CN116436636A - Block chain slicing method based on secret handshake - Google Patents
Block chain slicing method based on secret handshake Download PDFInfo
- Publication number
- CN116436636A CN116436636A CN202310207773.6A CN202310207773A CN116436636A CN 116436636 A CN116436636 A CN 116436636A CN 202310207773 A CN202310207773 A CN 202310207773A CN 116436636 A CN116436636 A CN 116436636A
- Authority
- CN
- China
- Prior art keywords
- block
- user
- node
- transaction
- secret
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 43
- 238000012790 confirmation Methods 0.000 claims description 20
- 238000012546 transfer Methods 0.000 claims description 16
- 230000008569 process Effects 0.000 claims description 13
- 238000012795 verification Methods 0.000 claims description 12
- 238000010200 validation analysis Methods 0.000 claims description 10
- 238000012545 processing Methods 0.000 claims description 9
- 230000004044 response Effects 0.000 claims description 6
- 238000004806 packaging method and process Methods 0.000 claims description 5
- 239000004973 liquid crystal related substance Substances 0.000 claims description 4
- 125000004122 cyclic group Chemical group 0.000 claims description 3
- 239000012634 fragment Substances 0.000 claims description 3
- 238000013467 fragmentation Methods 0.000 claims description 3
- 238000006062 fragmentation reaction Methods 0.000 claims description 3
- 238000013507 mapping Methods 0.000 claims 1
- 238000005516 engineering process Methods 0.000 abstract description 6
- 238000005192 partition Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000015572 biosynthetic process Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000000638 solvent extraction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Abstract
The invention relates to the technical field of blockchains, in particular to a blockchain slicing method based on secret handshaking. The segmented block chain is naturally formed through a secret handshake technology, and a user and a block chain node only know the information of the segment where the user and the block chain node are located, so that the information of other segments is hidden, and the privacy of the segments is improved; in addition, due to the inherent relationship of the DAG graph, the blocks in the slice can be confirmed by all the block chain nodes, so that the consensus speed of the blocks in the slice is improved.
Description
Technical Field
The invention relates to the technical field of blockchains, in particular to a blockchain slicing method based on secret handshaking.
Background
The slicing technique is one of the blockchain expansion techniques. The partitioning refers to dividing the blockchain nodes into different partitions according to a certain rule, wherein nodes in each partition respectively maintain a blockchain ledger in the partition, and each partition can independently and parallelly complete consensus, so that the transaction throughput of the blockchain system is increased. Currently, common slicing technologies include network slicing, state slicing, transaction slicing and the like, but few slicing technologies consider privacy security of slicing at present, so that privacy is revealed in the slicing process.
The secret handshake technology allows for mutual authentication of individuals within the same organization without revealing the privacy of both parties during the authentication process. The characteristic enables the secret handshake technology to be widely applied to the internet user authentication scene.
Disclosure of Invention
The invention provides a block chain slicing method based on secret handshake, which improves the privacy of slicing and the consensus speed of slicing blocks.
In order to solve the technical problems, the invention adopts the following technical scheme: a block chain fragmentation method based on secret handshake comprises three entities of a block chain node CN, a user U for transmitting transaction and a group management node GA, wherein an effective point-to-point network exists between the block chain node and the user, and a safety channel exists between the block chain node and the user and the management node; wherein, the number of the block chain nodes is n, the number of users is l, the number of GA is m, n and l are natural numbers; block chain node CN i And user U j Through the secure channel to GA k Registration to obtain GA respectively k Is a credential of (2)And->Wherein i is more than or equal to 1 and less than or equal to n, j is more than or equal to 1 and less than or equal to l, and k is more than or equal to 1 and less than or equal to m; the method comprises the following steps:
s1, a user executes a secret handshake protocol with a neighbor node in a point-to-point network, and sends encrypted transactions;
s2, re-encrypting and forwarding effective transactions of users by the blockchain nodes, and packaging the effective transactions;
s3, the block chain nodes issue blocks to participate in DAG consensus of the directed acyclic graph, and update DAG block chains;
s4, when a new agreed block appears in the DAG chain, the block chain node and a generator of the block execute a secret handshake protocol, and the block chain is updated.
In one embodiment, the step S1 specifically includes:
s11, setting the user as U i The user points to a neighbor blockchain node in a point-to-point networkSend handshake message->
S13, user U j With the management node GA belonging to the same group k Neighboring block link points of (a)Generating a shared key
S14, using the shared keyAnd secure symmetric encryption algorithm encryption transaction +_>Obtaining encrypted transactions
S15, user U j To the management node GA belonging to the same group k Neighboring block link points of (a)Send encrypted transaction->
In one embodiment, the step S2 specifically includes:
s21, block chain nodeReceiving user U j Is (are) encrypted transaction->Use of symmetric decryption algorithm and shared key +.>Decryption->Obtaining user U j Transaction->
S22, block chain nodeVerifying user transactions according to the verification rules of the blockchain>If the transaction is validIf not, stopping processing, otherwise, judging that the user transaction is valid;
s23, block chain nodeIf no valid user transaction has been forwarded +.>Then->Performing a secret handshake protocol using neighboring blockchain nodes of (a)A shared key generated by a secret handshake protocol encrypts a user transaction +.>Forwarding the re-encrypted user valid transaction; the process of executing the secret handshake between the block chain nodes is the same as the process of executing the secret handshake between the user and the block chain node, see steps S11 to S14; in addition, after establishing a secret handshake, the block link points belonging to the same group of management nodes can re-encrypt a plurality of effective user transactions by using a shared key generated by the secret handshake, and a secret handshake protocol does not need to be executed for each user transaction;
s24, block chain nodeGenerating a block encryption key for block B>The key is used whenever an effective user transaction is obtained>And encrypting the user transaction by a secure symmetric encryption algorithm, and packaging the encrypted user transaction into a block B.
In one embodiment, the step S3 specifically includes:
s31, setting a system threshold t B When the blockchain node CN i The number of encrypted transactions packed in a block exceeds the system threshold t B Thereafter, the blockchain node CN i Setting a block header comprising a blockchain node CN i The handshake message of (1), the link of the two recent blocks in the current DAG chain, and the consensus information, then broadcasting the complete block to all block links through a point-to-point network; the handshake message in the step has the same meaning as the handshake message in the step S11, and is the first message of the secret handshake protocol;
s32, block chain node CN i After receiving the block, finishing DAG consensus process according to the consensus information of the block head, and updating the DAG areaA chain of blocks.
In one embodiment, the step S4 specifically includes:
s41, for new blocks with consensus in DAG chain, blockchain node CN i If the new block is detected not to be generated by the user, the handshake information of the block head is adopted, and a secret handshake message is sent to a generator of the new block; the secret handshake message sent to the new block generator in the step has the same meaning as the handshake message in the step S12, and is the second message of secret handshake;
s42, after receiving the secret handshake message, the generating party of the new block generates a shared secret key if the requesting party and the requesting party belong to the same group of management nodes, returns a block encryption key encrypted by the shared secret key and a safe symmetric encryption algorithm, and otherwise, stops processing; the shared secret key in the step has the same meaning as the shared secret key in the step S13, and is generated by a secret handshake protocol;
s43, block chain node CN i After obtaining the block encryption key, decrypting and verifying the validity of the block, if the block is valid, updating the block chain of the block, namely adding the decrypted plaintext block PB into the local block chain, otherwise, stopping processing.
In one of the embodiments, the management node GA k Creating group G k ,G k ,G k′ The cyclic group with the large prime number q as the order defines a bilinear map e: g k ×G k →G k′ For all a, b ε Z q ,P,Q∈G k Satisfy e (aP, bQ) =e (P, Q) ab The method comprises the steps of carrying out a first treatment on the surface of the Defining a hash function H 1 And H 2 Wherein H is 1 :{0,1} * →G k ,H 2 Is a SHA-1 function;
if there is a new blockchain node CN i Or user U j Adding fragment k, GA k To which credentials are assignedAnd-> Including group identity->And group secret information-> Including group identity->And group secret informationWhen a node within a slice is to be removed, the GA k Broadcasting the group identity of the node to other nodes in the segment, and warning the node in the segment not to handshake with the node;
wherein, user U j Neighbor blockchain nodes in a sum-point-to-point networkThe secret handshake procedure includes:
Neighbor blockchain nodesReceive->After that, the own group identity is +.>And follow upNumber of machines->To the user U j ;
User U j Reception ofAnd->After that, respond to own group identity +.>Random number->And message->Wherein, the liquid crystal display device comprises a liquid crystal display device,
neighbor blockchain nodesAfter receiving the user response, generatingVerification->Whether or not to be equal toIf equal, respond to the message->If the verification is unequal, the response is not performed;
user U j Received byAfter that, verify->Whether or not equal to->If equal, user U j And link point->Completing secret handshake; if the verification is not equal, the handshake fails.
In one embodiment, the blockchain node CN i A block data pool, a block database and a hash confirmation list are established locally; the local area block data pool stores the block hash value which does not reach the consensus, the local area block database stores the block hash which reaches the consensus, and the hash confirmation list stores the confirmation number of each block hash; the DAG consensus process for a block includes:
block chain node CN i Every time a block is packed, the hash value of the block is stored in a local block data pool, and a node CN is added in a local hash acknowledgement list i The validation node hashed for the block and initializing a hash list comprising the hash value of the block and the node CN i Identity of (2)The hash list is packaged into a block header as consensus information; the complete block is broadcast to all block links through a point-to-point network;
block chain node CN i After receiving the block, updating the local block data pool and the hash confirmation list according to the consensus information in the block head, specifically: if a new block is received, the block hash in the consensus information is stored in a local block data pool, and a node CN is added in a local hash confirmation list i A validation node hashed for the block; when the local hash confirmation list contains the block hash confirmationThe number of nodes is greater than or equal toThen the block hash is stored into the local block database and deleted in the block data pool and hash validation list;
the blocks stored in the local block database are identified, and the blocks in the block database form a DAG block chain according to the link relation.
In one embodiment, the symmetric encryption algorithm comprises the AES-CCM algorithm, using the handshake message at the time of the secret handshake as a key, i.e. in steps S12 and S13, the secret handshake is usedAs a shared key->
In one embodiment, a digital signature is used to verify the validity of a user transaction; user U j Generating a transfer transactionIncluding timestamp, transaction type, transfer amount, target user identity, and user U j Signing the transaction content; user U j Executing secret handshake protocol with neighbor nodes in point-to-point network to obtain shared key +.>Encryption of transactions using symmetric encryption algorithm>Obtain encrypted transaction->User U j To the management node GA belonging to the same group k Neighbor blockchain node->Send encrypted transaction->Block chain node->Receiving user U j Is (are) encrypted transaction->Use of symmetric decryption algorithm and shared key +.>Decryption->Obtaining user U j Transaction->Then blockchain node->Verifying user transaction +_ according to the following blockchain verification rules>Is effective in (3):
checking whether the transaction signature is valid, if so, continuing checking as follows;
if the user transactsIf the transaction type is a transfer transaction, checking whether the transfer amount is non-negative, if so, continuing checking as follows, if not, then the transaction +.>Invalidating;
checking user U j Whether or not the blockchain account balance isIf the transaction amount is greater than or equal to the transfer amount, continuing to check if the transaction amount is greater than or equal to the transfer amount, otherwise, performing the transactionInvalidating;
checking whether the target user is the current blockchain user, if so, the transactionIf not, the transaction is +.>And (3) invalidating.
In one embodiment, verifying that each user transaction in the block is valid is employed to verify that the block is valid; in step S43, the blockchain node CN i After obtaining the block encryption key, decrypt the block to obtain t B A decrypted user transaction, if t B The block is valid if the individual user transactions are valid, otherwise the block is invalid.
Compared with the prior art, the beneficial effects are that: according to the block chain slicing method based on secret handshake, the sliced block chain is naturally formed through the secret handshake technology, and the user and the block chain node only know the slicing information of the user, so that the information of other slices is hidden, and the privacy of the slices is improved; in addition, due to the inherent relationship of the DAG graph, the blocks in the slice can be confirmed by all the block chain nodes, so that the consensus speed of the blocks in the slice is improved.
Drawings
FIG. 1 is a schematic diagram of a user and blockchain node of the present invention registering with a management node.
FIG. 2 is a schematic diagram of the sliced blockchain formation of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all embodiments of the invention. The invention is described in one of its examples in connection with the following detailed description. Wherein the drawings are for illustrative purposes only and are shown in schematic, non-physical, and not intended to be limiting of the present patent; for the purpose of better illustrating embodiments of the invention, certain elements of the drawings may be omitted, enlarged or reduced and do not represent the size of the actual product; it will be appreciated by those skilled in the art that certain well-known structures in the drawings and descriptions thereof may be omitted.
Example l:
a block chain fragmentation method based on secret handshake comprises three entities of a block chain node CN, a user U for transmitting transaction and a group management node GA, wherein an effective point-to-point network exists between the block chain node and the user, and a safety channel exists between the block chain node and the user and the management node; wherein, the number of the block chain nodes is n, the number of users is l, the number of GA is m, n and l are natural numbers; block chain node CN i And user U j Through the secure channel to GA k Registration to obtain GA respectively k Is a credential of (2)Andwherein i is more than or equal to 1 and less than or equal to n, j is more than or equal to 1 and less than or equal to l, and k is more than or equal to 1 and less than or equal to m; the method comprises the following steps:
step 1, a user executes a secret handshake protocol with a neighbor node in a point-to-point network, and sends encrypted transactions; the step Sl specifically comprises:
s11, setting the user as U j The user points to a neighbor blockchain node in a point-to-point networkSend handshake message->
S13, user U j With the management node GA belonging to the same group k Neighboring block link points of (a)Generating a shared key
S14, using the shared keyAnd secure symmetric encryption algorithm encryption transaction +_>Obtaining encrypted transactions
S15, user U j To the management node GA belonging to the same group k Neighboring block link points of (a)Send encrypted transaction->
Step 2, the blockchain node re-encrypts and forwards the effective transaction of the user, and packages the effective transaction; the step S2 specifically comprises the following steps:
s21, block chain nodeReceiving user U j Is (are) encrypted transaction->Use of symmetric decryption algorithm and shared key +.>Decryption->Obtaining user U j Transaction->
S22, block chain nodeVerifying user transactions according to the verification rules of the blockchain>If the transaction is validIf not, stopping processing, otherwise, judging that the user transaction is valid;
s23, block chain nodeIf no valid user transaction has been forwarded +.>Then->Performing a secret handshake protocol by neighboring blockchain nodes of (a) and encrypting user transactions using a shared key generated by the secret handshake protocol>Forwarding the re-encrypted user valid transaction; wherein the process of performing a secret handshake between blockchain nodes is comparable to the process of performing a secret handshake between a user and a blockchain pointSee also steps S11 to S14; in addition, after establishing a secret handshake, the block link points belonging to the same group of management nodes can re-encrypt a plurality of effective user transactions by using a shared key generated by the secret handshake, and a secret handshake protocol does not need to be executed for each user transaction;
s24, block chain nodeGenerating a block encryption key for block B>The key is used whenever an effective user transaction is obtained>And encrypting the user transaction by a secure symmetric encryption algorithm, and packaging the encrypted user transaction into a block B.
Step 3, the block chain node issues blocks, participates in DAG consensus of the directed acyclic graph, and updates the DAG block chain; the step S3 specifically comprises the following steps:
s31, setting a system threshold t B When the blockchain node CN i The number of encrypted transactions packed in a block exceeds the system threshold t B Thereafter, the blockchain node CN i Setting a block header comprising a blockchain node CN i The handshake message of (1), the link of the two recent blocks in the current DAG chain, and the consensus information, then broadcasting the complete block to all block links through a point-to-point network; the handshake message in the step has the same meaning as the handshake message in the step S11, and is the first message of the secret handshake protocol;
s32, block chain node CN i After receiving the block, the DAG consensus process is completed according to the consensus information of the block head, and the DAG block chain is updated.
Step 4, when a new agreed block appears in the DAG chain, the block chain node and the generator of the block execute a secret handshake protocol to update the sliced block chain; the step S4 specifically comprises the following steps:
s41. New blocks for consensus in DAG chainsBlockchain node CN i If the new block is detected not to be generated by the user, the handshake information of the block head is adopted, and a secret handshake message is sent to a generator of the new block; the secret handshake message sent to the new block generator in the step has the same meaning as the handshake message in the step S12, and is the second message of secret handshake;
s42, after receiving the secret handshake message, the generating party of the new block generates a shared secret key if the requesting party and the requesting party belong to the same group of management nodes, returns a block encryption key encrypted by the shared secret key and a safe symmetric encryption algorithm, and otherwise, stops processing; the shared secret key in the step has the same meaning as the shared secret key in the step S13, and is generated by a secret handshake protocol;
s43, block chain node CN i After obtaining the block encryption key, decrypting and verifying the validity of the block, if the block is valid, updating the block chain of the block, namely adding the decrypted plaintext block PB into the local block chain, otherwise, stopping processing.
In embodiment 1, the consensus method of the DAG chain, the specific implementation of the secret handshake protocol, the symmetric encryption algorithm adopted, the method of verifying the validity of the user transaction, the method of verifying the validity of the block, and the like are not specified.
Example 2
This embodiment employs a bilinear pair-based secret handshake scheme as proposed by Dirk Balfanz et al in published 2003 paper Secret Handshakes from Pairing-Based KeyAgreements.
Management node GA k Creating group G k ,G k ,G k ' are cyclic groups of order large prime number q, defining a bilinear map e: g k ×G k →G k ' for all a, b ε Z q ,P,Q∈G k Satisfy e (aP, bQ) =e (P, Q) ab . Defining a hash function H 1 And H 2 Wherein H is 1 :{0,1} * →G k ,H 2 Is a SHA-1 function.
If there is a new blockchain node CN i Or user U j Adding fragment k, GA k To which credentials are assignedAnd-> Including group identity->And group secret information-> Including group identity->And group secret informationWhen a node within a slice is to be removed, GAk broadcasts the group identity of the node to other nodes within the slice and alerts the node within the slice to not handshake with the node.
(2) Neighbor blockchain nodesReceive->After that, the own group identity is +.>And random number->To the user U j ;
(3) User U j Reception ofAnd->After that, respond to own group identity +.>Random number->And message, < >>Wherein (1)>
(4) Neighbor blockchain nodesAfter receiving the user response, generatingVerification->Whether or not to be equal toIf equal, respond to the message->If the verification is unequal, the response is not performed;
(5) User U j Received byAfter that, verify->Whether or not equal to->If equal, user U j And link point->The secret handshake is completed. If the verification is not equal, the handshake fails.
Example 3
An implementation of DAG consensus will be specified in this embodiment. Block chain node CN i A block data pool, a block database and a hash acknowledgement list are established locally. The local block data pool stores block hash values which do not reach consensus, the local block database stores block hashes which reach consensus, and the hash confirmation list stores the confirmation number of each block hash. In this embodiment, a SHA256 hash function is used.
The common identification process of the block is as follows:
(1) Block chain node CN i Every time a block is packed, the hash value of the block is stored in a local block data pool, and a node CN is added in a local hash acknowledgement list i The validation node hashed for the block. And initializing a hash list including the hash value of the block and the node CN i Identity of (2)The hash list is encapsulated as consensus information into the block header. Complete block link point broadcast to all blocks over a point-to-point network。
(2) Block chain node CN i After receiving the block, updating the local block data pool and the hash confirmation list according to the consensus information in the block head, specifically: if a new block is received, the block hash in the consensus information is stored in a local block data pool, and a node CN is added in a local hash confirmation list i The validation node hashed for the block. When the number of the confirmation nodes with block hashes in the local hash confirmation list is greater than or equal toThe chunk is hashed into a local chunk database and deleted in the chunk data pool and hash validation list.
The blocks stored in the local block database are identified, and the blocks in the block database form a DAG block chain according to the link relation.
Example 4
In this embodiment, the symmetric encryption algorithm used in the present invention is designated as the AES-CCM algorithm given in RFC6655, and handshake messages at the time of secret handshake are used as keys, i.e., in embodiment 1, in steps S12 and S13, the data is encryptedAs a shared key->
Example 5
In step S22 in embodiment 1, different user transaction validity checks are required according to the user transaction type. In this embodiment, ECDSA digital signature is used.
User U j Generating a transfer transactionIncluding timestamp, transaction type, transfer amount, target user identity, and user U j Signature of transaction content. User U j Executing with neighbor nodes in a point-to-point networkSecret handshake protocol, obtaining shared key->Encryption of transactions using symmetric encryption algorithm>Obtain encrypted transaction->User U j To the management node GA belonging to the same group k Neighbor blockchain node->Send encrypted transaction->Block chain node->Receiving user U j Is (are) encrypted transaction->Use of symmetric decryption algorithm and shared key +.>Decryption->Obtaining user U j Transaction->Block link pointsVerifying user transaction +_ according to the following blockchain verification rules>Is provided withThe effectiveness is as follows:
(1) Checking whether the transaction signature is valid, if so, continuing checking as follows;
(2) If the user transactsIf the transaction type is a transfer transaction, checking whether the transfer amount is non-negative, if so, continuing checking as follows, if not, then the transaction +.>Invalidating;
(3) Checking user U j Whether the blockchain account balance is greater than or equal to the transfer amount, if so, continuing to check if not, and if not, the transactionInvalidating;
(4) Checking whether the target user is the current blockchain user, if so, the transactionIf not, the transactionAnd (3) invalidating.
Example 6
In this embodiment, each user transaction in the block is validated to verify that the block is valid.
In step S43 of this embodiment 1, the blockchain node CN i After obtaining the block encryption key, decrypt the block to obtain t B A decrypted user transaction, if t B The block is valid if the individual user transactions are valid, otherwise the block is invalid.
It is to be understood that the above examples of the present invention are provided by way of illustration only and not by way of limitation of the embodiments of the present invention. Other variations or modifications of the above teachings will be apparent to those of ordinary skill in the art. It is not necessary here nor is it exhaustive of all embodiments. Any modification, equivalent replacement, improvement, etc. which come within the spirit and principles of the invention are desired to be protected by the following claims.
Claims (10)
1. A block chain fragmentation method based on secret handshake is characterized by comprising three entities, namely a block chain node CN, a user U for transmitting transaction and a group management node GA, wherein an effective point-to-point network exists between the block chain node and the user, and a safety channel exists between the block chain node and the user and the management node; wherein, the number of the block chain nodes is n, the number of users is l, the number of GA is m, n and l are natural numbers; block chain node CN i And user U j Through the secure channel to GA k Registration to obtain GA respectively k Is a credential of (2)And->Wherein i is more than or equal to 1 and less than or equal to n, j is more than or equal to 1 and less than or equal to l, and k is more than or equal to 1 and less than or equal to m; the method comprises the following steps:
s1, a user executes a secret handshake protocol with a neighbor node in a point-to-point network, and sends encrypted transactions;
s2, re-encrypting and forwarding effective transactions of users by the blockchain nodes, and packaging the effective transactions;
s3, the block chain nodes issue blocks to participate in DAG consensus of the directed acyclic graph, and update DAG block chains;
s4, when a new agreed block appears in the DAG chain, the block chain node and a generator of the block execute a secret handshake protocol, and the block chain is updated.
2. The blockchain slicing method based on secret handshake of claim 1, wherein the step S1 specifically includes:
s11, setting the user as U j The user points to a neighbor blockchain node in a point-to-point networkSending handshake messages
S13, user U j With the management node GA belonging to the same group k Neighboring block link points of (a)Generating a shared key
S14, using the shared keyAnd secure symmetric encryption algorithm encryption transaction +_>Obtaining encrypted transactions
3. The blockchain slicing method based on secret handshake according to claim 2, wherein the step S2 specifically includes:
s21, block chain nodeReceiving user U j Is (are) encrypted transaction->Use of symmetric decryption algorithm and shared key +.>Decryption->Obtaining user U j Transaction->
S22, block chain nodeVerifying user transactions according to the verification rules of the blockchain>Is to be used if trade +>If not, stopping processing, otherwise, judging that the user transaction is valid;
s23, block chain nodeIf no valid user transaction has been forwarded +.>Then->Performing a secret handshake protocol by neighboring blockchain nodes of (a) and encrypting user transactions using a shared key generated by the secret handshake protocol>Forwarding the re-encrypted user valid transaction;
4. The blockchain slicing method based on secret handshaking as in claim 3, wherein step S3 specifically includes:
s31, setting a system threshold t B When the blockchain node CN i The number of encrypted transactions packed in a block exceeds the system threshold t B Thereafter, the blockchain node CN i Setting a block header comprising a blockchain node CN i The handshake message of (1), the link of the two recent blocks in the current DAG chain, and the consensus information, then broadcasting the complete block to all block links through a point-to-point network; the handshake message in this step has the meaning of the handshake message in step S11The same, the first message of the secret handshake protocol;
s32, block chain node CN i After receiving the block, the DAG consensus process is completed according to the consensus information of the block head, and the DAG block chain is updated.
5. The blockchain slicing method based on secret handshaking of claim 4, wherein step S4 specifically includes:
s41, for new blocks with consensus in DAG chain, blockchain node CN i If the new block is detected not to be generated by the user, the handshake information of the block head is adopted, and a secret handshake message is sent to a generator of the new block; the secret handshake message sent to the new block generator in the step has the same meaning as the handshake message in the step S12, and is the second message of secret handshake;
s42, after receiving the secret handshake message, the generating party of the new block generates a shared secret key if the requesting party and the requesting party belong to the same group of management nodes, returns a block encryption key encrypted by the shared secret key and a safe symmetric encryption algorithm, and otherwise, stops processing; the shared secret key in the step has the same meaning as the shared secret key in the step S13, and is generated by a secret handshake protocol;
s43, block chain node CN i After obtaining the block encryption key, decrypting and verifying the validity of the block, if the block is valid, updating the block chain of the block, namely adding the decrypted plaintext block PB into the local block chain, otherwise, stopping processing.
6. The secret handshake-based blockchain slicing method of any of claims 1-5, wherein the management node GA k Creating group G k ,G k ,G k′ Are all cyclic groups with the order of large prime number q, and define bilinear mapping e: G k ×G k →G k′ For all a, b ε Z q ,P,Q∈G k Satisfy e (aP, bQ) =e (P, Q) ab The method comprises the steps of carrying out a first treatment on the surface of the Defining a hash function H 1 And H 2 Wherein H is 1 :{0,1} * →G k ,H 2 Is a SHA-1 function;
if there is a new blockchain node CN i Or user U j Adding fragment k, GA k To which credentials are assignedAnd-> Including group identity->And group secret information-> Including group identity->And group secret informationWhen a node within a slice is to be removed, the GA k Broadcasting the group identity of the node to other nodes in the segment, and warning the node in the segment not to handshake with the node;
wherein, user U j Neighbor blockchain nodes in a sum-point-to-point networkThe secret handshake procedure includes:
Neighbor blockchain nodesReceive->After that, the own group identity is +.>And random number->To the user U j ;
User U j Reception ofAnd->After that, respond to own group identity +.>Random number->And message->Wherein, the liquid crystal display device comprises a liquid crystal display device,
neighbor blockchain nodesAfter receiving the user response, generatingVerification->Whether or not to be equal toIf equal, respond to the message->If the verification is unequal, the response is not performed;
7. The secret handshake-based blockchain sharding method of any of claims 1 to 5, wherein a blockchain node CN i A block data pool, a block database and a hash confirmation list are established locally; the local area block data pool stores the block hash value which does not reach the consensus, the local area block database stores the block hash which reaches the consensus, and the hash confirmation list stores the confirmation number of each block hash; the DAG consensus process for a block includes:
block chain node CN i Each time a block is packed, the block is packedThe hash value is stored in the local block data pool, and the node CN is added in the local hash confirmation list i The validation node hashed for the block and initializing a hash list comprising the hash value of the block and the node CN i Identity of (2)The hash list is packaged into a block header as consensus information; the complete block is broadcast to all block links through a point-to-point network;
block chain node CN i After receiving the block, updating the local block data pool and the hash confirmation list according to the consensus information in the block head, specifically: if a new block is received, the block hash in the consensus information is stored in a local block data pool, and a node CN is added in a local hash confirmation list i A validation node hashed for the block; when the number of the confirmation nodes with block hashes in the local hash confirmation list is greater than or equal toThen the block hash is stored into the local block database and deleted in the block data pool and hash validation list;
the blocks stored in the local block database are identified, and the blocks in the block database form a DAG block chain according to the link relation.
8. The secret handshake-based blockchain slicing method of any of claims 2-5, wherein the symmetric encryption algorithm comprises an AES-CCM algorithm using handshake messages at the time of secret handshake as keys, i.e. in steps S12 and S13, the secret handshake is to be used as a keyAs a shared key->
9. A blockchain fragmenting method based on secret handshaking according to any claim 3 to 5, characterised in that in step S22 the validity of the user transaction is verified with a digital signature; user U j Generating a transfer transactionIncluding timestamp, transaction type, transfer amount, target user identity, and user U j Signing the transaction content; user U j Executing secret handshake protocol with neighbor nodes in point-to-point network to obtain shared key +.>Encryption of transactions using symmetric encryption algorithm>Obtain encrypted transaction->User U j To the management node GA belonging to the same group k Neighbor blockchain node->Sending encrypted transactionsBlock chain node->Receiving user U j Is (are) encrypted transaction->Use of symmetric decryption algorithm and shared key +.>DecryptionObtaining user U j Transaction->Then blockchain node->Validating user transactions according to validation rules of a blockchainIs effective in (3):
checking whether the transaction signature is valid, if so, continuing checking as follows;
if the user transactsIf the transaction type is a transfer transaction, checking whether the transfer amount is non-negative, if so, continuing checking as follows, if not, then the transaction +.>Invalidating;
checking user U j Whether the blockchain account balance is greater than or equal to the transfer amount, if so, continuing to check if not, and if not, the transactionInvalidating;
10. The secret handshake-based blockchain sharding method of claim 5 wherein,
verifying the block validity using each user transaction validity in the verification block; in step S43, the blockchain node CN i After obtaining the block encryption key, decrypt the block to obtain t B A decrypted user transaction, if t B The block is valid if the individual user transactions are valid, otherwise the block is invalid.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310207773.6A CN116436636A (en) | 2023-03-06 | 2023-03-06 | Block chain slicing method based on secret handshake |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310207773.6A CN116436636A (en) | 2023-03-06 | 2023-03-06 | Block chain slicing method based on secret handshake |
Publications (1)
Publication Number | Publication Date |
---|---|
CN116436636A true CN116436636A (en) | 2023-07-14 |
Family
ID=87089784
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310207773.6A Pending CN116436636A (en) | 2023-03-06 | 2023-03-06 | Block chain slicing method based on secret handshake |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116436636A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116743377A (en) * | 2023-08-09 | 2023-09-12 | 腾讯科技(深圳)有限公司 | Data processing method, device, equipment and storage medium based on blockchain key |
-
2023
- 2023-03-06 CN CN202310207773.6A patent/CN116436636A/en active Pending
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN116743377A (en) * | 2023-08-09 | 2023-09-12 | 腾讯科技(深圳)有限公司 | Data processing method, device, equipment and storage medium based on blockchain key |
CN116743377B (en) * | 2023-08-09 | 2023-11-03 | 腾讯科技(深圳)有限公司 | Data processing method, device, equipment and storage medium based on blockchain key |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11323276B2 (en) | Mutual authentication of confidential communication | |
EP2533460B1 (en) | Digital signatures with implicit certificate chains | |
US11914754B2 (en) | Cryptographic method for verifying data | |
US11870891B2 (en) | Certificateless public key encryption using pairings | |
CN111614621B (en) | Internet of things communication method and system | |
JP2004515117A (en) | Encrypted data security system and method | |
JP2007049708A (en) | System and method for updating keys used for public key cryptography | |
JPH1041932A (en) | Ciphering key recovery method and equipment | |
US11956367B2 (en) | Cryptographic method for verifying data | |
CN111416712B (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
CN106657002A (en) | Novel crash-proof base correlation time multi-password identity authentication method | |
CN116436636A (en) | Block chain slicing method based on secret handshake | |
CN114726583A (en) | Trusted hardware cross-chain transaction privacy protection system and method based on block chain distributed identification | |
CN111245611B (en) | Anti-quantum computation identity authentication method and system based on secret sharing and wearable equipment | |
US20220038267A1 (en) | Methods and devices for secured identity-based encryption systems with two trusted centers | |
Chen et al. | Provable secure group key establishment scheme for fog computing | |
Kwon et al. | Certificate transparency with enhanced privacy | |
CN111526131B (en) | Anti-quantum-computation electronic official document transmission method and system based on secret sharing and quantum communication service station | |
CN110572257B (en) | Identity-based data source identification method and system | |
Singh et al. | Pseudo-identity based secure communication scheme for vehicular ad-hoc networks | |
US20240160792A1 (en) | Cryptographic method for verifying data | |
US20240089240A1 (en) | Cryptographic method for verifying data | |
CN118018211A (en) | Trusted distributed digital identity authentication method and system | |
CN117202191A (en) | Access authentication method between quantum security boundary base stations | |
CN117896061A (en) | Encryption communication method for Internet of things equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |