CN114462065A - Method for realizing data encryption sharing based on block chain and chameleon Hash algorithm - Google Patents

Abstract

The invention discloses a method for realizing data encryption sharing based on a block chain and a chameleon hash algorithm, belonging to the field of data encryption; the method comprises the following specific steps: s1, building a Fabric Block Link network as the basis of data encryption storage and exchange sharing, registering the Block Link identity for the user; s2, generating a symmetric key according to the encrypted data exchanged between users; s3 encrypting the data by the encryptor and writing the chain; s4 the decryption party reads the data from the data write chain and generates a symmetric key; s5, decrypting the encrypted data by using the generated symmetric key to obtain original private data; the method utilizes the characteristics of generating public and private keys by an elliptic curve encryption algorithm and combines the characteristics of trapdoor by a chameleon hash algorithm, and realizes the effect of generating the same key by both users on the premise of not exposing information of the symmetric key; and the privacy data holder encrypts the privacy data by using the generated symmetric key and writes the encrypted privacy data into the block chain, and adds additional information for generating the key.

Description

Method for realizing data encryption sharing based on block chain and chameleon Hash algorithm

Technical Field

The invention discloses a method for realizing data encryption sharing based on a block chain and a chameleon hash algorithm, and relates to the technical field of data encryption.

Background

Data encryption technology is one of the main technical means adopted for improving the security and confidentiality of information systems and data and preventing secret data from being decoded by the outside. Commonly used data encryption algorithms fall into two broad categories: symmetric encryption algorithms and asymmetric encryption algorithms. The encryption and decryption of a symmetric encryption algorithm rely on the same symmetric key, namely: and encrypting the plaintext by using the symmetric key to obtain a ciphertext, and decrypting the ciphertext by using the same symmetric key to obtain the plaintext. The asymmetric encryption algorithm relies on a pair of keys: the public key is published to the outside, the private key needs to be kept secret, data encrypted by the public key needs to be decrypted by the private key, and data encrypted by the private key needs to be decrypted by the public key.

The symmetric encryption algorithm is suitable for encrypting data with large data volume, the asymmetric data is suitable for encrypting data with small data volume, the current mainstream data encryption and sharing scheme generally uses the symmetric encryption algorithm to encrypt private data, uses the asymmetric encryption algorithm to encrypt a symmetric key, and the data sharing parties transmit the encrypted data and the encrypted symmetric key. The scheme comprises a transmission process of the symmetric key, and the risk of key leakage is increased.

Elliptic curve encryption algorithm, namely: an Elliptic cut Cryptography, ECC for short, is an asymmetric encryption algorithm realized based on Elliptic Curve mathematical theory. The public and private keys of ECC are generated based on the elliptic curve and the algorithm on the elliptic curve. Chameleon Hash (Chameleon Hash) is a special Hash function, and the traditional Hash function is difficult to find collision, but Chameleon Hash function can artificially set a 'back door', which is called trapdoor information, and collision can be easily found after the trapdoor information is mastered.

Disclosure of Invention

Aiming at the problems in the prior art, the invention provides a method for realizing data encryption sharing based on a block chain and a chameleon hash algorithm, and the adopted technical scheme is as follows: the method for realizing data encryption sharing based on the block chain and the chameleon hash algorithm comprises the following specific steps:

s1, building a Fabric Block Link network as the basis of data encryption storage and exchange sharing, and registering the Block Link identity for the user;

s2 generating a symmetric key from encrypted data exchanged between users;

s3, encrypting data by an encryptor and writing a chain;

s4 the decryption party reads the data from the data write chain and generates a symmetric key;

s5 decrypts the encrypted data using the generated symmetric key to obtain the original private data.

The specific steps of the S2 generating the symmetric key according to the encrypted data exchanged between the users are as follows:

s201, generating trapdoor information by using a private key of an encryptor and a public key of a decryptor;

s202, generating 4 random numbers g, m1, m2 and r1, and generating a chameleon hash function Hab (m, r) by using g and trapdoor information;

s203, m1, r1, m2 are brought into Hab, and r2 is obtained by using the trapdoor information so as to satisfy Hab (m1, r1) ═ Hab (m2, r 2);

s204, the hash value obtained by substituting m1 and r2 into Hab is used as a symmetric key.

And writing chain data in the S3 is in json format.

The specific steps of the decryption party reading data from the data write chain and generating the symmetric key in S4 are as follows:

s401, generating trapdoor information by using a private key of a decryption party and a public key of an encryption party;

s402, reading the additional information g, m1, m2 and r1 of the symmetric key from the chain, and generating a chameleon hash function Hab (m, r) by using the g and the trapdoor information;

s403, m1, r1, m2 are brought into Hab, and r2 is obtained by using the trapdoor information so as to satisfy Hab (m1, r1) ═ Hab (m2, r 2);

s404, the hash value obtained by substituting m1 and r2 into Hab is the symmetric key.

The system specifically comprises an identity establishing module, a secret key generating module A, an encryption processing module, a secret key generating module B and an encryption analyzing module:

an identity establishment module: building a Fabric Block Link network as a basis for data encryption storage and exchange sharing, and registering a Block Link identity for a user;

the key generation module A: generating a symmetric key according to encrypted data exchanged between users;

an encryption processing module: encrypting data and writing a chain through an encryption party;

the key generation module B: the decryption party reads data from the data write chain and generates a symmetric secret key;

an encryption analysis module: and decrypting the encrypted data by using the generated symmetric key to obtain the original privacy data.

The secret key generation module A specifically comprises an information generation module A, an information processing module A, a hash processing module A and a generation module A:

the information generation module A: generating trapdoor information by using a private key of an encryptor and a public key of a decryptor;

the information processing module A: generating 4 random numbers g, m1, m2 and r1, and generating a chameleon hash function Hab (m, r) by using g and trap door information;

the hash processing module A: bringing m1, r1 and m2 into Hab, and obtaining r2 by using the trapdoor information so as to satisfy Hab (m1, r1) Hab (m2, r 2);

the carry-in generation module A: and substituting m1 and r2 into Hab to obtain a hash value as a symmetric key.

And the write chain data in the encryption processing module is in a json format.

The secret key generation module B specifically comprises an information generation module B, an information processing module B, a hash processing module B and a generation module B:

the information generation module B: generating trapdoor information by using a private key of a decryptor and a public key of an encryptor;

the information processing module B: reading the additional information g, m1, m2 and r1 of the symmetric key from the chain, and generating a chameleon hash function Hab (m, r) by using the g and the trapdoor information;

the hash processing module B: bringing m1, r1 and m2 into Hab, and obtaining r2 by using the trapdoor information so as to satisfy Hab (m1, r1) Hab (m2, r 2);

the carry-in generation module B: the hash value obtained by substituting m1 and r2 into Hab is the symmetric key.

The invention has the beneficial effects that: the generation of the symmetric key and the process of encrypting and decrypting data by using the symmetric key are finished by a user single party, so that the transmission exchange of the key does not exist, and the risk of stealing and exposing the key in the transmission process is avoided; the additional parameters required by key generation are written into the block chain, and the key loss caused by forgetting parameter information is avoided; the key used in each encryption is newly generated according to the random parameter, and even if the key used in a certain encryption is leaked due to unpredictable reasons, other encrypted data cannot be threatened;

the method utilizes the characteristics of generating public and private keys by an elliptic curve encryption algorithm and combines the characteristics of trapdoor by a chameleon hash algorithm, and realizes the effect of generating the same key by both users on the premise of not exposing information of the symmetric key; the privacy data holder encrypts the privacy data by using the generated symmetric secret key and writes the encrypted privacy data into the block chain, and adds extra information for generating the secret key; any user can view the information on the chain, but cannot decrypt the information; only authorized users can use the information to generate a symmetric secret key, and then the original privacy data can be decrypted.

Drawings

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.

FIG. 1 is a schematic flow chart of the implementation of the method of the present invention.

Detailed Description

The present invention is further described below in conjunction with the following figures and specific examples so that those skilled in the art may better understand the present invention and practice it, but the examples are not intended to limit the present invention.

The first embodiment is as follows:

the method for realizing data encryption sharing based on the block chain and the chameleon hash algorithm comprises the following specific steps:

s1, building a Fabric Block Link network as the basis of data encryption storage and exchange sharing, and registering the Block Link identity for the user;

s2 generating a symmetric key from encrypted data exchanged between users;

s3, encrypting data by an encryptor and writing a chain;

s4 the decryption party reads the data from the data write chain and generates a symmetric key;

s5, decrypting the encrypted data by using the generated symmetric key to obtain original private data;

establishing a Fabric Block chain network as a basis for data encryption storage and exchange sharing, and registering a Block chain identity, namely a public key and a private key, for a user; the signature algorithm used in Fabric is ECDSA, the private key of the user is essentially a relatively large positive integer (denoted s), the public key of the user is essentially a point on an elliptic curve (denoted P), and there is a relationship between them: p is sxg, where G is the base point of the elliptic curve;

assuming that a user a, a user b and a user c exist, the user a needs to store a piece of private data after encryption to the blockchain network and share the data to the user b and the user c; the public key of the user a is marked as Pa, the private key is marked as sa, and similarly, the public and private keys of the user b and the user c are respectively marked as: pb, sb, Pc, sc; the private data to be encrypted and shared by the user a is recorded as D;

as shown in fig. 1, firstly, a user a generates additional key information, that is, 4 random numbers in step (2) of the technical scheme, and then, a symmetric key is generated by using the additional key information, the public key of the user b and the own private key;

secondly, the user a encrypts the private data by using the generated symmetric secret key, and writes the obtained encrypted data and the secret key additional information into the block chain;

the user b reads the key additional information and the encrypted data from the block chain, and generates a symmetric key by using the key additional information, the public key of the user a and the private key of the user b, wherein the symmetric key is the same as the symmetric key generated by the user a;

finally, the user b decrypts the encrypted data by using the generated symmetric secret key, so that original privacy data are obtained;

further, the specific step of S2 generating the symmetric key according to the encrypted data exchanged between the users is as follows:

s201, generating trapdoor information by using a private key of an encryptor and a public key of a decryptor;

s202, generating 4 random numbers g, m1, m2 and r1, and generating a chameleon hash function Hab (m, r) by using g and trapdoor information;

s203, m1, r1, m2 are brought into Hab, and r2 is obtained by using the trapdoor information so as to satisfy Hab (m1, r1) ═ Hab (m2, r 2);

s204, a hash value obtained by substituting m1 and r2 into Hab is used as a symmetric key;

the user a generates the intermediate parameters Kab and Kac, and the generated formula is as follows: k_ab＝s_a×P_bAnd K_ac＝s_a×P_c

Kab and Kac are essentially two points on an elliptic curve, and the code of Kab and Kac as two numbers (the code is such as adding x coordinate and y coordinate) is recorded as: xab and xac;

user a generates 4 random numbers g, m1, m2, r 1;

hab is generated by using g and xab,

hac is generated using g and xac,

two chameleon hash functions Hab and Hac are constructed by using g, Hab and Hac

H_ab(m,r)＝g^mh_ab ^r

H_ac(m,r)＝g^mh_ac ^r

xab and xac are the trapdoor information of the Hab and Hac hash functions, respectively;

taking Hab as an example, m1 and r1 are substituted into the Hab function to obtain a hash value Hab (m1, r1), and after the trapdoor information xab is known, it can be obtained that the specific random number r2ab satisfies Hab (m1, r1) ═ Hab (m2, r2ab), and the calculation formula is as follows:

r2_ab＝(m1-m2)x_ab ^-1+r1

similarly, it can be found that r2ac satisfies Hac (m1, r1) ═ Hac (m2, r2ac)

Bringing m1 and r2ab into Hab to obtain a hash value Hab (m1, r2ab), which is recorded as Sab, wherein Sab is a symmetric key for exchanging encrypted data between a user a and a user b;

similarly, m1 and r2ac are brought into Hac to obtain a hash value Hac (m1, r2ac), which is recorded as Sac, and Sac is a symmetric key for exchanging encrypted data between user a and user c;

further, the write chain data in S3 is in json format;

a user a encrypts private data D by using a symmetric secret key Sab, and the obtained value is marked as EDab;

encrypting the private data D by using a symmetric secret key Sac, and marking the obtained value as EDac;

json strings organized as follows:

the user a generates uuid and records the uuid as data _ id, the data _ id is used as key, the json character string is used as value, a data writing chain is carried out, and the data _ id is sent to the user b and the user c;

still further, the specific steps of the decryption party S4 reading data from the data-write chain and generating a symmetric key are as follows:

s401, generating trapdoor information by using a private key of a decryption party and a public key of an encryption party;

s402, reading the additional information g, m1, m2 and r1 of the symmetric key from the chain, and generating a chameleon hash function Hab (m, r) by using the g and the trapdoor information;

s403, m1, r1, m2 are brought into Hab, and r2 is obtained by using the trapdoor information so as to satisfy Hab (m1, r1) ═ Hab (m2, r 2);

s404, the hash value obtained by substituting m1 and r2 into Hab is the symmetric key;

taking a user b as an example, json data is read from the block chain according to the data _ id, and g, m1, m2, r1 and EDab are obtained from json;

calculating the intermediate parameters Kab, K_ab＝s_b×P_aAcquiring trap door information xab according to Kab;

hab is generated by using g and xab,

obtaining chameleon hash function Hab, H_ab(m,r)＝g^mh_ab ^r；

The hash value Hab (m1, r1) is obtained by substituting m1 and r1 into the Hab function, and after the trapdoor information xab is known, the specific random number r2ab can be obtained to satisfy Hab (m1, r1) ═ Hab (m2, r2ab), and the calculation formula is as follows:

r2_ab＝(m1-m2)x_ab ^-1+r1

bringing m1 and r2ab into Hab to obtain a hash value Hab (m1, r2ab), namely Sab, namely a symmetric key for exchanging encrypted data between the user a and the user b;

and decrypting the EDab by using the Sab to obtain the original privacy data D.

Example two:

the system specifically comprises an identity establishing module, a secret key generating module A, an encryption processing module, a secret key generating module B and an encryption analyzing module:

an identity establishment module: building a Fabric Block Link network as a basis for data encryption storage and exchange sharing, and registering a Block Link identity for a user;

the key generation module A: generating a symmetric key according to encrypted data exchanged between users;

an encryption processing module: encrypting data and writing a chain through an encryption party;

the key generation module B: the decryption party reads data from the data write chain and generates a symmetric secret key;

an encryption analysis module: decrypting the encrypted data by using the generated symmetric secret key to obtain original private data;

further, the key generation module a specifically includes an information generation module a, an information processing module a, a hash processing module a, and a generation module a:

the information generation module A: generating trapdoor information by using a private key of an encryptor and a public key of a decryptor;

the information processing module A: generating 4 random numbers g, m1, m2 and r1, and generating a chameleon hash function Hab (m, r) by using g and trap door information;

the hash processing module A: bringing m1, r1 and m2 into Hab, and obtaining r2 by utilizing trapdoor information so as to satisfy Hab (m1, r1) ═ Hab (m2, r 2);

the carry-in generation module A: taking hash values obtained by substituting m1 and r2 into Hab as symmetric keys;

further, the write chain data in the encryption processing module is in a json format;

still further, the key generation module B specifically includes an information generation module B, an information processing module B, a hash processing module B, and a generation module B:

the information generation module B: generating trapdoor information by using a private key of a decryptor and a public key of an encryptor;

the information processing module B: reading the additional information g, m1, m2 and r1 of the symmetric key from the chain, and generating a chameleon hash function Hab (m, r) by using the g and the trapdoor information;

the hash processing module B: bringing m1, r1 and m2 into Hab, and obtaining r2 by using the trapdoor information so as to satisfy Hab (m1, r1) Hab (m2, r 2);

the carry-in generation module B: the hash value obtained by substituting m1 and r2 into Hab is the symmetric key.

Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (8)

1. The method for realizing data encryption sharing based on the block chain and the chameleon hash algorithm is characterized by comprising the following specific steps:

s1, building a Fabric Block Link network as the basis of data encryption storage and exchange sharing, and registering the Block Link identity for the user;

s2 generating a symmetric key from encrypted data exchanged between users;

s3, encrypting data by an encryptor and writing a chain;

s4 the decryption party reads the data from the data write chain and generates a symmetric key;

s5 decrypts the encrypted data using the generated symmetric key to obtain the original private data.

2. The method as claimed in claim 1, wherein the step S2 of generating the symmetric key according to the encrypted data exchanged between users comprises the following steps:

s201, generating trapdoor information by using a private key of an encryptor and a public key of a decryptor;

s202, generating 4 random numbers g, m1, m2 and r1, and generating a chameleon hash function Hab (m, r) by using g and trapdoor information;

s203 brings m1, r1, and m2 into Hab, and finds r2 using the trapdoor information so that Hab (m1, r1) is satisfied, i.e., Hab (m2, r 2);

s204, the hash value obtained by substituting m1 and r2 into Hab is used as a symmetric key.

3. The method as claimed in claim 2, wherein the write chain data in S3 is in json format.

4. The method as claimed in claim 3, wherein the step of the decryption party S4 reading the data from the data-write chain and generating the symmetric key comprises the following steps:

s401, generating trapdoor information by using a private key of a decryption party and a public key of an encryption party;

s402, reading the additional information g, m1, m2 and r1 of the symmetric key from the chain, and generating a chameleon hash function Hab (m, r) by using the g and the trapdoor information;

s403, m1, r1, m2 are brought into Hab, and r2 is obtained by using the trapdoor information so as to satisfy Hab (m1, r1) ═ Hab (m2, r 2);

s404, the hash value obtained by substituting m1 and r2 into Hab is the symmetric key.

5. The system for realizing data encryption sharing based on the block chain and the chameleon hash algorithm is characterized by specifically comprising an identity establishing module, a secret key generating module A, an encryption processing module, a secret key generating module B and an encryption analyzing module:

an identity establishment module: building a Fabric Block Link network as a basis for data encryption storage and exchange sharing, and registering a Block Link identity for a user;

the key generation module A: generating a symmetric key according to encrypted data exchanged between users;

an encryption processing module: encrypting data and writing a chain through an encryption party;

the key generation module B: the decryption party reads data from the data write chain and generates a symmetric secret key;

an encryption analysis module: and decrypting the encrypted data by using the generated symmetric key to obtain the original privacy data.

6. The system according to claim 5, wherein the key generation module a specifically includes an information generation module a, an information processing module a, a hash processing module a, and a generation module a:

the information generation module A: generating trapdoor information by using a private key of an encryptor and a public key of a decryptor;

the information processing module A: generating 4 random numbers g, m1, m2 and r1, and generating a chameleon hash function Hab (m, r) by using g and trap door information;

the hash processing module A: bringing m1, r1 and m2 into Hab, and obtaining r2 by using the trapdoor information so as to satisfy Hab (m1, r1) Hab (m2, r 2);

the carry-in generation module A: and substituting m1 and r2 into Hab to obtain a hash value as a symmetric key.

7. The system of claim 6, wherein the write chain data in the encryption processing module is in json format.

8. The system according to claim 7, wherein the key generation module B specifically includes an information generation module B, an information processing module B, a hash processing module B, and a carry-in generation module B:

the information generation module B: generating trapdoor information by using a private key of a decryptor and a public key of an encryptor;

the information processing module B: reading the additional information g, m1, m2 and r1 of the symmetric key from the chain, and generating a chameleon hash function Hab (m, r) by using the g and the trapdoor information;

the hash processing module B: bringing m1, r1 and m2 into Hab, and obtaining r2 by using the trapdoor information so as to satisfy Hab (m1, r1) Hab (m2, r 2);

the carry-in generation module B: the hash value obtained by substituting m1 and r2 into Hab is the symmetric key.

Images