CN116233113A - IPFS file uploading and extracting method based on stream encryption - Google Patents
IPFS file uploading and extracting method based on stream encryption Download PDFInfo
- Publication number
- CN116233113A CN116233113A CN202310070200.3A CN202310070200A CN116233113A CN 116233113 A CN116233113 A CN 116233113A CN 202310070200 A CN202310070200 A CN 202310070200A CN 116233113 A CN116233113 A CN 116233113A
- Authority
- CN
- China
- Prior art keywords
- file
- ipfs
- value
- uploading
- slice
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The invention discloses a method for uploading and extracting an IPFS file based on stream encryption, which relates to the technical field of uploading the IPFS file and comprises the following steps: slicing a file to be uploaded in advance; symmetrically encrypting all the slice files to obtain encrypted file slices; uploading the encrypted file slice to an IPFS cluster; obtaining CID return value of the encrypted file slice from the IPFS cluster, and performing asymmetric encryption to obtain SID value of the current encrypted file slice; and performing front-end display based on the current SID value. The invention can prevent the file from being tampered, simultaneously can greatly ensure the privacy of the file, increases the difficulty of cracking the file and greatly ensures the data security of users.
Description
Technical Field
The invention relates to the technical field of IPFS file uploading, in particular to a method for carrying out IPFS file uploading extraction based on stream encryption.
Background
The interplanetary file system (IPFS) is a network transport protocol that aims to create persistent and distributed storage and sharing files. The technique is a content addressable peer-to-peer hypermedia distribution protocol. Nodes in the IPFS network will constitute a distributed file system. It is an open source code project developed by protocol labs with the help of open source communities since 2014.
Each file stored in the IPFS network has a unique hash address (i.e., content address, also called CID), which is the hash value that is formed after the algorithm. These hash values are unique, and a user can locate a file and access data only by accessing the corresponding hash. However, if the stored file is large, a large amount of CPU resources are consumed for computing the CID, which is characterized by causing program resource blocking, and the user needs to wait for a long time after uploading the file, thereby affecting the user experience, and meanwhile, the file is easy to be tampered, and has poor privacy and low data security of the user.
For the problems in the related art, no effective solution has been proposed at present.
Disclosure of Invention
Aiming at the problems in the related art, the invention provides a method for uploading and extracting an IPFS file based on stream encryption, which aims to overcome the technical problems existing in the related art.
The technical scheme of the invention is realized as follows:
the method for uploading and extracting the IPFS file based on stream encryption comprises the following steps:
step S1, slicing a file to be uploaded in advance;
s2, symmetrically encrypting all the slice files to obtain encrypted file slices;
step S3, uploading the encrypted file slice to an IPFS cluster;
s4, obtaining CID return values of the encrypted file slices from the IPFS cluster, and performing asymmetric encryption to obtain SID values of the current encrypted file slices;
and S5, performing front-end display based on the current SID value.
The step of slicing the file to be uploaded in advance comprises the following steps:
and slicing the file to be uploaded by a preset value in advance.
The method comprises the following steps of:
slicing the file to be uploaded according to a 5M data packet in advance, wherein the file to be uploaded is sliced according to the 5M data packet;
and if the current file to be uploaded is less than 5M, slicing according to the actual original size.
The method comprises the following steps of:
calibrating the first block and the last block of all current slice files to be encrypted by an AES algorithm, and judging whether the CID value of the last block exists or not, wherein the method comprises the following steps:
if the CID value of the previous block exists, the CID value is encrypted by an AES algorithm and added to the head of the current block.
The method for obtaining the CID return value of the encrypted file slice from the IPFS cluster comprises the following steps: the CID return value is stored and used to add to the header of the next block.
The front-end display based on the current SID value comprises the following steps:
the index is retrieved as a file based on the current SID value.
The invention has the beneficial effects that:
according to the method for uploading and extracting the IPFS file based on stream encryption, the file to be uploaded is sliced, all sliced files are symmetrically encrypted, the encrypted file slices are obtained, the encrypted file slices are uploaded to an IPFS cluster, CID return values of the encrypted file slices are obtained from the IPFS cluster, the SID values of the current encrypted file slices are obtained through asymmetric encryption, meanwhile front-end display is carried out through the current SID values, file tamper resistance is achieved, meanwhile, file privacy is guaranteed, file cracking difficulty is increased, and data security of users is guaranteed greatly.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for extracting and uploading IPFS files based on stream encryption according to an embodiment of the invention;
fig. 2 is a schematic block diagram of an IPFS file upload extraction method based on stream encryption according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which are derived by a person skilled in the art based on the embodiments of the invention, fall within the scope of protection of the invention.
According to the embodiment of the invention, an IPFS file uploading and extracting method based on stream encryption is provided.
In particular, in the technical scheme, stream encryption (english: streamcipher) is also translated into stream encryption and data stream encryption, which is a symmetric encryption algorithm, and the same pseudo-random encryption data stream (pseudo-random stream) is used as a key by both encryption and decryption parties, and plaintext data is sequentially and correspondingly encrypted with the key data stream each time, so as to obtain a ciphertext data stream. In practice the data is typically one bit (bit) and encrypted using an exclusive or (xor) operation.
In addition, the AES algorithm is: advanced Encryption Standard, also known as the Rijndael encryption, is a block encryption standard used.
The key is the root of the AES algorithm to realize encryption and decryption. Symmetric encryption algorithms are symmetric because such algorithms require the use of the same key for encrypting and decrypting plaintext.
AES supports keys of three lengths: 128 bits, 192 bits, 256 bits.
Meanwhile, when encrypting the plaintext, the AES algorithm does not encrypt the whole plaintext into a whole ciphertext, but splits the plaintext into independent plaintext blocks, each plaintext block having a length of 128 bits. The plaintext blocks are subjected to complex processing by an AES encryptor to generate individual ciphertext blocks, and the ciphertext blocks are spliced together to obtain the final AES encryption result.
In addition, IPFS (InterPlanetary File System, interstellar file system) is a file storage and content distribution network protocol that combines existing successful system distributed hash tables (Distributed Hash Tables (DHTs)), bitTorrent, version control system Git, self-authenticated file system (Self-Certified Filesystems-SFS) with blockchains.
As shown in fig. 1, the method for extracting the IPFS file based on stream encryption according to an embodiment of the present invention includes the following steps:
step S1, slicing a file to be uploaded in advance;
according to the technical scheme, file slicing to be uploaded can be performed according to a preset value in advance;
s2, symmetrically encrypting all the slice files to obtain encrypted file slices;
step S3, uploading the encrypted file slice to an IPFS cluster;
s4, obtaining CID return values of the encrypted file slices from the IPFS cluster, and performing asymmetric encryption to obtain SID values of the current encrypted file slices;
and S5, performing front-end display based on the current SID value.
By means of the scheme, the file to be uploaded is sliced, all sliced files are symmetrically encrypted, encrypted file slices are obtained, the encrypted file slices are uploaded to the IPFS cluster, CID return values of the encrypted file slices are obtained from the IPFS cluster, the SID values of the current encrypted file slices are obtained through asymmetric encryption, front-end display is carried out through the current SID values, file tamper resistance is achieved, meanwhile file privacy is guaranteed greatly, file cracking difficulty is increased, and data safety of users is guaranteed greatly.
Specifically, in application, as shown in fig. 2, the method comprises the following steps:
step T1, slicing the size of the file to be uploaded according to a 5M data packet in advance, and calculating the size of the data packet with the size smaller than 5M according to the original size;
and step T2, calibrating the first block and the last block of all current slice files to be encrypted by an AES algorithm, and judging whether the CID value of the last block exists or not, wherein the method comprises the following steps:
in step T201, if there is a CID value of the previous block, the CID value is encrypted by AES algorithm and added to the header of the current block.
Step T3, uploading the encrypted file slice to an IPFS cluster;
step T4, obtaining CID return values of the encrypted file slices from the IPFS cluster;
step T5, the CID return value is stored and used for adding to the header of the next block.
Step T6, circulating the steps T1 to T5 until the file to be uploaded is cut;
and step T7, acquiring the SID value from the CID return value of the last step by using asymmetric encryption, performing front-end display and taking the SID value as a file retrieval index.
In summary, by means of the above technical solution of the present invention, by slicing a file to be uploaded, symmetrically encrypting all slice files, obtaining an encrypted file slice, uploading the encrypted file slice to an IPFS cluster, obtaining a CID return value of the encrypted file slice from the IPFS cluster, and asymmetrically encrypting to obtain a SID value of the current encrypted file slice, and meanwhile, performing front-end display through the current SID value, thereby realizing file tamper resistance, simultaneously greatly ensuring file privacy, increasing file cracking difficulty, and greatly ensuring user data security.
The foregoing is merely a preferred embodiment of the present invention and is not intended to limit the present invention, and other embodiments of the present disclosure will be readily apparent to those skilled in the art after considering the disclosure herein in the specification and examples. This application is intended to cover any adaptations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It is to be understood that the present disclosure is not limited to the precise arrangements and instrumentalities shown in the drawings, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.
Claims (6)
1. The method for uploading and extracting the IPFS file based on stream encryption is characterized by comprising the following steps of:
slicing a file to be uploaded in advance;
symmetrically encrypting all the slice files to obtain encrypted file slices;
uploading the encrypted file slice to an IPFS cluster;
obtaining CID return value of the encrypted file slice from the IPFS cluster, and performing asymmetric encryption to obtain SID value of the current encrypted file slice;
and performing front-end display based on the current SID value.
2. The method for extracting and uploading an IPFS file based on stream encryption according to claim 1, wherein the step of slicing the file to be uploaded in advance comprises the steps of:
and slicing the file to be uploaded by a preset value in advance.
3. The method for extracting and uploading the IPFS file based on stream encryption according to claim 2, wherein the pre-slicing the file to be uploaded with a preset value comprises the following steps:
slicing the file to be uploaded according to a 5M data packet in advance, wherein the file to be uploaded is sliced according to the 5M data packet;
and if the current file to be uploaded is less than 5M, slicing according to the actual original size.
4. The method for extracting and uploading IPFS files based on stream encryption according to claim 2, wherein the step of symmetrically encrypting all slice files to obtain encrypted file slices comprises the following steps:
calibrating the first block and the last block of all current slice files to be encrypted by an AES algorithm, and judging whether the CID value of the last block exists or not, wherein the method comprises the following steps:
if the CID value of the previous block exists, the CID value is encrypted by an AES algorithm and added to the head of the current block.
5. The method for extracting the IPFS file upload based on stream encryption according to claim 4, wherein the obtaining the CID return value of the encrypted file slice from the IPFS cluster comprises the steps of: the CID return value is stored and used to add to the header of the next block.
6. The method for extracting and uploading an IPFS file based on stream encryption according to claim 1 or 5, wherein the front-end presentation based on the current SID value comprises the following steps:
the index is retrieved as a file based on the current SID value.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310070200.3A CN116233113A (en) | 2023-02-07 | 2023-02-07 | IPFS file uploading and extracting method based on stream encryption |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310070200.3A CN116233113A (en) | 2023-02-07 | 2023-02-07 | IPFS file uploading and extracting method based on stream encryption |
Publications (1)
Publication Number | Publication Date |
---|---|
CN116233113A true CN116233113A (en) | 2023-06-06 |
Family
ID=86590429
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310070200.3A Pending CN116233113A (en) | 2023-02-07 | 2023-02-07 | IPFS file uploading and extracting method based on stream encryption |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116233113A (en) |
-
2023
- 2023-02-07 CN CN202310070200.3A patent/CN116233113A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2022252632A1 (en) | Data encryption processing method and apparatus, computer device, and storage medium | |
RU2638639C1 (en) | Encoder, decoder and method for encoding and encrypting input data | |
CN112202754B (en) | Data encryption method and device, electronic equipment and storage medium | |
US11063917B2 (en) | Communication network with rolling encryption keys and data exfiltration control | |
US20130290731A1 (en) | Systems and methods for storing and verifying security information | |
WO2013178019A1 (en) | Method, device and system for implementing media data processing | |
CN107911210B (en) | Video segment encryption and decryption method and related device | |
CN110688666B (en) | Data encryption and preservation method in distributed storage | |
Nivedhaa et al. | A secure erasure cloud storage system using advanced encryption standard algorithm and proxy re-encryption | |
CN115499249B (en) | File storage method and system based on block chain distributed encryption | |
Kumar et al. | A survey on current key issues and status in cryptography | |
Mohd et al. | Enhanced AES algorithm based on 14 rounds in securing data and minimizing processing time | |
CN112787822B (en) | SM 9-based attribute encryption method and system under large attribute set | |
US20130290732A1 (en) | Systems and methods for storing and verifying security information | |
CN111010408B (en) | Distributed encryption and decryption method and system | |
CN115865461A (en) | Method and system for distributing data in high-performance computing cluster | |
CN116233113A (en) | IPFS file uploading and extracting method based on stream encryption | |
Kapusta et al. | Secure data sharing with fast access revocation through untrusted clouds | |
US11451518B2 (en) | Communication device, server device, concealed communication system, methods for the same, and program | |
Mahmoud et al. | Encryption based on multilevel security for relational database EBMSR | |
Gupta et al. | A privacy-preserving model for cloud data storage through fog computing | |
KR100457669B1 (en) | Method for enciphering and storing information in distributed fashion | |
Alrehaili et al. | Cloud computing security challenges | |
Bacis et al. | Mix&slice for Efficient Access Revocation on Outsourced Data | |
Balaji et al. | Data Security and Deduplication Framework for Securing and Deduplicating Users’ Data in Public and Private Cloud Environment. |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |