CN115567326A - Data transaction method and device based on block chain - Google Patents

Data transaction method and device based on block chain Download PDF

Info

Publication number
CN115567326A
CN115567326A CN202211544709.9A CN202211544709A CN115567326A CN 115567326 A CN115567326 A CN 115567326A CN 202211544709 A CN202211544709 A CN 202211544709A CN 115567326 A CN115567326 A CN 115567326A
Authority
CN
China
Prior art keywords
data
key
ciphertext
private
blockchain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202211544709.9A
Other languages
Chinese (zh)
Other versions
CN115567326B (en
Inventor
马兆丰
王晶宇
段鹏飞
胡绍洲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing University of Posts and Telecommunications
Original Assignee
Beijing University of Posts and Telecommunications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing University of Posts and Telecommunications filed Critical Beijing University of Posts and Telecommunications
Priority to CN202211544709.9A priority Critical patent/CN115567326B/en
Publication of CN115567326A publication Critical patent/CN115567326A/en
Application granted granted Critical
Publication of CN115567326B publication Critical patent/CN115567326B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/108Network architectures or network communication protocols for network security for controlling access to devices or network resources when the policy decisions are valid for a limited amount of time
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a data transaction method and a device based on a block chain. The method fully utilizes symmetric encryption and asymmetric encryption to finish the transmission of the initial key and the private data for the identity authentication of the main body, thereby improving the safety performance. Meanwhile, by introducing verification for limiting decryption time, time-limited sharing of specified data can be realized. According to the data transaction method based on the block chain, a transmission encryption mechanism is constructed, and the method can be suitable for various block chain platforms on the basis of meeting the privacy requirements of special subjects so as to enhance the service expansion capability.

Description

Data transaction method and device based on block chain
Technical Field
The invention relates to the technical field of data communication, in particular to a data transaction method and device based on a block chain.
Background
The blockchain is essentially a distributed book technology, stores and verifies transactions in a decentralized mode, and maintains consistency of the transactions by a large number of peer nodes together, so that transaction data on the chain is public and transparent. The transaction data in the block chain is packaged and stored in a block form, and the blocks are connected through the hash value, so that the non-tamper property and the traceability of the data on the chain are ensured. The block chain eliminates the dependency on the participation of a third party in verification and record transaction, so that the block chain can be used as a trust foundation of the existing application system and can be used in the fields of finance, education, medical treatment and the like.
Cryptography serves as the core of the block chain to ensure integrity, non-repudiation and non-tampering of the transaction information. The cryptographic algorithm at the bottom of the block chain technology mainly comprises a hash algorithm and an asymmetric encryption algorithm. And performing hash calculation on the previous block by using a hash algorithm, and storing the obtained fixed-length abstract in the current block, thereby realizing the integrity and the non-tamper property of the block chain. In the asymmetric encryption algorithm, a transaction initiator can digitally sign a transaction by using a private key of the transaction initiator to ensure the integrity of transaction transmission and the non-repudiation of a transaction sender.
The existing public block chain platform lacks an encryption algorithm for supporting enterprise-level application, cannot meet the privacy requirements of a specific subject, and cannot meet the requirements of the specific subject on privacy data safety and time-limited sharing.
Disclosure of Invention
In view of the above, embodiments of the present invention provide a method and an apparatus for data transaction based on a block chain, so as to obviate or mitigate one or more drawbacks in the prior art, and provide an encryption transmission method based on a block chain, so as to meet the requirement of private transmission of a specific subject.
One aspect of the present invention provides a data transaction method based on a blockchain, including the steps of:
generating an initial key based on symmetric encryption by a data provider, and generating a round key according to the initial key by adopting a preset key expansion algorithm;
encrypting, by the data provider, private data using the round key to obtain a first ciphertext;
the data provider encodes and modulates the initial key according to a preset hidden transmission rule to obtain hidden information;
obtaining a first public key and a corresponding first private key by a verification node in a block chain network according to system parameters, disclosing the first public key, and locally storing the first private key;
generating, by the data provider, a restricted decryption time of the private data, encrypting the hidden information and the restricted decryption time with the first public key to obtain a second ciphertext, and encrypting the first ciphertext with the first public key to obtain the third ciphertext;
applying for registration and obtaining, by the data provider, a first digital certificate and a first signing private key to a set certificate authority, and applying for registration and obtaining, by the data receiver, a second digital certificate and a second signing private key to the set certificate authority;
uploading, by the data provider, the second ciphertext and the third ciphertext to the blockchain network in combination with the first digital certificate and the first signature private key, authenticating, by an accounting node of the blockchain network, the first digital certificate and the first signature private key, and performing uplink storage on the second ciphertext and the third ciphertext after the authentication is passed;
sending, by the data receiver, a data request to a verification node of the blockchain network in conjunction with the second digital certificate and the second private signature key;
the verification node of the block chain network authenticates the second digital certificate and the second signature private key, after the authentication is passed, the second ciphertext and the third ciphertext stored in the chain are inquired, the second ciphertext and the third ciphertext are decrypted by the first private key, and the hidden information, the limited decryption time and the first ciphertext are recovered;
checking whether the current time is overtime or not by a verification node of the block chain network according to the limited decryption time, and sending the recovered hidden information and the first ciphertext to the data receiver under the condition that the current time is not overtime;
and the data receiver demodulates and decodes the recovered hidden information according to the preset hidden transmission rule to recover the initial key, the round key is regenerated according to the recovered initial key by adopting the preset key expansion algorithm, and the first ciphertext recovered by utilizing the regenerated round key is decrypted to obtain the private data.
In some embodiments, generating, by the data provider, an initial key based on symmetric encryption, and before generating a round key from the initial key using a pre-key expansion algorithm, further includes:
covert transmission rules are determined and initialized by the data provider and the data receiver in concert, and coding tables and modulation symbol tables for covert transmission are determined.
In some embodiments, in the preset key expansion algorithm, the initial key expression is:
Figure 537149DEST_PATH_IMAGE001
the system parameter expression is:
Figure 140168DEST_PATH_IMAGE002
the fixed parameter expression is:
Figure 314798DEST_PATH_IMAGE003
the round key calculation formula is as follows:
Figure 977860DEST_PATH_IMAGE004
Figure 500590DEST_PATH_IMAGE005
wherein the transformation is reversible
Figure 907300DEST_PATH_IMAGE006
In which
Figure 264332DEST_PATH_IMAGE007
Is a non-linear transformation of the image,
Figure 832717DEST_PATH_IMAGE008
is a linear transformation.
In some embodiments, a verification node in the blockchain network obtains a first public key and a corresponding first private key according to system parameters, where the first public key and the first private key are obtained by using an SM2 elliptic curve public key cryptographic algorithm.
In some embodiments, generating, by the data provider, an initial key based on symmetric encryption, and before generating a round key from the initial key using a pre-key expansion algorithm, further includes: and the data provider distinguishes whether the data to be transmitted is common data or private data, and if the data to be transmitted is the common data, the data to be transmitted is directly sent to the block chain network for uplink storage.
In some embodiments, the decryption limiting time is preset according to the service type of the private data, and the decryption limiting time may be directly marked with a timestamp, or may be constrained by setting a decryption deadline in combination with a timestamp of the private data uploaded by the data provider.
In some embodiments, authenticating, by an accounting node of the blockchain network, the first digital certificate and the first private signature key, and after the second ciphertext and the third ciphertext are uplink stored after the authenticating is passed, further comprising: and calculating a hash value of the second ciphertext and the third ciphertext by adopting an SM3 algorithm, and performing uplink storage.
In some embodiments, the method employs a BCCSP cryptographic module to provide key generation, message signing and verification, hashing algorithms, and encryption and decryption.
In another aspect, the present invention also provides an apparatus for data transaction based on blockchain, including a processor and a memory, where the memory stores computer instructions, and the processor is configured to execute the computer instructions stored in the memory, and when the computer instructions are executed by the processor, the apparatus implements the steps of the above method.
In another aspect, the present invention also provides a computer-readable storage medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the steps of the method as described above.
The invention has the beneficial effects that:
according to the data transaction method and device based on the block chain, round key encryption private data are generated according to an initial key based on a preset key expansion algorithm and are stored in a chain mode, the initial key is encrypted and transmitted between a data provider and a data receiver through a preset hidden transmission rule, and the round key is regenerated and decrypted by the data receiver according to the initial key based on the preset key expansion algorithm to obtain the private data. The method fully utilizes symmetric encryption and asymmetric encryption to finish the transmission of the initial key and the private data mentioned in the principal identity authentication, thereby improving the safety performance. Meanwhile, by introducing verification for limiting decryption time, time-limited sharing of specified data can be realized.
Furthermore, a transmission encryption mechanism is constructed through the data transaction method based on the block chain, so that the method can be suitable for various block chain platforms on the basis of meeting the privacy requirements of special subjects, and the service expansion capability is enhanced.
Additional advantages, objects, and features of the invention will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and drawings.
It will be appreciated by those skilled in the art that the objects and advantages that can be achieved with the present invention are not limited to the specific details set forth above, and that these and other objects that can be achieved with the present invention will be more clearly understood from the detailed description that follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principle of the invention. In the drawings:
fig. 1 is a block chain network architecture diagram of a private block chain based data transaction method according to an embodiment of the present invention.
Fig. 2 is a flowchart of a data transaction method based on a blockchain according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the following embodiments and accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.
It should be noted that, in order to avoid obscuring the present invention with unnecessary details, only the structures and/or processing steps closely related to the scheme according to the present invention are shown in the drawings, and other details not so relevant to the present invention are omitted.
It should be emphasized that the term "comprises/comprising" when used herein, is taken to specify the presence of stated features, elements, steps or components, but does not preclude the presence or addition of one or more other features, elements, steps or components.
It is also noted herein that the term "coupled," if not specifically stated, may refer herein to not only a direct connection, but also an indirect connection in which an intermediate is present.
Hereinafter, embodiments of the present invention will be described with reference to the accompanying drawings. In the drawings, the same reference numerals denote the same or similar parts, or the same or similar steps.
In order to meet special privacy requirements of medical treatment, tax, government and bidding institutions, the method is suitable for different block chain platforms and is convenient for expanding services. By constructing a new encryption transmission mechanism, a national encryption algorithm can be introduced to be combined with the existing blockchain platform to carry out service deployment.
For example, hyperLegendr Fabric is an enterprise-level open source licensed blockchain platform hosted by the Linux foundation, and is currently a representative platform of a Federation chain in the field of blockchains. The architecture of the Fabric platform is highly modular, so that the modules can be upgraded independently to improve expandability. The Fabric platform consists of a Fabric network, a Fabric-CA and a Fabric-SDK, and the whole Fabric platform transaction flow is obtained through interactive connection among the parts.
First, the Fabric-SDK application client applies for registration with the certificate authority Fabric-CA to obtain an identity certificate. The client may then submit a proposal for the transaction to an endorsement node in the Fabric blockchain network. When the client collects enough endorsement results, the endorsement results are packaged and a transaction is initiated to the sequencing node. The sort node packages all transactions and generates blocks using the PBFT consensus algorithm (the practical byzantine fault tolerance algorithm). Finally, the sequencing node broadcasts the block to all peer nodes by using a Gossip protocol, and each peer node updates the distributed account book after verifying that the transaction in the block is correct. The Fabric platform provides calling interfaces such as a client SDK and a chain code API, and provides services such as identity management and account management for Fabric application. In each transaction link involved in the Fabric blockchain network transaction flow, digital signature and signature verification operations exist to ensure ownership of the client private key and non-repudiation of the transaction. The signature and verification functions of the transaction are provided by the underlying security and cryptographic services. The service comprises a BCCSP component and provides services such as key generation, signature and verification of messages, a hash algorithm, encryption and decryption and the like for Fabric.
The HyperLegridge Fabric platform lacks of an effective encryption algorithm, cannot meet the requirements of enterprise-level specific main bodies, guarantees the safety and time-limited sharing of private data on a chain, and can be applied at the domestic enterprise level to construct a new encryption algorithm system in order to construct a national confidential block chain safety sharing model.
Specifically, one aspect of the present invention provides a data transaction method based on a block chain, including the following steps S101 to S111:
step S101: and generating an initial key based on symmetric encryption by a data provider, and generating a round key according to the initial key by adopting a preset key expansion algorithm.
Step S102: the private data is encrypted by the data provider using the round key to obtain a first ciphertext.
Step S103: and the data provider encodes and modulates the initial secret key according to a preset hidden transmission rule to obtain hidden information.
Step S104: and obtaining a first public key and a corresponding first private key by a verification node in the block chain network according to the system parameters, disclosing the first public key, and locally storing the first private key.
Step S105: and generating the decryption limiting time of the private data by the data provider, encrypting the hidden information and the decryption limiting time by using the first public key to obtain a second ciphertext, and encrypting the first ciphertext by using the first public key to obtain a third ciphertext.
Step S106: the data provider applies for registration and obtains a first digital certificate and a first private signing key from the set certificate authority, and the data receiver applies for registration and obtains a second digital certificate and a second private signing key from the set certificate authority.
Step S107: and uploading the second ciphertext and the third ciphertext to a blockchain network by the data provider in combination with the first digital certificate and the first signature private key, authenticating the first digital certificate and the first signature private key by an accounting node of the blockchain network, and uploading and storing the second ciphertext and the third ciphertext after the authentication is passed.
Step S108: and sending a data request to a verification node of the blockchain network by the data receiver in combination with the second digital certificate and the second private signature key.
Step S109: and the verification node of the block chain network authenticates the second digital certificate and the second signature private key, after the authentication is passed, the second ciphertext and the third ciphertext stored in the chain are inquired, the second ciphertext and the third ciphertext are decrypted by the first private key, and the hidden information, the decryption time limit and the first ciphertext are recovered.
Step S110: and checking whether the current time is overtime or not by the verification node of the block chain network according to the limited decryption time, and sending the recovered hidden information and the first ciphertext to a data receiver under the condition of not overtime.
Step S111: and the data receiver demodulates and decodes the recovered hidden information according to a preset hidden transmission rule, recovers the initial key, regenerates the round key according to the recovered initial key by adopting a preset key expansion algorithm, and decrypts the recovered first ciphertext by using the regenerated round key to obtain the private data.
In some embodiments, before step S101, that is, before the data provider generates the initial key based on symmetric encryption and the round key is generated from the initial key by using the preset key expansion algorithm, the method further includes: the covert transmission rules are determined and initialized by both the data provider and the data receiver, and the coding tables and modulation symbol tables used for covert transmission are determined. The covert transmission rules are agreed and set by the data provider and the data receiver, and are used exclusively for transmitting the initial key. The encryption transmission of the initial key is realized by encoding and modulating at a data provider end through an agreed rule and decoding and demodulating at a data receiver end through the agreed rule.
In some embodiments, in step S101, in the preset key expansion algorithm, the initial key may be expressed as:
Figure 845672DEST_PATH_IMAGE009
the system parameter expression is:
Figure 790494DEST_PATH_IMAGE010
the fixed parameter expression is:
Figure 205295DEST_PATH_IMAGE011
the round key calculation formula is:
Figure 944581DEST_PATH_IMAGE012
Figure 116937DEST_PATH_IMAGE013
wherein the transformation is reversible
Figure 868379DEST_PATH_IMAGE014
Wherein
Figure 137687DEST_PATH_IMAGE015
Is a non-linear transformation of the image data,
Figure 47874DEST_PATH_IMAGE016
is a linear transformation.
In step S102, the private data is encrypted using the round key to obtain a first ciphertext, knowing that the plaintext input is
Figure 35421DEST_PATH_IMAGE017
Round key
Figure 118784DEST_PATH_IMAGE018
(ii) a Reversible transformation
Figure 242598DEST_PATH_IMAGE019
Wherein
Figure 589265DEST_PATH_IMAGE015
Is a non-linear transformation of the image,
Figure 470634DEST_PATH_IMAGE020
is a linear transformation. The operation process of the encryption algorithm is as follows:
Figure 295370DEST_PATH_IMAGE021
output of the ciphertext
Figure 536340DEST_PATH_IMAGE022
. The operation process of the encryption algorithm is recorded as:
Figure 850647DEST_PATH_IMAGE023
in step S103, the preset hidden transmission rule mainly includes a convention coding table
Figure 812787DEST_PATH_IMAGE024
And modulation symbol table
Figure 441214DEST_PATH_IMAGE025
In some embodiments, in step S104, a verification node in the blockchain network obtains a first public key and a corresponding first private key according to the system parameters, where the first public key and the first private key are obtained by using an SM2 elliptic curve public key cryptographic algorithm.
In some embodiments, generating, by the data provider, an initial key based on symmetric encryption, and before generating, by using a pre-key expansion algorithm, a round key from the initial key, further includes: the data provider distinguishes whether the data to be transmitted is common data or private data, and if the data to be transmitted is the common data, the data to be transmitted is directly sent to the block chain network for uplink storage.
Common data and private data are distinguished, the same processing mode is set for different data, the common data do not need privacy protection and can be directly stored and transmitted through uplink, and the private data are stored in the uplink in the steps S101-S111 and are acquired by a data receiver.
In step S105, the decryption time is limited by the time for which the private data can be read, and for the sensitive data or the data with a specific time efficiency, the decryption time is limited by manual setting for constraint management, so as to implement time-limited sharing.
Specifically, in some embodiments, the decryption limiting time is preset according to the service type of the private data, and the decryption limiting time may be directly marked by a timestamp, or may be constrained by setting a decryption deadline in combination with a timestamp of the private data uploaded by a data provider.
In step S106, the third-party certification authority provides the digital certificate and the signature to the data provider and the data receiver, for example, the Fabric-CA in the superledger Fabric is used to perform application registration to obtain the identity certificate.
In some embodiments, in step S107, authenticating, by an accounting node of the blockchain network, the first digital certificate and the first private signature key, and after the authentication is passed and the second ciphertext and the third ciphertext are stored in the uplink, the method further includes: and calculating the hash value of the second ciphertext and the third ciphertext by adopting an SM3 algorithm, and performing uplink storage.
In steps S108 to S111, a data receiver queries the required private data on the block chain according to actual needs, and gradually decrypts the private data according to the reverse order of the encryption process to obtain the initial private data.
In some embodiments, the method employs a BCCSP cryptographic module to provide key generation, message signing and verification, hashing algorithms, and encryption and decryption.
In another aspect, the present invention also provides an apparatus for data transaction based on blockchain, which includes a processor and a memory, wherein the memory has stored therein computer instructions, and the processor is configured to execute the computer instructions stored in the memory, and when the computer instructions are executed by the processor, the apparatus implements the steps of the method.
In another aspect, the present invention also provides a computer-readable storage medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the steps of the method as described above.
The invention is illustrated below with reference to specific examples:
in order to realize the secure sharing of transaction data under a national secret blockchain platform, as shown in fig. 1, the invention provides a data transaction method based on a blockchain. The system model of the method mainly comprises three types of entities: a data provider, a national dense blockchain network, and a data receiver. Wherein, the data provider is an organization for medical treatment, tax, government, bid and the like which provides data to the demander; the national cryptographic blockchain network is a Fabric blockchain platform which replaces the underlying cryptographic algorithm of the Fabric platform by the national cryptographic algorithm; the data receiver is a party that needs data to implement various business applications, and includes performing medical research using user data, rating credit of a user, acquiring personal information of the user, completing various businesses, bidding for items, and the like.
The embodiment provides a data transaction method based on a blockchain, as shown in fig. 2, including the following steps:
step 1, initializing a hidden transmission rule, and generating a processing rule for a message during hidden transmission. The data supplier and the data receiver initialize the processing rule of the message in advance when generating the hidden transmission, including the coding table
Figure 274041DEST_PATH_IMAGE024
And modulation symbol table
Figure 634615DEST_PATH_IMAGE025
And 2, generating an initial key distributed by SM4 symmetric encryption by the data provider. Data provider generates initial key needed by SM4 symmetric encryption algorithm
Figure 818472DEST_PATH_IMAGE026
And 3, the data provider generates a round key according to the initial key and encrypts the private data. The data provider generates a round key from the initial key generated in step 2
Figure 250590DEST_PATH_IMAGE027
(ii) a Using round keys
Figure 203503DEST_PATH_IMAGE028
Encrypting a user
Figure 65804DEST_PATH_IMAGE029
To obtain a ciphertext
Figure 533694DEST_PATH_IMAGE030
I.e. by
Figure 238345DEST_PATH_IMAGE031
And 4, the data provider encodes and modulates the initial key to generate the hidden information. The data provider pairs the initial key according to the message processing rule agreed with the data receiver
Figure 311343DEST_PATH_IMAGE032
Coding and modulating to obtain hidden information
Figure 13720DEST_PATH_IMAGE033
Namely:
Figure 172169DEST_PATH_IMAGE034
and 5, acquiring a public and private key pair of the SM2 algorithm by a verification node in the block chain network according to the system parameters. A verification node in the block chain network acquires a public and private key pair of the SM2 algorithm according to the system parameters
Figure 680511DEST_PATH_IMAGE035
Are combined with each other
Figure 873595DEST_PATH_IMAGE036
The broadcast publication is carried out such that,
Figure 871507DEST_PATH_IMAGE037
and (4) storing locally.
And 6, the data provider encrypts the hidden information and the data expiration time by using the public key of the verification node. Data provider generation of time-limited decrypted private data
Figure 983163DEST_PATH_IMAGE038
Then using the public key of the verification node
Figure 560775DEST_PATH_IMAGE039
Respectively to data
Figure 280470DEST_PATH_IMAGE040
And
Figure 980441DEST_PATH_IMAGE041
encrypting to obtain ciphertext
Figure 847903DEST_PATH_IMAGE042
And
Figure 635731DEST_PATH_IMAGE043
. Namely:
Figure 537827DEST_PATH_IMAGE044
Figure 80804DEST_PATH_IMAGE045
and 7, the SDK client sides corresponding to the data provider and the data receiver respectively apply for registration to the certificate authority. User registration: SDK clients corresponding to a data provider and a data receiver respectively apply for registration to a certificate authority to acquire a digital certificate
Figure 435562DEST_PATH_IMAGE046
Figure 92327DEST_PATH_IMAGE047
And a private signature key
Figure 911247DEST_PATH_IMAGE048
And 8, initiating transaction and uploading the encrypted data by the data provider. Data provider client initiated transaction
Figure 625126DEST_PATH_IMAGE049
The encrypted ciphertext
Figure 467180DEST_PATH_IMAGE050
And
Figure 659127DEST_PATH_IMAGE051
uploading into a blockchain. The specific transaction form is as follows:
Figure 207920DEST_PATH_IMAGE052
before uploading block chain, each accounting node utilizes data extractionPublic key of supplier client
Figure 92699DEST_PATH_IMAGE053
For transaction
Figure 422049DEST_PATH_IMAGE054
The signature of the block is verified, if the verification is passed, the transaction is added into the block after being hashed by using SM3, and if the verification is failed, the transaction is refused to be uploaded into the block chain.
And 9, the data receiver initiates a data request to the verification node. Private data uploaded by data provider is needed by data receiver
Figure 417687DEST_PATH_IMAGE055
And then, the client side initiates a data request to the verification node client side.
And 10, the verification node client side initiates transaction query data. After the verification node client receives the request, the transaction is initiated
Figure 169390DEST_PATH_IMAGE056
Querying data in blockchains
Figure 225071DEST_PATH_IMAGE050
And
Figure 838455DEST_PATH_IMAGE051
namely:
Figure 903363DEST_PATH_IMAGE057
the specific transaction form is as follows:
Figure 223486DEST_PATH_IMAGE058
and 11, the verification node decrypts the related data and verifies whether the time is expired. The verification nodes respectively decrypt by using private keys
Figure 450068DEST_PATH_IMAGE050
And
Figure 754010DEST_PATH_IMAGE051
Figure 29134DEST_PATH_IMAGE059
Figure 469342DEST_PATH_IMAGE060
after decryption, the verification node determines whether the current time is exceeded. If the current time is exceeded, the verification node client returns to the data demander
Figure 869755DEST_PATH_IMAGE061
. Initiating a transaction
Figure 192152DEST_PATH_IMAGE062
Upload to
Figure 598863DEST_PATH_IMAGE063
And
Figure 893578DEST_PATH_IMAGE064
the specific transaction form is as follows:
Figure 461963DEST_PATH_IMAGE065
and 12, initiating a transaction by the data receiver, and inquiring relevant data. The verification node client initiates data queryable information to the data receiver, and the data receiver initiates a transaction to query the data in the blockchain
Figure 474918DEST_PATH_IMAGE066
And
Figure 419740DEST_PATH_IMAGE067
namely:
Figure 506645DEST_PATH_IMAGE068
the specific transaction form is as follows:
Figure 511510DEST_PATH_IMAGE069
and step 13, the data receiver recovers the concealed information by using the processing rule. The data receiver demodulates and decodes the hidden information according to the message processing rule agreed with the data provider to obtain the initial symmetric key
Figure 743253DEST_PATH_IMAGE070
Namely:
Figure 491766DEST_PATH_IMAGE071
and step 14, the data receiver generates a round key according to the recovered initial symmetric key and decrypts the data. According to the initial symmetric key recovered by the receiver
Figure 761073DEST_PATH_IMAGE070
Generating round keys
Figure 733577DEST_PATH_IMAGE072
(ii) a Using round keys
Figure 721125DEST_PATH_IMAGE073
Decrypting user ciphertext privacy data
Figure 742170DEST_PATH_IMAGE074
To obtain a decrypted text
Figure 131563DEST_PATH_IMAGE075
I.e. by
Figure 884756DEST_PATH_IMAGE076
. So far, the private data sharing process of the data provider and the data receiver is completed.
In order to more clearly describe the technical solution of the present invention, specific embodiments of the present invention will now be described in detail with reference to the accompanying drawings, wherein fig. 1 is a national secret block chain privacy protection system model, and fig. 2 is a transaction data privacy protection method flow based on a national secret algorithm.
According to the embodiment, a private and secure sharing model of the transaction data under the foreign secret blockchain is firstly established, and then a block chain transaction data privacy protection method supporting a national secret algorithm system is provided. In the embodiment, the data to be linked up is divided into normal data and private data, and the sender of the transaction needs to encrypt the private data. In the embodiment, the privacy data is encrypted by adopting a symmetric encryption algorithm, so that only a transaction receiver can obtain the privacy data. Meanwhile, the symmetric key shared by both parties of the transaction is transmitted through the block chain hidden channel, so that the security of the symmetric key is effectively ensured. In addition, the embodiment uses the SM2 public key encryption algorithm to verify the validity period of the data, and is suitable for bidding, file downloading and other scenes.
The parameters involved in this example are as follows:
table 1 shows the meanings of the parameters mentioned in this example
Figure 359599DEST_PATH_IMAGE078
In this embodiment, a privacy and security sharing model of transaction data under a national block chain is provided, and the model mainly includes three types of entities: data provider, national cipher blockchain network and data receiver:
the data provider refers to institutions such as medical treatment, tax, government and bid for providing data to demanders; and the data provider divides the data into common data and private data, and encrypts the private data before uploading the data to the blockchain network.
The national secret block chain network is a Fabric block chain platform which replaces the underlying cryptographic algorithm of the Fabric platform by using the encryption algorithm in the invention; after registering, the data provider is added to different organizations of the network as a peer node; a verification node exists in the block chain network, and the node has the main functions of verifying the correctness of the signature verification transaction and whether ciphertext data uploaded to the block chain by a data provider is within the validity period; the peer node can initiate a transaction to call an intelligent contract to realize uploading of related ciphertext data and encryption sharing of the data, and safety, integrity and timeliness of transaction data are guaranteed. The data receiver is a party needing data for realizing various service applications, and comprises the steps of utilizing user data to perform medical research, rating the credit of a user, acquiring personal information of the user to complete various services, bidding for items and the like; the data receiver obtains the ciphertext data by initiating a data request transaction, and the ciphertext data can be decrypted at the client to obtain the data.
In this embodiment, the user data is divided into general data and private data, and the data provider determines the type of the data. Ordinary data can be directly uplink, and the privacy of the user cannot be threatened. The private data is encrypted by a user symmetric encryption algorithm, and the security of the private data on a chain is guaranteed. The block chain hidden channel is used for transmitting the symmetric key adopted by both transaction parties, so that the concealment, the non-tampering property and the anti-interference property of the symmetric key can be ensured. In addition, the SM2 encryption algorithm is utilized herein for validity verification of time privacy data. That is, the data can be decrypted only within the specified time, and the data cannot be decrypted once the time is exceeded, so that the timeliness of the data is ensured.
As shown in fig. 2, the block chain transaction data privacy protection method supporting the cryptographic algorithm system according to this embodiment is implemented as follows:
step a, hidden transmission rule initialization: the data supplier and the data receiver initialize the processing rule of the message in advance when generating the hidden transmission, including the coding table
Figure 187266DEST_PATH_IMAGE079
And modulation symbol table
Figure 227903DEST_PATH_IMAGE080
Step b, key generation: data provider generates initial key needed by SM4 symmetric encryption algorithm
Figure 745472DEST_PATH_IMAGE081
C, encryption: the data provider generates round keys from the initial key
Figure 442032DEST_PATH_IMAGE082
(ii) a Using round keys
Figure 70460DEST_PATH_IMAGE083
Encrypting a user
Figure 168866DEST_PATH_IMAGE084
To obtain a ciphertext
Figure 529440DEST_PATH_IMAGE085
I.e. by
Figure 713297DEST_PATH_IMAGE086
Step d, generating hidden information: the data provider pairs the initial key according to the message processing rule agreed with the data receiver
Figure 879836DEST_PATH_IMAGE087
Coding and modulating to obtain hidden information
Figure 360977DEST_PATH_IMAGE088
Namely:
Figure 954769DEST_PATH_IMAGE089
and e, generating a public and private key pair: a verification node in the block chain network acquires a public and private key pair of the SM2 algorithm according to the system parameters
Figure 422660DEST_PATH_IMAGE090
Are combined with each other
Figure 392890DEST_PATH_IMAGE091
The broadcast publication is carried out such that,
Figure 200309DEST_PATH_IMAGE092
and (4) storing locally.
Step f, encrypting data: data extractionDonor generation time limiting decryption of private data
Figure 230582DEST_PATH_IMAGE093
Then using the public key of the verification node
Figure 654610DEST_PATH_IMAGE094
Respectively to data
Figure 428531DEST_PATH_IMAGE095
And
Figure 93386DEST_PATH_IMAGE096
encrypting to obtain ciphertext
Figure 294560DEST_PATH_IMAGE097
And
Figure 612409DEST_PATH_IMAGE098
. Namely:
Figure 783496DEST_PATH_IMAGE099
Figure 299928DEST_PATH_IMAGE100
step g, user registration: SDK clients corresponding to a data provider and a data receiver respectively apply for registration to a certificate authority to acquire a digital certificate
Figure 344108DEST_PATH_IMAGE101
Figure 477149DEST_PATH_IMAGE102
And a private signature key
Figure 327293DEST_PATH_IMAGE103
Step h, data uplink: data provider client initiated transaction
Figure 26128DEST_PATH_IMAGE104
The encrypted ciphertext
Figure 769437DEST_PATH_IMAGE097
And
Figure 186512DEST_PATH_IMAGE098
uploading into a blockchain. The specific transaction form is as follows:
Figure 574768DEST_PATH_IMAGE105
prior to uploading the blockchain, each billing node utilizes the public key of the data provider client
Figure 3475DEST_PATH_IMAGE106
For transaction
Figure 982933DEST_PATH_IMAGE107
The signature of the block is verified, if the verification is passed, the transaction is added into the block after being hashed by using SM3, and if the verification is failed, the transaction is refused to be uploaded into the block chain.
Step i. Data request: private data uploaded by data provider is needed by data receiver
Figure 559408DEST_PATH_IMAGE108
Then, the client side initiates a data request to the verification node client side;
j, verifying node data query: after the verification node client receives the request, the transaction is initiated
Figure 282513DEST_PATH_IMAGE109
Querying data in blockchains
Figure 893623DEST_PATH_IMAGE097
And
Figure 778402DEST_PATH_IMAGE098
namely:
Figure 907420DEST_PATH_IMAGE110
the specific transaction form is as follows:
Figure 168637DEST_PATH_IMAGE111
step k, time verification: the verification nodes respectively decrypt by using private keys
Figure 634253DEST_PATH_IMAGE097
And
Figure 955513DEST_PATH_IMAGE098
Figure 506580DEST_PATH_IMAGE112
Figure 978013DEST_PATH_IMAGE113
after decryption, the verification node judges whether the current time is exceeded. If the current time is exceeded, the verification node client returns to the data demander
Figure 563715DEST_PATH_IMAGE114
. Otherwise, initiating the transaction
Figure 790297DEST_PATH_IMAGE115
Upload to
Figure 94239DEST_PATH_IMAGE116
And
Figure 717767DEST_PATH_IMAGE117
the specific transaction form is as follows:
Figure 157975DEST_PATH_IMAGE118
data receiver data query: authenticationThe node client initiates data queryable information to the data receiver, and then the data receiver initiates a transaction to query the data in the blockchain
Figure 352196DEST_PATH_IMAGE116
And
Figure 143435DEST_PATH_IMAGE117
namely:
Figure 18987DEST_PATH_IMAGE119
. The specific transaction form is as follows:
Figure 579281DEST_PATH_IMAGE120
step m, key recovery: the data receiver demodulates and decodes the hidden information according to the message processing rule agreed with the data provider to obtain the initial symmetric key
Figure 678824DEST_PATH_IMAGE121
Namely:
Figure 691780DEST_PATH_IMAGE122
step n, decryption: the data receiver is based on the original symmetric key at the recovery site
Figure 373952DEST_PATH_IMAGE121
Generating round keys
Figure 460857DEST_PATH_IMAGE123
(ii) a Using round keys
Figure 465722DEST_PATH_IMAGE124
Decrypting user ciphertext privacy data
Figure 293870DEST_PATH_IMAGE125
To obtain a decrypted text
Figure 448908DEST_PATH_IMAGE126
I.e. by
Figure 983794DEST_PATH_IMAGE127
. At this point, the process of private data sharing between the data provider and the data receiver is completed.
In summary, according to the data transaction method and apparatus based on the blockchain, round key encryption private data is generated according to an initial key based on a preset key expansion algorithm and is uplink stored, the initial key is encrypted and transmitted between a data provider and a data receiver according to a preset hidden transmission rule, and the round key is re-generated according to the initial key based on the preset key expansion algorithm by the data receiver and is decrypted to obtain the private data. The method fully utilizes symmetric encryption and asymmetric encryption to finish the transmission of the initial key and the private data for the identity authentication of the main body, thereby improving the safety performance. Meanwhile, by introducing verification for limiting decryption time, time-limited sharing of specified data can be realized.
Furthermore, a transmission encryption mechanism is constructed through the data transaction method based on the block chain, so that the method can be suitable for various block chain platforms on the basis of meeting the privacy requirements of special subjects, and the service expansion capability is enhanced.
In accordance with the above method, the present invention also provides a data transaction apparatus/system based on blockchain, which includes a computer device including a processor and a memory, wherein the memory stores computer instructions, the processor is used for executing the computer instructions stored in the memory, and the apparatus/system realizes the steps of the method when the computer instructions are executed by the processor.
An embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program is executed by a processor to implement the steps of the foregoing edge computing server deployment method. The computer readable storage medium may be a tangible storage medium such as Random Access Memory (RAM), memory, read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, floppy disks, hard disks, removable storage disks, CD-ROMs, or any other form of storage medium known in the art.
Those of ordinary skill in the art will appreciate that the various illustrative components, systems, and methods described in connection with the embodiments disclosed herein may be implemented as hardware, software, or combinations of both. Whether this is done in hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, plug-in, function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments can be stored in a machine-readable medium or transmitted by a data signal carried in a carrier wave over a transmission medium or a communication link.
It is to be understood that the invention is not limited to the specific arrangements and instrumentality described above and shown in the drawings. A detailed description of known methods is omitted herein for the sake of brevity. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications and additions or change the order between the steps after comprehending the spirit of the present invention.
Features that are described and/or illustrated with respect to one embodiment may be used in the same way or in a similar way in one or more other embodiments and/or in combination with or instead of the features of the other embodiments in the present invention.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made to the embodiment of the present invention by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. A data transaction method based on a block chain is characterized by comprising the following steps:
generating an initial key based on symmetric encryption by a data provider, and generating a round key according to the initial key by adopting a preset key expansion algorithm;
encrypting, by the data provider, private data using the round key to obtain a first ciphertext;
the data provider encodes and modulates the initial key according to a preset hidden transmission rule to obtain hidden information;
obtaining a first public key and a corresponding first private key by a verification node in a block chain network according to system parameters, disclosing the first public key, and locally storing the first private key;
generating, by the data provider, a restricted decryption time of the private data, encrypting the hidden information and the restricted decryption time with the first public key to obtain a second ciphertext, and encrypting the first ciphertext with the first public key to obtain the third ciphertext;
applying for registration and obtaining a first digital certificate and a first signature private key from the set certificate authority by the data provider, and applying for registration and obtaining a second digital certificate and a second signature private key from the set certificate authority by the data receiver;
uploading, by the data provider, the second ciphertext and the third ciphertext to the blockchain network in combination with the first digital certificate and the first signature private key, authenticating, by a billing node of the blockchain network, the first digital certificate and the first signature private key, and chain-storing, after the authentication is passed, the second ciphertext and the third ciphertext;
sending, by the data receiver, a data request to a verification node of the blockchain network in conjunction with the second digital certificate and the second private signature key;
the verification node of the block chain network authenticates the second digital certificate and the second signature private key, after the authentication is passed, the second ciphertext and the third ciphertext stored in the chain are inquired, the second ciphertext and the third ciphertext are decrypted through the first private key, and the hidden information, the limited decryption time and the first ciphertext are recovered;
checking whether the current time is overtime or not by a verification node of the block chain network according to the limited decryption time, and sending the recovered hidden information and the first ciphertext to the data receiver under the condition that the current time is not overtime;
and the data receiver demodulates and decodes the recovered hidden information according to the preset hidden transmission rule to recover the initial key, the round key is regenerated according to the recovered initial key by adopting the preset key expansion algorithm, and the first ciphertext recovered by utilizing the regenerated round key is decrypted to obtain the private data.
2. The blockchain-based data transaction method of claim 1, wherein generating an initial key based on symmetric encryption by a data provider, and before generating a round key from the initial key using a pre-key expansion algorithm, further comprises:
covert transmission rules are determined and initialized by the data provider and the data receiver in concert, and coding tables and modulation symbol tables for covert transmission are determined.
3. The blockchain-based data transaction method according to claim 1, wherein in the pre-key expansion algorithm, the initial key expression is as follows:
Figure 706555DEST_PATH_IMAGE002
the system parameter expression is:
Figure 420433DEST_PATH_IMAGE004
the fixed parameter expression is:
Figure 747640DEST_PATH_IMAGE006
the round key calculation formula is as follows:
Figure 939587DEST_PATH_IMAGE008
Figure 550697DEST_PATH_IMAGE010
wherein the transformation is reversible
Figure 941137DEST_PATH_IMAGE012
Wherein
Figure 4908DEST_PATH_IMAGE014
Is a non-linear transformation of the image,
Figure 16858DEST_PATH_IMAGE016
is a linear transformation.
4. The blockchain-based data transaction method of claim 1, wherein a verification node in the blockchain network obtains a first public key and a corresponding first private key according to system parameters, and the first public key and the first private key are obtained by using an SM2 elliptic curve public key cryptography algorithm.
5. The blockchain-based data transaction method of claim 1, wherein generating an initial key based on symmetric encryption by a data provider, and before generating a round key from the initial key using a pre-key expansion algorithm, further comprises:
and the data provider distinguishes whether the data to be transmitted is common data or private data, and if the data to be transmitted is the common data, the data to be transmitted is directly sent to the block chain network for uplink storage.
6. The blockchain-based data transaction method according to claim 1, wherein the decryption limiting time is preset according to a service type of the private data, and the decryption limiting time may be directly marked with a timestamp or may be restricted by setting a decryption deadline in combination with a timestamp of the private data uploaded by the data provider.
7. The blockchain-based data transaction method of claim 1, wherein an accounting node of the blockchain network authenticates the first digital certificate and the first private signature key, and after the authentication is passed and the second ciphertext and the third ciphertext are uplink stored, the method further comprising:
and calculating a hash value of the second ciphertext and the third ciphertext by adopting an SM3 algorithm, and performing uplink storage.
8. The blockchain-based data transaction method of claim 1, wherein the method employs a BCCSP cryptographic module to provide key generation, message signing and verification, hashing algorithms and encryption and decryption.
9. An apparatus for blockchain based data transactions, comprising a processor and a memory, wherein the memory has stored therein computer instructions for executing the computer instructions stored in the memory, wherein the apparatus realizes the steps of the method according to any one of claims 1 to 8 when the computer instructions are executed by the processor.
10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 8.
CN202211544709.9A 2022-11-21 2022-11-21 Data transaction method and device based on block chain Active CN115567326B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211544709.9A CN115567326B (en) 2022-11-21 2022-11-21 Data transaction method and device based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211544709.9A CN115567326B (en) 2022-11-21 2022-11-21 Data transaction method and device based on block chain

Publications (2)

Publication Number Publication Date
CN115567326A true CN115567326A (en) 2023-01-03
CN115567326B CN115567326B (en) 2023-03-14

Family

ID=84770265

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211544709.9A Active CN115567326B (en) 2022-11-21 2022-11-21 Data transaction method and device based on block chain

Country Status (1)

Country Link
CN (1) CN115567326B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116112293A (en) * 2023-04-12 2023-05-12 中国信息通信研究院 Block chain-based data trusted transaction method and device, equipment and medium
CN116471053A (en) * 2023-03-24 2023-07-21 河北新冀网络传媒有限公司 Data security encryption transmission method and system based on block chain
CN116846539A (en) * 2023-09-01 2023-10-03 奇点数联(北京)科技有限公司 Data acquisition method, electronic device and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112989415A (en) * 2021-03-23 2021-06-18 广东工业大学 Private data storage and access control method and system based on block chain
US20210297272A1 (en) * 2020-03-19 2021-09-23 Jinan University Method and system for maintaining privacy and traceability of blockchain-based system
CN114615095A (en) * 2022-05-12 2022-06-10 北京邮电大学 Block chain cross-chain data processing method, relay chain, application chain and cross-chain network
CN115242555A (en) * 2022-09-21 2022-10-25 北京邮电大学 Supervisable cross-chain private data sharing method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20210297272A1 (en) * 2020-03-19 2021-09-23 Jinan University Method and system for maintaining privacy and traceability of blockchain-based system
CN112989415A (en) * 2021-03-23 2021-06-18 广东工业大学 Private data storage and access control method and system based on block chain
CN114615095A (en) * 2022-05-12 2022-06-10 北京邮电大学 Block chain cross-chain data processing method, relay chain, application chain and cross-chain network
CN115242555A (en) * 2022-09-21 2022-10-25 北京邮电大学 Supervisable cross-chain private data sharing method and device

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
刘嘉微 等: "基于区块链的隐私信用数据受限共享技术研究" *
刘嘉微 等: "基于区块链的隐私信用数据受限共享技术研究", 《信息网络安全》 *
彭俊霞 等: "区块链应用中AES和RSA混合加密算法分析" *
彭俊霞 等: "区块链应用中AES和RSA混合加密算法分析", 《电子技术与软件工程》 *

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116471053A (en) * 2023-03-24 2023-07-21 河北新冀网络传媒有限公司 Data security encryption transmission method and system based on block chain
CN116471053B (en) * 2023-03-24 2023-10-20 河北新冀网络传媒有限公司 Data security encryption transmission method and system based on block chain
CN116112293A (en) * 2023-04-12 2023-05-12 中国信息通信研究院 Block chain-based data trusted transaction method and device, equipment and medium
CN116112293B (en) * 2023-04-12 2023-06-23 中国信息通信研究院 Block chain-based data trusted transaction method and device, equipment and medium
CN116846539A (en) * 2023-09-01 2023-10-03 奇点数联(北京)科技有限公司 Data acquisition method, electronic device and storage medium
CN116846539B (en) * 2023-09-01 2023-11-10 奇点数联(北京)科技有限公司 Data acquisition method, electronic device and storage medium

Also Published As

Publication number Publication date
CN115567326B (en) 2023-03-14

Similar Documents

Publication Publication Date Title
CN113014392B (en) Block chain-based digital certificate management method, system, equipment and storage medium
CN108352015B (en) Secure multi-party loss-resistant storage and encryption key transfer for blockchain based systems in conjunction with wallet management systems
CN106961336B (en) A kind of key components trustship method and system based on SM2 algorithm
CN115567326B (en) Data transaction method and device based on block chain
CN108199835B (en) Multi-party combined private key decryption method
US7937584B2 (en) Method and system for key certification
US7634085B1 (en) Identity-based-encryption system with partial attribute matching
JP2005515701A6 (en) Data transmission link
CN111884805A (en) Data hosting method and system based on block chain and distributed identity
JP2005515701A (en) Data transmission link
CN101931536B (en) Method for encrypting and authenticating efficient data without authentication center
CN110932850B (en) Communication encryption method and system
CN112766962A (en) Method for receiving and sending certificate, transaction system, storage medium and electronic device
Benantar The Internet public key infrastructure
CN112104453A (en) Anti-quantum computation digital signature system and signature method based on digital certificate
CN110519040B (en) Anti-quantum computation digital signature method and system based on identity
CN115396096A (en) Encryption and decryption method and protection system for secret file based on national cryptographic algorithm
Ray et al. Design of mobile-PKI for using mobile phones in various applications
JP2010113181A (en) Key management method, key generation method, encryption processing method, decryption processing method, access control method, communication network system
KR101042834B1 (en) A Self-Certified Signcryption Method for Mobile Communications
CN109088732A (en) A kind of CA certificate implementation method based on mobile terminal
JPH06112935A (en) Ciphering communication method
Ullah et al. An investigating study of blind and ID-based signcryption schemes for misuse risk protection and high performance computing
Li et al. A cloud based dual-root trust model for secure mobile online transactions
NL1044483B1 (en) Method for electronic signing with multiple signing keys allowing proof of using same possession factor

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant