CN113378192A - Alliance link data encryption method - Google Patents

Alliance link data encryption method Download PDF

Info

Publication number
CN113378192A
CN113378192A CN202110616574.1A CN202110616574A CN113378192A CN 113378192 A CN113378192 A CN 113378192A CN 202110616574 A CN202110616574 A CN 202110616574A CN 113378192 A CN113378192 A CN 113378192A
Authority
CN
China
Prior art keywords
data
alliance
node
subdata
federation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110616574.1A
Other languages
Chinese (zh)
Other versions
CN113378192B (en
Inventor
张金琳
俞学劢
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Shuqin Technology Co Ltd
Original Assignee
Zhejiang Shuqin Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Shuqin Technology Co Ltd filed Critical Zhejiang Shuqin Technology Co Ltd
Priority to CN202110616574.1A priority Critical patent/CN113378192B/en
Publication of CN113378192A publication Critical patent/CN113378192A/en
Application granted granted Critical
Publication of CN113378192B publication Critical patent/CN113378192B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of data security, in particular to a federation chain data encryption method, which comprises the following steps: step A), cutting off data to be encrypted; step B), the alliance link node declares to participate in encryption and decryption, and appoints one alliance link node to send a public key; step C), distributing public keys among the alliance chain nodes; step D), the selected alliance link nodes sequentially and repeatedly execute the step C) until the value of n transmitted by the broadcast is 1; step E), distributing the subdata to the alliance link nodes, encrypting the subdata, and packaging the encrypted subdata to obtain encrypted data; and F) unpacking the encrypted data, reading the unpacked subdata by the link points of the alliance and trying to decrypt, and if decryption can be successfully performed, sending the decrypted subdata to a specified address. The substantial effects of the invention are as follows: once the data in the alliance chain environment is in the intranet environment, decryption cannot be completed, and privacy and safety of the alliance chain data are guaranteed.

Description

Alliance link data encryption method
Technical Field
The invention relates to the technical field of data security, in particular to a federation chain data encryption method.
Background
A federation chain is typically built with multiple organizations or organizations involved, and is a block chain implementation between a public chain and a private chain. Although the security of the alliance chain is poorer than that of the public chain, the data privacy of the alliance chain is obviously higher than that of the common chain, and the alliance chain is commonly used for enterprise services. Each organization or organization participating in the federation chain manages one or more nodes, and data on the federation chain is only allowed to be read from, written to, and transmitted within the intranet environment of the federation chain. The alliance chain has the characteristics of low cost and high efficiency, and is suitable for transactions or settlements among different entities and the like. The data security and privacy of the federation chain stems from mutual trust between the organizations or institutions involved in building the federation chain, as well as reward and punishment management mechanisms. Once the organization or organization participating in the building of the federation chain is not autonomous enough, the data on the federation chain can be easily revealed, and the influence is huge for the industry where the data is sensitive. There is thus a need to develop a technical approach applicable between federation chains that is more capable of protecting data security and privacy.
Chinese patent CN111526219B, published 2021, 2, 9, a method for identifying federation chains and a federation chain system, comprising: the consensus master node splits proposed data to be consensus into data blocks corresponding to consensus backup nodes based on an erasure code technology, the data blocks obtained by splitting the proposed data correspond to hash values calculated based on the erasure code technology, the consensus master node sends the data blocks obtained by splitting the proposed data to the corresponding consensus backup nodes, receives the consensus backup nodes of the data blocks sent by the consensus master node, forwards the data blocks to other consensus backup nodes, and initiates consensus of the proposed data based on a practical Byzantine fault-tolerant PBFT protocol, sending the hash value of the data block into which the proposed data is split by the message of the PBFT protocol to a consensus backup node, the consensus backup node being based on the hash value of the data block in the message of the PBFT protocol, and checking the obtained data blocks split by the proposal data to execute the consensus logic of the PBFT protocol on the proposal data successfully checked. But the technical problem of data leakage can be caused when the nodes which are not autonomous or have imperfect management exist in the alliance chain.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: the data security and privacy on the existing alliance chain are not high enough. The method can limit the use of the data of the alliance chain in an alliance chain intranet environment through an improved encryption method.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows: a federation chain data encryption method, comprising the steps of: step A), the alliance link node P0 cuts the data to be encrypted into n parts of sub data; step B), n alliance chain nodes declare to participate in data encryption and decryption, alliance chain node P0 generates two pairs of public and private secret keys, a first public key is disclosed, a second public key is associated with the value n to serve as a transitive body, and the public key of one alliance chain node is randomly selected to encrypt the transitive body and then broadcast; step C), the alliance link node obtains the transitive body, a new public-private key pair is generated, the value of n is reduced by 1, a newly generated public key is associated with the new value of n to serve as the transitive body, the transitive body is encrypted by using the first public key, and the public key of one alliance link node is randomly selected again to encrypt the transitive body and then broadcast; step D), executing the step C) by the selected alliance chain node until the value of n is 1, and entering the step E); step E), randomly distributing n parts of sub data to the alliance link nodes by the alliance link node P0, then disclosing a first private key, decrypting the transfersome by the alliance link nodes respectively to obtain public keys in the transfersome, encrypting the sub data by using the obtained public keys, and gathering and packaging the encrypted sub data; and F) when the data needs to be decrypted, the alliance link node P0 unpacks the encrypted data to obtain encrypted subdata, the alliance link node tries to decrypt the subdata, if the decryption can be successful, the decrypted subdata is sent to an address designated by the alliance link node P0 until all decrypted subdata is collected, and the decrypted data is obtained. The public keys in the public and private keys generated by the alliance link points are used for encrypting the subdata received by other alliance link nodes, the private keys used for decryption are stored in the local alliance link points, the data encryption and decryption among the alliance link nodes are realized, the participation of other alliance link nodes is inevitably needed, the decryption cannot be finished once the data in the alliance link nodes are separated from an alliance link intranet environment, the privacy of the alliance link data is guaranteed, the encrypted data can be successfully decrypted only by the participation of all the alliance link nodes participating in the encryption, the decryption difficulty and the cost are very high, and the security of the alliance link data is improved. The technical contents recorded in the step B) and the step C) enable the alliance link points to be unable to know clearly which node receives and uses the public key corresponding to the private key, and therefore the cracking difficulty is improved.
Preferably, in step a), the method for the federation link node P0 to truncate the data to be encrypted into n parts of sub-data includes: step A1) the alliance link node P0 associates a unique identification code k for the data to be encrypted; step A2) generating a public-private key pair by the alliance link node P0, encrypting data to be encrypted by using a public key, and recording the data as data k; step a3) the federation chain node P0 truncates the data k into n shares, and obtains a data structure dki of { Dki, k, i }, where Dki represents the data segment obtained by truncating the data k and i represents the truncation order. The truncation sequence i is convenient for sequencing, splicing and restoring the truncated data, and the data to be encrypted is firstly encrypted once and then sent to other alliance chain nodes, so that the privacy of the data to be encrypted is ensured.
Preferably, in step F), after unpacking the encrypted data, the federation link node P0 encrypts the obtained encrypted sub-data with the private key of the federation link node P0, and after decrypting with the public key of the federation link node P0, the federation link node tries to decrypt with the private key reserved by itself, and if decryption is successful, the decrypted sub-data is sent to the address specified by the federation link node P0, and the federation link node P0 decrypts with the private key generated in step a2) to obtain the data. Private key encryption of the federation chain node P0 can prove ownership of the data by the federation chain node P0, and avoid the data being decrypted and successful by other federation chain nodes.
Preferably, in step D), if the federation chain node is designated again after having been designated, after the forwarding body is obtained by decryption, the public key of one federation chain node is randomly selected from other federation chain nodes to encrypt the forwarding body and broadcast. So that the node holding the private key cannot know to which node its corresponding public key is delivered.
Preferably, in step E), the method for randomly allocating n pieces of sub-data to the federation link node P0 is as follows: the federation chain node P0 transmits the sub-data among the federation chain nodes in a broadcast mode, each federation chain node can obtain all the sub-data, each federation chain node respectively stores a value of n, and the federation chain node stores the sub-data of the order corresponding to the value of n. The federation link node P0 cannot know which federation link node the n parts of sub-data are distributed to, and the cracking difficulty is further improved.
Preferably, in step F), the federation link node P0 correctly orders the sub-data according to the order i, and the federation link node reads the sub-data in the order corresponding to the n value stored by the federation link node, and then decrypts the sub-data by using the private key stored in each federation link node.
Preferably, in step E), the federation link node retains the sub-data in the sequence corresponding to the n value, and retains the sub-data in the next sequence, the federation link node encrypts two sub-data respectively by using the received public key, and sends the encrypted sub-data to the address designated by the federation link node P0, and the federation link node P0 packs all the encrypted sub-data. The transmission frequency of the subdata in the alliance chain intranet environment is reduced, and the consumption of network resources is reduced.
Preferably, in step E), the method for randomly allocating n pieces of sub-data to the federation link node P0 is as follows: and the alliance link node P0 sends all the subdata to any alliance link node, the alliance link node retains the subdata in the sequence corresponding to the n values stored in the alliance link node, deletes the subdata from all the subdata, sends the residual subdata to any appointed alliance link node, and transmits the subdata in sequence to randomly distribute the n parts of the subdata to the alliance link node.
The substantial effects of the invention are as follows: 1) when data is decrypted, other alliance chain nodes need to participate, so that the data in the alliance chain cannot be decrypted once the data is separated from the alliance chain intranet environment, and the privacy of the alliance chain data is guaranteed; 2) and the encrypted data can be successfully decrypted only by the participation of all the alliance chain nodes participating in encryption, so that the cracking difficulty and the cost are very high, and the security of the alliance chain data is improved.
Drawings
Fig. 1 is a flowchart of an encryption/decryption method according to an embodiment.
Fig. 2 is a flowchart of a method for truncating data to be encrypted according to an embodiment.
Fig. 3 is a flowchart illustrating a method for federation nexus to communicate an encryption key according to an embodiment.
FIG. 4 is a flowchart illustrating a method for distributing sub-data of federation link node P0 according to an embodiment.
FIG. 5 illustrates an embodiment federated chain node PjThe sub-data schematic diagram is preserved in redundancy.
FIG. 6 is a flowchart of a method for distributing sub-data by triple federation link node P0 according to an embodiment.
Detailed Description
The following provides a more detailed description of the present invention, with reference to the accompanying drawings.
The first embodiment is as follows:
a federation chain data encryption method, comprising the steps of:
step A), the federation chain node P0 generates or receives data D to be encrypted, please refer to FIG. 1 and FIG. 2, and then the federation chain node P0 truncates the data D to be encrypted into n parts of sub-data:
referring to fig. 2 again, the process of cutting the data D to be encrypted into n parts of sub-data includes: step A1) the alliance-link node P0 associates a unique identification code k for the data to be encrypted. The data ownership can be conveniently determined and verified through the unique identification code k, the unique identification code k can maintain a public identification code k in the alliance chain, and an identification code k can be distributed to each alliance chain node1Each federation link point maintains a unique identifier k2From k by1And k2Constituting the unique identification code k. As shown in table 1, 3126 is the identification of federation chain node P0, 0547 is the 547 th piece of data to be encrypted generated by federation chain node P0, and 31260547 thus constitutes the unique identification of data D to be encrypted. A2) The alliance link node P0 generates a public-private key pair, and encrypts the data D to be encrypted by using the public key, and records the data D as the data Dk. Step A3) federation chain node P0 will data DkTruncating to n parts to obtain a data structure { D'kiK, i }, wherein D'kiRepresenting truncated data DkThe data segments obtained, i denotes the truncation order, with dki,i∈[1,n]Represents a data structure { D'kiK, i), data step DkThe total amount was 32 parts.
Table 1 data structure generated in this example
Figure BDA0003096915060000041
Step B) n alliance-link nodes Pj,j∈[1,n]Declaring participation data DkThe federation link node P0 generates two pairs of new public-private keys
Figure BDA0003096915060000051
And
Figure BDA0003096915060000052
value of broadcast n, held by federation chain node P0
Figure BDA0003096915060000053
Parallel federation link node Pj,j∈[1,n]Disclosed is a
Figure BDA0003096915060000054
Federation chain node P0 is slave to federation chain node Pj,j∈[1,n]Randomly appointing a alliance link node Pe1Using federation link nodes Pe1Public key encryption carrier of
Figure BDA0003096915060000055
Then sent to the alliance link node Pe1. In this embodiment, a 512-bit key is generated, and the federation chain node P0 generates a transitive body of { MFww … EAAQ ═ 32}, a federation chain node Pe1The get key MFww … EAAQ holds the corresponding private key in federation chain node P0.
Step C) alliance link node Pe1Obtaining a carrier by means of its private key
Figure BDA0003096915060000056
Referring to FIG. 3, step C1) federation link node Pe1Generating a public-private key pair
Figure BDA0003096915060000057
And
Figure BDA0003096915060000058
step C2) will
Figure BDA0003096915060000059
Use of
Figure BDA00030969150600000510
Encryption acquisition
Figure BDA00030969150600000511
n is reduced by 1 and its value is broadcast, step C3) federation chain node Pe1From federation chain node Pj,j∈[1,n]Randomly appointing a alliance link node Pe2Using federation link nodes Pe2Public key encryption carrier of
Figure BDA00030969150600000512
It is disclosed later, as a federation chain node Pe1Can directly send the encrypted carrier to the alliance chain node Pe2The alliance link node P can also be enabled to be in a broadcasting modee2Obtaining, Using a Federation Link node Pe2Public key encryption carrier of
Figure BDA00030969150600000513
Of a main purpose, federation chain node Pe1Storing
Figure BDA00030969150600000514
Federation link node Pe2Obtaining a carrier by means of its private key
Figure BDA00030969150600000515
Federation link node Pe2Preservation of
Figure BDA00030969150600000516
And n.
Table 2 transfer process of transfersome in this example
Is assigned to Transmission body
Federation chain node Pe1 Rev:{MFww…EAAQ==,32},Send:{ZIhv…+bnC==,31}
Federation chain node Pe2 Rev:{ZIhv…+bnC==,31},Send:{G9w0…wggE==,30}
Federation chain node Pe3 Rev:{G9w0…wggE==,30},Send:{EAAk…xxiI==,29}
Federation chain node Pe1 Rev:{EAAk…xxiI==,29},Send:{EAAk…xxiI==,29}
Federation chain node Pe4 Rev:{EAAk…xxiI==,29},Send:{Dfv3…CvHi==,28}
Federation chain node Pe3 Rev:{Dfv3…CvHi==,28},Send:{Dfv3…CvHi==,28}
Federation chain node Pe5 Rev:{Dfv3…CvHi==,28},Send:{DGl2…Fqjf==,27}
Federation link point Pe32 Rev:{MFww…EAAQ==,1}
Referring to table 2, after receiving the carrier { MFww … EAAQ ═ 32}, the federation chain node Pe1 stores the carrier, generates a new public-private key, and uses the public key
Figure BDA00030969150600000517
And encrypting to obtain ZIhv … + bnC, subtracting the value of n by 1, constructing a transitive body { ZIhv … + bnC ═ 31}, and selecting a public key of the federation chain node Pe2 to encrypt the transitive body and send the public key. Pe2 is only used to indicate the order in which federation chain nodes receive the carrier for the first time, and does not indicate that the next federation chain node is selected in order, which is randomly selected. When the federation chain node Pe1 is selected for the second time, a public key of the federation chain node is randomly selected, the transitive body is directly encrypted again and then sent out, the value of n is not changed, and the effect of transmission is achieved.
Step D) the selected alliance chain node repeatedly executes the step C) in turn until the broadcast delivery n value is 1, and then the step E) is carried out. If the node P of the alliance chaineIs specified again after being specified, the decryption obtains
Figure BDA0003096915060000061
Then, from the federation chain node PjRandomly appointing a alliance link node Pe′Using federation link nodes Pe′Public key encryption carrier of
Figure BDA0003096915060000062
Which will be disclosed later.
Step E) the alliance-link node P0 randomly distributes n parts of sub-data to the alliance-link node PjPlease refer to fig. 4, which includes: step E1) federation chain node P0 will dkiIn a broadcast manner at a federation chain node PjInter-transfer, each federation chain node PjAll can obtain dki. Step E2) federation link node PjEach stores oneN values, federation chain node PjAnd retaining the transfersomes of the order corresponding to the stored n values, and discarding the rest transfersomes.
Federation link node PjThe received sub-data is processed with
Figure BDA0003096915060000063
Representation, federation chain node P0 publication
Figure BDA0003096915060000064
Federation link node PjUse of
Figure BDA0003096915060000065
Decrypting respectively received
Figure BDA0003096915060000066
To obtain
Figure BDA0003096915060000067
Use of
Figure BDA0003096915060000068
Encrypted subdata
Figure BDA0003096915060000069
To obtain
Figure BDA00030969150600000610
Federation link node PjWill be provided with
Figure BDA00030969150600000611
Sending the data to the address designated by the alliance link node P0, and the alliance link node P0 sending the encrypted subdata
Figure BDA00030969150600000612
Obtaining encrypted data D 'after packaging'k. Federation link node Pe1The received configuration data is encrypted using the public key MFww … EAAQ. For federation chain node Pe1, MFww … EAAQ is used ═ using
Figure BDA00030969150600000613
After decryption, the public key EI9H … AQIg is obtained, the structure data {192Rhn9F,31260547,2} is encrypted with the public key EI9H … AQIg, and then sent to the address designated by the federation chain node P0, and the federation chain node P0 is collected and then packaged for storage.
Step F) requires data D'kUpon decryption, federation chain node P0 will be data D'kUnpacking and obtaining
Figure BDA00030969150600000614
Federation link node P0 will be according to order i
Figure BDA00030969150600000615
In correct order, will
Figure BDA00030969150600000616
Private key encryption using federation chain node P0, federation chain node PjReading d 'of corresponding sequence of n values stored by the memory'kiNode P of the federation chainjPublic key decryption acquisition using federation chain node P0
Figure BDA00030969150600000617
And then try to use
Figure BDA00030969150600000618
Decrypting, if the decryption can be successfully performed, decrypting the decrypted subdata
Figure BDA00030969150600000619
Sending to the address designated by the federation chain node P0, and decrypting by the federation chain node P0 using the private key generated in step A2) to obtain data D. Private key encryption of federation chain node P0 can prove that federation chain node P0 is to data D'kIs owned by a federation chain node PjReading
Figure BDA00030969150600000620
And attempt to use
Figure BDA00030969150600000621
Decryption ifIf the decryption can be successfully performed, the decrypted subdata is used
Figure BDA0003096915060000071
To the address specified by federation chain node P0.
The beneficial technical effects of this embodiment do: the public keys in the public and private keys generated by the alliance link points are used for encrypting the subdata received by other alliance link nodes, the private keys used for decryption are stored in the local alliance link points, the data encryption and decryption among the alliance link nodes are realized, the participation of other alliance link nodes is inevitably needed, the decryption cannot be finished once the data in the alliance link nodes are separated from an alliance link intranet environment, the privacy of the alliance link data is guaranteed, the encrypted data can be successfully decrypted only by the participation of all the alliance link nodes participating in the encryption, the decryption difficulty and the cost are very high, and the security of the alliance link data is improved. Recording the technical contents in step B) and step C) so that the federation chain node PjUncertain knowledge and
Figure BDA0003096915060000072
corresponding to
Figure BDA0003096915060000073
And the node is received and used by the node, so that the cracking difficulty is improved.
Example two:
referring to fig. 5, in step E) of this embodiment, a federation link node PjExcept for the structural data d which retains the corresponding order of the n values stored thereinknIn addition, the structure data d is also retainedkn′N ═ n + z, z is a constant, federation chain node PjUse of
Figure BDA0003096915060000074
Separately encrypt the sub-data dknAnd dkn′And the encrypted subdata is sent to the address designated by the alliance link node P0, and the alliance link node P0 sends all the encrypted subdata
Figure BDA0003096915060000075
And (6) packaging. The other steps are the same as those in the first embodiment, and compared with the first embodiment, each node in the technical scheme described in this embodiment encrypts two pieces of structural data, so that each piece of structural data has one backup, and the situation that decryption cannot be performed when an unexpected error occurs in encryption is avoided.
Example three:
referring to fig. 6, in step E) of this embodiment, a federation link node P0 randomly allocates n sub-data to the federation link node PjThe method comprises the following steps: step E11) federation chain node P0 will all dkiSent to a federation link node Pe1Step E12) federation link node Pe1Structural data d for retaining the corresponding order of n values stored thereinknThen, from dkiDeletion in dknStep E13) and then d will remainkiSent to a federation link node Pe1Designated federation chain node, i.e. federation chain node Pe2Step E14), the n sub-data can be randomly distributed to the alliance-link node Pj. The other steps are the same as those of the first embodiment, and compared with the first embodiment, the technical scheme recorded in the embodiment reduces dkiThe transmission times in the intranet environment of the alliance chain reduce the network requirements.
The above-described embodiments are only preferred embodiments of the present invention, and are not intended to limit the present invention in any way, and other variations and modifications may be made without departing from the spirit of the invention as set forth in the claims.

Claims (8)

1. A method for encrypting alliance-link data,
the method comprises the following steps:
step A), the alliance link node P0 cuts the data to be encrypted into n parts of sub data;
step B), n alliance chain nodes declare to participate in data encryption and decryption, alliance chain node P0 generates two pairs of public and private secret keys, a first public key is disclosed, a second public key is associated with the value n to serve as a transitive body, and the public key of one alliance chain node is randomly selected to encrypt the transitive body and then broadcast;
step C), the alliance link node obtains the transitive body, a new public-private key pair is generated, the value of n is reduced by 1, a newly generated public key is associated with the new value of n to serve as the transitive body, the transitive body is encrypted by using the first public key, and the public key of one alliance link node is randomly selected again to encrypt the transitive body and then broadcast;
step D), executing the step C) by the selected alliance chain node until the value of n is 1, and entering the step E);
step E), randomly distributing n parts of sub data to the alliance link nodes by the alliance link node P0, then disclosing a first private key, decrypting the transfersome by the alliance link nodes respectively to obtain public keys in the transfersome, encrypting the sub data by using the obtained public keys, and gathering and packaging the encrypted sub data;
and F) when the data needs to be decrypted, the alliance link node P0 unpacks the encrypted data to obtain encrypted subdata, the alliance link node tries to decrypt the subdata, if the decryption can be successful, the decrypted subdata is sent to an address designated by the alliance link node P0 until all decrypted subdata is collected, and the decrypted data is obtained.
2. A federation chain data encryption method as recited in claim 1,
in step a), the method for truncating the data to be encrypted into n parts of sub-data by the federation link node P0 includes:
step A1) the alliance link node P0 associates a unique identification code k for the data to be encrypted;
step A2) generating a public-private key pair by the alliance link node P0, encrypting data to be encrypted by using a public key, and recording the data as data k;
step a3) the federation chain node P0 truncates the data k into n shares, and obtains a data structure dki of { Dki, k, i }, where Dki represents the data segment obtained by truncating the data k and i represents the truncation order.
3. A federation chain data encryption method as recited in claim 2,
in step F), after unpacking the encrypted data, the federation link node P0 encrypts the obtained encrypted subdata with the private key of the federation link node P0, the federation link node decrypts with the public key of the federation link node P0 and tries to decrypt with the private key reserved by itself, if decryption is successful, the decrypted subdata is sent to the address specified by the federation link node P0, and the federation link node P0 decrypts with the private key generated in step a2) to obtain the data.
4. A federation chain data encryption method according to claim 2 or 3,
in the step D), if the alliance chain node is appointed again, after a transfersome is obtained through decryption, a public key of one alliance chain node is randomly selected from other alliance chain nodes to encrypt the transfersome and broadcast.
5. A federation chain data encryption method according to claim 2 or 3,
in step E), the method for randomly allocating n pieces of sub data to the federation link node P0 includes:
the federation chain node P0 transmits the sub-data among the federation chain nodes in a broadcast mode, each federation chain node can obtain all the sub-data, each federation chain node respectively stores a value of n, and the federation chain node stores the sub-data of the order corresponding to the value of n.
6. A federation chain data encryption method according to claim 2 or 3,
and F), the alliance link node P0 correctly sequences the subdata according to the sequence i, reads the subdata in the sequence corresponding to the n value stored by the alliance link node, and then decrypts the subdata by using the private key stored in the alliance link node.
7. A federation chain data encryption method as recited in claim 5,
in the step E), the alliance link node reserves subdata in the sequence corresponding to the n value of the alliance link node, and reserves subdata in the next sequence, the alliance link node encrypts the two subdata respectively by using the received public key, sends the encrypted subdata to an address designated by the alliance link node P0, and packs all the encrypted subdata by the alliance link node P0.
8. A federation chain data encryption method according to any one of claims 2 or 3,
in step E), the method for randomly allocating n pieces of sub data to the federation link node P0 includes:
and the alliance link node P0 sends all the subdata to any alliance link node, the alliance link node retains the subdata in the sequence corresponding to the n values stored in the alliance link node, deletes the subdata from all the subdata, sends the residual subdata to any appointed alliance link node, and transmits the subdata in sequence to randomly distribute the n parts of the subdata to the alliance link node.
CN202110616574.1A 2021-06-02 2021-06-02 Alliance link data encryption method Active CN113378192B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110616574.1A CN113378192B (en) 2021-06-02 2021-06-02 Alliance link data encryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110616574.1A CN113378192B (en) 2021-06-02 2021-06-02 Alliance link data encryption method

Publications (2)

Publication Number Publication Date
CN113378192A true CN113378192A (en) 2021-09-10
CN113378192B CN113378192B (en) 2022-06-10

Family

ID=77575607

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110616574.1A Active CN113378192B (en) 2021-06-02 2021-06-02 Alliance link data encryption method

Country Status (1)

Country Link
CN (1) CN113378192B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180343114A1 (en) * 2015-11-24 2018-11-29 Adi BEN-ARI A system and method for blockchain smart contract data privacy
CN109302495A (en) * 2018-11-20 2019-02-01 北京邮电大学 A kind of date storage method and device
CN109523267A (en) * 2018-10-30 2019-03-26 苏宁易购集团股份有限公司 A kind of verification method, the apparatus and system of the transaction data based on block chain
CN110366839A (en) * 2017-03-06 2019-10-22 区块链控股有限公司 Computer-implemented system and method
CN112597527A (en) * 2021-03-05 2021-04-02 浙江数秦科技有限公司 Data access method for preventing alliance chain data leakage

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180343114A1 (en) * 2015-11-24 2018-11-29 Adi BEN-ARI A system and method for blockchain smart contract data privacy
CN110366839A (en) * 2017-03-06 2019-10-22 区块链控股有限公司 Computer-implemented system and method
CN109523267A (en) * 2018-10-30 2019-03-26 苏宁易购集团股份有限公司 A kind of verification method, the apparatus and system of the transaction data based on block chain
CN109302495A (en) * 2018-11-20 2019-02-01 北京邮电大学 A kind of date storage method and device
CN112597527A (en) * 2021-03-05 2021-04-02 浙江数秦科技有限公司 Data access method for preventing alliance chain data leakage

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
俞学劢: "区块链的4大核心技术", 《金卡工程》 *

Also Published As

Publication number Publication date
CN113378192B (en) 2022-06-10

Similar Documents

Publication Publication Date Title
CN108600227B (en) Medical data sharing method and device based on block chain
US6118874A (en) Encrypted data recovery method using split storage key and system thereof
TWI714219B (en) Block chain-based business data encryption method and device
US20220006627A1 (en) Quantum key distribution node apparatus and method for quantum key distribution thereof
EP3324355B1 (en) Contract agreement method, agreement verification method, contract agreement system, agreement verification device, contract agreement device, contract agreement program and agreement verification program
US6363480B1 (en) Ephemeral decryptability
EP3654580B1 (en) Communication device and communication method used in decentralized network
CN112468297B (en) Key backup method and device based on block chain
JP3620138B2 (en) Key sharing system
US11569989B2 (en) Blockchain system for hardening quantum computing security
CN110690962B (en) Application method and device of service node
CN110688666B (en) Data encryption and preservation method in distributed storage
CN107315967B (en) Data matching method and device and computer readable storage medium
CN112597526B (en) Security data access method for alliance chain
WO2023109268A1 (en) Block chain message transmission method and device, client, and storage medium
CN116204923A (en) Data management and data query methods and devices
CN112654972A (en) Blockchain setup with restricted transactions
CN113378192B (en) Alliance link data encryption method
CN111526167A (en) Data transmission method and device applied to block chain
JP2002084269A (en) Recovery method for private key and storage method
EP3902196B1 (en) Restoration of a distributed key from a backup storage
US11082406B2 (en) System and method for providing end-to-end security of data and metadata
CN113377768B (en) Distributed account book access method based on alliance chain
CN112187456A (en) Key hierarchical management and collaborative recovery system and method
Abd Al-Rahman et al. Design a mobile application for vehicles managing of a transportation issue

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant