CN116561739B - Data transaction method and device, electronic equipment and storage medium - Google Patents

Data transaction method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN116561739B
CN116561739B CN202310357009.7A CN202310357009A CN116561739B CN 116561739 B CN116561739 B CN 116561739B CN 202310357009 A CN202310357009 A CN 202310357009A CN 116561739 B CN116561739 B CN 116561739B
Authority
CN
China
Prior art keywords
user
hash value
private key
smart contract
nonce
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310357009.7A
Other languages
Chinese (zh)
Other versions
CN116561739A (en
Inventor
张金波
范学鹏
汤载阳
曾驭龙
王宸敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Yizhi Technology Co ltd
Original Assignee
Beijing Yizhi Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Yizhi Technology Co ltd filed Critical Beijing Yizhi Technology Co ltd
Priority to CN202310357009.7A priority Critical patent/CN116561739B/en
Publication of CN116561739A publication Critical patent/CN116561739A/en
Application granted granted Critical
Publication of CN116561739B publication Critical patent/CN116561739B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/389Keeping log of transactions for guaranteeing non-repudiation of a transaction
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Power Engineering (AREA)
  • Health & Medical Sciences (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

The embodiment of the application discloses a data transaction method, a device, electronic equipment and a storage medium. The application solves the technical problem of atomicity of the original data delivery. The application realizes the original data delivery process and the atomicity of data transaction.

Description

Data transaction method and device, electronic equipment and storage medium
Technical Field
The present application relates to the field of software engineering, and in particular, to a data transaction method and apparatus, an electronic device, and a storage medium.
Background
The trusted execution environment comprises an intel SGX, an AMD SEV and the like, can ensure that the program runs in a protected environment, and realizes two basic targets that codes cannot be tampered and intermediate variables cannot be acquired. The design principle is that the authority judgment of the protected memory access is added in the layer of the CPU circuit.
A blockchain is a de-centralized ledger on which programs are executed in a fully public transparent manner called intelligent contracts.
In the data transaction, it is assumed that the first party wants to purchase the data of the second party, and that the privacy of the data needs to be ensured, i.e. the data cannot be acquired by anyone other than the first and second parties. In a practical scenario, such transactions are typically conducted on-line, making it difficult to achieve a true hand-to-hand delivery. The frequent situations are: after paying money to the second party, the second party refuses to provide data or provides wrong data; or the second party firstly provides data for the first party and then the first party refuses to pay. If a platform similar to a traditional E-commerce platform is introduced as a third party intermediary for temporarily storing money and data, the risk of data privacy disclosure can be easily caused; and third parties also have the potential to become disliked.
In any case, there is a risk that at least one party is lost, and fairness of data transaction cannot be ensured.
Disclosure of Invention
Aiming at the technical defects in the prior art, the embodiment of the invention aims to provide a data transaction method, a device, electronic equipment and a storage medium, so as to solve the atomicity problem of data delivery.
To achieve the above object, in a first aspect, an embodiment of the present invention provides a data transaction method, including:
storing a digital asset provided by a first user in a smart contract to indicate that the first user wishes to purchase data having a hash value h P previously uploaded to a blockchain by a second user;
Transmitting a first encryption result m of the original data D, a second encryption result c of a private key S t and a signature S of a union to a second user, wherein the union comprises a hash value h D of the original data D, the hash value h m of the c and the hash value m;
sending the m to a first user through the second user chain, so that the first user calculates the hash value of the m and submits the hash value to an intelligent contract on the chain;
Calculating a hash value of m local to the second user, and transmitting the c, the s to the smart contract by the second user when the hash value of m local to the second user has the same hash value as the smart contract;
After the hash value of m, h P, c and s calculated by the first user pass through the verification of the intelligent contract, the digital asset stored in the intelligent contract by the first user is transferred to the second user, and meanwhile, the first user obtains the D after decryption, so that delivery is completed.
Further, the obtaining the D after the first user decrypts the data includes:
Decrypting c using a private key S a to obtain the private key S t based on the c obtained from the smart contract;
And decrypting the m sent from the second user chain according to the S t to obtain the D.
Further, the first encryption result m of the original data D, the second encryption result c of the private key S t, and the signature S of the complex obtained in the trusted execution environment include:
inputting the original data D, and calculating a hash value h D of the original data D;
Generating a pair of asymmetric keys, wherein the public key is denoted as P t, and the private key is denoted as S t;
Calculating the first encryption result m=enc (P t, D), wherein Enc (P t, D) represents encrypting D with public key P t;
c=enc (P a,St), where Enc (P a,St) represents encrypting S t with public key P a;
s=sig (S a,c,hm,hD, nonce), where h m is a hash value of m, obtained by calculating a given anti-collision function; sig (S a,c,hm,hD, nonce) means that the combination of c, h m,hD, nonce is signed with a private key S a, wherein nonce is a public constant, and the private key S a is sent to the trusted execution environment through the data security channel of the first user.
Further, the sending the m to the first user under the second user chain so that the first user calculates the hash value of the m and submits the hash value to the intelligent contract on the chain includes:
the ciphertext m of the D is sent to the first user in a mode of transmitting under the second user chain, and a decryptable private key ciphertext is still stored in the second user;
the first user computes a hash value h 'm of the m and submits the h' m to the on-chain smart contracts.
Further, the method further comprises:
ciphertext m of the D is received at the first user but requires decryption by a particular private key.
Further, the calculating the hash value of m local to the second user, and when the hash value of m local to the second user has the same hash value as the smart contract, sending the c, the s to the smart contract by the second user includes:
After the second user confirms that the first user receives the ciphertext of the D, a hash value h ' m of the m local to the second user is calculated, and when the hash value h ' m of the m local to the second user is equal to the h ' m on the intelligent contract, the c and the s are sent to the intelligent contract through the second user so as to publish the decryptable private key ciphertext.
Further, the hash value of m, the h P, the c, and the s calculated by the first user are verified via the smart contract, including:
Verifying verify _ sig (P a,s,c,h′m,hp, nonce) via the smart contract based on the hash value h' m, h P, c, s of m calculated by the first user,
Wherein the verify_sig (P a,s,c,h′m,hp, nonce) represents a legal signature of a nonce complex verifying with public key P a if s is c, h' m,hP, nonce being a public constant.
In a second aspect, an embodiment of the present invention further provides a data transaction apparatus, including:
A digital asset logging module for logging digital assets provided by a first user into an intelligent contract to indicate that the first user wishes to purchase data with a hash value h P previously uploaded to a blockchain by a second user;
The encryption module is used for sending a first encryption result m of the original data D, a second encryption result c of a private key S t and a signature S of a union to a second user, wherein the first encryption result m, the second encryption result c of the private key S t and the signature S of the union are obtained in a trusted execution environment, and the union comprises a hash value h D of the original data D, a hash value h m of the c and the m;
The under-chain sending module is used for sending the m to a first user through the second user under the chain so that the first user calculates the hash value of the m and submits the hash value to the intelligent contract on the chain;
A hash calculation module, configured to calculate a hash value of the m local to the second user, and send, by the second user, the c, the s to the smart contract when the hash value of the m local to the second user has the same hash value as the smart contract;
And the hash verification module is used for transferring the digital asset stored in the intelligent contract by the first user to the second user after the hash value of m, h P, c and s calculated by the first user pass through the intelligent contract verification, and obtaining the D after the first user is decrypted to finish delivery.
In a third aspect, an embodiment of the present invention further provides an electronic device, including:
A processor; and
A memory arranged to store computer executable instructions which, when executed, cause the processor to perform the method of the first aspect.
In a fourth aspect, embodiments of the present invention also provide a computer readable storage medium storing one or more programs, which when executed by an electronic device comprising a plurality of application programs, cause the electronic device to perform the method of the first aspect.
In the embodiment of the application, the data transaction method, the device, the electronic equipment and the storage medium are used in the trusted execution environment, because S a is only used in the trusted execution environment, and the second user cannot acquire the specific value, the signature performed by using S a is necessarily generated in the trusted execution environment, and the correctness of the signature generation process can be ensured by the property of the feasible execution environment. The second user cannot obtain or forge any legal signature other than the signature given by the trusted execution environment. The signature s can be verified on the smart contract, meaning that the record of the signed content on the smart contract must be completely consistent with the record in the trusted execution environment, which means that there must be h m=h′m,hD=hP. Thus, the atomicity of the data transaction process can be fully realized. In the executing process, the atomicity is not affected by any one of the A and the B against the action of the protocol.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below.
FIG. 1 is a flow chart of a data transaction method according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a data transaction device according to an embodiment of the present invention;
Fig. 3 is a schematic diagram of an implementation principle of a data transaction method according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It should be understood that the terms "comprises" and "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It is also to be understood that the terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used in this specification and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
It should be further understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
As used in this specification and the appended claims, the term "if" may be interpreted as "when..once" or "in response to a determination" or "in response to detection" depending on the context. Similarly, the phrase "if a determination" or "if a [ described condition or event ] is detected" may be interpreted in the context of meaning "upon determination" or "in response to determination" or "upon detection of a [ described condition or event ]" or "in response to detection of a [ described condition or event ]".
It is noted that unless otherwise indicated, technical or scientific terms used herein should be given the ordinary meaning as understood by one of ordinary skill in the art to which this application belongs.
The problems in the related art are: atomicity of data delivery. That is, party b will not receive payment from party a until the correct data is not received by party a; and once the party a has acknowledged the correct data, party b can obtain the payment of party a. That is, both the receipt of the correct data by party a and the receipt of the payment by party b must occur at the same time, or neither will occur. The proposal provided by the invention is based on a trusted execution environment, a blockchain technology and an asymmetric encryption and signature system, can ensure the atomicity of the data delivery, ensures that both parties have no cheating space, and does not depend on any third party intermediary.
In the embodiment of the application, based on the data security channel, one party is allowed to transmit the private data to the trusted execution environment of the other party for the two parties at different places, and the privacy is ensured not to be revealed, namely, the private data cannot be acquired by anyone except the sender. Still further, the sender can ensure that its sent content will only run in one of its specified instances (including the specified parser hash and specified parameters) in the trusted execution environment.
The embodiment of the application aims at the problem of fair and honest transaction of the first party and the second party when the first party purchases the original data, and ensures that the first party and the second party cannot dislike in the transaction process. In the execution process, the atomicity of data delivery cannot be affected by any one of the two parties against the action of the protocol.
It should be noted that, without conflict, the embodiments of the present application and features of the embodiments may be combined with each other. The application will be described in detail below with reference to the drawings in connection with embodiments.
As shown in fig. 1, a flowchart of a data transaction method is provided in an embodiment of the present application. The method comprises the following steps of S110 to S150:
S110: the digital asset provided by the first user is stored in a smart contract to indicate that the first user wishes to purchase data having a hash value h P previously uploaded to the blockchain by the second user.
The first user is referred to as the first party and is the data purchaser.
The second user is referred to as party b and is a data provider.
The second party publishes the hash value h P of the data to be transacted to the blockchain in advance, the hash value h P is displayed on the blockchain, the correctness can be ensured, for example, credit can be ensured by historical successful transaction records of other multiple users, and the original data D delivered by the second party can be matched with the hash value h P displayed on the chain.
The number of digital assets is equal to the funds that the data transaction is required to pay. When a first user wishes to purchase data having a hash value of h P, a corresponding number of digital assets are first stored in the smart contract.
S120: and sending a first encryption result m of the original data D, a second encryption result c of the private key S t and a signature S of a union to a second user, wherein the union comprises a hash value h D of the original data D, the hash value h m of the c and the hash value m.
First, assume that a party a has a pair of asymmetric keys, wherein the public key is denoted as P a, the private key is denoted as S a, the public key is submitted to the smart contract, and the private key is transferred to a program running in a trusted execution environment of the party b through a data security channel.
Then, a pair of asymmetric keys is generated, the public key is denoted as P t, and the private key is denoted as S t. The data to be transferred is encrypted with a specific private key in a trusted execution environment. And meanwhile, outputting a specific private key ciphertext, the ciphertext of the D and a related signature to the party B, and running the program in a trusted execution environment by the party B.
It will be appreciated that the first encryption result and the second encryption result are obtained by encrypting with different public keys.
It should be noted that, in the present application, it is first assumed that a data transmission means based on a trusted execution environment is given, without any additional limitation.
S130: and sending the m to a first user through the second user under the chain, so that the first user calculates the hash value of the m and submits the hash value to the intelligent contract on the chain.
Party b sends m to party a. Since m is ciphertext of D, its size is close to D, and the transmission is transmitted by means of downlink transmission, including network transmission or hardware device transmission. The purpose of this step is to send the ciphertext of D to party a, but the private key ciphertext that can now be decrypted is still in party b.
S140: calculating a hash value of m local to the second user, and transmitting the c, the s to the smart contract by the second user when the hash value of m local to the second user has the same hash value as the smart contract.
After receiving m, the first party calculates the hash value h 'm of the m and submits the hash value h' m to the smart contract. This step indicates that the a party has received the ciphertext of D, but also requires a specific private key to decrypt.
When party b computes a hash value h "m with m local to it. When it finds that a value identical to h' m of its local calculation appears on the smart contract, it submits its local c, s to the smart contract. After the second party confirms that the first party receives the ciphertext of the D, the second party publishes the private key ciphertext which can be decrypted.
S150: after the hash value of m, h P, c and s calculated by the first user pass through the verification of the intelligent contract, the digital asset stored in the intelligent contract by the first user is transferred to the second user, and meanwhile, the first user obtains the D after decryption, so that delivery is completed.
The correctness of the submitted information of each party is verified through the intelligent contract, wherein the correctness comprises c, s, h' m and the like.
As a preferred embodiment, the obtaining the D after the first user decrypts the data includes: decrypting c using a private key S a to obtain the private key S t based on the c obtained from the smart contract; and decrypting the m sent from the second user chain according to the S t to obtain the D.
In specific implementation, if the intelligent contract payment process is completed, the first party obtains c from the intelligent contract, decrypts c by using S a to obtain S t, and decrypts m received by the first party by using S t to obtain the original data D. The original data delivery process is completed.
As a preference in this embodiment, obtaining the first encryption result m of the original data D, the second encryption result c of the private key S t, and the signature S of the complex in the trusted execution environment includes: inputting the original data D, and calculating a hash value h D of the original data D; generating a pair of asymmetric keys, wherein the public key is denoted as P t, and the private key is denoted as S t; calculating the first encryption result m=enc (P t, D), wherein Enc (P t, D) represents encrypting D with public key P t; c=enc (P a,St), where Enc (P a,St) represents encrypting S t with public key P a; s=sig (S a,c,hm,hD, nonce), where h m is a hash value of m, obtained by calculating a given anti-collision function, from which its original data information cannot be calculated; sig (S a,c,hm,hD, nonce) means that the private key S a is used for signing the combination of c, h m,hD and nonce, wherein the nonce is a public constant, and the used nonce is different each time the signature is signed, so that the signature is not reusable; the private key S a is sent to the trusted execution environment through the data security channel of the first user.
In specific implementation, the second party runs the program in a trusted execution environment, wherein the program comprises the following modules:
firstly, receiving S a transmitted by a first party through a data security channel;
Secondly, generating a pair of asymmetric secret keys, wherein the public key is denoted as P t, and the private key is denoted as S t;
Then, inputting the original data D of the second party, calculating the hash value of the D, and marking the hash value as h D;
Then, m=enc (P t, D) is calculated, where Enc (P t, D) represents encrypting D with public key P t; c=enc (P a,St), where Enc (P a,St) represents encrypting S t with public key P a;
Finally, a signature s=sig is calculated (S a,c,hm,hD, nonce), where h m is a hash value of m, obtained by calculating a given anti-collision function; sig (S a,c,hm,hD, nonce) means signing the combination of c, h m,hD, nonce with private key S a, where nonce is a public constant.
In conclusion, m, c and s are output to the second party.
Under the condition of no cheating, the second party has h D=hP.
If the second party inputs the wrong original data D 'to the trusted execution environment, and the hash value of the D' is assumed to be h ', the s output by the trusted execution environment comprises a signature of the h'. In the verification link of the intelligent contract, since h' noteqh P, verification cannot pass, the protocol cannot be continuously executed.
As a preference in this embodiment, said sending said m to a first user under said second user chain, so that said first user calculates a hash value of said m and submits said hash value to an on-chain smart contract includes: the ciphertext m of the D is sent to the first user in a mode of transmitting under the second user chain, and a decryptable private key ciphertext is still stored in the second user; the first user computes a hash value h 'm of the m and submits the h' m to the on-chain smart contracts.
Since m is ciphertext of D, its size is close to D, and the transmission is transmitted by means of downlink transmission, including network transmission or hardware device transmission.
If party B submits the wrong original data ciphertext m' to party A, then party A will not pass after submitting h m′ and verification of the smart contract. Because S generated by the trusted execution environment is a signature on h m instead of h m′, and because the second party does not have the private key S a, the second party cannot obtain a valid signature on h m′ to pass verification, the protocol will not continue to execute.
As a preference in this embodiment, the method further comprises: ciphertext m of the D is received at the first user but requires decryption by a particular private key. Party a has received the ciphertext of D but also needs a specific private key to decrypt.
As a preference in this embodiment, said calculating the hash value of m local to the second user, and when the hash value of m local to the second user has the same hash value as the smart contract, sending the c, the s to the smart contract by the second user includes: after the second user confirms that the first user receives the ciphertext of the D, a hash value h ' m of the m local to the second user is calculated, and when the hash value h ' m of the m local to the second user is equal to the h ' m on the intelligent contract, the c and the s are sent to the intelligent contract through the second user so as to publish the decryptable private key ciphertext.
In practice, after receiving m, the first party calculates h' m and submits it to the smart contract.
When party B calculates h' m with its local m. When party B finds that there is a value on the smart contract that is the same as its locally calculated h' m, it submits its local c, s to the smart contract.
If party a still submits an incorrect h 'm to the smart contract after receiving the correct m (expecting to obtain the decryption key for D without payment), party b finds that h' m in the smart contract is different from its locally calculated h "m and therefore does not submit c, s to the smart contract. The protocol will not continue to execute and party a still cannot decrypt D.
As a preference in this embodiment, the hash value of m, the h P, the c, and the s calculated by the first user are verified via the smart contract, including: verifying verify_sig (P a,s,c,h′m,hp, nonce) via the smart contract based on the hash value h 'm, h P, c, s of m calculated by the first user, wherein the verify_sig (P a,s,c,h′m,hp, nonce) represents a legal signature of a nonce complex verifying whether s is c, h' m,hP, nonce is a public constant with public key P a.
In particular, the smart contract validates verify_sig (P a,s,c,h′m,hp, nonce), where h' m is data submitted by party a and s, c is data submitted by party b.
Verify sig (P a,s,c,h′m,hp, nonce) represents a legal signature for verifying with public key P a that s is a combination of c, h' m,hP, nonce. If the verification is passed, the blockchain digital asset of the first party stored in the intelligent contract is transferred to the second party address, and the payment process is completed.
If party B submits the wrong c ', s' to the smart contract, then the smart contract will not be verified. Because party b does not have private key S a, another signature containing nonce cannot be obtained other than S.
In this embodiment, in the case that neither party a nor party b is cheating: h P=hD,hm=h′m=h″m. It should be noted that the steps illustrated in the flowcharts of the figures may be performed in a computer system such as a set of computer executable instructions, and that although a logical order is illustrated in the flowcharts, in some cases the steps illustrated or described may be performed in an order other than that illustrated herein.
According to an embodiment of the application, a data transaction device for implementing the method is also provided. As shown in fig. 2, the data transaction apparatus 200 includes:
a digital asset logging module 210 for logging digital assets provided by a first user into a smart contract to indicate that the first user wishes to purchase data having a hash value h P previously uploaded to the blockchain by a second user;
The encryption module 220 sends a first encryption result m of the original data D, a second encryption result c of the private key S t and a signature S of a union to a second user, wherein the union comprises a hash value h D of the original data D, the hash value h m of the c and the hash value m;
an off-link sending module 230, configured to send the m to a first user through the second user under the link, so that the first user calculates a hash value of the m and submits the hash value to an on-link smart contract;
a hash calculation module 240, configured to calculate a hash value of the m local to the second user, and send the c, the s to the smart contract by the second user when the hash value of the m local to the second user has the same hash value as the smart contract;
And the hash checking module 250 is used for transferring the digital asset stored in the intelligent contract by the first user to the second user after the hash value of m, h P, c and s calculated by the first user pass through the intelligent contract verification, and meanwhile, the first user obtains the D after decryption to finish delivery.
It will be apparent to those skilled in the art that the modules or steps of the application described above may be implemented in a general purpose computing device, they may be concentrated on a single computing device, or distributed across a network of computing devices, or they may alternatively be implemented in program code executable by computing devices, such that they may be stored in a memory device for execution by the computing devices, or they may be separately fabricated into individual integrated circuit modules, or multiple modules or steps within them may be fabricated into a single integrated circuit module. Thus, the present application is not limited to any specific combination of hardware and software.
As shown in fig. 3, a schematic diagram of an implementation principle of a data transaction method according to an embodiment of the present application specifically includes the following steps:
In step 1, when the first party wishes to purchase the data with hash value h P, a corresponding number of digital assets are stored in the smart contract. The number of digital assets is equal to the funds that the data transaction is required to pay.
The hash value h P of the data is published to the blockchain in advance by the party b, is displayed on the blockchain, can ensure correctness, for example, can ensure credit through historical successful transaction records of a plurality of other users, and can ensure that the original data D delivered by the party b can be matched with the hash value h P displayed on the chain.
Step 2, the second party runs a program in a trusted execution environment, wherein the program comprises the following modules:
(1) S a, receiving the data transmitted by the first party through the data security channel;
(2) Generating a pair of asymmetric keys, wherein the public key is denoted as P t, and the private key is denoted as S t;
(3) Inputting the original data D of the second party, calculating the hash value of the D, and recording the hash value as h D;
(4) Calculating m=enc (P t, D), where Enc (P t, D) represents encrypting D with public key P t;
c=enc (P a,St), where Enc (P a,St) represents encrypting S t with public key P a;
s=sig (S a,c,hm,hD, nonce), where h m is a hash value of m, obtained by calculating a given anti-collision function; sig (S a,c,hm,hD, nonce) means that the private key S a is used for signing the combination of c, h m,hD and nonce, wherein the nonce is a public constant, and the used nonce is different each time the signature is signed, so that the signature is not reusable;
(4) And outputting m, c and s to the second party.
The above steps correspond to encrypting the data to be transacted with a specific private key. And meanwhile, outputting a specific private key ciphertext, a ciphertext of the D and a related signature to the second party.
And step 3, the second party sends m to the first party. Since m is ciphertext of D, its size is close to D, and the transmission is transmitted by means of downlink transmission, including network transmission or hardware device transmission.
The purpose of this step is to send the ciphertext of D to party a, but the private key ciphertext that can now be decrypted is still in party b.
And 4, after receiving m, the first party calculates the hash value of m as h' m and submits the hash value to the intelligent contract.
This step indicates that the a party has received the ciphertext of D, but also requires a specific private key to decrypt.
Step 5, party B computes a hash value of h "m with its local m, and submits its local c, s to the smart contract when it finds that the same value as its local computed h" m appears on the smart contract, i.e., when h "m=h′m.
After the second party confirms that the first party receives the ciphertext of the D, the second party publishes the private key ciphertext which can be decrypted.
Step 6, smart contract verification verify_sig (P a,s,c,h′m,hp, nonce), where h 'm is the data submitted by the first party at step 4, c, s is the data submitted by the second party at step 5, verify_sig (P a,s,c,h′m,hp, nonce) indicates a legal signature of the nonce complex verifying whether s is c, h' m,hP, nonce with public key P a. If the verification is passed, the digital asset of the first party stored in the intelligent contract is transferred to the second party address, and the payment process is completed.
The purpose of this step is to verify the correctness of the information submitted by the parties, including c, s, h' m, etc.
And 7, if the intelligent contract payment process is finished, the first party acquires c from the intelligent contract, decrypts c by using S a to obtain S t, and decrypts m received in the 4 th step by using S t to obtain the original data D. The original data delivery process is completed.
If the party B cheats in the step 2, the wrong original data D 'is input to the trusted execution environment, and the hash value of the D' is assumed to be h ', the s output by the trusted execution environment comprises a signature on the h'. In the verification link of the intelligent contract in step 5, since h' noteqh P, verification cannot pass, and therefore the protocol cannot be continuously executed.
If party B cheats in step 3, the wrong original data ciphertext m' is submitted to party A, then party A will not pass the verification of the intelligent contract after submitting h m′. Because S generated by the trusted execution environment is a signature on h m instead of h m′, and because the second party does not have the private key S a, the second party cannot obtain a valid signature on h m′ to pass verification, the protocol will not continue to execute.
If party a cheats in step 4, after receiving the correct m, still submit an error h 'm to the smart contract (expect to obtain the decryption key for D without payment), then party b finds that h' m in the smart contract is different from its locally calculated h "m, so it will not submit c, s to the smart contract. The protocol will not continue to execute and party a still cannot decrypt D.
If party B cheats at step 5, submitting the wrong c ', s' to the smart contract, then the verification of the smart contract at step 6 will not pass. Because party b does not have private key S a, another signature containing nonce cannot be obtained other than S.
According to an embodiment of the present application, there is also provided an electronic device including: a processor; and a memory arranged to store computer executable instructions that, when executed, cause the processor to perform the data transaction method.
Further, embodiments of the present application also provide a computer-readable storage medium storing one or more programs that, when executed by an electronic device comprising a plurality of application programs, cause the electronic device to perform the data transaction method.
The computer readable storage medium may be an internal storage unit of the background server according to the foregoing embodiment, for example, a hard disk or a memory of the system. The computer readable storage medium may also be an external storage device of the system, such as a plug-in hard disk, a smart memory card (SMART MEDIA CARD, SMC), a Secure Digital (SD) card, a flash memory card (FLASH CARD), etc. that are provided on the system. Further, the computer readable storage medium may also include both internal storage units and external storage devices of the system. The computer readable storage medium is used to store the computer program and other programs and data required by the system. The computer-readable storage medium may also be used to temporarily store data that has been output or is to be output.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps described in connection with the embodiments disclosed herein may be embodied in electronic hardware, in computer software, or in a combination of the two, and that the elements and steps of the examples have been generally described in terms of function in the foregoing description to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
In addition, each functional unit in the embodiments of the present invention may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit. The integrated units may be implemented in hardware or in software functional units.
The integrated units, if implemented in the form of software functional units and sold or used as stand-alone products, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention is essentially or a part contributing to the prior art, or all or part of the technical solution may be embodied in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a read-only memory (ROM), a random access memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
While the invention has been described with reference to certain preferred embodiments, it will be understood by those skilled in the art that various changes and substitutions of equivalents may be made and equivalents will be apparent to those skilled in the art without departing from the scope of the invention. Therefore, the protection scope of the invention is subject to the protection scope of the claims.

Claims (8)

1. A method of data transaction, the method comprising:
storing a digital asset provided by a first user in a smart contract to indicate that the first user wishes to purchase data having a hash value h P previously uploaded to a blockchain by a second user;
Transmitting a first encryption result m of the original data D, a second encryption result c of a private key S t and a signature S of a union to a second user, wherein the union comprises a hash value h D of the original data D, the hash value h m of the c and the hash value m;
sending the m to a first user through the second user chain, so that the first user calculates the hash value of the m and submits the hash value to an intelligent contract on the chain;
Calculating a hash value of m local to the second user, and transmitting the c, the s to the smart contract by the second user when the hash value of m local to the second user has the same hash value as the smart contract;
after the hash value of m, h P, c and s calculated by the first user pass through the verification of the intelligent contract, transferring the digital asset stored in the intelligent contract by the first user to the second user, and obtaining the D after the first user is decrypted to finish delivery; wherein,
The first user obtains the D after decrypting, including:
Decrypting c using a private key S a to obtain the private key S t based on the c obtained from the smart contract;
Decrypting the m transmitted from the second user chain according to the S t to obtain the D;
Obtaining a first encryption result m of the original data D, a second encryption result c of the private key S t, and a signature S of the complex in a trusted execution environment, including:
inputting the original data D, and calculating a hash value h D of the original data D;
Generating a pair of asymmetric keys, wherein the public key is denoted as P t, and the private key is denoted as S t;
Calculating the first encryption result m=enc (P t, D), wherein Enc (P t, D) represents encrypting D with public key P t;
c=enc (P a,St), where Enc (P a,St) represents encrypting S t with public key P a;
s=sig (S a,c,hm,hD, nonce), where h m is a hash value of m, obtained by calculating a given anti-collision function; sig (S a,c,hm,hD, nonce) means that the combination of c, h m,hD, nonce is signed with a private key S a, wherein nonce is a public constant, and the private key S a is sent to the trusted execution environment through the data security channel of the first user.
2. The method of claim 1, wherein said sending said m to a first user through said second user chain to cause said first user to calculate a hash value of said m and submit it to an on-chain smart contract comprises:
the ciphertext m of the D is sent to the first user in a mode of transmitting under the second user chain, and a decryptable private key ciphertext is still stored in the second user;
the first user computes a hash value h 'm of the m and submits the h' m to the on-chain smart contracts.
3. The method according to claim 2, wherein the method further comprises:
ciphertext m of the D is received at the first user but requires decryption by a particular private key.
4. A method according to claim 3, wherein said calculating the hash value of m local to the second user and transmitting the c, the s to the smart contract by the second user when the hash value of m local to the second user has the same hash value as the smart contract comprises:
After the second user confirms that the first user receives the ciphertext of the D, a hash value h ' m of the m local to the second user is calculated, and when the hash value h ' m of the m local to the second user is equal to the h ' m on the intelligent contract, the c and the s are sent to the intelligent contract through the second user so as to publish the decryptable private key ciphertext.
5. The method of claim 1, wherein the hash value of m, the h P, the c, and the s calculated by the first user are verified via the smart contract, comprising:
Verifying verify _ sig (P a,s,c,h′m,hp, nonce) via the smart contract based on the hash value h' m, h P, c, s of m calculated by the first user,
Wherein the verify_sig (P a,s,c,h′m,hp, nonce) represents a legal signature of a nonce complex verifying with public key P a if s is c, h' m,hP, nonce being a public constant.
6. A data transaction device, the device comprising:
A digital asset logging module for logging digital assets provided by a first user into an intelligent contract to indicate that the first user wishes to purchase data with a hash value h P previously uploaded to a blockchain by a second user;
An encryption module, configured to send a first encryption result m of original data D, a second encryption result c of a private key S t, and a signature S of a union, obtained in a trusted execution environment, to a second user, where the union includes a hash value h D of the original data D, the c, and a hash value h m of the m;
The under-chain sending module is used for sending the m to a first user through the second user under the chain so that the first user calculates the hash value of the m and submits the hash value to the intelligent contract on the chain;
A hash calculation module, configured to calculate a hash value of the m local to the second user, and send, by the second user, the c, the s to the smart contract when the hash value of the m local to the second user has the same hash value as the smart contract;
The hash checking module is used for transferring the digital asset stored in the intelligent contract by the first user to the second user after the hash value of m, h P, c and s calculated by the first user pass through the intelligent contract verification, and meanwhile, the first user obtains the D after decryption to finish delivery; wherein the obtaining the D after the first user decrypts the data includes:
Decrypting c using a private key S a to obtain the private key S t based on the c obtained from the smart contract;
Decrypting the m transmitted from the second user chain according to the S t to obtain the D;
Obtaining a first encryption result m of the original data D, a second encryption result c of the private key S t, and a signature S of the complex in a trusted execution environment, including:
inputting the original data D, and calculating a hash value h D of the original data D;
Generating a pair of asymmetric keys, wherein the public key is denoted as P t, and the private key is denoted as S t;
Calculating the first encryption result m=enc (P t, D), wherein Enc (P t, D) represents encrypting D with public key P t;
c=enc (P a,St), where Enc (P a,St) represents encrypting S t with public key P a;
s=sig (S a,c,hm,hD, honce), where h m is a hash value of m, obtained by calculating a given anti-collision function; sig (S a,c,hm,hD, nonce) means that the combination of c, h m,hD, nonce is signed with a private key S a, where nomce is a public constant, and the private key S a is sent to the trusted execution environment through the data security channel of the first user.
7. An electronic device, comprising:
A processor; and
A memory arranged to store computer executable instructions which, when executed, cause the processor to perform the method of any of claims 1 to 5.
8. A computer readable storage medium, characterized in that the computer readable storage medium stores one or more programs, which when executed by an electronic device comprising a plurality of application programs, cause the electronic device to perform the method of any of claims 1-5.
CN202310357009.7A 2023-04-06 2023-04-06 Data transaction method and device, electronic equipment and storage medium Active CN116561739B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310357009.7A CN116561739B (en) 2023-04-06 2023-04-06 Data transaction method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310357009.7A CN116561739B (en) 2023-04-06 2023-04-06 Data transaction method and device, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN116561739A CN116561739A (en) 2023-08-08
CN116561739B true CN116561739B (en) 2024-04-16

Family

ID=87486975

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310357009.7A Active CN116561739B (en) 2023-04-06 2023-04-06 Data transaction method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116561739B (en)

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107038578A (en) * 2017-04-19 2017-08-11 浙江数秦科技有限公司 Multi-signature exchange information processing method in data trade platform based on block chain
CN107947940A (en) * 2017-11-29 2018-04-20 树根互联技术有限公司 A kind of method and device of data exchange
CN109347878A (en) * 2018-11-30 2019-02-15 西安电子科技大学 The data verification of decentralization and data safety transaction system and method
CN109509099A (en) * 2018-12-27 2019-03-22 石更箭数据科技(上海)有限公司 Data trade method and device calculates equipment, storage medium
CN110601848A (en) * 2019-09-10 2019-12-20 北京清红微谷技术开发有限责任公司 Appointment information processing method, device and system based on block chain and electronic equipment
CN110659994A (en) * 2019-09-27 2020-01-07 深圳市网心科技有限公司 Data transaction method, data transaction device and system based on block chain
CN111369236A (en) * 2020-02-19 2020-07-03 中国建设银行股份有限公司 Data management method and device applied to block chain
KR20210027951A (en) * 2019-09-03 2021-03-11 주식회사 아롬정보기술 Medical institution data relay device, medical data application device, and medical data management system using block chain
KR102302955B1 (en) * 2020-04-21 2021-09-16 주식회사 한컴위드 Blockchain and cloud-based asset trading platform server that enables real asset trading through tokenization of assets and operating method thereof
CN114008654A (en) * 2020-10-09 2022-02-01 支付宝(杭州)信息技术有限公司 Managing a block chain based trusted transaction service
CN115114658A (en) * 2022-06-24 2022-09-27 深圳大学 Verifiable data transaction method, device, equipment and medium based on block chain

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107038578A (en) * 2017-04-19 2017-08-11 浙江数秦科技有限公司 Multi-signature exchange information processing method in data trade platform based on block chain
CN107947940A (en) * 2017-11-29 2018-04-20 树根互联技术有限公司 A kind of method and device of data exchange
CN109347878A (en) * 2018-11-30 2019-02-15 西安电子科技大学 The data verification of decentralization and data safety transaction system and method
CN109509099A (en) * 2018-12-27 2019-03-22 石更箭数据科技(上海)有限公司 Data trade method and device calculates equipment, storage medium
KR20210027951A (en) * 2019-09-03 2021-03-11 주식회사 아롬정보기술 Medical institution data relay device, medical data application device, and medical data management system using block chain
CN110601848A (en) * 2019-09-10 2019-12-20 北京清红微谷技术开发有限责任公司 Appointment information processing method, device and system based on block chain and electronic equipment
CN110659994A (en) * 2019-09-27 2020-01-07 深圳市网心科技有限公司 Data transaction method, data transaction device and system based on block chain
CN111369236A (en) * 2020-02-19 2020-07-03 中国建设银行股份有限公司 Data management method and device applied to block chain
KR102302955B1 (en) * 2020-04-21 2021-09-16 주식회사 한컴위드 Blockchain and cloud-based asset trading platform server that enables real asset trading through tokenization of assets and operating method thereof
CN114008654A (en) * 2020-10-09 2022-02-01 支付宝(杭州)信息技术有限公司 Managing a block chain based trusted transaction service
CN115114658A (en) * 2022-06-24 2022-09-27 深圳大学 Verifiable data transaction method, device, equipment and medium based on block chain

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于云计算SaaS模式的信息安全研究;周文斌;《中国优秀硕士学位论文全文数据库信息科技辑 》;20170315(第03期);第I138-103页 *

Also Published As

Publication number Publication date
CN116561739A (en) 2023-08-08

Similar Documents

Publication Publication Date Title
CN107274139B (en) Bill data management method and computer-readable medium
US11082221B2 (en) Methods and systems for creating and recovering accounts using dynamic passwords
CN107038578B (en) Multi-signature transaction information processing method in data transaction platform based on block chain
US20200193432A1 (en) Method and system for settling a blockchain transaction
CN112215608B (en) Data processing method and device
US20200127813A1 (en) Method and system for creating a user identity
CN105373955B (en) Digital asset processing method and device based on multiple signatures
US20180359092A1 (en) Method for managing a trusted identity
CN110807641A (en) Pet food traceability system
US20180204192A1 (en) Secure Digital Data Operations
US20160162897A1 (en) System and method for user authentication using crypto-currency transactions as access tokens
CN110612547A (en) System and method for information protection
US20100153273A1 (en) Systems for performing transactions at a point-of-sale terminal using mutating identifiers
CN109905360B (en) Data verification method and terminal equipment
CN111160909B (en) Hidden static supervision system and method for blockchain supply chain transaction
CN111160908B (en) Supply chain transaction privacy protection system, method and related equipment based on blockchain
US20230370275A1 (en) Verification system for proving authenticity and ownership of digital assets
CN111049806B (en) Joint authority control method and device, electronic equipment and storage medium
US20150052066A1 (en) Reconciling electronic transactions
CN108805574A (en) Method of commerce based on secret protection and system
CN111079190A (en) Block chain supply chain transaction hiding dynamic supervision system and method
CN110992034A (en) Supply chain transaction privacy protection system and method based on block chain and related equipment
KR100468031B1 (en) Publication and settlement of account for an electronic check
KR102056612B1 (en) Method for Generating Temporary Anonymous Certificate
CN116561739B (en) Data transaction method and device, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant