CN116132055B - Efficient log audit system and method based on Duomlck hash tree - Google Patents

Efficient log audit system and method based on Duomlck hash tree Download PDF

Info

Publication number
CN116132055B
CN116132055B CN202211561214.7A CN202211561214A CN116132055B CN 116132055 B CN116132055 B CN 116132055B CN 202211561214 A CN202211561214 A CN 202211561214A CN 116132055 B CN116132055 B CN 116132055B
Authority
CN
China
Prior art keywords
transaction
node
merck
nodes
hash tree
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211561214.7A
Other languages
Chinese (zh)
Other versions
CN116132055A (en
Inventor
陈晶
何琨
詹泽怡
吴聪
加梦
杜瑞颖
吴云坤
陈华平
纪胜龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan University WHU
Original Assignee
Wuhan University WHU
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan University WHU filed Critical Wuhan University WHU
Priority to CN202211561214.7A priority Critical patent/CN116132055B/en
Publication of CN116132055A publication Critical patent/CN116132055A/en
Application granted granted Critical
Publication of CN116132055B publication Critical patent/CN116132055B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The invention discloses a high-efficiency log audit system and method based on a multi-merck hash tree, wherein the system comprises a blockchain network, an interstellar file system IPFS network and a client; the invention introduces the blockchain technology and the distributed file system based on the idea of separation of storage and control, thereby improving the security of the log system. And lightweight authentication protocols are designed based on the storage schema. For each merck hash tree, the root is considered the commitment. The process of verifying the correctness of the root is equivalent to the process of verifying the promise. The innovation of the invention is to propose an efficient checking technology based on a multi-merck hash tree, and reduce the storage overhead under the condition of not changing the blockchain data structure. And the efficient checking protocol based on the storage mode is designed, so that the blockchain is ensured to ensure high concurrency, meanwhile, the time consumption of transaction confirmation is effectively reduced, and the efficiency is improved.

Description

Efficient log audit system and method based on Duomlck hash tree
Technical Field
The invention belongs to the technical field of computer network security technology and cryptography, relates to a log auditing system and method, and in particular relates to a high-efficiency log auditing system and method based on a multi-merck hash tree.
Background
Blockchain involves many scientific and technical problems of mathematics, cryptography, internet and computer programming. From the application perspective, the blockchain is simply a distributed shared ledger and database, and has the characteristics of decentralization, non-falsification, whole trace, traceability, collective maintenance, disclosure transparency and the like. These features ensure the "honest" and "transparent" of the blockchain, laying a foundation for creating trust for the blockchain. The application scene with rich blockchain is basically based on the blockchain, so that the problem of information asymmetry can be solved, and collaborative trust and consistent actions among a plurality of subjects are realized.
However, the current blockchain technology needs to reach consensus in the distributed system, so the efficiency is low, and when the audit requirement of controlled mass data distribution exists in the system, the throughput rate and the audit efficiency of the blockchain will seriously affect the efficiency of the system, so the problem needs to be solved.
Disclosure of Invention
The invention provides a high-efficiency log audit system and method based on a multi-merck hash tree, which aims to solve the technical problem that a system cannot work normally when the system faces the condition of massive data concurrency due to lower actual concurrency of a block chain technology.
The system of the invention adopts the technical proposal that: an efficient log audit system based on a Duomeck hash tree comprises a blockchain network, an interstellar file system IPFS network and a client;
The block chain network realizes audit data fidelity by using block chain distribution consensus;
the interstellar file system IPFS is used for realizing distributed audit data storage and realizing audit and tracing functions of the system;
the client is used for sending diary data and audit requests;
The client side is an initiator of the transaction, initiates a storage request to the blockchain network, initiates an audit transaction to the blockchain network and performs log audit; in the storage stage, the blockchain network and the interstellar file system IPFS network are both storage media; the interplanetary file system IPFS network receives transaction source data provided by the blockchain nodes, and packages and stores the transaction source data by batch by using a merck hash tree; the blockchain network stores the root of the batch as a transaction; and in the auditing stage, a certain node in the blockchain network receives the client request, initiates a challenge to the interstellar file system according to a single transaction, and audits the integrity and correctness of the source data of the corresponding batch.
The technical scheme adopted by the method is as follows: a high-efficiency log audit method based on a Duomeck hash tree comprises the following steps:
Step 1: the client builds a transaction proposal request, wherein the request information comprises channel information, intelligent contract information to be called, a time stamp and a label of the client, packages transaction matters into a correct format, and submits the matters to an endorsement node after the packaging is completed;
Step 2: the endorsement node verifies the received transaction proposal request, including verifying the transaction proposal format, the timestamp and the client signature, and after verification, the intelligent contract is called to execute, a transaction result including a response value and a read-write set is generated, and the result is signed and then is responded to the client;
Step3: after collecting enough information and endorsement signature, constructing a transaction request and broadcasting the transaction request to the ordering nodes;
Step 4: after the transaction request is submitted to the ordering node, the ordering node orders the transactions in time sequence and creates a transaction block;
Step 5: broadcasting to all the main nodes of the organization in the same channel;
Step 6: the master node verifies the received block, writes the result into a local ledger after verification, and synchronously broadcasts the block to other nodes added with channels in the organization; each node validates the received block and appends the block to the blockchain, and for valid transactions, the node modifies the data in the book accordingly.
The beneficial effects of the invention include:
1. The invention provides a high-efficiency log audit system (Log Audit System based on multi-MERKLE HASH TREE, LAS) based on a multi-merck hash tree, which expands a single-point log server in a traditional log system to distributed storage and realizes separation of data and control.
2. The invention increases the audit speed of control information in the blockchain by the storage structure of the multi-merck hash tree and designs a corresponding high-efficiency checking protocol, so that the high-efficiency checking of massive log data by the blockchain is possible.
3. The invention adopts the idea of separating control and data, realizes audit data fidelity by using block chain distribution consensus, realizes distributed audit data storage by using an interstellar file system (INTERPLANETARY FILE SYSTEM, IPFS), and realizes audit and tracing functions of the system.
4. The invention provides an efficient checking technology based on a multi-merck hash tree, wherein each transaction originally stored in a blockchain is used as a tree root of a new merck hash tree, and the storage overhead is reduced under the condition of not changing the blockchain data structure.
5. According to the invention, by designing the efficient checking protocol, the response time of data checking in the blockchain is reduced, the response speed of the blockchain is improved, and the high concurrency requirement under a cross-domain identity authentication scene is met. Meanwhile, the blockchain node can ensure high concurrency, effectively reduce time consumption of transaction confirmation and improve efficiency.
Drawings
FIG. 1 is a system deployment diagram of an embodiment of the present invention;
FIG. 2 is a flow chart of a method according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of a memory pattern of a multi-merck hash tree according to an embodiment of the present invention;
FIG. 4 is a flow chart of an efficient ping protocol according to an embodiment of the present invention;
FIG. 5 is a block chain endorsement transaction consensus mechanism diagram of an embodiment of the present invention;
FIG. 6 is a block chain ordering service consensus diagram of an embodiment of the present invention;
FIG. 7 is a block chain ledger memory mechanism diagram of an embodiment of the present invention.
Detailed Description
In order to facilitate the understanding and practice of the invention, those of ordinary skill in the art will now make further details with reference to the drawings and examples, it being understood that the examples described herein are for the purpose of illustration and explanation only and are not intended to limit the invention thereto.
Techniques to which the present invention relates include blockchain (Blockchain) techniques, interstellar file system (INTERPLANETARY FILE SYSTEM, IPFS) techniques, efficient ping protocols based on the multi-merck hash tree, and the like.
Referring to fig. 1, the efficient log audit system based on the multi-merck hash tree provided by the invention comprises a blockchain network, an interstellar file system IPFS network and a client;
the block chain network realizes audit data fidelity by using block chain distribution consensus;
the interstellar file system IPFS is used for realizing distributed audit data storage and realizing audit and tracing functions of the system;
The client is used for sending diary data and audit requests;
the client side is an initiator of the transaction, initiates a storage request to the blockchain network, comprises operations such as data packaging, signing, submitting and the like, and can also initiate an audit transaction to the blockchain network to execute log audit.
In the storage stage, the blockchain network and the interstellar file system are both storage media. The interstellar file system receives transaction source data provided by the block chain nodes, and packages and stores the transaction source data by batch by using a Merker hash tree; the blockchain network stores the root of the batch as a transaction.
And in the auditing stage, a certain node in the blockchain network receives the client request, initiates a challenge to the interstellar file system according to a single transaction, and audits the integrity and correctness of the source data of the corresponding batch.
Referring to fig. 2, the present invention provides a method for auditing a high-efficiency log based on a multi-merck hash tree, which includes the following steps:
Step 1: the client builds a transaction proposal request, wherein the request information comprises channel information, intelligent contract information to be called, a time stamp and a label of the client, packages transaction matters into a correct format, and submits the matters to an endorsement node after the packaging is completed;
Step 2: the endorsement node verifies the received transaction proposal request, including verifying the transaction proposal format, the timestamp and the client signature, and after verification, the intelligent contract is called to execute, a transaction result including a response value and a read-write set is generated, and the result is signed and then is responded to the client;
Step3: after collecting enough information and endorsement signature, constructing a transaction request and broadcasting the transaction request to the ordering nodes;
Step 4: after the transaction request is submitted to the ordering node, the ordering node orders the transactions in time sequence and creates a transaction block;
Step 5: broadcasting to all the main nodes of the organization in the same channel;
Step 6: the master node verifies the received block, writes the result into a local ledger after verification, and synchronously broadcasts the block to other nodes added with channels in the organization; each node verifies the received block, attaches the block to the block chain, and correspondingly modifies the data in the account book for effective transaction;
According to the embodiment, high concurrency and mass data storage are realized through a multi-Merck hash tree storage mode, so that the problem that the concurrency of a blockchain in an actual application process is low, and the log operation data to be stored is huge is solved. This schema does not modify the data structure of the blockchain itself, but rather modifies the type of data actually stored into the blockchain, taking into account the impact of blockchain storage structure changes on overall system security performance. Stored in each transaction of the blockchain is no longer a single operation or log operation data, but rather the tree root of the new merck hash operation tree. The new merck hash operation tree is maintained and managed by IPFS nodes, and the nodes package all log operation data in the system in a period of time to form a tree structure and store the tree structure in the merck operation file. Thus, in the multi-merck hash tree storage mode, each transaction corresponds to one merck operation file, and each merck operation file may contain a large amount of log operation data. The massive log operation data is processed in a multi-merck hash tree mode, so that a block transaction with the same size can contain a large amount of log operation data with a hash tree structure, namely, the actual storage overhead of a block chain is reduced, the efficient storage of the massive data is realized, and the high concurrency requirement of the block chain network is met. The memory pattern of the muck hash tree is shown in fig. 3. Where Tx represents transactions stored in the blockchain and Cer represents log information (e.g., digital certificates, etc.) involved in the data distribution process.
The multi-merck hash tree is a hierarchical storage structure. From bottom to top, the first layer of the merck hash tree is maintained by the interplanetary file system. The leaf nodes are source data (such as logs, certificates and the like) submitted by the client and are stored in a tree structure. Its root acts as the leaf node of the merck hash tree in the second tier blockchain network. A second layer of merck hash tree constructed in the same manner will be stored in the block, with its root stored in the block header.
In the multi-merck hash tree storage structure, transactions in each blockchain network correspond to one merck tree in the interstellar file system, each merck tree containing a large number of source data provided by clients. By processing the mass data in the mode, the storage overhead of the blockchain network can be reduced, and the high concurrency storage of the mass data is realized.
Structurally, the Merck Hash Tree (MHT) of certificate operations is maintained and managed by node IPFS, and node IPFS gathers all certificate operations in the security domain over a period of time and stores them as files as a merck hash tree. And the memory structure in this block is the same as before. Thus, in the Duomeck hash tree (MMHT) storage mode, each transaction corresponds to one MHT, and each MHT may contain rich identification operations. The extended performance of MMHT is only affected by the user's requirements. Theoretically, MHT can continue to expand and increase the number of certificate operations in a single transaction. Of course, when the data output speed is constant, the larger the MHT, the longer the latency of validating and storing the data. Therefore, the present embodiment sets an upper limit for leaf nodes of MHT according to the real-time requirements of the user.
The effect of the MMHT model on blockchain transaction validation is also an important concern in this embodiment. Based on the idea of separation of storage and control IPFS guarantees the correspondence between certificate operations and MHT root, while blockchain ensures root consistency and correctness. In other words, the transaction validation must include a validation of the correctness of the root. Thus, this embodiment designs a lightweight authentication protocol for MMHT based on the commitment scheme, and the protocol flow is shown in fig. 4. For each MHT, the present embodiment treats its root as a commitment. The process of verifying the correctness of the root may be equivalent to the process of verifying the commitment.
The formalized definition of the efficient ping protocol of the present system is given below:
Block link point set p= { P i |i=1, 2,3, 4..n }
The leaf node set op= { OP i |i=1, 2,3,4, &..n }, of the multi-merk hash tree
The current set of nodes of the mulcer hash tree, n= { N i |i=1, 2,3,4,..n }, where i is the tree height
The sibling node set nm= { NM i |i=1, 2,3,4, & gt, n }, of the current node of the multi-merck hash tree
The specific algorithm is shown in algorithm 1:
To achieve consistency in the blockchain network in the system, consistency of transaction endorsements, transaction ordering and transaction verification needs to be ensured. The consistency of transaction endorsement needs to be ensured, the consistency of returned results of endorsement nodes needs to be ensured, the consistency of transaction ordering needs to be ensured, the consistency of ordering clusters on system transaction ordering needs to be ensured, and the consistency of transaction verification needs to be ensured that all nodes in the same channel have the same submitting result of transactions.
The distributed consensus mechanism will be described in detail below.
After the client packages and signs the transaction proposal, the transaction is submitted to all endorsement nodes in the blockchain network. When the endorsement node receives the transaction proposal request, it verifies whether the transaction proposal format is correct, whether the transaction was submitted before, whether the client signature is valid, etc., and after verification, the endorsement node simulates executing the transaction and prepares a read-write set for the request of the transaction. The read set contains a series of version information of the transaction when the local account book is read and a unique key corresponding to the information, and the write set contains a unique key list and the latest value written by the transaction. The read-write sets returned by all endorsement nodes of the same transaction should be the same, i.e., the endorsement phase is common, and as shown in fig. 5, the embodiment assumes that nodes 1.1 and 2.1 are endorsement nodes in the blockchain network.
When the client collects enough signatures of the transaction proposals, it constructs a transaction request and submits it to the ordering node. In order to prevent the blockchain network from being unable to operate normally due to single-point faults of the sequencing nodes, the embodiment adopts a sequencing node cluster mode to realize sequencing service and adopts Raft algorithm to realize cluster consistency. Raft is a distributed crash fault tolerance consensus algorithm, which can ensure that the system can still process the request of the client under the condition that part of nodes in the system have non-Bayesian fault tolerance. In the sorting node cluster, one master sorting node exists, and the rest nodes are slave sorting nodes. The transaction or configuration information sent by the client is automatically routed to the current master ordering node of the channel, the master ordering node orders the transaction and cuts the block, after creating a new block, the master ordering node submits the block to the local finite state machine, and the finite state machine will then attempt to copy the block to a sufficient number of ordering nodes for broadcasting to the nodes in the channel. If the main sequencing node sends a fault or downtime, the rest sequencing nodes reselect a new main sequencing node after a specified time, so that the normal operation of a consensus mechanism is ensured. The consensus mechanism of the ranking service is shown in fig. 6. We assume ordering node 2 as the master ordering node. When a block is broadcast to all nodes in the channel, the nodes verify the transactions in the block, including whether the transaction structure is correct, whether it is repeated, whether there is enough endorsement, read-write set version, etc. If the verification is successful, the node attaches the block to the block chain in the account book, the write set is submitted to the state database, and corresponding modification operation is carried out on the account book; if verification fails, the node simply appends the block to the blockchain without modifying the state database. Because all nodes of each channel commonly maintain the same account book, the same result of submitting the transaction by the nodes in the same channel needs to be ensured, and the same state database in the node account book of the same channel is ensured.
In a blockchain network, all nodes of the same channel together maintain the same ledger, i.e., each node holds a copy of the ledger. The mechanism of ledger storage is shown in figure 7. The storage engine of the block chain is a file system, that is, the blocks are not stored through a database, but several blocks are combined into one file block to be stored in the file system. Thus, the query block needs to use a block index, and the block index associates some attributes of the block with the file storage location, for example, the present embodiment can query the block through hash and height of the block. The state database stores the latest data key value pairs in the current blockchain, which are updated continuously along with the increase of transactions, so that the state database can be obtained by sequentially calculating all transactions in all blocks from which the blocks are created. The historical state index stores in which transaction the data is updated and can find the corresponding transaction information by looking up the transaction ID to the block index portion.
The invention introduces the blockchain technology and the distributed file system based on the idea of separation of storage and control, thereby improving the security of the log system. And lightweight authentication protocols are designed based on the storage schema. For each merck hash tree, the root is considered the commitment. The process of verifying the correctness of the root is equivalent to the process of verifying the promise. The innovation of the invention is to propose an efficient checking technology based on a multi-merck hash tree, and reduce the storage overhead under the condition of not changing the blockchain data structure. And the efficient checking protocol based on the storage mode is designed, so that the blockchain is ensured to ensure high concurrency, meanwhile, the time consumption of transaction confirmation is effectively reduced, and the efficiency is improved.
It should be understood that the foregoing description of the preferred embodiments is not intended to limit the scope of the invention, but rather to limit the scope of the claims, and that those skilled in the art can make substitutions or modifications without departing from the scope of the invention as set forth in the appended claims.

Claims (8)

1. A high-efficiency log audit method based on a multi-merck hash tree is applied to a high-efficiency log audit system based on the multi-merck hash tree; the method is characterized in that: the system comprises a blockchain network, an interstellar file system IPFS network and a client;
The block chain network realizes audit data fidelity by using block chain distribution consensus;
the interstellar file system IPFS is used for realizing distributed audit data storage and realizing audit and tracing functions of the system;
the client is used for sending diary data and audit requests;
The client side is an initiator of the transaction, initiates a storage request to the blockchain network, initiates an audit transaction to the blockchain network and performs log audit; in the storage stage, the blockchain network and the interstellar file system IPFS network are both storage media; the interplanetary file system IPFS network receives transaction source data provided by the blockchain nodes, and packages and stores the transaction source data by batch by using a merck hash tree; the blockchain network stores the root of the batch as a transaction; in the auditing stage, a certain node in the blockchain network receives a client request, initiates a challenge to an interstellar file system according to a single transaction, and audits the integrity and correctness of source data of a corresponding batch;
the method comprises the following steps:
Step 1: the client builds a transaction proposal request, wherein the request information comprises channel information, intelligent contract information to be called, a time stamp and a label of the client, packages transaction matters into a correct format, and submits the matters to an endorsement node after the packaging is completed;
Step 2: the endorsement node verifies the received transaction proposal request, including verifying the transaction proposal format, the timestamp and the client signature, and after verification, the intelligent contract is called to execute, a transaction result including a response value and a read-write set is generated, and the result is signed and then is responded to the client;
Step3: after collecting enough information and endorsement signature, constructing a transaction request and broadcasting the transaction request to the ordering nodes;
Step 4: after the transaction request is submitted to the ordering node, the ordering node orders the transactions in time sequence and creates a transaction block;
Step 5: broadcasting to all the main nodes of the organization in the same channel;
Step 6: the master node verifies the received block, writes the result into a local ledger after verification, and synchronously broadcasts the block to other nodes added with channels in the organization; each node validates the received block and appends the block to the blockchain, and for valid transactions, the node modifies the data in the book accordingly.
2. The efficient log audit method based on the multi-merck hash tree according to claim 1 is characterized in that: in step 1, after a client packages and signs a transaction proposal, submitting the transaction to all endorsement nodes in a blockchain network; after receiving the transaction proposal request, the endorsement node verifies whether the transaction proposal format is correct, whether the transaction is submitted before, and whether the client signature is valid; after verification is passed, the endorsement node simulates to execute the transaction and prepares a read-write set for the request of the transaction; the read set comprises a series of version information of the transaction when the local account book is read and a unique key corresponding to the information, and the write set comprises a unique key list and the latest value written by the transaction; the read-write sets returned by all endorsement nodes of the same transaction should be the same, i.e. consensus of the endorsement phase.
3. The efficient log audit method based on the multi-merck hash tree according to claim 1 is characterized in that: the smart contract in step 2, comprising:
(1) The blockchain node randomly selects a certain leaf node Op_ { i } in the hash tree corresponding to the root to challenge the node of the interstellar file system IPFS network; wherein root is the root node of the Duomelcer hash tree, op_ { i } represents log information stored in leaf nodes of the interplanetary file system IPFS network;
(2) Nodes of the interplanetary file system IPFS network disclose leaf nodes op_ { i } and their membership; the proof consists of peer nodes for each node in the path from leaf to root;
(3) The block chain link point verifies the leaf node Op_ { i }, calculates a new root 'based on the leaf node Op_ { i } and the brother node hash value, and compares the new root' with the root; if the result is true, it indicates that the commit root is trusted, otherwise the Duoxick hash tree is discarded.
4. The efficient log audit method based on the multi-merck hash tree according to claim 1 is characterized in that: in the step 3, a sequencing service is realized by adopting a mode of sequencing node clusters, and the consistency of the clusters is realized by adopting Raft algorithm; in the sorting node cluster, one master sorting node exists, and the rest nodes are slave sorting nodes.
5. The efficient log audit method based on the multi-merck hash tree according to claim 1 is characterized in that: in step 4, the transaction or configuration information sent by the client is automatically routed to the current master ordering node of the channel, the master ordering node orders the transaction and cuts the block, after creating a new block, the master ordering node submits the block to the local finite state machine, and then the finite state machine will attempt to copy the block to a sufficient number of ordering nodes for broadcasting to the nodes in the channel.
6. The efficient log audit method based on the multi-merck hash tree according to claim 1 is characterized in that: in step 5, if the master sequencing node sends a fault or downtime, the rest sequencing nodes reselect a new master sequencing node after a specified time, so that the normal operation of the consensus mechanism is ensured.
7. The efficient log audit method based on the multi-merck hash tree according to claim 1 is characterized in that: in step 6, when the block is broadcast to all nodes in the channel, the nodes verify the transaction in the block, including whether the transaction structure is correct, whether the transaction structure is repeated, whether the transaction structure has enough endorsement and read-write set version; if the verification is successful, the node attaches the block to the block chain in the account book, the write set is submitted to the state database, and corresponding modification operation is carried out on the account book; if verification fails, the node only attaches the block to the blockchain, and the state database is not modified; all nodes of each channel commonly maintain the same account book, and the same result submitted by the nodes in the same channel to the transaction is required to be ensured, so that the same state database in the node account book of the same channel is ensured.
8. The efficient log audit method based on the multi-merck hash tree according to any of the claims 1-7 characterized by: the data storage is realized by adopting a multi-merck hash tree storage mode, wherein the merck hash tree is maintained and managed by nodes of an interplanetary file system IPFS network, and the nodes package all log operation data in the system in a period of time to form a tree structure and store the tree structure into merck operation files; in the multi-merck hash tree storage mode, each transaction corresponds to one merck operation file, and each merck operation file can contain a plurality of log operation data;
The multi-merck hash tree is in a layered storage structure, and the first-layer merck hash tree is maintained by an interplanetary file system IPFS in a network mode from bottom to top; the leaf nodes are source data submitted by the client and are stored in a tree structure; the tree root is used as a leaf node of the merck hash tree in the second-layer blockchain network; a second layer of merck hash tree constructed in the same manner will be stored in the block, with its root stored in the block header.
CN202211561214.7A 2022-12-01 2022-12-01 Efficient log audit system and method based on Duomlck hash tree Active CN116132055B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211561214.7A CN116132055B (en) 2022-12-01 2022-12-01 Efficient log audit system and method based on Duomlck hash tree

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211561214.7A CN116132055B (en) 2022-12-01 2022-12-01 Efficient log audit system and method based on Duomlck hash tree

Publications (2)

Publication Number Publication Date
CN116132055A CN116132055A (en) 2023-05-16
CN116132055B true CN116132055B (en) 2024-05-03

Family

ID=86299921

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211561214.7A Active CN116132055B (en) 2022-12-01 2022-12-01 Efficient log audit system and method based on Duomlck hash tree

Country Status (1)

Country Link
CN (1) CN116132055B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108711052A (en) * 2018-05-18 2018-10-26 电子科技大学 A kind of information authentication system based on block chain
WO2019093574A1 (en) * 2017-11-10 2019-05-16 부산대학교 산학협력단 Block chain system and method employing hash-based signature scheme
KR20210153896A (en) * 2020-06-11 2021-12-20 한국전자통신연구원 Method for ensuring safe execution of services based blockchain and autonomous data supply system therefor
CN115186304A (en) * 2022-09-13 2022-10-14 天聚地合(苏州)科技股份有限公司 Transaction data verification method and system based on block chain

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019093574A1 (en) * 2017-11-10 2019-05-16 부산대학교 산학협력단 Block chain system and method employing hash-based signature scheme
CN108711052A (en) * 2018-05-18 2018-10-26 电子科技大学 A kind of information authentication system based on block chain
KR20210153896A (en) * 2020-06-11 2021-12-20 한국전자통신연구원 Method for ensuring safe execution of services based blockchain and autonomous data supply system therefor
CN115186304A (en) * 2022-09-13 2022-10-14 天聚地合(苏州)科技股份有限公司 Transaction data verification method and system based on block chain

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
Efficient Privacy-Preserving Cross-Domain Authentication;Jing Chen;《IEEE Transactions on Dependable and Secure Computing》;20210625;全文 *
云环境下去中心化跨域身份认证方案;詹泽怡;《武汉大学学报(理学版)》;20210520;全文 *
基于区块链的分布式电能量数据可信存储机制;李瑾;仵松颀;张森林;陆月明;;网络与信息安全学报;20200415(02);全文 *
基于区块链的可审计数据分享方案;王涵;王绪安;周能;柳玉东;;广西师范大学学报(自然科学版);20200229(02);全文 *
基于嵌套Merkle Hash tree区块链的云数据动态审计模型;周坚;金瑜;何亨;李鹏;;计算机应用;20191231(12);全文 *

Also Published As

Publication number Publication date
CN116132055A (en) 2023-05-16

Similar Documents

Publication Publication Date Title
CN109313654B (en) Method and system for desynchronized recovery of licensed blockchains using bloom filters
WO2021032138A1 (en) Consensus method and device based on blockchain system, and system
US20230316273A1 (en) Data processing method and apparatus, computer device, and storage medium
US8127134B2 (en) Systems and methods for efficiently authenticating multiple objects based on access patterns
CN112270550B (en) New energy power tracing method and system based on blockchain
CN110945853A (en) Method for generating and managing multimode identification network based on alliance chain voting consensus algorithm
CN111611315A (en) Financial big data-oriented multi-branch tree structure block chain integrated optimization storage method
CN111026511A (en) Block chain parallel system and method based on transaction data partition-inter-chain fusion
CN114944932A (en) Method and system for adding blocks to a licensed blockchain
CN111400734A (en) Intelligent logistics system based on block chain
CN109948003B (en) Block chain system of isomorphic dual-mode main and auxiliary chains and block production method thereof
Mizrahi et al. Blockchain state sharding with space-aware representations
US20220407728A1 (en) Systems and methods for processing blockchain transactions
US12007972B2 (en) Systems and methods for processing blockchain transactions
Wang et al. Improvement research of PBFT consensus algorithm based on credit
CN113994324B (en) Block chain system with efficient world state data structure
Manevich et al. Endorsement in Hyperledger Fabric via service discovery
Sohrabi et al. ZyConChain: A scalable blockchain for general applications
Li et al. Scalable blockchain storage mechanism based on two-layer structure and improved distributed consensus
CN116132055B (en) Efficient log audit system and method based on Duomlck hash tree
CN113111125A (en) Business evidence storage method based on block chain
WO2023179056A1 (en) Consensus processing method and apparatus of block chain network, device, storage medium, and program product
Zhang et al. A master-slave chain architecture model for cross-domain trusted and authentication of power services
CN116258609A (en) Electric power system transaction cooperation method, device and storage medium
CN116467026A (en) Cloud desktop data secure sharing and tracing method and system based on blockchain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant