CN113378192B - Alliance link data encryption method - Google Patents

Alliance link data encryption method Download PDF

Info

Publication number
CN113378192B
CN113378192B CN202110616574.1A CN202110616574A CN113378192B CN 113378192 B CN113378192 B CN 113378192B CN 202110616574 A CN202110616574 A CN 202110616574A CN 113378192 B CN113378192 B CN 113378192B
Authority
CN
China
Prior art keywords
data
alliance
node
subdata
link node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110616574.1A
Other languages
Chinese (zh)
Other versions
CN113378192A (en
Inventor
张金琳
俞学劢
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Shuqin Technology Co Ltd
Original Assignee
Zhejiang Shuqin Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Shuqin Technology Co Ltd filed Critical Zhejiang Shuqin Technology Co Ltd
Priority to CN202110616574.1A priority Critical patent/CN113378192B/en
Publication of CN113378192A publication Critical patent/CN113378192A/en
Application granted granted Critical
Publication of CN113378192B publication Critical patent/CN113378192B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of data security, in particular to a federation chain data encryption method, which comprises the following steps: step A), data to be encrypted is cut off; step B), the alliance link node declares to participate in encryption and decryption, and appoints one alliance link node to send a public key; step C), distributing public keys among the alliance chain nodes; step D), the selected alliance link nodes sequentially and repeatedly execute the step C) until the value of n transmitted by the broadcast is 1; step E), distributing the subdata to the alliance link nodes, encrypting the subdata, and packaging the encrypted subdata to obtain encrypted data; and F) unpacking the encrypted data, reading the unpacked subdata by the link points of the alliance and trying to decrypt, and if decryption can be successfully performed, sending the decrypted subdata to a specified address. The substantial effects of the invention are as follows: once the data in the alliance chain environment is in the intranet environment, decryption cannot be completed, and privacy and safety of the alliance chain data are guaranteed.

Description

Data encryption method for alliance chain
Technical Field
The invention relates to the technical field of data security, in particular to a federation chain data encryption method.
Background
A federation chain is typically built with multiple organizations or organizations involved, and is a block chain implementation between a public chain and a private chain. Although the security of the alliance chain is poorer than that of the public chain, the data privacy of the alliance chain is obviously higher than that of the common chain, and the alliance chain is commonly used for enterprise services. Each organization or organization participating in the federation chain manages one or more nodes, and data on the federation chain is only allowed to be read from, written to, and transmitted within the intranet environment of the federation chain. The alliance chain has the characteristics of low cost and high efficiency, and is suitable for transactions or settlements among different entities and the like. The data security and privacy of the federation chain stems from mutual trust between the organizations or institutions involved in building the federation chain, as well as reward and punishment management mechanisms. Once the organization or organization participating in the building of the federation chain is not autonomous enough, the data on the federation chain can be easily revealed, and the influence is huge for the industry where the data is sensitive. There is thus a need to develop a technical approach applicable between federation chains that is more capable of protecting data security and privacy.
Chinese patent CN111526219B, published 2021, 2, 9, a method for identifying federation chains and a federation chain system, comprising: the consensus master node splits proposed data to be consensus into data blocks corresponding to consensus backup nodes based on an erasure code technology, the data blocks obtained by splitting the proposed data correspond to hash values calculated based on the erasure code technology, the consensus master node sends the data blocks obtained by splitting the proposed data to the corresponding consensus backup nodes, receives the consensus backup nodes of the data blocks sent by the consensus master node, forwards the data blocks to other consensus backup nodes, and initiates consensus of the proposed data based on a practical Byzantine fault-tolerant PBFT protocol, sending the hash value of the data block into which the proposed data is split by the message of the PBFT protocol to the consensus backup node, the consensus backup node being based on the hash values of the data blocks in the message of the PBFT protocol, and checking the obtained data blocks split by the proposal data to execute the consensus logic of the PBFT protocol on the proposal data successfully checked. But the technical problem of data leakage can be caused when the nodes which are not autonomous or have imperfect management exist in the alliance chain.
Disclosure of Invention
The technical problem to be solved by the invention is as follows: the data security and privacy on the existing alliance chain are not high enough. The method can limit the use of the data of the alliance chain in an alliance chain intranet environment through an improved encryption method.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows: a federation chain data encryption method, comprising the steps of: step A), the alliance link node P0 cuts the data to be encrypted into n parts of sub data; step B), n alliance chain nodes declare to participate in data encryption and decryption, alliance chain node P0 generates two pairs of public and private secret keys, a first public key is disclosed, a second public key is associated with the value n to serve as a transitive body, and the public key of one alliance chain node is randomly selected to encrypt the transitive body and then broadcast; step C), the alliance link node obtains the transitive body, a new public-private key pair is generated, the value of n is reduced by 1, a newly generated public key is associated with the new value of n to serve as the transitive body, the transitive body is encrypted by using the first public key, and the public key of one alliance link node is randomly selected again to encrypt the transitive body and then broadcast; step D), executing the step C) by the selected alliance chain node until the value of n is 1, and entering the step E); step E), randomly distributing n parts of sub data to the alliance link nodes by the alliance link node P0, then disclosing a first private key, decrypting the transfersome by the alliance link nodes respectively to obtain public keys in the transfersome, encrypting the sub data by using the obtained public keys, and summarizing and packaging the encrypted sub data; and F) when the data needs to be decrypted, the alliance link node P0 unpacks the encrypted data to obtain encrypted subdata, the alliance link node tries to decrypt the subdata, if the decryption can be successful, the decrypted subdata is sent to an address designated by the alliance link node P0 until all decrypted subdata is collected, and the decrypted data is obtained. The public keys in the public and private keys generated by the alliance link points are used for encrypting the subdata received by other alliance link nodes, the private keys used for decryption are stored in the local alliance link points, the data encryption and decryption among the alliance link nodes are realized, the participation of other alliance link nodes is inevitably needed, the decryption cannot be finished once the data in the alliance link nodes are separated from an alliance link intranet environment, the privacy of the alliance link data is guaranteed, the encrypted data can be successfully decrypted only by the participation of all the alliance link nodes participating in the encryption, the decryption difficulty and the cost are very high, and the security of the alliance link data is improved. The technical contents recorded in the step B) and the step C) enable the alliance link points to be unable to know clearly which node receives and uses the public key corresponding to the private key, and therefore the cracking difficulty is improved.
Preferably, in step a), the method for the federation link node P0 to truncate the data to be encrypted into n parts of sub-data includes: step A1) the alliance link node P0 associates a unique identification code k for the data to be encrypted; step A2) generating a public-private key pair by the alliance link node P0, encrypting data to be encrypted by using a public key, and recording the data as data k; step a3) the federation chain node P0 truncates the data k into n shares, and obtains a data structure dki { Dki, k, i }, where Dki represents the data segment obtained by truncating the data k and i represents the truncation order. The truncation sequence i is convenient for sequencing, splicing and restoring the truncated data, and the data to be encrypted is firstly encrypted once and then sent to other alliance chain nodes, so that the privacy of the data to be encrypted is ensured.
Preferably, in step F), after unpacking the encrypted data, the federation chain node P0 encrypts the obtained encrypted sub-data with the private key of the federation chain node P0, and after decrypting with the public key of the federation chain node P0 and attempting to decrypt with the private key reserved by itself, if decryption is successful, the decrypted sub-data is sent to the address specified by the federation chain node P0, and the federation chain node P0 decrypts the obtained data with the private key generated in step a 2). Private key encryption of the federation link node P0 can prove ownership of the data by the federation link node P0, and prevent the data from being decrypted and successful by other federation link nodes.
Preferably, in step D), if the federation chain node is designated again after having been designated, after the forwarding body is obtained by decryption, the public key of one federation chain node is randomly selected from other federation chain nodes to encrypt the forwarding body and broadcast. So that the node holding the private key cannot know to which node its corresponding public key is passed.
Preferably, in step E), the method for randomly allocating n pieces of sub-data to the federation link node P0 is as follows: the federation link node P0 transmits the sub-data among the federation link nodes in a broadcast mode, each federation link node can obtain all the sub-data, each federation link node respectively stores a value of n, and the federation link nodes store the sub-data of the order corresponding to the value of n. The federation link node P0 cannot know which federation link node the n parts of sub-data are distributed to, and the cracking difficulty is further improved.
Preferably, in step F), the federation link node P0 correctly orders the sub-data according to the order i, and the federation link node reads the sub-data in the order corresponding to the n value stored by the federation link node, and then decrypts the sub-data by using the private key stored in each federation link node.
Preferably, in step E), the federation link node retains the sub-data in the sequence corresponding to the n value, and retains the sub-data in the next sequence, the federation link node encrypts two sub-data respectively by using the received public key, and sends the encrypted sub-data to the address designated by the federation link node P0, and the federation link node P0 packs all the encrypted sub-data. The transmission frequency of the subdata in the alliance chain intranet environment is reduced, and the consumption of network resources is reduced.
Preferably, in step E), the method for randomly allocating n pieces of sub-data to the federation link node P0 is as follows: and the alliance link node P0 sends all the subdata to any alliance link node, the alliance link node retains the subdata in the sequence corresponding to the n values stored in the alliance link node, deletes the subdata from all the subdata, sends the residual subdata to any appointed alliance link node, and transmits the subdata in sequence to randomly distribute the n parts of the subdata to the alliance link node.
The substantial effects of the invention are as follows: 1) when data is decrypted, other alliance chain nodes need to participate, so that the data in the alliance chain cannot be decrypted once the data is separated from the alliance chain intranet environment, and the privacy of the alliance chain data is guaranteed; 2) and the encrypted data can be successfully decrypted only by the participation of all the alliance chain nodes participating in encryption, so that the cracking difficulty and the cost are very high, and the security of the alliance chain data is improved.
Drawings
Fig. 1 is a flowchart of an encryption/decryption method according to an embodiment.
Fig. 2 is a flowchart of a method for truncating data to be encrypted according to an embodiment.
Fig. 3 is a flowchart illustrating a method for federation nexus to communicate an encryption key according to an embodiment.
FIG. 4 is a flowchart illustrating a method for distributing sub-data of federation link node P0 according to an embodiment.
FIG. 5 illustrates an embodiment federated chain node PjThe sub-data schematic diagram is preserved in redundancy.
FIG. 6 is a flowchart of a method for distributing sub-data by triple federation link node P0 according to an embodiment.
Detailed Description
The following provides a more detailed description of the present invention, with reference to the accompanying drawings.
The first embodiment is as follows:
a federation chain data encryption method, comprising the steps of:
step A), the federation chain node P0 generates or receives data D to be encrypted, please refer to FIG. 1 and FIG. 2, and then the federation chain node P0 truncates the data D to be encrypted into n parts of sub-data:
referring to fig. 2 again, the process of cutting the data D to be encrypted into n parts of sub-data includes: step A1) the alliance-link node P0 associates a unique identification code k for the data to be encrypted. The data ownership can be conveniently determined and verified through the unique identification code k, the unique identification code k can maintain a public identification code k in the alliance chain, and an identification code k can be distributed to each alliance chain node1Each federation link point maintains a unique identifier k2From k by1And k2Constituting the unique identification code k. As shown in Table 1, 3126 is the identification of federation chain node P0, 0547 is the 547 nd piece of data to be encrypted generated by federation chain node P0, and 31260547 thus constitutes a unique identification of the data D to be encrypted. A2) The alliance link node P0 generates a public-private key pair, and encrypts the data D to be encrypted by using the public key, and records the data D as the data Dk. Step A3) federation chain node P0 will data DkTruncating to n parts to obtain a data structure { D'kiK, i }, wherein D'kiRepresenting truncated data DkThe data segments obtained, i denotes the truncation order, with dki,i∈[1,n]Represents a data structure { D'kiK, i }, data step DkThe total amount was 32 parts.
Table 1 data structure generated in this example
Figure GDA0003599161650000041
Figure GDA0003599161650000051
Step B) n alliance-link nodes Pj,j∈[1,n]Declaring participation data DkThe federation link node P0 generates two pairs of new public-private keys
Figure GDA0003599161650000052
And
Figure GDA0003599161650000053
value of broadcast n, held by federation chain node P0
Figure GDA0003599161650000054
Parallel federation link node Pj,j∈[1,n]Disclosed is a
Figure GDA0003599161650000055
Federation chain node P0 is slave to federation chain node Pj,j∈[1,n]Randomly appointing a federation chain node Pe1, and using public key encryption carrier of the federation chain node Pe1
Figure GDA0003599161650000056
And then sent to the federation chain node Pe 1. In this embodiment, a 512-bit key is generated, the federation chain node P0 generates a transitive body of { MFww … EAAQ ═ 32}, the federation chain node Pe1 obtains the key MFww … EAAQ ═ and the federation chain node P0 holds a corresponding private key.
Step C), the federation chain node Pe1 obtains the transfersome by means of the private key thereof
Figure GDA0003599161650000057
Referring to FIG. 3, step C1) the federation chain node Pe1 generates a public-private key pair
Figure GDA0003599161650000058
And
Figure GDA0003599161650000059
step C2) will
Figure GDA00035991616500000510
Use of
Figure GDA00035991616500000511
Encryption acquisition
Figure GDA00035991616500000512
n is decremented by 1 and its value is broadcast, step C3) federation chain node Pe1 from federation chain node PjRandomly appointing a federation chain node Pe2, and adding a public key of the federation chain node Pe2Dense transfersome
Figure GDA00035991616500000513
And then it is disclosed that the federation chain node Pe1 can directly send the encrypted carrier to the federation chain node Pe2, or can obtain the federation chain node Pe2 in a broadcasting mode, and use the public key of the federation chain node Pe2 to encrypt the carrier
Figure GDA00035991616500000514
For the main purpose of privacy, federation chain node Pe1 stores
Figure GDA00035991616500000515
Federation chain node Pe2 obtains the carrier by means of its private key
Figure GDA00035991616500000516
Federation chain node Pe2 stores
Figure GDA00035991616500000517
And n.
Table 2 transfer process of transfersome in this example
Figure GDA00035991616500000518
Figure GDA0003599161650000061
Referring to table 2, after receiving the carrier { MFww … EAAQ ═ 32}, the federation chain node Pe1 stores the carrier, generates a new public-private key, and uses the public key
Figure GDA0003599161650000062
And obtaining ZIhv … + bnC ═ by encryption, reducing the value of n by 1, constructing a transitive body { ZIhv … + bnC ═ 31}, and selecting a public key of the federation chain node Pe2 to encrypt the transitive body and send the public key. Pe2 is only used to indicate the order in which federation chain nodes receive the transitive body for the first time, and does not indicate that the next federation is selected in sequenceAnd selecting the next alliance link node by the alliance link node. When the federation chain node Pe1 is selected for the second time, a public key of the federation chain node is randomly selected, the transitive body is directly encrypted again and then sent out, the value of n is not changed, and the effect of transmission is achieved.
Step D) the selected alliance chain node repeatedly executes the step C) in turn until the broadcast delivery n value is 1, and then the step E) is carried out. If the alliance chain node Pe is specified again after being specified, decryption is carried out to obtain
Figure GDA0003599161650000063
Then, from the federation chain node PjRandomly appointing a alliance chain node Pe', and using the public key encryption transitive body of the alliance chain node Pe
Figure GDA0003599161650000064
Which will be disclosed later.
Step E) the alliance-link node P0 randomly distributes n parts of sub-data to the alliance-link node PjPlease refer to fig. 4, which includes: step E1) federation chain node P0 will dkiIn a broadcast manner at a federation chain node PjInter-delivery, each federation link node PjAll can obtain all dki. Step E2) federation link node PjEach holding a value of n, a federation chain node PjAnd retaining the transfersomes of the order corresponding to the stored n values, and discarding the rest transfersomes.
Federation link node PjThe received sub-data is processed with
Figure GDA0003599161650000065
Representation, federation chain node P0 publication
Figure GDA0003599161650000066
Federation link node PjUse of
Figure GDA0003599161650000067
Decrypting respectively received
Figure GDA0003599161650000068
To obtain
Figure GDA0003599161650000069
Use of
Figure GDA00035991616500000610
Encrypted subdata
Figure GDA00035991616500000611
To obtain
Figure GDA00035991616500000612
Federation link node PjWill be provided with
Figure GDA00035991616500000613
Sending the data to the address designated by the alliance link node P0, and the alliance link node P0 sending the encrypted subdata
Figure GDA00035991616500000614
Obtaining encrypted data D after packaging k. For federation chain node Pe1, MFww … EAAQ is used ═ using
Figure GDA00035991616500000615
After decryption, the public key EI9H … AQIg is obtained, and the structure data {192Rhn9F,31260547,2} is encrypted with the public key EI9H … AQIg, and then sent to the address designated by federation chain node P0, and the federation chain node P0 is collected and then packaged for storage.
Step F) requires data D'kUpon decryption, federation chain node P0 will be data D'kUnpacking and obtaining
Figure GDA00035991616500000616
Federation link node P0 will be according to order i
Figure GDA00035991616500000617
In correct order, will
Figure GDA00035991616500000618
Private key plus using federation chain node P0Cipher, alliance chain node PjReading d 'of corresponding sequence of n values stored by the memory'kiNode P of the federation chainjPublic key decryption acquisition using federation chain node P0
Figure GDA0003599161650000071
And then try to use
Figure GDA0003599161650000072
Decrypting, if the decryption can be successfully performed, decrypting the decrypted subdata
Figure GDA0003599161650000073
Sent to the address designated by federation link node P0, and the federation link node P0 decrypts to obtain data D by using the private key generated in step A2). Private key encryption of federation chain node P0 can prove that federation chain node P0 is to data D'kIs owned by a federation chain node PjReading
Figure GDA0003599161650000074
And attempt to use
Figure GDA0003599161650000075
Decrypting, if the decryption can be successfully performed, decrypting the decrypted subdata
Figure GDA0003599161650000076
To the address specified by federation chain node P0.
The beneficial technical effects of this embodiment do: the public keys in the public and private keys generated by the alliance link points are used for encrypting the subdata received by other alliance link nodes, the private keys used for decryption are stored in the local alliance link points, the data encryption and decryption among the alliance link nodes are realized, the participation of other alliance link nodes is inevitably needed, the decryption cannot be finished once the data in the alliance link nodes are separated from an alliance link intranet environment, the privacy of the alliance link data is guaranteed, the encrypted data can be successfully decrypted only by the participation of all the alliance link nodes participating in the encryption, the decryption difficulty and the cost are very high, and the security of the alliance link data is improved. Described in step B) andthe technical content in the step C) leads the alliance link node PjCannot know and with certainty
Figure GDA0003599161650000077
Corresponding to
Figure GDA0003599161650000078
And the node is received and used by the node, so that the cracking difficulty is improved.
Example two:
referring to fig. 5, in step E) of this embodiment, a federation link node PjExcept for the structural data d which retains the corresponding order of the n values stored thereinknIn addition, the structure data d is also retainedkn′N ═ n + z, z is a constant, federation chain node PjUse of
Figure GDA0003599161650000079
Separately encrypt the sub-data dknAnd dkn′And the encrypted subdata is sent to the address designated by the alliance link node P0, and the alliance link node P0 sends all the encrypted subdata
Figure GDA00035991616500000710
And (6) packaging. The rest steps are the same as those in the first embodiment, and compared with the first embodiment, in the technical scheme described in the first embodiment, each node encrypts two pieces of structural data, so that each piece of structural data has a backup, and the situation that decryption cannot be performed when unexpected errors occur in encryption is avoided.
Example three:
referring to fig. 6, in step E) of this embodiment, a federation link node P0 randomly allocates n sub-data to the federation link node PjThe method comprises the following steps: step E11) federation chain node P0 will all dkiSent to the federation chain node Pe1, step E12) the federation chain node Pe1 retains the structural data d of the order corresponding to the n values it holdsknThen, from dkiDeletion in dknStep E13) and then d will remainkiSending the designated federation of the federation chain node Pe1The alliance chain node, namely the alliance chain node Pe2, and the step E14) is sequentially transmitted, so that the n parts of sub data can be randomly distributed to the alliance chain node Pj. The other steps are the same as those in the first embodiment, and compared with the first embodiment, d is reduced by the technical scheme described in the first embodimentkiThe transmission times in the intranet environment of the alliance chain reduce the network requirements.
The above-described embodiments are only preferred embodiments of the present invention, and are not intended to limit the present invention in any way, and other variations and modifications may be made without departing from the spirit of the invention as set forth in the claims.

Claims (8)

1. A method for encrypting alliance-link data,
the method comprises the following steps:
step A), the alliance link node P0 cuts the data to be encrypted into n parts of sub data;
step B), n alliance chain nodes declare to participate in data encryption and decryption, alliance chain node P0 generates two pairs of public and private secret keys, a first public key is disclosed, a second public key is associated with the value n to serve as a transitive body, and the public key of one alliance chain node is randomly selected to encrypt the transitive body and then broadcast;
step C), the alliance link node obtains the transfersome, a new public-private key pair is generated, the first public key is used for encrypting the newly generated public key, the value of n is subtracted by 1 and then the value of n is broadcasted, the encrypted newly generated public key is associated with the new value of n to serve as the transfersome, the public key of one alliance link node is randomly selected again to encrypt the transfersome and then broadcast, the selected alliance link node obtains the transfersome by means of the private key of the selected alliance link node, and the encrypted public key and n are stored;
step D), executing the step C) by the selected alliance chain node until the value of n is 1, and entering the step E);
step E), randomly distributing n parts of sub data to the alliance link nodes by the alliance link node P0, then disclosing a first private key, decrypting the transfersome by the alliance link nodes respectively to obtain public keys in the transfersome, encrypting the sub data by using the obtained public keys, and gathering and packaging the encrypted sub data;
and F) when the data needs to be decrypted, unpacking the encrypted data by the alliance link node P0 to obtain encrypted subdata, trying to decrypt the subdata by the alliance link node, and if the decryption can be successful, sending the decrypted subdata to an address designated by the alliance link node P0 until all the decrypted subdata is collected, namely, obtaining the decrypted data.
2. A federation chain data encryption method as recited in claim 1,
in step a), the method for truncating the data to be encrypted into n parts of sub-data by the federation link node P0 includes:
step A1) the alliance link node P0 associates a unique identification code k for the data to be encrypted;
step A2) generating a public-private key pair by the alliance link node P0, encrypting data to be encrypted by using a public key, and recording the data as data Dk;
step a3) the federation chain node P0 truncates the data Dk to n shares, obtaining a data structure dki = { Dki, k, i }, where Dki represents the data segments obtained by truncating the data Dk and i represents the truncation order.
3. A federation chain data encryption method as recited in claim 2,
in step F), after unpacking the encrypted data, the federation link node P0 encrypts the obtained encrypted subdata with the private key of the federation link node P0, the federation link node decrypts with the public key of the federation link node P0 and tries to decrypt with the private key reserved by itself, if decryption is successful, the decrypted subdata is sent to the address specified by the federation link node P0, and the federation link node P0 decrypts with the private key generated in step a2) to obtain the data.
4. A federation chain data encryption method according to claim 2 or 3,
in the step D), if the alliance chain node is appointed again, after a transfersome is obtained through decryption, a public key of one alliance chain node is randomly selected from other alliance chain nodes to encrypt the transfersome and broadcast.
5. A federation chain data encryption method according to claim 2 or 3,
in step E), the method for randomly allocating n pieces of sub data to the federation link node P0 includes:
the federation chain node P0 transmits the sub-data among the federation chain nodes in a broadcast mode, each federation chain node can obtain all the sub-data, each federation chain node respectively stores a value of n, and the federation chain node stores the sub-data of the order corresponding to the value of n.
6. A federation chain data encryption method as recited in claim 5,
and F), the alliance link node P0 correctly sequences the subdata according to the sequence i, reads the subdata in the sequence corresponding to the n value stored by the alliance link node, and then decrypts the subdata by using the private key stored in the alliance link node.
7. A federation chain data encryption method as recited in claim 5,
in the step E), the alliance link node reserves subdata in the sequence corresponding to the n value of the alliance link node, and reserves subdata in the next sequence, the alliance link node encrypts the two subdata respectively by using the received public key, sends the encrypted subdata to an address designated by the alliance link node P0, and packs all the encrypted subdata by the alliance link node P0.
8. A federation chain data encryption method according to claim 2 or 3,
in the step E), the method for randomly allocating n pieces of sub-data to the federation link node P0 includes:
and the alliance link node P0 sends all the subdata to any alliance link node, the alliance link node retains the subdata in the sequence corresponding to the n values stored in the alliance link node, deletes the subdata from all the subdata, sends the residual subdata to any appointed alliance link node, and transmits the subdata in sequence to randomly distribute the n parts of the subdata to the alliance link node.
CN202110616574.1A 2021-06-02 2021-06-02 Alliance link data encryption method Active CN113378192B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110616574.1A CN113378192B (en) 2021-06-02 2021-06-02 Alliance link data encryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110616574.1A CN113378192B (en) 2021-06-02 2021-06-02 Alliance link data encryption method

Publications (2)

Publication Number Publication Date
CN113378192A CN113378192A (en) 2021-09-10
CN113378192B true CN113378192B (en) 2022-06-10

Family

ID=77575607

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110616574.1A Active CN113378192B (en) 2021-06-02 2021-06-02 Alliance link data encryption method

Country Status (1)

Country Link
CN (1) CN113378192B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109302495A (en) * 2018-11-20 2019-02-01 北京邮电大学 A kind of date storage method and device
CN109523267A (en) * 2018-10-30 2019-03-26 苏宁易购集团股份有限公司 A kind of verification method, the apparatus and system of the transaction data based on block chain
CN110366839A (en) * 2017-03-06 2019-10-22 区块链控股有限公司 Computer-implemented system and method
CN112597527A (en) * 2021-03-05 2021-04-02 浙江数秦科技有限公司 Data access method for preventing alliance chain data leakage

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017090041A1 (en) * 2015-11-24 2017-06-01 Ben-Ari Adi A system and method for blockchain smart contract data privacy

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110366839A (en) * 2017-03-06 2019-10-22 区块链控股有限公司 Computer-implemented system and method
CN109523267A (en) * 2018-10-30 2019-03-26 苏宁易购集团股份有限公司 A kind of verification method, the apparatus and system of the transaction data based on block chain
CN109302495A (en) * 2018-11-20 2019-02-01 北京邮电大学 A kind of date storage method and device
CN112597527A (en) * 2021-03-05 2021-04-02 浙江数秦科技有限公司 Data access method for preventing alliance chain data leakage

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
区块链的4大核心技术;俞学劢;《金卡工程》;20161031;全文 *

Also Published As

Publication number Publication date
CN113378192A (en) 2021-09-10

Similar Documents

Publication Publication Date Title
CN108600227B (en) Medical data sharing method and device based on block chain
US20220006627A1 (en) Quantum key distribution node apparatus and method for quantum key distribution thereof
TWI714219B (en) Block chain-based business data encryption method and device
JP6416402B2 (en) Cloud storage method and system
US6915434B1 (en) Electronic data storage apparatus with key management function and electronic data storage method
US6662299B1 (en) Method and apparatus for reconstituting an encryption key based on multiple user responses
EP3654580B1 (en) Communication device and communication method used in decentralized network
CN112468297B (en) Key backup method and device based on block chain
CN110690962B (en) Application method and device of service node
US11569989B2 (en) Blockchain system for hardening quantum computing security
CN111698084B (en) Block chain-based concealed communication method
CN109754226B (en) Data management method, device and storage medium
US20150350375A1 (en) Information Processing Method, Trusted Server, and Cloud Server
WO2023109268A1 (en) Block chain message transmission method and device, client, and storage medium
CN113239403A (en) Data sharing method and device
WO2024045552A1 (en) Data processing method and related devices
CN116204923A (en) Data management and data query methods and devices
CN114142995B (en) Key security distribution method and device for block chain relay communication network
CN113193958B (en) Quantum key service method and system
CN113378192B (en) Alliance link data encryption method
US20180270053A1 (en) Management device and management method
CN111526167A (en) Data transmission method and device applied to block chain
US11082406B2 (en) System and method for providing end-to-end security of data and metadata
CN112187456B (en) Key hierarchical management and collaborative recovery system and method
JP2002084269A (en) Recovery method for private key and storage method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant