CN113849385A - Log file generation and analysis method and device - Google Patents
Log file generation and analysis method and device Download PDFInfo
- Publication number
- CN113849385A CN113849385A CN202111059134.7A CN202111059134A CN113849385A CN 113849385 A CN113849385 A CN 113849385A CN 202111059134 A CN202111059134 A CN 202111059134A CN 113849385 A CN113849385 A CN 113849385A
- Authority
- CN
- China
- Prior art keywords
- block
- ith
- value
- ciphertext
- parent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
- G06F11/34—Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
- G06F11/3452—Performance evaluation by statistical analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Life Sciences & Earth Sciences (AREA)
- Bioinformatics & Cheminformatics (AREA)
- Bioinformatics & Computational Biology (AREA)
- Evolutionary Biology (AREA)
- Probability & Statistics with Applications (AREA)
- Quality & Reliability (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method and a device for generating and analyzing a log file, which comprise the following steps: analyzing an ith ciphertext in the log file according to the ith-1 secret key to obtain an ith correction block; the ith ciphertext is obtained by the generator after encoding and encrypting the ith correction block; the ith correction block is a block obtained by updating the hash value of a parent block in the block head of the ith block based on the first proof value of the ith block by the generator; the (i-1) th secret key is obtained at least according to the first certification value of the (i-1) th block; the first proof value of the (i-1) th block is obtained after the (i-1) th ciphertext is analyzed by the analysis party; and determining the parent block hash value of the ith block according to the ith-1 block, and replacing the parent block hash value in the ith correction block to obtain the ith block. The accuracy of the first proof value of the (i-1) th block is ensured, so that the accuracy of the (i-1) th block is ensured, and the accuracy of the data stored in the database is ensured.
Description
Technical Field
The invention relates to the field of financial technology (Fintech), in particular to a method and a device for generating and analyzing a log file.
Background
With the development of computer technology, more and more technologies (such as block chains, cloud computing or big data) are applied to the financial field, the traditional financial industry is gradually changing to the financial technology, the big data technology is no exception, but higher requirements are provided for the security of data in the big data technology due to the security and real-time requirements of the financial and payment industries.
In a block chain bottom platform, in order to monitor block data and expand block data, a generator needs to write the block data into a log after encoding each block by the generator through a preset method in a block consensus project, that is, one log record represents one block; and then sending the log record recorded with the block data to the analysis party. And analyzing the log record by an analysis party to obtain block data in the log record, and storing the block data in the database.
In the prior art, in the process of sending a log record to a parsing party, a generating party may tamper data in the log record maliciously due to reasons such as network, thought (e.g., malicious attack by hacker), and the like. Therefore, the analysis party needs to verify each log record to prevent the log record from being maliciously tampered, so as to ensure the validity, accuracy and safety of the log record.
However, in order to improve the analysis efficiency and reduce the use of computer power, the current analyzer generally only analyzes the log record without checking, so that the accuracy of the block data analyzed and stored in the database is low, and the accuracy and the security of the data in the database cannot be ensured.
Therefore, a method for parsing log records is needed to improve data accuracy and security.
Disclosure of Invention
The embodiment of the invention provides a log file generation and analysis method and device, which are used for forcibly checking a block by an analysis party so as to improve the accuracy and safety of the block and further improve the accuracy and safety of data stored in a database.
In a first aspect, an embodiment of the present invention provides a method for obtaining a block by parsing a log file, including:
aiming at the ith ciphertext in the log file, an analysis party analyzes the ith ciphertext according to the (i-1) th secret key to obtain an ith correction block; the ith ciphertext is obtained by encoding and encrypting the ith correction block by a generator; the ith correction block is a block obtained by updating a parent block hash value in a block header of the ith block by the generator based on a first proof value of the ith block; the (i-1) th secret key is obtained at least according to the first certification value of the (i-1) th block; the first proof value of the (i-1) th block is obtained after the analysis party analyzes the (i-1) th ciphertext; the (i-1) th block is a parent block of the (i) th block;
and the analysis party determines a parent block hash value of the ith block according to the ith-1 block, and replaces the parent block hash value of the ith block with the parent block hash value of the ith correction block to obtain the ith block.
In the above technical solution, the ith ciphertext is obtained by the generator encoding and encrypting the ith correction block, and the ith correction block is a block obtained by the generator updating a parent block hash value in a block header of the ith block based on the first proof value of the ith block; correspondingly, the i-1 th ciphertext is obtained by encoding and encrypting the i-1 th correction block by the generator, and the i-1 th correction block is a block obtained by updating the hash value of the parent block in the block head of the i-1 th block based on the first proof value of the i-1 th block by the generator.
Equivalently, the generator determines a first proof value s of an i-1 block, takes the first proof value s as an i-1 key, and encrypts an i ciphertext according to the i-1 key; the analysis party can obtain a first proof value s' of another i-1 block by analyzing the i-1 ciphertext; if the parser successfully decrypts the ith ciphertext through the "first proof value s ' of another ith-1 block", the "first proof value s ' of another ith-1 block" is equivalent to the "first proof value s ' of another ith-1 block" being consistent with the "first proof value s of an ith-1 block".
Because the i-1 key is obtained at least according to the first proof value of the i-1 block, if the "first proof value s' of another i-1 block" is consistent with the "first proof value s of an i-1 block", it is equivalent to that the i-1 block is not tampered, thereby ensuring the accuracy of the i-1 block and the accuracy of the data stored in the database.
In addition, the ith correction block is obtained by analyzing the ith ciphertext according to the ith-1 secret key, because the ith ciphertext can be successfully analyzed, the ith-1 ciphertext is proved to be correct, namely, the ith-1 block corresponding to the ith-1 ciphertext is correct, therefore, the hash value of the parent block of the ith block is obtained by carrying out hash calculation on the ith-1 block, and the ith block is determined according to the obtained hash value of the parent block of the ith block, so that the accuracy of the ith block is ensured.
Optionally, the method further includes:
the analyzer determines a first proof value of the ith block according to the hash value of the ith-1 block and the hash value of the parent block of the ith correction block; the first proof value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th modified block.
In the technical scheme, the first proof value of the ith block is determined through the parent block hash value of the ith correction block and the hash value of the (i-1) th block, if the (i-1) th ciphertext is maliciously tampered, the (i-1) th block obtained by analysis according to the (i-1) th ciphertext is changed, further, the hash value of the (i-1) th block is changed, and the analyzed first proof value s of the ith block is changediAnd the first proof value s of the i-th block generated by the generatoriWill be inconsistent and the first proof value siThe ith key is used as the i +1 th correction block for encoding and encrypting, i.e. the resolver passes the first proof value siInconsistent first proof value si' it is impossible to solve the i +1 th ciphertextAnd therefore, whether the (i-1) th ciphertext is tampered or not is verified through whether the (i + 1) th ciphertext is successfully analyzed or not, namely whether the (i-1) th ciphertext is correct or not is determined, and therefore the accuracy of the (i-1) th ciphertext is guaranteed. Therefore, whether the ciphertext (i.e., the (i + 1) th ciphertext) of the next block is successfully analyzed is used as a condition to force the verification of the ciphertext (i.e., the (i-1) th ciphertext) of the previous block of the current block, for example, if the (i + 1) th ciphertext is successfully analyzed, the first proof value is determined to be correct, and then the (i-1) th block is determined to be not tampered and correct, so that the accuracy of the block analyzed by an analysis party is ensured, and the accuracy and the safety of data in the database are improved.
Optionally, replacing the parent block hash value of the ith block with the parent block hash value of the ith modified block to obtain the ith block, where the step of obtaining the ith block includes:
the analyzer acquires a block body of the ith block from the ith correction block;
the analysis party determines a transaction root in a block head of the ith block according to the block body of the ith block;
and the analysis party replaces the parent block hash value of the ith block with the parent block hash value of the ith correction block and replaces the transaction root of the ith block with the transaction root of the ith correction block to obtain the ith block.
In the above technical solution, when the ith key determined by the generator further includes the second proof value, because the transaction root of the ith correction block is generated according to the transaction root of the ith block and the second proof value, in order to obtain an accurate ith block, the transaction root of the ith correction block needs to be restored, so as to obtain an accurate ith block, and the accuracy of the ith block is ensured.
Optionally, the method further includes:
the analysis party determines a second proof value of the ith block according to the transaction root in the ith block and the transaction root in the ith correction block; the second certification value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th correction block together with the first certification value of the ith block.
In the above technical solution, the ith key further includes a second proof value of the ith block, the second proof value is determined by the transaction root of the ith correction block and the transaction root of the ith block, if the ith ciphertext is maliciously tampered, the ith block obtained by analysis according to the ith ciphertext will also change, and further the transaction root of the ith block will also change, and the second proof value k of the ith block obtained by analysis will also changeiAnd the second proof value k of the i-th block generated by the generatoriWill be inconsistent and the second proof value kiThe ith key is used as the i +1 th correction block for encoding and encrypting, i.e. the resolver passes through the second proof value kiInconsistent second proof value kiThe ith key obtained cannot decrypt the (i + 1) th ciphertext, so that whether the (i) th ciphertext is tampered or not is verified by whether the (i + 1) th ciphertext is successfully analyzed, namely whether the (i) th ciphertext is correct or not is determined, and the accuracy of the (i) th ciphertext is guaranteed. Therefore, the ciphertext (i.e., the ith ciphertext) of the current block is forcibly verified by using whether the ciphertext (i.e., the (i + 1) th ciphertext) of the next block is successfully analyzed as a condition, for example, if the (i + 1) th ciphertext is successfully analyzed, the second proof value is determined to be correct, and then each transaction of the ith block is determined to be correct, so that the accuracy of the block analyzed by the analyzing party is ensured, and the accuracy and the safety of data in the database are improved.
Optionally, the method further includes:
the analysis party determines parameter values of each parameter type and at least one parameter type of each transaction from the block body of the ith block as a third proof value of the ith block; and the third certification value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th correction block together with the first certification value of the ith block and the second certification value of the ith block.
In the above technical solution, the ith key further includes a third proof value, the third proof value is determined by the generator according to the parameter values of each parameter type and at least one parameter type of each transaction, and according to the above discussion, similarly, the cipher text (i-th cipher text) of the current block is forcibly verified by using as a condition whether the cipher text of the next block (i.e., i + 1-th cipher text) is successfully analyzed, for example, if the i + 1-th cipher text is successfully analyzed, the third proof value is determined to be correct, and further, the parameter values of each parameter type and at least one parameter type of each transaction of the i-th block are determined to be correct, so as to ensure the accuracy of the block analyzed by the analyzer, and thus, the accuracy and the security of data in the database are improved.
Optionally, the analyzing party analyzes the ith ciphertext according to the ith-1 key to obtain the ith correction block, including:
the analysis party decrypts the ith ciphertext according to the ith-1 secret key to obtain an ith plaintext;
and the analysis party carries out deserialization on the ith plaintext to obtain an ith correction block.
In the technical scheme, the analytic party needs to decrypt the ith ciphertext to prove that the ith ciphertext is obtained by encryption, so that the confidentiality of the ith ciphertext can be improved, and the ith ciphertext is prevented from being tampered; since the analyzer needs to perform deserialization on the ith plaintext to obtain the ith correction block, it is proved that the ith plaintext is obtained by performing serialization according to the ith plaintext, that is, the ith correction block is represented by the ith plaintext, so that the data volume can be reduced, and the data resource occupied during data transmission is reduced.
In a second aspect, an embodiment of the present invention provides a method for generating a log file by a block, including:
the generator generates a first proof value of the ith block; the first proof value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th correction block;
the generator updates the hash value of a parent block in the block head of the ith block based on the first proof value of the ith block, so as to obtain an ith correction block;
the generator encodes and encrypts the ith correction block according to the ith-1 secret key to obtain an ith ciphertext; the (i-1) th secret key is obtained at least according to the first certification value of the (i-1) th block; the (i-1) th block is a parent block of the (i) th block;
and the generator writes the ith ciphertext into a log file and sends the log file to an analysis party.
In the above technical solution, the parent block hash value of the ith correction block includes a first proof value of the ith block and a parent block hash value in a block header of the ith block, so that the analysis party obtains an ith key for decrypting the (i + 1) th ciphertext after analyzing the ith correction block, and because the first proof value of the ith block is used to determine the ith key for encoding and encrypting the (i + 1) th correction block, if the analysis party successfully analyzes the (i + 1) th correction block, the first proof value of the ith block is proved to be correct; and further proving that the hash value of a parent block in the block head of the ith block is correct, and the hash value of the parent block in the block head of the ith block is obtained by carrying out hash operation according to the parent block (i.e. the (i-1) th block) of the ith block, so that the (i-1) th block is determined to be correct, and the hash value of the (i-1) th block is obtained by carrying out hash operation on the (i-1) th block obtained after the (i-1) th ciphertext is analyzed by an analysis party, so that whether the (i-1) th ciphertext is tampered or not is verified by whether the (i + 1) th ciphertext is successfully analyzed or not, namely whether the (i-1) th ciphertext is correct or not is determined, and the accuracy of the (i-1) th ciphertext is ensured. Therefore, whether the ciphertext (i.e., the (i + 1) th ciphertext) of the next block is successfully analyzed is used as a condition to force the verification of the ciphertext (i.e., the (i-1) th ciphertext) of the previous block of the current block, for example, if the (i + 1) th ciphertext is successfully analyzed, the first proof value is determined to be correct, and then the (i-1) th block is determined to be not tampered and correct, so that the accuracy of the block analyzed by an analysis party is ensured, and the accuracy and the safety of data in the database are improved.
Optionally, the method further includes:
the generator generates a second proof value of the ith block;
the method for modifying the hash value of the parent block in the block header of the ith block by the generator based on the first proof value of the ith block to obtain an ith modified block includes:
modifying, by the generator, a parent block hash value in a block head of the ith block based on a first proof value of the ith block, and modifying a transaction root in the block head of the ith block based on a second proof value of the ith block, thereby obtaining an ith modified block;
and the generator generates an ith key for encoding and encrypting the (i + 1) th correction block based on the first certification value of the ith block and the second certification value of the ith block.
In the above technical solution, the transaction root of the ith correction block includes the second proof value of the ith block and the transaction root in the block header of the ith block, so that the analysis party obtains the ith key for decrypting the (i + 1) th ciphertext after analyzing the ith correction block, and because the ith key includes the second proof value of the ith block, if the analysis party successfully analyzes the (i + 1) th correction block, the second proof value of the ith block is proved to be correct; and then the transaction root in the block head of the ith block is proved to be correct, and the transaction root in the block head of the ith block is obtained by carrying out hash operation according to the transactions of the ith block, so that the transactions of the ith block are determined to be correct, and therefore, whether the ith ciphertext is tampered or not is verified by whether the ith ciphertext is successfully analyzed or not, namely, whether the ith ciphertext is correct or not is determined, and the accuracy of the ith-1 ciphertext is ensured. Therefore, whether the ith ciphertext is tampered or not is verified by whether the (i + 1) th ciphertext is successfully analyzed or not, namely whether the ith ciphertext is correct or not is determined, and therefore the accuracy of the ith ciphertext is guaranteed. Therefore, the ciphertext (i.e., the ith ciphertext) of the current block is forcibly verified by using whether the ciphertext (i.e., the (i + 1) th ciphertext) of the next block is successfully analyzed as a condition, for example, if the (i + 1) th ciphertext is successfully analyzed, the second proof value is determined to be correct, and then each transaction of the ith block is determined to be correct, so that the accuracy of the block analyzed by the analyzing party is ensured, and the accuracy and the safety of data in the database are improved.
Optionally, the method further includes:
the generator determines a third certification value of the ith block based on parameter values of each parameter type and at least one parameter type of each transaction in the block body of the ith block;
the generator generates an ith key for encoding and encrypting the (i + 1) th correction block based on the first proof value of the ith block and the third proof value of the ith block; or the generator generates an ith key for encoding and encrypting the (i + 1) th modified block based on the first proof value of the ith block, the second proof value of the ith block and the third proof value of the ith block.
In the above technical solution, the third proof value is determined according to the parameter values of each parameter type and at least one parameter type of each transaction, and based on the above technical solution, similarly, whether the ciphertext (i +1 th ciphertext) of the next block is successfully analyzed is used as a condition to force verification of the ciphertext (i.e., the ith ciphertext) of the current block, for example, if the i +1 th ciphertext is successfully analyzed, the third proof value is determined to be correct, and then the parameter values of each parameter type and at least one parameter type of each transaction of the ith block are determined to be correct, so as to ensure the accuracy of the block analyzed by the analyzing party, thereby improving the accuracy and the security of the data in the database.
Optionally, the generating party performs encoding and encryption on the ith correction block according to the ith-1 key to obtain an ith ciphertext, and the method includes:
the generator serializes the ith correction block to obtain an ith plaintext;
and the generator encrypts the ith plaintext according to the ith-1 key to obtain the ith ciphertext.
In the technical scheme, the ith ciphertext is obtained by encryption, so that the confidentiality of the ith ciphertext can be increased, and the ith ciphertext is prevented from being tampered; because the ith plaintext is obtained by serialization according to the ith plaintext, the data amount can be reduced by representing the ith correction block through the ith plaintext, and the data resources occupied by data transmission are reduced.
In a third aspect, an embodiment of the present invention provides an apparatus for obtaining a block by parsing a log file, where the apparatus includes:
the analysis module is used for analyzing the ith ciphertext according to the ith-1 secret key in the log file to obtain an ith correction block; the ith ciphertext is obtained by encoding and encrypting the ith correction block by a generator; the ith correction block is a block obtained by updating a parent block hash value in a block header of the ith block by the generator based on a first proof value of the ith block; the (i-1) th secret key is obtained at least according to the first certification value of the (i-1) th block; the first proof value of the (i-1) th block is obtained after the analysis party analyzes the (i-1) th ciphertext; the (i-1) th block is a parent block of the (i) th block;
and the determining module is used for determining a parent block hash value of the ith block according to the ith-1 block, and replacing the parent block hash value of the ith block with the parent block hash value in the ith correction block to obtain the ith block.
Optionally, the parsing module is further configured to:
determining a first certification value of the ith block according to the hash value of the ith-1 block and the hash value of the parent block of the ith correction block; the first proof value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th modified block.
Optionally, the determining module is specifically configured to:
acquiring a block body of the ith block from the ith correction block;
determining a transaction root in a block header of the ith block according to a block body of the ith block;
and replacing the parent block hash value of the ith block with the parent block hash value of the ith correction block, and replacing the transaction root of the ith block with the transaction root of the ith correction block to obtain the ith block.
Optionally, the parsing module is further configured to:
determining a second proof value of the ith block according to the transaction root in the ith block and the transaction root in the ith correction block; the second certification value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th correction block together with the first certification value of the ith block.
Optionally, the parsing module is further configured to:
the analysis party determines parameter values of each parameter type and at least one parameter type of each transaction from the block body of the ith block as a third proof value of the ith block; and the third certification value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th correction block together with the first certification value of the ith block and the second certification value of the ith block.
Optionally, the determining module is specifically configured to:
decrypting the ith ciphertext according to the ith-1 secret key to obtain an ith plaintext;
and performing deserialization on the ith plaintext to obtain an ith correction block.
In a fourth aspect, an embodiment of the present invention provides an apparatus for generating a log file by using a block, where the apparatus includes:
a generating unit for generating a first proof value of the ith block;
updating a parent block hash value in the block head of the ith block based on the first proof value of the ith block, thereby obtaining an ith correction block;
according to the ith-1 secret key, carrying out coding encryption on the ith correction block to obtain an ith ciphertext; the (i-1) th secret key is obtained at least according to the first certification value of the (i-1) th block; the (i-1) th block is a parent block of the (i) th block;
and the sending unit is used for writing the ith ciphertext into a log file and sending the log file to an analysis party.
Optionally, the generating unit is further configured to:
generating a second attestation value for the ith block;
modifying a parent block hash value in a block head of the ith block based on a first proof value of the ith block, and modifying a transaction root in the block head of the ith block based on a second proof value of the ith block to obtain an ith modified block;
and generating an ith key for encoding and encrypting the (i + 1) th correction block based on the first certification value of the ith block and the second certification value of the ith block.
Optionally, the generating unit is further configured to:
determining a third certification value of the ith block based on parameter values of each parameter type and at least one parameter type of each transaction in the block body of the ith block;
generating an ith key for encoding and encrypting the (i + 1) th correction block based on the first certification value of the ith block and the third certification value of the ith block; or the generator generates an ith key for encoding and encrypting the (i + 1) th modified block based on the first proof value of the ith block, the second proof value of the ith block and the third proof value of the ith block.
Optionally, the generating unit is specifically configured to:
serializing the ith correction block to obtain an ith plaintext;
and encrypting the ith plaintext according to the ith-1 key to obtain an ith ciphertext.
In a fifth aspect, an embodiment of the present invention further provides a computer device, including:
a memory for storing program instructions;
and the processor is used for calling the program instructions stored in the memory, and executing the method for obtaining the blocks by analyzing the log file and the method for generating the log file by the blocks according to the obtained program.
In a sixth aspect, an embodiment of the present invention further provides a computer-readable storage medium, where the computer-readable storage medium stores computer-executable instructions, where the computer-executable instructions are configured to cause a computer to perform the method for obtaining a block by parsing a log file and the method for generating a log file by using a block.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic diagram of an ith block according to an embodiment of the present invention;
FIG. 2 is a system architecture according to an embodiment of the present invention;
fig. 3 is a flowchart illustrating a method for generating a log file by a block according to an embodiment of the present invention;
fig. 4 is a diagram illustrating an ith block according to an embodiment of the present invention;
fig. 5 is a schematic diagram of an i-th correction block according to an embodiment of the present invention;
fig. 6 is a schematic diagram of an i-th correction block according to an embodiment of the present invention;
FIG. 7 is a diagram illustrating a data type as a character string according to an embodiment of the present invention;
FIG. 8 is a diagram illustrating an embodiment of the present invention in which a data type is a binary array;
FIG. 9 is a diagram illustrating an embodiment of the present invention in which data types are integer types;
FIG. 10 is a block diagram illustrating plaintext according to an embodiment of the invention;
fig. 11 is a schematic diagram of determining a key fragment according to an embodiment of the present invention;
fig. 12 is a schematic diagram of a ciphertext according to an embodiment of the present invention;
fig. 13 is a method for obtaining a block by parsing a log file according to an embodiment of the present invention;
fig. 14 is a schematic structural diagram of an apparatus for obtaining a block by parsing a log file according to an embodiment of the present invention;
fig. 15 is a schematic structural diagram of an apparatus for generating a log file by using a block according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the present invention will be described in further detail with reference to the accompanying drawings, and it is apparent that the described embodiments are only a part of the embodiments of the present invention, not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the block chain system, generating a block by a block-out node, and then identifying the block in the block chain system; after successful consensus, the block is uploaded to the block chaining system, i.e., the block is uplinked. In a round-robin manner, as the number of blocks increases, the length of a block chain is longer, and blocks stored locally at each node also increase, and in order to release the storage capacity locally at the node and not lose block information, the blocks need to be backed up to other storage units, such as a cloud database.
In the prior art, the block backup comprises the following steps:
1. and for any block, the generator extracts the information of the block to obtain block data, writes the block data into a log after the block data is encoded by a preset method, generates log records, and obtains a log file according to at least one log record.
2. The generator sends the log file to the parser.
3. And the analysis party analyzes the log records in the log file to obtain blocks corresponding to the log records and stores the blocks in the database.
But the data in the log records is vulnerable to malicious tampering. Therefore, the analysis party needs to verify each log record to prevent the log record from being maliciously tampered, so as to ensure the validity, accuracy and safety of the log record.
However, in order to improve the analysis efficiency and reduce the use of computer power, the current analyzer generally only analyzes the log record without checking, so that the accuracy of the block data analyzed and stored in the database is low, and the accuracy and the security of the data in the database cannot be ensured.
In order to better explain the invention, possible nouns are explained below.
Blocks, in block-chain technology, valuable information is stored permanently in the form of data, and these carriers for storing data information are called blocks. Specifically, a block is a data structure for recording transactions, which reflects the flow of funds in the transactions. The blocks are arranged in a time sequence, each block records the transaction information which occurs during the creation of the block, all the blocks are linked in order to be converged into a 'general ledger', and each block can be regarded as one page in the general ledger.
Fig. 1 exemplarily shows a schematic diagram of an ith block, as shown in fig. 1, the ith block includes a block header and a block body, wherein the block header includes a parent block hash value, a mercker tree root, a block high, a block out node address, etc., which are not specifically illustrated herein; the block includes specific information for each transaction, such as from (payer address), to (incomer address), date (parameter value), etc. for the transaction.
Based on the problems in the prior art, there is a need for a method for parsing log records to improve data accuracy and security.
Fig. 2 illustrates an exemplary system architecture, which includes a generator 210 and a parser 220, to which an embodiment of the present invention is applicable.
The generator 210 is configured to extract data of the ith block (e.g., extract a parent block hash value, a transaction root, etc. in the head of the block, a transaction amount of each transaction in the block, a transaction party address, etc.);
determining an attestation value (including a first attestation value, a second attestation value, and/or a third attestation value) needed as a key; determining a parent block hash value of the ith correction block according to the parent block hash value and the first certification value of the ith block, and determining a transaction root of the ith correction block according to the transaction root of the ith block and the second certification value, so as to obtain the ith correction block;
and coding and encrypting the ith correction block to obtain an ith ciphertext, writing the ith ciphertext into a log file, and sending the log file to the analysis party 220.
The analysis party 220 is used for analyzing the ith ciphertext according to the ith-1 secret key to obtain an ith correction block;
performing hash operation on the (i-1) th block to determine a parent block hash value of the (i) th block, then determining a first proof value of the (i) th block according to the parent block hash value of the (i) th modified block and the parent block hash value of the (i) th block, and taking the first proof value of the (i) th block as a key for decrypting the (i + 1) th ciphertext;
and replacing the parent block hash value of the ith block with the parent block hash value of the ith correction block to obtain the ith block, and finally storing the ith block into the database.
It should be noted that the structure shown in fig. 2 is only an example, and the embodiment of the present invention is not limited thereto.
Based on the above description, fig. 3 is a schematic flowchart illustrating a method for generating a log file by a chunk according to an embodiment of the present invention, where the flowchart may be executed by an apparatus for generating a log file by a chunk.
As shown in fig. 3, the process specifically includes:
in step 310, the generator generates a first attestation value for the ith chunk.
In the embodiment of the invention, the first proof value of the ith block is used for determining the ith key for encoding and encrypting the (i + 1) th correction block.
In step 320, the generator updates the hash value of the parent block in the block header of the ith block based on the first certificate value of the ith block, thereby obtaining an ith modified block.
In the embodiment of the present invention, a new value is obtained according to the first certification value of the ith block and the parent block hash value in the block header of the ith block, and the new value is used as the parent block hash value of the ith modified block.
And 330, the generator encodes and encrypts the ith correction block according to the ith-1 key to obtain an ith ciphertext.
In the embodiment of the invention, the (i-1) th secret key is at least obtained according to the first certification value of the (i-1) th block; the i-1 th block is a parent block of the i-th block.
And 340, writing the ith ciphertext into a log file by the generator, and sending the log file to an analysis party.
In the embodiment of the present invention, the log file includes at least one log record, and each log record corresponds to data of one block, such as a block header (a parent block hash value, a transaction root, etc.) and a block body (a transaction amount, a transaction party address, etc.) of a certain block.
In step 310, the first proof value is determined according to the first random number, specifically, the generator randomly generates a random number sequence according to the timestamp, and randomly determines the first random number in the random number sequence; and determining a first proof value of the ith block according to the first random number. The timestamp may be a timestamp corresponding to the block, or a timestamp of the block encoding by the generator, or a time of the uplink in the block, which is not specifically limited herein; in the embodiment of the invention, the random number sequence can be randomly generated based on the time stamp according to the pseudo-random number generation algorithm, and the pseudo-random number generation algorithm is not limited here.
Further, if the generator determines that the first random number meets a preset condition, the generator determines the first random number as the first proof value; otherwise, determining a first preset value as the first proof value; the preset condition is that a modulus is taken for a preset condition value according to the first random number to obtain a modulus result; and the modulus result is greater than the conditional threshold. The preset condition value, the first preset value and the condition threshold value may be values preset by a developer according to the preset conditions, such as preset condition values of 100 and 200; the first preset value is 0, 1 and the like; the condition thresholds are 50, 70, etc.
For example, a time at which the block is encoded and encrypted is taken as a time stamp, and a random number sequence is generated. Then, a random number is randomly selected from the random number sequence to serve as a first random number, then, a modulus is taken for 100 (a preset condition value), if the obtained result is less than 50 (a condition threshold value), the first proof value is 0 (a first preset value), otherwise, the first proof value is the first random number.
Similarly, for the second proof value, another random number is randomly selected from the random number sequence as the second random number, then modulo 100 (a preset condition value), if the obtained result is less than 50 (a condition threshold), the second proof value is 0 (a second preset value), otherwise, the second proof value is the second random number.
It should be noted that the preset condition for determining the second proof value may be the same as the preset condition for determining the first proof value (that is, the preset condition value, the preset value, and the condition threshold value involved in the preset condition are the same), or may be different, for example, the first preset value is 0, and the second preset value is 1; and is not particularly limited herein.
In step 320, the generator obtains a parent block hash value of the ith modified block based on the first certification value of the ith block and the parent block hash value in the block header of the ith block; and replacing the parent block hash value of the ith correction block with the parent block hash value of the block head of the ith block to obtain the ith correction block.
The method for obtaining the parent block hash value of the ith modified block by the generator based on the first attestation value of the ith block and the parent block hash value in the block header of the ith block includes, but is not limited to, the following methods.
1. Performing sum or difference on the first proof value of the ith block and the parent block hash value in the block head of the ith block to obtain the parent block hash value of the ith correction block;
2. performing product or quotient on the first proof value of the ith block and the parent block hash value in the block head of the ith block to obtain the parent block hash value of the ith correction block;
3. and carrying out XOR operation on the first proof value of the ith block and the parent block hash value in the block head of the ith block to obtain the parent block hash value of the ith correction block.
For example, the generator determines the first attestation value of the ith block to be siThe hash value of the parent block in the block header of the ith block is GiTaking the sum of the first certification value of the ith block and the parent block hash value of the ith block as the parent block hash value of the ith modified block, namely the parent block hash value G of the ith modified blocki`=Gi+si. Then G is mixedi' Replacing parent block hash value G of i-th blockiThus, the ith correction block is obtained.
Fig. 4 is a schematic diagram illustrating an ith block, where as shown in fig. 4, the ith block includes a block header and a block body, and the block header includes a parent hash value, a transaction root, an out-block address, a block and so on of the ith block; the block includes n transactions and data such as transaction amounts in each transaction.
Fig. 5 is a schematic diagram of an ith modified block according to an exemplary embodiment of the invention, where as shown in fig. 5, the hash value of the parent block of the ith modified block is the first attestation value s of the ith blockiAnd the parent block hash value G of the ith blockiThe ith modified chunk has no change in data other than the hash value of the parent chunk compared to the ith chunk.
Illustratively, the generator generates a second attestation value for the ith chunk; modifying a parent block hash value in the block head of the ith block based on the first proof value of the ith block, and modifying a transaction root in the block head of the ith block based on the second proof value of the ith block to obtain an ith correction block; and generating an ith key for encoding and encrypting the (i + 1) th correction block based on the first certification value of the ith block and the second certification value of the ith block.
Based on the above description, the generator obtains the transaction root of the ith modified chunk based on the second proof value of the ith chunk and the transaction root of the ith chunk includes, but is not limited to, the following method.
1. Performing sum or difference on the second proof value of the ith block and the transaction root of the ith block to obtain the transaction root of the ith correction block;
2. performing product or quotient on the second proof value of the ith block and the transaction root of the ith block to obtain the transaction root of the ith correction block;
3. and carrying out XOR operation on the second proof value of the ith block and the transaction root of the ith block to obtain the transaction root of the ith correction block.
For example, the generator determines that the second proof value of the ith block is kiThe transaction root in the block header of the ith block is HiThe second proof value k of the ith blockiTransaction root H with ith blockiThe sum of (a) and (b) is used as the transaction root of the ith correction block, i.e. the transaction root H of the ith correction blocki`=Hi+ki. Then H is introducediTransaction root H of' replace ith blockiThus, the ith correction block is obtained.
Further example is performed based on the above-mentioned fig. 4 and fig. 5, and fig. 6 is a first exemplary embodiment of the present inventionFor the i modified block, as shown in FIG. 6, the transaction root of the i modified block is the second proof value k of the i blockiTransaction root H with ith blockiThe ith modified chunk has no change in data other than the parent chunk hash value and the transaction root compared to the ith chunk.
In step 330, the generator serializes the ith correction block to obtain the ith plaintext; and encrypting the ith plaintext according to the ith-1 key to obtain an ith ciphertext.
The method is a process of converting the state information of the object into a form capable of being stored or transmitted, for example, each field in a block is determined to be corresponding binary directly according to the data type, and finally, a plaintext is generated.
In the embodiment of the present invention, the ith correction block may be serialized by a serialization tool to obtain the ith plaintext. For example, the sequencing tools are Gson, Jackson, FastJson, ProtoBuf, etc.
Taking a block header as an example, fig. 7 is a schematic diagram illustrating that a data type is a character string according to an exemplary embodiment of the present invention, as shown in fig. 7, the data type is a character string (such as extra data), a flag byte of the character string type is 0x01, and the flag byte further includes a character string byte length and a character string byte content; the byte length of the character string is used for representing the byte length used by the character string with the marking byte being 0x01, and the byte content of the character string is used for representing specific parameters with the marking byte being 0x01, such as specific money (7 yuan, 10 yuan, etc.) of the transaction.
Fig. 8 is a schematic diagram illustrating an exemplary data type being a binary array according to an embodiment of the present invention, and as shown in fig. 8, the data type is a binary array (e.g., logs), the flag byte of the binary type is 0x02, and further includes a length of the binary byte and a content of the binary byte.
Fig. 9 is a schematic diagram illustrating that a data type is an integer type according to an embodiment of the present invention, and as shown in fig. 9, the data type is an integer type (e.g., out-of-block node address, block, etc.), a flag byte of the integer type is 0x03, and the flag byte further includes an integer byte content because the byte length of the integer type is fixed to 32 bits.
Based on the above serialization, any block may be serialized to obtain a corresponding plaintext in the form of bytes, fig. 10 is a schematic diagram of a plaintext of an i-th block exemplarily shown in the embodiment of the present invention, as shown in fig. 10, the plaintext of the i-th block includes flag bytes such as "parent block hash value", "transaction root", and "transaction number", and fig. 10 also includes a plaintext of the i-th block, which is not shown in fig. 10, the byte length and the byte content corresponding to the flag bytes, for example, the byte length of the address of the block initiator is 16, and the byte content is www. max.com; the block height has a byte length of 2 and a byte content of 17.
After obtaining the plaintext of the ith block, the generator encrypts the plaintext of the ith block through an (i-1) th secret key; the encryption method can be an AES algorithm or a DES algorithm, and the like, and taking the AES algorithm as an example, the encryption method comprises the following steps: the generator fragments the (i-1) th key to obtain a plurality of (i-1) th key fragments; dividing the plaintext of the ith block according to the number of the first bytes to obtain a plurality of plaintext groups of the ith block; encrypting the plaintext groups according to the encryption sequence and the encryption steps to obtain ciphertext groups of the ith block aiming at the plaintext groups of any ith block; the encryption sequence is used for determining the sequence of using the key fragments in the process of the ciphertext for the generator; the encryption step comprises byte reverse mapping, reverse row displacement and reverse column confusion; generating a ciphertext from the plurality of ciphertext groups; the first byte number is a value preset by a developer, such as 4, 8, 16, etc.
Fig. 11 is a schematic diagram illustrating an exemplary method for determining key fragments, and as shown in fig. 11, the key is hashed according to sha512 to obtain a 64-byte array, and the first 44 bytes (all 64 bytes or other number of bytes) of the key are taken, and a group of 4 bytes (8 bytes or other number of bytes) is divided into 11 groups of i-1 key fragments, which are ia1, ia2, … … and ia11 respectively.
And dividing the plaintext of the ith block according to 16 bytes (the number of the first bytes) to obtain a plurality of plaintext groups of the ith block.
For the plaintext block of any ith chunk, firstly carrying out exclusive OR and confusion calculation (XOR) with the first ith-1 key chunk (i.e. ia1) and then taking the second ith-1 key chunk (i.e. ia2) for repeated calculation according to the encryption sequence (such as the sequence of using the ith-1 key chunk is ia1, ia2, … … and ia 11); wherein the obfuscating calculation comprises 4 steps, which are: firstly, table look-up mapping is carried out; then, aiming at the specified digit of byte cycle right shift of each row, the specified digit is determined according to the number of the byte rows of the plaintext block of the ith block, for example, the digit of byte shift of the first row of the plaintext block of the ith block is 1, the digit of byte shift of the second row of the plaintext block of the ith block is 2, and the like; then performing multiplication budget on the row and a preset matrix; and finally carrying out exclusive OR. Until the (i-1) th plaintext is encrypted by all the 11 (i-1) th key fragments according to the encryption sequence to obtain an (i-1) th ciphertext group.
The generator encrypts the plaintext groups of the ith blocks to obtain corresponding ciphertext groups of the ith blocks, and then combines the ciphertext groups of the ith blocks to obtain ciphertexts of the ith blocks; fig. 12 is a schematic diagram illustrating an exemplary ciphertext according to an embodiment of the present invention, where, as shown in fig. 12, the ciphertext of the ith block corresponds to the plaintext of the ith block; specifically, the cipher text of the i-th block includes flag bytes such as "parent block hash value", "transaction root", and "transaction number", and the cipher text of the i-th block not shown in fig. 12 further includes the byte length and the byte content corresponding to the flag bytes, for example, the byte length of the block sender address is 16, and the byte content is www. times.com; the block height has a byte length of 2 and a byte content of 17.
In the above steps, the generator determines the key by the following ways:
1. using the first proof value as a key;
2. the second proof value is used as a key, and can also be used as a key;
3. using the first proof value and the second proof value as a key together;
4. using the first proof value and the third proof value as a key together;
5. using the second proof value and the third proof value as a key together;
6. the first proof value, the second proof value and the third proof value are used together as a key.
Wherein the third proof value is determined by the generator based on the parameter values of each parameter type and at least one parameter type of each transaction in the block body of the ith block; for example, the parameter types of each transaction include an integer type, a binary type, and the like; in an implementable manner, the parameter value of the parameter type may be data corresponding to a data field in the transaction, wherein the data field is used for characterizing parameter information corresponding to the smart contract.
In one scenario, for a created block (i.e., the first block in a chain of blocks), the generator determines a first proof value s for the created block0According to the first proof value s0Determining a created correcting block corresponding to the created block; and then, coding and encrypting the created-age correction block through a preset initial key to obtain a ciphertext of the created-age block. And writing the ciphertext of the founding block and a preset initial key into a log file, and sending the log file to an analysis party. Wherein the first proof value s0For encrypting the ciphertext of the second block in the block chain.
After the analytic party obtains the ciphertext of the founding block and the preset initial key in the log file, the ciphertext of the founding block is decrypted through the preset initial key to obtain a first proof value s0. First proof value s0And the method is used for decrypting the ciphertext of the second block sent by the sending party by the analysis party so as to realize that the key for analyzing the next block is obtained after the analysis party analyzes the current block.
To better explain the above technical solution, fig. 13 exemplarily shows a method for obtaining a block by parsing a log file, and as shown in fig. 13, the specific flow includes:
In the embodiment of the invention, the ith ciphertext is obtained by encoding and encrypting the ith correction block by a generator; the ith correction block is a block obtained by updating the hash value of a parent block in the block head of the ith block based on the first proof value of the ith block by the generator; the (i-1) th secret key is obtained at least according to the first certification value of the (i-1) th block; the first proof value of the (i-1) th block is obtained after the (i-1) th ciphertext is analyzed by the analysis party; the i-1 th block is the parent block of the i-th block.
In step 1320, the resolver determines the parent block hash value of the ith block according to the i-1 th block, and replaces the parent block hash value of the ith block with the parent block hash value of the ith modified block to obtain the ith block.
In the embodiment of the invention, the analytic party determines the hash value of the (i-1) th block according to the (i-1) th block to be analyzed, and the hash value of the (i-1) th block is the parent block hash value of the (i) th block, so that the (i) th corrected block can be restored to the (i) th block, and the first proof value of the (i) th key for decrypting the (i + 1) th ciphertext is obtained.
In step 1310, the i-th modified block is obtained by performing decryption according to the encryption step in the flow of fig. 3.
Specifically, the analysis party reads the ciphertext corresponding to the ith block according to the ith-1 key, and then, as shown in fig. 11, the analysis party fragments the ith-1 key to obtain a plurality of ith-1 key fragments which are the same as those obtained by the generation party; dividing the ciphertext of the ith block according to the number of the first bytes to obtain a plurality of ciphertext groups of the ith block; aiming at the ciphertext group of any ith block, selecting an (i-1) th secret key fragment according to a decryption sequence; the decryption sequence is the sequence of key fragmentation used in the process of determining the plaintext of the ith block by the analysis party; the decryption sequence and the encryption sequence are in reverse order; the encryption sequence determines the sequence of key fragments used in the ciphertext process of the ith block for the generator.
In the embodiment of the present invention, the encryption method corresponds to the above encryption method, for example, the encryption method is an AES algorithm or a DES algorithm.
Based on the above encryption sequence, for example, the encryption sequence is ia1, ia2, … … and ia11, i.e. the i-1 key fragment ia1 is used for encryption, then the i-1 key fragment ia2 is used for encryption, and so on, and finally the i-1 key fragment ia11 is used for encryption; the decryption order is ia11, ia10, … …, ia1, i.e. decryption is performed using the i-1 key fragment ia11, then decryption is performed using the i-1 key fragment ia10, and so on, and finally decryption is performed using the i-1 key fragment ia 1.
The analysis party performs exclusive-or operation on the first i-1 key fragment ia11 and the ciphertext group of the i-th block to determine a first decryption result; decrypting the first decryption result according to the decryption step to obtain a second decryption result; the decryption step comprises reverse column confusion, reverse row displacement and byte reverse mapping; the decryption step and the encryption step are mutually inverse steps; and will not be described in detail herein.
And then, selecting another key fragment (i.e. the (i-1) th key fragment ia12) according to the decryption sequence, and decrypting the second decryption result until all 11 (i-1) th key fragments are used for decrypting the (i-1) th plaintext lease according to the decryption sequence to obtain the (i-1) th plaintext group.
And the analytic party decrypts the ciphertext groups of the ith blocks to obtain corresponding plaintext groups of the ith blocks, and then combines the plaintext groups of the ith blocks to obtain the plaintext of the ith block.
After obtaining the plaintext of the ith block, the analyzer obtains an ith correction block, such as the ith correction block shown in fig. 5 or fig. 6, by deserializing the plaintext, and then obtains a first proof value, a second proof value, and/or a third proof value according to the ith correction block.
In a practical way, if only the hash value of the parent block is modified, determining a first certification value of the ith block according to the hash value of the ith-1 block and the hash value of the parent block of the ith modified block; the first proof value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th modified block.
For example, based on the above fig. 5, as shown in the ith modified block of fig. 5, the ith modified block only modifies the parent hash value of the ith modified block, specifically, the parent hash value of the ith modified block is GiBecause of GiIs the first proof value s of the ith blockiAnd the parent block hash value G of the ith blockiTherefore, the parser hashes the parsed i-1 th block to obtain the hash value of the i-1 th block, which is equivalent to obtaining the hash value G of the parent block of the i-th blockiThen, the ith is modifiedThe parent hash value of the positive block is GiThe hash value of the i-1 block is subtracted to obtain the first identification value s of the i-blockiAnd the ith modified block is restored to the ith block as shown in fig. 4.
In another practical way, if the hash value of the parent block and the transaction root are modified, the block body of the ith block is obtained from the ith correction block; the analysis party determines a transaction root in the block head of the ith block according to the block body of the ith block; and the analytic party replaces the parent block hash value of the ith block with the parent block hash value of the ith correction block, and replaces the transaction root of the ith block with the transaction root of the ith correction block to obtain the ith block.
For example based on fig. 6, as shown in the ith modified block in fig. 6, the ith modified block modifies the hash value of the parent block and the transaction root, specifically, the transaction root of the ith modified block is HiBecause of HiIs the second proof value k of the ith blockiTransaction root H with ith blockiBecause the transaction root is obtained by performing hash operation on each transaction in the block body, the analysis party performs hash operation on the block body of the ith block to obtain the transaction root H of the ith blockiThen, the transaction root of the ith correction block is HiTransaction root of 'and i' block HiDifferencing to obtain a second proof value k of the ith blockiAnd restoring the ith modified block to the ith block as shown in fig. 4 in combination with the restoration of the hash value of the parent block.
And after determining a second proof value of the ith block according to the transaction root in the ith block and the transaction root in the ith correction block, the analysis party uses the second proof value of the ith block and the first proof value of the ith block together to determine an ith key for encoding and encrypting the (i + 1) th correction block.
In an implementable manner, the analysis party determines parameter values of each parameter type and at least one parameter type of each transaction from the block body of the ith block as a third proof value of the ith block; and the third certification value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th correction block together with the first certification value of the ith block and the second certification value of the ith block.
It should be noted that the ith key is a key of the ciphertext of the (i + 1) th block, so that: and the analysis party verifies whether the (i-1) th ciphertext is tampered or not by analyzing the (i + 1) th ciphertext or not successfully based on the first proof value, namely, whether the (i-1) th ciphertext is correct or not is determined, so that the accuracy of the (i-1) th ciphertext is ensured. Therefore, whether the ciphertext (i +1 th ciphertext) of the next block is successfully analyzed or not is taken as a condition to force the verification of the ciphertext (i-1 th ciphertext) of the previous block of the current block (i block), for example, if the i +1 th ciphertext is successfully analyzed, the first proof value is determined to be correct, and then the i-1 th block is determined to be not tampered and correct, so that the accuracy of the block analyzed by the analysis party is ensured, and the accuracy and the safety of data in the database are improved.
And the analysis party verifies whether the ith ciphertext is tampered or not by analyzing the (i + 1) th ciphertext or not successfully on the basis of the second proof value, namely, whether the ith ciphertext is correct or not is determined, so that the accuracy of the ith ciphertext is ensured. Therefore, the ciphertext (i.e., the ith ciphertext) of the current block is forcibly verified by using whether the ciphertext (i.e., the (i + 1) th ciphertext) of the next block is successfully analyzed as a condition, for example, if the (i + 1) th ciphertext is successfully analyzed, the second proof value is determined to be correct, and then each transaction of the ith block is determined to be correct, so that the accuracy of the block analyzed by the analyzing party is ensured, and the accuracy and the safety of data in the database are improved.
Similarly, the analysis party enforces verification of the ciphertext (i.e., the ith ciphertext) of the current block by taking whether the ciphertext (i.e., the (i + 1) th ciphertext) of the next block is successfully analyzed or not as a condition based on the third proof value, for example, if the (i + 1) th ciphertext is successfully analyzed, the third proof value is determined to be correct, and then parameter values of each parameter type and at least one parameter type of each transaction of the (i) th block are determined to be correct, so that the accuracy of the block analyzed by the analysis party is ensured, and the accuracy and the safety of data in the database are improved.
Based on the same technical concept, fig. 14 exemplarily shows a schematic structural diagram of an apparatus for obtaining a block by parsing a log file according to an embodiment of the present invention, and the apparatus may perform a method for obtaining a block by parsing a log file.
As shown in fig. 14, the apparatus specifically includes:
the analysis module 1410 is configured to analyze an ith ciphertext in the log file according to an ith-1 key to obtain an ith correction block; the ith ciphertext is obtained by encoding and encrypting the ith correction block by a generator; the ith correction block is a block obtained by updating a parent block hash value in a block header of the ith block by the generator based on a first proof value of the ith block; the (i-1) th secret key is obtained at least according to the first certification value of the (i-1) th block; the first proof value of the (i-1) th block is obtained after the analysis party analyzes the (i-1) th ciphertext; the (i-1) th block is a parent block of the (i) th block;
a determining module 1420, configured to determine a parent block hash value of the ith block according to the i-1 th block, and replace the parent block hash value of the ith block with the parent block hash value of the ith modified block to obtain the ith block.
Optionally, the parsing module 1410 is further configured to:
determining a first certification value of the ith block according to the hash value of the ith-1 block and the hash value of the parent block of the ith correction block; the first proof value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th modified block.
Optionally, the determining module 1420 is specifically configured to:
acquiring a block body of the ith block from the ith correction block;
determining a transaction root in a block header of the ith block according to a block body of the ith block;
and replacing the parent block hash value of the ith block with the parent block hash value of the ith correction block, and replacing the transaction root of the ith block with the transaction root of the ith correction block to obtain the ith block.
Optionally, the parsing module 1410 is further configured to:
determining a second proof value of the ith block according to the transaction root in the ith block and the transaction root in the ith correction block; the second certification value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th correction block together with the first certification value of the ith block.
Optionally, the parsing module 1410 is further configured to:
the analysis party determines parameter values of each parameter type and at least one parameter type of each transaction from the block body of the ith block as a third proof value of the ith block; and the third certification value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th correction block together with the first certification value of the ith block and the second certification value of the ith block.
Optionally, the determining module 1420 is specifically configured to:
decrypting the ith ciphertext according to the ith-1 secret key to obtain an ith plaintext;
and performing deserialization on the ith plaintext to obtain an ith correction block.
Based on the same technical concept, fig. 15 exemplarily shows a schematic structural diagram of an apparatus for generating a log file by a tile according to an embodiment of the present invention, and the apparatus can perform a method for generating a log file by a tile.
As shown in fig. 15, the apparatus specifically includes:
a generating unit 1510 configured to generate a first attestation value for the ith block;
updating a parent block hash value in the block head of the ith block based on the first proof value of the ith block, thereby obtaining an ith correction block;
according to the ith-1 secret key, carrying out coding encryption on the ith correction block to obtain an ith ciphertext; the (i-1) th secret key is obtained at least according to the first certification value of the (i-1) th block; the (i-1) th block is a parent block of the (i) th block;
and a sending unit 1520, configured to write the ith ciphertext into a log file, and send the log file to an analysis party.
Optionally, the generating unit 1510 is further configured to:
generating a second attestation value for the ith block;
modifying a parent block hash value in a block head of the ith block based on a first proof value of the ith block, and modifying a transaction root in the block head of the ith block based on a second proof value of the ith block to obtain an ith modified block;
and generating an ith key for encoding and encrypting the (i + 1) th correction block based on the first certification value of the ith block and the second certification value of the ith block.
Optionally, the generating unit 1510 is further configured to:
determining a third certification value of the ith block based on parameter values of each parameter type and at least one parameter type of each transaction in the block body of the ith block;
generating an ith key for encoding and encrypting the (i + 1) th correction block based on the first certification value of the ith block and the third certification value of the ith block; or the generator generates an ith key for encoding and encrypting the (i + 1) th modified block based on the first proof value of the ith block, the second proof value of the ith block and the third proof value of the ith block.
Optionally, the generating unit 1510 is specifically configured to:
serializing the ith correction block to obtain an ith plaintext;
and encrypting the ith plaintext according to the ith-1 key to obtain an ith ciphertext.
Based on the same technical concept, an embodiment of the present invention further provides a computer device, including:
a memory for storing program instructions;
and the processor is used for calling the program instructions stored in the memory, and executing the method for obtaining the blocks by analyzing the log file and the method for generating the log file by the blocks according to the obtained program.
Based on the same technical concept, embodiments of the present invention further provide a computer-readable storage medium storing computer-executable instructions for causing a computer to perform the method for obtaining a block by parsing a log file and the method for generating a log file by the block.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various changes and modifications may be made in the present application without departing from the spirit and scope of the application. Thus, if such modifications and variations of the present application fall within the scope of the claims of the present application and their equivalents, the present application is intended to include such modifications and variations as well.
Claims (10)
1. A method for obtaining a block by parsing a log file, comprising:
aiming at the ith ciphertext in the log file, an analysis party analyzes the ith ciphertext according to the (i-1) th secret key to obtain an ith correction block; the ith ciphertext is obtained by encoding and encrypting the ith correction block by a generator; the ith correction block is a block obtained by updating a parent block hash value in a block header of the ith block by the generator based on a first proof value of the ith block; the (i-1) th secret key is obtained at least according to the first certification value of the (i-1) th block; the first proof value of the (i-1) th block is obtained after the analysis party analyzes the (i-1) th ciphertext; the (i-1) th block is a parent block of the (i) th block;
and the analysis party determines a parent block hash value of the ith block according to the ith-1 block, and replaces the parent block hash value of the ith block with the parent block hash value of the ith correction block to obtain the ith block.
2. The method of claim 1, wherein the method further comprises:
the analyzer determines a first proof value of the ith block according to the hash value of the ith-1 block and the hash value of the parent block of the ith correction block; the first proof value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th modified block.
3. The method of claim 1 or 2, wherein replacing the parent chunk hash value of the ith chunk with the parent chunk hash value of the ith modified chunk to obtain the ith chunk comprises:
the analyzer acquires a block body of the ith block from the ith correction block;
the analysis party determines a transaction root in a block head of the ith block according to the block body of the ith block;
and the analysis party replaces the parent block hash value of the ith block with the parent block hash value of the ith correction block and replaces the transaction root of the ith block with the transaction root of the ith correction block to obtain the ith block.
4. The method of claim 3, wherein the method further comprises:
the analysis party determines a second proof value of the ith block according to the transaction root in the ith block and the transaction root in the ith correction block; the second certification value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th correction block together with the first certification value of the ith block.
5. The method of claim 3, wherein the method further comprises:
the analysis party determines parameter values of each parameter type and at least one parameter type of each transaction from the block body of the ith block as a third proof value of the ith block; and the third certification value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th correction block together with the first certification value of the ith block and the second certification value of the ith block.
6. The method of claim 1, wherein the parsing party parses the ith ciphertext according to the ith-1 key to obtain the ith modified block, comprising:
the analysis party decrypts the ith ciphertext according to the ith-1 secret key to obtain an ith plaintext;
and the analysis party carries out deserialization on the ith plaintext to obtain an ith correction block.
7. A method for generating a log file from a block, comprising:
the generator generates a first proof value of the ith block; the first proof value of the ith block is used for determining an ith key for encoding and encrypting the (i + 1) th correction block;
the generator updates the hash value of a parent block in the block head of the ith block based on the first proof value of the ith block, so as to obtain an ith correction block;
the generator encodes and encrypts the ith correction block according to the ith-1 secret key to obtain an ith ciphertext; the (i-1) th secret key is obtained at least according to the first certification value of the (i-1) th block; the (i-1) th block is a parent block of the (i) th block;
and the generator writes the ith ciphertext into a log file and sends the log file to an analysis party.
8. The method of claim 7, wherein the method further comprises:
the generator generates a second proof value of the ith block;
the method for modifying the hash value of the parent block in the block header of the ith block by the generator based on the first proof value of the ith block to obtain an ith modified block includes:
modifying, by the generator, a parent block hash value in a block head of the ith block based on a first proof value of the ith block, and modifying a transaction root in the block head of the ith block based on a second proof value of the ith block, thereby obtaining an ith modified block;
and the generator generates an ith key for encoding and encrypting the (i + 1) th correction block based on the first certification value of the ith block and the second certification value of the ith block.
9. The method of claim 7 or 8, wherein the method further comprises:
the generator determines a third certification value of the ith block based on parameter values of each parameter type and at least one parameter type of each transaction in the block body of the ith block;
the generator generates an ith key for encoding and encrypting the (i + 1) th correction block based on the first proof value of the ith block and the third proof value of the ith block; or the generator generates an ith key for encoding and encrypting the (i + 1) th modified block based on the first proof value of the ith block, the second proof value of the ith block and the third proof value of the ith block.
10. The method as claimed in claim 7, wherein the generating party performs encoding encryption on the ith modified block according to the ith-1 key to obtain the ith ciphertext, and the method comprises:
the generator serializes the ith correction block to obtain an ith plaintext;
and the generator encrypts the ith plaintext according to the ith-1 key to obtain the ith ciphertext.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111059134.7A CN113849385A (en) | 2021-09-10 | 2021-09-10 | Log file generation and analysis method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111059134.7A CN113849385A (en) | 2021-09-10 | 2021-09-10 | Log file generation and analysis method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113849385A true CN113849385A (en) | 2021-12-28 |
Family
ID=78973793
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111059134.7A Pending CN113849385A (en) | 2021-09-10 | 2021-09-10 | Log file generation and analysis method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113849385A (en) |
-
2021
- 2021-09-10 CN CN202111059134.7A patent/CN113849385A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9537657B1 (en) | Multipart authenticated encryption | |
| EP3356988B1 (en) | Method and system for verifiable searchable symmetric encryption | |
| US7127067B1 (en) | Secure patch system | |
| Yun et al. | On protecting integrity and confidentiality of cryptographic file system for outsourced storage | |
| JP2004534333A (en) | Integrated protection method and system for distributed data processing in computer networks | |
| CN110008745B (en) | Encryption method, computer equipment and computer storage medium | |
| CN110264354B (en) | Method and device for creating block chain account and verifying block chain transaction | |
| CN100401309C (en) | Tax controlling equipment software edition intelligent upgrade encryption identification method | |
| CN102904712A (en) | Information encrypting method | |
| CN108462686A (en) | Acquisition methods, device, terminal device and the storage medium of dynamic key | |
| CN111147245A (en) | Algorithm for encrypting by using national password in block chain | |
| CN110351297B (en) | Verification method and device applied to block chain | |
| CN102739397A (en) | Method and device for encrypting and checking electronic worksheet | |
| CN108197484A (en) | A kind of method that node data safety is realized under distributed storage environment | |
| CN112866227A (en) | File authorization protection method and system | |
| CN114499875A (en) | Service data processing method and device, computer equipment and storage medium | |
| CN113259116A (en) | Sensor data uplink method and system based on aggregated signature | |
| CN108376212B (en) | Execution code security protection method and device and electronic device | |
| US8832450B2 (en) | Methods and apparatus for data hashing based on non-linear operations | |
| CN116132041A (en) | Key processing method and device, storage medium and electronic equipment | |
| CN113849385A (en) | Log file generation and analysis method and device | |
| CN115766244A (en) | Internet of vehicles information encryption method and device, computer equipment and storage medium | |
| CN116664123A (en) | Digital wallet design method based on blockchain technology | |
| CN115361198A (en) | Decryption method, encryption method, device, computer equipment and storage medium | |
| CN116781265A (en) | Data encryption method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |