CN117375883A - Smart city data sharing system and method based on block chain - Google Patents
Smart city data sharing system and method based on block chain Download PDFInfo
- Publication number
- CN117375883A CN117375883A CN202311186953.7A CN202311186953A CN117375883A CN 117375883 A CN117375883 A CN 117375883A CN 202311186953 A CN202311186953 A CN 202311186953A CN 117375883 A CN117375883 A CN 117375883A
- Authority
- CN
- China
- Prior art keywords
- data
- data block
- hash value
- encrypted
- block
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000012795 verification Methods 0.000 claims abstract description 18
- 238000013475 authorization Methods 0.000 claims description 7
- 238000004364 calculation method Methods 0.000 claims description 6
- 230000003993 interaction Effects 0.000 abstract description 3
- 238000010276 construction Methods 0.000 abstract description 2
- 230000008569 process Effects 0.000 description 8
- 230000005540 biological transmission Effects 0.000 description 7
- 238000012545 processing Methods 0.000 description 7
- 230000007246 mechanism Effects 0.000 description 5
- 230000008859 change Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000001010 compromised effect Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000007613 environmental effect Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 238000013496 data integrity verification Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000012634 fragment Substances 0.000 description 1
- 238000011835 investigation Methods 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000001737 promoting effect Effects 0.000 description 1
- 230000005258 radioactive decay Effects 0.000 description 1
- 238000013024 troubleshooting Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/121—Timestamp
Abstract
The invention belongs to the technical field of data interaction, and particularly relates to a system and a method for sharing smart city data based on a block chain. The method comprises the following steps: collecting data to be shared by utilizing various Internet of things devices; dividing the collected data into blocks with fixed size according to a certain rule; encrypting each data block; calculating a hash value of each encrypted data block; combining the hash value, the encrypted data and other related data of each data block into a new data block; wherein the other related data includes at least a timestamp and a device ID; the validity of the new data block is verified by using a consensus algorithm, and if the verification is passed, the new data block is added to the blockchain. By means of the method, the data are safely shared, the safety, the integrity and the non-tamper property of the data are ensured, and the data interaction and the utilization in the construction of the smart city are facilitated.
Description
Technical Field
The invention belongs to the technical field of data interaction, and particularly relates to a system and a method for sharing smart city data based on a block chain.
Background
In modern smart cities, a large number of internet of things devices collect and generate various types of data, including traffic, environmental, energy, public services, and other fields. However, the sharing of smart city data still faces some challenges due to data islanding, privacy protection, data integrity and trustworthiness, etc.
At present, traditional data sharing often depends on a manual or incompletely automatic data acquisition mode, so that the data acquisition efficiency is low and the time delay is high; the overall transmission and processing efficiency of a large amount of data is low, and the traditional data storage mode is difficult to effectively manage and index huge data amount, and the traditional data sharing is likely to have security risk because unencrypted data is easily threatened by tampering and unauthorized access in the transmission and storage process; in addition, the traditional data sharing lacks a data integrity verification mechanism, so that the situation of data tampering or damage cannot be found in time, and large-scale data cannot be quickly searched and compared.
Disclosure of Invention
The invention mainly aims at the problems and provides a system and a method for sharing smart city data based on a block chain, which aim to solve the problems of low efficiency, safety risk and data integrity existing in the traditional data sharing.
In order to achieve the above object, the present invention provides a blockchain-based smart city data sharing method, which includes the steps of: s100, collecting data to be shared by utilizing various Internet of things devices; s200, dividing the collected data into blocks with fixed sizes according to a certain rule; s300, encrypting each data block; s400, calculating a hash value of each encrypted data block; s500, combining the hash value, the encrypted data and other related data of each data block into a new data block; wherein the other related data includes at least a timestamp and a device ID; s600, verifying the validity of the new data block by using a consensus algorithm, and if verification is passed, adding the new data block to the blockchain.
Further, in step S300, the step of encrypting each data block includes: s310, generating a random symmetric key; s320, encrypting the original data block by using a symmetric key and a symmetric encryption algorithm; s330, generating a pair of public key and private key, wherein the public key is used for encryption and the private key is used for decryption; s340, encrypting the symmetric key generated in the step S310 by using the public key; and S350, storing the encrypted original data block and the encrypted symmetric key together.
Further, in step S400, the step of calculating the hash value of each encrypted data block includes: step S410, calculating the hash value of each encrypted data block, and storing the hash value as a leaf node at the bottommost layer of the block hash tree; step S420, starting from the bottom layer, calculating the hash value of each node layer by layer until reaching the root node, and taking the hash value of the root node as the hash value of the whole data block.
Further, the method further comprises: when an authorized user or device needs to access data, the following steps are performed: the symmetric key encrypted in step S340 is decrypted using the corresponding private key.
And decrypting the encrypted data by using the decrypted symmetric key to restore the original data block.
Further, in step S310, the step of generating a random symmetric key includes: collecting a plurality of entropy sources, and respectively generating initial seeds for each entropy source; expanding each initial seed into a pseudorandom number sequence of the same length using a pseudorandom number generator; performing exclusive OR operation on all the generated pseudo-random number sequences; and outputting the exclusive or result as a final random number sequence.
Further, in step S500, a reference pointing to the previous data block is added to the new data block, so as to construct a chain structure.
Further, the method further comprises authentication of the user and the device, the step of authentication of the user and the device comprising: creating an identity authentication request comprising a user or device ID, a request timestamp, and a requested data block ID; the user or the equipment signs the identity authentication request by using the private key thereof; sending the identity authentication request and the signature to an identity authentication node; after receiving the identity authentication request and the signature, the identity authentication node verifies the signature through the public key, and if verification is successful, the node sends out an authorization token; after receiving the authorization token, the user or device uses it to access and decrypt the data block.
To achieve the above object, the present invention provides a blockchain-based smart city data sharing system, the system comprising: the collection module is used for collecting data to be shared by utilizing various Internet of things devices; the dividing module is used for dividing the collected data into blocks with fixed sizes according to a certain rule; the encryption module is used for encrypting each data block; a calculation module for calculating a hash value of each encrypted data block; a combination module for combining the hash value, the encrypted data, and other related data of each data block into a new data block; wherein the other related data includes at least a timestamp and a device ID; and the verification module is used for verifying the validity of the new data block by utilizing a consensus algorithm, and if the verification is passed, adding the new data block to the blockchain.
The beneficial effects are that: the technical scheme of the invention has the following advantages: the data to be shared are automatically collected in real time by utilizing the Internet of things equipment, and the data are divided according to the blocks with fixed sizes, so that the data acquisition, transmission and processing efficiency can be improved. The encryption of each data block can ensure the security and privacy protection of the data in the transmission and storage processes, and reduce the risk of tampering or unauthorized access of the data. By calculating the hash value of each encrypted data block, the data block can be uniquely identified, the integrity of the data is verified, and the situation of data tampering or damage is timely found. The hash value, encrypted data, and other related data (e.g., timestamp and device ID) of each data block are combined into a new data block, ensuring data consistency, traceability, and source reliability. And verifying the validity of the new data block by utilizing a consensus algorithm, adding legal data blocks to the blockchain, realizing the distributed storage and sharing of data, and eliminating single-point faults and trust problems.
In summary, the technical scheme improves the efficiency, security, integrity verification and consistency of smart city data sharing through technologies such as Internet of things equipment, encryption, hash, time stamp and blockchain, and realizes distributed storage and sharing, thereby promoting smart city construction and development.
Drawings
FIG. 1 is a schematic diagram of a block chain-based smart city data sharing method according to the present invention.
FIG. 2 is a flow chart of a block chain based smart city data sharing method according to the present invention.
FIG. 3 is a block chain based architecture diagram of a smart city data sharing system in accordance with the present invention.
Detailed Description
Other advantages and effects of the present invention will become apparent to those skilled in the art from the following disclosure, which describes the embodiments of the present invention with reference to specific examples. The invention may be practiced or carried out in other embodiments that depart from the specific details, and the details of the present description may be modified or varied from the spirit and scope of the present invention. It should be noted that the following embodiments and features in the embodiments may be combined with each other without conflict.
In order to make the objects, technical solutions and advantages of the present invention more apparent, further detailed description of the technical solutions in the embodiments of the present invention will be given by the following examples with reference to the accompanying drawings. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
Fig. 1 is a schematic flow chart of an implementation of a blockchain-based smart city data sharing method according to an embodiment of the present invention, and for convenience of explanation, only a portion related to the embodiment of the present invention is shown. As shown in fig. 1-2, the method may include the steps of: s100, collecting data to be shared by utilizing various Internet of things devices; in a smart city, various internet of things devices (sensors, monitors, etc.) are deployed in different locations and areas for collecting relevant data. For example, traffic sensors may collect traffic flow and vehicle information, and environmental monitors may record weather data and air quality indicators.
S200, dividing the collected data into blocks with fixed sizes according to a certain rule.
The collected data is partitioned according to predefined rules to form fixed-size data blocks. For example, the data collected every hour is divided into 10 minutes of blocks, so that the manageability and the processing efficiency of the data are ensured; the smaller block size makes the data more manageable, easy to track and index. At the same time, processing fixed-size blocks is more efficient than processing large data sets, reducing computational and storage complexity. By fixing the size of the blocks, the amount of data contained by each block is equal, ensuring consistency of the data. This is more convenient in verifying data integrity, and hash calculations and checks can be performed for each chunk without having to consider data fragments of different sizes.
S300, encrypting each data block; s400, calculating a hash value of each encrypted data block; each data block is encrypted by using a proper encryption algorithm to ensure the security and privacy protection of the data in the transmission and storage processes, a hash function is applied to the encrypted data block, and a unique hash value is calculated. This hash value will be used to verify the integrity of the data block and for quick retrieval and identification at a later stage. Common hash functions include SHA-256 (secure hash algorithm) and the like.
S500, combining the hash value, the encrypted data and other related data of each data block into a new data block; wherein the other related data includes at least a timestamp and a device ID; it should be noted that the hash value is a unique identifier of a fixed length calculated according to the content of the data block. By means of a specific hash function, a data block can be converted into a fixed-length byte array, the main function being to verify the data integrity. When creating a data block, hash computation is performed on the data and the hash value is stored. When the data integrity needs to be verified, the hash value is recalculated and compared with the previously saved hash value. If the two hash values do not match, it is an indication that the data block may have been tampered with.
The encrypted data uses a cryptographic algorithm to transform the original data so that it cannot be read without authorization. When creating a data block, the original data is encrypted and then combined with the hash value into a new data block for storage. Only authorized users can decrypt the data block to obtain the original data. By combining the encrypted data with the hash value, confidentiality and integrity of the data are ensured.
The time stamp records the time at which the data block was generated. When creating a data block, current time information is added to the data block. The role of the time stamp is mainly to determine the timing relationship and traceability of the data. The order in which the data is generated can be known from the time stamp and the data can be ordered or screened during subsequent analysis and processing. In addition, the time stamp also helps trace back the data to a specific time period for historical data analysis and investigation.
The device ID is used to identify a specific internet of things device that collects data. Each device should have a unique device ID to accurately identify the source of the data. When a data block is created, a device ID is associated with the data block. This helps determine the source of the data, ensuring the trustworthiness and reliability of the data. In addition, the device ID also supports troubleshooting and device management, and when a problem occurs, related devices can be quickly positioned according to the device ID and corresponding measures can be taken.
S600, verifying the validity of the new data block by using a consensus algorithm, and if verification is passed, adding the new data block to the blockchain.
Using a consensus algorithm to verify the validity of a new data block can ensure that the data block meets predefined rules and criteria. Common consensus algorithms include Proof of Work (Proof-of-Work) and Proof of equity (Proof-of-stage). If the data block passes the consensus verification, the data block is added to the blockchain of the smart city, so that the distributed storage and sharing of the data are realized.
According to the invention, data are collected through the Internet of things equipment and are divided into blocks with fixed sizes according to rules, so that the manageability and the processing efficiency of the data are ensured; secondly, encryption and hash calculation are carried out on each data block, so that the safety, privacy protection and integrity verification of the data are guaranteed; then, the encrypted data, the hash value and other related data are combined into a new data block, so that confidentiality, integrity and traceability of the data are ensured; and finally, verifying the validity of the data block by utilizing a consensus algorithm, and adding the data block to a blockchain to realize distributed storage and sharing of data. Comprehensively, the method can realize safe, reliable and efficient sharing of data in the smart city, and promote optimization and innovation of city management and service.
In the prior art, a leak exists in a private key or an encryption algorithm, which may cause decryption and tampering of data, thereby destroying confidentiality and integrity of the data, and in this embodiment, an encryption method is provided, and in step S300, the step of encrypting each data block includes: s310: a symmetric key is randomly generated prior to encryption of each data block. A symmetric key is a type of identical key used to encrypt and decrypt data.
S320: the original data block is encrypted using the previously generated symmetric key and symmetric encryption algorithm. The symmetric encryption algorithm uses the same key for both encryption and decryption operations, so only those who hold the correct key can decrypt the data.
S330: a pair of public and private keys is generated. The public key is used to encrypt data and the private key is used to decrypt data. This is an asymmetric encryption scheme in which different keys are used for encryption and decryption operations.
S340: the symmetric key generated in step S310 is encrypted using the public key. By encrypting the symmetric key using the public key, it can be ensured that only the person who owns the private key can decrypt the symmetric key.
S350: the encrypted original data block is stored with the encrypted symmetric key. Thus, when decrypting data, the symmetric key needs to be decrypted by using the private key, and then the original data block is decrypted by using the symmetric key.
For example, assume that there is a sensitive document that needs to be encrypted. With this scheme, a random symmetric key is first generated (S310). Then, the document is encrypted using the symmetric key and the symmetric encryption algorithm (S320). Next, a pair of a public key and a private key is generated (S330). The symmetric key is encrypted using the public key (S340), and then the encrypted document and the encrypted symmetric key are saved together (S350). When the data needs to be decrypted, the symmetric key is decrypted by using the private key, and then the original data block is decrypted by using the symmetric key.
With this scheme, even if the private key leaks or the encryption algorithm has a vulnerability, an attacker cannot easily decrypt the data because they cannot obtain the symmetric key unless they have a matching private key. This hybrid encryption method combines the advantages of symmetric encryption and asymmetric encryption, providing greater security.
In step S400, a hash tree calculation is introduced to verify the integrity of the encrypted data block. Each step is described below: s410: for each encrypted data block, a hash value thereof is calculated and stored as a leaf node at the lowest level of the block hash tree.
S420: the hash value of each node is calculated layer by layer, starting from the bottom layer, until the root node is reached.
The hash function is an algorithm that maps data of an arbitrary size to a fixed-length hash value. This allows to detect whether a data block has been tampered with, since once the content of the data block has changed, its hash value will change accordingly.
The method for calculating the node hash value is to concatenate the hash values of its child nodes and apply the hash function again to generate the hash value of the parent node. This process continues to the root node, ultimately resulting in a hash value for the entire data block, which represents the content and structure of the entire data block.
By computing the hash tree, it is possible to verify whether the data block is complete or not tampered with during transmission or storage. If one of the data blocks is tampered with maliciously, its hash value will not match the hash value stored in the upper node, thereby suggesting that the integrity of the data is compromised. Such detection mechanisms may enhance the integrity protection of data and provide detection capability for tampering with the data.
The method further comprises the steps of: when an authorized user or device needs to access data, the following steps are performed: the symmetric key encrypted in step S340 is decrypted using the corresponding private key.
And decrypting the encrypted data by using the decrypted symmetric key to restore the original data block.
The decryption technical scheme is to ensure confidentiality and security of data. By using a combination of symmetric encryption and asymmetric encryption, the data is protected during storage and transmission. Symmetric encryption ensures confidentiality of the data block, while asymmetric encryption is used to protect security of the symmetric key. Only authorized users or devices holding the corresponding private key can successfully decrypt the data and access the original content, and a permission control mechanism for data access is provided.
In practical applications, the security of encryption is also affected by other factors, such as the quality of the random number generation algorithm, and in this embodiment, in step S310, the generation of a random symmetric key may be performed by the following steps: collecting a plurality of entropy sources, and respectively generating initial seeds for each entropy source; expanding each initial seed into a pseudorandom number sequence of the same length using a pseudorandom number generator; performing exclusive OR operation on all the generated pseudo-random number sequences; and outputting the exclusive or result as a final random number sequence.
It should be noted that entropy sources refer to physical or logical processes that can provide randomness and unpredictability. It can generate random events or data and be used as the original source for generating random numbers. Entropy sources may include various naturally or artificially generated signals or data, such as ambient noise, thermal noise, radioactive decay, voltage fluctuations of electronic components, mouse movements, keyboard strokes, network delays, and the like. These entropy sources are characterized by their high degree of randomness and unpredictability and cannot be modeled or predicted with accuracy. In cryptography, the entropy source is the basis for generating strong cryptographic security random numbers and keys. By collecting and exploiting the randomness of the entropy sources, it can be ensured that the generated random numbers have a high quality and strength, thereby providing protection for encryption, secure communication and other applications.
Specifically, the ambient noise and mouse movement data are acquired using a suitable sensor or device, and for the ambient noise, ionization data over a period of time are collected and processed to obtain an initial seed value. For mouse movements, the coordinate change of the mouse is recorded and taken as another initial seed value, and the Fortuna algorithm is selected as a cryptographically secure pseudorandom number generator (cspng). Respectively inputting each initial seed into a Fortuna algorithm, and generating a pseudo-random number sequence with a corresponding length; performing bitwise exclusive OR operation on the two pseudo-random number sequences to obtain a final random number sequence; the final random number sequence may be used to generate a random symmetric key scenario as described above. In practical applications, more entropy sources may be selected according to specific requirements.
In step S500, a reference pointing to the previous data block is added to the new data block, so as to construct a chain structure.
It will be appreciated that the setting of data block a is the creation of a block, i.e. the first data block, and the addition of data block B after data block a, so that data block B contains a reference to data block a, i.e. the hash value of data block a, and that when creating data block C a reference to data block B, i.e. the hash value of data block B, is contained therein. In this way, data block C is linked to data block B, which in turn is linked to data block a, forming a chained structure, which results in a change in the hash value of data block B if someone tries to tamper with the data of data block B, and data block C contains a reference to the hash value of data block B, which becomes invalid because the hash value of data block B has changed. Thus, anyone can discover this tampering by checking whether the reference in data block C matches the hash value of data block B. In short, by constructing a chain structure, the integrity, the sequence, the security and the easy verifiability of data are realized.
In the data access stage, although decryption can be performed through the private key, if the private key is revealed, the security of the data is threatened, and an identity verification mechanism based on a blockchain is adopted to ensure that only authorized users or devices can access the data, and even if the private key is revealed, the security of the data cannot be affected. The specific steps of the identity verification of the user and the equipment are as follows: creating an identity authentication request comprising a user or device ID, a request timestamp, and a requested data block ID; the user or the equipment signs the identity authentication request by using the private key thereof; sending the identity authentication request and the signature to an identity authentication node; after receiving the identity authentication request and the signature, the identity authentication node verifies the signature through the public key, and if verification is successful, the node sends out an authorization token; after receiving the authorization token, the user or device uses it to access and decrypt the data block.
In this process, even if the private key of the user or device is compromised, the attacker cannot forge a valid authentication request because they cannot obtain the original authentication request information. Only the request verified by the authentication node can obtain the right to access and decrypt the data, which greatly improves the security of the data, and in addition, if the private key is found to be revealed, the request can be immediately reported to the authentication node, all the access rights of the private key are revoked, and the revealed private key is prevented from being used for unauthorized data access. In this way, it is possible to ensure that the security of data is protected even in the case of a leakage of the private key.
According to the above, the invention provides a smart city data sharing method based on a blockchain, which collects data by using internet of things equipment, divides the data, encrypts and hashes the data, verifies the validity of a data block by using a consensus algorithm, and adds a reference pointing to the previous data block into the data block to construct a chain structure, thereby ensuring the safety and the integrity of the data. At the same time, by including the association with the previous data block in the new data block, the continuity and consistency of the data is also ensured. Furthermore, symmetric and asymmetric encryption techniques are employed to protect data so that only authorized users or devices can access and decrypt the data. Finally, by introducing an identity authentication mechanism of the user and the equipment, the data security is improved, and the data security is ensured not to be threatened even if the private key is leaked. The method effectively solves the safety and efficiency problems of data sharing in the smart city, ensures the integrity and reliability of the data, and has important practical value.
It should be understood that the sequence number of each step in the foregoing embodiment does not mean that the execution sequence of each process should be determined by the function and the internal logic, and should not limit the implementation process of the embodiment of the present invention.
Corresponding to the above-mentioned intelligent city data sharing method based on the block chain, an embodiment of the present invention further provides an intelligent city data sharing system based on the block chain, which has the same beneficial effects as the above-mentioned data sharing method. Fig. 3 is a schematic block diagram of a blockchain-based smart city data sharing system according to an embodiment of the present invention, and only a portion related to the embodiment of the present invention is shown for convenience of explanation.
In the embodiment of the invention, as shown in fig. 3, the system comprises a collecting module, a dividing module, an encrypting module, a calculating module, a combining module and a verifying module.
The collection module is used for collecting data to be shared by utilizing various Internet of things devices; the dividing module is used for dividing the collected data into blocks with fixed sizes according to a certain rule; the encryption module is used for encrypting each data block; a calculation module for calculating a hash value of each encrypted data block; a combination module for combining the hash value, the encrypted data, and other related data of each data block into a new data block; wherein the other related data includes at least a timestamp and a device ID; and the verification module is used for verifying the validity of the new data block by utilizing a consensus algorithm, and if the verification is passed, adding the new data block to the blockchain.
The foregoing is merely a preferred embodiment of the present invention, and it should be noted that it will be apparent to those skilled in the art that modifications and variations can be made without departing from the technical principles of the present invention, and these modifications and variations should also be regarded as the scope of the invention.
Claims (8)
1. A blockchain-based smart city data sharing method, the method comprising the steps of: s100, collecting data to be shared by utilizing various Internet of things devices; s200, dividing the collected data into blocks with fixed sizes according to a certain rule; s300, encrypting each data block; s400, calculating a hash value of each encrypted data block; s500, combining the hash value, the encrypted data and other related data of each data block into a new data block; wherein the other related data includes at least a timestamp and a device ID; s600, verifying the validity of the new data block by using a consensus algorithm, and if verification is passed, adding the new data block to the blockchain.
2. The blockchain-based smart city data sharing method of claim 1, wherein the step of encrypting each data block in step S300 comprises: s310, generating a random symmetric key; s320, encrypting the original data block by using a symmetric key and a symmetric encryption algorithm; s330, generating a pair of public key and private key, wherein the public key is used for encryption and the private key is used for decryption; s340, encrypting the symmetric key generated in the step S310 by using the public key; and S350, storing the encrypted original data block and the encrypted symmetric key together.
3. The blockchain-based smart city data sharing method of claim 1, wherein the step of calculating the hash value of each encrypted data block in step S400 includes: step S410, calculating the hash value of each encrypted data block, and storing the hash value as a leaf node at the bottommost layer of the block hash tree; step S420, starting from the bottom layer, calculating the hash value of each node layer by layer until reaching the root node, and taking the hash value of the root node as the hash value of the whole data block.
4. The blockchain-based smart city data sharing method of claim 2, further comprising: when an authorized user or device needs to access data, the following steps are performed: decrypting the symmetric key encrypted in step S340 using the corresponding private key; and decrypting the encrypted data by using the decrypted symmetric key to restore the original data block.
5. The blockchain-based smart city data sharing method of claim 2, wherein the step of generating a random symmetric key in step S310 comprises: collecting a plurality of entropy sources, and respectively generating initial seeds for each entropy source; expanding each initial seed into a pseudorandom number sequence of the same length using a pseudorandom number generator; performing exclusive OR operation on all the generated pseudo-random number sequences; and outputting the exclusive or result as a final random number sequence.
6. The method for sharing intelligent city data based on blockchain as in claim 1, further comprising adding a reference to a previous data block to the new data block to construct a chain structure in step S500.
7. The blockchain-based smart city data sharing method of claim 1, further comprising authentication of the user and the device, the step of authentication of the user and the device comprising: creating an identity authentication request comprising a user or device ID, a request timestamp, and a requested data block ID; the user or the equipment signs the identity authentication request by using the private key thereof; sending the identity authentication request and the signature to an identity authentication node; after receiving the identity authentication request and the signature, the identity authentication node verifies the signature through the public key, and if verification is successful, the node sends out an authorization token; after receiving the authorization token, the user or device uses it to access and decrypt the data block.
8. A blockchain-based smart city data sharing system, the system comprising: the collection module is used for collecting data to be shared by utilizing various Internet of things devices; the dividing module is used for dividing the collected data into blocks with fixed sizes according to a certain rule; the encryption module is used for encrypting each data block; a calculation module for calculating a hash value of each encrypted data block; a combination module for combining the hash value, the encrypted data, and other related data of each data block into a new data block; wherein the other related data includes at least a timestamp and a device ID; and the verification module is used for verifying the validity of the new data block by utilizing a consensus algorithm, and if the verification is passed, adding the new data block to the blockchain.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311186953.7A CN117375883A (en) | 2023-09-14 | 2023-09-14 | Smart city data sharing system and method based on block chain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311186953.7A CN117375883A (en) | 2023-09-14 | 2023-09-14 | Smart city data sharing system and method based on block chain |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117375883A true CN117375883A (en) | 2024-01-09 |
Family
ID=89399181
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311186953.7A Pending CN117375883A (en) | 2023-09-14 | 2023-09-14 | Smart city data sharing system and method based on block chain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117375883A (en) |
-
2023
- 2023-09-14 CN CN202311186953.7A patent/CN117375883A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109922039B (en) | Semi-centralized identity management method based on block chain technology | |
| CN109417478B (en) | Multi-link cipher logical block chain | |
| Waters et al. | Building an encrypted and searchable audit log. | |
| Ma et al. | A new approach to secure logging | |
| EP3130104B1 (en) | System and method for sequential data signatures | |
| CN102422296B (en) | Method for authenticating access to a secured chip by a test device | |
| CA2497561A1 (en) | Method and system of securely escrowing private keys in a public key infrastructure | |
| Muthurajkumar et al. | Secured temporal log management techniques for cloud | |
| CN110674521B (en) | Privacy protection evidence management system and method | |
| US20230163961A1 (en) | Public random number generation method and device based on blockchain | |
| CN114021164B (en) | Credit system privacy protection method based on block chain | |
| CN112804050B (en) | Multi-source data query system and method | |
| CN115208628B (en) | Data integrity verification method based on block chain | |
| CN110188545B (en) | Data encryption method and device based on chained database | |
| Liu et al. | A data preservation method based on blockchain and multidimensional hash for digital forensics | |
| Zhang et al. | Secdedup: Secure encrypted data deduplication with dynamic ownership updating | |
| CN114885325A (en) | Credible auditing method and system for regulating and controlling service network security suitable for 5G network | |
| KR102013415B1 (en) | System and method for verifying integrity of personal information | |
| CN116436708A (en) | Trusted data sharing method and system based on blockchain technology | |
| Li et al. | Anonymous, secure, traceable, and efficient decentralized digital forensics | |
| CN117375883A (en) | Smart city data sharing system and method based on block chain | |
| CN112507355B (en) | Personal health data storage system based on block chain | |
| CN117037988B (en) | Electronic medical record storage method and device based on blockchain | |
| Li et al. | In-Vehicle Digital Forensics for Connected and Automated Vehicles With Public Auditing | |
| Wang et al. | RCDS: a right-confirmable data-sharing model based on symbol mapping coding and blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |