CN114880715A - Power data security sharing method and system based on homomorphic encryption intelligent contract - Google Patents
Power data security sharing method and system based on homomorphic encryption intelligent contract Download PDFInfo
- Publication number
- CN114880715A CN114880715A CN202210282372.2A CN202210282372A CN114880715A CN 114880715 A CN114880715 A CN 114880715A CN 202210282372 A CN202210282372 A CN 202210282372A CN 114880715 A CN114880715 A CN 114880715A
- Authority
- CN
- China
- Prior art keywords
- data
- request
- calculation
- sharing
- intelligent contract
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 48
- 238000004364 calculation method Methods 0.000 claims abstract description 96
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 29
- 230000008569 process Effects 0.000 claims abstract description 14
- 239000004744 fabric Substances 0.000 claims description 48
- 238000012545 processing Methods 0.000 claims description 25
- 230000006870 function Effects 0.000 claims description 23
- 238000011161 development Methods 0.000 claims description 19
- 230000004044 response Effects 0.000 claims description 11
- 230000008520 organization Effects 0.000 claims description 7
- 238000007726 management method Methods 0.000 claims description 6
- 238000004458 analytical method Methods 0.000 claims description 5
- 239000000284 extract Substances 0.000 claims description 3
- 230000003993 interaction Effects 0.000 claims description 3
- 230000007246 mechanism Effects 0.000 claims description 3
- 238000007405 data analysis Methods 0.000 abstract description 3
- 230000018109 developmental process Effects 0.000 description 16
- 238000010586 diagram Methods 0.000 description 9
- 238000005516 engineering process Methods 0.000 description 6
- 230000005540 biological transmission Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 238000007667 floating Methods 0.000 description 2
- 238000012552 review Methods 0.000 description 2
- 238000009825 accumulation Methods 0.000 description 1
- 238000007792 addition Methods 0.000 description 1
- 230000002776 aggregation Effects 0.000 description 1
- 238000004220 aggregation Methods 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000007935 neutral effect Effects 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 201000009032 substance abuse Diseases 0.000 description 1
- 230000033772 system development Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/06—Energy or water supply
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S10/00—Systems supporting electrical power generation, transmission or distribution
- Y04S10/50—Systems or methods supporting the power network operation or management, involving a certain degree of interaction with the load-side end user applications
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- General Health & Medical Sciences (AREA)
- Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Economics (AREA)
- Computer Hardware Design (AREA)
- Primary Health Care (AREA)
- Public Health (AREA)
- General Business, Economics & Management (AREA)
- Tourism & Hospitality (AREA)
- Strategic Management (AREA)
- Water Supply & Treatment (AREA)
- Marketing (AREA)
- Human Resources & Organizations (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides a power data security sharing method and system based on a homomorphic encryption intelligent contract. According to the method, a homomorphic encryption algorithm is arranged in an intelligent contract, and privacy guarantee is exchanged by conducting homomorphic encryption on individual privacy fields of power data and sacrificing the calculation efficiency of the fields to a certain degree. The intelligent contract is enabled to complete the function of data analysis and calculation, only the calculation result is shared instead of the source data, and chain storage certificates are shared in the whole process, so that the data safety of both the supplier and the supplier is ensured, and the data leakage is prevented.
Description
Technical Field
The invention belongs to the technical field of data sharing, and particularly relates to a power data security sharing method and system based on a homomorphic encryption intelligent contract.
Background
The existing power data transaction sharing system based on the blockchain technology has the advantages of many equal entities, distrust transaction and record trace (traceability), but still has the defects of leakage abuse risk caused by reselling and backing up of original data and untrustworthy data processing service. Considering that a data demand party generally needs a result of data analysis and does not directly use original data, if only an operation result of source data is traded instead of the source data, leakage of the source data can be avoided. In order to solve the trust problem of the computing environment, the analysis computing part of the data is transferred to a blockchain intelligent contract execution environment, which is equivalent to the functional service of 'cloud computing' deployed on a blockchain system. But "cloud computing" is at risk of data leakage to the data owner. If the data is submitted in the block chain system in a clear text form, the communication or node storage link has a risk of data leakage.
In order to realize data computing service with privacy and safety, a software and hardware combined technical scheme of 'intelligent contracts + SGX technology' is provided at present. The SGX technique is an extension to the Intel architecture and can protect the execution of programs at the hardware level, and even if the host has ROOT rights or virtual machine administrator rights, the host cannot access the code and data therein. SGX technology requires special hardware facilities, essentially by adding hardware constraints (CPU needed to support TEE) to blockchain participants in exchange for performance and privacy guarantees, thereby increasing hardware costs. The invention provides a pure software solution of 'intelligent contract + homomorphic encryption algorithm', which homomorphic encrypts private data of individual fields, sacrifices the computational efficiency of the fields to a certain degree to obtain privacy guarantee, and avoids the purchase and use cost of special hardware.
Disclosure of Invention
The invention provides a power data security sharing method and system based on a homomorphic encryption intelligent contract, aiming at solving the problems in the prior art.
The invention is realized by the following technical scheme, the invention provides an electric power data security sharing method based on a homomorphic encryption intelligent contract, in a Fabric Block chain network, a data provider and a data demander are different organization nodes of the same channel of a Block chain, the nodes jointly examine an endorsement data sharing request intelligent contract, so that a supply and demand party carry out data sharing request processing through the intelligent contract, a block is generated every time a sharing record is generated, the blocks are jointly stored by the nodes of the Block chain, consistency is ensured by a consensus algorithm, therefore, the sharing record can not be stored in the Block chain account book in a falsification mode, electric power data is stored in the Fabric private data of the data provider or a database under the chain, and data calling during data calculation of the intelligent contract is met; the data provider is an authorized node of private data, and arranges a data computation intelligent contract containing a homomorphic encryption algorithm; at the moment, a data demand party initiates a data request to a block chain system by using the identity of a Client, the data sharing request is written into a block chain request record ledger by using a sharing request intelligent contract, a data provider reads the request record ledger and calls a data calculation intelligent contract after passing through the sharing request, the uploaded electric power data completes data processing analysis in a trusted computing environment of the intelligent contract, the selected privacy data field is subjected to homomorphic encryption computation to generate a computation report and write the computation report into the block chain, finally the Client of the demand party calls the computation report, and the data sharing process is finished.
The invention provides a power data security sharing system based on a homomorphic encryption intelligent contract, which comprises a Web end and a Fabric network, wherein the Web end is connected with the Fabric network; the Web end is an application end which is responsible for being directly interactively displayed with a user and provides an operation entrance of a system core function for the user, the Web end is developed by using a Fabric application program SDK, and is connected with a service interface of block chain network interaction to execute chain code calling and data access; chain codes in the Fabric network realize the business logic of data sharing, a data structure stored in a block chain is defined, uploaded power data sets, sharing request records and data calculation reports can be converted into key value pairs to be stored in a Fabric network book, and the key value pairs can be traceable and cannot be tampered, so that the business requirements for accessing data are met.
Further, in the sharing system, the electric power data uploaded by the data provider is stored in a private database of a node in the block chain network or a self-owned electric power database under the chain, logically divided into independent data tables according to the management requirement and in a management mode of a document type database, namely an electric power data Table, wherein the electric power data Table is in a json format and corresponds to a Table structure body in chain code development.
Furthermore, in the sharing system, a data Request record table shared by the two data supply and demand parties, namely a sharing Request table, corresponds to a Request structure body in chain code development, is generated by the demand party and submitted to the blockchain network, and is logically stored in a public Request record book.
Further, in the sharing system, after the request in the sharing request table is approved by the provider, the blockchain network extracts the corresponding power data from the private database according to the content of the request to perform calculation service, and the generated calculation result is integrated with the content of the request to form a calculation report, which is stored in a calculation report book private to the requester and corresponds to a Response structure in chain code development.
Furthermore, the intelligent contract is specifically realized by five go code files in chain codes; the chain code comprises five files of encryption.
Go defines the specific computing service set by the data provider for the demander, which includes getattributetitotal (), getattibuteave (), and getsearch (); in the calculation process, if the calculation field relates to an encryption field, a corresponding homomorphic encryption algorithm is called to perform calculation on the basis of a ciphertext, only the calculation result of the ciphertext needs to be decrypted, and the decrypted result is returned, so that the safety of data is ensured, a homomorphic encryption algorithm which is specifically optimized is developed for each calculation service and is deployed in encryption.
Furthermore, private Org1.go of a data provider defines a Table structure body to store power data, and the data exists in a form of a Table, so that the Create and Read basic methods are realized; the newly added Table method CreateMyTable () is to use json. umarshal to analyze the power data Table into a Table structure body, the TableFlag field of the Table structure body is the operation identifier of the data Table, 0 represents newly added, and 1 represents deleted; when a certain electric power data table is called, the chain code firstly traverses the electric power private data to calculate a latest data table and then is used for calculation of a calculation function in service. The CreateMeyTable () calls Encryption () defined in Encryption. go to perform homomorphic Encryption processing on the selected privacy fields, and the homomorphic Encryption algorithms related to all the calculation service functions are respectively encrypted with a ciphertext by default so as to be used by various calculation services; PutPrivateData, a API provided by Fabric, is then called to insert the form data into the private database of the data provider.
Go defines the structure of Request and Response, which are used to store the data Request and the data sharing calculation result sent by the data demander; a data demand party sends a data calculation request to be inserted into a public request database by using a request sending method SendRequest (), a HandleSingle and a HandleAll are methods for selecting processing and batch processing requests respectively, and a calculation service function can be called through a reflection mechanism; the electric power data is only stored in a private database of the data provider, so that only the data provider can complete the calculation of the target field, a data sharing calculation result structure body is generated, the calculation result is added on the basis of modifying the request field and is stored in a calculation report book private to the demander, and the data demander calls a ReadResponse method in privateOrg2.go to look up a shared result, namely a data calculation report.
Further, the basic flow of calling chain code operation by using node.
step 3, connecting to the chain code appointed in the channel;
step 4, constructing a request;
step 5, submitting a request, and carrying out endorsement by the endorsement node;
and 6, processing the response.
The invention provides a pure software solution of an intelligent contract and a homomorphic encryption algorithm. Homomorphic encryption is a cryptography technology based on the mathematical problem computation complexity theory and is characterized in that ciphertexts can be mutually and directly computed and then decrypted, and the obtained result is the same as that of plaintext direct computation. The homomorphic encryption is arranged in the decentralized intelligent contract, so that the intelligent contract completes the function of data analysis and calculation and directly returns a report. Therefore, the shared data is a report calculated based on the data of all the data parties, not the source data, and chain deposit certificates are shared in the whole process, so that the data safety of both the supply and demand parties is ensured, and the data leakage is prevented.
Drawings
FIG. 1 is a schematic diagram of a data transaction sharing system based on a blockchain technique and a solution thereof;
FIG. 2 is a system flow diagram of a data sharing system;
FIG. 3 is a flow chart illustrating the operation of secure sharing of power data based on a Fabric implementation for a dual-Fabric node Fabric blockchain network;
FIG. 4 is a core system architecture diagram of a shared system;
FIG. 5 is a schematic diagram of the business logic of the Fabric Link code;
fig. 6 is a basic flow diagram of a call chain code operation using a node. js SDK;
FIG. 7 is a schematic view of a shared system login interface;
FIG. 8 is a schematic view of a data add-on interface;
FIG. 9 is a schematic view of a data query interface;
FIG. 10 is a schematic diagram of data query results;
FIG. 11 is a schematic view of a data request transmission interface;
FIG. 12 is a schematic view of a data request processing interface;
FIG. 13 is a schematic view of a data response query interface.
Detailed Description
The technical solutions in the embodiments of the present invention will be described clearly and completely with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The invention realizes a novel electric power data security sharing scheme based on a Hyperhedger Fabric hyper-book open-source framework, takes an execution environment of an intelligent contract as a trustable computing environment for data processing analysis, prevents data leakage by a homomorphic encryption algorithm, combines the figures 1-13, and provides an electric power data security sharing method based on the homomorphic encryption intelligent contract, in a Fabric Block chain network, a data provider and a data demander are different organization nodes of the same channel of a Block chain, the nodes jointly consult an endorsement data sharing request intelligent contract, so that the data sharing request processing is carried out by the data provider and the data demander through the intelligent contract, a block is generated every time of sharing record, the block is jointly stored by the nodes of the Block chain, the consistency is ensured by the consensus algorithm, therefore, the sharing record can not be falsified and stored in the Block chain account book, the data provider uploads and maintains the electric power data by using a Fabric private data method, the private data is stored in a private database on a node of an authorized organization, the private data can only be accessed by a chain code of the authorized node, the safety of the electric power data in a block chain network is enhanced, and data calling when an intelligent contract performs data calculation is ensured; in an actual scene, an electric database meeting the two functions can be additionally developed, the data storage performance is optimized, the data encryption step and the calculation result decryption step are transferred to the link, and the intelligent contract calculation efficiency and the key safety are further improved. The data provider is an authorized node of private data and is arranged with a data computation intelligence contract that contains a homomorphic encryption algorithm.
Taking a dual-organization node Fabric blockchain network as an example, the supply and demand parties are different organization nodes P1 and P2 with the same channel of the blockchain, a common review endorsement sharing request intelligent contract is used for processing a data sharing request, and a sharing request record is stored in a blockchain account book in an undistortable manner. The data provider P1 uploads and maintains power data using the Fabric's private data method, and is arranged with a data computation intelligence contract that contains a homomorphic encryption algorithm. The data demand side P2 initiates a data request to the blockchain system through the C2 client, and writes the data request into the request record ledger by using the sharing request intelligent contract. And the data provider P1 reads the request record ledger through the C1 client, calls a data calculation intelligent contract after the data request is approved to pass, so that the uploaded power data can complete data processing analysis in a calculation environment where the intelligent contract is trustable, and performs homomorphic encryption calculation on the selected private data field to generate a calculation report and write the calculation report into a block chain. And finally, the demander P2 calls the calculation report through the C2 client side, and the data sharing process is ended.
Table 1 and fig. 2 are system functions and system flow diagrams specific to the data sharing system design. After the user logs in, the system judges the identity of the logged-in user firstly. The data provider can upload the sharable data table to the Fabric blockchain network, and meanwhile, a data table sample is generated to be consulted by the demander. The data provider has the capacity of increasing, deleting, modifying and checking the data table, and can store the field data with high privacy level in the blockchain network after homomorphic encryption. And after the data requiring party consults the data sample, selecting the data field and the corresponding computing service according to the requirement of the data requiring party to form a self-defined data request and submitting the self-defined data request to the block chain network. The data provider reviews the data sharing request submitted by the data demander, and after the data sharing request is approved, the blockchain network runs and calculates and stores the data corresponding to the request. Homomorphic encrypted data is computed and decrypted using a special homomorphic encryption algorithm. Finally, the demand side consults the result of data calculation from the block chain network. The system can effectively meet the requirement of sharing data calculation results, and ensures the privacy and safety of the power data in the sharing process.
TABLE 1 System Functions of a data sharing System
At present, a data computing service for realizing privacy security in a block chain data sharing system is a software and hardware combined technical scheme using an intelligent contract + SGX technology, and the key characteristic of the data computing service is to move a computing part to the lower part of a chain so as to realize the purpose of privacy or saving computing resources. The SGX technique is an extension to the Intel architecture and can protect the execution of programs at the hardware level, and even if the host has ROOT rights or virtual machine administrator rights, the host cannot access the code and data therein. SGX technology requires special hardware facilities, essentially by adding hardware constraints (CPU needed to support TEE) to blockchain participants in exchange for performance and privacy guarantees, thereby increasing hardware costs. The invention provides a pure software solution of 'intelligent contract + homomorphic encryption algorithm', which homomorphic encrypts private data of individual fields, sacrifices the computational efficiency of the fields to a certain degree to obtain privacy guarantee, and avoids the purchase and use cost of special hardware.
The electric power data safety sharing system is preliminarily realized based on a novel electric power data safety sharing scheme, the requirement of sharing data calculation results can be effectively met, and privacy safety of electric power data in a sharing process is guaranteed. The core system structure of the power data sharing system is shown in fig. 4; the invention provides a power data security sharing system based on a homomorphic encryption intelligent contract, which comprises a Web end and a Fabric network, wherein the Web end is connected with the Fabric network; the Web end is an application end which is responsible for being directly interactively displayed with a user and provides an operation entrance of a system core function for the user, the Web end is developed by using an application program SDK of the Fabric, is connected with a service interface of block link network interaction, and executes chain code (intelligent contract in Hyperhedger Fabric) calling and data access; the chain codes in the Fabric network realize the business logic of data sharing, a data structure (namely the content of the book) stored in a block chain is defined, and the uploaded electric power data set, the sharing request record and the data calculation report can be converted into key value pairs to be stored in the Fabric network book, so that the book can be traced back and cannot be tampered, and the access of business requirements to data is met.
In the sharing system, the electric power data uploaded by a data provider is stored in a private database of a node in a block chain network, and logically divided into independent data tables according to the management requirement in a management mode of a MongoDB database, namely an electric power data Table, wherein the electric power data Table is in a json format and corresponds to a Table structure body in chain code development. The current development stage is to realize data calculation service in units of power data tables. The format is designed as follows:
in the sharing system, a data Request record table shared by both the data supplier and the data supplier, namely a sharing Request table, corresponds to a Request structure body in chain code development, is generated by the demander and submitted to a blockchain network, and is logically stored in a public Request record book. The format is designed as follows:
in the sharing system, after a request in a sharing request table is approved by a provider, a blockchain network extracts corresponding power data from a private database according to the content of the request to perform calculation service, and the generated calculation result and the content of the request are integrated to form a calculation report which is stored in a calculation report book private to a demander and corresponds to a Response structure body in chain code development. The format is designed as follows:
| name (R) | Format | Description of the invention |
| ID | Int | Index identification for computing reports |
| TableName | String | Data table names |
| Attribute | String | Field requesting calculation |
| Service | String | Demand computing service |
| ResponseTime | String | Calculating report generation time |
| Result | List | Data calculation results |
The business model of the system needs to be established in the Fabric chain code, and is the core of system development. Calling the chain code requires the following functions to be accomplished:
1. basic operations such as ordinary addition, deletion, modification, checking and the like are carried out on the power data table;
2. homomorphic encryption storage and calculation functions of individual data fields;
3. generating and processing a data sharing request;
4. a data computing service based on an intelligent contract.
The actual development process of the system is divided into an upper layer and a bottom layer, wherein the bottom layer development comprises development of chain codes in a service logic layer and related data operation, and the upper layer development comprises realization of partial functions and interface layers which need to be developed by node.
Bottom-layer development of a system:
1. the Fabric network configuration is to set up a simulation network with 2 organizations (Org), wherein the 2 organizations respectively represent two different types of users, namely a data provider and a data demander. In a simulated Fabric network, organization 1 represents the provider of data and organization 2 represents the demander of data. The Orderer node can be viewed as an infrastructure of the Fabric blockchain network, being the neutral node.
| Name (R) | HostName | Tissue of a patient |
| peer0 | peer0.org1.example.com | Org1 |
| peer0 | peer0.org2.example.com | Org2 |
| orderer | orderer.example.com | Orderer |
When the module configuration of the Fabric network is performed, the files to be configured include a configx.yaml file and a docker-compound.yaml file. The overall configuration of the power data sharing system functional module is as follows:
2. and (3) service chain code development: two intelligent contracts in the novel electric power data security sharing scheme are specifically realized by five go code files in chain codes, and the service logic of the Fabric chain codes of the system is shown in fig. 5.
The chain code comprises five files of encryption.
Go defines the specific calculation service (function) set by the data provider for the demander, which includes getattributetitotal (), getattibuteave (), and getsearch (); in the calculation process, if the calculation field relates to the encryption field, the corresponding homomorphic encryption algorithm is called to perform calculation on the basis of the ciphertext, only the calculation result of the ciphertext needs to be decrypted, and the decrypted result is returned, so that the safety of data is ensured, in order to improve the calculation efficiency, a specifically optimized homomorphic encryption algorithm is developed for each calculation service and is deployed in encryption.
| Calculating a function | Service function | Homomorphic encryption algorithm |
| GetAttributeTotal() | Calculating an accumulated result for a particular field | Paillier |
| GetAttributeAve() | Calculating an average value of a specific field | Paillier |
| GetPearson() | Computing Pearson correlation coefficients for two fields | Integer vector homomorphic encryption |
Go defines the key generation, encryption, ciphertext calculation and decryption method of homomorphic encryption algorithm. The chain code can directly import a corresponding method to encrypt and decrypt the inserted data. The chain code is initialized to generate a random initial key. The ciphertext computation is determined by a computational service developed by service. Homomorphic encryption algorithms allow data to be computed while encrypted, and finally decrypted to return the same result as the plaintext computation. According to the characteristics of homomorphic encryption algorithm, the operation process of the ciphertext is generally inconsistent with that of the original data. Taking the example of the Paillier algorithm to implement the GetAttributeTotal () function (calculating the accumulation result of a specific field), the original data is an addition operation, and the operation of the ciphertext is a multiplication. The original Paillier algorithm is only suitable for homomorphic addition operation of integer data, and the power data comprises floating point type data. In order to meet the aggregate addition calculation of floating point numbers, the calculation precision of the thousand decimals is considered to be reserved, all three bits of electric power data are shifted to the left to be converted into integers during homomorphic encryption processing, and the three bits are shifted to the right to obtain a real value after the calculation is finished and decryption is finished. Go defines the key generation, encryption, decryption method of Paillier homomorphic encryption algorithm.
Private Org1.go of a data provider defines a Table structure body to store electric power data, the data exists in a form of a Table, and a Create and Read basic method is realized; the newly added Table method CreateMyTable () is to use json. umarshal to analyze the power data Table into a Table structure body, the TableFlag field of the Table structure body is the operation identifier of the data Table, 0 represents newly added, and 1 represents deleted; when a certain electric power data table is called, the chain code firstly traverses the electric power private data (essentially data uploading logs, namely accounts books) to calculate a latest data table and then provides the latest data table for calculation by a calculation function in service. The cache database can be developed to store the latest state of the power data table, so that the program can directly access the cache database, and the calculation of the current value by traversing the account book is avoided. The CreateMeyTable () calls Encryption () defined in Encryption. go to perform homomorphic Encryption processing on the selected privacy fields, and the homomorphic Encryption algorithms related to all the calculation service functions are respectively encrypted with a ciphertext by default so as to be used by various calculation services; PutPrivateData, an API provided by Fabric, is then called to insert the form data into the private database of the data provider.
Go defines the structure of Request and Response, which are used to store the data Request and the data sharing calculation result sent by the data demander; a data demand side sends a data calculation request to be inserted into a public request database (block chain account book) by using a request sending method SendRequest (), wherein HandleSingle and HandleAll are methods for selecting processing and batch processing requests respectively, and calculation service functions can be called through a reflection mechanism; the electric power data is only stored in a private database of the data provider, so that only the data provider can complete the calculation of the target field, a data sharing calculation result structure body is generated, the calculation result is added on the basis of modifying the request field and is stored in a calculation report book private to the demander, and the data demander calls a ReadResponse method in privateOrg2.go to look up a shared result, namely a data calculation report.
And (3) upper-layer development of the system:
1. js SDK: the upper layer establishes an application layer to package the operation of calling the chain code for the Fabric bottom layer for the user, the node.js SDK of the Fabric is used for developing and writing the Nodejs file to realize the calling of the chain code by the upper layer, and the HTML + CSS + JS is used for completing the design and development of the Web page. Js SDK is one of the four language versions of SDK offered by Fabric, which, in addition to node. Js SDK, a third party package is firstly required to be introduced into js files, the code is as follows, the Fabric-network provides necessary API interfaces required by Gateway programming model supported by Fabric, and the Fabric-ca-client provides an identity verification interface.
const{Wallets,Gateway}=require('fabric-network');
const FabricCAServices=require('fabric-ca-client');
With reference to fig. 6, the basic flow of using node. js SDK to invoke chain code operation specifically is:
step 3, connecting to the chain code appointed in the channel;
step 4, constructing a request;
step 5, submitting a request, and carrying out endorsement by the endorsement node;
and 6, processing the response.
2. The upper-layer development of the power data sharing system comprises the following steps: after the JavaScript file of the connection Fabric network is written, the JavaScript file is connected with the interface of the Web end interface, and part of the Web end interface designed for the power data sharing system is shown in FIGS. 7-13:
FIG. 7 is a schematic view of a shared system login interface; the user enters a username and password to log in, at which stage the Gateway of the Fabric is initialized and a connection is established with the Fabric network. FIG. 8 is a schematic view of a data add-on interface; the fields are selectively encrypted for data to be inserted. FIG. 9 is a schematic view of a data query interface; FIG. 10 is a schematic diagram of data query results; and the table number is input, and the table data uploaded in the Fabric network can be queried. FIG. 11 is a schematic view of a data request transmission interface; and the data demander submits a specific form attribute request, an aggregation query or a correlation query. FIG. 12 is a schematic view of a data request processing interface; the data owner may view all requests and process the requests one-to-one. FIG. 13 is a schematic diagram of a data response query interface, where a data consumer can query all request results after the data owner processes the completion request.
The method and the system for safely sharing the power data based on the homomorphic encryption intelligent contract are introduced in detail, a specific example is applied in the text to explain the principle and the implementation mode of the invention, and the description of the embodiment is only used for helping to understand the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. A security sharing method of electric power data based on homomorphic encryption intelligent contract is characterized in that in a Fabric Block chain network, a data provider and a data demander are different organization nodes of the same channel of a Block chain, the nodes jointly examine an endorsement data sharing request intelligent contract, so that the data sharing request processing is carried out by the data provider and the demander through the intelligent contract, a block is generated every time a sharing record is generated, the block is jointly stored by the nodes of the Block chain, the consistency is ensured by a consensus algorithm, therefore, the sharing record is stored in a Block chain account book in an undistorted way, the electric power data is stored in the Fabric private data of the data provider or a database under the chain, and the data calling during data calculation of the intelligent contract is met; the data provider is an authorized node of private data, and arranges a data computation intelligent contract containing a homomorphic encryption algorithm; at the moment, a data demand party initiates a data request to a block chain system by using the identity of a Client, the data sharing request is written into a block chain request record ledger by using a sharing request intelligent contract, a data provider reads the request record ledger and calls a data calculation intelligent contract after passing through the sharing request, the uploaded electric power data completes data processing analysis in a trusted computing environment of the intelligent contract, the selected privacy data field is subjected to homomorphic encryption computation to generate a computation report and write the computation report into the block chain, finally the Client of the demand party calls the computation report, and the data sharing process is finished.
2. The utility model provides a power data security shared system based on intelligent contract is encrypted to homomorphism which characterized in that: the sharing system comprises a Web end and a Fabric network; the Web end is an application end which is responsible for being directly interactively displayed with a user and provides an operation entrance of a system core function for the user, the Web end is developed by using a Fabric application program SDK, and is connected with a service interface of block chain network interaction to execute chain code calling and data access; chain codes in the Fabric network realize the business logic of data sharing, a data structure stored in a block chain is defined, uploaded power data sets, sharing request records and data calculation reports can be converted into key value pairs to be stored in a Fabric network book, and the key value pairs can be traceable and cannot be tampered, so that the business requirements for accessing data are met.
3. The sharing system according to claim 2, wherein: in the sharing system, the electric power data uploaded by the data provider is stored in a private database of a node in a block chain network or an own electric power database under a chain, logically divided into independent data tables, namely electric power data tables, according to management requirements and in a management mode of a document type database, wherein the electric power data tables are in a json format and correspond to a Table structure body in chain code development.
4. The sharing system according to claim 3, wherein: in the sharing system, a data Request record table shared by both the data supplier and the data supplier, namely a sharing Request table, corresponds to a Request structure body in chain code development, is generated by the demander and submitted to a blockchain network, and is logically stored in a public Request record book.
5. The sharing system according to claim 4, wherein: in the sharing system, after a request in a sharing request table is approved by a provider, a blockchain network extracts corresponding power data from a private database according to the content of the request to perform calculation service, and the generated calculation result and the content of the request are integrated to form a calculation report which is stored in a calculation report book private to a demander and corresponds to a Response structure body in chain code development.
6. The sharing system according to claim 5, wherein: the intelligent contract is specifically realized by five go code files in chain codes; the chain code comprises five files of encryption.
7. The sharing system according to claim 6, wherein: go defines the specific computing service set by the data provider for the demander, the computing service includes getattributetitotal (), getattributevase (), and getsearch (); in the calculation process, if the calculation field relates to an encryption field, a corresponding homomorphic encryption algorithm is called to perform calculation on the basis of a ciphertext, only the calculation result of the ciphertext needs to be decrypted, and the decrypted result is returned, so that the safety of data is ensured, a homomorphic encryption algorithm which is specifically optimized is developed for each calculation service and is deployed in encryption.
8. The sharing system according to claim 7, wherein: private Org1.go of a data provider defines a Table structure body to store electric power data, the data exists in a form of a Table, and a Create and Read basic method is realized; the newly added Table method CreateMyTable () is to use json. umarshal to analyze the power data Table into a Table structure body, the TableFlag field of the Table structure body is the operation identifier of the data Table, 0 represents newly added, and 1 represents deleted; when a certain electric power data table is called, the chain code firstly traverses the electric power private data to calculate a latest data table and then is used for a calculation function in service. The CreateMeyTable () calls Encryption () defined in Encryption. go to perform homomorphic Encryption processing on the selected privacy field, and the homomorphic Encryption algorithms related to all the calculation service functions are encrypted by default to form a ciphertext for various calculation services; PutPrivateData, a API provided by Fabric, is then called to insert the form data into the private database of the data provider.
9. The sharing system according to claim 8, wherein: go defines the structure of Request and Response, which are used to store the data Request and the data sharing calculation result sent by the data demander; a data demand party sends a data calculation request to be inserted into a public request database by using a request sending method SendRequest (), a HandleSingle and a HandleAll are methods for selecting processing and batch processing requests respectively, and a calculation service function can be called through a reflection mechanism; the electric power data is only stored in a private database of the data provider, so that only the data provider can complete the calculation of the target field, a data sharing calculation result structure body is generated, the calculation result is added on the basis of modifying the request field and is stored in a calculation report book private to the demander, and the data demander calls a ReadResponse method in privateOrg2.go to look up a shared result, namely a data calculation report.
10. The sharing system according to claim 9, wherein: the basic flow of calling chain code operation by using node.js SDK specifically is as follows:
step 1, acquiring identity information from a wallet;
step 2, connecting to a Fabric channel network;
step 3, connecting to the chain code appointed in the channel;
step 4, constructing a request;
step 5, submitting a request, and carrying out endorsement by the endorsement node;
and 6, processing the response.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210282372.2A CN114880715A (en) | 2022-03-22 | 2022-03-22 | Power data security sharing method and system based on homomorphic encryption intelligent contract |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210282372.2A CN114880715A (en) | 2022-03-22 | 2022-03-22 | Power data security sharing method and system based on homomorphic encryption intelligent contract |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114880715A true CN114880715A (en) | 2022-08-09 |
Family
ID=82668358
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210282372.2A Pending CN114880715A (en) | 2022-03-22 | 2022-03-22 | Power data security sharing method and system based on homomorphic encryption intelligent contract |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114880715A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115051878A (en) * | 2022-08-16 | 2022-09-13 | 天聚地合(苏州)科技股份有限公司 | Interface-based privacy calculation method, system, storage medium and equipment |
| CN116578544A (en) * | 2023-07-06 | 2023-08-11 | 华北电力大学 | Power data sharing method based on block chain |
-
2022
- 2022-03-22 CN CN202210282372.2A patent/CN114880715A/en active Pending
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115051878A (en) * | 2022-08-16 | 2022-09-13 | 天聚地合(苏州)科技股份有限公司 | Interface-based privacy calculation method, system, storage medium and equipment |
| CN116578544A (en) * | 2023-07-06 | 2023-08-11 | 华北电力大学 | Power data sharing method based on block chain |
| CN116578544B (en) * | 2023-07-06 | 2023-10-17 | 华北电力大学 | Power data sharing method based on block chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI694350B (en) | Information supervision method and device based on blockchain | |
| Wu et al. | Efficient and privacy-preserving traceable attribute-based encryption in blockchain | |
| US11700257B2 (en) | System and method for storing and distributing consumer information | |
| Zhou et al. | MIStore: a blockchain-based medical insurance storage system | |
| KR100960578B1 (en) | Identity-based key generating methods and devices | |
| CN109635585A (en) | Method, agent node and the medium of Transaction Information are inquired in block chain network | |
| Wang et al. | Security-aware and privacy-preserving personal health record sharing using consortium blockchain | |
| CN114880715A (en) | Power data security sharing method and system based on homomorphic encryption intelligent contract | |
| CN105871786A (en) | User information authentication method, device and system | |
| Sun et al. | Research on logistics information blockchain data query algorithm based on searchable encryption | |
| WO2022156594A1 (en) | Federated model training method and apparatus, electronic device, computer program product, and computer-readable storage medium | |
| CN115174091A (en) | Homomorphic encryption privacy protection method for distributed digital identity | |
| CN110766548A (en) | Block chain based information processing method and device, storage medium and electronic equipment | |
| Zhao et al. | Blockchain-based auditable privacy-preserving data classification for Internet of Things | |
| Xue et al. | Blockchain-based fair and fine-grained data trading with privacy preservation | |
| Heiss et al. | Non-disclosing credential on-chaining for blockchain-based decentralized applications | |
| CA3050487A1 (en) | System and method for storing and distributing consumer information | |
| CN117749349A (en) | Block chain-based secure data market management system and method | |
| Zhang et al. | A traceable and revocable multi-authority attribute-based access control scheme for mineral industry data secure storage in blockchain | |
| Li et al. | Redactable signature-based public auditing scheme with sensitive data sharing for cloud storage | |
| CN110492997A (en) | A kind of encryption system based on super account book, method, apparatus and storage medium | |
| Hong et al. | Constructing conditional PKEET with verification mechanism for data privacy protection in intelligent systems | |
| Cai et al. | Vizard: A metadata-hiding data analytic system with end-to-end policy controls | |
| Li et al. | A blockchain‐based traceable group loan system | |
| CN113706261A (en) | Block chain-based power transaction method, device and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |