CN116127429A - Data right determining method based on symbol mapping coding and block chain - Google Patents
Data right determining method based on symbol mapping coding and block chain Download PDFInfo
- Publication number
- CN116127429A CN116127429A CN202211591493.1A CN202211591493A CN116127429A CN 116127429 A CN116127429 A CN 116127429A CN 202211591493 A CN202211591493 A CN 202211591493A CN 116127429 A CN116127429 A CN 116127429A
- Authority
- CN
- China
- Prior art keywords
- data
- symbol mapping
- symbol
- fingerprint
- mapping table
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/604—Tools and structures for managing or administering access control systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The invention provides a data right determining method based on symbol mapping coding and block chain. The invention uses symbol mapping coding to directly map the user fingerprint information into the data object, thereby achieving the effects of independence of data content and strong access control. Meanwhile, the data can be authorized by identifying the related fingerprints, so that the effects of resisting repudiation and piracy are realized; in addition, the invention replaces the endorsement effect of the trusted third party in the data sharing process by using the blockchain, so that the data sharing process is not tampered, thereby being more convenient for trusted tracing. The invention realizes trusted access control and traitor tracing, so that the data sharing system has stronger anti-repudiation and anti-piracy capabilities.
Description
Technical Field
The invention relates to the field of data sharing and data right confirmation, in particular to a data right confirmation method based on symbol mapping coding and block chain.
Background
Existing data validation schemes can be divided into three groups: trusted Third Party (TTP) based methods, blockchain based methods, and other methods.
(1) Data right-determining method based on trusted third party
TTP-based schemes typically use third parties to oversee communications between data sharing participants and provide evidence of data validation. TTP in these schemes plays a role of prover and evidence verifier. Once a dispute occurs, the TTP will provide arbitration evidence. The problem is that so-called TTP may not be as trusted. Coffey et al propose a TTP-based solution to the general non-repudiation problem. In this scenario, third parties are left unreserved to rely on, which may increase the likelihood of collusion attacks. To address this problem, zhu et al propose a collusion attack data sharing scheme based on an asymmetric cryptosystem and the Delov-Yao model. However, this model is not resistant to man-in-the-middle attacks and data manipulation attacks because the server does not verify user registration. Furthermore, single point failure is also a non-negligible problem under a centralized architecture. TTP-based methods therefore do not meet the requirements for data validation, which has the disadvantage that the data is easily tampered with and not completely trusted by third parties.
(2) Data right determining method based on block chain
Blockchains have been introduced as an infrastructure for data sharing to provide undisputed evidence for validating data rights. The excellent functionality of blockchains is often used to implement traceability of data sources and their shared histories. Some studies combine blockchains with digital watermarks to improve the security of copyright protection and data source tracking. Typically, wang et al propose a combined model that first uses a data-holding attestation method to audit data integrity and then uses a digital watermarking scheme to confirm the source of the shared data. However, this combination is still insufficient to combat data piracy, as access control is not emphasized much.
The combination of blockchains with encryption systems helps improve access control in data sharing, but is generally inefficient in the face of large amounts of data. Wang et al propose a big data sharing scheme using smart contracts to enforce access rules. However, encrypting and decrypting large amounts of data takes a significant amount of time, resulting in inefficiency.
(3) Other methods
Zero Knowledge Proof (ZKP) and non-replaceable tokens (NFT) inspired researchers to develop some distinctive data validation methods. Some new studies build ZKP models to prove ownership or usage rights of assets to third parties. Other studies have mainly generated unique digital certificates (e.g., NFTs) to declare ownership of specific data assets and enable secure data sharing by selling these NFTs. However, the above-described techniques have some intolerable drawbacks in terms of data validation for data sharing. For example, ZKP construction often results in inefficiency and poor scalability, and NFT has so far remained a technically immature concept.
Aiming at serious data repudiation and piracy in the data sharing process, the existing data watermarking method is not only limited by data content, but also is easy to forge due to lack of supervision; in addition, the method based on the trusted third party can cause problems of data security and the like due to the non-trusted third party. Therefore, in this context, it is particularly important and necessary to invent an efficient data validation method.
Disclosure of Invention
The invention aims to provide a data right-determining method based on symbol mapping coding and blockchain, which can effectively determine the right of data and realize trusted access control and traitor tracing.
The invention is realized in the following way: a data validation method based on symbol mapping coding and blockchain, comprising the steps of:
a. data owner uses SMC technology to print F D Private key hash h (SK D ) Mapping with raw data d into symbol mapping table SMT D Then use symbol mapping table SMT D Encoding raw data to obtain data of associated fingerprintsThe data owner then prints the fingerprint F D Closing deviceData hash of a joint fingerprint>Data description DDes and public part hash +_ of symbol mapping table>Together distributed to the blockchain to provide evidence for later data validation;
b. the data owner will associate the data of the fingerprint through the link down channelTransmitting to a data receiver;
c. data receiver retrieval from blockchainAnd add it to the data acquired from the under-link channel +.>Performing hash comparison;
d. when a data receiver applies for inquiring data from a data owner, the data receiver firstly utilizes own fingerprint F U Private key hash h (SK U ) And received data associated with the data owner fingerprintTogether mapped to its own symbol mapping table SMT U And pass through the symbol mapping table SMT U Received data->Encoding to obtain data associated with the own fingerprint +.>Then hash ++of the symbol map public part through the blockchain>And sending a query request q to the data owner;
e. the data receiver uses the link down channel to make the public part of the symbol mapping table in step dTransmitting to a data owner;
f. after the data owner obtains a query request q sent by a data receiver from the blockchain, firstly verifying whether the query request q meets the requirement of data description and access control; if so, the private part of the symbol mapping table generated by the user is combinedAnd query request q generation->Recombined->And +.>F U A data decoder for generating the query data for the data receiver; if not, returning to the blank;
g. the data owner sends the data decoder to the data receiver through the blockchain;
h. the data receiver acquires a data decoder and recovers the applied data through the data decoder, thereby obtaining the applied data;
in step h, after the data receiver receives the data decoder, the data receiver first inputs the data associated with the own fingerprintAnd private part of own symbol mapping table +.>So that the data decoder verifies whether it has the right to query the data; when the verification is passed, the data decoder returns the data applied by the data receiver, otherwise, the data decoder does not return any data;
i. when the data owner discovers the data in the network, the data owner applies for the right to the arbiter, and the arbiter determines the data right person by identifying the fingerprint in the data.
There are two methods of identifying fingerprints, one is as follows:
firstly, adopting a forward verification method, and counting SMT - Cutting and dividing the characters according to the length of the fingerprint, comparing the divided fields with the fingerprint in sequence, counting the number of times of successful comparison, and judging that the comparison is successful when the number exceeds a certain proportion, and confirming the right of the user.
Secondly, adopting a backward verification method, firstly counting byte sequences in the data, then reversely estimating clear code byte sequences corresponding to fingerprints in the data, and comparing the two byte sequences to further confirm the rights of the two byte sequences.
The backward verification is to supplement the forward verification to prevent inaccurate forward verification results. The right is considered to be confirmed as long as one of the current verification and the backward verification can confirm the right.
In the forward verification method, firstly, judging whether a formula (6) is established; if so, judging whether the number of times of comparison success exceeds epsilon andwhen the product of the data is exceeded, the data right can be confirmed, and if the product of the data is not exceeded, the right cannot be confirmed; if equation (6) is not true, then the ε value and ++are adjusted by equation (7) and equation (8)>A value until equation (6) holds;
where epsilon is the lower ratio of the test fingerprint redundancy,using the upper mean of the differences for bytes, τ is the upper data storage limit, ρ is the plaintext length, F is the fingerprint, d F For associating data of a fingerprint->Is fingerprint redundancy.
The backward verification method specifically comprises the following steps:
step 2, equally dividing fingerprints in the data by eta; η is the length of the secret code;
step 6, judging whether the two byte sequences are in a multiple relation of 1 or-1 or not by comparing the byte sequences in the step 1 and the step 4, and if so, obtaining a data right determination result as true; otherwise, false;
and 7, when the right results of the step 5 and the step 6 are true, indicating that the data is confirmed.
The symbol mapping table maps each symbol into two different types of numerical codes: one is a plain code for encoding a symbol; the other is a secret code used for carrying fingerprint information. The symbol mapping table comprises a symbol set, a clear code set and a secret code set; each symbol corresponds to at least one plain code and at least one secret code; the symbol set and the plain code set form the private part of the symbol mapping table, and the plain code set and the cipher set form the public part of the symbol mapping table. The symbol mapping table is generated as follows:
firstly, determining a plaintext length rho according to a fingerprint F and original data d, wherein the plaintext length rho satisfies the following formula:
then determining the symbol length theta, wherein the symbol length theta satisfies the following formula:
in the formulas (1) and (2), τ represents the upper limit of data storage, λ represents a parameter affecting the randomness of the symbol length θ, a represents the number corresponding to the first five-bit hexadecimal string in h (SK), and h (SK) is a private key hash;
dividing a byte sequence of the original data d according to the symbol length theta to obtain a symbol set S;
then determining the cipher length eta and obtaining the fingerprint redundancySee formulas (3) and (4) below;
wherein |S| represents the length of the symbol set, gamma represents the redundancy coefficient, and b represents the number corresponding to the second five-bit hexadecimal string in h (SK);
then willPerforming η equal division on the fingerprints to obtain a secret code set of the symbol mapping table;
then, the data randomly generated in the plain code space is used as plain codes, so that each plain code corresponds to one secret code, and an initial symbol mapping table is built;
finally, the redundancy of the symbol mapping table is increased through filling data, and a final symbol mapping table is formed; redundancy χ of the symbol mapping table satisfies the following formula:
χ≤min(|2 8ρ -|SMT - ||,c900) (5)
wherein the value of c900 is derived from the third five-bit hexadecimal string in h (SK), which is obtained by adding one to four characters and multiplying the fifth character, and the maximum result is not more than 900.
The existing data right-determining scheme has more problems. Such as data security and single point of failure risk caused by the unauthentic third party; the complex encryption system is oriented to the inefficiency problem of large amount of data; conventional digital watermarking is too dependent on data content and the like. In view of the current lack of effective data validation methods that limit the development of data sharing, the present invention provides a novel and practical data validation method that meets the urgent need for social development. The invention achieves the aim that users can effectively confirm data in the data sharing process by using symbol mapping codes and blockchains, thereby realizing trusted access control and traitor tracing, and thus enabling the data sharing system to have anti-repudiation and anti-piracy capabilities.
The invention is innovative in that the user fingerprint information is directly embedded into the data object by using symbol mapping coding, thereby achieving the effects of independence of data content and strong access control. Meanwhile, the data can be authorized by identifying the embedded fingerprints, so that the effects of resisting repudiation and piracy are realized; in addition, the invention replaces the endorsement effect of the trusted third party in the data sharing process by using the blockchain, so that the data sharing process is not tampered, thereby being more convenient for trusted tracing.
Drawings
Fig. 1 is a schematic block diagram of the present invention.
Fig. 2 is a diagram of a data right determining architecture in the present invention.
Fig. 3 is a schematic view of an access control policy in the present invention.
Fig. 4 is a data structure diagram of an acknowledgement chain in the present invention.
Fig. 5 is a fingerprint identification result of the method of the present invention under five types of attacks.
FIG. 6 is a performance test result of the chain of rights in the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail with reference to the accompanying drawings and examples.
The invention firstly designs a symbol mapping coding technology (SMC), which divides a byte sequence of a data object into symbols, generates a Symbol Mapping Table (SMT), and uses the generated symbol mapping table to recode the data. SMT maps each symbol into two different types of digital codes: one is a plain code for encoding a symbol; the other is a secret code used for carrying fingerprint information.
The generation of the symbol mapping table SMT will be described in detail below.
Firstly, the method needs to represent the original data into a symbol form, in order to ensure that enough symbol coding space (ASCII coding rule) is available to finish the mapping of symbols to data, the clear code space needs to be ensured not to be too small, and in addition, the coding space can not be too large, so that the memory waste is prevented. The length ρ of the plain code is made to satisfy the formula (1) in the present invention. In addition, when representing the original data as a symbol, the corresponding relation between the symbol and the original data, that is, how many bytes of the original data one symbol corresponds to, needs to be considered, and the calculation formula of the symbol length θ is formula (2). The symbol length is obtained according to formula (2), and the symbol set S can be obtained by dividing the byte sequence of the original data.
Where d represents the original data, F represents the fingerprint of the data correlator, τ represents the upper limit of the data storage, λ represents a parameter affecting the randomness of the symbol length θ, where the values 1024, ρ represent the plaintext lengths, |d| and |f| represent the corresponding lengths, a represents the number corresponding to the first five-bit hexadecimal string in h (SK), h (SK) is a private key hash that forms a pair of keys with the fingerprint F.
Then, through the formula (3), the secret code length eta can be obtained, thereby obtaining the fingerprint redundancy(see formula (4)). Then will->And performing η equal division on the fingerprints to obtain a secret code set H of the symbol mapping table.
Where |S| represents the length of the symbol set, |F| represents the byte length of the data correlator fingerprint, γ represents the redundancy factor, and b represents the number corresponding to the second five-bit hexadecimal string in h (SK).
And then sequentially taking out data from the symbol set as symbols of the symbol mapping table, taking out data from the password set as passwords of the symbol mapping table, wherein the explicit codes of the symbol mapping table are served by randomly generated data in the explicit code space, and each explicit code corresponds to one password, so that an initial symbol mapping table SMT is built.
Finally, in order to keep θ secret so that the symbol mapping table SMT is more difficult to forge, the method increases redundancy of the symbol mapping table SMT. However, the redundancy of the SMT cannot be increased too much to avoid wasting the storage space, so the method designs the formula (5) to ensure the safety of θ. The specific operation of increasing the redundancy of the symbol mapping table is as follows: randomly generating data from a clear code space, randomly selecting data corresponding to the generated clear codes from a secret code set, and adding the data into an initial symbol mapping table to obtain a symbol mapping table SMT with redundancy finally.
χ≤min(|2 8ρ -|SMT - ||,c900) (5)
Where the value of c900 is from the third five-bit hexadecimal string in h (SK), which is obtained by adding one to four characters and multiplying by the fifth character, so that the maximum result does not exceed 900.χ represents redundancy of the symbol mapping table.
In the final symbol mapping table SMT with redundancy, the numbers of plain codes and secret codes are the same and correspond to each other one by one.
Finally, SMT includes a set of symbols, a set of plain codes, and a set of secret codes. And each symbol will correspond to at least one plain code and at least one secret code. Let S denote a symbol set, P denote a plaintext set, H denote a ciphertext set, wherein the symbol set and the plaintext set constitute a private part smt+ of the symbol mapping table and the plaintext set and the ciphertext set constitute a public part SMT-of the symbol mapping table. And SMT should satisfy the following two irreversible assumptions:
δ 1 :p→s,p∈P,s∈S
δ 2 .p→h,p∈p,h∈H
after the SMT is generated, recoding is carried out on the symbols corresponding to the data by using the SMT, wherein the coding process is to enable each symbol to correspond to at least one plain code and one secret code from the SMT. An example of SMT is given in table 1 below. Given a character string "WORLD", the corresponding plain code of the symbol is "0x00410xE4520xE4C10xE4F00x004D" obtained from Table 1 after encoding, the hidden character string contained therein is "HUANG", and the obtained plain code is the data of the associated fingerprint. In this way, the present invention can generate a corresponding SMT for any given data content, wherein a secret code represents fingerprint information.
TABLE 1 symbol mapping Table corresponding to string "WORLD
As shown in fig. 1, the data right determining method based on symbol mapping coding and blockchain provided by the invention comprises the following modules: the first module is combined with the symbol mapping code to map the user fingerprint into the data object so that the data can be validated by identifying the fingerprint in the later period; the second module designs a data query primitive and a packaging algorithm to ensure the access control of a user to data, and further supports the data security of the data right-determining model in the first module; the third module is combined with the blockchain to monitor the data sharing process and the data access process, so that piracy can be discovered later, and the data can be traced, thereby tracing the pirated data and protecting the rights of the data owners.
The workflow of the present invention is shown in figure 2. The following describes the actual data sharing case in detail.
SMT D ←φ 1 (d,h(SK D ),F D ,γ,τ,λ)
where λ represents a parameter affecting the randomness of the symbol length θ, τ represents the upper limit of the data storage, and γ represents the redundancy coefficient.
Step 2, the data owner D associates the data of the fingerprint through the link-down channelTo the data receiver U.
Step 6, when the data owner D obtains the query request q sent by the data receiver U from the blockchain, a data decoder only containing the application part of the data receiver is obtained by combining a data encapsulation algorithm, and is realized through an intelligent contract running in a TEE environment, and meanwhile, the process is recorded in the blockchain; the above procedure can be formally expressed as:
access control in this part as shown on the data owner side of fig. 3, after the data owner D receives the query request q, it is first verified whether the query request meets the requirements and access control of the data description DDes; when the verification is passed, the query request q and the private part of the symbol mapping table generated by itself should be combinedGenerating data for inquiry for data receiver>If the verification is not passed, a null is returned. Data owner binding->And +.>F U A data decoder required to query the data is generated for the data receiver and sent to the data receiver, which proceeds through the on-chain channel. />
Step 7, the data owner D sends the data decoder to the data receiver U through the blockchain.
Step 8, the data receiver U acquires the data decoder from the block chain. And recovering the applied data by the data decoder, thereby obtaining the applied data; the above procedure can be formally expressed as:
the acquired data in this part is as shown in the data receiver side of fig. 3, and when the data receiver receives the data decoder, it is necessary to input data associated with own fingerprintAnd private part of own symbol mapping table +.>So that the data decoder judges whether the data decoder has the authority of inquiring the data; when the verification is passed, the data decoder will incorporate And returning the data applied by the data receiver, otherwise, not returning any data so as to ensure the safety of the data.
Step 9, when the data owner discovers the data in the network, the arbiter can apply for the right, and the arbiter determines the right person of the data by identifying the fingerprint in the data and judges the source of the data. The above procedure can be formally expressed as:
epsilon is the lower limit ratio of the redundancy of the test fingerprint,using the upper mean of the differences for bytes, tester U To detect whether the data contains the fingerprint of the data receiver, a Tester D To detect whether the data contains a fingerprint of the data owner.
Phi above 1 -φ 5 Representing formalization processes, has no exact meaning.
The fingerprint identification method adopts two methods.
Firstly, adopting a forward verification method, and combining statistics with SMT - Cutting and dividing the characters according to the length of the fingerprint, comparing the divided fields with the pearson correlation coefficient of the fingerprint in sequence, counting the number of times of successful comparison, and judging that the comparison is successful when the number exceeds a certain proportion, so that the right of the user can be confirmed.
Regarding the problem of how to take the value of the certain proportion, in the invention, considering better extraction of the fingerprints of the user, the invention does not compare the times of successful comparison to confirm the entitlement by exceeding a certain threshold value, but firstly obtains the epsilon value and epsilon value meeting the condition by judging whether the formula (6) is satisfiedValues, if equation (6) is not satisfied, the ε value and ++are adjusted by equation (7) and equation (8)>Values. Then after the epsilon value meeting the condition is obtained, only the comparison success times are judged whether to exceed epsilon and +.>And thus can confirm the data right. The method has the advantage that the probability of detecting the fingerprint can be dynamically adjusted according to the data size of the embedded fingerprint, so that a better data right-determining effect is achieved.
Where epsilon is the lower ratio of the test fingerprint redundancy,the upper average of the differences is used for bytes, τ is the upper data storage limit, and D is the plaintext length.
Secondly, in order to prevent the situation that the effect of the forward verification method is possibly poor, the invention also designs a backward verification method, and the fingerprint identification in the data object has good effect through the two methods. The backward verification method mainly comprises the following steps:
step 2, equally dividing fingerprints possibly embedded in the (pirated) data into eta parts;
step 6, judging whether the two byte sequences are in a multiple (1 or-1) relation or not by comparing the byte sequences in the step 1 and the step 4, and if so, obtaining a data right determination result true; otherwise, false;
and 7, when the right results of the step 5 and the step 6 are true, the method considers that the right of the data can be confirmed.
As shown in fig. 4, the figure depicts the data structure of the chain of acknowledgements. In this configuration, transaction 1 records the data information that data owner D needs to send to data receiver U, including F D 、DDes、And->In transaction 2, some data information sent by the data receiver U to the data owner D is recorded, including +.>q and->Etc. In transaction 3, it is the data decoder +.A data owner D designs from the query statement of the data receiver U that needs to be recorded>So that the data receiver U obtains the data. These transactions are connected together in time sequence to form a chain of rights. And because of the right chain, people can check the data destination and the data source anytime and anywhere, thereby achieving the aim of tracing the data.
The present technical method for data right confirmation at home and abroad mainly adopts a mode of encrypting data in stages and embedding watermark in the data, and the method of the invention is compared with the existing method on different technical indexes in the table 2 below. It is easy to find that the method of the invention is significantly superior to the existing methods in terms of various technical indexes.
TABLE 2 comparison of the inventive method with the prior art method with respect to different technical indicators
Meanwhile, the technical indexes of the invention also obtain expected good effects, and the method is described as follows:
1. the fingerprint of the data relator is encoded into the byte sequence of the shared data by combining symbol mapping encoding, so that the data authority statement can be independent of the data content, and the data authority is independent of the data content; the data sets in Table 3 below are mainly derived from UCI-MLR, with different data types and volumes, respectively. According to the invention, by embedding the fingerprint in the data with different data types and then confirming the data with the fingerprint, the accuracy of detecting the fingerprint in the data object which is not tampered can be found to be 100%.
TABLE 3 recognition results after embedding fingerprints in data of different data types
2. Regardless of what kind of violation processing is performed on the fingerprinted data by the data receiver, the method of the present invention can fingerprint the fingerprinted data. The present invention essentially measures from five classes of simulated attacks in table 4 whether fingerprints in a data object can be correctly identified when there are potentially malicious users. First, the data related to the user fingerprint is processed by using the simulated data tampering attack in table 4, and then the method of the invention is introduced to carry out fingerprint extraction on the tampered data, so that the fingerprint extraction method can not effectively extract the fingerprint from the tampered data. From the experimental results in fig. 5, it can be found that under five main expression attacks, the method of the present invention still has better recognition efficiency on fingerprints in the data object, so that traitor tracing can be better realized, and anti-repudiation and anti-piracy effects can be realized.
Table 4 simulation attack description
3. The invention designs the right-confirming chain (a block chain bottom layer) to replace a third party in the traditional right-confirming scheme, realizes the detail record of the data sharing process, and is the bottom layer foundation for executing the right-confirming operation of the data. And due to the introduction of the right chain, the data sharing is safer and more reliable. In the present invention, simulation tests are mainly performed on the average delay and throughput performance of the acknowledgement chain, wherein the average delay mainly represents the acknowledgement speed of a single transaction, and the throughput reflects the number of completed transactions per unit time. Firstly, realizing a blockchain network by using a SpringBoot framework, and carrying out simulation experiments by using three servers and a PC; then running the written program in a server and a PC, and carrying out transaction consensus by utilizing the nodes; finally, the efficiency of the blockchain network is reflected by recording the average delay of these transaction acknowledgements and the throughput of the blockchain. Specific test cases are shown in Table 5, where the number of nodes represents the number of users joining the blockchain network and the number of transactions represents the number of times the experiment was simulated to produce a transaction. Fig. 6 shows the performance test results of the validation chain, and it can be seen that the delay and throughput of the system achieve good effects expected in practical application when a large number of transactions are concurrent.
TABLE 5 blockchain test cases
Parameters (parameters) | Parameter value |
Number of |
3、4、5 |
Number of |
5K、10K、15K、20K、25K |
Average size of transaction | 1Kb |
Claims (9)
1. The data right determining method based on symbol mapping coding and block chain is characterized by comprising the following steps:
a. data owner uses SMC technology to print F D Private key hash h (SK D ) And the original data d are mapped into a symbol mapping table SMT D Then use the symbol mapping table SMT D Encoding raw data to obtain data of associated fingerprintsThe data owner then prints the fingerprint F D Data hash of the associated fingerprint>Data description DDes and public part hash +_ of symbol mapping table>Together published into the blockchain;
b. the data owner will associate the data of the fingerprint through the link down channelTransmitting to a data receiver;
c. data receiver retrieval from blockchainAnd add it to the data acquired from the under-link channel +.>Performing hash comparison;
d. when a data receiver applies for inquiring data from a data owner, the data receiver firstly uses SMC technology to make its own fingerprint F U Private key hash h (SK U ) And received data associated with the data owner fingerprintTogether mapped to its own symbol mapping table SMT U And pass throughThe symbol mapping table SMT U Received data->Encoding to obtain data associated with the own fingerprint +.>Then hash ++of the symbol map public part through the blockchain>And sending a query request q to the data owner;
e. the data receiver uses the link down channel to make the public part of the symbol mapping table in step dTransmitting to a data owner;
f. after the data owner obtains a query request q sent by a data receiver from the blockchain, firstly verifying whether the query request q meets the requirement of data description and access control; if so, the private part of the symbol mapping table generated by the user is combinedAnd query request q generation->Recombined->And +.>F U A data decoder for generating the query data for the data receiver; if not, returning to the blank;
g. the data owner sends the data decoder to the data receiver through the blockchain;
h. the data receiver acquires the data decoder and recovers the applied data through the data decoder, thereby obtaining the applied data.
2. The method for determining right of data based on symbol mapping coding and blockchain as in claim 1, wherein in step h, after the data receiver receives the data decoder, it first inputs the data associated with its own fingerprintAnd private part of own symbol mapping table +.>So that the data decoder verifies whether it has the right to query the data; when the verification is passed, the data decoder returns the data applied by the data receiver, otherwise the data decoder does not return any data.
3. The symbol map coding and blockchain based data validation method of claim 1, further comprising the steps of:
i. when the data owner discovers the data in the network, the data owner applies for the right to the arbiter, and the arbiter determines the data right person by identifying the fingerprint in the data.
4. A method of data validation based on symbol map coding and blockchain as in claim 3 wherein there are two methods of identifying fingerprints, each as follows:
firstly, adopting a forward verification method, and counting SMT - Cutting and dividing the characters according to the length of the fingerprint, comparing the divided fields with the fingerprint in sequence, counting the successful comparison times, and further confirming the right of the characters;
secondly, adopting a backward verification method, firstly counting byte sequences in the data, then reversely estimating clear code byte sequences corresponding to fingerprints in the data, and comparing the two byte sequences to further confirm the rights of the two byte sequences.
5. The method for determining the right of data based on symbol mapping coding and blockchain according to claim 4, wherein in the forward verification method, it is first determined whether the formula (6) is satisfied; if so, judging whether the number of times of comparison success exceeds epsilon andand when exceeded, can confirm the data right; if equation (6) is not true, then the ε value and ++are adjusted by equation (7) and equation (8)>A value until equation (6) holds;
6. The method for determining the right of data based on symbol mapping coding and blockchain as in claim 4, wherein the backward verification method specifically comprises the following steps:
step 1, firstly counting byte sequences of data of related fingerprints;
step 2, equally dividing fingerprints in the data by eta; η is the length of the secret code;
step 3, finding a corresponding clear code sequence from the symbol mapping table according to the divided fingerprints;
step 4, counting the byte sequence of the plain code obtained in the step 3;
step 5, comparing the same byte numbers in the byte sequences in step 1 and step 4 to obtain the proportion of the same byte numbers in the whole byte sequence, when the proportion is lower than the upper limit average value of the byte use differenceWhen the obtained right result is false; otherwise, true;
step 6, judging whether the two byte sequences are in a multiple relation of 1 or-1 or not by comparing the byte sequences in the step 1 and the step 4, and if so, obtaining a data right determination result as true; otherwise, false;
and 7, when the right results of the step 5 and the step 6 are true, indicating that the data is confirmed.
7. The symbol mapping encoding and blockchain based data validation method of claim 1, wherein the symbol mapping table maps each symbol into two different types of digital codes: one is a plain code for encoding a symbol; the other is a secret code used for carrying fingerprint information.
8. The method for determining the right of data based on symbol mapping coding and blockchain according to claim 7, wherein the symbol mapping table comprises a symbol set, a plain code set and a secret code set; each symbol corresponds to at least one plain code and at least one secret code; the symbol set and the plain code set form the private part of the symbol mapping table, and the plain code set and the cipher set form the public part of the symbol mapping table.
9. The method for determining the right of data based on symbol mapping coding and blockchain as in claim 8, wherein the symbol mapping table is generated as follows:
firstly, determining a plaintext length rho according to a fingerprint F and original data d, wherein the plaintext length rho satisfies the following formula:
then determining the symbol length theta, wherein the symbol length theta satisfies the following formula:
in the formulas (1) and (2), τ represents the upper limit of data storage, λ represents a parameter affecting the randomness of the symbol length θ, and a represents the number corresponding to the first five-bit hexadecimal string in h (SK);
dividing a byte sequence of the original data d according to the symbol length theta to obtain a symbol set S;
then determining the cipher length eta and obtaining the fingerprint redundancySee formulas (3) and (4) below;
wherein |S| represents the length of the symbol set, gamma represents the redundancy coefficient, and b represents the number corresponding to the second five-bit hexadecimal string in h (SK);
then willPerforming η equal division on the fingerprints to obtain a secret code set of the symbol mapping table;
then, the data randomly generated in the plain code space is used as plain codes, so that each plain code corresponds to one secret code, and an initial symbol mapping table is built;
finally, the redundancy of the symbol mapping table is increased through filling data, and a final symbol mapping table is formed; redundancy χ of the symbol mapping table satisfies the following formula:
χ≤min(|2 8ρ -|SMT - ||,c900) (5)
wherein the value of c900 is derived from the third five-bit hexadecimal string in h (SK), which is obtained by adding one to four characters and multiplying the fifth character, and the maximum result is not more than 900.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211591493.1A CN116127429A (en) | 2022-12-12 | 2022-12-12 | Data right determining method based on symbol mapping coding and block chain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211591493.1A CN116127429A (en) | 2022-12-12 | 2022-12-12 | Data right determining method based on symbol mapping coding and block chain |
Publications (1)
Publication Number | Publication Date |
---|---|
CN116127429A true CN116127429A (en) | 2023-05-16 |
Family
ID=86305464
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211591493.1A Pending CN116127429A (en) | 2022-12-12 | 2022-12-12 | Data right determining method based on symbol mapping coding and block chain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116127429A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117556391A (en) * | 2023-12-28 | 2024-02-13 | 江苏万禾科技集团有限公司 | Activation code generation method, electronic equipment activation method and device |
-
2022
- 2022-12-12 CN CN202211591493.1A patent/CN116127429A/en active Pending
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117556391A (en) * | 2023-12-28 | 2024-02-13 | 江苏万禾科技集团有限公司 | Activation code generation method, electronic equipment activation method and device |
CN117556391B (en) * | 2023-12-28 | 2024-03-22 | 江苏万禾科技集团有限公司 | Activation code generation method, electronic equipment activation method and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Panah et al. | On the properties of non-media digital watermarking: a review of state of the art techniques | |
CN109417479B (en) | Cryptographic logic rewritable block chains | |
CN107749848B (en) | Internet of things data processing method and device and Internet of things system | |
JP5537032B2 (en) | Secure threshold decryption protocol calculation | |
Kou | Payment technologies for E-commerce | |
KR101934444B1 (en) | A Managing Method Of The Integrity Data of Documents Or Securities | |
CN109146524A (en) | A kind of agricultural product using block chain technology are traced to the source information security solution | |
Dittmann et al. | Using cryptographic and. watermarking algorithms | |
CN108900298B (en) | Quantum cipher watermark-based private block chain honest node authentication access method | |
JP2003507964A (en) | Ways to protect your data | |
CN113065149A (en) | Data copyright protection method based on block chain and collusion attack resistant fingerprint code | |
Bose et al. | BLIC: A blockchain protocol for manufacturing and supply chain management of ICS | |
CN116127429A (en) | Data right determining method based on symbol mapping coding and block chain | |
Ding et al. | Protecting hidden transmission of biometrics using authentication watermarking | |
Chernyi et al. | Security of electronic digital signature in maritime industry | |
Chaudhary et al. | Designing A Secured Framework for the Steganography Process Using Blockchain and Machine Learning Technology | |
CN114169888B (en) | Universal type cryptocurrency custody method supporting multiple signatures | |
WO2023041212A1 (en) | Method of verification for machine learning models | |
Chen et al. | VILS: A verifiable image licensing system | |
CN113779594A (en) | Data distribution sharing method and system based on block chain | |
CN112837062A (en) | Data fingerprint transaction management system and tracing method based on block chain-trusted computing | |
CN111400748A (en) | Block chain-based storage method | |
Sarbavidya et al. | Applications of public key watermarking for authentication of job-card in MGNREGA | |
CN117972652A (en) | Transaction method based on vector geographic data | |
Pasupathinathan et al. | Security analysis of Australian and EU e-passport implementation |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |