate block B ofiSoftware trusted identifier SUID in (1)mThen the software trusted identifier SUID is usedtAnd candidate block B on the block chainiSoftware trusted identifier SUID in (1)mComparing, if the two are the same, indicating that the software data is datai,softIs complete, otherwise the software data is provedi,softIs incomplete, thereby completing the software datai,softThe integrity of (2).
The method constructs a software data integrity verification scheme based on trusted computing and block chain technology, realizes the trust and safety of software data through trusted computing, ensures the integrity of data in the data transmission and storage processes, and prevents the software from being maliciously tampered. The trusted computing enables the software data consensus party not to download the consensus and delete the consensus every time the software data consensus party performs verification, so that the user experience is greatly improved, and the verification efficiency is also greatly improved. Due to the characteristics of decentralized block chain, no tampering, traceability and information sharing, the integrity verification cost of software data is greatly reduced. Meanwhile, the idea of a multi-party consensus mechanism is added, so that the verification result has higher reliability.

Claims (7)

1. A software data integrity multi-party consensus method based on trusted computing is characterized in that: the software data integrity multi-party consensus method based on the trusted computing comprises the following steps of in sequence:
1) creating a distributed file management system; software data provider datan,fferData of softwarei,softUploading to a distributed file management system, and calculating software datai,softCorresponding software trusted identifier SCIDnAnd storing the file into a distributed file management system; simultaneously, an intelligent contract set M is uploaded to the block chain, and the intelligent contract set M comprises four contracts: adding a software contract, computing an identifier contract, storing an identifier and verifying a trusted computing process contract and obtaining an identifier contract;
2) software data provider datan,offerInitiating a calling request, enabling the intelligent reduced set M on the block chain to call the trusted execution environment module Enclave, and checking the trusted state of the trusted execution environment module Enclave; the trusted execution environment module Enclave generates a trusted public and private key pair PKcredible,SKcredibleUsing a trusted public key PKcredibleFor the software data in the distributed file management systemi,softEncrypting by using trusted private key SKcredibleDecrypting and verifying the decrypted data to obtain the software trusted identifier SCID of the decrypted datam(ii) a After the verification is successful, performing trusted calculation, and calculating the result res of the trusted calculationiBroadcasting to the block chain; software data provider datan,offerObtaining a trusted computing result resiThen recording, and destroying the intelligent combination set M on the operation chain;
3) selecting a plurality of software data verification Xidf from block link pointsm(ii) a Software data verifier idfmVerifying the block B to be confirmed provided by the collectorjTrusted hardware information info ofmIf it is correct, trusted hardware information infomIncluding the trusted computing result resi(ii) a Block BjIs to verify the personal idf by software datamGenerated after the negotiation is consistent, wherein the software data provider information data is includedn,offerinfoSoftware datai,softSoftware ExplainsoftAddress of software in distributed file management systemsoftAnd trusted calculation result resi(ii) a If the information is correct, the software data verifies the person idfmThen collect block BjThe availability and validity voting is carried out to obtain the confirmed blocks until the multi-party consensus is achieved; then confirming the block BjAs candidate block BiThen the candidate block B is processediThe information and the export information are uploaded to a block chain; entry data, candidate Block BiBoth the information of (2) and the export information include a trusted computing result resi
4) Software data demand party datan,demandAcquiring required software data through distributed file management systemi,softAnd calculates the corresponding software trusted identifier SUIDt(ii) a Then calling an intelligent contract set M to acquire data containing the software data on the block chaini,softCandidate block B ofiSoftware trusted identifier SUID in (1)mThen the software trusted identifier SUID is usedtAnd candidate block B on the block chainiSoftware trusted identifier SUID in (1)mComparing, if the two are the same, indicating that the software data is datai,softIs complete, otherwise the software data is provedi,softIs incomplete, thereby completing the software datai,softThe integrity of (2).
2. The trusted computing based software data integrity multi-party consensus method according to claim 1, wherein: in step 1), the distributed file management system is created; software data provider datan,fferData of softwarei,softUploading to a distributed file management system, and calculating software datai,softCorresponding software trusted identifier SCIDnThe specific steps of storing the file into the distributed file management system are as follows:
101) creating a distributed file management system that will store software data provider datan,offerAnd the calculated trusted identifier SCID of the softwaren
102) Multiple software data providers datan,offerRespectively transmitting the respective software datai,softUploading to a distributed file management system, and providing data by each software data providern,offerRespectively utilizing secure hash algorithm 1 and domestic hash algorithm to calculate software datai,softCorresponding identifier SUIDi,1,SUIDi,2
SUIDi,1=SHA1(datai,soft);
SUIDi,2=SM3(datai,soft);
103) Two identifiers SUIDi,1,SUIDi,2Forming a new identifier by using SM3 algorithm and adding the first 6 bytes Chd as check bits at the tail end to obtain the SCID (trusted software identifier)n
SCIDn=SM3(SCIDi,1,SCIDi,2)+Chd;
104) Software trusted identifier SCIDnAnd storing the file into the distributed file management system.
3. The trusted computing based software data integrity multi-party consensus method according to claim 1, wherein: in step 2), the software data provider datan,offerInitiating a calling request, enabling the intelligent reduced set M on the block chain to call the trusted execution environment module Enclave, and checking the trusted state of the trusted execution environment module Enclave; the trusted execution environment module Enclave generates a trusted public and private key pair PKcredible,SKcredibleUsing a trusted public key PKcredibleFor the software data in the distributed file management systemi,softEncrypting by using trusted private key SKcredibleDecrypting and verifying the decrypted data to obtain the software trusted identifier SCID of the decrypted datam(ii) a After the verification is successful, performing trusted calculation, and calculating the result res of the trusted calculationiBroadcasting to the block chain; software data provider datan,offerObtaining a trusted computing result resiAnd then recording, and specifically destroying the intelligent combination M on the operation chain according to the following steps:
201) software data provider datan,offerInitiating a request call to enable the intelligent reduced set M on the block chain to call the trusted execution environment module Enclave;
202) software data provider datan,offerApplication program code and software datai,softAll copied to the trusted execution environment module Enclave;
203) software data provider datan,offerLoading an Enclave of the trusted execution environment module into a memory;
204) software data provider datan,offerObtaining signature public key Spk from trusted execution environment module Enclave0Metric value EnclavevalueThereby obtaining an SECS structure: signature public key Spk0Metric value EnclavevalueSoftware unique identifier SUIDn
205) Software data provider datan,offerObtaining the public key Spk from the trusted execution environment module Enclave1Enclave attribute EnclaveaSigner identity SigiThus obtaining the EINITTOKEN structure: public key Spk1Enclave attribute EnclaveaSigner identity Sigi
206) Software data provider datan,offerChecking whether the EINITTOKEN structure allows execution of the trusted execution environment module Enclave, if so, using the public key Spk1Performing identity authentication;
207) software data provider datan,offerMatching MRENCLAVE in the SIGSTUCT structure with corresponding attribute values in the SECS structure and the EINITTOKEN structure, and if the matching is successful, indicating that the execution process of the trusted execution environment module Enclave is trusted;
208) software data provider datan,offerSending out software datai,softAfter the use request, performing trusted computing: TC (data)i,soft);
209) The trusted execution environment module Enclave generates a trusted public and private key pair PKcredible,SKcredibleAnd the credible public key PKcredibleData sent to software data providern,offerThen use the trusted public key PKcredibleFor software datai,softEncrypting to obtain encrypted Data encrypt-Data0
Encryp-Data0=Encry(datai,soft,PKcredible);
210) Software data provider datan,offerUsing personal private key SKpObtaining signature encrypted data Message after signing the encrypted data0And uploading to the trusted execution environment module Enclave:
Message0=Sign(SKp,Encryp_Data0);
211) the trusted execution environment module Enclave receives the signed encrypted data Message0Then, using the software data provider data on the block chainn,offerPublic key PKofferVerifying signatures and using trusted private key SKcredibleDecryption is carried out to obtain decrypted Data decrypt _ Data:
Decryp_Data=Decry(Message,PKoffer,SKcredible);
212) the software trusted identifier SCID of the decrypted Data DecrypdatamAnd software data provider datan,offerSoftware trusted identifier (SCID) on distributed file management systemnPerforming comparison calculation to obtain a comparison calculation result Is _ Avail:
Is_Avail=Integrity(SUIDn,SUIDm);
213) the trusted execution environment module Enclave uses the software data provider data with the comparison calculation result Is _ Availn,offerPersonal public key PKpEncrypted to obtain a trusted computing result resiThen the trusted computing result resiReturn software data provider datan,offerThen, destroying the intelligent reduced set M on the operation chain:
resi=Encry(Is_Avail,PKp);
214) if step 212) the software trusted identifier SCID of the decrypted Data DecrypDatamAnd software data provider datan,offerSoftware trusted identifier SCID provided on a distributed file management systemnIf they are the same, then the result res is calculatediSoftware trusted identifier SCID with decrypted Data DecrypData stored thereinmAnd is used for the consensus process.
4. The trusted computing based software data integrity multi-party consensus method according to claim 1, wherein: in step 3), selecting a plurality of software data verifiers idf from the block link pointsm(ii) a Software data verifier idfmVerifying the block B to be confirmed provided by the collectorjTrusted hardware information info ofmIf it is correct, trusted hardware information infOmIncluding the trusted computing result resi(ii) a Block BjIs to verify the personal idf by software datamGenerated after the negotiation is consistent, wherein the software data provider information data is includedn,offerinfoSoftware datai,softSoftware ExplainsoftAddress of software in distributed file management systemsoftAnd trusted calculation result resi(ii) a If the information is correct, the software data verifies the person idfmThen collect block BjThe availability and validity voting is carried out to obtain the confirmed blocks until the multi-party consensus is achieved; then confirming the block BjAs candidate block BiThen the candidate block B is processediThe information and the export information are uploaded to a block chain; entry data, candidate Block BiBoth the information of (2) and the export information include a trusted computing result resiThe method comprises the following specific steps:
301) selecting a plurality of software data verifiers idf from block link pointsm
302) Software data verifier idfmVerifying the block B to be confirmed provided by the collectorjTrusted hardware information info ofmWhether correct or not to prevent software data from verifying human idfmCarrying out illegal behaviors; wherein the block B to be confirmedjRefers to an unstructured block; trusted hardware information infomComprises the following steps: trusted status of the block, trusted computing result resi(ii) a Block BjIs to verify the personal idf by software datamGenerated after the negotiation is consistent, wherein the software data provider information data is includedn,offerinfoSoftware datai,softSoftware ExplainsoftAddress of software in distributed file management systemsoftAnd trusted calculation result resi
303) If trusted hardware information infomCorrect, software data verification human idfmThen collect the block B to be confirmedjIncluding trusted computing result resiThen, the availability and validity votes are carried out until the multiple parties agree, thereby completing the block BjConfirmation of (1);
304) software data verifier idfmThe confirmed block BjAs candidate block BiThen the candidate block BiUploading the information and the export information to a block chain; wherein the candidate block BiThe information of (1) includes: block head headercAnd other information (es)cTrusted calculation result resi(ii) a The export information includes: block head headercAnd other information (es)c
5. The trusted computing based software data integrity multi-party consensus method according to claim 1, wherein: in step 302), the software data verifies the human idfmVerifying the block B to be confirmed provided by the collectorjTrusted hardware information info ofmThe method comprises the following specific steps:
30201) Software data verifier idfi,mThe method uses a Nominated Proof of merit (NPOS) algorithm to treat the confirmed block BjTrusted hardware information info ofmCarrying out verification;
30202) Suppose all software data providers datan,offerThe software data verifier idf responsible for the ith block and the (i + 1) th block is clearmThe grouping condition of (1), all software data of the ith block are verified to be idfi,mAs a subgroup, ensure that there is at least one software data verifier idf in the ith blocki,m
30203) Will collect human cpsProviding a certain block as the block B to be confirmedjChecking the block B to be confirmedjTo prevent malicious collection of human cpsProviding illegal or recalcitrant blocks to software data verifier idfm(ii) a Wherein human cp is collectedsIs responsible for collecting software datai,softAnd the software data is storedi,softPacking into blocks and providing the blocks to a software data verifier idfm
30204) If human cp is collectedsProviding a block B to be confirmedjIf not, deduct the penalty Ccon from the commission charge as penalty, wherein the penalty Ccon is determined by the validation block time t0Size of block0And collecting human cpsDue commission cash' decision:
Figure FDA0003092251940000071
cash1=cash’-Ccon
wherein, cash1Representing the Collection of persons cpsObtaining the handling fee;
30205) Verifying human idf by checking software datamWhether the illegal verification behavior is performed: the illegal blocks are signed, and the information voted to be valid in the export information is not processed or does not participate in multi-party consensus;
30206) If the software data verifies the human idfmActs that are done illegally or with inconsistent voting states are penalized:
cash2=cash’‘×0.5
wherein, cash2Indicating the verified cost of idfm for the software data verifier, cash' indicating idf for the software data verifiermThe cost of the mortgage.
6. The trusted computing based software data integrity multi-party consensus method according to claim 1, wherein: in step 303), the software data verifies the person idfmCollecting blocks B to be confirmedjIncluding trusted computing result resiThen, the availability and validity votes are carried out until the achievementMultiple parties agree, thereby completing the block BjThe specific steps of (2) confirmation are as follows:
30301) Software data verifier idf of ith blocki,mCollect as block B to be confirmedjThe ith block B of0Including trusted computing result resiFirstly, performing availability voting, wherein if the entry data is intact, the voting is 'yes', and otherwise, the voting is 'not yes'; then validity voting is carried out: if the result of the trusted calculation resiIf the vote is valid, the vote is 1, which means yes, otherwise the vote is 0, which means no; the ith block B0All software data of (1) verifying the human idfi,mMust vote for a certain time;
30302) Judging whether consensus is achieved according to the following conditions: at least two-thirds of software data verifier idfi,mVote of "1" and require more than one-third of the software data verifier idfi,mFor egress information egrescVotes yes for availability or not;
30303) If the consensus is achieved, the ith block B is finished0Confirmation of (1); otherwise, reselecting the software data verifier idf of the ith blocki,mAnd the multiparty consensus process is performed again.
7. The trusted computing based software data integrity multi-party consensus method according to claim 1, wherein: in step 304), the software data verifies the human idfmThe confirmed block BjAs candidate block BiThen the candidate block BiThe specific steps of uploading the information and the export information to the block chain are as follows:
30401) Software data verifier idfi,mThe confirmed block BjAs candidate block BiThen the candidate block BiInformation of
Figure FDA0003092251940000081
Uploading to a block chain;
Figure FDA0003092251940000082
30402) Software data verifier idfi,mSending egress information exinfo for a candidate block Bic
exinfoc=(headerc,egressc)。
CN202110599061.4A 2021-05-31 2021-05-31 Software data integrity multi-party consensus method based on trusted computing Active CN113312640B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110599061.4A CN113312640B (en) 2021-05-31 2021-05-31 Software data integrity multi-party consensus method based on trusted computing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110599061.4A CN113312640B (en) 2021-05-31 2021-05-31 Software data integrity multi-party consensus method based on trusted computing

Publications (2)

Publication Number Publication Date
CN113312640A true CN113312640A (en) 2021-08-27
CN113312640B CN113312640B (en) 2022-05-24

Family

ID=77376385

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110599061.4A Active CN113312640B (en) 2021-05-31 2021-05-31 Software data integrity multi-party consensus method based on trusted computing

Country Status (1)

Country Link
CN (1) CN113312640B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023104013A1 (en) * 2021-12-10 2023-06-15 华为技术有限公司 Data integrity protection method and related apparatus

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140258736A1 (en) * 2013-03-08 2014-09-11 Robert Bosch Gmbh Systems and Methods for Maintaining Integrity and Secrecy in Untrusted Computing Platforms
CN108320160A (en) * 2018-02-02 2018-07-24 张超 Block catenary system, block common recognition method and apparatus
CN109408108A (en) * 2018-10-12 2019-03-01 天津理工大学 A kind of Software Version data management system and method for building up based on block chain
CN109493042A (en) * 2018-10-24 2019-03-19 南京邮电大学 A kind of intelligent contract possessing access control function is credible to deposit card method and system
US20190130114A1 (en) * 2017-10-30 2019-05-02 Pricewaterhousecoopers Llp Implementation of continuous real-time validation of distributed data storage systems
CN110061838A (en) * 2019-04-28 2019-07-26 广州大学 A kind of the decentralization storage system and its realization, information retrieval method of DNS resource record
CN111639308A (en) * 2020-04-24 2020-09-08 杭州溪塔科技有限公司 Software serial number distribution verification method and device based on block chain
CN111814204A (en) * 2020-09-09 2020-10-23 腾讯科技(深圳)有限公司 Block chain-based data consensus method, related equipment and storage medium
CN112288435A (en) * 2020-11-20 2021-01-29 天翼电子商务有限公司 Intelligent contract execution method supporting trusted execution environment

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140258736A1 (en) * 2013-03-08 2014-09-11 Robert Bosch Gmbh Systems and Methods for Maintaining Integrity and Secrecy in Untrusted Computing Platforms
US20190130114A1 (en) * 2017-10-30 2019-05-02 Pricewaterhousecoopers Llp Implementation of continuous real-time validation of distributed data storage systems
CN108320160A (en) * 2018-02-02 2018-07-24 张超 Block catenary system, block common recognition method and apparatus
CN109408108A (en) * 2018-10-12 2019-03-01 天津理工大学 A kind of Software Version data management system and method for building up based on block chain
CN109493042A (en) * 2018-10-24 2019-03-19 南京邮电大学 A kind of intelligent contract possessing access control function is credible to deposit card method and system
CN110061838A (en) * 2019-04-28 2019-07-26 广州大学 A kind of the decentralization storage system and its realization, information retrieval method of DNS resource record
CN111639308A (en) * 2020-04-24 2020-09-08 杭州溪塔科技有限公司 Software serial number distribution verification method and device based on block chain
CN111814204A (en) * 2020-09-09 2020-10-23 腾讯科技(深圳)有限公司 Block chain-based data consensus method, related equipment and storage medium
CN112288435A (en) * 2020-11-20 2021-01-29 天翼电子商务有限公司 Intelligent contract execution method supporting trusted execution environment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
陆杰: "基于区块链的流媒体文件分享系统设计", 《天津理工大学学报》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2023104013A1 (en) * 2021-12-10 2023-06-15 华为技术有限公司 Data integrity protection method and related apparatus

Also Published As

Publication number Publication date
CN113312640B (en) 2022-05-24

Similar Documents

Publication Publication Date Title
US10296248B2 (en) Turn-control rewritable blockchain
CN111970129B (en) Data processing method and device based on block chain and readable storage medium
CN107566116B (en) Method and apparatus for digital asset weight registration
CN113194469B (en) 5G unmanned aerial vehicle cross-domain identity authentication method, system and terminal based on block chain
CN110751544A (en) Bidding information, supervision information and bid evaluation information processing method, terminal and system
CN113301022B (en) Internet of things equipment identity security authentication method based on block chain and fog calculation
CN111709749A (en) Traceable blockchain transaction system with conditional privacy protection
CN113708935B (en) Internet of things equipment unified authentication method and system based on block chain and PUF
CN114971796B (en) Bidding system based on cloud service platform
CN111815321A (en) Transaction proposal processing method, device, system, storage medium and electronic device
CN111163109B (en) Block chain center-removing type node anti-counterfeiting method
CN113761582A (en) Group signature based method and system for protecting privacy of block chain transaction under supervision
CN110309672B (en) Block chain based privacy protection controllable data management method
CN116418560A (en) System and method for online quick identity authentication based on blockchain intelligent contract
CN113935065A (en) Ring signature-based federation chain identity privacy protection and supervision method
CN112039837B (en) Electronic evidence preservation method based on block chain and secret sharing
CN110661816B (en) Cross-domain authentication method based on block chain and electronic equipment
CN113312640B (en) Software data integrity multi-party consensus method based on trusted computing
Tin et al. Provably secure key exchange: an engineering approach
CN114528565A (en) Efficient sensitive data uplink algorithm based on block chain
CN113591103A (en) Identity authentication method and system between intelligent terminals of power internet of things
CN117081803B (en) Internet of things ciphertext access control method based on blockchain
CN110851804B (en) Alliance chain identity authentication mode based on electronic contract
CN113362065A (en) Online signature transaction implementation method based on distributed private key
CN112907246A (en) BFT protocol and PoW mechanism-based block chain consensus protocol implementation method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant