CN115208630B - Block chain-based data acquisition method and system and block chain system - Google Patents
Block chain-based data acquisition method and system and block chain system Download PDFInfo
- Publication number
- CN115208630B CN115208630B CN202210675308.0A CN202210675308A CN115208630B CN 115208630 B CN115208630 B CN 115208630B CN 202210675308 A CN202210675308 A CN 202210675308A CN 115208630 B CN115208630 B CN 115208630B
- Authority
- CN
- China
- Prior art keywords
- data
- query
- encryption information
- information
- intelligent contract
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 56
- 230000004044 response Effects 0.000 claims description 55
- 238000012545 processing Methods 0.000 claims description 49
- 238000005316 response function Methods 0.000 claims description 23
- 230000008569 process Effects 0.000 abstract description 14
- 230000003993 interaction Effects 0.000 abstract description 10
- 230000006870 function Effects 0.000 description 20
- 238000005516 engineering process Methods 0.000 description 7
- 230000005540 biological transmission Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 230000001960 triggered effect Effects 0.000 description 5
- 101150047356 dec-1 gene Proteins 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 3
- COCAUCFPFHUGAA-MGNBDDOMSA-N n-[3-[(1s,7s)-5-amino-4-thia-6-azabicyclo[5.1.0]oct-5-en-7-yl]-4-fluorophenyl]-5-chloropyridine-2-carboxamide Chemical compound C=1C=C(F)C([C@@]23N=C(SCC[C@@H]2C3)N)=CC=1NC(=O)C1=CC=C(Cl)C=N1 COCAUCFPFHUGAA-MGNBDDOMSA-N 0.000 description 3
- 230000000007 visual effect Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000009792 diffusion process Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 239000012634 fragment Substances 0.000 description 1
- 239000003999 initiator Substances 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
Abstract
The application discloses a data acquisition method and system based on a block chain and the block chain system, wherein the data acquisition method based on the block chain comprises the following steps: the data demand node encrypts the random number R by using a public key corresponding to the query item i to acquire first encryption information; responding to a data query event, and acquiring first encryption information by a data providing node; decrypting the first encryption information according to N private keys corresponding to the N query entries to obtain N decrypted data, and encrypting the N data stored by the data providing node by using the N decrypted data to obtain N second encryption information; the data demand node acquires second encryption information corresponding to the query item i from the N pieces of second encryption information; and according to the second encryption information and the random number R corresponding to the query item i, the data demand node acquires the data corresponding to the query item i. The method and the device protect the privacy of the data demand party in the data interaction process of the data demand party and the data provider.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a blockchain-based data acquisition method, a blockchain-based data acquisition system, a blockchain system, and a computer readable storage medium.
Background
With the increasing importance of user privacy protection, how to realize the secure acquisition of user privacy data in the process of inquiring and acquiring data from a data provider by a user (data demand party) has become a concern for network security researchers.
In the prior art, a data provider realizes the protection of private data by setting corresponding rights for each private information and setting a user authentication mechanism on a software layer. For example, after the server (data provider) receives the query request from the user, it is determined whether or not to transmit the privacy information corresponding to the query request to the user by determining whether or not the user has authority to acquire the privacy information corresponding to the query request.
However, in the prior art, the data provider receives the query request from the user, which may cause privacy included in the information of the content requested by the user to be revealed to the data provider, which is an urgent need to be solved.
Disclosure of Invention
The application provides a data acquisition method and system based on a blockchain, a blockchain system and a computer readable storage medium, so that privacy of a data demand party is protected in a data interaction process of the data demand party and a data provider.
In a first aspect, an embodiment of the present application provides a data acquisition method based on a blockchain, which is applied to a node in the blockchain, and the method includes:
the data demand node encrypts a random number R by using a public key corresponding to a query item i to obtain first encrypted information, wherein i is a positive integer;
invoking a target intelligent contract according to the first encryption information so that the target intelligent contract triggers a data query event, wherein the target intelligent contract stores N query entries and N public keys corresponding to the query entries in advance, and N is a positive integer greater than or equal to i;
responding to the data query event, and acquiring the first encryption information by a data providing node;
decrypting the first encryption information according to N private keys corresponding to N query entries to obtain N decrypted data, encrypting the N data stored by the data providing node by using the N decrypted data to obtain N second encryption information, wherein the N second encryption information is used for enabling the target intelligent contract to trigger a data query response event;
responding to the data query response event, and acquiring second encryption information corresponding to the query item i from the N pieces of second encryption information by the data demand node;
And according to the second encryption information corresponding to the query item i and the random number R, the data demand node acquires the data corresponding to the query item i.
Optionally, the decrypting the first encrypted information according to N private keys corresponding to the N query entries to obtain N decrypted data includes:
decrypting the first encrypted information by using a private key corresponding to the j-th query item to obtain j-th decrypted data, wherein j traverses from 1 to N in sequence;
and after the traversing is finished, obtaining N pieces of decryption data.
Optionally, the encrypting the N data stored by the data providing node using the N decrypted data, to obtain N pieces of second encrypted information, including:
carrying out preset encryption processing according to the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information, wherein k traverses from 1 to N in sequence;
and after the traversing is finished, N pieces of second encryption information are obtained.
Optionally, the obtaining, by the data requiring node, the data corresponding to the query entry i according to the second encryption information corresponding to the query entry i and the random number R includes:
and carrying out preset decryption processing on the second encryption information corresponding to the query item i according to the random number R to obtain data corresponding to the query item i, wherein the preset decryption processing and the preset encryption processing are corresponding encryption and decryption operations.
Optionally, the encrypting process is performed according to the kth decrypted data and the data corresponding to the query entry k, so as to obtain kth second encrypted information, which includes:
performing exclusive OR operation on the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information;
decrypting the second encryption information corresponding to the query item i according to the random number R to obtain data corresponding to the query item i, including:
and performing exclusive OR operation on the random number R and the second encryption information corresponding to the query item i to obtain data corresponding to the query item i.
Optionally, the calling the target smart contract according to the first encryption information, so that the target smart contract triggers a data query event, including:
and calling the query function by taking the first encryption information as a parameter of the query function so that the target intelligent contract triggers a data query event.
Optionally, the target smart contract triggers a data query response event, including:
determining an encryption information array according to the N pieces of second encryption information, wherein N array elements included in the encryption information array correspond to the N pieces of second encryption information one by one;
And calling the query response function by taking the encrypted information array as a parameter of the query response function so that the target intelligent contract triggers a data query response event, wherein the data in the ith second encrypted information of the encrypted information array corresponds to the query item i.
In a second aspect, embodiments of the present application further provide a blockchain-based data acquisition system, the system including:
the first acquisition unit is applied to the data demand node and is used for encrypting the random number R by using a public key corresponding to the query item i to acquire first encryption information, wherein i is a positive integer;
the first triggering unit is applied to the data demand node and is used for calling a target intelligent contract according to the first encryption information so that the target intelligent contract triggers a data query event, N query entries and N public keys corresponding to the query entries are stored in advance in the target intelligent contract, and N is a positive integer greater than or equal to i;
the second acquisition unit is applied to the data providing node and is used for responding to the data query event and acquiring the first encryption information;
The first processing unit is applied to the data providing node, and is used for decrypting the first encryption information according to N private keys corresponding to N query entries to obtain N decrypted data, encrypting the N data stored by the data providing node by using the N decrypted data to obtain N second encryption information, wherein the N second encryption information is used for enabling the target intelligent contract to trigger a data query response event;
the third obtaining unit is applied to the data demand node and is used for responding to the data query response event and obtaining second encryption information corresponding to the query item i from the N pieces of second encryption information;
the second processing unit is applied to the data demand node and is used for acquiring data corresponding to the query item i according to the second encryption information corresponding to the query item i and the random number R.
Optionally, the first processing unit is specifically configured to:
decrypting the first encrypted information by using a private key corresponding to the j-th query item to obtain j-th decrypted data, wherein j traverses from 1 to N in sequence;
And after the traversing is finished, obtaining N pieces of decryption data.
Optionally, the first processing unit is specifically configured to:
carrying out preset encryption processing according to the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information, wherein k traverses from 1 to N in sequence;
and after the traversing is finished, N pieces of second encryption information are obtained.
Optionally, the first processing unit is specifically configured to:
and carrying out preset decryption processing on the second encryption information corresponding to the query item i according to the random number R to obtain data corresponding to the query item i, wherein the preset decryption processing and the preset encryption processing are corresponding encryption and decryption operations.
Optionally, the first processing unit is specifically configured to:
performing exclusive OR operation on the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information;
decrypting the second encryption information corresponding to the query item i according to the random number R to obtain data corresponding to the query item i, including:
and performing exclusive OR operation on the random number R and the second encryption information corresponding to the query item i to obtain data corresponding to the query item i.
Optionally, the first trigger unit is specifically configured to:
And calling the query function by taking the first encryption information as a parameter of the query function so that the target intelligent contract triggers a data query event.
Optionally, the first processing unit is specifically configured to:
determining an encryption information array according to the N pieces of second encryption information, wherein N array elements included in the encryption information array correspond to the N pieces of second encryption information one by one;
and calling the query response function by taking the encrypted information array as a parameter of the query response function so that the target intelligent contract triggers a data query response event, wherein the data in the ith second encrypted information of the encrypted information array corresponds to the query item i.
In a third aspect, embodiments of the present application also provide a blockchain system, the blockchain system including: a data demand node and a data providing node;
the data demand node is configured to encrypt the random number R by using a public key corresponding to a query entry i, to obtain first encrypted information, where i is a positive integer;
the data demand node is further configured to invoke a target intelligent contract according to the first encryption information, so that the target intelligent contract triggers a data query event, where the target intelligent contract stores N query entries and N public keys corresponding to the query entries in advance, and N is a positive integer greater than or equal to i;
The data providing node is further configured to obtain the first encryption information in response to the data query event;
the data providing node is further configured to decrypt the first encrypted information according to N private keys corresponding to N query entries, obtain N decrypted data, encrypt N data stored by the data providing node using the N decrypted data, obtain N second encrypted information, where the N second encrypted information is used to enable the target intelligent contract to trigger a data query response event;
the data demand node is further configured to obtain second encryption information corresponding to the query entry i from the N second encryption information in response to the data query response event;
the data demand node is further configured to obtain data corresponding to the query entry i according to the second encryption information corresponding to the query entry i and the random number R.
Optionally, the data providing node is further configured to:
decrypting the first encrypted information by using a private key corresponding to the j-th query item to obtain j-th decrypted data, wherein j traverses from 1 to N in sequence;
and after the traversing is finished, obtaining N pieces of decryption data.
Optionally, the data providing node is further configured to:
Carrying out preset encryption processing according to the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information, wherein k traverses from 1 to N in sequence;
and after the traversing is finished, N pieces of second encryption information are obtained.
Optionally, the data demand node is further configured to:
and carrying out preset decryption processing on the second encryption information corresponding to the query item i according to the random number R to obtain data corresponding to the query item i, wherein the preset decryption processing and the preset encryption processing are corresponding encryption and decryption operations.
Optionally, the data providing node is further configured to:
performing exclusive OR operation on the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information;
the data demand node is further configured to:
and performing exclusive OR operation on the random number R and the second encryption information corresponding to the query item i to obtain data corresponding to the query item i.
Optionally, the data demand node is further configured to:
and calling the query function by taking the first encryption information as a parameter of the query function so that the target intelligent contract triggers a data query event.
Optionally, the data providing node is further configured to:
Determining an encryption information array according to the N pieces of second encryption information, wherein N array elements included in the encryption information array correspond to the N pieces of second encryption information one by one;
and calling the query response function by taking the encrypted information array as a parameter of the query response function so that the target intelligent contract triggers a data query response event, wherein the data in the ith second encrypted information of the encrypted information array corresponds to the query item i.
In a fourth aspect, embodiments of the present application further provide a computer readable storage medium storing a data processing program, the program being executed by a processor to perform the blockchain-based data acquisition method according to any of the first aspects.
Compared with the prior art, the application has the following advantages:
according to the data acquisition method based on the blockchain, in the process of carrying out data interaction on both the data providing node and the data demand node on the blockchain deployed with the intelligent contract, the data providing node carries out the uplink operation on the query item corresponding to the owned data and the public key corresponding to each query item, so that the data demand node can acquire each query item and the public key corresponding to each query item on a platform with transparent disclosure of the blockchain. Then, the data demand node determines a query entry i according to the required data i, encrypts a random number R according to a public key i corresponding to the query entry, and calls an intelligent contract according to the obtained first encryption information to trigger the intelligent contract to trigger a data query event. The data providing node acquires the first encryption information on the chain after hearing the data query event. Since the data providing node does not know which public key the data requiring node uses to encrypt, decrypting the first encrypted information using all private keys yields N decrypted data. In order to send the data to the data demand node and protect the data from being acquired by other people, the data providing node needs to encrypt each data with N pieces of decrypted data to obtain N pieces of second ciphertext information. The data providing node invokes an operation of a smart contract deployed in the blockchain using the N second ciphertext information, the smart contract triggering a data query response event. After the data demand node monitors the data inquiry response event triggered by the intelligent contract, N pieces of second ciphertext information are read from the storage space corresponding to the intelligent contract address, and the ith piece of second ciphertext information is taken out from the N pieces of second ciphertext information. Then, the data demand node uses the random number R to decrypt the ith second ciphertext information, and then obtains the data i. This ensures privacy protection of the data demand node and protection of the data provided by the data provider while increasing the public reliability of the data interaction between the data providing node and the data demand node.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiments of the invention and together with the description serve to explain the invention and do not constitute a limitation on the invention. In the drawings:
fig. 1 is a schematic view of an application scenario provided in a first embodiment of the present application;
FIG. 2 is a flow chart of a blockchain-based data acquisition method provided in a second embodiment of the present application;
FIG. 3 is a flow chart of a blockchain-based data acquisition method provided by a third embodiment of the present application;
FIG. 4 is a flowchart illustrating a blockchain-based information query method according to a fourth embodiment of the present disclosure;
FIG. 5 is a schematic diagram of a block chain based data acquisition system according to a fifth embodiment of the present application;
fig. 6 is a schematic structural diagram of a blockchain system provided in a sixth embodiment of the present application.
Detailed Description
The invention will be described more fully hereinafter with reference to the accompanying drawings, in which embodiments of the invention are shown. In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. However, the described embodiments are intended to be some, but not all, of the many other embodiments that a person of ordinary skill in the art would achieve without inventive faculty are within the scope of the invention.
It should be noted that in the description of the present application, the terms "first," "second," and the like are used for descriptive purposes only and are not to be construed as indicating or implying relative importance, as well as a particular order or sequence. The specific meaning of the terms in this application will be understood by those of ordinary skill in the art in a specific context. Furthermore, in the description of the present application, unless otherwise indicated, the term "plurality" refers to two or more. The term "and/or" describes an association relationship of associated objects, meaning that there may be three relationships, e.g., a and/or B, which may represent: a exists alone, A and B exist together, and B exists alone. The character "/" generally indicates that the context-dependent object is an "or" relationship. The terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed or inherent to such process, method, article, or apparatus.
In order to facilitate understanding of the technical solutions of the present application, related concepts related to the present application will be described first.
Information security acquisition: a method for a user to query a database or data source for desired information without having the data source owner obtain query conditions. Numerous studies have shown that even if data from a data source is encrypted using a semantically secure encryption scheme, the access patterns generated during user access reveal private data. Thus, the access pattern becomes an important influencing factor that has to be considered for protecting the user's private data. Based on this, researchers have proposed private information retrieval, the basic idea of which is to hide access patterns (Private Information Retrieval, PIR) from a server side in the process that a user obtains information from the database through the server side, so as to realize that the user retrieves and obtains information from the database.
Further, the retrieval of private Information from the type can be divided into Information theory-type Information acquisition (IPIR-theoretic Private Information Retrieval) and calculation-type private Information acquisition (Computational Private Information Retrieval, computational PIR), wherein the former distributes query conditions to a plurality of servers through a plurality of servers, namely, each server can only obtain incomplete query conditions, even if all query condition fragments are collected and spliced, the latter can not be recovered, and the latter realizes user privacy protection on a single server mainly through a high-complexity encryption algorithm, so that the cost of the server is saved. Meanwhile, subsequent researchers propose means such as careless transmission (confusing transmission), secret sharing and homomorphic encryption to optimize the encryption operation and communication complexity of PIR.
Inadvertent transmission (Oblivious Transfer, OT): a cryptographic protocol in which the sender of a message sends a message to the recipient from among a number of messages to be sent, but does not know afterwards which message was sent to the recipient, so this protocol is also called the confusing transmission protocol. The privacy of the recipient is not known to the sender, making the two parties to the communication communicate the message in a way that obscures the choice, which greatly protects the recipient privacy.
Blockchain: a time sequence chained data structure which guarantees the data non-falsifiability and non-falsifiability in a cryptography way is a distributed account book technology. It is generally considered that it has the characteristics of decentralization, participation by nodes, non-falsification and falsification of stored data, disclosure transparency, etc. Based on the three characteristics, the information recorded at any time point in history of each account can be found after the blockchain technology is applied, so that the reality, reliability and transparency disclosure of the transaction can be ensured. In blockchain technology, valuable information is permanently stored in the form of data, and the carrier used to store the transaction data becomes a block. The blockchain is called a blockchain because it is a chain of blocks that contain transaction information, each block being a segment of the chain, that are joined end-to-end by a chain.
The node refers to each blockchain terminal participating in accounting in the blockchain network, and comprises a mobile phone, a server and the like. The nodes in the blockchain include four features: 1. the device has a certain storage space; 2. can be networked; 3. a visual operation terminal; 4. participate in the blockchain. That is, the corresponding program of the blockchain is operated in the storage space corresponding to the networked visual operation terminal, the user carries out the blockchain transaction by logging in the account, and the visual operation terminal packs the transaction information of the user in the block and then writes the transaction information into the blockchain network. Wherein the user must first register with the user as a blockchain, which returns to the user a pair of public and private keys. The public key serves as the user's account address on the blockchain and the private key serves as the sole key to operate the account.
Intelligent contract: a computer protocol intended to propagate, verify or execute contracts in an informative manner. That is, the smart contract is based on trusted, non-tamperable data in the blockchain, and some predefined rules and terms can be automatically enforced. Compared with the traditional contracts, the intelligent contracts have the characteristics of self-execution and self-verification and tamper resistance, and can reduce transaction cost, ensure transaction safety and reduce the dependence on a trusted intermediary organization. The smart contract includes the following three steps: 1. deployment of intelligent contracts: the smart contracts are jointly participated in making a piece of smart contract by a plurality of users in the blockchain. 2. Storage of intelligent contracts: the intelligent contracts are stored into the blockchain through point-to-point network diffusion and storage to each blockchain node. 3. Execution of the smart contract: the intelligent contract regularly performs automaton state check, verifies things meeting the conditions, automatically executes the things after consensus is achieved, and informs a user.
Next, the prior art to which the present application relates, problems existing in the prior art, and technical ideas of the present application will be described first.
In the prior art, a data provider realizes the protection of private data by setting corresponding rights for each private information and setting a user authentication mechanism on a software layer. For example, after the server (data provider) receives the query request from the user, it is determined whether or not to transmit the privacy information corresponding to the query request to the user by determining whether or not the user has authority to acquire the privacy information corresponding to the query request.
However, in the prior art, the data provider receives the query request from the user, which means that the information of the content requested by the user is exposed to the data provider, which may cause the privacy included in the information of the content requested by the user to be compromised to the data provider, which is an urgent need to be solved.
Based on the existing problems, the blockchain-based information query method provided by the application realizes the data interaction between the data provider and the data demander (user) through the blockchain deployed with the intelligent contract, and can ensure the privacy protection of the data demander while increasing the disclosure reliability of the interaction between the data provider and the data demander.
In order to make the purposes and technical solutions of the present application clearer and more intuitive, the method provided by the embodiments of the present application will be described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
Next, an application scenario of the embodiment of the present application will be described with reference to fig. 1, and fig. 1 is a schematic diagram of an application scenario provided in the first embodiment of the present application.
As shown in fig. 1, the application scenario includes a data demander 101, a blockchain 102, and a data provider 103. The block chain network comprises K nodes, namely node 1, node 2, … and node K; a blockchain application is installed on each node in the blockchain network. The data demander and the data provider interface with node 4 and node 5, respectively, in the blockchain (or the data demander and the data provider may be deployed directly on node 4, node 5, respectively), or the data demander and the data provider may interface with the same node in the blockchain (this is not illustrated in fig. 1). The data demander and the data provider can access the blockchain network by logging in the respective blockchain account numbers on the nodes 4, 5, respectively, it being understood that the node 4 may be referred to as a data demander node and the node 5 as a data provider node.
The devices used by the data demander and the data provider may be electronic terminal devices, servers (clusters), cloud servers, and the like. The nodes in the blockchain, that is, the electronic devices in the blockchain, may be a desktop computer, a notebook computer, a mobile phone, a smart watch, a tablet computer, a server, a terminal device, or other electronic devices, and the embodiment of the present application is not particularly limited. Meanwhile, the data provider creates an intelligent contract on the blockchain, and the data provider and all data demander participating in the intelligent contract sign the intelligent contract with respective private keys respectively so as to ensure the validity of the intelligent contract. The signed intelligent integrated date is diffused in the blockchain network in a point-to-point mode, so that each blockchain node can receive the intelligent contract, and the deployment of the intelligent contract on the blockchain is completed. In the application scenario shown in fig. 1, the data interaction between the data demander and the data provider is achieved by means of an automated execution flow of the intelligent contracts on the blockchain.
Next, a description will be given of a blockchain-based data acquisition method according to an embodiment of the present application with reference to fig. 2, and fig. 2 is a flowchart of a blockchain-based data acquisition method according to a second embodiment of the present application.
As shown in fig. 2, includes:
s201, the data demand node encrypts the random number R by using a public key corresponding to the query entry i to obtain first encrypted information, wherein i is a positive integer.
S202, calling a target intelligent contract according to the first encryption information so that the target intelligent contract triggers a data query event, wherein the target intelligent contract stores N query entries and N public keys corresponding to the query entries in advance, and N is a positive integer greater than or equal to i.
Optionally, the first encryption information is used as a parameter of the query function to call the query function, so that the target intelligent contract triggers the data query event.
S203, responding to the data query event, and acquiring the first encryption information by the data providing node.
S204, decrypting the first encryption information according to N private keys corresponding to the N query entries to obtain N decrypted data, encrypting the N data stored by the data providing node by using the N decrypted data to obtain N second encryption information, wherein the N second encryption information is used for enabling the target intelligent contract to trigger a data query response event.
Optionally, the first encryption information is decrypted for "N private keys corresponding to N query entries" to obtain N decrypted data. The implementation of "may include the steps of:
Decrypting the first encrypted information by using a private key corresponding to the j-th query item to obtain j-th decrypted data, wherein j traverses from 1 to N in sequence;
after the traversal is finished, N pieces of decryption data are obtained.
Optionally, the implementation manner for "encrypt N data stored by the data providing node using N decrypted data to obtain N pieces of second encrypted information" may include the following steps:
carrying out preset encryption processing according to the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information, wherein k traverses from 1 to N in sequence; and after the traversing is finished, N pieces of second encryption information are obtained.
Optionally, a preset encryption process is performed on the data corresponding to the kth decrypted data and the query entry k, so as to obtain kth second encryption information. The implementation of "may include the steps of:
and performing exclusive OR operation on the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information.
Optionally, the implementation for "using N second encryption information to cause the target smart contract to trigger a data query response event" may include the steps of:
determining an encryption information array according to the N pieces of second encryption information, wherein N array elements included in the encryption information array correspond to the N pieces of second encryption information one by one;
And calling the query response function by taking the encrypted information array as a parameter of the query response function so that the target intelligent contract triggers a data query response event, wherein the data in the ith second encrypted information of the encrypted information array corresponds to the query item i.
S205, responding to the data query response event, and acquiring second encryption information corresponding to the query item i from the N pieces of second encryption information by the data demand node.
S206, the data demand node acquires the data corresponding to the query item i according to the second encryption information corresponding to the query item i and the random number R.
Optionally, performing preset decryption processing on the second encryption information corresponding to the query item i according to the random number R to obtain data corresponding to the query item i, where the preset decryption processing and the preset encryption processing are corresponding encryption and decryption operations.
Optionally, a preset decryption process is performed on the second encryption information corresponding to the query item i according to the random number R to obtain data corresponding to the query item i. The implementation of "may include the steps of:
and performing exclusive OR operation on the random number R and the second encryption information corresponding to the query item i to obtain data corresponding to the query item i.
According to the data acquisition method based on the blockchain, a data demand node encrypts a random number R by using a public key corresponding to a query item i to acquire first encryption information, wherein i is a positive integer; invoking a target intelligent contract according to the first encryption information so that the target intelligent contract triggers a data query event, wherein the target intelligent contract stores N query entries and N public keys corresponding to the query entries in advance, and N is a positive integer greater than or equal to i; responding to a data query event, and acquiring first encryption information by a data providing node; decrypting the first encryption information according to N private keys corresponding to the N query entries to obtain N decrypted data, encrypting the N data stored by the data providing node by using the N decrypted data to obtain N second encryption information, wherein the N second encryption information is used for enabling the target intelligent contract to trigger a data query response event; responding to a data query response event, and acquiring second encryption information corresponding to a query item i from N pieces of second encryption information by the data demand node; and according to the second encryption information and the random number R corresponding to the query item i, the data demand node acquires the data corresponding to the query item i. This ensures privacy protection of the data demand node and protection of the data provided by the data provider while increasing the public reliability of the data interaction between the data providing node and the data demand node.
Next, a description will be given of a blockchain-based data acquisition method according to an embodiment of the present application with reference to fig. 3, and fig. 3 is a flowchart of a blockchain-based data acquisition method according to a third embodiment of the present application.
As shown in fig. 3, includes:
s301, receiving N query entries and N public keys sent by a first blockchain account. The ith query entry corresponds to the ith public key, N is a positive integer, and i is a positive integer less than or equal to N.
The first blockchain account is used for the data provider to log in the blockchain. N data and N query items are locally stored in the data provider, and the query items are in one-to-one correspondence with the data. For example, the data to be queried determined by the data requirement party according to the data requirement is data i, and then the data requirement party needs to query and acquire the data i by querying the item i.
The data provider creates a pair of key pairs locally for each query entry, the key pairs including a public key and a private key. The key pair for each target is generated, for example, by a key management center (Key Management Center, KMC). The key management center is an important component in the public key infrastructure and is responsible for providing key services such as key generation, storage, backup, update, recovery or inquiry for the authentication center system so as to solve the key management problem caused by large-scale cryptographic technology application in the distributed enterprise application environment.
The correspondence between N data, N query entries, and N key pairs stored locally to the data provider is illustrated in table 1 below.
TABLE 1
As shown in table 1, the query entry corresponding to the data 1 is query entry 1, and the public key of the pair of key pairs set up by the data provider for query entry 1 is public key 1, and the private key is private key 1. The data consumer queries the data provider for data 1 by querying entry 1. Other data, query entries, and correspondence between key pairs are similarly described, and are not repeated.
After the data provider logs in the blockchain account through the data providing node, the data provider issues query items corresponding to the owned data and public keys in all key pairs to a storage space corresponding to the intelligent contract address. For example, the data providing node provides an array of N query entries as: query entry 1, query entry 2, …, query entry N ], and the public key in the key pair corresponding to query entry i is public key i, the private key is private key i, and i is a positive integer less than or equal to N. That is, the public key in the key pair corresponding to the query entry 1 is the public key 1, and the private key is the private key 1; the public key in the key pair corresponding to the query entry 2 is the public key 2, and the private key is the private key 2. The correspondence between other query entries and the public key pair is similar, and will not be described in detail herein. Then the public key array corresponding to the query entry array provided by the data provider is: public key 1, public key 2, …, public key N ].
In the embodiment of the present application, the data provider node issues the query entry array [ query entry 1, query entry 2, …, query entry N ] and the public key array [ public key 1, public key 2, …, public key N ] to the storage space corresponding to the intelligent contract address, that is, the data provider node completes the uplink operation on the public key corresponding to the query entry and the query entry.
S302, responding to the operation that a second blockchain account uses a public key corresponding to a target query item to encrypt a random number R to obtain first ciphertext information to call an intelligent contract deployed in a blockchain, and triggering a data query event by the intelligent contract.
The second blockchain account is used for logging in the blockchain of the data requiring party.
In the embodiment of the present application, the data request node is a blockchain node corresponding to the data request party. The data demand node obtains N query entries and N public keys from the smart contract address. And then, the data demand node determines a target query item from the N query items and determines a public key corresponding to the target query item. The target query entry is a query entry corresponding to target data to be acquired from the data providing node by the data demand node.
In the following, with reference to table 2 and one specific example, possible implementations of determining target query entries for data demand nodes are illustrated.
For example, the data provided in the data provider is employee information of a certain enterprise. The staff information is generally stored in a database, the data requiring party searches the staff information through the staff employee identification number, namely, the inquiry item is the staff employee identification number, and the data is the staff information. Employee information includes, but is not limited to, employee name, gender, department name, function, job title, etc. The correspondence between the query entries and the query content may be as shown with reference to table 2.
TABLE 2
As shown in table 2, when the query entry provided by the data demand node is employee 1 employee identification number, the data providing node can query employee 1 information; when the query items provided by the data demand node are employee 2 employee identification numbers, the data providing node can query the employee 2 information; the correspondence between other query entries and data is not described in detail herein.
Thus, it can be determined from table 2 that when the data that the data requesting node wants to obtain is to query the information of employee 2, then the target query entry corresponding to the data requesting party is employee 2 employee identification number.
In the following, with reference to table 3 and a specific example, one possible implementation manner of determining the public key corresponding to the target query entry is described as an example, and the correspondence relationship between N query entries and N public keys may refer to table 3.
As shown in table 3, when the query entry is employee 1 employee identification number, the corresponding public key is pubkey_1; when the query item is employee 2 employee identification number, the corresponding public key is pubkey_2; the correspondence between other query entries and the public key is similar, and will not be described in detail here.
Thus, it can be determined from table 3 that, when the target query entry corresponding to the data demander is the employee 2 employee number, the public key corresponding to the target query entry is pubkey_2.
TABLE 3 Table 3
In this embodiment, the data requiring party sets a random number R, and encrypts the random number R by using a public key corresponding to the target query entry to obtain the first ciphertext information. And then, the data demand party calls the query function by taking the first encryption information as a parameter of the query function through the second blockchain account number so that the intelligent contract triggers a data query event. Operations of intelligent contracts deployed in a blockchain are invoked. For example, on the basis of the example corresponding to table 3, that is, the data demander encrypts the random number R by using the public key_2 corresponding to the target query entry, the obtained first ciphertext information is enc_2 (R). Assuming that the query function of the smart contract is srecretet_query (), the data demander calls the first ciphertext information enc_2 (R) as a parameter of the query function srecretet_query () through the second blockchain account, that is, the second blockchain account calls srecretet_query (enc_2 (R)).
In response to a second blockchain account invoking an operation of a smart contract deployed in the blockchain using the first ciphertext information, the smart contract triggers a data query event.
It should be noted that, the essence of invoking the smart contract is to initiate a transaction to the smart contract address, and the EVM (virtual machine) of each node may execute the transaction separately, so that the smart contract code is distributed and run in the virtual machine of each node in the blockchain network. The event mechanism of a smart contract is one way in which the smart contract interacts with an off-chain entity (i.e., user account). For intelligent contracts deployed on blockchains, it is often not possible to interact directly with off-chain entities. For example, the intelligent contract typically cannot send the calling result of the intelligent contract to the calling initiator of the intelligent contract point-to-point after the completion of the call. The calling result generated by the intelligent contract in the calling process is recorded in a transaction log of the transaction generated by calling the intelligent contract in the form of an event and is stored in the storage space of the node equipment. And if the out-of-chain entity which needs to interact with the intelligent contract, acquiring the calling result of the intelligent contract by monitoring the transaction log stored in the storage space of the node equipment.
S303, responding to the monitoring operation of the first blockchain account on the data query event and the operation of the first blockchain account calling the intelligent contract by using the N pieces of second ciphertext information, wherein the intelligent contract triggers a data query response event, and the data query response event is used for triggering the second blockchain account to acquire the N pieces of second ciphertext information and determining target data according to the N pieces of second ciphertext information.
Based on the data query event triggered by the intelligent contract in step S302, after the data provider monitors the data query event through the first blockchain account, the data provider reads the first ciphertext information from the contract address of the intelligent contract that triggers the data query event. The data provider uses the private key corresponding to each query item in the N query items to decrypt the first ciphertext information and process each data to obtain N second ciphertext information.
Next, in combination with table 4 and a specific example, one possible implementation manner in which the data provider decrypts the first ciphertext information by using the private key corresponding to each of the N query entries and performs an exclusive-or operation with each data to obtain N second ciphertext information is illustrated.
TABLE 4 Table 4
As shown in table 4, among the Data of the Data provider, the employee Data corresponding to employee 1 is Data1, the employee Data corresponding to employee 2 is Data2 and …, and the employee Data corresponding to employee N is Data. When the query item is employee 1 employee license number, the public key in the key pair is pubkey_1, and the private key is private key_1; when the query item is employee 2 employee license number, the public key in the key pair is pubkey_2, and the private key is private_2; … when the query entry is employee N employee number, the public key in the key pair is pubkey_N and the private key is private_N.
For example, after the data provider monitors the data query event through the first blockchain account, the first ciphertext information read from the contract address of the smart contract that triggered the data query event is enc_2 (R). Because the data provider does not know which public key is used by the data consumer to encrypt the first ciphertext information, the data provider needs to decrypt the first ciphertext information enc_2 (R) by using N private keys, and exclusive-or (xor) the decrypted data obtained after the decryption process with each data to obtain N second ciphertext information. Next, description will be given taking an example of determining one piece of second ciphertext information using the first ciphertext information, the secret_1, and the Data1. Specifically, the first ciphertext information enc_2 (R) is decrypted using the secret_1 to obtain decrypted Data dec_1 (enc_2 (R)), and then the Data1 and the decrypted Data dec_1 (enc_2 (R)) are subjected to exclusive-or (XOR) to obtain second ciphertext information that is: dec_1 (enc_2 (R)) XORData1. And analogizing in turn, obtaining N pieces of second ciphertext information respectively as follows: dec_1
(Enc_2(R))XORData1、Dec_2(Enc_2(R))XORData2、…、Dec_N(Enc_2(R))XOR
DataN。
The second blockchain account uses the N second ciphertext information as parameters of the query response function to call the query response function, so that the intelligent contract triggers a data query response event.
After the data demand side monitors a data query response event triggered by the intelligent contract through the second blockchain account, N pieces of second ciphertext information are read from a storage space corresponding to the intelligent contract address. Considering that the encrypted information encrypted by the public key in the asymmetric key algorithm can only be correctly decrypted by the private key corresponding to the public key, and since only the data-requiring party knows that the random number R and the 2 nd public key are used by himself in creating the first ciphertext information enc_2 (R). Therefore, the data demander can know that only the 2 nd private key can correctly decrypt the first ciphertext information, and obtain the decrypted random number R. That is, only the private key private_2 can successfully decrypt the first ciphertext information enc_2 (R) to obtain dec_2 (enc_2 (R)) and the actual value of dec_2 (enc_2 (R)) is the random number R. Further, after the data requesting side acquires the N pieces of second ciphertext information, the data requesting side extracts the 2 nd second ciphertext information dec_2 (enc_2 (R)) XORData2 from the N pieces of second ciphertext information. It will be appreciated that the actual value of Dec_2 (Enc_2 (R)) XORData2 is: RXORData2. Therefore, when the Data demander takes RXORData2, the Data demander obtains the Data2 corresponding to the 2 nd query entry by performing exclusive or (XOR) operation with RXORData2 by using the random number R, that is, the Data demander obtains the target Data2.
According to the information query method based on the blockchain, in the process of realizing data interaction between the data provider and the data demander on the blockchain deployed with the intelligent contract, the data provider carries out uplink operation on query items corresponding to own owned data and public keys corresponding to the query items, and therefore the data demander can acquire the query items and the public keys corresponding to the query items on a platform with transparent blockchain disclosure. Then, the data demand party determines a query item i according to the required data i, encrypts a random number R according to a public key i corresponding to the query item, and calls a query function according to the obtained first encryption information, and triggers an intelligent contract to trigger a data query event. The data provider acquires the first encrypted information after hearing the data query event and on the chain. Since the data provider does not know which public key the data demander uses to encrypt, decrypting the first encrypted information using all private keys yields N decrypted data. Further, in order to send the data to the data demander, the data provider needs to perform exclusive-or operation on each data and the N decrypted data, so as to obtain N pieces of second ciphertext information. The second blockchain account invokes a query response function using the N second ciphertext information to cause the smart contract to trigger a data query response event. After the data demand side monitors a data query response event triggered by the intelligent contract through the second blockchain account, N pieces of second ciphertext information are read from a storage space corresponding to the intelligent contract address, and the ith piece of second ciphertext information is taken out from the N pieces of second ciphertext information. Then, the data demand party performs exclusive OR operation on the ith second ciphertext information of the random number R, and data i is obtained. This ensures privacy protection of the data demander while increasing the public reliability of the interaction between the data provider and the data demander.
Next, referring to fig. 4, a detailed description will be given of a blockchain-based information query method provided in the present application by another specific embodiment, and fig. 4 is a flowchart of a blockchain-based information query method provided in a fourth embodiment of the present application.
As shown in fig. 4, the method includes:
s401, the data providing node performs uplink processing on N query entries and N public keys.
S402, the data demand node acquires N query entries and N public keys from the blockchain.
S404, the data demand node determines a query item i according to the N query items.
S404, the data demand node encrypts the random number R according to the first ciphertext information obtained by the public key corresponding to the query item i.
S405, the data demand node calls the query function by taking the first ciphertext information as a parameter of the query function.
S406, triggering a data query event by the intelligent contract.
S407, the data providing node monitors the data query event and acquires the first ciphertext information.
S408, the data providing node uses the private keys corresponding to the N query entries to respectively decrypt the first ciphertext information and perform exclusive OR operation with each data to obtain N second ciphertext information.
S409, the data providing node calls the query response function by taking the N pieces of second ciphertext information as parameters of the query response function.
S410, triggering a data query response event by the intelligent contract.
S411, the data demand node monitors the data query response event and acquires N pieces of second ciphertext information.
S412, the data demand node acquires the data corresponding to the query item i according to the second encryption information corresponding to the query item i and the random number R.
Corresponding to the blockchain-based data acquisition method provided in the second embodiment of the present application, the embodiments of the present application provide a blockchain-based data acquisition system. Fig. 5 is a schematic structural diagram of a blockchain-based data acquisition system according to a fifth embodiment of the present application.
As shown in fig. 5, the system includes: a first acquisition unit 501, a first trigger unit 502, a second acquisition unit 503, a first processing unit 504, a third acquisition unit 505, and a second processing unit 506.
A first obtaining unit 501, configured to be applied to a data demand node, where the first obtaining unit 501 is configured to encrypt a random number R by using a public key corresponding to a query entry i, and obtain first encrypted information, where i is a positive integer;
The first triggering unit 502 is applied to the data demand node, and is configured to invoke a target intelligent contract according to the first encryption information, so that the target intelligent contract triggers a data query event, where the target intelligent contract stores N query entries and N public keys corresponding to the query entries in advance, and N is a positive integer greater than or equal to i;
a second obtaining unit 503, applied to a data providing node, where the second obtaining unit 503 is configured to obtain the first encrypted information in response to the data query event;
the first processing unit 504 is applied to the data providing node, where the first processing unit 504 is configured to decrypt the first encryption information according to N private keys corresponding to N query entries to obtain N decrypted data, encrypt N data stored in the data providing node using the N decrypted data to obtain N second encryption information, where the N second encryption information is used to enable the target smart contract to trigger a data query response event;
a third obtaining unit 505, applied to the data demand node, where the third obtaining unit 505 is configured to obtain, in response to the data query response event, second encrypted information corresponding to the query entry i from the N pieces of second encrypted information;
The second processing unit 506 is applied to the data demand node, and the second processing unit 506 is configured to obtain data corresponding to the query entry i according to the second encryption information corresponding to the query entry i and the random number R.
Optionally, the first processing unit 504 is specifically configured to:
decrypting the first encrypted information by using a private key corresponding to the j-th query item to obtain j-th decrypted data, wherein j traverses from 1 to N in sequence;
and after the traversing is finished, obtaining N pieces of decryption data.
Optionally, the first processing unit 504 is specifically configured to:
carrying out preset encryption processing according to the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information, wherein k traverses from 1 to N in sequence;
and after the traversing is finished, N pieces of second encryption information are obtained.
Optionally, the first processing unit 504 is specifically configured to:
and carrying out preset decryption processing on the second encryption information corresponding to the query item i according to the random number R to obtain data corresponding to the query item i, wherein the preset decryption processing and the preset encryption processing are corresponding encryption and decryption operations.
Optionally, the first processing unit 504 is specifically configured to:
Performing exclusive OR operation on the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information;
decrypting the second encryption information corresponding to the query item i according to the random number R to obtain data corresponding to the query item i, including:
and performing exclusive OR operation on the random number R and the second encryption information corresponding to the query item i to obtain data corresponding to the query item i.
Optionally, the first triggering unit 502 is specifically configured to:
and calling the query function by taking the first encryption information as a parameter of the query function so that the target intelligent contract triggers a data query event.
Optionally, the first processing unit 504 is specifically configured to:
determining an encryption information array according to the N pieces of second encryption information, wherein N array elements included in the encryption information array correspond to the N pieces of second encryption information one by one;
and calling the query response function by taking the encrypted information array as a parameter of the query response function so that the target intelligent contract triggers a data query response event, wherein the data in the ith second encrypted information of the encrypted information array corresponds to the query item i.
Corresponding to the blockchain-based data acquisition method provided in the second embodiment of the present application, a sixth embodiment of the present application provides a blockchain system for implementing data acquisition. Fig. 6 is a schematic structural diagram of a blockchain system provided in a sixth embodiment of the present application. As shown in fig. 6, the blockchain system provided in the present application includes: a data demand node 601 and a data providing node 602;
the data demand node 601 is configured to encrypt the random number R by using a public key corresponding to a query entry i, to obtain first encrypted information, where i is a positive integer;
the data demand node 601 is further configured to invoke a target smart contract according to the first encryption information, so that the target smart contract triggers a data query event, where the target smart contract stores N query entries and N public keys corresponding to the query entries in advance, and N is a positive integer greater than or equal to i;
the data providing node 602 is further configured to obtain the first encryption information in response to the data query event;
the data providing node 602 is further configured to decrypt the first encrypted information according to N private keys corresponding to N query entries to obtain N decrypted data, encrypt N data stored in the data providing node 602 using the N decrypted data to obtain N second encrypted information, where the N second encrypted information is used to enable the target smart contract to trigger a data query response event;
The data demand node 601 is further configured to obtain second encryption information corresponding to the query entry i from the N second encryption information in response to the data query response event;
the data demand node 601 is further configured to obtain data corresponding to the query entry i according to the second encryption information corresponding to the query entry i and the random number R.
Optionally, the data providing node 602 is further configured to:
decrypting the first encrypted information by using a private key corresponding to the j-th query item to obtain j-th decrypted data, wherein j traverses from 1 to N in sequence;
and after the traversing is finished, obtaining N pieces of decryption data.
Optionally, the data providing node 602 is further configured to:
carrying out preset encryption processing according to the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information, wherein k traverses from 1 to N in sequence;
and after the traversing is finished, N pieces of second encryption information are obtained.
Optionally, the data demand node 601 is further configured to:
and carrying out preset decryption processing on the second encryption information corresponding to the query item i according to the random number R to obtain data corresponding to the query item i, wherein the preset decryption processing and the preset encryption processing are corresponding encryption and decryption operations.
Optionally, the data providing node 602 is further configured to:
performing exclusive OR operation on the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information;
the data demand node 601 is further configured to:
and performing exclusive OR operation on the random number R and the second encryption information corresponding to the query item i to obtain data corresponding to the query item i.
Optionally, the data demand node 601 is further configured to:
and calling the query function by taking the first encryption information as a parameter of the query function so that the target intelligent contract triggers a data query event.
Optionally, the data providing node 602 is further configured to:
determining an encryption information array according to the N pieces of second encryption information, wherein N array elements included in the encryption information array correspond to the N pieces of second encryption information one by one;
and calling the query response function by taking the encrypted information array as a parameter of the query response function so that the target intelligent contract triggers a data query response event, wherein the data in the ith second encrypted information of the encrypted information array corresponds to the query item i.
Corresponding to the blockchain-based data acquisition method provided in the second embodiment of the present application, a seventh embodiment of the present application provides a computer-readable storage medium storing a data processing program that is executed by a processor to perform the following method steps:
Encrypting the random number R by using a public key corresponding to a query item i to obtain first encryption information, wherein i is a positive integer;
invoking a target intelligent contract according to the first encryption information so that the target intelligent contract triggers a data query event, wherein the target intelligent contract stores N query entries and N public keys corresponding to the query entries in advance, and N is a positive integer greater than or equal to i;
responding to the data query event, and acquiring the first encryption information;
decrypting the first encryption information according to N private keys corresponding to N query entries to obtain N decrypted data, encrypting the N data stored by the data providing node by using the N decrypted data to obtain N second encryption information, wherein the N second encryption information is used for enabling the target intelligent contract to trigger a data query response event;
responding to the data query response event, and acquiring second encryption information corresponding to the query item i from the N pieces of second encryption information;
and acquiring data corresponding to the query item i according to the second encryption information corresponding to the query item i and the random number R.
It should be noted that, for the detailed descriptions of the blockchain-based data acquisition system, the blockchain system and the computer readable storage medium provided in the second embodiment, the third embodiment, the fourth embodiment, the fifth embodiment, the sixth embodiment and the seventh embodiment of the present application, reference may be made to the related descriptions of the first embodiment of the present application, and the detailed descriptions thereof are omitted here.
While the preferred embodiment has been described, it is not intended to limit the invention thereto, and any person skilled in the art may make variations and modifications without departing from the spirit and scope of the present invention, so that the scope of the present invention shall be defined by the claims of the present application.
In one typical configuration, the node devices in the blockchain include one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
1. Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), random Access Memory (RAM) of other nature, read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage media or any other non-transmission media that can be used to store information that can be accessed by a computing device. Computer readable media, as defined herein, does not include non-transitory computer readable media (transmission media), such as modulated data signals and carrier waves.
2. It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
While the preferred embodiment has been described, it is not intended to limit the invention thereto, and any person skilled in the art may make variations and modifications without departing from the spirit and scope of the present invention, so that the scope of the present invention shall be defined by the claims of the present application.
Claims (9)
1. A blockchain-based data acquisition method applied to nodes in a blockchain, the method comprising:
the data demand node encrypts a random number R by using a public key corresponding to a query item i to obtain first encrypted information, wherein i is a positive integer;
invoking a target intelligent contract according to the first encryption information so that the target intelligent contract triggers a data query event, wherein the target intelligent contract stores N query entries and N public keys corresponding to the query entries in advance, and N is a positive integer greater than or equal to i;
Responding to the data query event, and acquiring the first encryption information by a data providing node;
decrypting the first encryption information according to N private keys corresponding to N query entries to obtain N decrypted data, encrypting the N data stored by the data providing node by using the N decrypted data to obtain N second encryption information, wherein the N second encryption information is used for enabling the target intelligent contract to trigger a data query response event;
responding to the data query response event, and acquiring second encryption information corresponding to the query item i from the N pieces of second encryption information by the data demand node;
according to the second encryption information corresponding to the query item i and the random number R, the data demand node acquires data corresponding to the query item i;
the target intelligent contract triggers a data query response event, comprising:
determining an encryption information array according to the N pieces of second encryption information, wherein N array elements included in the encryption information array correspond to the N pieces of second encryption information one by one;
and calling the query response function by taking the encrypted information array as a parameter of the query response function so that the target intelligent contract triggers a data query response event, wherein the data in the ith second encrypted information of the encrypted information array corresponds to the query item i.
2. The method according to claim 1, wherein decrypting the first encrypted information according to N private keys corresponding to N query entries to obtain N decrypted data includes:
decrypting the first encrypted information by using a private key corresponding to the j-th query item to obtain j-th decrypted data, wherein j traverses from 1 to N in sequence;
and after the traversing is finished, obtaining N pieces of decryption data.
3. The method according to claim 2, wherein encrypting the N data stored by the data providing node using the N decrypted data, to obtain N second encrypted information, comprises:
carrying out preset encryption processing according to the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information, wherein k traverses from 1 to N in sequence;
and after the traversing is finished, N pieces of second encryption information are obtained.
4. A method according to claim 3, wherein said obtaining, by the data requiring node, the data corresponding to the query entry i according to the second encryption information corresponding to the query entry i and the random number R, includes:
and carrying out preset decryption processing on the second encryption information corresponding to the query item i according to the random number R to obtain data corresponding to the query item i, wherein the preset decryption processing and the preset encryption processing are corresponding encryption and decryption operations.
5. The method of claim 4, wherein the encrypting according to the kth decrypted data and the data corresponding to the query entry k to obtain the kth second encrypted information comprises:
performing exclusive OR operation on the kth decrypted data and the data corresponding to the query item k to obtain kth second encrypted information;
decrypting the second encryption information corresponding to the query item i according to the random number R to obtain data corresponding to the query item i, including:
and performing exclusive OR operation on the random number R and the second encryption information corresponding to the query item i to acquire data corresponding to the query item i.
6. The method of claim 1, wherein invoking the target smart contract based on the first encryption information to cause the target smart contract to trigger a data query event comprises:
and calling the query function by taking the first encryption information as a parameter of the query function so that the target intelligent contract triggers a data query event.
7. A blockchain-based data acquisition system, the system comprising:
the first acquisition unit is applied to the data demand node and is used for encrypting the random number R by using a public key corresponding to the query item i to acquire first encryption information, wherein i is a positive integer;
The first triggering unit is applied to the data demand node and is used for calling a target intelligent contract according to the first encryption information so that the target intelligent contract triggers a data query event, N query entries and N public keys corresponding to the query entries are stored in advance in the target intelligent contract, and N is a positive integer greater than or equal to i;
the second acquisition unit is applied to the data providing node and is used for responding to the data query event and acquiring the first encryption information;
the first processing unit is applied to the data providing node, and is used for decrypting the first encryption information according to N private keys corresponding to N query entries to obtain N decrypted data, encrypting the N data stored by the data providing node by using the N decrypted data to obtain N second encryption information, wherein the N second encryption information is used for enabling the target intelligent contract to trigger a data query response event;
the third obtaining unit is applied to the data demand node and is used for responding to the data query response event and obtaining second encryption information corresponding to the query item i from the N pieces of second encryption information;
The second processing unit is applied to the data demand node and is used for acquiring data corresponding to the query item i according to the second encryption information corresponding to the query item i and the random number R;
the target intelligent contract triggers a data query response event, comprising:
determining an encryption information array according to the N pieces of second encryption information, wherein N array elements included in the encryption information array correspond to the N pieces of second encryption information one by one;
and calling the query response function by taking the encrypted information array as a parameter of the query response function so that the target intelligent contract triggers a data query response event, wherein the data in the ith second encrypted information of the encrypted information array corresponds to the query item i.
8. A blockchain system, wherein the blockchain system includes a data demand node and a data providing node;
the data demand node is configured to encrypt the random number R by using a public key corresponding to a query entry i, to obtain first encrypted information, where i is a positive integer;
the data demand node is further configured to invoke a target intelligent contract according to the first encryption information, so that the target intelligent contract triggers a data query event, where the target intelligent contract stores N query entries and N public keys corresponding to the query entries in advance, and N is a positive integer greater than or equal to i;
The data providing node is further configured to obtain the first encryption information in response to the data query event;
the data providing node is further configured to decrypt the first encrypted information according to N private keys corresponding to N query entries, obtain N decrypted data, encrypt N data stored by the data providing node using the N decrypted data, obtain N second encrypted information, where the N second encrypted information is used to enable the target intelligent contract to trigger a data query response event;
the data demand node is further configured to obtain second encryption information corresponding to the query entry i from the N second encryption information in response to the data query response event;
the data demand node is further configured to obtain data corresponding to the query entry i according to the second encryption information corresponding to the query entry i and the random number R;
the target intelligent contract triggers a data query response event, comprising:
determining an encryption information array according to the N pieces of second encryption information, wherein N array elements included in the encryption information array correspond to the N pieces of second encryption information one by one;
and calling the query response function by taking the encrypted information array as a parameter of the query response function so that the target intelligent contract triggers a data query response event, wherein the data in the ith second encrypted information of the encrypted information array corresponds to the query item i.
9. A computer-readable storage medium storing a data processing program that is executed by a processor to perform the blockchain-based data acquisition method of any of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210675308.0A CN115208630B (en) | 2022-06-15 | 2022-06-15 | Block chain-based data acquisition method and system and block chain system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210675308.0A CN115208630B (en) | 2022-06-15 | 2022-06-15 | Block chain-based data acquisition method and system and block chain system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115208630A CN115208630A (en) | 2022-10-18 |
| CN115208630B true CN115208630B (en) | 2024-04-09 |
Family
ID=83576938
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210675308.0A Active CN115208630B (en) | 2022-06-15 | 2022-06-15 | Block chain-based data acquisition method and system and block chain system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115208630B (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111934878A (en) * | 2020-06-29 | 2020-11-13 | 山东浪潮质量链科技有限公司 | Block chain-based data encryption and decryption method, equipment and medium |
| CN112182609A (en) * | 2020-09-25 | 2021-01-05 | 中国建设银行股份有限公司 | Block chain-based data uplink storage method and tracing method, device and equipment |
| CN112651037A (en) * | 2020-12-31 | 2021-04-13 | 深圳前海微众银行股份有限公司 | Off-chain data access method and system of block chain system |
| CN112925850A (en) * | 2021-02-25 | 2021-06-08 | 京信数据科技有限公司 | Block chain data encryption uplink method, uplink sharing method and device |
| CN112966022A (en) * | 2021-03-10 | 2021-06-15 | 安徽航天信息科技有限公司 | Information query method, device and system for data transaction platform |
| WO2021179743A1 (en) * | 2020-03-09 | 2021-09-16 | 支付宝(杭州)信息技术有限公司 | Method and apparatus for querying account privacy information in blockchain |
| CN113987584A (en) * | 2021-11-11 | 2022-01-28 | 建信金融科技有限责任公司 | Method and system for hiding query |
| CN113987583A (en) * | 2021-11-11 | 2022-01-28 | 建信金融科技有限责任公司 | Method and system for hiding query |
| CN114036240A (en) * | 2021-11-25 | 2022-02-11 | 北京师范大学 | Multi-service provider private data sharing system and method based on block chain |
| CN114338038A (en) * | 2021-12-27 | 2022-04-12 | 内蒙古科技大学 | Memory system for block chain data secret inquiry and careless transmission method |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10789374B2 (en) * | 2016-03-28 | 2020-09-29 | Hitachi, Ltd. | Database system and data retrieval method |
| US10819519B2 (en) * | 2017-11-21 | 2020-10-27 | Protegrity Corporation | Multi-tenant data protection in a centralized network environment |
| CN110727712B (en) * | 2019-10-15 | 2021-06-04 | 腾讯科技(深圳)有限公司 | Data processing method and device based on block chain network, electronic equipment and storage medium |
-
2022
- 2022-06-15 CN CN202210675308.0A patent/CN115208630B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2021179743A1 (en) * | 2020-03-09 | 2021-09-16 | 支付宝(杭州)信息技术有限公司 | Method and apparatus for querying account privacy information in blockchain |
| CN111934878A (en) * | 2020-06-29 | 2020-11-13 | 山东浪潮质量链科技有限公司 | Block chain-based data encryption and decryption method, equipment and medium |
| CN112182609A (en) * | 2020-09-25 | 2021-01-05 | 中国建设银行股份有限公司 | Block chain-based data uplink storage method and tracing method, device and equipment |
| CN112651037A (en) * | 2020-12-31 | 2021-04-13 | 深圳前海微众银行股份有限公司 | Off-chain data access method and system of block chain system |
| CN112925850A (en) * | 2021-02-25 | 2021-06-08 | 京信数据科技有限公司 | Block chain data encryption uplink method, uplink sharing method and device |
| CN112966022A (en) * | 2021-03-10 | 2021-06-15 | 安徽航天信息科技有限公司 | Information query method, device and system for data transaction platform |
| CN113987584A (en) * | 2021-11-11 | 2022-01-28 | 建信金融科技有限责任公司 | Method and system for hiding query |
| CN113987583A (en) * | 2021-11-11 | 2022-01-28 | 建信金融科技有限责任公司 | Method and system for hiding query |
| CN114036240A (en) * | 2021-11-25 | 2022-02-11 | 北京师范大学 | Multi-service provider private data sharing system and method based on block chain |
| CN114338038A (en) * | 2021-12-27 | 2022-04-12 | 内蒙古科技大学 | Memory system for block chain data secret inquiry and careless transmission method |
Non-Patent Citations (1)
| Title |
|---|
| 基于可搜索加密的区块链数据隐私保护机制;刘格昌;李强;;计算机应用(S2);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115208630A (en) | 2022-10-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11019040B2 (en) | Cloud key escrow system | |
| CN109144961B (en) | Authorization file sharing method and device | |
| CN102546607B (en) | Providing security services on the cloud | |
| CN101510888B (en) | Method, device and system for improving data security for SaaS application | |
| EP2095288B1 (en) | Method for the secure storing of program state data in an electronic device | |
| US8848922B1 (en) | Distributed encryption key management | |
| CN111294203B (en) | Information transmission method | |
| CN110661748B (en) | Log encryption method, log decryption method and log encryption device | |
| KR20180101870A (en) | Method and system for data sharing using attribute-based encryption in cloud computing | |
| US20180115535A1 (en) | Blind En/decryption for Multiple Clients Using a Single Key Pair | |
| US20200403789A1 (en) | Cryptographic key generation using external entropy generation | |
| CN111008400A (en) | Data processing method, device and system | |
| CN115208630B (en) | Block chain-based data acquisition method and system and block chain system | |
| CN115131029A (en) | Block chain-based digital file signing method and device | |
| CN114663234A (en) | System and method for supervising abnormal transactions on block chain | |
| US11870887B2 (en) | Managing central secret keys of a plurality of user devices associated with a single public key | |
| CN115062063B (en) | Data query method and device based on block chain | |
| CN115134136B (en) | System, method, device, storage medium and computing device for socializing based on blockchain | |
| CN115174183A (en) | Block chain-based digital file signing method and device | |
| Kalyanaraman et al. | Privacy Preserving Security Integrating Method with Varying Key Encryption Model in Cloud | |
| CN117668340A (en) | Private data query system and method, electronic device and storage medium | |
| Thumar et al. | A Framework for Secure Data Storage in Mobile Cloud Computing | |
| CN112311758A (en) | PSI-based login credential disclosure query method, device and system | |
| CN114430416A (en) | Data processing method and device based on block chain system and storage medium | |
| CN117879819A (en) | Key management method, device, storage medium, equipment and computing power service system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |