CN116015675A - Industrial Internet encryption data exchange method and system based on block chain - Google Patents

Industrial Internet encryption data exchange method and system based on block chain Download PDF

Info

Publication number
CN116015675A
CN116015675A CN202211629968.1A CN202211629968A CN116015675A CN 116015675 A CN116015675 A CN 116015675A CN 202211629968 A CN202211629968 A CN 202211629968A CN 116015675 A CN116015675 A CN 116015675A
Authority
CN
China
Prior art keywords
data
ciphertext
industrial internet
blockchain
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211629968.1A
Other languages
Chinese (zh)
Inventor
霍如
高宁捷
黄韬
魏亮
汪硕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Upeed Network Technology Co ltd
Original Assignee
Nanjing Upeed Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Upeed Network Technology Co ltd filed Critical Nanjing Upeed Network Technology Co ltd
Priority to CN202211629968.1A priority Critical patent/CN116015675A/en
Publication of CN116015675A publication Critical patent/CN116015675A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/30Computing systems specially adapted for manufacturing

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to an industrial Internet encryption data exchange method and system based on a blockchain and an intelligent contract, and belongs to the technical field of industrial Internet data security. The system architecture is divided into three layers, a blockchain and an intelligent contract are used as an on-chain communication layer, a cloud server is used as an under-chain communication layer, an industrial Internet user is used as a physical layer, identity authentication, access control, encrypted data exchange, data integrity verification and operation traceability among users are realized through the blockchain and the intelligent contract, the under-chain data is stored and transmitted through the cloud server, and the physical layer is a node such as various sensors and servers in an industrial Internet network. Finally, the system meets the security requirement, privacy requirement and use requirement of the encrypted data exchange of the industrial Internet system.

Description

Industrial Internet encryption data exchange method and system based on block chain
Technical Field
The invention relates to the technical field of industrial Internet data security, in particular to an industrial Internet encryption data exchange method and system based on a blockchain.
Background
Automatic data exchange of the industrial internet presents a number of security issues such as data integrity, data privacy, access control, etc.
The blockchain is a distributed tamper-proof data ledger, and trusted transmission and circulation of data interaction can be realized without an authority mechanism. In recent years, the blockchain technology is an emerging technology, and the application of the blockchain technology has been expanded to various fields of financial industry, internet of things, medical care, supply chain management, mobile edge computing, digital asset transaction, property right protection and the like.
The smart contract technology is one of the great inventions of blockchains, and can help users to exchange data automatically. Intelligent contracts are similar to real world contracts, but they are digital, small computer programs stored on a blockchain. With the aid of blockchain technology, smart contracts can enforce or automatically execute contract terms. The application of blockchains with smart contracts eliminates the need for a central management authority of the system. A smart contract is an automatically executable code that executes when certain predefined conditions are met, with agreement terms being translated into lines of automatically executable code to automatically execute contract terms between untrusted parties.
The currently commonly used internet blockchain encryption data exchange mechanism comprises a dynamic data tracing method based on a alliance chain and a homomorphic encryption method based on a blockchain intelligent contract. However, the two data exchange methods are not completely suitable for industrial internet scenes, and have the defects that: 1. the existing data security scheme focuses on the security protection of the data on the chain, and the security protection of the off-chain data is not performed sufficiently; 2. existing intelligent contract technologies can automatically force data exchange in a blockchain, but cannot guarantee the privacy of the data. The data recorded by the blockchain network is public and transparent, and some data which needs to be calculated in a privacy environment is difficult to upload to the blockchain network. An intelligent contract is a group of automatically executable computer codes, and the running and processing results of the intelligent contract are completely public and transparent and cannot meet the privacy of data exchange between users. In summary, the security of the existing blockchain data security exchange protection scheme is difficult to meet the use requirement of the industrial internet system.
Disclosure of Invention
The invention solves the problem of data security exchange in industrial Internet by using a blockchain and intelligent contract technology, and aims to provide an industrial Internet encryption data exchange method and system based on the blockchain, which further ensure the privacy, the integrity and the access control of the blockchain network data exchange so as to realize the encryption data exchange of the industrial Internet.
In order to achieve the purpose of the invention, the technical solution is as follows:
the industrial Internet encryption data exchange method based on the block chain comprises the following steps:
s01, encrypting a plaintext by a key by a data provider to obtain a first ciphertext, selecting a random number, a keyword of the plaintext and the key to perform hash operation together to obtain an index, encrypting the index and the first ciphertext together by using a symmetric encryption key to obtain a first file number, and uploading the first file number and the first ciphertext to a cloud server;
s02, the data provider obtains a first result through hash operation on the first file number and the first ciphertext, and stores the first file number and the first result in a vector manner to form a second ciphertext; writing the second ciphertext, the index and the set authority judgment range into the intelligent contract, and uploading the second ciphertext, the index and the set authority judgment range to a blockchain network;
s03, the data requesting party calculates and generates trapdoors according to the keywords of the plaintext to be acquired, writes the identity of the data requesting party, the trapdoors and the receiving address into an intelligent contract, and uploads the intelligent contract to the blockchain network;
s04, verifying the identity of the data requesting party by the blockchain network according to the authority judging range in the intelligent contract; after verification is passed, a second ciphertext and an index corresponding to the intelligent contract are obtained, and a key is obtained through calculation according to the trapdoor and the index; obtaining a first file number through the second ciphertext, and sending the receiving address and the first file number to a cloud server to request the ciphertext;
s05, after the cloud server receives the request, finding out a corresponding ciphertext according to the first file number, and transmitting the ciphertext and the file number corresponding to the ciphertext in the cloud server to a data requester according to the receiving address;
s06, the block chain network transmits the secret key and the second ciphertext to the data requesting party according to the receiving address;
s07, the data requesting party invokes a first file number through a second ciphertext, judges whether the first file number is the same as the file number issued by the cloud server in S05, and if so, enters S08;
s08, the data requesting party carries out hash operation on the first file number and the ciphertext issued by the cloud server in S05 to obtain a second result; and comparing the second result with the first result, and if the second result is the same as the first result, decrypting the ciphertext issued by the cloud server in S05 by using the secret key issued by the block chain network in S06 to obtain the plaintext which the data requester wants to acquire.
Further, the identity of the data requesting party U a The acquisition flow of (a) is as follows:
s01, a data request initiates a data access right registration request to a data provider;
s02, the data provider returns the authority judging range R when registering the intelligent contract to the data requester.
S03, the data requesting party operates peterson promise according to the authority set R to obtain an identity mark U a
Correspondingly, the invention also provides an industrial Internet encryption data exchange system applying the blockchain, which comprises a blockchain network of a communication layer on a chain, a cloud server of a communication layer below the chain and an industrial Internet user of a physical layer, wherein:
the industrial internet user comprises a data requesting party and a data provider, wherein the data provider is used for uploading encrypted data to the cloud server and writing the encrypted data into an intelligent contract to be uploaded to the blockchain network; the data request party is used for requesting the data request party for obtaining the encrypted data through the intelligent contract, carrying out consistency verification, and decrypting the obtained encrypted data after the consistency verification is passed to obtain plaintext data;
the block chain network is used for carrying out on-chain interaction through intelligent contracts so as to realize identity authentication, access control, encrypted data exchange, data integrity verification and operation tracing of a data requester and a data provider;
and the cloud server is used for storing and distributing the encrypted data.
Compared with the prior art, the invention has the remarkable advantages that:
1. the industrial Internet encryption data exchange method and system provided by the invention reduce the running cost and burden of the blockchain system, all data are encrypted and then uploaded to the cloud service platform for storage and distribution, and the blockchain and intelligent contract only takes charge of the functions of user registration, access control, encryption data exchange, key calculation and data distribution;
2. the data acquisition party verifies the integrity of the data offline, and ensures the consistency and the integrity of the downloaded data;
3. the data owner ensures that the potential acquirer range of the uploaded data is controllable through setting the data authority range;
4. the data acquirer can ensure the privacy of data when submitting the data acquirer to the blockchain and the intelligent contract platform through encryption processing of the data keywords; if the data acquisition party wants to acquire data, besides the identity mark, the trapdoor formed by the keyword must be completely consistent with the setting of the data provider, so that the data provider and the data acquisition party need to have more viscosity and communication offline to a certain extent, and the safety of the data on the chain is ensured.
Drawings
Fig. 1 is a schematic diagram of an encrypted data exchange system according to the present invention.
Fig. 2 is a schematic diagram of data upload according to the present invention.
FIG. 3 is a schematic diagram of data acquisition of the present invention.
Fig. 4 is a schematic diagram of data rights registration of the present invention.
Detailed Description
Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
The invention solves the problem of data security exchange in the industrial Internet based on the utilization of the blockchain and intelligent contract technology. The method is particularly suitable for large intelligent equipment manufacturers and equipment purchasing actual users in the industrial Internet, and data exchange and acquisition are carried out; or government generated government affair data, and the exchange of the data among the departments is acquired.
As shown in fig. 1, the blockchain-based industrial internet encryption data exchange system comprises a blockchain network of a link-up communication layer, a cloud server of a link-down communication layer, and an industrial internet user of a physical layer, wherein:
the industrial internet user comprises a data requesting party and a data provider, wherein the data provider is used for uploading encrypted data to the cloud server and writing the encrypted data into an intelligent contract to be uploaded to the blockchain network; the data request party is used for requesting the data request party for obtaining the encrypted data through the intelligent contract, carrying out consistency verification, and decrypting the obtained encrypted data after the consistency verification is passed to obtain plaintext data;
the block chain network is used for carrying out on-chain interaction through intelligent contracts so as to realize identity authentication, access control, encrypted data exchange, data integrity verification and operation tracing of a data requester and a data provider;
and the cloud server is used for storing and distributing the encrypted data.
As shown in fig. 2 and 3, the blockchain-based industrial internet encryption data exchange method comprises the following steps:
s01, the data provider encrypts plaintext m by a symmetric encryption key k to obtain ciphertext C m Selecting a random number r, a keyword w of a plaintext and a key k to perform hash operation together to obtain an index I, and comparing the index I with the index C m Encryption is carried out by using the key k together to obtain a fileNumber N, the file number N and ciphertext C m Uploading to a cloud server;
in this step, the symmetric encryption algorithm used for transforming the plaintext into the ciphertext is a common encryption algorithm, and various specific implementation manners are available, including DES, 3DES (TripleDES), AES, etc., and the use of the specific encryption algorithm does not affect the result of the present invention.
The hash operation used can be MD2, MD4, MD5 or SHA-1, and the specific algorithm does not influence the result, and all the hash algorithms in the method are regarded as the same.
The encryption algorithm adopted in the invention is bilinear mapping: assume group G and group G T Is a cyclic group with order prime number p, G is the generator of group G, and bilinear mapping exists
Figure BDA0004005338830000051
G×G→G T And satisfies bilinear, non-degenerate, computability.
The index I is specifically calculated as follows: selecting a random number lambda, generating public parameters from lambda
Figure BDA0004005338830000052
Including the cyclic group G, G T The method comprises the steps of carrying out a first treatment on the surface of the G is the generator of group G, G 1 Is an element of group G; hash operation h, random parameter a; g 2 =g a And bilinear map->
Figure BDA0004005338830000053
G×G→G T
The index I is calculated as follows:
Figure BDA0004005338830000054
where H (w) represents hashing the key w.
S02, the data provider compares N with ciphertext C m Obtaining a result H through hash operation, and storing N and H together in a vector manner to form a ciphertext C T C, i.e T =(N,H);And then C is carried out T Writing the index I and the authority judging range R into an intelligent contract code, and uploading the intelligent contract code to a blockchain network;
in this step, R is a real set provided by the data provider, which is set by itself.
S03, the data requesting party obtains the plaintext keyword W according to the wanted plaintext keyword i Calculating to obtain trapdoor T wi And identify the identity of the user U a Trapdoor T wi And receiving an address upload to the blockchain network;
in this step, the keyword w input by the data requester i Calculating to obtain trapdoor T wi
Figure BDA0004005338830000055
Wherein t is a random number.
S04, the blockchain network judges the range R according to the authority in the intelligent contract, and the identity mark U of the data requesting party is obtained a Verifying; after passing the verification, obtaining the corresponding ciphertext C in the intelligent contract T And index I according to trapdoor T wi Calculating with the index I to obtain a key k; by ciphertext C in a smart contract T Obtaining a file number N, and sending a receiving address and the file number N to a cloud server to request ciphertext;
in this step, according to trapdoor T wi The key k is calculated with the index I, and the specific process is as follows:
Figure BDA0004005338830000061
Figure BDA0004005338830000062
if w=w i Then:
Figure BDA0004005338830000063
s05, the cloud server receives the requestThen, finding out the corresponding ciphertext C according to the file number N m And ciphertext C according to the received address m And the file number N is issued to a data requesting party;
s06, the block chain network stores the secret key k and the ciphertext C according to the received address T Issuing to a data requesting party;
s07, data requester invokes C T N of (a) T And H T Judgment of N T Judging whether the N is the same as the N issued by the cloud server, if so, entering S08;
s08, the data requesting party uses the file numbers N and C m Hash operation is carried out to obtain H 1 Comparison of H 1 And H is T If the same, the cipher text C is paired by using the key k issued by the blockchain network m And (5) decrypting to obtain a plaintext m.
As shown in fig. 4, the identity of the data requester U a The acquisition flow of (a) is as follows:
s01, a data request initiates a data access right registration request to a data provider;
s02, the data provider returns the authority judging range R when registering the intelligent contract to the data requester.
S03, the data requesting party operates peterson promise according to the authority set R to obtain an identity mark U a
Aiming at solving the problem that the existing data encryption exchange mechanism can not well meet the requirements of safety, privacy and use under the application scene of the industrial Internet, the invention provides an industrial Internet encryption data exchange method and system based on a blockchain and intelligent contract, wherein the blockchain network is used as a trusted third party to realize the works of safety, encryption exchange, access control and the like of industrial data under the application based on the intelligent contract. Specifically, the blockchain network application intelligent contract is adopted as a bottom layer system, and an access control scheme of an encryption data exchange system architecture and a user is provided on the basis of the intelligent contract, wherein the access control scheme comprises an encryption data exchange flow, authority definition, user identity registration and authentication flow.
The industrial Internet encryption data exchange system reduces the running cost and burden of a blockchain system, all data are encrypted and then uploaded to a cloud service platform for storage and distribution, and the blockchain and intelligent contracts are only responsible for user registration, access control, encryption data exchange, key calculation and data distribution functions; the data acquisition party verifies the integrity of the data offline, and ensures the consistency and the integrity of the downloaded data; the data owner ensures that the potential acquirer range of the uploaded data is controllable through setting the data authority range; the data acquirer can ensure the privacy of data when submitting the data to the blockchain and intelligent contract platform through the encryption processing of the data keywords.

Claims (9)

1. The industrial Internet encryption data exchange method based on the block chain is characterized by comprising the following steps of:
s01, encrypting a plaintext by a key by a data provider to obtain a first ciphertext, selecting a random number, a keyword of the plaintext and the key to perform hash operation together to obtain an index, encrypting the index and the first ciphertext together by using a symmetric encryption key to obtain a first file number, and uploading the first file number and the first ciphertext to a cloud server;
s02, the data provider obtains a first result through hash operation on the first file number and the first ciphertext, and stores the first file number and the first result in a vector manner to form a second ciphertext; writing the second ciphertext, the index and the set authority judgment range into the intelligent contract, and uploading the second ciphertext, the index and the set authority judgment range to a blockchain network;
s03, the data requesting party calculates and generates trapdoors according to the keywords of the plaintext to be acquired, writes the identity of the data requesting party, the trapdoors and the receiving address into an intelligent contract, and uploads the intelligent contract to the blockchain network;
s04, verifying the identity of the data requesting party by the blockchain network according to the authority judging range in the intelligent contract; after verification is passed, a corresponding second ciphertext and index in the intelligent contract are obtained, and a key is obtained through calculation according to the trapdoor and the index; obtaining a first file number through the second ciphertext, and sending the receiving address and the first file number to a cloud server to request the ciphertext;
s05, after the cloud server receives the request, finding out a corresponding ciphertext according to the first file number, and transmitting the ciphertext and the file number corresponding to the ciphertext in the cloud server to a data requester according to the receiving address;
s06, the block chain network transmits the secret key and the second ciphertext to the data requesting party according to the receiving address;
s07, the data requesting party invokes a first file number through a second ciphertext, judges whether the first file number is the same as the file number issued by the cloud server in S05, and if so, enters S08;
s08, the data requesting party carries out hash operation on the first file number and the ciphertext issued by the cloud server in S05 to obtain a second result; and comparing the second result with the first result, and if the second result is the same as the first result, decrypting the ciphertext issued by the cloud server in S05 by using the secret key issued by the block chain network in S06 to obtain the plaintext which the data requester wants to acquire.
2. The blockchain-based industrial internet encryption data exchange method of claim 1, wherein the key is a symmetric key in step S01.
3. The blockchain-based industrial internet encryption data exchange method according to claim 2, wherein in step S01, a random number λ is selected, and a public parameter p= { g, g is generated from λ 1 ,g 2 A, G, E, h }, including cyclic group G, G T The method comprises the steps of carrying out a first treatment on the surface of the G is the generator of group G, G 1 Is an element of group G; hash operation h, random parameter a; g 2 =g a
Bilinear mapping
Figure FDA0004005338820000026
The index I is calculated as follows:
Figure FDA0004005338820000027
wherein; i is an index; k is a key; r is a random number; w is a keyword; h (w) is a hash operation performed on the key w.
4. The method for industrial internet encryption data exchange based on blockchain and smart contract technology according to claim 1, wherein in step S02, the set authority determination range is a set of real numbers provided for the data provider.
5. The blockchain-based industrial internet encryption data exchange method according to claim 3, wherein in step S03, the data requester is based on the key w of the plaintext to be obtained i The trapdoor is calculated and generated, and the specific formula is as follows:
Figure FDA0004005338820000021
wherein->
Figure FDA0004005338820000022
Is a trapdoor; t is a random number.
6. The blockchain-based industrial internet encryption data exchange method of claim 5, wherein in step S04, the smart contract calculates a key when the key set by the data requester is the same as the key selected by the data provider.
7. The blockchain-based industrial internet encryption data exchange method of claim 6, wherein in step S04, the specific calculation method of the key is as follows:
Figure FDA0004005338820000023
H(w) r )=(I 1 ,I 2 ,I 3 ),
Figure FDA0004005338820000024
y=g t
if w=w i Then:
Figure FDA0004005338820000025
8. the blockchain-based industrial internet encryption data exchange method of claim 1, wherein the acquisition flow of the identity of the data requester is as follows:
s01, a data request initiates a data access right registration request to a data provider;
and S02, the data provider returns the authority judging range when registering the intelligent contract to the data requester.
S03, the data requesting party operates peterson promise according to the authority set to obtain the identity.
9. A blockchain-based industrial internet encrypted data exchange system, which exchanges encrypted data based on the method according to any of claims 1 to 8, characterized in that the system comprises a blockchain network of an on-chain communication layer, a cloud server of an off-chain communication layer, an industrial internet user of a physical layer, wherein:
the industrial internet user comprises a data requesting party and a data provider, wherein the data provider is used for uploading encrypted data to the cloud server and writing the encrypted data into an intelligent contract to be uploaded to the blockchain network; the data request party is used for requesting the data request party for obtaining the encrypted data through the intelligent contract, carrying out consistency verification, and decrypting the obtained encrypted data after the consistency verification is passed to obtain plaintext data;
the block chain network is used for carrying out on-chain interaction through intelligent contracts so as to realize identity authentication, access control, encrypted data exchange, data integrity verification and operation tracing of a data requester and a data provider;
and the cloud server is used for storing and distributing the encrypted data.
CN202211629968.1A 2022-12-19 2022-12-19 Industrial Internet encryption data exchange method and system based on block chain Pending CN116015675A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211629968.1A CN116015675A (en) 2022-12-19 2022-12-19 Industrial Internet encryption data exchange method and system based on block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211629968.1A CN116015675A (en) 2022-12-19 2022-12-19 Industrial Internet encryption data exchange method and system based on block chain

Publications (1)

Publication Number Publication Date
CN116015675A true CN116015675A (en) 2023-04-25

Family

ID=86022290

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211629968.1A Pending CN116015675A (en) 2022-12-19 2022-12-19 Industrial Internet encryption data exchange method and system based on block chain

Country Status (1)

Country Link
CN (1) CN116015675A (en)

Similar Documents

Publication Publication Date Title
Guo et al. Blockchain meets edge computing: A distributed and trusted authentication system
US10708070B2 (en) System and method for utilizing connected devices to enable secure and anonymous electronic interaction in a decentralized manner
CN114172735A (en) Double-chain mixed block chain data sharing method and system based on intelligent contract
CN113836222B (en) Access control method of concealable strategy and attribute based on block chain
CN114329529A (en) Asset data management method and system based on block chain
CN112487443A (en) Energy data fine-grained access control method based on block chain
CN112685790B (en) Block chain data security and privacy protection method
WO2022089237A1 (en) Blockchain-based value verification method and apparatus, computer device and medium
CN112861157A (en) Data sharing method based on decentralized identity and proxy re-encryption
CN105721146B (en) A kind of big data sharing method towards cloud storage based on SMC
CN108632385A (en) Multiway tree data directory structure cloud storage method for secret protection based on time series
CN115811406A (en) Internet of things block chain authentication method and system based on ring signature consensus mechanism
CN111566647A (en) Identity recognition system based on block chain
Guo et al. Using blockchain to control access to cloud data
Ahmed et al. Toward fine‐grained access control and privacy protection for video sharing in media convergence environment
CN115883214A (en) Electronic medical data sharing system and method based on alliance chain and CP-ABE
Sharma et al. Blockchain-based distributed application for multimedia system using Hyperledger Fabric
CN115913513B (en) Distributed trusted data transaction method, system and device supporting privacy protection
CN116383874A (en) Traceable privacy information retrieval method based on blockchain
CN113239376B (en) Data sharing method, request method and device based on block chain
Cai et al. Vizard: A metadata-hiding data analytic system with end-to-end policy controls
CN115250205A (en) Data sharing method and system based on alliance chain, electronic device and storage medium
CN116015675A (en) Industrial Internet encryption data exchange method and system based on block chain
CN113656829A (en) Medical data security sharing method based on lattice code and alliance chain
CN115834067A (en) Ciphertext data sharing method in edge cloud collaborative scene

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination