CN116127429A - Data right determining method based on symbol mapping coding and block chain - Google Patents

Data right determining method based on symbol mapping coding and block chain Download PDF

Info

Publication number
CN116127429A
CN116127429A CN202211591493.1A CN202211591493A CN116127429A CN 116127429 A CN116127429 A CN 116127429A CN 202211591493 A CN202211591493 A CN 202211591493A CN 116127429 A CN116127429 A CN 116127429A
Authority
CN
China
Prior art keywords
data
symbol mapping
symbol
fingerprint
mapping table
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211591493.1A
Other languages
Chinese (zh)
Inventor
王亮
左丽娜
黄顺久
周文颖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hebei University
Original Assignee
Hebei University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hebei University filed Critical Hebei University
Priority to CN202211591493.1A priority Critical patent/CN116127429A/en
Publication of CN116127429A publication Critical patent/CN116127429A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Abstract

The invention provides a data right determining method based on symbol mapping coding and block chain. The invention uses symbol mapping coding to directly map the user fingerprint information into the data object, thereby achieving the effects of independence of data content and strong access control. Meanwhile, the data can be authorized by identifying the related fingerprints, so that the effects of resisting repudiation and piracy are realized; in addition, the invention replaces the endorsement effect of the trusted third party in the data sharing process by using the blockchain, so that the data sharing process is not tampered, thereby being more convenient for trusted tracing. The invention realizes trusted access control and traitor tracing, so that the data sharing system has stronger anti-repudiation and anti-piracy capabilities.

Description

Data right determining method based on symbol mapping coding and block chain
Technical Field
The invention relates to the field of data sharing and data right confirmation, in particular to a data right confirmation method based on symbol mapping coding and block chain.
Background
Existing data validation schemes can be divided into three groups: trusted Third Party (TTP) based methods, blockchain based methods, and other methods.
(1) Data right-determining method based on trusted third party
TTP-based schemes typically use third parties to oversee communications between data sharing participants and provide evidence of data validation. TTP in these schemes plays a role of prover and evidence verifier. Once a dispute occurs, the TTP will provide arbitration evidence. The problem is that so-called TTP may not be as trusted. Coffey et al propose a TTP-based solution to the general non-repudiation problem. In this scenario, third parties are left unreserved to rely on, which may increase the likelihood of collusion attacks. To address this problem, zhu et al propose a collusion attack data sharing scheme based on an asymmetric cryptosystem and the Delov-Yao model. However, this model is not resistant to man-in-the-middle attacks and data manipulation attacks because the server does not verify user registration. Furthermore, single point failure is also a non-negligible problem under a centralized architecture. TTP-based methods therefore do not meet the requirements for data validation, which has the disadvantage that the data is easily tampered with and not completely trusted by third parties.
(2) Data right determining method based on block chain
Blockchains have been introduced as an infrastructure for data sharing to provide undisputed evidence for validating data rights. The excellent functionality of blockchains is often used to implement traceability of data sources and their shared histories. Some studies combine blockchains with digital watermarks to improve the security of copyright protection and data source tracking. Typically, wang et al propose a combined model that first uses a data-holding attestation method to audit data integrity and then uses a digital watermarking scheme to confirm the source of the shared data. However, this combination is still insufficient to combat data piracy, as access control is not emphasized much.
The combination of blockchains with encryption systems helps improve access control in data sharing, but is generally inefficient in the face of large amounts of data. Wang et al propose a big data sharing scheme using smart contracts to enforce access rules. However, encrypting and decrypting large amounts of data takes a significant amount of time, resulting in inefficiency.
(3) Other methods
Zero Knowledge Proof (ZKP) and non-replaceable tokens (NFT) inspired researchers to develop some distinctive data validation methods. Some new studies build ZKP models to prove ownership or usage rights of assets to third parties. Other studies have mainly generated unique digital certificates (e.g., NFTs) to declare ownership of specific data assets and enable secure data sharing by selling these NFTs. However, the above-described techniques have some intolerable drawbacks in terms of data validation for data sharing. For example, ZKP construction often results in inefficiency and poor scalability, and NFT has so far remained a technically immature concept.
Aiming at serious data repudiation and piracy in the data sharing process, the existing data watermarking method is not only limited by data content, but also is easy to forge due to lack of supervision; in addition, the method based on the trusted third party can cause problems of data security and the like due to the non-trusted third party. Therefore, in this context, it is particularly important and necessary to invent an efficient data validation method.
Disclosure of Invention
The invention aims to provide a data right-determining method based on symbol mapping coding and blockchain, which can effectively determine the right of data and realize trusted access control and traitor tracing.
The invention is realized in the following way: a data validation method based on symbol mapping coding and blockchain, comprising the steps of:
a. data owner uses SMC technology to print F D Private key hash h (SK D ) Mapping with raw data d into symbol mapping table SMT D Then use symbol mapping table SMT D Encoding raw data to obtain data of associated fingerprints
Figure BDA0003994650760000021
The data owner then prints the fingerprint F D Closing deviceData hash of a joint fingerprint>
Figure BDA0003994650760000022
Data description DDes and public part hash +_ of symbol mapping table>
Figure BDA0003994650760000023
Together distributed to the blockchain to provide evidence for later data validation;
b. the data owner will associate the data of the fingerprint through the link down channel
Figure BDA0003994650760000024
Transmitting to a data receiver;
c. data receiver retrieval from blockchain
Figure BDA0003994650760000025
And add it to the data acquired from the under-link channel +.>
Figure BDA0003994650760000026
Performing hash comparison;
d. when a data receiver applies for inquiring data from a data owner, the data receiver firstly utilizes own fingerprint F U Private key hash h (SK U ) And received data associated with the data owner fingerprint
Figure BDA0003994650760000027
Together mapped to its own symbol mapping table SMT U And pass through the symbol mapping table SMT U Received data->
Figure BDA0003994650760000028
Encoding to obtain data associated with the own fingerprint +.>
Figure BDA0003994650760000029
Then hash ++of the symbol map public part through the blockchain>
Figure BDA00039946507600000210
And sending a query request q to the data owner;
e. the data receiver uses the link down channel to make the public part of the symbol mapping table in step d
Figure BDA00039946507600000211
Transmitting to a data owner;
f. after the data owner obtains a query request q sent by a data receiver from the blockchain, firstly verifying whether the query request q meets the requirement of data description and access control; if so, the private part of the symbol mapping table generated by the user is combined
Figure BDA00039946507600000212
And query request q generation->
Figure BDA00039946507600000213
Recombined->
Figure BDA00039946507600000214
And +.>
Figure BDA00039946507600000215
F U A data decoder for generating the query data for the data receiver; if not, returning to the blank;
g. the data owner sends the data decoder to the data receiver through the blockchain;
h. the data receiver acquires a data decoder and recovers the applied data through the data decoder, thereby obtaining the applied data;
in step h, after the data receiver receives the data decoder, the data receiver first inputs the data associated with the own fingerprint
Figure BDA0003994650760000031
And private part of own symbol mapping table +.>
Figure BDA0003994650760000032
So that the data decoder verifies whether it has the right to query the data; when the verification is passed, the data decoder returns the data applied by the data receiver, otherwise, the data decoder does not return any data;
i. when the data owner discovers the data in the network, the data owner applies for the right to the arbiter, and the arbiter determines the data right person by identifying the fingerprint in the data.
There are two methods of identifying fingerprints, one is as follows:
firstly, adopting a forward verification method, and counting SMT - Cutting and dividing the characters according to the length of the fingerprint, comparing the divided fields with the fingerprint in sequence, counting the number of times of successful comparison, and judging that the comparison is successful when the number exceeds a certain proportion, and confirming the right of the user.
Secondly, adopting a backward verification method, firstly counting byte sequences in the data, then reversely estimating clear code byte sequences corresponding to fingerprints in the data, and comparing the two byte sequences to further confirm the rights of the two byte sequences.
The backward verification is to supplement the forward verification to prevent inaccurate forward verification results. The right is considered to be confirmed as long as one of the current verification and the backward verification can confirm the right.
In the forward verification method, firstly, judging whether a formula (6) is established; if so, judging whether the number of times of comparison success exceeds epsilon and
Figure BDA0003994650760000033
when the product of the data is exceeded, the data right can be confirmed, and if the product of the data is not exceeded, the right cannot be confirmed; if equation (6) is not true, then the ε value and ++are adjusted by equation (7) and equation (8)>
Figure BDA0003994650760000034
A value until equation (6) holds;
Figure BDA0003994650760000035
Figure BDA0003994650760000036
Figure BDA0003994650760000037
where epsilon is the lower ratio of the test fingerprint redundancy,
Figure BDA0003994650760000038
using the upper mean of the differences for bytes, τ is the upper data storage limit, ρ is the plaintext length, F is the fingerprint, d F For associating data of a fingerprint->
Figure BDA0003994650760000039
Is fingerprint redundancy.
The backward verification method specifically comprises the following steps:
step 1, firstly counting byte sequences of data of related fingerprints;
step 2, equally dividing fingerprints in the data by eta; η is the length of the secret code;
step 3, finding a corresponding clear code sequence from the symbol mapping table according to the divided fingerprints;
step 4, counting the byte sequence of the plain code obtained in the step 3;
step 5, comparing the same byte numbers in the byte sequences in step 1 and step 4 to obtain the proportion of the same byte numbers in the whole byte sequence, when the proportion is lower than the upper limit average value of the byte use difference
Figure BDA0003994650760000041
When the obtained right result is false; otherwise, true;
step 6, judging whether the two byte sequences are in a multiple relation of 1 or-1 or not by comparing the byte sequences in the step 1 and the step 4, and if so, obtaining a data right determination result as true; otherwise, false;
and 7, when the right results of the step 5 and the step 6 are true, indicating that the data is confirmed.
The symbol mapping table maps each symbol into two different types of numerical codes: one is a plain code for encoding a symbol; the other is a secret code used for carrying fingerprint information. The symbol mapping table comprises a symbol set, a clear code set and a secret code set; each symbol corresponds to at least one plain code and at least one secret code; the symbol set and the plain code set form the private part of the symbol mapping table, and the plain code set and the cipher set form the public part of the symbol mapping table. The symbol mapping table is generated as follows:
firstly, determining a plaintext length rho according to a fingerprint F and original data d, wherein the plaintext length rho satisfies the following formula:
Figure BDA0003994650760000042
then determining the symbol length theta, wherein the symbol length theta satisfies the following formula:
Figure BDA0003994650760000043
in the formulas (1) and (2), τ represents the upper limit of data storage, λ represents a parameter affecting the randomness of the symbol length θ, a represents the number corresponding to the first five-bit hexadecimal string in h (SK), and h (SK) is a private key hash;
dividing a byte sequence of the original data d according to the symbol length theta to obtain a symbol set S;
then determining the cipher length eta and obtaining the fingerprint redundancy
Figure BDA0003994650760000044
See formulas (3) and (4) below;
Figure BDA0003994650760000045
Figure BDA0003994650760000046
wherein |S| represents the length of the symbol set, gamma represents the redundancy coefficient, and b represents the number corresponding to the second five-bit hexadecimal string in h (SK);
then will
Figure BDA0003994650760000047
Performing η equal division on the fingerprints to obtain a secret code set of the symbol mapping table;
then, the data randomly generated in the plain code space is used as plain codes, so that each plain code corresponds to one secret code, and an initial symbol mapping table is built;
finally, the redundancy of the symbol mapping table is increased through filling data, and a final symbol mapping table is formed; redundancy χ of the symbol mapping table satisfies the following formula:
χ≤min(|2 -|SMT - ||,c900) (5)
wherein the value of c900 is derived from the third five-bit hexadecimal string in h (SK), which is obtained by adding one to four characters and multiplying the fifth character, and the maximum result is not more than 900.
The existing data right-determining scheme has more problems. Such as data security and single point of failure risk caused by the unauthentic third party; the complex encryption system is oriented to the inefficiency problem of large amount of data; conventional digital watermarking is too dependent on data content and the like. In view of the current lack of effective data validation methods that limit the development of data sharing, the present invention provides a novel and practical data validation method that meets the urgent need for social development. The invention achieves the aim that users can effectively confirm data in the data sharing process by using symbol mapping codes and blockchains, thereby realizing trusted access control and traitor tracing, and thus enabling the data sharing system to have anti-repudiation and anti-piracy capabilities.
The invention is innovative in that the user fingerprint information is directly embedded into the data object by using symbol mapping coding, thereby achieving the effects of independence of data content and strong access control. Meanwhile, the data can be authorized by identifying the embedded fingerprints, so that the effects of resisting repudiation and piracy are realized; in addition, the invention replaces the endorsement effect of the trusted third party in the data sharing process by using the blockchain, so that the data sharing process is not tampered, thereby being more convenient for trusted tracing.
Drawings
Fig. 1 is a schematic block diagram of the present invention.
Fig. 2 is a diagram of a data right determining architecture in the present invention.
Fig. 3 is a schematic view of an access control policy in the present invention.
Fig. 4 is a data structure diagram of an acknowledgement chain in the present invention.
Fig. 5 is a fingerprint identification result of the method of the present invention under five types of attacks.
FIG. 6 is a performance test result of the chain of rights in the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail with reference to the accompanying drawings and examples.
The invention firstly designs a symbol mapping coding technology (SMC), which divides a byte sequence of a data object into symbols, generates a Symbol Mapping Table (SMT), and uses the generated symbol mapping table to recode the data. SMT maps each symbol into two different types of digital codes: one is a plain code for encoding a symbol; the other is a secret code used for carrying fingerprint information.
The generation of the symbol mapping table SMT will be described in detail below.
Firstly, the method needs to represent the original data into a symbol form, in order to ensure that enough symbol coding space (ASCII coding rule) is available to finish the mapping of symbols to data, the clear code space needs to be ensured not to be too small, and in addition, the coding space can not be too large, so that the memory waste is prevented. The length ρ of the plain code is made to satisfy the formula (1) in the present invention. In addition, when representing the original data as a symbol, the corresponding relation between the symbol and the original data, that is, how many bytes of the original data one symbol corresponds to, needs to be considered, and the calculation formula of the symbol length θ is formula (2). The symbol length is obtained according to formula (2), and the symbol set S can be obtained by dividing the byte sequence of the original data.
Figure BDA0003994650760000061
Figure BDA0003994650760000062
Where d represents the original data, F represents the fingerprint of the data correlator, τ represents the upper limit of the data storage, λ represents a parameter affecting the randomness of the symbol length θ, where the values 1024, ρ represent the plaintext lengths, |d| and |f| represent the corresponding lengths, a represents the number corresponding to the first five-bit hexadecimal string in h (SK), h (SK) is a private key hash that forms a pair of keys with the fingerprint F.
Then, through the formula (3), the secret code length eta can be obtained, thereby obtaining the fingerprint redundancy
Figure BDA0003994650760000063
(see formula (4)). Then will->
Figure BDA0003994650760000064
And performing η equal division on the fingerprints to obtain a secret code set H of the symbol mapping table.
Figure BDA0003994650760000065
Figure BDA0003994650760000066
Where |S| represents the length of the symbol set, |F| represents the byte length of the data correlator fingerprint, γ represents the redundancy factor, and b represents the number corresponding to the second five-bit hexadecimal string in h (SK).
And then sequentially taking out data from the symbol set as symbols of the symbol mapping table, taking out data from the password set as passwords of the symbol mapping table, wherein the explicit codes of the symbol mapping table are served by randomly generated data in the explicit code space, and each explicit code corresponds to one password, so that an initial symbol mapping table SMT is built.
Finally, in order to keep θ secret so that the symbol mapping table SMT is more difficult to forge, the method increases redundancy of the symbol mapping table SMT. However, the redundancy of the SMT cannot be increased too much to avoid wasting the storage space, so the method designs the formula (5) to ensure the safety of θ. The specific operation of increasing the redundancy of the symbol mapping table is as follows: randomly generating data from a clear code space, randomly selecting data corresponding to the generated clear codes from a secret code set, and adding the data into an initial symbol mapping table to obtain a symbol mapping table SMT with redundancy finally.
χ≤min(|2 -|SMT - ||,c900) (5)
Where the value of c900 is from the third five-bit hexadecimal string in h (SK), which is obtained by adding one to four characters and multiplying by the fifth character, so that the maximum result does not exceed 900.χ represents redundancy of the symbol mapping table.
In the final symbol mapping table SMT with redundancy, the numbers of plain codes and secret codes are the same and correspond to each other one by one.
Finally, SMT includes a set of symbols, a set of plain codes, and a set of secret codes. And each symbol will correspond to at least one plain code and at least one secret code. Let S denote a symbol set, P denote a plaintext set, H denote a ciphertext set, wherein the symbol set and the plaintext set constitute a private part smt+ of the symbol mapping table and the plaintext set and the ciphertext set constitute a public part SMT-of the symbol mapping table. And SMT should satisfy the following two irreversible assumptions:
δ 1 :p→s,p∈P,s∈S
δ 2 .p→h,p∈p,h∈H
after the SMT is generated, recoding is carried out on the symbols corresponding to the data by using the SMT, wherein the coding process is to enable each symbol to correspond to at least one plain code and one secret code from the SMT. An example of SMT is given in table 1 below. Given a character string "WORLD", the corresponding plain code of the symbol is "0x00410xE4520xE4C10xE4F00x004D" obtained from Table 1 after encoding, the hidden character string contained therein is "HUANG", and the obtained plain code is the data of the associated fingerprint. In this way, the present invention can generate a corresponding SMT for any given data content, wherein a secret code represents fingerprint information.
TABLE 1 symbol mapping Table corresponding to string "WORLD
Figure BDA0003994650760000071
As shown in fig. 1, the data right determining method based on symbol mapping coding and blockchain provided by the invention comprises the following modules: the first module is combined with the symbol mapping code to map the user fingerprint into the data object so that the data can be validated by identifying the fingerprint in the later period; the second module designs a data query primitive and a packaging algorithm to ensure the access control of a user to data, and further supports the data security of the data right-determining model in the first module; the third module is combined with the blockchain to monitor the data sharing process and the data access process, so that piracy can be discovered later, and the data can be traced, thereby tracing the pirated data and protecting the rights of the data owners.
The workflow of the present invention is shown in figure 2. The following describes the actual data sharing case in detail.
Step 1, the data owner D uses SMC technology to print the fingerprint F D Private key hash h (SK D ) And the original data d is mapped to SMT D Then use the SMT D Encoding raw data to obtain data of associated fingerprints
Figure BDA0003994650760000081
The data owner D then prints the fingerprint F D Data hash of the associated fingerprint>
Figure BDA0003994650760000082
Data description DDes and SMT public part hash->
Figure BDA0003994650760000083
Together into a blockchain so that the data receiver U can obtain it. The above procedure can be formally expressed as:
SMT D ←φ 1 (d,h(SK D ),F D ,γ,τ,λ)
Figure BDA0003994650760000084
where λ represents a parameter affecting the randomness of the symbol length θ, τ represents the upper limit of the data storage, and γ represents the redundancy coefficient.
Step 2, the data owner D associates the data of the fingerprint through the link-down channel
Figure BDA0003994650760000085
To the data receiver U.
Step 3, the data receiver U obtains from the block chain
Figure BDA0003994650760000086
And hash comparison is carried out on the data obtained under the chain and the data, so that the data is prevented from being tampered.
Step 4, when the data receiver U applies for inquiring data from the data owner D, he needs to utilize SMC technology to apply his own fingerprint F U Private key hash h (SK U ) And data associated with the data owner fingerprint
Figure BDA0003994650760000087
Mapping to its own SMT U (data associated with the fingerprint of the data owner in this process +)>
Figure BDA0003994650760000088
As raw data), and by causingBy using the SMT U Received data->
Figure BDA0003994650760000089
Encoding to obtain data associated with the own fingerprint +.>
Figure BDA00039946507600000810
Then will +.>
Figure BDA00039946507600000811
And a query request q is sent to the data owner D. The above procedure can be formally expressed as:
Figure BDA00039946507600000812
Figure BDA00039946507600000813
step 5, the data receiver U will pass through the link down channel
Figure BDA00039946507600000814
To the data owner D. />
Figure BDA00039946507600000815
The public part of the symbol mapping table generated for the data receiver.
Step 6, when the data owner D obtains the query request q sent by the data receiver U from the blockchain, a data decoder only containing the application part of the data receiver is obtained by combining a data encapsulation algorithm, and is realized through an intelligent contract running in a TEE environment, and meanwhile, the process is recorded in the blockchain; the above procedure can be formally expressed as:
Figure BDA00039946507600000816
Figure BDA00039946507600000817
access control in this part as shown on the data owner side of fig. 3, after the data owner D receives the query request q, it is first verified whether the query request meets the requirements and access control of the data description DDes; when the verification is passed, the query request q and the private part of the symbol mapping table generated by itself should be combined
Figure BDA00039946507600000818
Generating data for inquiry for data receiver>
Figure BDA0003994650760000091
If the verification is not passed, a null is returned. Data owner binding->
Figure BDA0003994650760000092
And +.>
Figure BDA0003994650760000093
F U A data decoder required to query the data is generated for the data receiver and sent to the data receiver, which proceeds through the on-chain channel. />
Step 7, the data owner D sends the data decoder to the data receiver U through the blockchain.
Step 8, the data receiver U acquires the data decoder from the block chain. And recovering the applied data by the data decoder, thereby obtaining the applied data; the above procedure can be formally expressed as:
Figure BDA0003994650760000094
the acquired data in this part is as shown in the data receiver side of fig. 3, and when the data receiver receives the data decoder, it is necessary to input data associated with own fingerprint
Figure BDA0003994650760000095
And private part of own symbol mapping table +.>
Figure BDA0003994650760000096
So that the data decoder judges whether the data decoder has the authority of inquiring the data; when the verification is passed, the data decoder will incorporate
Figure BDA0003994650760000097
Figure BDA0003994650760000098
And returning the data applied by the data receiver, otherwise, not returning any data so as to ensure the safety of the data.
Step 9, when the data owner discovers the data in the network, the arbiter can apply for the right, and the arbiter determines the right person of the data by identifying the fingerprint in the data and judges the source of the data. The above procedure can be formally expressed as:
Figure BDA0003994650760000099
Figure BDA00039946507600000910
epsilon is the lower limit ratio of the redundancy of the test fingerprint,
Figure BDA00039946507600000911
using the upper mean of the differences for bytes, tester U To detect whether the data contains the fingerprint of the data receiver, a Tester D To detect whether the data contains a fingerprint of the data owner.
Phi above 15 Representing formalization processes, has no exact meaning.
The fingerprint identification method adopts two methods.
Firstly, adopting a forward verification method, and combining statistics with SMT - Cutting and dividing the characters according to the length of the fingerprint, comparing the divided fields with the pearson correlation coefficient of the fingerprint in sequence, counting the number of times of successful comparison, and judging that the comparison is successful when the number exceeds a certain proportion, so that the right of the user can be confirmed.
Regarding the problem of how to take the value of the certain proportion, in the invention, considering better extraction of the fingerprints of the user, the invention does not compare the times of successful comparison to confirm the entitlement by exceeding a certain threshold value, but firstly obtains the epsilon value and epsilon value meeting the condition by judging whether the formula (6) is satisfied
Figure BDA00039946507600000912
Values, if equation (6) is not satisfied, the ε value and ++are adjusted by equation (7) and equation (8)>
Figure BDA00039946507600000913
Values. Then after the epsilon value meeting the condition is obtained, only the comparison success times are judged whether to exceed epsilon and +.>
Figure BDA00039946507600000914
And thus can confirm the data right. The method has the advantage that the probability of detecting the fingerprint can be dynamically adjusted according to the data size of the embedded fingerprint, so that a better data right-determining effect is achieved.
Figure BDA0003994650760000101
Figure BDA0003994650760000102
Figure BDA0003994650760000103
Where epsilon is the lower ratio of the test fingerprint redundancy,
Figure BDA0003994650760000104
the upper average of the differences is used for bytes, τ is the upper data storage limit, and D is the plaintext length.
Secondly, in order to prevent the situation that the effect of the forward verification method is possibly poor, the invention also designs a backward verification method, and the fingerprint identification in the data object has good effect through the two methods. The backward verification method mainly comprises the following steps:
step 1, firstly, counting the data d of the associated fingerprints F Byte sequences of (a);
step 2, equally dividing fingerprints possibly embedded in the (pirated) data into eta parts;
step 3, finding a corresponding clear code sequence from the SMT according to the divided fingerprints;
step 4, counting the byte sequence of the plain code obtained in the step 3;
step 5, comparing the same byte numbers in the byte sequences in step 1 and step 4 to obtain the proportion of the same byte numbers in the whole byte sequence, when the proportion is lower than the upper limit average value of the byte use difference
Figure BDA0003994650760000105
When the right determination result is false; otherwise, true;
step 6, judging whether the two byte sequences are in a multiple (1 or-1) relation or not by comparing the byte sequences in the step 1 and the step 4, and if so, obtaining a data right determination result true; otherwise, false;
and 7, when the right results of the step 5 and the step 6 are true, the method considers that the right of the data can be confirmed.
As shown in fig. 4, the figure depicts the data structure of the chain of acknowledgements. In this configuration, transaction 1 records the data information that data owner D needs to send to data receiver U, including F D 、DDes、
Figure BDA0003994650760000106
And->
Figure BDA0003994650760000107
In transaction 2, some data information sent by the data receiver U to the data owner D is recorded, including +.>
Figure BDA0003994650760000108
q and->
Figure BDA0003994650760000109
Etc. In transaction 3, it is the data decoder +.A data owner D designs from the query statement of the data receiver U that needs to be recorded>
Figure BDA00039946507600001010
So that the data receiver U obtains the data. These transactions are connected together in time sequence to form a chain of rights. And because of the right chain, people can check the data destination and the data source anytime and anywhere, thereby achieving the aim of tracing the data.
The present technical method for data right confirmation at home and abroad mainly adopts a mode of encrypting data in stages and embedding watermark in the data, and the method of the invention is compared with the existing method on different technical indexes in the table 2 below. It is easy to find that the method of the invention is significantly superior to the existing methods in terms of various technical indexes.
TABLE 2 comparison of the inventive method with the prior art method with respect to different technical indicators
Figure BDA0003994650760000111
Meanwhile, the technical indexes of the invention also obtain expected good effects, and the method is described as follows:
1. the fingerprint of the data relator is encoded into the byte sequence of the shared data by combining symbol mapping encoding, so that the data authority statement can be independent of the data content, and the data authority is independent of the data content; the data sets in Table 3 below are mainly derived from UCI-MLR, with different data types and volumes, respectively. According to the invention, by embedding the fingerprint in the data with different data types and then confirming the data with the fingerprint, the accuracy of detecting the fingerprint in the data object which is not tampered can be found to be 100%.
TABLE 3 recognition results after embedding fingerprints in data of different data types
Figure BDA0003994650760000112
2. Regardless of what kind of violation processing is performed on the fingerprinted data by the data receiver, the method of the present invention can fingerprint the fingerprinted data. The present invention essentially measures from five classes of simulated attacks in table 4 whether fingerprints in a data object can be correctly identified when there are potentially malicious users. First, the data related to the user fingerprint is processed by using the simulated data tampering attack in table 4, and then the method of the invention is introduced to carry out fingerprint extraction on the tampered data, so that the fingerprint extraction method can not effectively extract the fingerprint from the tampered data. From the experimental results in fig. 5, it can be found that under five main expression attacks, the method of the present invention still has better recognition efficiency on fingerprints in the data object, so that traitor tracing can be better realized, and anti-repudiation and anti-piracy effects can be realized.
Table 4 simulation attack description
Figure BDA0003994650760000121
3. The invention designs the right-confirming chain (a block chain bottom layer) to replace a third party in the traditional right-confirming scheme, realizes the detail record of the data sharing process, and is the bottom layer foundation for executing the right-confirming operation of the data. And due to the introduction of the right chain, the data sharing is safer and more reliable. In the present invention, simulation tests are mainly performed on the average delay and throughput performance of the acknowledgement chain, wherein the average delay mainly represents the acknowledgement speed of a single transaction, and the throughput reflects the number of completed transactions per unit time. Firstly, realizing a blockchain network by using a SpringBoot framework, and carrying out simulation experiments by using three servers and a PC; then running the written program in a server and a PC, and carrying out transaction consensus by utilizing the nodes; finally, the efficiency of the blockchain network is reflected by recording the average delay of these transaction acknowledgements and the throughput of the blockchain. Specific test cases are shown in Table 5, where the number of nodes represents the number of users joining the blockchain network and the number of transactions represents the number of times the experiment was simulated to produce a transaction. Fig. 6 shows the performance test results of the validation chain, and it can be seen that the delay and throughput of the system achieve good effects expected in practical application when a large number of transactions are concurrent.
TABLE 5 blockchain test cases
Parameters (parameters) Parameter value
Number of nodes 3、4、5
Number of transactions 5K、10K、15K、20K、25K
Average size of transaction 1Kb

Claims (9)

1. The data right determining method based on symbol mapping coding and block chain is characterized by comprising the following steps:
a. data owner uses SMC technology to print F D Private key hash h (SK D ) And the original data d are mapped into a symbol mapping table SMT D Then use the symbol mapping table SMT D Encoding raw data to obtain data of associated fingerprints
Figure FDA0003994650750000011
The data owner then prints the fingerprint F D Data hash of the associated fingerprint>
Figure FDA0003994650750000012
Data description DDes and public part hash +_ of symbol mapping table>
Figure FDA0003994650750000013
Together published into the blockchain;
b. the data owner will associate the data of the fingerprint through the link down channel
Figure FDA0003994650750000014
Transmitting to a data receiver;
c. data receiver retrieval from blockchain
Figure FDA0003994650750000015
And add it to the data acquired from the under-link channel +.>
Figure FDA0003994650750000016
Performing hash comparison;
d. when a data receiver applies for inquiring data from a data owner, the data receiver firstly uses SMC technology to make its own fingerprint F U Private key hash h (SK U ) And received data associated with the data owner fingerprint
Figure FDA0003994650750000017
Together mapped to its own symbol mapping table SMT U And pass throughThe symbol mapping table SMT U Received data->
Figure FDA0003994650750000018
Encoding to obtain data associated with the own fingerprint +.>
Figure FDA0003994650750000019
Then hash ++of the symbol map public part through the blockchain>
Figure FDA00039946507500000110
And sending a query request q to the data owner;
e. the data receiver uses the link down channel to make the public part of the symbol mapping table in step d
Figure FDA00039946507500000111
Transmitting to a data owner;
f. after the data owner obtains a query request q sent by a data receiver from the blockchain, firstly verifying whether the query request q meets the requirement of data description and access control; if so, the private part of the symbol mapping table generated by the user is combined
Figure FDA00039946507500000112
And query request q generation->
Figure FDA00039946507500000113
Recombined->
Figure FDA00039946507500000114
And +.>
Figure FDA00039946507500000115
F U A data decoder for generating the query data for the data receiver; if not, returning to the blank;
g. the data owner sends the data decoder to the data receiver through the blockchain;
h. the data receiver acquires the data decoder and recovers the applied data through the data decoder, thereby obtaining the applied data.
2. The method for determining right of data based on symbol mapping coding and blockchain as in claim 1, wherein in step h, after the data receiver receives the data decoder, it first inputs the data associated with its own fingerprint
Figure FDA00039946507500000116
And private part of own symbol mapping table +.>
Figure FDA00039946507500000117
So that the data decoder verifies whether it has the right to query the data; when the verification is passed, the data decoder returns the data applied by the data receiver, otherwise the data decoder does not return any data.
3. The symbol map coding and blockchain based data validation method of claim 1, further comprising the steps of:
i. when the data owner discovers the data in the network, the data owner applies for the right to the arbiter, and the arbiter determines the data right person by identifying the fingerprint in the data.
4. A method of data validation based on symbol map coding and blockchain as in claim 3 wherein there are two methods of identifying fingerprints, each as follows:
firstly, adopting a forward verification method, and counting SMT - Cutting and dividing the characters according to the length of the fingerprint, comparing the divided fields with the fingerprint in sequence, counting the successful comparison times, and further confirming the right of the characters;
secondly, adopting a backward verification method, firstly counting byte sequences in the data, then reversely estimating clear code byte sequences corresponding to fingerprints in the data, and comparing the two byte sequences to further confirm the rights of the two byte sequences.
5. The method for determining the right of data based on symbol mapping coding and blockchain according to claim 4, wherein in the forward verification method, it is first determined whether the formula (6) is satisfied; if so, judging whether the number of times of comparison success exceeds epsilon and
Figure FDA0003994650750000021
and when exceeded, can confirm the data right; if equation (6) is not true, then the ε value and ++are adjusted by equation (7) and equation (8)>
Figure FDA0003994650750000022
A value until equation (6) holds;
Figure FDA0003994650750000023
Figure FDA0003994650750000024
Figure FDA0003994650750000025
where epsilon is the lower ratio of the test fingerprint redundancy,
Figure FDA0003994650750000026
using the upper mean of the differences for bytes, τ is the upper data storage limit, ρ is the plaintext length, F is the fingerprint, d F For associating data of a fingerprint->
Figure FDA0003994650750000027
Is fingerprint redundancy.
6. The method for determining the right of data based on symbol mapping coding and blockchain as in claim 4, wherein the backward verification method specifically comprises the following steps:
step 1, firstly counting byte sequences of data of related fingerprints;
step 2, equally dividing fingerprints in the data by eta; η is the length of the secret code;
step 3, finding a corresponding clear code sequence from the symbol mapping table according to the divided fingerprints;
step 4, counting the byte sequence of the plain code obtained in the step 3;
step 5, comparing the same byte numbers in the byte sequences in step 1 and step 4 to obtain the proportion of the same byte numbers in the whole byte sequence, when the proportion is lower than the upper limit average value of the byte use difference
Figure FDA0003994650750000028
When the obtained right result is false; otherwise, true;
step 6, judging whether the two byte sequences are in a multiple relation of 1 or-1 or not by comparing the byte sequences in the step 1 and the step 4, and if so, obtaining a data right determination result as true; otherwise, false;
and 7, when the right results of the step 5 and the step 6 are true, indicating that the data is confirmed.
7. The symbol mapping encoding and blockchain based data validation method of claim 1, wherein the symbol mapping table maps each symbol into two different types of digital codes: one is a plain code for encoding a symbol; the other is a secret code used for carrying fingerprint information.
8. The method for determining the right of data based on symbol mapping coding and blockchain according to claim 7, wherein the symbol mapping table comprises a symbol set, a plain code set and a secret code set; each symbol corresponds to at least one plain code and at least one secret code; the symbol set and the plain code set form the private part of the symbol mapping table, and the plain code set and the cipher set form the public part of the symbol mapping table.
9. The method for determining the right of data based on symbol mapping coding and blockchain as in claim 8, wherein the symbol mapping table is generated as follows:
firstly, determining a plaintext length rho according to a fingerprint F and original data d, wherein the plaintext length rho satisfies the following formula:
Figure FDA0003994650750000031
/>
then determining the symbol length theta, wherein the symbol length theta satisfies the following formula:
Figure FDA0003994650750000032
in the formulas (1) and (2), τ represents the upper limit of data storage, λ represents a parameter affecting the randomness of the symbol length θ, and a represents the number corresponding to the first five-bit hexadecimal string in h (SK);
dividing a byte sequence of the original data d according to the symbol length theta to obtain a symbol set S;
then determining the cipher length eta and obtaining the fingerprint redundancy
Figure FDA0003994650750000033
See formulas (3) and (4) below;
Figure FDA0003994650750000034
Figure FDA0003994650750000035
wherein |S| represents the length of the symbol set, gamma represents the redundancy coefficient, and b represents the number corresponding to the second five-bit hexadecimal string in h (SK);
then will
Figure FDA0003994650750000036
Performing η equal division on the fingerprints to obtain a secret code set of the symbol mapping table;
then, the data randomly generated in the plain code space is used as plain codes, so that each plain code corresponds to one secret code, and an initial symbol mapping table is built;
finally, the redundancy of the symbol mapping table is increased through filling data, and a final symbol mapping table is formed; redundancy χ of the symbol mapping table satisfies the following formula:
χ≤min(|2 -|SMT - ||,c900) (5)
wherein the value of c900 is derived from the third five-bit hexadecimal string in h (SK), which is obtained by adding one to four characters and multiplying the fifth character, and the maximum result is not more than 900.
CN202211591493.1A 2022-12-12 2022-12-12 Data right determining method based on symbol mapping coding and block chain Pending CN116127429A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211591493.1A CN116127429A (en) 2022-12-12 2022-12-12 Data right determining method based on symbol mapping coding and block chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211591493.1A CN116127429A (en) 2022-12-12 2022-12-12 Data right determining method based on symbol mapping coding and block chain

Publications (1)

Publication Number Publication Date
CN116127429A true CN116127429A (en) 2023-05-16

Family

ID=86305464

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211591493.1A Pending CN116127429A (en) 2022-12-12 2022-12-12 Data right determining method based on symbol mapping coding and block chain

Country Status (1)

Country Link
CN (1) CN116127429A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117556391A (en) * 2023-12-28 2024-02-13 江苏万禾科技集团有限公司 Activation code generation method, electronic equipment activation method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117556391A (en) * 2023-12-28 2024-02-13 江苏万禾科技集团有限公司 Activation code generation method, electronic equipment activation method and device
CN117556391B (en) * 2023-12-28 2024-03-22 江苏万禾科技集团有限公司 Activation code generation method, electronic equipment activation method and device

Similar Documents

Publication Publication Date Title
Panah et al. On the properties of non-media digital watermarking: a review of state of the art techniques
CN109417479B (en) Cryptographic logic rewritable block chains
CN107749848B (en) Internet of things data processing method and device and Internet of things system
JP5537032B2 (en) Secure threshold decryption protocol calculation
Kou Payment technologies for E-commerce
KR101934444B1 (en) A Managing Method Of The Integrity Data of Documents Or Securities
CN109146524A (en) A kind of agricultural product using block chain technology are traced to the source information security solution
Dittmann et al. Using cryptographic and. watermarking algorithms
CN108900298B (en) Quantum cipher watermark-based private block chain honest node authentication access method
JP2003507964A (en) Ways to protect your data
CN113065149A (en) Data copyright protection method based on block chain and collusion attack resistant fingerprint code
Bose et al. BLIC: A blockchain protocol for manufacturing and supply chain management of ICS
CN116127429A (en) Data right determining method based on symbol mapping coding and block chain
Ding et al. Protecting hidden transmission of biometrics using authentication watermarking
Chernyi et al. Security of electronic digital signature in maritime industry
Chaudhary et al. Designing A Secured Framework for the Steganography Process Using Blockchain and Machine Learning Technology
CN114169888B (en) Universal type cryptocurrency custody method supporting multiple signatures
WO2023041212A1 (en) Method of verification for machine learning models
Chen et al. VILS: A verifiable image licensing system
CN113779594A (en) Data distribution sharing method and system based on block chain
CN112837062A (en) Data fingerprint transaction management system and tracing method based on block chain-trusted computing
CN111400748A (en) Block chain-based storage method
Sarbavidya et al. Applications of public key watermarking for authentication of job-card in MGNREGA
CN117972652A (en) Transaction method based on vector geographic data
Pasupathinathan et al. Security analysis of Australian and EU e-passport implementation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination