CN116233113A - IPFS file uploading and extracting method based on stream encryption - Google Patents

IPFS file uploading and extracting method based on stream encryption Download PDF

Info

Publication number
CN116233113A
CN116233113A CN202310070200.3A CN202310070200A CN116233113A CN 116233113 A CN116233113 A CN 116233113A CN 202310070200 A CN202310070200 A CN 202310070200A CN 116233113 A CN116233113 A CN 116233113A
Authority
CN
China
Prior art keywords
file
ipfs
value
uploading
slice
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310070200.3A
Other languages
Chinese (zh)
Inventor
刘朝阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Henan Zhongchuang Hashpower Information Technology Co ltd
Original Assignee
Henan Zhongchuang Hashpower Information Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Henan Zhongchuang Hashpower Information Technology Co ltd filed Critical Henan Zhongchuang Hashpower Information Technology Co ltd
Priority to CN202310070200.3A priority Critical patent/CN116233113A/en
Publication of CN116233113A publication Critical patent/CN116233113A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Abstract

The invention discloses a method for uploading and extracting an IPFS file based on stream encryption, which relates to the technical field of uploading the IPFS file and comprises the following steps: slicing a file to be uploaded in advance; symmetrically encrypting all the slice files to obtain encrypted file slices; uploading the encrypted file slice to an IPFS cluster; obtaining CID return value of the encrypted file slice from the IPFS cluster, and performing asymmetric encryption to obtain SID value of the current encrypted file slice; and performing front-end display based on the current SID value. The invention can prevent the file from being tampered, simultaneously can greatly ensure the privacy of the file, increases the difficulty of cracking the file and greatly ensures the data security of users.

Description

IPFS file uploading and extracting method based on stream encryption
Technical Field
The invention relates to the technical field of IPFS file uploading, in particular to a method for carrying out IPFS file uploading extraction based on stream encryption.
Background
The interplanetary file system (IPFS) is a network transport protocol that aims to create persistent and distributed storage and sharing files. The technique is a content addressable peer-to-peer hypermedia distribution protocol. Nodes in the IPFS network will constitute a distributed file system. It is an open source code project developed by protocol labs with the help of open source communities since 2014.
Each file stored in the IPFS network has a unique hash address (i.e., content address, also called CID), which is the hash value that is formed after the algorithm. These hash values are unique, and a user can locate a file and access data only by accessing the corresponding hash. However, if the stored file is large, a large amount of CPU resources are consumed for computing the CID, which is characterized by causing program resource blocking, and the user needs to wait for a long time after uploading the file, thereby affecting the user experience, and meanwhile, the file is easy to be tampered, and has poor privacy and low data security of the user.
For the problems in the related art, no effective solution has been proposed at present.
Disclosure of Invention
Aiming at the problems in the related art, the invention provides a method for uploading and extracting an IPFS file based on stream encryption, which aims to overcome the technical problems existing in the related art.
The technical scheme of the invention is realized as follows:
the method for uploading and extracting the IPFS file based on stream encryption comprises the following steps:
step S1, slicing a file to be uploaded in advance;
s2, symmetrically encrypting all the slice files to obtain encrypted file slices;
step S3, uploading the encrypted file slice to an IPFS cluster;
s4, obtaining CID return values of the encrypted file slices from the IPFS cluster, and performing asymmetric encryption to obtain SID values of the current encrypted file slices;
and S5, performing front-end display based on the current SID value.
The step of slicing the file to be uploaded in advance comprises the following steps:
and slicing the file to be uploaded by a preset value in advance.
The method comprises the following steps of:
slicing the file to be uploaded according to a 5M data packet in advance, wherein the file to be uploaded is sliced according to the 5M data packet;
and if the current file to be uploaded is less than 5M, slicing according to the actual original size.
The method comprises the following steps of:
calibrating the first block and the last block of all current slice files to be encrypted by an AES algorithm, and judging whether the CID value of the last block exists or not, wherein the method comprises the following steps:
if the CID value of the previous block exists, the CID value is encrypted by an AES algorithm and added to the head of the current block.
The method for obtaining the CID return value of the encrypted file slice from the IPFS cluster comprises the following steps: the CID return value is stored and used to add to the header of the next block.
The front-end display based on the current SID value comprises the following steps:
the index is retrieved as a file based on the current SID value.
The invention has the beneficial effects that:
according to the method for uploading and extracting the IPFS file based on stream encryption, the file to be uploaded is sliced, all sliced files are symmetrically encrypted, the encrypted file slices are obtained, the encrypted file slices are uploaded to an IPFS cluster, CID return values of the encrypted file slices are obtained from the IPFS cluster, the SID values of the current encrypted file slices are obtained through asymmetric encryption, meanwhile front-end display is carried out through the current SID values, file tamper resistance is achieved, meanwhile, file privacy is guaranteed, file cracking difficulty is increased, and data security of users is guaranteed greatly.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for extracting and uploading IPFS files based on stream encryption according to an embodiment of the invention;
fig. 2 is a schematic block diagram of an IPFS file upload extraction method based on stream encryption according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which are derived by a person skilled in the art based on the embodiments of the invention, fall within the scope of protection of the invention.
According to the embodiment of the invention, an IPFS file uploading and extracting method based on stream encryption is provided.
In particular, in the technical scheme, stream encryption (english: streamcipher) is also translated into stream encryption and data stream encryption, which is a symmetric encryption algorithm, and the same pseudo-random encryption data stream (pseudo-random stream) is used as a key by both encryption and decryption parties, and plaintext data is sequentially and correspondingly encrypted with the key data stream each time, so as to obtain a ciphertext data stream. In practice the data is typically one bit (bit) and encrypted using an exclusive or (xor) operation.
In addition, the AES algorithm is: advanced Encryption Standard, also known as the Rijndael encryption, is a block encryption standard used.
The key is the root of the AES algorithm to realize encryption and decryption. Symmetric encryption algorithms are symmetric because such algorithms require the use of the same key for encrypting and decrypting plaintext.
AES supports keys of three lengths: 128 bits, 192 bits, 256 bits.
Meanwhile, when encrypting the plaintext, the AES algorithm does not encrypt the whole plaintext into a whole ciphertext, but splits the plaintext into independent plaintext blocks, each plaintext block having a length of 128 bits. The plaintext blocks are subjected to complex processing by an AES encryptor to generate individual ciphertext blocks, and the ciphertext blocks are spliced together to obtain the final AES encryption result.
In addition, IPFS (InterPlanetary File System, interstellar file system) is a file storage and content distribution network protocol that combines existing successful system distributed hash tables (Distributed Hash Tables (DHTs)), bitTorrent, version control system Git, self-authenticated file system (Self-Certified Filesystems-SFS) with blockchains.
As shown in fig. 1, the method for extracting the IPFS file based on stream encryption according to an embodiment of the present invention includes the following steps:
step S1, slicing a file to be uploaded in advance;
according to the technical scheme, file slicing to be uploaded can be performed according to a preset value in advance;
s2, symmetrically encrypting all the slice files to obtain encrypted file slices;
step S3, uploading the encrypted file slice to an IPFS cluster;
s4, obtaining CID return values of the encrypted file slices from the IPFS cluster, and performing asymmetric encryption to obtain SID values of the current encrypted file slices;
and S5, performing front-end display based on the current SID value.
By means of the scheme, the file to be uploaded is sliced, all sliced files are symmetrically encrypted, encrypted file slices are obtained, the encrypted file slices are uploaded to the IPFS cluster, CID return values of the encrypted file slices are obtained from the IPFS cluster, the SID values of the current encrypted file slices are obtained through asymmetric encryption, front-end display is carried out through the current SID values, file tamper resistance is achieved, meanwhile file privacy is guaranteed greatly, file cracking difficulty is increased, and data safety of users is guaranteed greatly.
Specifically, in application, as shown in fig. 2, the method comprises the following steps:
step T1, slicing the size of the file to be uploaded according to a 5M data packet in advance, and calculating the size of the data packet with the size smaller than 5M according to the original size;
and step T2, calibrating the first block and the last block of all current slice files to be encrypted by an AES algorithm, and judging whether the CID value of the last block exists or not, wherein the method comprises the following steps:
in step T201, if there is a CID value of the previous block, the CID value is encrypted by AES algorithm and added to the header of the current block.
Step T3, uploading the encrypted file slice to an IPFS cluster;
step T4, obtaining CID return values of the encrypted file slices from the IPFS cluster;
step T5, the CID return value is stored and used for adding to the header of the next block.
Step T6, circulating the steps T1 to T5 until the file to be uploaded is cut;
and step T7, acquiring the SID value from the CID return value of the last step by using asymmetric encryption, performing front-end display and taking the SID value as a file retrieval index.
In summary, by means of the above technical solution of the present invention, by slicing a file to be uploaded, symmetrically encrypting all slice files, obtaining an encrypted file slice, uploading the encrypted file slice to an IPFS cluster, obtaining a CID return value of the encrypted file slice from the IPFS cluster, and asymmetrically encrypting to obtain a SID value of the current encrypted file slice, and meanwhile, performing front-end display through the current SID value, thereby realizing file tamper resistance, simultaneously greatly ensuring file privacy, increasing file cracking difficulty, and greatly ensuring user data security.
The foregoing is merely a preferred embodiment of the present invention and is not intended to limit the present invention, and other embodiments of the present disclosure will be readily apparent to those skilled in the art after considering the disclosure herein in the specification and examples. This application is intended to cover any adaptations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It is to be understood that the present disclosure is not limited to the precise arrangements and instrumentalities shown in the drawings, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.

Claims (6)

1. The method for uploading and extracting the IPFS file based on stream encryption is characterized by comprising the following steps of:
slicing a file to be uploaded in advance;
symmetrically encrypting all the slice files to obtain encrypted file slices;
uploading the encrypted file slice to an IPFS cluster;
obtaining CID return value of the encrypted file slice from the IPFS cluster, and performing asymmetric encryption to obtain SID value of the current encrypted file slice;
and performing front-end display based on the current SID value.
2. The method for extracting and uploading an IPFS file based on stream encryption according to claim 1, wherein the step of slicing the file to be uploaded in advance comprises the steps of:
and slicing the file to be uploaded by a preset value in advance.
3. The method for extracting and uploading the IPFS file based on stream encryption according to claim 2, wherein the pre-slicing the file to be uploaded with a preset value comprises the following steps:
slicing the file to be uploaded according to a 5M data packet in advance, wherein the file to be uploaded is sliced according to the 5M data packet;
and if the current file to be uploaded is less than 5M, slicing according to the actual original size.
4. The method for extracting and uploading IPFS files based on stream encryption according to claim 2, wherein the step of symmetrically encrypting all slice files to obtain encrypted file slices comprises the following steps:
calibrating the first block and the last block of all current slice files to be encrypted by an AES algorithm, and judging whether the CID value of the last block exists or not, wherein the method comprises the following steps:
if the CID value of the previous block exists, the CID value is encrypted by an AES algorithm and added to the head of the current block.
5. The method for extracting the IPFS file upload based on stream encryption according to claim 4, wherein the obtaining the CID return value of the encrypted file slice from the IPFS cluster comprises the steps of: the CID return value is stored and used to add to the header of the next block.
6. The method for extracting and uploading an IPFS file based on stream encryption according to claim 1 or 5, wherein the front-end presentation based on the current SID value comprises the following steps:
the index is retrieved as a file based on the current SID value.
CN202310070200.3A 2023-02-07 2023-02-07 IPFS file uploading and extracting method based on stream encryption Pending CN116233113A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310070200.3A CN116233113A (en) 2023-02-07 2023-02-07 IPFS file uploading and extracting method based on stream encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310070200.3A CN116233113A (en) 2023-02-07 2023-02-07 IPFS file uploading and extracting method based on stream encryption

Publications (1)

Publication Number Publication Date
CN116233113A true CN116233113A (en) 2023-06-06

Family

ID=86590429

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310070200.3A Pending CN116233113A (en) 2023-02-07 2023-02-07 IPFS file uploading and extracting method based on stream encryption

Country Status (1)

Country Link
CN (1) CN116233113A (en)

Similar Documents

Publication Publication Date Title
WO2022252632A1 (en) Data encryption processing method and apparatus, computer device, and storage medium
RU2638639C1 (en) Encoder, decoder and method for encoding and encrypting input data
CN112202754B (en) Data encryption method and device, electronic equipment and storage medium
US11063917B2 (en) Communication network with rolling encryption keys and data exfiltration control
US20130290731A1 (en) Systems and methods for storing and verifying security information
WO2013178019A1 (en) Method, device and system for implementing media data processing
CN107911210B (en) Video segment encryption and decryption method and related device
CN110688666B (en) Data encryption and preservation method in distributed storage
Nivedhaa et al. A secure erasure cloud storage system using advanced encryption standard algorithm and proxy re-encryption
CN115499249B (en) File storage method and system based on block chain distributed encryption
Kumar et al. A survey on current key issues and status in cryptography
Mohd et al. Enhanced AES algorithm based on 14 rounds in securing data and minimizing processing time
CN112787822B (en) SM 9-based attribute encryption method and system under large attribute set
US20130290732A1 (en) Systems and methods for storing and verifying security information
CN111010408B (en) Distributed encryption and decryption method and system
CN115865461A (en) Method and system for distributing data in high-performance computing cluster
CN116233113A (en) IPFS file uploading and extracting method based on stream encryption
Kapusta et al. Secure data sharing with fast access revocation through untrusted clouds
US11451518B2 (en) Communication device, server device, concealed communication system, methods for the same, and program
Mahmoud et al. Encryption based on multilevel security for relational database EBMSR
Gupta et al. A privacy-preserving model for cloud data storage through fog computing
KR100457669B1 (en) Method for enciphering and storing information in distributed fashion
Alrehaili et al. Cloud computing security challenges
Bacis et al. Mix&slice for Efficient Access Revocation on Outsourced Data
Balaji et al. Data Security and Deduplication Framework for Securing and Deduplicating Users’ Data in Public and Private Cloud Environment.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination