CN117880180A - Data transmission method, device, equipment and medium based on financial alliance chain - Google Patents

Data transmission method, device, equipment and medium based on financial alliance chain Download PDF

Info

Publication number
CN117880180A
CN117880180A CN202410052594.4A CN202410052594A CN117880180A CN 117880180 A CN117880180 A CN 117880180A CN 202410052594 A CN202410052594 A CN 202410052594A CN 117880180 A CN117880180 A CN 117880180A
Authority
CN
China
Prior art keywords
data
financial
node
data transmission
routing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202410052594.4A
Other languages
Chinese (zh)
Inventor
李广普
孙建成
花学周
杨明灿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202410052594.4A priority Critical patent/CN117880180A/en
Publication of CN117880180A publication Critical patent/CN117880180A/en
Pending legal-status Critical Current

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The application relates to a data transmission method, a data transmission device, computer equipment, a storage medium and a computer program product based on a financial alliance chain, and relates to the fields of blockchain and financial science and technology. The method comprises the following steps: determining an optimal route path group from the node to the target node according to the data volume of the financial data to be transmitted and the concurrency volume of the data transmission process of the data transmission group based on the financial alliance chain; the optimal routing path group comprises a plurality of routing paths, so that the total time for branching the financial data to be transmitted from the node to the target node is shortest; determining a plurality of financial sub-data corresponding to a plurality of routing paths according to financial data to be transmitted; and establishing a plurality of encryption tunnels corresponding to the plurality of routing paths, and branching and transmitting the plurality of financial sub-data to the target node through the plurality of routing paths based on the plurality of encryption tunnels. By adopting the method, the optimal path group can be provided according to the data quantity of the financial data, and the financial data can be safely and quickly transmitted in a branching way.

Description

Data transmission method, device, equipment and medium based on financial alliance chain
Technical Field
The present application relates to the field of blockchain technology and the field of financial science and technology, and in particular, to a data transmission method, apparatus, computer device, storage medium and computer program product based on a financial alliance chain.
Background
With the development of blockchain technology and the deepening of cooperation between financial institutions, a financial alliance chain composed of a plurality of financial institutions has emerged. Based on the financial institution chain, nodes of different financial institutions can perform safe data sharing with nodes of other financial institutions on the chain.
However, in the current financial alliance chain, data transmission is generally performed in a broadcast manner between two financial institution nodes, so that in the case that data to be transmitted has a large data amount, it is difficult to ensure timeliness of the data reaching a destination node.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a data transmission method, apparatus, computer device, computer-readable storage medium, and computer program product based on a financial institution chain.
In a first aspect, the present application provides a data transmission method based on a financial alliance chain. The method comprises the following steps:
determining an optimal route path group from the node to the target node according to the data volume of the financial data to be transmitted and the concurrency volume of the data transmission process of the data transmission group based on the financial alliance chain; the optimal routing path group comprises a plurality of routing paths, the routing paths enable the total time of the financial data to be transmitted from the node to the target node to be the shortest in a branching way, and each routing path in the optimal routing path group is composed of nodes of data transmission participants in the data transmission group;
Determining a plurality of financial sub-data corresponding to the plurality of routing paths according to the financial data to be transmitted;
and establishing a plurality of encryption tunnels corresponding to the routing paths, and transmitting the financial sub-data to the target node in a branching way through the routing paths based on the encryption tunnels.
In one embodiment, the method further comprises: when receiving financial sub-data transmitted by nodes of other data transmission participants in the data transmission group based on the encrypted tunnel, judging whether the node is a target node or not; if yes, obtaining the financial data according to the received plurality of financial sub-data.
In one embodiment, the method further comprises: if the node is not the target node, acquiring the route information corresponding to the financial sub-data according to the dynamic route table stored in the financial alliance chain; and forwarding the financial sub-data to the target node through a routing path corresponding to the routing information based on an encryption tunnel.
In one embodiment, the determining the optimal routing path group from the node to the target node according to the data amount of the financial data to be transmitted and the data transmission process concurrency amount of the data transmission group based on the financial alliance chain includes: distributing the plurality of financial data to a plurality of data transmission processes according to the concurrency of the data transmission processes of the data transmission group, and determining the data load of each data transmission process; combining the data load and a set transmission time window, and acquiring a plurality of routing paths applicable to the plurality of data transmission processes by using an ant colony algorithm; and obtaining the optimal route path group from the plurality of route paths.
In one embodiment, the method further comprises: and storing the routing information of each routing path in the optimal routing path group in a dynamic routing table of the financial alliance chain.
In one embodiment, the establishing a plurality of encryption tunnels corresponding to the plurality of routing paths, and branching the plurality of financial sub-data to the target node via the plurality of routing paths based on the plurality of encryption tunnels includes: determining the next hop node of the node in the routing path according to the routing information of the routing path; establishing a segmented encryption tunnel with the next hop node according to the common public key of the financial alliance chain and the public key of the node; and tunneling the financial sub-data to the next hop node based on the segmented encryption tunnel.
In one embodiment, the tunneling the financial sub-data to the next-hop node based on the segment encryption includes: encrypting the financial sub-data according to the symmetric key negotiated between the node and the next-hop node, and transmitting the encrypted financial sub-data to the next-hop node according to the data transmission message format of the preset encryption tunnel protocol and the routing information.
In a second aspect, the present application further provides a data transmission device based on a financial alliance chain. The device comprises:
the path determining module is used for determining an optimal route path group from the node to the target node according to the data quantity of the financial data to be transmitted and the data transmission process concurrency quantity of the data transmission group based on the financial alliance chain; the optimal routing path group comprises a plurality of routing paths, the routing paths enable the total time of the financial data to be transmitted from the node to the target node to be the shortest in a branching way, and each routing path in the optimal routing path group is composed of nodes of data transmission participants in the data transmission group;
the financial sub-data determining module is used for determining a plurality of financial sub-data corresponding to the plurality of routing paths according to the financial data to be transmitted;
and the branching transmission module is used for establishing a plurality of encryption tunnels corresponding to the routing paths and branching the plurality of financial sub-data to the target node through the routing paths based on the encryption tunnels.
In a third aspect, the present application also provides a computer device. The computer device comprises a memory storing a computer program and a processor which when executing the computer program performs the steps of:
Determining an optimal route path group from the node to the target node according to the data volume of the financial data to be transmitted and the concurrency volume of the data transmission process of the data transmission group based on the financial alliance chain; the optimal routing path group comprises a plurality of routing paths, the routing paths enable the total time of the financial data to be transmitted from the node to the target node to be the shortest in a branching way, and each routing path in the optimal routing path group is composed of nodes of data transmission participants in the data transmission group;
determining a plurality of financial sub-data corresponding to the plurality of routing paths according to the financial data to be transmitted;
and establishing a plurality of encryption tunnels corresponding to the routing paths, and transmitting the financial sub-data to the target node in a branching way through the routing paths based on the encryption tunnels.
In a fourth aspect, the present application also provides a computer-readable storage medium. The computer readable storage medium having stored thereon a computer program which when executed by a processor performs the steps of:
determining an optimal route path group from the node to the target node according to the data volume of the financial data to be transmitted and the concurrency volume of the data transmission process of the data transmission group based on the financial alliance chain; the optimal routing path group comprises a plurality of routing paths, the routing paths enable the total time of the financial data to be transmitted from the node to the target node to be the shortest in a branching way, and each routing path in the optimal routing path group is composed of nodes of data transmission participants in the data transmission group;
Determining a plurality of financial sub-data corresponding to the plurality of routing paths according to the financial data to be transmitted;
and establishing a plurality of encryption tunnels corresponding to the routing paths, and transmitting the financial sub-data to the target node in a branching way through the routing paths based on the encryption tunnels.
In a fifth aspect, the present application also provides a computer program product. The computer program product comprises a computer program which, when executed by a processor, implements the steps of:
determining an optimal route path group from the node to the target node according to the data volume of the financial data to be transmitted and the concurrency volume of the data transmission process of the data transmission group based on the financial alliance chain; the optimal routing path group comprises a plurality of routing paths, the routing paths enable the total time of the financial data to be transmitted from the node to the target node to be the shortest in a branching way, and each routing path in the optimal routing path group is composed of nodes of data transmission participants in the data transmission group;
determining a plurality of financial sub-data corresponding to the plurality of routing paths according to the financial data to be transmitted;
And establishing a plurality of encryption tunnels corresponding to the routing paths, and transmitting the financial sub-data to the target node in a branching way through the routing paths based on the encryption tunnels.
According to the data transmission method, the data transmission device, the computer equipment, the storage medium and the computer program product based on the financial alliance chain, according to the data quantity of the financial data to be transmitted and the data transmission process concurrency quantity of the data transmission group based on the financial alliance chain, an optimal route path group capable of enabling the total time of the financial data to be transmitted from the node to be shortest is determined, a plurality of financial sub-data corresponding to a plurality of route paths in the optimal route path group is determined, a plurality of encryption tunnels corresponding to the route paths are established, and the financial sub-data are transmitted to the target node in a branching mode through the route paths based on the encryption tunnels. In the process, the corresponding optimal route path group is determined by combining the data quantity of the financial data to be transmitted, the concurrence of the data transmission process of the data transmission group and the total transmission time of the data, so that the optimal route path group can be adapted to different data loading quantities, and the optimal route path can be dynamically provided, and therefore the financial data with different data quantities can be transmitted from the node to the target node in a time as short as possible, and the timeliness of data transmission is effectively ensured. Further, a plurality of encryption tunnels corresponding to a plurality of routing paths are established, financial data are transmitted to the target node in a branching mode based on the encryption tunnels, and the transmission safety of the financial data of each path can be guaranteed on the basis of guaranteeing the data transmission speed.
Drawings
FIG. 1 is an application environment diagram of a financial institution-based chain data transfer method in one embodiment;
FIG. 2 is a flow chart of a data transmission method based on a financial institution chain in one embodiment;
FIG. 3 is a flow chart illustrating steps for transferring financial sub-data according to one embodiment;
FIG. 4 is a flow diagram of an embodiment for obtaining an optimal routing path set;
FIG. 5 is a flow diagram of establishing an encrypted tunnel in one embodiment;
FIG. 6 is a block diagram of a data transmission device based on a financial institution chain in one embodiment;
fig. 7 is an internal structural diagram of a computer device in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
The following are some definitions referred to in this application:
concatenation of byte sequences: let X and Y be byte sequences, concatenate the two byte sequences X and Y to form another byte sequence Z, formalized as z=x||y.
Security parameters for group signatures: let ω > 1, k, l p Let lambda be the safety parameter 1 ,λ 2 ,γ 1 ,γ 2 Represents a length variable and satisfies lambda 1 >ω(λ 2 +k)+2,λ 1 >4l p ,γ 1 >ω(γ 2 +k)+2,γ 2 >γ 1 +2. The ranges Λ, Γ of integers are defined, expressed as follows:
let H denote a hash function formally expressed as: h: {0,1} * →{0,1} k
It should be noted that, the user information (including, but not limited to, user equipment information, user personal information, etc.) and the data (including, but not limited to, data for analysis, stored data, presented data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party, and the collection, use and processing of the related data are required to comply with the related laws and regulations and standards of the related countries and regions.
The data transmission method based on the financial alliance chain provided by the embodiment of the application can be applied to an application environment shown in fig. 1, and the application environment can include: a plurality of nodes of a financial alliance chain and terminals of users. In the present application, a node in a financial institution chain may be used as a data transmission participant of a data transmission group, and after a data transmission participant joins the data transmission group based on the financial institution chain, the system corresponds to a node in the financial institution chain. The data transmission group may include three or more participants, which may be financial institutions such as banks. The user terminal may be used to send and receive financial data such as transaction requests from the user, may be connected to a node such as one of the participants, and may transmit the financial data to a corresponding node such as the other participant via the node of the participant, while also receiving the financial data from the participant node and returning the financial data to the user.
In the application environment shown in fig. 1, the user terminal may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, internet of things devices and portable wearable devices, where the internet of things devices may be smart speakers, smart televisions, smart air conditioners, smart vehicle devices, etc. The portable wearable device may be a smart watch, smart bracelet, headset, or the like. The nodes of the financial alliance chain may be servers, and may be implemented by a stand-alone server or a server cluster formed by a plurality of servers.
In one embodiment, as shown in fig. 2, there is provided a data transmission method based on a financial alliance chain, including the steps of:
step S201, determining an optimal route path group from the node to the target node according to the data volume of the financial data to be transmitted and the data transmission process concurrency volume of the data transmission group based on the financial alliance chain; the optimal routing path group comprises a plurality of routing paths, the routing paths enable total time of branching transmission of financial data to be transmitted from the node to the target node to be the shortest, and each routing path in the optimal routing path group is composed of nodes of data transmission participants in the data transmission group.
Specifically, the financial data to be transmitted may be financial data such as a transaction request from a user received by the data transmission participant through the user terminal, or financial data generated by the data transmission participant and required to be transmitted to another participant in the data transmission group. According to the financial data to be transmitted, the data quantity and the target node of the data transmission can be determined. The amount of concurrency of data transfer processes may be determined by the performance of the data transfer group and the current data transfer state.
In this step, when a node of one data transmission participant in the data transmission group needs to transmit financial data from the present node to the target node, the node of the data transmission participant available for data transmission may be determined in the data transmission group, and thereby a plurality of routing paths from the present node to the target node may be determined. Further, according to the data amount of the financial data to be transmitted and the concurrency of the data transmission processes of the data transmission group, the financial data to be transmitted can be distributed to each data transmission process, the data transmission time required by each data transmission process on different routing paths is estimated, and a plurality of routing paths with the shortest total time for enabling the financial data to be transmitted from the node in a branching mode to the target node are determined, so that an optimal routing path group corresponding to the financial data transmission is obtained.
Step S202, determining a plurality of financial sub-data corresponding to a plurality of routing paths according to the financial data to be transmitted.
Specifically, corresponding to the plurality of routing paths determined in step S201, in this step, the financial data to be transmitted may be split, so as to obtain the financial sub-data allocated to each routing path.
Step S203, a plurality of encryption tunnels corresponding to the plurality of routing paths are established, and the plurality of financial sub-data are transmitted to the target node through the plurality of routing paths in a branching manner based on the plurality of encryption tunnels.
Specifically, in this step, a plurality of corresponding encrypted tunnels may be established for a plurality of routing paths. The encryption tunnel may be established between the initial node (i.e., the present node) and the target node, or may be established between nodes of the routing path, which may encrypt and encapsulate the data. The encrypted tunnel may be established, for example, with reference to a wireguard tunneling protocol.
Further, based on the established plurality of encryption tunnels, the plurality of financial sub-data determined in step S202 may be transmitted to the target node through the corresponding routing paths thereof in an encrypted manner.
In the data transmission method based on the financial alliance chain, according to the data quantity of the financial data to be transmitted and the concurrence quantity of the data transmission process of the data transmission group based on the financial alliance chain, an optimal route path group which can lead the total time of the financial data to be transmitted from the node to the target node to be the shortest is determined, a plurality of financial sub-data corresponding to a plurality of route paths in the optimal route path group is determined, a plurality of encryption tunnels corresponding to the plurality of route paths are established, and the plurality of financial sub-data are transmitted to the target node in a branching mode through the plurality of route paths based on the plurality of encryption tunnels. In the process, the corresponding optimal route path group is determined by combining the data quantity of the financial data to be transmitted, the concurrence of the data transmission process of the data transmission group and the total transmission time of the data, so that the optimal route path group can be adapted to different data loading quantities, and the optimal route path can be dynamically provided, and therefore the financial data with different data quantities can be transmitted from the node to the target node in a time as short as possible, and the timeliness of data transmission is effectively ensured. Further, a plurality of encryption tunnels corresponding to a plurality of routing paths are established, financial data are transmitted to the target node in a branching mode based on the encryption tunnels, and the transmission safety of the financial data of each path can be guaranteed on the basis of guaranteeing the data transmission speed.
In one embodiment, the method further comprises: when receiving financial sub-data transmitted by nodes of other data transmission participants in the data transmission group based on the encrypted tunnel, judging whether the node is a target node or not; if yes, obtaining the financial data according to the received plurality of financial sub-data.
In particular, the data transfer participants of the data transfer group may receive financial sub-data based on encrypted tunneling from nodes of other data transfer participants in the group. When receiving the financial sub-data from other nodes, the data transmission participant can determine whether the node is the target node of the financial sub-data according to the information carried by the financial sub-data and used for indicating the target node, such as a destination address corresponding to the target node.
Under the condition that the node is determined to be the target node, the data transmission participant can further receive the financial sub-data transmitted by other routing paths based on the encryption tunnel, decrypt the received financial sub-data, and combine the decrypted financial sub-data to obtain the original financial data.
In this embodiment, a data transmission participant serving as a target node may receive a plurality of financial sub-data transmitted in a plurality of different routing paths based on the encrypted tunnel, and restore the original financial data. Because each financial sub-data is transmitted through the path in the optimal route path group, the data transmission participant serving as the target node can receive all the financial sub-data in the shortest time, and the waiting time for the data is greatly saved. In addition, as each financial sub-data is based on encryption tunneling, the target node can avoid receiving tampered data, and the security of the target node is effectively ensured.
In one embodiment, as shown in fig. 3, the method further includes:
step S301, if the node is not the target node, obtaining the routing information corresponding to the financial sub-data according to the dynamic routing table stored in the financial alliance chain.
Step S302, forwarding the financial sub-data to the target node via the routing path corresponding to the routing information based on the encryption tunnel.
Specifically, in step S301, if the data transmission participant determines that the node is not the target node, the data transmission participant may determine that the node is an intermediate node on the routing path corresponding to the financial sub-data. In this case, the data transmission participant may query the dynamic routing table stored in the financial alliance chain according to the information carried by the financial sub-data and used for indicating the initial node and the target node thereof, and obtain the routing path information from the initial node to the target node and through the node. The routing path information may include information such as a next-hop node address corresponding to the node on the routing path. Further, based on the obtained routing information, in step S302, the data transmission participant may forward the received financial sub-data to the target node via its corresponding routing path based on the encrypted tunnel.
In this embodiment, the data transmitting party as the intermediate node may obtain the routing information corresponding to the financial sub-data according to the dynamic routing table stored in the financial alliance chain, and forward the routing information to the target node based on the encrypted tunnel. The dynamic routing table stored in the financial alliance chain can avoid malicious tampering under the condition of multiple witnesses, so that the intermediate node can obtain the routing information with the security guarantee from the dynamic routing table, and further can forward the financial sub-data to the target node according to the correct routing path.
In one embodiment, as shown in fig. 4, the step S201 of determining the optimal routing path group from the node to the target node according to the data amount of the financial data to be transmitted and the concurrency of the data transmission process of the data transmission group based on the financial alliance chain includes:
in step S401, according to the concurrency of the data transmission processes of the data transmission group, a plurality of financial data are distributed to a plurality of data transmission processes, and the data load of each data transmission process is determined.
In step S402, in combination with the data load and the set transmission time window, the ant colony algorithm is used to obtain a plurality of routing paths suitable for a plurality of data transmission processes.
Step S403, obtaining an optimal route path group from the plurality of route paths.
Specifically, when the node needs to transmit financial data, in step S401, the financial data to be transmitted may be split into data packets with the same data size by using a file splitting technology, and then the data packets are distributed to each data transmission process according to the concurrency of the data transmission processes. Illustratively, the data packets may be evenly divided into each data transmission process in this embodiment.
Further, the present embodiment may simulate entropy increase of pheromone based on ant colony optimization algorithm in step S402 in combination with data load amount and transmission time window to obtain a plurality of routing paths suitable for a plurality of data transmission processes, and further obtain an optimal routing path group from a set of the plurality of routing paths in step S403.
Specifically, in this embodiment, determining the optimal routing path group by using the ant colony optimization algorithm may include:
step S501, initializing parameters of the ant colony optimization algorithm.
Specifically, an initial node is set to a, a target node is set to b, the value of the pheromone τ (a, b) is set to a constant c, the initialization is expressed as τ (a, b) =c, and the gain Δτ (a, b) of the pheromone is initialized k =0。
Further, the maximum iteration number is set as N max The Ant colony number is represented as ant= (n+m+1)/3, the Ant colony capacity is not more than m, and the solution of Ant colony k is s k Each iteration is represented by shortestLet α, β denote constant parameters. Wherein n is the number of data packets obtained by splitting the financial data to be transmitted, and m is the concurrency of the data transmission process.
Step S502, initializing ant colony routing information and calculating heuristic information of each node. Specifically, the ant colony routing information may be initialized according to the network state in the data transmission group.
Step S503, when the number of iterations is less than N max In the case of (a), steps S504 to S505 are cyclically executed.
Step S504, for each ant colony, causes each path selection process therein to search for a routing path from the initial node to the target node.
For example, for path selection process k at node a, when a is not the target node, the next access node s is selected according to the following rule, based on the "concentration" of pheromones:
wherein beta is a parameter determining the relative importance of pheromone and distance, beta is usually>0,J k (a) Is an alternative set of nodes for process k, τ represents a pheromone, μ=1/δ represents the reciprocal of the a and b path distances δ (a, b). q is distributed in [ 0..1 ] ]Random number, q 0 (0≤q 0 And.ltoreq.1) is a constant parameter, S is a random variable, which follows a state transition rule represented by the following formula:
for the selected next access node, if the node does not meet the constraint condition, searching for the next node; if the node satisfies the constraint and does not exist in the accessed node library, adding the current access node to the accessed node library and adding the node to the solution s k
Further, according to the transmission timeThe information such as the information elements is updated by the window and the data load. Acquiring the size of the file fragment of each data packet (the file fragment size is the same in the embodiment), transmitting a time window w, and setting w as a time range [ e ] i ,l i ],e i Represents the earliest time of arrival, l i Indicating the latest arrival time (residence time is negligible). Optimizing the path distance function mu of the pheromone transfer matrix and adjusting to beFormally expressed as:
wherein delta j (k, t) represents a load parameter, ε is derived from the data load j (k, t) represents a time parameter, which is derived from the data transmission time.
Step S505, for each ant colony k, updates the optimized path selection, calculates the length of each path, and updates the shortest path short. Further, for each node, the pheromone matrix PM is updated, and the path that is not updated is set as the worst value. Specifically, the pheromone parameter may be cyclically updated according to the path distance μ and the pheromone "concentration" according to a rule shown in the following formula:
Wherein:
in the above, 0<α<1 represents a pheromone attenuation factor, L k Represents the path length (i.e., μ) traversed by the ant colony k, and m represents the number of ant colonies.
Step S506, when the number of iterations reaches N max When comparing the results obtained by each ant colony, and outputting a plurality of optimal routing paths。
In the embodiment, the optimal route path group is obtained by combining the data load and the transmission time window and using the ant colony algorithm, so that the load balance among a plurality of route paths and the time for each path to reach the target node can be effectively considered, the optimal route path group which can enable the target node to receive all financial sub-data in the shortest time is obtained, the process increases the efficiency of route optimization, and the route access efficiency can be improved.
In one embodiment, the method further comprises: and storing the routing information of each routing path in the optimal routing path group in a dynamic routing table of a financial alliance chain.
Specifically, the dynamic routing table of the financial alliance chain may include routing information corresponding to an optimal routing path group between each of the parties in the data transmission group. In this embodiment, after obtaining the optimal route path group from the node to the target node, the node of the data transmission participant may prove the route information of each route path contained in the node in the dynamic route table of the financial alliance chain.
In this embodiment, after the optimal routing path group is obtained, the routing information of the routing path contained in the optimal routing path group is stored in the dynamic routing table of the financial alliance chain, so that dynamic update of the dynamic routing table can be realized, and the nodes of the data transmission participants in the data transmission group can all query the latest routing information in time.
In one embodiment, as shown in fig. 5, the step S203 establishes a plurality of encryption tunnels corresponding to the plurality of routing paths, and shunts the plurality of financial sub-data to the target node via the plurality of routing paths based on the plurality of encryption tunnels, including:
step S601, determining the next hop node of the node in the routing path according to the routing information of the routing path.
Step S602, a segmented encryption tunnel is established with the next hop node according to the common public key of the financial alliance chain and the public key of the node.
Step S603, tunneling the financial sub-data to the next hop node based on the segment encryption.
Specifically, the encryption tunnel corresponding to each routing path in this embodiment is composed of a segmented encryption tunnel established between every two adjacent nodes of the routing path. The node of the data transmission participant may obtain, in step S601, the routing information of the routing path corresponding to the financial sub-data by, for example, querying a dynamic routing table stored in a financial alliance chain, further determine a next-hop node on the path corresponding to the node, then establish a segment encryption tunnel with the next-hop node according to the common public key PK of the financial alliance chain and the public key PK (i) of the node in step S602, and then transmit the financial sub-data to the next-hop node based on the established segment encryption tunnel in step S603.
Illustratively, step S602 of the present embodiment may include the steps of:
step S701, a common public key of a financial alliance chain and a public key of the node are acquired.
Specifically, the node of the manager of the financial institution chain may use the initialization parameters of elliptic curve algorithm X25519 to cyclically generate its public key pk (i) and private key sk (i) for the nodes of each participant in the data transmission group.
The obtaining manner of the common public key PK of the financial alliance chain can comprise: selecting security parameters and storing certificates in a financial alliance chain; after signing the security parameters by each participant in the data transmission group in the financial alliance chain, a common public key generated by a node of a management party of the financial alliance chain based on the security parameters is acquired.
The node of the data transmission participant may select the security parameters including: length of l p The random prime numbers p ', q' of bits, let p=2p '+1, q=2q' +1, and p and q are prime numbers, modulo n=pq, a 0 G, h e QR (n), the order of QR being p 'q', the security parameter y=g x mod n whereinFor a randomly selected secret element. Then, the node can upload the security parameters to the financial alliance chain certificate, and the nodes of other data transmission participants in the data transmission group can call the intelligent contract to read the gold Fusing the security parameters of the federation chain deposit certificate, and then the nodes of each participant can sign the security parameters by using the private keys of each participant and deposit the security parameters in the financial federation chain deposit certificate, wherein the signature processing steps are as follows:
generating random numbersAnd calculating:
T 1 =A 1 y w mod n
T 2 =g w mod n
T 3 =g e h w mod n
randomly select And calculates the following operators:
(1)
(2)c=H(g||h||y||a 0 ||a||T 1 ||T 2 ||T 3 ||d 1 ||d 2 ||d 3 ||d 4 ||m)
(3)s3=r3-cew,s4=r4-cw
signature information (c, s) obtained by signing the security parameter 1 ,s 2 ,s 3 ,s 4 ,T 1 ,T 2 ,T 3 ) The certificate is stored in the financial alliance chain. After signing the security parameters by each participant in the data transmission group in the financial alliance chain, a node of a manager of the financial alliance chain can generate a common public key PK based on the security parameters, the common public key PK can also be verified in the financial alliance chain, and the node of the data transmission participant can acquire the common public key PK.
Step S702, sending an encrypted tunnel establishment request message to the next hop node.
Specifically, the node of the data transmission participant may send an encrypted tunnel establishment request message to the next hop node according to a first message format of a preset encrypted tunnel protocol, where the encrypted tunnel establishment request message may include a common public key of the financial alliance chain and a public key of the node, and routing information determined by the routing path obtained in step S601, and may further include a signature of the node on the common public key. Specifically, the first message format is as follows:
Wherein the IP header represents a data message header, the routing information may include Next hop, type represents a message type, type=0x1 represents a transmission message, type=0x2 represents a reception message, etc., reserved represents a reserved field, sender represents a sender public key, receiver represents a receiver public key, ephemeral represents a temporary certificate, timestamp represents a transmission timestamp, static represents static information, which may include a common public key PK, MAC1, MAC2 represents a message authentication algorithm (MAC, message Authentication Codes), and header information Hi in a hash form is formally expressed as: h_i=hash (Hash (Construct) ||pk_i). Wherein, hash represents Hash algorithm SHA-256, construct represents content information of the structure, PKi represents a public key of communication node i (this node), and i represents a byte sequence concatenation operation symbol.
Step S703, receiving an encrypted tunnel establishment response message sent by the next hop node.
Specifically, after sending an encrypted tunnel establishment request message to the next-hop node, the node can verify the common public key and the public key, and after passing the verification of the common public key and the public key, the node can return an encrypted tunnel establishment response message according to a second message format of a preset encrypted tunnel protocol, and the node can receive the encrypted tunnel establishment response message sent by the next-hop node according to the second message format of the preset encrypted tunnel protocol. The encrypted tunnel establishment request message may include routing information determined by the routing path. The encrypted tunnel establishment request message and the encrypted tunnel establishment response message are used for negotiating a symmetric key between the node and the next hop node. Specifically, the second message format is as follows:
Wherein the IP header represents a data message header, the routing information may contain a Next hop, empty field representing an authentication tag authentication tag for calculating Poly1035 for 12 bytes of all zero data.
After receiving the encrypted tunnel establishment response message sent by the next hop node, the node can indicate that the segmented encrypted tunnel is successfully established and can send a communication message.
Illustratively, the next hop node verifying the common public key and the public key may include: executing a preset signature verification function to verify the signature of the common public key, and executing a preset identity verification function to verify the public key.
Specifically, the next-hop node may execute a preset signature verification function bool=verifiysign (PK, sk (i)), verifying the signature of the common public key. Where sk (i) represents the private key of the next hop node, PK represents the common public key, bool represents the result of verifying the signature, bool=true represents success, bool=false represents failure. When the verification signature fails, the next hop node may reject the communication connection.
The next hop node may also perform a preset authentication function, bool=authenkey (PK, PK (j)), to authenticate the public key, where PK (j) represents the public key of the node, PK represents the common public key, bool represents the result of authentication, bool=true represents authentication success, bool=false represents authentication failure. When the authentication fails, the next hop node may reject the communication connection.
After the establishment of the segment encryption tunnel between the node and the next-hop node is completed according to the above procedure, in step S603, the financial sub-data can be transmitted from the node to the next-hop node based on the segment encryption tunnel.
In this embodiment, a segment encryption tunnel is formed by every two adjacent nodes in the routing path, and the financial sub-data is transmitted from one node to its next-hop node based on the segment encryption tunnel. In the process, the corresponding segmented encryption tunnel is established along with the transmission of the financial sub-data, so that the establishment efficiency of the encryption tunnel can be effectively improved, and the transmission efficiency of the financial sub-data is improved. In addition, in the process of establishing the segmented encryption tunnel by the two nodes, the identities of the two nodes can be verified, so that the safety of data transmission is further improved.
In one embodiment, the step S603, tunneling the financial sub-data to the next hop node based on the segment encryption, includes: encrypting the financial sub-data according to the symmetric key negotiated between the node and the next-hop node, and transmitting the encrypted financial sub-data to the next-hop node according to the data transmission message format of the preset encryption tunnel protocol and the routing information.
In this embodiment, a node (this node) of the data transmission participant may encrypt the financial sub-data using a symmetric key negotiated with the next hop node in the process of establishing the segmented encryption tunnel, to obtain encrypted financial sub-data. Then, the node can transmit the encrypted financial sub-data to the next hop node according to the data transmission message format of the preset encryption tunnel protocol.
Illustratively, the data packet of the encrypted financial sub-data to be transmitted is denoted by P, and P denotes the length of the data packet P, the data transmission message format may be expressed as:
wherein, the IP header represents a data message header, the routing information may include Next hop, type=0x4 may represent a communication transmission message, counter represents "salified" information, and P is defined as follows:
P:=P||0 16 .[||P||/16]-||P||
wherein AEAD is a calculation formula of the Chacha20-Poly1305 algorithm,symmetric key representing transmitted data, < >>Representing a random number counter for transmitting a transmission data message.
In this embodiment, the node encrypts the financial sub-data by using the symmetric key negotiated with the next hop node, and then transmits the encrypted financial sub-data to the next hop node according to the data transmission message format of the preset encryption tunneling protocol, so that the financial sub-data can be ensured to be higher in the transmission process.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the application also provides a data transmission device based on the financial alliance chain for realizing the data transmission method based on the financial alliance chain. The implementation of the solution provided by the device is similar to the implementation described in the above method, so the specific limitation in the embodiments of the data transmission device based on the financial alliance chain provided below may be referred to the limitation of the data transmission method based on the financial alliance chain hereinabove, and will not be repeated here.
In one embodiment, as shown in fig. 6, there is provided a data transmission apparatus 800 based on a financial institution chain, including:
the path determining module 801 is configured to determine an optimal routing path group from the node to the target node according to a data amount of financial data to be transmitted and a data transmission process concurrency amount of a data transmission group based on a financial alliance chain; the optimal routing path group comprises a plurality of routing paths, the routing paths enable the total time of the financial data to be transmitted from the node to the target node to be the shortest in a branching way, and each routing path in the optimal routing path group is composed of nodes of data transmission participants in the data transmission group;
a financial sub-data determining module 802, configured to determine, according to the financial data to be transmitted, a plurality of financial sub-data corresponding to the plurality of routing paths;
and a branching transmission module 803, configured to establish a plurality of encryption tunnels corresponding to the plurality of routing paths, and branching the plurality of financial sub-data to the target node via the plurality of routing paths based on the plurality of encryption tunnels.
In one embodiment, the apparatus further comprises: the data receiving and processing module is used for judging whether the node is a target node or not when receiving financial sub-data transmitted by other data transmission participants in the data transmission group based on the encryption tunnel; if yes, obtaining the financial data according to the received plurality of financial sub-data.
In one embodiment, the data receiving and processing module is further configured to: if the node is not the target node, acquiring the route information corresponding to the financial sub-data according to the dynamic route table stored in the financial alliance chain; and forwarding the financial sub-data to the target node through a routing path corresponding to the routing information based on an encryption tunnel.
In one embodiment, the path determining module 801 is further configured to: distributing the plurality of financial data to a plurality of data transmission processes according to the concurrency of the data transmission processes of the data transmission group, and determining the data load of each data transmission process; combining the data load and a set transmission time window, and acquiring a plurality of routing paths applicable to the plurality of data transmission processes by using an ant colony algorithm; and obtaining the optimal route path group from the plurality of route paths.
In one embodiment, the path determining module 801 is further configured to: and storing the routing information of each routing path in the optimal routing path group in a dynamic routing table of the financial alliance chain.
In one embodiment, the aforementioned branching transmission module 803 is further configured to: determining the next hop node of the node in the routing path according to the routing information of the routing path; establishing a segmented encryption tunnel with the next hop node according to the common public key of the financial alliance chain and the public key of the node; and tunneling the financial sub-data to the next hop node based on the segmented encryption tunnel.
In one embodiment, the aforementioned branching transmission module 803 is further configured to: encrypting the financial sub-data according to the symmetric key negotiated between the node and the next-hop node, and transmitting the encrypted financial sub-data to the next-hop node according to the data transmission message format of the preset encryption tunnel protocol and the routing information.
The above-described individual modules in the financial institution-based data transmission apparatus may be implemented in whole or in part by software, hardware, and combinations thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a server, the internal structure of which may be as shown in fig. 7. The computer device includes a processor, a memory, an Input/Output interface (I/O) and a communication interface. The processor, the memory and the input/output interface are connected through a system bus, and the communication interface is connected to the system bus through the input/output interface. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer equipment is used for storing financial data, financial sub-data, data transmission process concurrence number and the like. The input/output interface of the computer device is used to exchange information between the processor and the external device. The communication interface of the computer device is used for communicating with an external terminal through a network connection. The computer program, when executed by a processor, implements a data transmission method based on a financial institution chain.
It will be appreciated by those skilled in the art that the structure shown in fig. 7 is merely a block diagram of some of the structures associated with the present application and is not limiting of the computer device to which the present application may be applied, and that a particular computer device may include more or fewer components than shown, or may combine certain components, or have a different arrangement of components.
In an embodiment, there is also provided a computer device comprising a memory and a processor, the memory having stored therein a computer program, the processor implementing the steps of the method embodiments described above when the computer program is executed.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored which, when executed by a processor, carries out the steps of the method embodiments described above.
In an embodiment, a computer program product is provided, comprising a computer program which, when executed by a processor, implements the steps of the method embodiments described above.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of:
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the various embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the various embodiments provided herein may include at least one of relational databases and non-relational databases. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic units, quantum computing-based data processing logic units, etc., without being limited thereto.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples only represent a few embodiments of the present application, which are described in more detail and are not to be construed as limiting the scope of the present application. It should be noted that it would be apparent to those skilled in the art that various modifications and improvements could be made without departing from the spirit of the present application, which would be within the scope of the present application. Accordingly, the scope of protection of the present application shall be subject to the appended claims.

Claims (11)

1. A data transmission method based on a financial institution chain, the method comprising:
determining an optimal route path group from the node to the target node according to the data volume of the financial data to be transmitted and the concurrency volume of the data transmission process of the data transmission group based on the financial alliance chain; the optimal routing path group comprises a plurality of routing paths, the routing paths enable the total time of the financial data to be transmitted from the node to the target node to be the shortest in a branching way, and each routing path in the optimal routing path group is composed of nodes of data transmission participants in the data transmission group;
Determining a plurality of financial sub-data corresponding to the plurality of routing paths according to the financial data to be transmitted;
and establishing a plurality of encryption tunnels corresponding to the routing paths, and transmitting the financial sub-data to the target node in a branching way through the routing paths based on the encryption tunnels.
2. The method according to claim 1, wherein the method further comprises:
when receiving financial sub-data transmitted by nodes of other data transmission participants in the data transmission group based on the encrypted tunnel, judging whether the node is a target node or not;
if yes, obtaining the financial data according to the received plurality of financial sub-data.
3. The method according to claim 2, wherein the method further comprises:
if the node is not the target node, acquiring the route information corresponding to the financial sub-data according to the dynamic route table stored in the financial alliance chain;
and forwarding the financial sub-data to the target node through a routing path corresponding to the routing information based on an encryption tunnel.
4. The method according to claim 1, wherein determining the optimal routing path group from the node to the target node according to the data amount of the financial data to be transmitted and the data transmission process concurrency amount of the data transmission group based on the financial institution chain comprises:
Distributing the plurality of financial data to a plurality of data transmission processes according to the concurrency of the data transmission processes of the data transmission group, and determining the data load of each data transmission process;
combining the data load and a set transmission time window, and acquiring a plurality of routing paths applicable to the plurality of data transmission processes by using an ant colony algorithm;
and obtaining the optimal route path group from the plurality of route paths.
5. The method according to claim 4, wherein the method further comprises:
and storing the routing information of each routing path in the optimal routing path group in a dynamic routing table of the financial alliance chain.
6. The method of any of claims 1-5, wherein the establishing a plurality of encrypted tunnels corresponding to the plurality of routing paths, based on which the plurality of financial sub-data is shunted to the target node via the plurality of routing paths, comprises:
determining the next hop node of the node in the routing path according to the routing information of the routing path;
establishing a segmented encryption tunnel with the next hop node according to the common public key of the financial alliance chain and the public key of the node;
And tunneling the financial sub-data to the next hop node based on the segmented encryption tunnel.
7. The method of claim 6, wherein the tunneling the financial sub-data to the next-hop node based on the segment encryption comprises:
encrypting the financial sub-data according to the symmetric key negotiated between the node and the next-hop node, and transmitting the encrypted financial sub-data to the next-hop node according to the data transmission message format of the preset encryption tunnel protocol and the routing information.
8. A financial institution-based chain data transmission apparatus, the apparatus comprising:
the path determining module is used for determining an optimal route path group from the node to the target node according to the data quantity of the financial data to be transmitted and the data transmission process concurrency quantity of the data transmission group based on the financial alliance chain; the optimal routing path group comprises a plurality of routing paths, the routing paths enable the total time of the financial data to be transmitted from the node to the target node to be the shortest in a branching way, and each routing path in the optimal routing path group is composed of nodes of data transmission participants in the data transmission group;
The financial sub-data determining module is used for determining a plurality of financial sub-data corresponding to the plurality of routing paths according to the financial data to be transmitted;
and the branching transmission module is used for establishing a plurality of encryption tunnels corresponding to the routing paths and branching the plurality of financial sub-data to the target node through the routing paths based on the encryption tunnels.
9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any of claims 1 to 7 when the computer program is executed.
10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 7.
11. A computer program product comprising a computer program, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 7.
CN202410052594.4A 2024-01-12 2024-01-12 Data transmission method, device, equipment and medium based on financial alliance chain Pending CN117880180A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410052594.4A CN117880180A (en) 2024-01-12 2024-01-12 Data transmission method, device, equipment and medium based on financial alliance chain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410052594.4A CN117880180A (en) 2024-01-12 2024-01-12 Data transmission method, device, equipment and medium based on financial alliance chain

Publications (1)

Publication Number Publication Date
CN117880180A true CN117880180A (en) 2024-04-12

Family

ID=90584314

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410052594.4A Pending CN117880180A (en) 2024-01-12 2024-01-12 Data transmission method, device, equipment and medium based on financial alliance chain

Country Status (1)

Country Link
CN (1) CN117880180A (en)

Similar Documents

Publication Publication Date Title
Vivekanandan et al. BIDAPSCA5G: Blockchain based Internet of Things (IoT) device to device authentication protocol for smart city applications using 5G technology
US6993651B2 (en) Security protocol
GB2357229A (en) Security protocol with messages formatted according to a self describing markup language
Yang et al. Secure data transfer and deletion from counting bloom filter in cloud computing
Ghribi et al. A secure blockchain-based communication approach for UAV networks
Job et al. A modified secure version of the Telegram protocol (MTProto)
Li et al. Verifiable Chebyshev maps‐based chaotic encryption schemes with outsourcing computations in the cloud/fog scenarios
TW202232913A (en) Generating shared keys
Rawat et al. A lightweight authentication scheme with privacy preservation for vehicular networks
EP3920464A1 (en) Method for storing transaction that represents asset transfer to distributed network and program for the same
Xu et al. Towards efficient verifiable multi-keyword search over encrypted data based on blockchain
Zhang et al. Efficient auditing scheme for secure data storage in fog-to-cloud computing
CN110620776A (en) Data transfer information transmission method and device
Bhattacharya et al. LightBlocks: A trusted lightweight signcryption and consensus scheme for industrial IoT ecosystems
CN113806795B (en) Two-party privacy set union calculation method and device
CN117880180A (en) Data transmission method, device, equipment and medium based on financial alliance chain
Zhang et al. Achieving public verifiability and data dynamics for cloud data in the standard model
Divya et al. An Efficient Data Storage and Forwarding Mechanism Using Fragmentation-Replication and DADR Protocol for Enhancing the Security in Cloud
Shibu et al. Random bit extraction for secret key generation in MANETs
CN111224777A (en) SDN network multicast member information encryption method, system, terminal and storage medium
CN117857059A (en) Visa information processing method, device, equipment and medium
Sojka et al. Symbiosis of a lightweight ecc security and distributed shared memory middleware in wireless sensor networks
Swamy et al. Secure Data Dissemination in Wireless Sensor Networks with The Help of Module Based Blockchain Technology
CN115426331B (en) Mail transmission method, mail transmission device, computer equipment and storage medium
US20240097886A1 (en) End to end file-sharing schema using signed merkle tree randomly originated keys

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination