CN115378942A - Information cross-chain interaction method and interaction device for block chain - Google Patents
Information cross-chain interaction method and interaction device for block chain Download PDFInfo
- Publication number
- CN115378942A CN115378942A CN202211232061.1A CN202211232061A CN115378942A CN 115378942 A CN115378942 A CN 115378942A CN 202211232061 A CN202211232061 A CN 202211232061A CN 115378942 A CN115378942 A CN 115378942A
- Authority
- CN
- China
- Prior art keywords
- node
- authentication
- response
- block chain
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Abstract
The invention provides a block chain information cross-chain interaction method and an interaction device, wherein the method comprises the following steps: a first node on the first block chain generates an authentication identifier and authentication information, and encrypts the authentication identifier and the authentication information through a private key; the verification node on the first block chain decrypts and authenticates the authentication ciphertext through the public key of the first node; the first block chain sends a public key and an authentication ciphertext of the first node to the second block chain; the verification node on the second block chain decrypts and authenticates the authentication ciphertext through the public key of the first node; the second block chain encrypts the response information through the public key of the first node; the second block chain sends a response identifier and a response ciphertext to the first block chain; the first block chain determines that the second block chain is successfully authenticated according to the response identification; the first node decrypts the response ciphertext through a private key to obtain response information, and sends the request information to the second block chain according to the response information so as to meet the diversified requirements in the actual working process.
Description
Technical Field
The present invention relates to the field of blockchain, and in particular, to a method and an apparatus for information cross-chain interaction of blockchain.
Background
In the application process of the existing block chain, the technology can only perform authentication and request on a single chain, that is, only can perform authentication response on the request sent by the node on the block chain. The situation faced today is that information issued by a certain node not only needs the blockchain in which the node is located to perform authentication response, but also needs other blockchains to perform authentication response. However, the prior art cannot effectively support the cross-chain requirement and cannot perform cross-chain interaction of information.
Therefore, an information cross-chain interaction method for a block chain is needed at present, which can support information cross-chain interaction and better meet the diversified requirements in the actual working process.
Disclosure of Invention
The embodiments of the present disclosure provide an information cross-chain interaction method and an interaction apparatus for a block chain, so as to support information cross-chain interaction and better meet diverse requirements in an actual working process.
In order to achieve the above object, in one aspect, an embodiment herein provides a method for inter-chain information of a blockchain, including:
a first node on the first block chain generates an authentication identifier and authentication information, and the authentication identifier and the authentication information are encrypted through a private key to obtain an authentication ciphertext;
the verification node on the first block chain decrypts and authenticates the authentication ciphertext through the public key of the first node to obtain a first authentication result;
when the first authentication result is that the authentication is successful, the first block chain sends the public key of the first node and an authentication ciphertext to the second block chain through the relay chain;
the verification node on the second block chain decrypts and authenticates the authentication ciphertext through the public key of the first node to obtain a second authentication result;
when the second authentication result is that authentication is successful, the second block chain generates a response identifier and response information, and the response information is encrypted through the public key of the first node to obtain a response ciphertext;
the second block chain sends a response identifier and a response ciphertext to the first block chain through the relay chain;
the first block chain determines that the second block chain is successfully authenticated according to the response identification;
and the first node decrypts the response ciphertext through a private key to obtain response information, and sends the request information to the second block chain through the first block chain and the relay chain according to the response information.
Preferably, the generating the authentication identifier and the authentication information by the first node on the first blockchain further comprises:
if the first node needs to initiate a one-way request to a second block chain, the first node generates an authentication identifier and authentication information, wherein the authentication identifier is a one-way request identifier, and the authentication information comprises authentication data;
and if the first node needs to perform an interactive request with a second node on a second block chain, the first node generates an authentication identifier and authentication information, wherein the authentication identifier is an interactive request identifier, and the authentication information comprises authentication data and an identifier of the second node.
Preferably, the decrypting and authenticating the authentication ciphertext by the verification node on the second block chain through the public key of the first node to obtain the second authentication result further includes:
the verification node on the second block chain decrypts the authentication ciphertext through the public key of the first node to obtain the authentication identification and the authentication information of the first node;
the verification node on the second block chain verifies the authentication identification and the authentication information of the first node;
and when the verification results of the verification nodes exceeding the set number are successful, the second authentication result is authentication success.
Preferably, the generating of the response identifier and the response information by the second block chain, and the encrypting of the response information by the public key of the first node to obtain the response ciphertext further includes:
when the authentication identifier of the first block chain is a one-way request identifier, the second block chain generates an encryption key, and the encryption key and a public key of the first node are used as response information;
and the second block chain encrypts the response information through the public key of the first node to obtain a response ciphertext.
Preferably, the generating of the response identifier and the response information by the second blockchain, and the encrypting of the response information by the public key of the first node to obtain the response ciphertext further includes:
when the authentication identifier of the first block chain is the interactive request identifier, the second block chain obtains the identifier of the second node according to the authentication information, and sends the public key and the authentication ciphertext of the first node to the second node;
the second node decrypts the authentication ciphertext through the public key of the first node to obtain the authentication identification and the authentication information of the first node;
the second node generates response data according to the authentication data in the authentication information, and the response data, the public key of the second node and the public key of the first node are used as response information;
and the second node encrypts the response information through the public key of the first node to obtain a response ciphertext.
Preferably, the sending the request information to the second block chain through the first block chain and the relay chain according to the response information further includes:
the first node encrypts the request information according to the response information to obtain a request ciphertext, and broadcasts the request identifier and the request ciphertext on a first block chain;
the first block chain sends the request identification and the request ciphertext to a second block chain through a relay chain;
and the second block chain decrypts the request ciphertext to obtain the request information.
Preferably, the encrypting, by the first node, the request information according to the response information to obtain a request ciphertext further includes:
when the authentication identifier of the first block chain is a one-way request identifier, the first node decrypts the response ciphertext through a private key to obtain an encryption key and a public key of the decrypted first node;
and after the first node confirms that the public key of the decrypted first node is consistent with the public key of the first node, encrypting the request information through the encryption key to obtain a request ciphertext.
Preferably, the encrypting, by the first node, the request information according to the response information to obtain a request ciphertext further includes:
when the authentication identifier of the first block chain is the interactive request identifier, the first node decrypts the response ciphertext through a private key to obtain response data, a public key of the second node and a public key of the first node;
and after the first node confirms that the public key of the decrypted first node is consistent with the public key of the first node, the first node generates request information containing request data according to the response data, and the first node encrypts the request information through the public key of the second node to obtain a request ciphertext.
Preferably, the number of the second block chains is at least one.
In another aspect, an embodiment herein provides an apparatus for inter-chain information interaction of a blockchain, where the apparatus includes:
the authentication ciphertext determining module is used for generating an authentication identifier and authentication information by a first node on the first block chain, and encrypting the authentication identifier and the authentication information through a private key to obtain an authentication ciphertext;
the first authentication result determining module is used for the verification node on the first block chain to decrypt and authenticate the authentication ciphertext through the public key of the first node to obtain a first authentication result;
the first forwarding module is used for sending the public key of the first node and the authentication ciphertext to the second block chain through the relay chain when the first authentication result is that the authentication is successful;
the second authentication result determining module is used for the verification node on the second block chain to decrypt and authenticate the authentication ciphertext through the public key of the first node to obtain a second authentication result;
the response ciphertext determining module is used for generating a response identifier and response information by the second block chain when the second authentication result is that the authentication is successful, and encrypting the response information through the public key of the first node to obtain a response ciphertext;
the second forwarding module is used for the second block chain to send the response identifier and the response ciphertext to the first block chain through the relay chain;
the authentication success determining module is used for the first block chain to determine that the second block chain is successfully authenticated according to the response identifier;
and the third forwarding module is used for decrypting the response ciphertext through a private key by the first node to obtain response information, and sending the request information to the second block chain through the first block chain and the relay chain according to the response information.
According to the technical scheme provided by the embodiment, after the first node on the first block chain is successfully authenticated on the first block chain, the first node is sent to the second block chain through the relay chain, the second block chain generates the response identifier and the response ciphertext to represent that authentication is successful, the first block chain sends the response ciphertext to the first node, the first node decrypts the response information to obtain the response information, and the request information is sent to the second block chain through the first block chain and the relay chain according to the response information, so that information interaction between the first node and the node on the second block chain is realized, and the diversification requirements in the actual working process are better met.
In order to make the aforementioned and other objects, features and advantages of the present invention comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the embodiments or technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 illustrates a flowchart of an information cross-chain interaction method for a blockchain provided in an embodiment of the present disclosure;
fig. 2 is a schematic diagram illustrating a process of generating an authentication identifier and authentication information by a first node on a first blockchain according to an embodiment of the present disclosure;
fig. 3 is a schematic flowchart illustrating that a verification node on a second block chain decrypts and authenticates an authentication ciphertext through a public key of a first node to obtain a second authentication result according to an embodiment of the present disclosure;
FIG. 4 is a schematic diagram illustrating a cross-chain interaction when a first node initiates a one-way request according to an embodiment of the present disclosure;
FIG. 5 is a schematic diagram illustrating a cross-chain interaction performed when a first node initiates an interaction request according to an embodiment of the present disclosure;
fig. 6 shows a schematic flowchart of generating a response identifier and response information by using a second block chain, where the response information is encrypted by using a public key of a first node to obtain a response ciphertext according to an embodiment of the present disclosure;
fig. 7 is a schematic flowchart illustrating that the response information provided in this embodiment sends the request information to the second blockchain through the first blockchain and the relay chain;
fig. 8 is a schematic flowchart illustrating a process that a first node encrypts request information according to response information to obtain a request ciphertext according to an embodiment of the present disclosure;
fig. 9 is a schematic flowchart illustrating a process of generating a response identifier and response information by using a second block chain and encrypting the response information by using a public key of a first node to obtain a response ciphertext according to an embodiment of the present disclosure;
fig. 10 is a schematic flowchart illustrating that the first node encrypts the request information according to the response information to obtain a request ciphertext according to an embodiment of the present disclosure;
fig. 11 illustrates a module structure diagram of an information cross-chain interaction apparatus for a blockchain provided in an embodiment of the present disclosure;
fig. 12 shows a schematic structural diagram of a computer device provided in an embodiment herein.
Description of the figures the symbols:
100. an authentication ciphertext determining module;
200. a first authentication result determination module;
300. a first forwarding module;
400. a second authentication result determination module;
500. a response ciphertext determination module;
600. a second forwarding module;
700. an authentication success determining module;
800. a third forwarding module;
1202. a computer device;
1204. a processor;
1206. a memory;
1208. a drive mechanism;
1210. an input/output module;
1212. an input device;
1214. an output device;
1216. a presentation device;
1218. a graphical user interface;
1220. a network interface;
1222. a communication link;
1224. a communication bus.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the scope of protection given herein.
In the application process of the existing block chain, the technology can only perform authentication and request on a single chain, that is, only can perform authentication response on the request sent by the node on the block chain. The situation faced today is that information issued by a certain node not only needs the blockchain in which the node is located to perform authentication response, but also needs other blockchains to perform authentication response. However, the prior art cannot effectively support the cross-chain requirement and cannot perform cross-chain interaction of information.
In order to solve the above problem, embodiments herein provide an information cross-chain interaction method for a blockchain. Fig. 1 is a schematic flowchart of an information cross-chain interaction method for a blockchain provided in an embodiment of the present disclosure, and this specification provides operation steps of the method as described in the embodiment or the flowchart, but may include more or less operation steps based on conventional or non-creative labor. The order of steps recited in the embodiments is merely one manner of performing the steps in a multitude of sequences, and does not represent a unique order of performance. When an actual system or apparatus product executes, it can execute sequentially or in parallel according to the method shown in the embodiment or the figures.
It should be noted that the terms "first," "second," and the like in the description and claims herein and in the above-described drawings are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments herein described are capable of operation in sequences other than those illustrated or described herein. Moreover, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, apparatus, article, or device that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or device.
Referring to fig. 1, provided herein is a block chain information cross-chain interaction method, including:
s101: a first node on the first block chain generates an authentication identifier and authentication information, and the authentication identifier and the authentication information are encrypted through a private key to obtain an authentication ciphertext;
s102: the verification node on the first block chain decrypts and authenticates the authentication ciphertext through the public key of the first node to obtain a first authentication result;
s103: when the first authentication result is that the authentication is successful, the first block chain sends the public key of the first node and an authentication ciphertext to the second block chain through the relay chain;
s104: the verification node on the second block chain decrypts and authenticates the authentication ciphertext through the public key of the first node to obtain a second authentication result;
s105: when the second authentication result is that authentication is successful, the second block chain generates a response identifier and response information, and the response information is encrypted through the public key of the first node to obtain a response ciphertext;
s106: the second block chain sends a response identifier and a response ciphertext to the first block chain through the relay chain;
s107: the first block chain determines that the second block chain is successfully authenticated according to the response identification;
s108: the first node decrypts the response ciphertext through a private key to obtain response information, and sends the request information to the second block chain through the first block chain and the relay chain according to the response information.
The cross-chain interaction method in this embodiment is performed on the premise that a first blockchain requires cross-chain interaction of information with a second blockchain, specifically, a first node on the first blockchain requires information interaction with a node on the second blockchain, the first node on the first blockchain serves as a requester, and the number of the second blockchain is at least one.
When information interaction is carried out, identity authentication needs to be carried out firstly. The first node generates an authentication identifier and authentication information, the authentication identifier is an identity authentication identifier, the authentication information is information for identity authentication, an authentication ciphertext can be obtained after the authentication identifier and the authentication information are encrypted through a private key, and the first node can broadcast the authentication ciphertext on a chain.
The public key of the first node is only known to the nodes on the first blockchain, and the public key of the first node cannot be known by the nodes on other blockchains. The first block chain has a verification node for verification, the verification mechanism of the verification node may adopt a consensus verification mechanism, when more than half of the verification nodes decrypt and authenticate the authentication ciphertext, the first authentication result is authentication success, and the verification node may broadcast the first authentication result on the chain.
And when the first authentication result is that the authentication is successful, the first block chain sends the public key of the first node and the authentication ciphertext to the second block chain through the relay chain. Similarly, the second blockchain has a verification node for performing verification, and a consensus verification mechanism may also be used to obtain a second authentication result, and the verification node may broadcast the second authentication result on the chain. And when the second authentication result is that the authentication is successful, the second block chain needs to generate a response identifier and response information, wherein the response identifier is used for representing that the identity authentication on the first node is successful, and the response information is response content of the second block chain. And the second block chain encrypts the response information only through the public key of the first node to obtain a response ciphertext.
The second block chain sends the response identification and the response ciphertext to the first block chain through the relay chain, the first block chain can determine that the second block chain is successfully authenticated according to the response identification, the response identification and the response ciphertext are broadcast on the first block chain, only the first node can decrypt the response ciphertext through a private key to obtain response information, and the first node sends the request information to the second block chain through the first block chain and the relay chain according to the response information.
According to the embodiment of the text, after the first node on the first block chain is successfully authenticated on the first block chain, the first node is sent to the second block chain through the relay chain, the second block chain generates the response identifier and the response ciphertext to represent that the authentication is successful, the first block chain sends the response ciphertext to the first node, the first node obtains response information after decryption, the request information is sent to the second block chain through the first block chain and the relay chain according to the response information, information interaction between the first node and the node on the second block chain is further achieved, and diversified requirements in the actual working process are better met.
In this embodiment, referring to fig. 2, the generating of the authentication identifier and the authentication information by the first node on the first blockchain further comprises:
s201: if the first node needs to initiate a one-way request to a second block chain, the first node generates an authentication identifier and authentication information, wherein the authentication identifier is a one-way request identifier, and the authentication information comprises authentication data;
s202: and if the first node needs to perform an interaction request with a second node on a second block chain, the first node generates an authentication identifier and authentication information, wherein the authentication identifier is an interaction request identifier, and the authentication information comprises authentication data and an identifier of the second node.
When the first node performs information interaction with a node on the second blockchain, the first node is divided into a unidirectional request and an interaction request, the unidirectional request is that the first node sends request information to the second blockchain, and the second blockchain does not need to return any information to the first node, for example, the first node stores data into the second blockchain, and the process does not need to return any information to the second blockchain. The interactive request is that the first node sends request information to the second blockchain, and the second blockchain needs to return related information to the first blockchain, for example, after the first node has accessed the a data in the second node of the second blockchain, the first node stores the B data to the second node, and in this process, the second node needs to return the a data to the first node.
The corresponding authentication identities are different for the one-way request and the interactive request. When the first node initiates the unidirectional request, the authentication information includes authentication data, and the authentication data generally includes the name, number and other basic information of the first node. When the first node initiates the interactive request, the authentication data is different from the one-way request in that the authentication data of the interactive request further includes content to be authenticated, for example, data a in the second node needs to be accessed. In addition to comprising the authentication data, the interaction request comprises an identification of the second node for locating the second node.
Generally, a special receiving node is arranged in the second blockchain, and is used for receiving information sent by other blockchains, and the information is broadcasted on the chain after being received. When the first block chain sends the public key and the authentication ciphertext of the first node to the second block chain through the relay chain, the receiving node on the second block chain receives the public key and the authentication ciphertext of the first node and broadcasts the public key and the authentication ciphertext of the first node on the chain.
In this embodiment, referring to fig. 3, the performing, by the verification node on the second blockchain, decryption and authentication on the authentication ciphertext through the public key of the first node to obtain a second authentication result further includes:
s301: the verification node on the second block chain decrypts the authentication ciphertext through the public key of the first node to obtain the authentication identification and the authentication information of the first node;
s302: the verification node on the second block chain verifies the authentication identification and the authentication information of the first node;
s303: and when the verification results of the verification nodes exceeding the set number are successful, the second authentication result is authentication success.
The verification mechanism of the verification nodes on the second blockchain can adopt a consensus verification mechanism, and when more than half of the verification nodes are verified successfully, the second authentication result is successful authentication; of course, when the verification node successfully verifies, the second authentication result is successful authentication, and the second authentication result may be broadcast on the chain after the authentication is successful.
In the step S301, when the verification node decrypts the authentication ciphertext through the public key of the first node to obtain the authentication identifier and the authentication information of the first node, the verification node may identify the authentication identifier, and identify the authentication identifier of the first node as the one-way request identifier or the interactive request identifier.
In an embodiment of this document, referring to fig. 4, in this embodiment, the first node initiates a one-way request, specifically, referring to fig. 6, the generating, by the second blockchain, the response identifier and the response information, and encrypting the response information by using the public key of the first node to obtain the response ciphertext further includes:
s401: when the authentication identifier of the first block chain is a one-way request identifier, the second block chain generates an encryption key, and the encryption key and a public key of the first node are used as response information;
s402: and the second block chain encrypts the response information through the public key of the first node to obtain a response ciphertext.
When the authentication identifier is a one-way request identifier, the verification node on the second blockchain can generate a response identifier and response information in addition to performing decryption authentication. When the second authentication result is that authentication is successful, the verification node can generate an encryption key and a decryption key corresponding to the encryption key, the encryption key and a public key of the first node are used as response information, the response information is encrypted through the public key of the first node to obtain a response ciphertext and generate a response identifier, the verification node broadcasts the response ciphertext and the response identifier on a chain, other verification nodes on the second block chain determine that the response ciphertext is response-related content according to the response identifier, and the response identifier and the response ciphertext are sent to the first block chain through a relay chain. Of course, it is also possible to set a response node dedicated to response on the second block chain, and the response node executes the above steps to generate the response identifier and the response information.
A special receiving node may also be disposed on the first blockchain, and is configured to receive information sent by other blockchains, and broadcast the information on the chain after receiving the information. After receiving the response identifier and the response ciphertext, the receiving node on the first block chain can determine that the second block chain is successfully authenticated through the response identifier, and broadcast the response ciphertext on the chain.
Furthermore, only the first node on the first block chain can decrypt the response ciphertext through a private key to obtain response information, and the request information is sent to the second block chain through the first block chain and the relay chain according to the response information.
Referring to fig. 7, specifically:
s501: the first node encrypts the request information according to the response information to obtain a request ciphertext, and broadcasts the request identifier and the request ciphertext on the first block chain;
s502: the first block chain sends the request identification and the request ciphertext to a second block chain through a relay chain;
s503: and the second block chain decrypts the request ciphertext to obtain the request information.
Wherein the request identifier is used to characterize the transmitted information as request information.
In step S501, referring to fig. 8, the encrypting, by the first node, the request information according to the response information to obtain a request ciphertext further includes:
s601: when the authentication identifier of the first block chain is a one-way request identifier, the first node decrypts the response ciphertext through a private key to obtain an encryption key and a public key of the decrypted first node;
s602: and after the first node confirms that the public key of the decrypted first node is consistent with the public key of the first node, encrypting the request information through the encryption key to obtain a request ciphertext.
The public key of the decrypted first node obtained by decrypting in S601 is the public key of the first node when encrypting in S401, and the public key of the first node is used to prevent information tampering rather than decrypting, because a malicious third party may exist in the transmission process of the response ciphertext to intercept the response ciphertext and then tamper the information therein, at this time, the information obtained by decrypting the response ciphertext by the first node through the private key is not the original correct information but is tampered information. In order to prevent this, the reply ciphertext includes the public key of the first node in addition to the encryption key, so that the public key of the first node obtained by the first node decrypting the reply ciphertext with the private key indicates that the information is tampered if the public key is not the public key of the first node. The reason why the public key of the first node is used for tamper-proofing without other identification is that the first node knows its own public key, which can save storage space and improve efficiency and accuracy of decryption verification.
When the authentication identifier of the first block chain is the unidirectional request identifier, the request identifier in the step S501 is the unidirectional request identifier, the request ciphertext and the request identifier are broadcast on the chain, the verification node on the first block chain determines that the request ciphertext is the unidirectional request related content initiated by the first node according to the unidirectional request identifier, and then the unidirectional request identifier and the request ciphertext are sent to the second block chain through the relay chain. After the receiving node of the second block chain receives the one-way request identifier and the request ciphertext, the receiving node determines that the request ciphertext is the one-way request related content initiated by the first node through the one-way request identifier, then the request ciphertext is broadcasted on the chain, and the verification node can decrypt the request ciphertext through a decryption key corresponding to the encryption key to obtain the request information of the first node.
In another embodiment of this document, referring to fig. 5, in this embodiment, the first node initiates the interaction request, specifically, referring to fig. 9, the generating, by the second blockchain, the response identifier and the response information, and the encrypting, by using the public key of the first node, the response ciphertext to obtain the response ciphertext further includes:
s701: when the authentication identifier of the first block chain is the interactive request identifier, the second block chain obtains the identifier of the second node according to the authentication information, and sends the public key and the authentication ciphertext of the first node to the second node;
s702: the second node decrypts the authentication ciphertext through the public key of the first node to obtain the authentication identification and the authentication information of the first node;
s703: the second node generates response data according to the authentication data in the authentication information, and takes the response data, the public key of the second node and the public key of the first node as response information;
s704: and the second node encrypts the response information through the public key of the first node to obtain a response ciphertext.
When the authentication identifier of the first block chain is the interactive request identifier, the authentication information includes authentication data and an identifier of the second node, so that when the authentication identifier is the interactive request identifier, the verification node can send the public key of the first node and the authentication ciphertext to the second node according to the identifier of the second node after the second authentication result is that the authentication is successful.
And the second node decrypts the authentication ciphertext through the public key of the first node to obtain the authentication identifier and the authentication information of the first node. The authentication data of the authentication information comprises content needing authentication, for example, data A in the second node needs to be accessed, the second node takes the data A as response data, the response data, a public key of the second node and a public key of the first node are taken as response information, a response ciphertext is obtained by encrypting the response information through the public key of the first node, meanwhile, the second node generates a response identifier, the second node broadcasts the response ciphertext and the response identifier on a chain, a verification node on the second block chain determines that the response ciphertext is response related content initiated by the second node according to the response identifier, and then the response identifier and the response ciphertext are sent to the first block chain through a relay chain.
In step S501, referring to fig. 10, the encrypting, by the first node, the request information according to the response information to obtain a request ciphertext further includes:
s801: when the authentication identifier of the first block chain is the interactive request identifier, the first node decrypts the response ciphertext through a private key to obtain response data, a public key of the second node and a public key of the first node;
s802: and after the first node confirms that the public key of the decrypted first node is consistent with the public key of the first node, the first node generates request information containing request data according to the response data, and the first node encrypts the request information through the public key of the second node to obtain a request ciphertext.
The public key of the first node is used to prevent information tampering but not decryption, and the function is the same as that in the previous embodiment, and is not described again in this embodiment.
When the authentication identifier of the first block chain is the interactive request identifier, the request identifier in the step S501 is the interactive request identifier, the request ciphertext and the interactive request identifier are broadcast on the chain, the verification node on the first block chain determines that the request ciphertext is the content related to the interactive request initiated by the first node according to the interactive request identifier, and then the interactive request identifier and the request ciphertext are sent to the second block chain through the relay chain. After the receiving node of the second block chain receives the interactive request identifier and the request ciphertext, the receiving node determines that the request ciphertext is the interactive request related content initiated by the first node through the interactive request identifier, so that the request ciphertext is broadcast on the chain, and only the second node on the second block chain can decrypt the request ciphertext through the private key to obtain the request information of the first node.
It should be noted that, the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data for analysis, stored data, presented data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party. In addition, the technical scheme described in the embodiment of the application conforms to relevant regulations of national laws and regulations in terms of data acquisition, storage, use, processing and the like.
Based on the above method for information cross-link interaction of a block chain, the embodiments herein further provide an information cross-link interaction device of a block chain. The apparatus may include systems (including distributed systems), software (applications), modules, components, servers, clients, etc. that employ the methods described herein in embodiments, in conjunction with any necessary apparatus to implement the hardware. Based on the same innovative concepts, embodiments herein provide an apparatus as described in the following embodiments. Since the implementation scheme of the apparatus for solving the problem is similar to that of the method, the specific apparatus implementation in the embodiment herein may refer to the implementation of the foregoing method, and repeated details are not described herein. As used hereinafter, the term "unit" or "module" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware or a combination of software and hardware is also possible and contemplated.
Specifically, fig. 11 is a schematic block structure diagram of an embodiment of an information cross-chain interaction device for a blockchain provided in an embodiment of the present disclosure, and referring to fig. 11, the information cross-chain interaction device for a blockchain provided in an embodiment of the present disclosure includes: the authentication system comprises an authentication ciphertext determination module 100, a first authentication result determination module 200, a first forwarding module 300, a second authentication result determination module 400, a response ciphertext determination module 500, a second forwarding module 600, an authentication success determination module 700 and a third forwarding module 800.
The authentication ciphertext determining module 100 is configured to generate an authentication identifier and authentication information by a first node on a first block chain, and encrypt the authentication identifier and the authentication information by using a private key to obtain an authentication ciphertext;
the first authentication result determining module 200 is configured to decrypt and authenticate the authentication ciphertext through the public key of the first node by the verification node on the first block chain, so as to obtain a first authentication result;
the first forwarding module 300 is configured to, when the first authentication result is that authentication is successful, send the public key of the first node and the authentication ciphertext to the second blockchain through the relay chain by the first blockchain;
a second authentication result determining module 400, configured to perform decryption authentication on the authentication ciphertext through the public key of the first node by the verification node in the second block chain, to obtain a second authentication result;
the response ciphertext determining module 500 is configured to generate the response identifier and the response information by the second block chain when the second authentication result is that the authentication is successful, and encrypt the response information through the public key of the first node to obtain a response ciphertext;
a second forwarding module 600, configured to send the response identifier and the response ciphertext to the first blockchain through the relay chain by the second blockchain;
an authentication success determining module 700, configured to determine, by the first blockchain, that the second blockchain is successfully authenticated according to the response identifier;
and the third forwarding module 800 is configured to decrypt the response ciphertext through a private key by the first node to obtain response information, and send the request information to the second block chain through the first block chain and the relay chain according to the response information.
Referring to fig. 12, based on the above-described method for information cross-chain interaction of a blockchain, an embodiment herein further provides a computer device 1202, where the above-described method runs on the computer device 1202. Computer device 1202 may include one or more processors 1204, such as one or more Central Processing Units (CPUs) or Graphics Processors (GPUs), each of which may implement one or more hardware threads. The computer device 1202 may also include any memory 1206 for storing any kind of information, such as code, settings, data, etc., and in a particular embodiment a computer program on the memory 1206 and executable on the processor 1204, which computer program, when executed by the processor 1204, may perform instructions according to the above-described methods. For example, and without limitation, memory 1206 may include any one or more of the following in combination: any type of RAM, any type of ROM, flash memory devices, hard disks, optical disks, etc. More generally, any memory may use any technology to store information. Further, any memory may provide volatile or non-volatile retention of information. Further, any memory may represent fixed or removable components of computer device 1202. In one case, when the processor 1204 executes the associated instructions, which are stored in any memory or combination of memories, the computer device 1202 can perform any of the operations of the associated instructions. The computer device 1202 also includes one or more drive mechanisms 1208 for interacting with any memory, such as a hard disk drive mechanism, an optical disk drive mechanism, and so forth.
The communication link 1222 may be implemented in any manner, such as through a local area network, a wide area network (e.g., the internet), a point-to-point connection, etc., or any combination thereof. The communication link 1222 may include any combination of hardwired links, wireless links, routers, gateway functions, name servers, etc., governed by any protocol or combination of protocols.
Corresponding to the methods in fig. 1-3 and 6-10, the embodiments herein also provide a computer-readable storage medium having stored thereon a computer program, which, when executed by a processor, performs the steps of the above-described method.
Embodiments herein also provide computer readable instructions, wherein a program therein causes a processor to perform the methods as shown in fig. 1-3 and 6-10 when the instructions are executed by the processor.
It should be understood that, in various embodiments herein, the sequence numbers of the above-mentioned processes do not mean the execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments herein.
It should also be understood that, in the embodiments herein, the term "and/or" is only one kind of association relation describing an associated object, meaning that three kinds of relations may exist. For example, a and/or B, may represent: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps of the examples described in connection with the embodiments disclosed herein may be embodied in electronic hardware, computer software, or combinations of both, and that the components and steps of the examples have been described in a functional general in the foregoing description for the purpose of illustrating clearly the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.
It can be clearly understood by those skilled in the art that, for convenience and simplicity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided herein, it should be understood that the disclosed system, apparatus, and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one type of logical functional division, and other divisions may be realized in practice, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may also be an electric, mechanical or other form of connection.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purposes of the embodiments herein.
In addition, functional units in the embodiments herein may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solutions of the present invention may be implemented in a form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the methods described in the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk, and various media capable of storing program codes.
The principles and embodiments of the present disclosure are explained in detail by using specific embodiments, and the above description of the embodiments is only used to help understanding the method and its core idea; meanwhile, for the general technical personnel in the field, according to the idea of this document, there may be changes in the concrete implementation and the application scope, in summary, this description should not be understood as the limitation of this document.
Claims (10)
1. A block chain information cross-chain interaction method is characterized by comprising the following steps:
a first node on the first block chain generates an authentication identifier and authentication information, and the authentication identifier and the authentication information are encrypted through a private key to obtain an authentication ciphertext;
the verification node on the first block chain decrypts and authenticates the authentication ciphertext through the public key of the first node to obtain a first authentication result;
when the first authentication result is that authentication is successful, the first block chain sends the public key of the first node and an authentication ciphertext to the second block chain through the relay chain;
the verification node on the second block chain decrypts and authenticates the authentication ciphertext through the public key of the first node to obtain a second authentication result;
when the second authentication result is that the authentication is successful, the second block chain generates a response identifier and response information, and the response information is encrypted through the public key of the first node to obtain a response ciphertext;
the second block chain sends a response identifier and a response ciphertext to the first block chain through the relay chain;
the first block chain determines that the second block chain is successfully authenticated according to the response identification;
the first node decrypts the response ciphertext through a private key to obtain response information, and sends the request information to the second block chain through the first block chain and the relay chain according to the response information.
2. The method of claim 1, wherein generating the authentication identifier and the authentication information by the first node on the first blockchain further comprises:
if the first node needs to initiate a one-way request to a second block chain, the first node generates an authentication identifier and authentication information, wherein the authentication identifier is a one-way request identifier, and the authentication information comprises authentication data;
and if the first node needs to perform an interactive request with a second node on a second block chain, the first node generates an authentication identifier and authentication information, wherein the authentication identifier is an interactive request identifier, and the authentication information comprises authentication data and an identifier of the second node.
3. The method of claim 2, wherein the step of decrypting and authenticating the authentication ciphertext by the verification node on the second blockchain through the public key of the first node to obtain a second authentication result further comprises:
the verification node on the second block chain decrypts the authentication ciphertext through the public key of the first node to obtain the authentication identification and the authentication information of the first node;
a verification node on the second blockchain verifies the authentication identification and the authentication information of the first node;
and when the verification results of the verification nodes exceeding the set number are successful, the second authentication result is authentication success.
4. The method of claim 3, wherein the generating of the response identifier and the response information by the second blockchain, and the encrypting of the response information by the public key of the first node to obtain the response ciphertext further comprises:
when the authentication identifier of the first block chain is a one-way request identifier, the second block chain generates an encryption key, and the encryption key and a public key of the first node are used as response information;
and the second block chain encrypts the response information through the public key of the first node to obtain a response ciphertext.
5. The method of claim 3, wherein the generating of the response identifier and the response information by the second blockchain, and the encrypting of the response information by the public key of the first node to obtain the response ciphertext further comprises:
when the authentication identifier of the first block chain is the interactive request identifier, the second block chain obtains the identifier of the second node according to the authentication information, and sends the public key and the authentication ciphertext of the first node to the second node;
the second node decrypts the authentication ciphertext through the public key of the first node to obtain the authentication identification and the authentication information of the first node;
the second node generates response data according to the authentication data in the authentication information, and the response data, the public key of the second node and the public key of the first node are used as response information;
and the second node encrypts the response information through the public key of the first node to obtain a response ciphertext.
6. The method of claim 4 or 5, wherein the sending the request message to the second blockchain through the first blockchain and the relay chain according to the response message further comprises:
the first node encrypts the request information according to the response information to obtain a request ciphertext, and broadcasts the request identifier and the request ciphertext on the first block chain;
the first block chain sends the request identification and the request ciphertext to a second block chain through a relay chain;
and the second block chain decrypts the request ciphertext to obtain the request information.
7. The method of claim 6, wherein the encrypting the request message by the first node according to the response message to obtain the request ciphertext further comprises:
when the authentication identifier of the first block chain is a one-way request identifier, the first node decrypts the response ciphertext through a private key to obtain an encryption key and a public key of the decrypted first node;
and after the first node confirms that the public key of the decrypted first node is consistent with the public key of the first node, encrypting the request information through the encryption key to obtain a request ciphertext.
8. The method of claim 6, wherein the encrypting the request message by the first node according to the response message to obtain the request ciphertext further comprises:
when the authentication identifier of the first block chain is the interactive request identifier, the first node decrypts the response ciphertext through a private key to obtain response data, a public key of the second node and a public key of the first node;
and after the first node confirms that the public key of the decrypted first node is consistent with the public key of the first node, the first node generates request information containing request data according to the response data, and the first node encrypts the request information through the public key of the second node to obtain a request ciphertext.
9. The method for information inter-chain interaction of blockchains according to claim 1, wherein the number of the second blockchains is at least one.
10. An information cross-chain interaction device for a blockchain, the device comprising:
the authentication ciphertext determining module is used for generating an authentication identifier and authentication information by a first node on the first block chain, and encrypting the authentication identifier and the authentication information through a private key to obtain an authentication ciphertext;
the first authentication result determining module is used for the verification node on the first block chain to decrypt and authenticate the authentication ciphertext through the public key of the first node to obtain a first authentication result;
the first forwarding module is used for sending the public key of the first node and the authentication ciphertext to the second block chain through the relay chain when the first authentication result is that the authentication is successful;
the second authentication result determining module is used for the verification node on the second block chain to decrypt and authenticate the authentication ciphertext through the public key of the first node to obtain a second authentication result;
the response ciphertext determining module is used for generating a response identifier and response information by the second block chain when the second authentication result is that the authentication is successful, and encrypting the response information through the public key of the first node to obtain a response ciphertext;
the second forwarding module is used for the second block chain to send the response identifier and the response ciphertext to the first block chain through the relay chain;
the authentication success determining module is used for the first block chain to determine that the second block chain is successfully authenticated according to the response identifier;
and the third forwarding module is used for decrypting the response ciphertext through a private key by the first node to obtain response information, and sending the request information to the second block chain through the first block chain and the relay chain according to the response information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211232061.1A CN115378942B (en) | 2022-10-10 | 2022-10-10 | Information cross-chain interaction method and interaction device for block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211232061.1A CN115378942B (en) | 2022-10-10 | 2022-10-10 | Information cross-chain interaction method and interaction device for block chain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115378942A true CN115378942A (en) | 2022-11-22 |
| CN115378942B CN115378942B (en) | 2022-12-20 |
Family
ID=84073792
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211232061.1A Active CN115378942B (en) | 2022-10-10 | 2022-10-10 | Information cross-chain interaction method and interaction device for block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115378942B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190305966A1 (en) * | 2018-04-03 | 2019-10-03 | Alibaba Group Holding Limited | Cross-blockchain authentication method, apparatus, and electronic device |
| US20210051023A1 (en) * | 2018-09-04 | 2021-02-18 | Advanced New Technologies Co., Ltd. | Cross-chain authentication method, system, server, and computer-readable storage medium |
| CN112491846A (en) * | 2020-11-18 | 2021-03-12 | 深圳前海微众银行股份有限公司 | Cross-chain block chain communication method and device |
| CN112800404A (en) * | 2021-03-30 | 2021-05-14 | 支付宝(杭州)信息技术有限公司 | Cross-link access control method and device |
| CN114598533A (en) * | 2022-03-10 | 2022-06-07 | 昆明理工大学 | Block chain side chain cross-chain identity trusted authentication and data encryption transmission method |
| CN114615095A (en) * | 2022-05-12 | 2022-06-10 | 北京邮电大学 | Block chain cross-chain data processing method, relay chain, application chain and cross-chain network |
| WO2022143798A1 (en) * | 2020-12-30 | 2022-07-07 | 杭州趣链科技有限公司 | Method for verifying cross-chain transaction, and terminal device and readable storage medium |
| CN114826766A (en) * | 2022-05-18 | 2022-07-29 | 北京交通大学 | Block chain cross-chain based security verifiable service providing method and system |
| CN115134075A (en) * | 2022-06-29 | 2022-09-30 | 蚂蚁区块链科技(上海)有限公司 | Cross-subnet calling method and device, electronic equipment and storage medium |
-
2022
- 2022-10-10 CN CN202211232061.1A patent/CN115378942B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20190305966A1 (en) * | 2018-04-03 | 2019-10-03 | Alibaba Group Holding Limited | Cross-blockchain authentication method, apparatus, and electronic device |
| US20210051023A1 (en) * | 2018-09-04 | 2021-02-18 | Advanced New Technologies Co., Ltd. | Cross-chain authentication method, system, server, and computer-readable storage medium |
| CN112491846A (en) * | 2020-11-18 | 2021-03-12 | 深圳前海微众银行股份有限公司 | Cross-chain block chain communication method and device |
| WO2022143798A1 (en) * | 2020-12-30 | 2022-07-07 | 杭州趣链科技有限公司 | Method for verifying cross-chain transaction, and terminal device and readable storage medium |
| CN112800404A (en) * | 2021-03-30 | 2021-05-14 | 支付宝(杭州)信息技术有限公司 | Cross-link access control method and device |
| CN114598533A (en) * | 2022-03-10 | 2022-06-07 | 昆明理工大学 | Block chain side chain cross-chain identity trusted authentication and data encryption transmission method |
| CN114615095A (en) * | 2022-05-12 | 2022-06-10 | 北京邮电大学 | Block chain cross-chain data processing method, relay chain, application chain and cross-chain network |
| CN114826766A (en) * | 2022-05-18 | 2022-07-29 | 北京交通大学 | Block chain cross-chain based security verifiable service providing method and system |
| CN115134075A (en) * | 2022-06-29 | 2022-09-30 | 蚂蚁区块链科技(上海)有限公司 | Cross-subnet calling method and device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115378942B (en) | 2022-12-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110493261B (en) | Verification code obtaining method based on block chain, client, server and storage medium | |
| CN100432889C (en) | System and method providing disconnected authentication | |
| CN101404576B (en) | Network resource query method and system | |
| US8396218B2 (en) | Cryptographic module distribution system, apparatus, and program | |
| US20060095769A1 (en) | System and method for initializing operation for an information security operation | |
| EP3333742B1 (en) | System and method for trusted presentation of information on untrusted user devices | |
| CN110690956B (en) | Bidirectional authentication method and system, server and terminal | |
| CN111030814A (en) | Key negotiation method and device | |
| CN111131416A (en) | Business service providing method and device, storage medium and electronic device | |
| CN110912920A (en) | Data processing method, apparatus and medium | |
| CN112653556B (en) | TOKEN-based micro-service security authentication method, device and storage medium | |
| CN112738117A (en) | Data transmission method, device and system, storage medium and electronic device | |
| CN112039892B (en) | Data sharing method and related device | |
| CN114465803A (en) | Object authorization method, device, system and storage medium | |
| CN115276978A (en) | Data processing method and related device | |
| CN111008400A (en) | Data processing method, device and system | |
| CN110611679A (en) | Data transmission method, device, equipment and system | |
| CN112633884A (en) | Local private key recovery method and device for transaction main body identity certificate | |
| CN115473655B (en) | Terminal authentication method, device and storage medium for access network | |
| CN115022012B (en) | Data transmission method, device, system, equipment and storage medium | |
| CN115378942B (en) | Information cross-chain interaction method and interaction device for block chain | |
| CN113434837B (en) | Method and device for equipment identity authentication and smart home system | |
| CN114745115A (en) | Information transmission method and device, computer equipment and storage medium | |
| EP4315739A1 (en) | Agile cryptographic deployment service | |
| CN114338091A (en) | Data transmission method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |