WO2018126340A1 - Procédé, dispositif et système de traitement de données basé sur une chaîne de blocs - Google Patents

Procédé, dispositif et système de traitement de données basé sur une chaîne de blocs Download PDF

Info

Publication number
WO2018126340A1
WO2018126340A1 PCT/CN2017/000052 CN2017000052W WO2018126340A1 WO 2018126340 A1 WO2018126340 A1 WO 2018126340A1 CN 2017000052 W CN2017000052 W CN 2017000052W WO 2018126340 A1 WO2018126340 A1 WO 2018126340A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
blockchain network
hash value
information
authenticated
Prior art date
Application number
PCT/CN2017/000052
Other languages
English (en)
Chinese (zh)
Inventor
常俊仁
张臣雄
冯淑兰
张亮亮
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to CN201780081904.3A priority Critical patent/CN110121860B/zh
Priority to PCT/CN2017/000052 priority patent/WO2018126340A1/fr
Publication of WO2018126340A1 publication Critical patent/WO2018126340A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the embodiments of the present application relate to the field of communications, and in particular, to a blockchain-based data processing method, device, and system.
  • the Internet of Things realizes information exchange and communication by applying computer technologies such as intelligent sensing, recognition technology and pervasive computing. According to the prediction of relevant institutions, the number of IoT devices in the world will reach 25 billion units in 2020. With the normal number of devices in the Internet of Things, if the IoT devices are managed in the traditional centralized network mode, huge investment in data center infrastructure construction and maintenance will be brought. In addition, there is a security risk in a centralized network model.
  • the present application provides a data processing method, device and system based on a blockchain, which can reduce the construction and maintenance cost of the communication system and improve the security performance of the system.
  • a data processing method based on a blockchain including: establishing, by a first device, a communication connection with a second device, where the second device is a device in a blockchain network; The first data generated by the first device needs to be authenticated in the blockchain network; the first device sends the first data to the second device to implement the first data by the The devices in the blockchain network are authenticated.
  • the first device sends the first data to the second device in the blockchain network when generating the first data that needs to be authenticated in the blockchain network.
  • the second device is caused to send the first data to the device in the blockchain network to implement authentication of the first data.
  • the construction and maintenance costs of the communication system can be reduced, and the security performance of the system can be improved.
  • the second device sends the data of the first device to the device in the blockchain network for authentication, which can reduce the capability requirement for the first device.
  • the authentication refers to blockchain consensus authentication or consistency authentication.
  • the first device may be an Internet of Things device, and the first device is not a device in a blockchain network.
  • the first device does not need to authenticate the data by a formula algorithm.
  • the second device sends the first data to the device in the blockchain network by means of broadcast sending, and all devices (including the second device) in the blockchain network can obtain the authentication right, and perform the first data. Certification.
  • the first device establishes a communication connection with the second device, where the first device sends the first public key to the second device
  • the first message the first message includes first information, the first public key is a public key of the second device, and the first information is used to request the second device to be the first Data generated by the device that needs to be authenticated in the blockchain network is sent to a device in the blockchain network for authentication;
  • the first device receives second information sent by the second device, where the The second information is used to indicate that the second device confirms that the data generated by the first device that needs to be authenticated in the blockchain network is sent to a device in the blockchain network for authentication.
  • the first message further includes a second public key, where the second public key is a public key of the first device.
  • the method before the first device establishes a communication connection with the second device, the method further includes: the first device receiving the The third information sent by the second device, where the third information includes a first hash HASH value requirement; the first device generates a first HASH value that meets the first HASH value requirement.
  • the chain network has better scalability and supports access of devices with different needs.
  • the third information includes at least one HASH value requirement, where the at least one HASH value requirement includes the first HASH value requirement , each HASH value in the at least one HASH value requirement Requirement to correspond to at least one type of business;
  • the method further includes: determining, by the first device, the first device according to the service type corresponding to the first data, before the first device generates the first HASH value that meets the first HASH value requirement. A HASH value.
  • the hash value of the embodiment of the present application is related to the service type, so that different access delay requirements and authentication delay requirements of the device can be met.
  • the third information includes at least one HASH value requirement, where the at least one HASH value requirement includes the first HASH value requirement And each of the at least one HASH value requirement corresponds to at least one device group;
  • the method further includes: determining, by the first device, the first device according to the device group to which the first device belongs A HASH value.
  • the second device groups the devices, grouping according to the computing capability of the device, or grouping according to the service type of the device.
  • the hash value of the embodiment of the present application is related to the device group, so that different access delay requirements and authentication delay requirements of the device can be met.
  • the method further includes: the first device sending, to the third device, a second HASH value related to the first data, The second HASH value is used by the third device to determine the integrity of the second data, and the second data is the data after the first data is authenticated in the blockchain network.
  • the integrity of the data is used to indicate whether the data is lost or tampered with during the authentication process in the blockchain network.
  • the third device is an Internet of Things device, and the third device is not a device in a blockchain network.
  • the first data is data related to the first device and the third device, for example, the first data is transaction data between the first device and the third device.
  • the first data is data related to the first device and other IoT devices, for example, the first data is transaction data between the first device and other IoT devices.
  • the second device can directly calculate the hash value of the second data, and then compare whether the calculated hash value and the received hash value are consistent.
  • the second data is first Decryption is performed, and then the hash value of the decrypted data is calculated, and then the calculated hash value is compared with the received hash value.
  • the first data is encrypted by a public key of the third device.
  • the third device may directly calculate the hash value of the second data, and then compare the calculated hash value with the received hash value. To determine the integrity of the second data.
  • the method further includes:
  • the first device determines the second HASH value according to the first data.
  • the first data is encrypted by a public key of the third device
  • the method further includes: the first device The third device sends the first data, so that the third device determines the integrity of the second data according to the second HASH value after determining the second HASH value according to the first data, and second The data is the authenticated data of the first data in the blockchain network.
  • the third device acquires the second data, the advancedity is decrypted, and then the hash value of the decrypted data is calculated, and then the calculated value is obtained.
  • the hash value of the decrypted data is compared to the second HASH value to determine the integrity of the second data.
  • the third device may directly calculate the hash value of the second data, and then compare the calculated hash value with the second HASH value to Determine the integrity of the second data.
  • the first data is not encrypted by the public key of the third device. If the second data is also not encrypted by the public key of the third device, the third device directly calculates the hash value of the second data. The calculated hash value of the second data is then compared with the second HASH value to determine the integrity of the second data.
  • the first data is not encrypted by the public key of the third device
  • the second data is After the public key of the three devices is encrypted
  • the third device decrypts the second data, and then calculates the hash value of the decrypted data, and then performs the calculated hash value of the encrypted data and the second HASH value. Contrast to determine the integrity of the second data.
  • the method further includes: the first device receiving fourth information sent by the second device, where the fourth information is used by And indicating that the first data has been authenticated N times in the blockchain network, and the value of N is a preset value.
  • the method further includes: the first device receiving a Merkel Merkle tree corresponding to the second data sent by the second device Information and block information, the second data is the authenticated data of the first data in the blockchain network, and the block information is used to indicate a region carrying the second data in the blockchain network. Piece.
  • the first device may learn that the first data has been completely N times authenticated in the blockchain network.
  • the block information is the height of the block or the identity of the block.
  • the method further includes: the first device determining to delete the second data from the blockchain network, where the second data is The first data is authenticated data in the blockchain network; the first device sends fifth information to a device in the blockchain network, and the fifth information is used to indicate the area A device in the blockchain network deletes the second data from the blockchain network.
  • the blockchain-based data processing method of the embodiment of the present application can delete data stored in the blockchain network according to requirements, thereby reducing network load and reducing transmission bandwidth required for transmission of the blockchain.
  • the fifth information includes the identifier information and/or the Merkle tree information corresponding to the second data, where the identifier information is used to identify the first Two data.
  • the method further includes: deleting, by the first device, the first data that is locally stored by the first device.
  • a second aspect provides a data processing method based on a blockchain, including: establishing, by a second device, a communication connection with a first device, where the second device is a device in a blockchain network; Receiving, by the first device, first data generated by the first device that needs to be authenticated in the blockchain network; the second device sending the information to a device in the blockchain network The first data, the authentication of the first data is implemented.
  • the second device receives the first data generated by the first device that needs to be authenticated in the blockchain network, and sends the first data to the blockchain network.
  • the device implements the authentication of the first data.
  • the construction and maintenance costs of the communication system can be reduced, and the security performance of the system can be improved.
  • the second device sends the data of the first device to the device in the blockchain network for authentication, which can reduce the capability requirement for the first device.
  • the second device establishes a communication connection with the first device, where the second device receives the first public a first message that is encrypted by the key, the first message includes first information, the first public key is a public key of the second device, and the first information is used to request the second device to
  • the data generated by the first device that needs to be authenticated in the blockchain network is sent to the device in the blockchain network for authentication; the second device sends the second information to the first device.
  • the second information is used to indicate that the second device confirms that the data generated by the first device that needs to be authenticated in the blockchain network is sent to a device in the blockchain network for authentication.
  • the first message further includes a second public key, where the second public key is a public key of the first device.
  • the second device sends the second information to the first device, including: the second device to the first device Sending the second information encrypted by the second public key.
  • the method further includes: the second device generating a preset The number of digital currencies.
  • the method further includes: the second device sending the related information of the digital currency to a device in the blockchain network And if the second device determines that the digital currency has undergone M authentication in the blockchain network, the second device confirms that the digital currency is valid, and the value of M is a preset value.
  • the second device receives, by the first device, the need generated by the first device in the block
  • the first data that is authenticated in the chain network includes: the second device receives a block that is sent by the first device and that carries the first data;
  • the second device sends the first data to a device in the blockchain network, including: the second device Generating, according to the block format required by the blockchain network, a block that carries the first data; the second device sends the area that carries the first data to a device in the blockchain network Piece.
  • the method before the second device establishes a communication connection with the first device, the method further includes: determining, by the second device a first hash HASH value request; the second device sends third information to the first device, where the third information includes the first HASH value requirement, so that the first device meets the generation After the first HASH value required by the first HASH value, a communication connection is established with the second device.
  • the chain network has better scalability and supports access of devices with different needs.
  • the third information includes at least one HASH value requirement, where the at least one HASH value requirement includes the first HASH value requirement And each of the at least one HASH value requirement corresponds to at least one service type;
  • the determining, by the second device, the first hash HASH value request includes: determining, by the second device, the at least one HASH value requirement.
  • the hash value of the embodiment of the present application is related to the service type, so that different access delay requirements and authentication delay requirements of the device can be met.
  • the third information includes at least one HASH value requirement, where the at least one HASH value requirement includes the first HASH value requirement And each of the at least one HASH value requirement corresponds to at least one device group;
  • the second device determines a first hash HASH value requirement, including: the second device Determining the at least one HASH value requirement.
  • the second device groups the devices, grouping according to the computing capability of the device, or grouping according to the service type of the device.
  • the hash value of the embodiment of the present application is related to the device group, so that different access delay requirements and authentication delay requirements of the device can be met.
  • the method further includes: the second device receiving, by the first device, a second information related to the first data that is sent by the first device a HASH value, the second HASH value is used by the third device to determine the integrity of the second data, and the second data is the authenticated data of the first data in the blockchain network; Sending the second HASH value to the third device.
  • the first data is encrypted by a public key of the third device.
  • the second HASH value is determined by the first device according to the first data.
  • the first data is encrypted by a public key of the third device
  • the method further includes: receiving, by the second device
  • the first data is sent by the second device to the third device, so that the third device, according to the first data, determines the second HASH value, according to the second data.
  • the HASH value determines the integrity of the second data
  • the second data is the authenticated data of the first data in the blockchain network.
  • the method further includes: if the second device determines that the first data has passed the N in the blockchain network The second device sends the second data corresponding to the Merkel tree information and the block information to the third device, where the block information is used to indicate that the second chain is carried in the blockchain network.
  • the block of data, the second data is the authenticated data of the first data in the blockchain network, wherein the value of N is a preset value.
  • the method further includes: if the second device determines that the first data has passed the N in the blockchain network The second device sends the fourth information to the first device, where the fourth information is used to indicate that the first data has been authenticated N times in the blockchain network, where The value is the default value.
  • the method further includes: if the second device determines that the first data has passed the N in the blockchain network The second device sends the Merkle tree information and the block information corresponding to the second data to the first device, where the block information is used to indicate the block that carries the second data in the blockchain network.
  • the second data is the authenticated data of the first data in the blockchain network, where the value of N is a preset value.
  • the method further includes: receiving, by the second device, fifth information sent by the first device, where the fifth information is used by The device in the blockchain network is instructed to delete the second data from the blockchain network, where the second data is the authenticated data of the first data in the blockchain network.
  • the fifth information includes the identifier information and/or the Merkle tree information corresponding to the second data, where the identifier information is used to identify the location The second data is described.
  • a data processing method based on a blockchain including: acquiring, by a third device, Merkel tree information and block information corresponding to the second data, where the block information is used to indicate a blockchain a block in the network that carries the second data, where the second data is the data that the first data has been authenticated in the blockchain network, and the first data is a required area generated by the first device.
  • Data for authentication in the blockchain network the third device acquires second data from the block carrying the second data according to the Merkle tree information; and the third device determines the integrity of the second data.
  • the third device may acquire, according to the received Merkle tree information and the block information, the need generated by the first device stored in the blockchain network in the blockchain network. And performing second data corresponding to the first data of the authentication, and confirming the integrity of the second data. Thereby, the confidentiality and integrity of the data can be ensured, and the data stored in the blockchain network has higher reliability.
  • the method further includes: sending, by the third device, a device in the blockchain network A confirmation message is used to indicate that the second data is complete.
  • the confirmation information sent by the third device may be authenticated in the blockchain network.
  • the third device acquires Merkel tree information and block information corresponding to the second data, including: The third device receives the Merkle tree information and the block information sent by the second device, where the second device is a device in the blockchain network.
  • the third device may receive the Merkle tree information and the block information sent by the multiple devices in the blockchain network, thereby avoiding the potential risk caused by the device in the blockchain network being attacked.
  • the second device is a device that sends the first data to the blockchain network for authentication.
  • the method further includes: determining, by the third device, a second hash HASH value related to the first data;
  • the third device determines the integrity of the second data, including: the third device determines the integrity of the second data according to the consistency of the third HASH value and the second HASH value associated with the second data. Sex.
  • the third device determines, by the third device, a second hash HASH value that is related to the first data, The second HASH value, wherein the second HASH value is determined by the first device according to the first data.
  • the first data is encrypted by a public key of the third device.
  • the first data is encrypted by a public key of the third device, and the method further includes: the third Receiving, by the device, the first data sent by the first device; and determining, by the third device, the second HASH value according to the first data.
  • the method further includes: the third device determines to delete the second data from the blockchain network; The device sends fifth information to the device in the blockchain network, where the fifth information is used to indicate that the device in the blockchain network deletes the second data from the blockchain network.
  • the fifth information includes the identifier information and/or the Merkle tree information corresponding to the second data, where the identifier information is used to identify the first Two data.
  • an apparatus for performing the method of any of the above-described first aspect or any of the possible implementations of the first aspect.
  • the device includes means for performing the first aspect described above or A functional module of a method in any of the possible implementations of the first aspect.
  • an apparatus for performing the method of any of the above-described second aspect or any of the possible implementations of the second aspect.
  • the apparatus comprises functional modules for performing the method of any of the possible implementations of the second aspect or the second aspect described above.
  • an apparatus for performing the method of any of the above-described third aspect or any of the possible implementations of the third aspect.
  • the apparatus comprises functional modules for performing the method of any of the above-described third or third aspects of the third aspect.
  • an apparatus comprising a processor, a memory, and a transceiver.
  • the processor, the memory, and the transceiver communicate with each other through an internal connection path, transmitting control and/or data signals, such that the device performs the first aspect or any of the possible implementations of the first aspect Methods.
  • an apparatus comprising a processor, a memory, and a transceiver.
  • the processor, the memory, and the transceiver communicate with each other through an internal connection path, transmitting control and/or data signals, such that the device performs any of the second or second aspects of the foregoing possible implementations.
  • an apparatus comprising a processor, a memory and a transceiver.
  • the processor, the memory, and the transceiver communicate with each other through an internal connection path, transmitting control and/or data signals, such that the device performs any of the third or third aspects of the foregoing possible implementations.
  • a communication system comprising the apparatus of the fourth aspect, the fifth aspect, and the sixth aspect. Or the apparatus of the seventh aspect, the eighth aspect, and the ninth aspect.
  • a computer readable medium for storing a computer program, the computer program comprising instructions for performing the first aspect or any of the possible implementations of the first aspect.
  • a computer readable medium for storing a computer program, the computer program comprising instructions for performing any of the second aspect or the second aspect of the second aspect.
  • a thirteenth aspect a computer readable medium for storing a computer program, the computer program comprising instructions for performing any of the possible implementations of the third or third aspect above.
  • FIG. 1 is a schematic diagram of an application scenario of an embodiment of the present application
  • FIG. 2 is a schematic flowchart of a blockchain-based data processing method according to an embodiment of the present application
  • FIG. 3 is a schematic flowchart of a method for establishing a communication connection by a device according to an embodiment of the present application
  • FIG. 4 is a schematic flowchart of a blockchain-based data processing method according to another embodiment of the present application.
  • FIG. 5 is a schematic flowchart of a blockchain-based data processing method according to still another embodiment of the present application.
  • FIG. 6 is a schematic flowchart of a blockchain-based data processing method according to still another embodiment of the present application.
  • FIG. 7 is a schematic flowchart of a blockchain-based data processing method according to still another embodiment of the present application.
  • FIG. 8 is a schematic block diagram of an apparatus according to an embodiment of the present application.
  • FIG. 9 is a schematic illustration of an apparatus in accordance with another embodiment of the present application.
  • FIG. 10 is a schematic block diagram of an apparatus according to still another embodiment of the present application.
  • FIG. 11 is a schematic block diagram of an apparatus according to still another embodiment of the present application.
  • FIG. 12 is a schematic block diagram of an apparatus according to still another embodiment of the present application.
  • FIG. 13 is a schematic block diagram of an apparatus in accordance with still another embodiment of the present application.
  • FIG. 1 is a schematic diagram of an application scenario of an embodiment of the present application.
  • nodes in the dotted line form a blockchain network
  • IoT devices are not in the blockchain network
  • block nodes in the blockchain network can act as proxy nodes for IoT devices.
  • the data generated by the IoT device that needs to be propagated and verified in the blockchain network is sent to the nodes in the blockchain network to implement data verification.
  • node and device have the same meaning in the embodiment of the present application.
  • the block node in the blockchain network may be a private node, an operator network node (for example, a base station device), or may be a certain industry organization, group, and individual deployment. Site (Station).
  • the Internet of Things device may include, but is not limited to, a mobile station (Mobile Station, MS), a mobile terminal (Mobile Terminal), a mobile phone (Mobile Telephone), a user equipment (User Equipment, UE), a mobile phone (handset).
  • a portable device, a vehicle, etc. for example, the terminal device may be a mobile phone (or "cellular" phone), a computer having a wireless communication function, etc., and the terminal device may also be portable, pocket-sized , handheld, computer built-in or in-vehicle mobile devices.
  • Blockchain networks are characterized by decentralization. Data exchange between each node in the blockchain network does not need to trust each other. The operation rules of the entire blockchain network are open and transparent, and all data content is public, so the rule scope of the blockchain network And within the time range, nodes can not and can not deceive other nodes, therefore, the blockchain network has the feature of trust. The total block of the blockchain network is maintained by all nodes with maintenance functions in the entire system, and any node with maintenance functions can participate. Therefore, the blockchain network has the characteristics of collective maintenance.
  • the blockchain network allows each participating node to obtain a copy of the complete database in the form of a sub-database. Unless you can control more than 51% of the nodes in the entire network at the same time, the modification of the database on a single node is invalid, and it cannot affect the data content on other nodes. Therefore, the blockchain network has a reliable database.
  • the blockchain network has the above characteristics and the number of devices in the Internet of Things will increase dramatically, the blockchain network and the Internet of Things can be combined to realize the self-governance of the Internet of Things and improve the security performance of the Internet of Things.
  • the data generated by the device includes data related to the device and its peer device and common data.
  • the data related to the device and its peer device takes the data related to the device and its peer device as an example, The data is described by taking the data related to the device and its peer device as transaction data, but this does not limit the scope of the embodiments of the present application. among them:
  • a block is a containerized data structure of data that is contained in a blockchain. It consists of a block header containing metadata and a long list of transactions that immediately follow the body of the block.
  • the block specifically includes: a block size field, usually 4 bytes; a block header field, usually 80 bytes; a transaction counter field, generally 1-9 bytes, recording the number of transactions; a transaction field, usually Variable length, record transaction details.
  • the block header consists of three sets of metadata, first a set of data that references the hash value of the parent block, which is used to connect the block to the previous block in the blockchain.
  • the second set of metadata includes difficulty, timestamp, and number used once (Number used once, simply "Nonce”).
  • the third set of metadata is the Merkle number (a data structure used to effectively summarize all transactions in the block).
  • the block header specifically includes the following fields: the version field, usually 4 bytes; the parent block hash value field, usually 32 bytes, used to reference the hash value of the parent block in the blockchain; the Merkle root field, The hash value of the Merkle root of the transaction in the block; the timestamp field, usually 4 fields, is used to identify the approximate time generated by the block, accurate to the second; the Nonce field is used for the workload proof algorithm. counter.
  • Each block can reference the previous block through the "parent block hash value field" of its block header. That is, each block header contains the hash value of its parent block. And each block has only one parent block, but there can be multiple sub-blocks temporarily. The case where multiple sub-blocks appear in one block is called “block chain fork”.
  • a blockchain fork indicates a temporary state, and eventually only one sub-block becomes part of the blockchain.
  • a blockchain is a data structure in which blocks are sequentially linked from the back to the front, and each block points to the previous block. It can be stored as a file containing non-relative relationship records or stored in a simple database. You can think of a blockchain as a stack, with a height indicating the distance between the block and the first block, and a top or top indicating the most recent block. Encryption of each block header (for example, Secure Hash Algorithm ("SHA”)) can generate a hash value. The corresponding block in the blockchain can be identified by this hash value.
  • SHA Secure Hash Algorithm
  • PoW Proof Of Work
  • the essence is to join the information transfer Cost, reduce the rate of information transmission, and add a random element to ensure that only one node in a time period can have the right to broadcast information.
  • This random element is for the node to calculate a random hash value.
  • the block node calculates a string of 64-bit random numbers and letters according to the obtained input data, but only the node that obtains the hash value satisfying the hash value can be accepted as the workload by the blockchain network. prove.
  • the hash algorithm of the workload proof also realizes the wear of historical information by using the information in each new block as the input value of the next hash algorithm, forming a traceable chain (blockchain). .
  • Proof of interest the purpose is to achieve blockchain protection by those with financial interests, this method is to achieve the proof of equity through the number of coins destroyed in each transaction (Coindays).
  • the existing proof of equity system such as Peercoin, is based on evidence blocks in which the target that the miner must achieve is inversely related to the number of days of destruction. People with Peercoin must choose a miner called a proof of equity and contribute a portion of their currency over a period of time to protect the blockchain network.
  • FIG. 2 illustrates a blockchain-based data processing method in accordance with an embodiment of the present application. As shown in FIG. 2, the method 100 includes:
  • the first device establishes a communication connection with the second device, where the second device is a device in the blockchain network.
  • the first device generates data that needs to be authenticated in the blockchain network.
  • the second device receives data that is sent by the first device and needs to be authenticated in the blockchain network.
  • the second device sends the data to a device in the blockchain network to implement authentication of the data.
  • the authentication in the embodiment of the present application refers to performing blockchain consensus authentication or consistency authentication.
  • the first device is a device in the Internet of Things device, and the computing capability of the first device is limited.
  • the second device sends the data of the first device to the device in the blockchain network, which can be understood as the proxy device of the first device.
  • the first device and the second device can establish a communication connection according to the method illustrated in FIG.
  • the first device is described as an Internet of Things device.
  • the method 200 includes:
  • the IoT device receives the public key information sent by the second device.
  • the Internet of Things device can receive public key information sent by all devices in the blockchain network that have the function of serving the Internet of Things device, and then the IoT device can determine the selected blockchain network according to parameters such as the receiving quality of the information.
  • the device acts as its own proxy device and sends its own data that needs to be authenticated in the blockchain network to the devices in the blockchain network.
  • the second device is a proxy device of the Internet of Things device, and the second device is also a device associated with the Internet of Things device.
  • the access sequence in S202 may be a random access sequence in an existing (Long Term Evolution, hereinafter referred to as “LTE”).
  • LTE Long Term Evolution
  • ZC Zadoff-Chu
  • the IoT device synchronizes with the second device.
  • the second device may not broadcast the public key information in the broadcast message, but carry the public key information through the related message in the synchronization process.
  • the IoT device and the second device do not need to synchronize, for example, when the distance between the IoT device and the second device is less than or equal to a preset value.
  • the second device needs to broadcast its own public key information to the Internet of Things device in S201.
  • the IoT device sends an initial access message encrypted by the public key of the second device to the second device.
  • the first information is included in the initial access message, where the first information is used to request the second device to send data of the Internet of Things device to the device in the blockchain network for authentication.
  • the first information here may be the indication information that is displayed, or may be the information that is implicitly indicated.
  • the first information may specifically be the block information, and when the second device determines that the initial access message includes the block information, the first The second device confirms that the physical network device requests to forward the data of the IoT device to other devices in the blockchain network.
  • the public key information of the Internet of Things device is further included in the initial access message.
  • the second device determines whether the data generated by the IoT device that needs to be authenticated in the blockchain network is forwarded.
  • the second device after receiving the initial access message sent by the IoT device, the second device encrypts the initial access message with its own private key, and then confirms whether to accept the request of the IoT device according to its own admission capability.
  • the second device first determines whether the request of the IoT device can be received, and when determining that the IoT device can be accepted, encrypting the initial access message by using its private key, it can be understood that, in this manner, the foregoing A message needs to be included in the header of the initial access message.
  • the second device sends feedback information to the Internet of Things device.
  • the feedback information is used to notify the IoT device that the second device can send the data generated by the IoT device that needs to be authenticated in the blockchain network to the device in the blockchain network to implement data authentication.
  • the second device encrypts the feedback information to the Internet of Things device by using the public key of the Internet of Things device, and then sends the encrypted information to the Internet of Things device. Feedback.
  • the Internet of Things device establishes a communication connection with the second device according to the feedback information.
  • the IoT device After the IoT device establishes a communication connection with the second device, when the IoT device generates data that needs to be authenticated in the blockchain network, the data is first sent to the second device, and the second device broadcasts the data to the region. Authentication and dissemination in a blockchain network.
  • data generated by IoT devices includes transaction data and general data.
  • the Internet of Things device may be a smart washing machine, and the smart washing machine may automatically purchase the washing liquid, and the data generated during the transaction is transaction data.
  • the Internet of Things device is a smart faucet at home.
  • the faucet can automatically purchase water from the water plant. Different faucets can purchase different water sources, such as purified water, washing water, toilet water, etc. Different faucets can be independently traded and sold.
  • Transaction data may be a smart washing machine, and the smart washing machine may automatically purchase the washing liquid, and the data generated during the transaction is transaction data.
  • the Internet of Things device is a smart faucet at home.
  • the faucet can automatically purchase water from the water plant. Different faucets can purchase different water sources, such as purified water, washing water, toilet water, etc. Different faucets can be independently traded and sold.
  • Transaction data is a smart washing machine, and the smart washing machine may automatically purchase the washing liquid, and the data generated during the transaction is transaction data.
  • the Internet of Things device is a smart
  • the data generated by the IoT device is ordinary data, that is, non-transaction data.
  • the detected PM2.5 data is also ordinary data.
  • the method 200 further includes:
  • the second device generates a preset number of digital currencies.
  • the generation rule of the digital currency may be set in advance, for example, one digital currency may be generated every 10 minutes in advance.
  • the second device broadcasts the phase of the digital currency generated by the second device to the other devices in the blockchain network.
  • the relevant information of the digital currency includes the number of digital currencies.
  • the related information of the Internet of Things device may be broadcast to other devices in the blockchain network, where the related information of the IoT device is used to notify the block.
  • Other devices in the chain network These digital currencies are generated because they are connected to IoT devices.
  • the related information of the Internet of Things device may include public key information of the Internet of Things device, or other specific information of the Internet of Things device, for example, IoT device identifier information, and the like.
  • the second node confirms that the digital currency generated by the second node is M-authenticated in the blockchain network, and the second device confirms that the digital currency generated by the second device is valid.
  • the value of M in S210 may be preset.
  • the value of M is 6.
  • method 300 includes:
  • the Internet of Things device generates data that needs to be authenticated in the blockchain network
  • the IoT device sends the data to the second device.
  • the IoT device may directly send the data to the IoT device, or the IoT device generates a block including the data, and sends the block to the second device.
  • the second device broadcasts the received data to the blockchain network for authentication.
  • the second device generates a block that carries the data according to a block format in the blockchain network, and broadcasts the block into the blockchain.
  • the second device receives the block that carries the data sent by the IoT device in S302, the second device directly broadcasts the received block to the blockchain network.
  • the device in the blockchain network authenticates the data.
  • the method for authenticating the data in the device in the blockchain network may use the workload proof method or the equity proof method described above. To avoid repetition, no further details are provided herein.
  • the second device determines that the data has been authenticated N times.
  • the second device can determine whether the data has been authenticated N times according to the depth of the blockchain broadcasted in the current network.
  • the second device sends an authentication completion message to the Internet of Things device.
  • the authentication completion message is used to notify the IoT device that the data generated by the IoT device has passed N times. certificate;
  • the Internet of Things device deletes the stored data.
  • the IoT device After receiving the authentication completion message sent by the second device, the IoT device confirms that the generated data has been authenticated N times by the device in the blockchain network, and all the IoT devices delete the locally stored data.
  • the data is processed by the methods in the methods 100 to 300, and the requirements of the devices in the blockchain network for the IoT devices can be made because the IoT devices can establish communication connections with devices in the blockchain network.
  • the authenticated data is broadcast to the blockchain network and the data is authenticated by devices in the blockchain network. Therefore, the computing power requirement of the Internet of Things device can be effectively reduced, especially for a low-cost, low-power IoT device.
  • FIG. 5 illustrates a data processing method based on a blockchain according to still another embodiment of the present application.
  • the first device is an Internet of Things device.
  • the method 400 includes:
  • the second device determines a hash value requirement.
  • the second device determines a hash value requirement according to the number of IoT devices that are currently establishing a communication connection with the second device, or the second device determines the hash value requirement according to the predicted access request amount during a certain access peak period. For example, when the second device determines that the number of IoT devices that are currently in communication connection with the device is large, the hash value that is difficult to broadcast is required, and the difficulty here is understood to be the number of bits that require the generated low bit to be zero. Exceeded a certain threshold.
  • the generated hash value requirement may be a low order number of bits of the hash value of zero or a preset amount.
  • the second device broadcasts its determined hash value request.
  • the IoT device generates a hash value that meets a hash value requirement, and then establishes a communication connection with the second device.
  • the method for establishing a communication connection between the IoT device and the second device in S403 is the same as that in the method 200. To avoid repetition, details are not described herein again.
  • the IoT device sends data to the second device that needs to be authenticated in the blockchain network.
  • the second device broadcasts the received data to the blockchain network for authentication.
  • the authentication right may be acquired at the same time.
  • the second device obtains the authentication right, the second device is configured according to the data of all the Internet of Things devices existing in the current blockchain network. A new block is generated and the resulting block is concatenated in the current blockchain, after which the blockchain is broadcast into the blockchain network.
  • the second device updates the hash value requirement.
  • the second device may adjust the hash value according to the access amount of the IoT device, or according to the predicted access request amount during a certain access peak period, or the access collision probability. For example, when the second device determines that the current access request is less, or the access collision probability is less, the second device determines that it is difficult to be a smaller hash value requirement.
  • the second device sends the updated hash value request to the Internet of Things device.
  • the second device may determine different hash value requirements according to different service types.
  • the second device sends multiple hash value requests to the Internet of Things device.
  • the IoT device determines the hash value that the generated hash value needs to satisfy according to the service type of the data, and generates a hash value that satisfies the hash value requirement.
  • a communication connection is established with the second device to implement data authentication.
  • the second device groups the IoT devices (eg, may be grouped according to the capabilities of the IoT device), and generates different hash value requirements according to different packets.
  • the second device sends multiple hash value requests to the Internet of Things device.
  • the IoT device determines the hash value that the generated hash value needs to satisfy according to the group to which it belongs, and generates a hash value that satisfies the hash value requirement.
  • a communication connection is established with the second device to implement data authentication.
  • the second device may carry the grouping information of the Internet of Things device in the broadcast message, and the Internet of Things device determines the group to which it belongs according to the grouping information.
  • the flexibility of the IoT device to establish a communication connection with the device in the blockchain network can be ensured, so that the communication system has good scalability.
  • method 500 includes:
  • the IoT device A when the IoT device A determines that the transaction data needs to be authenticated in the blockchain network, the IoT device A sends a hash value related to the transaction data to the IoT device B;
  • transaction data determined by the Internet of Things device A may be transaction data between the Internet of Things device A and the Internet of Things device B, and may also be transaction data of the Internet of Things device A and other Internet of Things devices.
  • the hash value associated with the transaction data is generated by the Internet of Things device A according to the transaction data, where the transaction data may be encrypted by the public key of the Internet of Things device B, or may not be through the Internet of Things device. B's public key has been encrypted.
  • the method for generating a hash value is not limited in the embodiment of the present application.
  • the IoT device A may send a hash value related to the transaction data to the IoT device B through its proxy node (eg, the second device in FIG. 6) or other communication node.
  • the proxy node eg, the second device in FIG. 6
  • the Internet of Things device A sends transaction data to the second device.
  • the transaction data sent by the Internet of Things device A to the second device may be transaction data that has not been encrypted.
  • the transaction data sent by the Internet of Things device A is transaction data encrypted by using only the public key of the Internet of Things device B.
  • the transaction data sent by the Internet of Things device A is encrypted by using the public key of the Internet of Things device B, and then the encrypted data is encrypted by using the private key of the second device.
  • the second device receives the transaction data.
  • the transaction data is decrypted by the public key of the second device to ensure the legality of the transaction data sent by the Internet of Things device A to the second device, and then the second device broadcasts the transaction data encrypted by the public key of the Internet of Things device B to the transaction data.
  • authentication is performed.
  • the second device broadcasts the transaction data to the blockchain network for authentication.
  • S504 The second device confirms that the transaction data has completed N times of authentication in the blockchain network.
  • the second device sends an authentication completion message to the Internet of Things device A.
  • the authentication completion message includes Merkle tree information and block information of data corresponding to the transaction data in the blockchain network, and the block information is used to indicate a block in the blockchain network that carries data corresponding to the transaction data.
  • the data corresponding to the transaction data in the blockchain network is essentially a transaction. Data after N times of authentication in the blockchain network.
  • the second device directly sends the Merkle tree information and the block information of the data corresponding to the transaction data in the blockchain network to the Internet of Things device A, and the IoT device A can receive the two information when Make sure the transaction data has been certified by N.
  • the second device or other blockchain device sends the Merkle tree information and the block information of the data corresponding to the transaction data stored in the blockchain network to the Internet of Things device B.
  • multiple devices in the blockchain network can simultaneously send Merkle tree information and block information to the IoT device B, and the IoT device B can compare the received multiple information, thereby further improving the communication system. reliability.
  • the Internet of Things device B receives the Merkle tree information and the block information sent by its proxy node. Or the Merkle tree information and the block information received by the Internet of Things device B are sent by different devices.
  • the Internet of Things device B verifies the integrity of the data corresponding to the transaction data in the blockchain network
  • the Internet of Things device B determines, according to the block information, a block that carries data corresponding to the transaction data, and then the IoT device B finds the transaction data from the block according to the Merkle tree information of the data corresponding to the transaction data. Corresponding data.
  • the block information here is the height or identity of the block.
  • the Internet of Things device A is directed to The transaction data sent by the second device is not encrypted by the public key of the Internet of Things device B.
  • the IoT device B obtains the data corresponding to the transaction data from the block, the hash of the acquired data corresponding to the transaction data is calculated. The value, after which the calculated hash value is consistent with the received hash value. If they are consistent, the IoT device B considers that the acquired data is complete. Otherwise, the IoT device B considers that the acquired data is incomplete.
  • the Internet of Things device A goes to the second
  • the transaction data sent by the device is encrypted by the public key of the Internet of Things device B.
  • the IoT device B obtains the data of the corresponding transaction data from the block, the IoT device decrypts the acquired data first, and calculates The hash value of the decrypted data, and then compares whether the calculated hash value is consistent with the received hash value. If consistent, IoT device B considers the acquired data. It is complete, otherwise, IoT device B believes that the acquired data is incomplete.
  • the Internet of Things device A is directed to the second device.
  • the sent transaction data is encrypted by the public key of the Internet of Things device B.
  • the IoT device B obtains the data corresponding to the transaction data from the block, the hash value of the acquired data corresponding to the transaction data is calculated, and then Compares the calculated hash value with the received hash value. If they are consistent, the IoT device B considers that the acquired data is complete. Otherwise, the IoT device B considers that the acquired data is incomplete.
  • the IoT device B verifies that the data corresponding to the transaction data is complete, the confirmation information is sent, and the confirmation information is used to indicate that the data corresponding to the transaction data is complete.
  • the confirmation information sent by the Internet of Things device B may also be authenticated by devices in the blockchain network.
  • the Internet of Things device A does not send a hash value to the Internet of Things device B, but sends transaction data to the Internet of Things device B.
  • the Internet of Things device B determines to receive.
  • the hash value of the transaction data to be obtained, and then the hash value of the calculated transaction data is compared with the hash value of the data corresponding to the transaction data obtained from the block to determine whether the acquired data is complete.
  • the transaction data sent by the Internet of Things device A to the Internet of Things device B is encrypted by the public key of the Internet of Things device B in S501, and the transaction data sent by the Internet of Things device A to the second device is also passed in S502.
  • the public key of the Internet of Things device B is encrypted.
  • the IoT device B directly calculates the hash value of the transaction data sent by the IoT device A received, and the hash value of the acquired data, and then the two hashes. The value is compared.
  • the transaction data sent by the Internet of Things device A to the Internet of Things device B is encrypted by the public key of the Internet of Things device B in S501, and the transaction data sent by the Internet of Things device A to the second device is not in S502.
  • the Internet of Things device B decrypts the received transaction data sent by the Internet of Things A, and then calculates the hash value of the decrypted data, and the IoT device obtains the obtained data. After the hash of the data, compare the two hash values.
  • the transaction data sent by the Internet of Things device A to the Internet of Things device B in S501 is not encrypted by the public key of the Internet of Things device B, and the transaction data sent by the Internet of Things device A to the second device in S502 is also IoT device B without being encrypted by the public key of IoT device B
  • the hash value of the transaction data sent by the received IoT device A and the hash value of the acquired data are directly calculated, and then the two hash values are compared.
  • the transaction data sent by the Internet of Things device A to the Internet of Things device B in S501 is not encrypted by the public key of the Internet of Things device B
  • the transaction data sent by the Internet of Things device A to the second device in S502 is After the public key of the Internet of Things device B is encrypted, the IoT device B first decrypts the acquired data, and then calculates the hash value of the decrypted data, and the IoT device receives the received IoT device B and sends it. After hashing the transaction data, compare the two hash values.
  • the data acquired by the Internet of Things device B is complete, indicating that the data acquired by the Internet of Things device B is the same as the transaction data, that is, the transaction data has been authenticated N times in the blockchain network. After that, it was not maliciously modified.
  • the different data generated by the IoT device may have different storage requirements, so the data may be further processed according to the storage requirements of the data.
  • the peer device of the Internet of Things device as an example of the Internet of Things device as an example
  • a blockchain-based data processing method according to still another embodiment of the present application is described.
  • the interactive IoT devices are respectively marked as the Internet of Things.
  • method 600 includes:
  • the Internet of Things device A and the Internet of Things device B determine that the transaction data of both parties has been recorded in the blockchain network;
  • the Internet of Things device A and the Internet of Things device B determine that the transaction data of both parties has been recorded in the blockchain network, and on the other hand, the Internet of Things device A and the Internet of Things device B can further obtain corresponding to the transaction data. Merkle tree information and block information for the data.
  • the proxy node A sends the indication information that the transaction completes the verification through the blockchain network to the IoT device A, and carries the Merkle tree information and the block information.
  • the proxy node A or the proxy node B transmits the information of the transaction completion verification to the Internet of Things device B, and carries the Merkle tree information and the block information.
  • the Internet of Things device A and/or the Internet of Things device B determines that data corresponding to the transaction data can be deleted from the blockchain network;
  • the IoT device A determines that the data corresponding to the transaction data may be deleted from the blockchain network according to the preset storage duration of the transaction data, or the IoT device B determines the correspondence with the transaction data according to the preset storage duration of the transaction data.
  • the data can be deleted from the blockchain network, or the IoT device A and the IoT device B can determine by negotiation that the data corresponding to the transaction data can be from the blockchain. Deleted in the network.
  • the Internet of Things device A and/or the Internet of Things device B send deletion indication information to devices in the blockchain network.
  • the deletion indication information may include Merkle tree information and block information corresponding to the data corresponding to the transaction data.
  • the IoT device A sends the deletion indication information to the device in the blockchain network by using the second device to implement data deletion. It should be noted that, although the second device sends the deletion indication information to the device in the blockchain network, the second device may obtain the verification right to delete the data, just like other devices in the blockchain network.
  • the device in the blockchain network that receives the deletion indication information sent by the Internet of Things device A or the Internet of Things device B broadcasts the deletion indication information in the blockchain network to implement deletion of data corresponding to the transaction data.
  • the devices in the blockchain network start to compete for the authentication right, and the device that obtains the authentication right confirms that the transaction data can be deleted when generating a new blockchain. corresponding.
  • the specific location of the data corresponding to the transaction data in the block is determined, and the data corresponding to the transaction data is deleted when the blockchain is generated, or The indication information is deleted as special transaction data.
  • the device that obtains the authentication right by the Nth deletes the data corresponding to the transaction data.
  • the storage load of the blockchain network can be reduced, and the transmission bandwidth required for the transmission of the blockchain can be reduced.
  • the device 10 includes:
  • the processing module 11 is configured to establish a communication connection between the device and the second device, where the second device is a device in a blockchain network;
  • the processing module 11 is further configured to generate and determine that the first data needs to be authenticated in the blockchain network;
  • the transceiver module 12 is configured to send the first data to the second device to implement the first
  • the data is authenticated by devices in the blockchain network.
  • the device when the device according to the embodiment of the present application generates the first data that needs to be authenticated in the blockchain network, the first data is sent to the second device in the blockchain network, so that the second device sends the first data.
  • the device in the blockchain network is authenticated by the first data.
  • the construction and maintenance costs of the communication system can be reduced, and the security performance of the system can be improved.
  • the second device sends the data of the device to the device in the blockchain network for authentication, which can reduce the capability requirement for the device.
  • the transceiver module 12 is specifically configured to: send, to the second device, a first message encrypted by using a first public key, where the first message includes first information,
  • the first public key is a public key of the second device, and the first information is used to request the second device to send data generated by the device that needs to be authenticated in the blockchain network to
  • the device in the blockchain network performs authentication; receiving second information sent by the second device, where the second information is used to indicate that the second device confirms that the device needs to be generated in the area
  • the data authenticated in the blockchain network is sent to devices in the blockchain network for authentication.
  • the first message further includes a second public key, where the second public key is a public key of the device.
  • the transceiver module 12 is specifically configured to: receive the second information that is sent by the second device and that is encrypted by using the second public key.
  • the processing module 11 is further configured to: generate a block that carries the first data
  • the transceiver module 12 is specifically configured to send the block to the second device.
  • the transceiver module 12 is further configured to: receive third information sent by the second device, where the third information includes a first hash HASH value requirement;
  • the processing module 11 is further configured to generate a first HASH value that meets the first HASH value requirement.
  • the third information includes at least one HASH value requirement, where the at least one HASH value requirement includes the first HASH value requirement, and the at least one HASH value requirement Each HASH value is required to correspond to at least one type of service;
  • the processing module 11 is further configured to: determine the first HASH value according to the service type corresponding to the first data.
  • the third information includes at least one HASH value.
  • the requesting, the at least one HASH value requirement includes the first HASH value requirement, and each of the at least one HASH value requirement is required to correspond to at least one device group;
  • the processing module 11 is further configured to: determine, according to the device group to which the device belongs, the first HASH value.
  • the transceiver module 12 is further configured to: send, to the third device, a second HASH value related to the first data, where the second HASH value is used in the third The device determines the integrity of the second data, and the second data is the authenticated data of the first data in the blockchain network.
  • the first data is encrypted by a public key of the third device.
  • the processing module is further configured to: determine the second HASH value according to the first data.
  • the first data is encrypted by a public key of the third device
  • the transceiver module 12 is further configured to: send the first data to the third device, After the third device determines the second HASH value according to the first data, determining the integrity of the second data according to the second HASH value, where the second data is the first data in the block.
  • the authenticated data in the chain network is not limited to:
  • the transceiver module 12 is further configured to: receive fourth information sent by the second device, where the fourth information is used to indicate that the first data is already in the area After N times of authentication in the blockchain network, the value of N is a preset value.
  • the transceiver module 12 is further configured to: receive the Merkel tree information and the block information corresponding to the second data sent by the second device, where the second data is The first data is authenticated data in the blockchain network, and the block information is used to indicate a block carrying the second data in the blockchain network.
  • the processing module 11 is further configured to: determine to delete the second data from the blockchain network, where the second data is the first data in the blockchain network The certified data;
  • the transceiver module 12 is further configured to send fifth information to a device in the blockchain network, where the fifth information is used to indicate that a device in the blockchain network is deleted from the blockchain network. Second data.
  • the fifth information includes identification information and/or a second number.
  • the identification information is used to identify the second data according to the corresponding Merkle tree information.
  • the processing module 11 is further configured to: delete the first data stored locally by the device.
  • the device 10 in the embodiment of the present invention is embodied in the form of a functional unit.
  • the device 10 may correspond to the first device in some of the foregoing embodiments, and may be used to perform various processes and/or corresponding to the first device in the foregoing method embodiments. Steps, to avoid repetition, will not be repeated here.
  • the processing module 11 can be implemented by a processor.
  • the transceiver module 12 can be implemented by a transceiver. It should be understood that the transceiver can be a device having both a receiving function and a transmitting function, or a component device having a receiving function and a transmitting device having a transmitting function.
  • FIG. 9 shows a device according to another embodiment of the present application. As shown in FIG. 9, the device 20 includes:
  • the processing module 21 is configured to establish a communication connection between the device and the first device, where the device is a device in a blockchain network;
  • the transceiver module 22 is configured to receive, by the first device, the first data generated by the first device that needs to be authenticated in the blockchain network;
  • the transceiver module 22 is further configured to send the first data to a device in the blockchain network to implement authentication of the first data.
  • the device receives the first data generated by the first device that needs to be authenticated in the blockchain network, and sends the first data to the device in the blockchain network to implement authentication of the first data.
  • the device sends the data of the first device to the device in the blockchain network for authentication, which can reduce the capability requirement for the first device.
  • the transceiver module 22 is specifically configured to: receive the first message that is sent by the first device and that is encrypted by using the first public key, where the first message includes the first information.
  • the first public key is a public key of the device, and the first information is used to request the device to send data generated by the first device that needs to be authenticated in the blockchain network to the device.
  • the device in the blockchain network performs authentication; the second information is sent to the first device, where the second information is used to indicate that the device confirms that the first device needs to be generated in the blockchain
  • the data authenticated in the network is sent to devices in the blockchain network for authentication.
  • the first message further includes a second public key, where the The second public key is the public key of the first device.
  • the transceiver module 22 is specifically configured to: send, to the first device, the second information encrypted by using the second public key.
  • the processing module 21 is further configured to: generate a preset number of digital currencies.
  • the transceiver module 22 is further configured to: send information about the digital currency to a device in the blockchain network;
  • the processing module 21 is further configured to: if it is determined that the digital currency has undergone M authentication in the blockchain network, confirm that the digital currency is valid, and the value of M is a preset value.
  • the transceiver module 22 is specifically configured to: receive a block that is sent by the first device and that carries the first data; and send the device to a device in the blockchain network. A block carrying the first data.
  • the processing module 21 is further configured to: generate a block that carries the first data according to a block format required by the blockchain network;
  • the transceiver module 22 is further configured to send the block that carries the first data to a device in the blockchain network.
  • the processing module 21 is further configured to: determine a first hash HASH value requirement
  • the transceiver module 22 is configured to send the third information to the first device, where the third information includes the first HASH value requirement, so that the first device generates the first HASH value that is satisfied. After the required first HASH value, a communication connection is established with the device.
  • the third information includes at least one HASH value requirement, where the at least one HASH value requirement includes the first HASH value requirement, and the at least one HASH value requirement Each HASH value is required to correspond to at least one type of service;
  • the processing module 21 is specifically configured to: determine the at least one HASH value requirement.
  • the third information includes at least one HASH value requirement, where the at least one HASH value requirement includes the first HASH value requirement, and the at least one HASH value requirement Each HASH value is required to correspond to at least one device group;
  • the processing module 21 is specifically configured to: determine the at least one HASH value requirement.
  • the transceiver module 22 is further configured to: receive a second HASH value that is sent by the first device and is related to the first data, where the second HASH value is used.
  • the third device determines the integrity of the second data, where the second data is the authenticated data of the first data in the blockchain network; and the second HASH value is sent to the third device.
  • the first data is encrypted by a public key of the third device.
  • the second HASH value is determined by the first device according to the first data.
  • the first data is encrypted by a public key of the third device
  • the transceiver module 22 is further configured to: receive the first data; and send the third device to the third device Transmitting the first data, so that the third device determines the integrity of the second data according to the second HASH value after determining the second HASH value according to the first data, where the second data is the A data is authenticated in the blockchain network.
  • the transceiver module 22 is further configured to: if the processing module 21 determines that the first data has been authenticated N times in the blockchain network, to the The third device sends the second data corresponding to the Merkel tree information and the block information, where the block information is used to indicate the block in the blockchain network that carries the second data, and the second data is the A data is authenticated in the blockchain network.
  • the transceiver module 22 is further configured to: if the processing module 21 determines that the first data has been authenticated N times in the blockchain network, to the A device sends a fourth information, where the fourth information is used to indicate that the first data has been authenticated N times in the blockchain network, where the value of N is a preset value.
  • the transceiver module 22 is further configured to: if the processing module 21 determines that the first data has been authenticated N times in the blockchain network, to the a device sends the Merkle tree information and the block information corresponding to the second data, where the block information is used to indicate a block carrying the second data in the blockchain network, and the second data is the first data in the The authenticated data in the blockchain network.
  • the transceiver module 22 is further configured to: receive fifth information sent by the first device, where the fifth information is used to indicate that the device in the blockchain network is The second data is deleted in the blockchain network, and the second data is the authenticated data of the first data in the blockchain network.
  • the fifth information includes the identification information and/or the Merkle tree information corresponding to the second data, where the identifier information is used to identify the second data.
  • the device 20 in the embodiment of the present invention is embodied in the form of a functional unit.
  • the device 20 may correspond to the second device in some of the foregoing embodiments, and may be used to perform various processes and/or corresponding to the second device in the foregoing method embodiments. Steps, to avoid repetition, will not be repeated here.
  • the processing module 21 can be implemented by a processor.
  • the transceiver module 22 can be implemented by a transceiver. It should be understood that the transceiver may be a device having both a receiving function and a transmitting function, or a component device having a receiving function and a transmitting device having a transmitting function.
  • FIG. 10 shows a device according to still another embodiment of the present application. As shown in FIG. 10, the device 30 includes:
  • the transceiver module 31 is configured to acquire Merck's Merkle tree information and block information corresponding to the second data, where the block information is used to indicate a block in the blockchain network that carries the second data, where the second data is
  • the first data is authenticated data in the blockchain network, and the first data is data generated by the first device that needs to be authenticated in the blockchain network;
  • the transceiver module 31 is further configured to acquire second data from a block that carries the second data according to the Merkle tree information;
  • the processing module 32 is configured to determine the integrity of the second data.
  • the device can obtain, according to the received Merkle tree information and the block information, a first stored in the blockchain network corresponding to the first data generated by the first device that needs to be authenticated in the blockchain network. Two data and confirm the integrity of the second data. Thereby, the confidentiality and integrity of the data can be ensured, and the data stored in the blockchain network has higher reliability.
  • the transceiver module 31 is further configured to: send confirmation information to a device in the blockchain network, where the confirmation information is used to indicate The second data is complete.
  • the transceiver module 31 is specifically configured to: receive the Merkle tree information and the block information sent by the second device, where the second device is the block A device in a chain network.
  • the second device is a device that sends the first data to the blockchain network for recognition.
  • the processing module 32 is further configured to: determine a second hash HASH value associated with the first data; and according to a third HASH value associated with the second data The consistency of the second HASH value determines the integrity of the second data.
  • the processing module 32 is specifically configured to: receive the second HASH value, where the second HASH value is determined by the first device according to the first data. of.
  • the first data is encrypted by a public key of the device.
  • the first data is encrypted by the public key of the device, and the transceiver module 31 is further configured to: receive the first data sent by the first device. ;
  • the processing module 32 is specifically configured to: determine the second HASH value according to the first data.
  • the processing module 32 is further configured to: determine to delete the second data from the blockchain network;
  • the transceiver module 31 is further configured to send, to the device in the blockchain network, fifth information, where the fifth information is used to indicate that a device in the blockchain network is deleted from the blockchain network. Second data.
  • the fifth information includes the identification information and/or the Merkle tree information corresponding to the second data, where the identifier information is used to identify the second data.
  • the device 30 in the embodiment of the present invention is embodied in the form of a functional unit.
  • the device 30 may correspond to the Internet of Things device B in some embodiments described above, and may be used to perform various processes corresponding to the Internet of Things device B in the foregoing method embodiments. / or steps, in order to avoid repetition, will not repeat them here.
  • the processing module 32 can be implemented by a processor.
  • the transceiver module 31 can be implemented by a transceiver. It should be understood that the transceiver may be a device having both a receiving function and a transmitting function, or a component device having a receiving function and a transmitting device having a transmitting function.
  • Figure 11 illustrates an apparatus in accordance with yet another embodiment of the present application.
  • the device 100 includes a processor 110 and a transceiver 120.
  • the processor 110 is coupled to the transceiver 120.
  • the device 100 further includes a memory 130 coupled to the processor 110.
  • the processor 110, the memory 130, and the transceiver 120 can communicate with each other through an internal connection path.
  • the processor 110 is configured to establish a communication connection between the device and the second device, where the second device is a device in a blockchain network, and the processor 110 is further configured to generate and determine that the first data needs to be in the In the blockchain network
  • the transceiver 120 is configured to send the first data to the second device, so that the first data is authenticated by a device in the blockchain network.
  • the device when the device according to the embodiment of the present application generates the first data that needs to be authenticated in the blockchain network, the first data is sent to the second device in the blockchain network, so that the second device sends the first data.
  • the device in the blockchain network is authenticated by the first data.
  • the construction and maintenance costs of the communication system can be reduced, and the security performance of the system can be improved.
  • the second device sends the data of the device to the device in the blockchain network for authentication, which can reduce the capability requirement for the device.
  • the device 100 may refer to the device 10 corresponding to the embodiment of the present application, and the respective units/modules in the device and the other operations and/or functions described above are respectively for the corresponding processes in the foregoing methods, for the sake of brevity, This will not be repeated here.
  • FIG. 12 is a schematic block diagram of a device according to still another embodiment of the present application.
  • the device 200 includes a processor 210 and a transceiver 220.
  • the processor 210 and the transceiver 220 are connected, optionally,
  • the device 200 also includes a memory 230 that is coupled to the processor 210.
  • the processor 210, the memory 230, and the transceiver 220 can communicate with each other through an internal connection path.
  • the processor 210 is configured to establish a communication connection between the device and the first device, where the device is a device in a blockchain network, and the transceiver 220 is configured to receive the sending by the first device.
  • the first data generated by the first device that needs to be authenticated in the blockchain network; the transceiver 220 is further configured to send the first data to a device in the blockchain network, to implement Authentication of the first data.
  • the device receives the first data generated by the first device that needs to be authenticated in the blockchain network, and sends the first data to the device in the blockchain network to implement authentication of the first data.
  • the device sends the data of the first device to the device in the blockchain network for authentication, which can reduce the capability requirement for the first device.
  • the device 200 may refer to the device 20 corresponding to the embodiment of the present application, and each unit/module in the device and the other operations and/or functions described above are respectively for the corresponding processes in the foregoing method, for the sake of brevity, This will not be repeated here.
  • FIG. 13 is a schematic block diagram of a device according to still another embodiment of the present application.
  • the device 300 includes a processor 310 and a transceiver 320.
  • the processor 310 is connected to the transceiver 320, optionally,
  • the device 300 also includes a memory 330 that is coupled to the processor 310.
  • the processor 310, the memory 330, and the transceiver 320 can communicate with each other through an internal connection path.
  • the transceiver 320 is configured to acquire Merck's Merkle tree information and block information corresponding to the second data, where the block information is used to indicate a block in the blockchain network that carries the second data.
  • the second data is the authenticated data of the first data in the blockchain network, and the first data is data generated by the first device that needs to be authenticated in the blockchain network;
  • the transceiver 320 is further configured to obtain the second data from the block that carries the second data according to the Merkle tree information, where the processor 310 is configured to determine the integrity of the second data.
  • the device can obtain, according to the received Merkle tree information and the block information, a first stored in the blockchain network corresponding to the first data generated by the first device that needs to be authenticated in the blockchain network. Two data and confirm the integrity of the second data. Thereby, the confidentiality and integrity of the data can be ensured, and the data stored in the blockchain network has higher reliability.
  • the device 300 may refer to the device 30 corresponding to the embodiment of the present application, and each unit/module in the device and the other operations and/or functions described above are respectively for the corresponding processes in the foregoing method, for the sake of brevity, This will not be repeated here.
  • the processor in the embodiment of the present application may be an integrated circuit chip with signal processing capability.
  • the processor may be a general-purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a Field Programmable Gate Array (FPGA), or the like. Programming logic devices, discrete gates or transistor logic devices, discrete hardware components.
  • the methods, steps, and logical block diagrams disclosed in the embodiments of the present application can be implemented or executed.
  • the general purpose processor may be a microprocessor or the processor or any conventional processor or the like.
  • the memory in the embodiments of the present application may be a volatile memory or a non-volatile memory, or may include both volatile and non-volatile memory.
  • the non-volatile memory may be a read-only memory (ROM), a programmable read only memory (PROM), an erasable programmable read only memory (Erasable PROM, EPROM), or an electric Erase programmable read only memory (EEPROM) or flash memory.
  • the volatile memory can be a Random Access Memory (RAM) that acts as an external cache.
  • RAM Random Access Memory
  • many forms of RAM are available, such as static random access memory (SRAM), dynamic random access memory (DRAM), synchronous dynamic random access memory (Synchronous DRAM).
  • SDRAM double data rate synchronous dynamic random access memory
  • DDR SDRAM double data rate synchronous dynamic random access memory
  • ESDRAM Enhanced Synchronous Dynamic Random Access Memory
  • SDRAM Synchronous Connection Dynamic Random Access Memory
  • DR RAM Direct Memory Bus
  • the disclosed systems, devices, and methods may be implemented in other manners.
  • the device embodiments described above are merely illustrative.
  • the division of the unit is only a logical function division.
  • there may be another division manner for example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored or not executed.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be in an electrical, mechanical or other form.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the functions may be stored in a computer readable storage medium if implemented in the form of a software functional unit and sold or used as a standalone product. Based on such understanding, the technical solution of the present application or the part contributing to the prior art or the part of the technical solution may be embodied in the form of a software product stored in a storage medium.
  • a number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present application.
  • the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like. .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

L'invention concerne un procédé, un dispositif et un système de traitement de données basé sur une chaîne de blocs, le procédé comportant les étapes suivantes : un premier dispositif établit une connexion de communication avec un deuxième dispositif, le deuxième dispositif étant un dispositif dans un réseau de chaîne de blocs ; le premier dispositif détermine que des premières données générées par le premier dispositif nécessitent une authentification dans le réseau de chaîne de blocs; le premier dispositif envoie les premières données au deuxième dispositif, de telle sorte que les premières données sont authentifiées par des dispositifs dans le réseau de chaîne de blocs. En utilisant le réseau de chaîne de blocs pour authentifier les données, le procédé de traitement de données basé sur une chaîne de blocs réduit les coûts de construction et de maintenance d'un système de communication, et améliore les performances de sécurité du système. De plus, le deuxième dispositif envoie les données du premier dispositif aux dispositifs dans le réseau de chaîne de blocs pour une authentification, ce qui permet de réduire les exigences de capacité pour le premier dispositif.
PCT/CN2017/000052 2017-01-03 2017-01-03 Procédé, dispositif et système de traitement de données basé sur une chaîne de blocs WO2018126340A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201780081904.3A CN110121860B (zh) 2017-01-03 2017-01-03 基于区块链的数据处理方法、设备和系统
PCT/CN2017/000052 WO2018126340A1 (fr) 2017-01-03 2017-01-03 Procédé, dispositif et système de traitement de données basé sur une chaîne de blocs

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2017/000052 WO2018126340A1 (fr) 2017-01-03 2017-01-03 Procédé, dispositif et système de traitement de données basé sur une chaîne de blocs

Publications (1)

Publication Number Publication Date
WO2018126340A1 true WO2018126340A1 (fr) 2018-07-12

Family

ID=62788941

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/000052 WO2018126340A1 (fr) 2017-01-03 2017-01-03 Procédé, dispositif et système de traitement de données basé sur une chaîne de blocs

Country Status (2)

Country Link
CN (1) CN110121860B (fr)
WO (1) WO2018126340A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200059510A1 (en) * 2018-08-14 2020-02-20 Microsoft Technology Licensing, Llc Blockchain digital twin
CN112116475A (zh) * 2020-09-22 2020-12-22 中国科学院沈阳计算技术研究所有限公司 一种基于区块链的分散式数据交易方法及系统
DE102022106864A1 (de) 2022-03-23 2023-09-28 Dr. Ing. H.C. F. Porsche Aktiengesellschaft Verfahren zum Feststellen einer Zugehörigkeit eines tragbaren Gerätes zu einer assoziierten Gruppe von tragbaren Geräten auf Basis einer Blockchain

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111478948B (zh) * 2020-03-20 2023-02-17 深圳市芯链科技有限公司 区块链接入方法、物联网设备及存储介质
CN111552215B (zh) * 2020-05-22 2022-02-11 中国联合网络通信集团有限公司 物联网设备安全防护方法和系统
CN113065118B (zh) * 2021-03-16 2022-06-14 青岛海尔科技有限公司 认证码的确定方法及装置、存储介质、电子装置
CN114153827B (zh) * 2021-10-11 2023-01-10 北京天德科技有限公司 一种基于区块链系统的交易数据移除方法
CN114172665A (zh) * 2021-12-07 2022-03-11 东软集团股份有限公司 区块链零信任系统以及用于区块链零信任系统的方法

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105790954A (zh) * 2016-03-02 2016-07-20 布比(北京)网络技术有限公司 一种构建电子证据的方法和系统
CN105975868A (zh) * 2016-04-29 2016-09-28 杭州云象网络技术有限公司 一种基于区块链的证据保全方法及装置
CN106100847A (zh) * 2016-06-14 2016-11-09 惠众商务顾问(北京)有限公司 非对称加密区块链身份信息验证方法及装置
CN106126722A (zh) * 2016-06-30 2016-11-16 中国科学院计算技术研究所 一种基于验证的前缀混合树及设计方法

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10346814B2 (en) * 2014-06-04 2019-07-09 MONI Limited System and method for executing financial transactions
CN104320262B (zh) * 2014-11-05 2017-07-21 中国科学院合肥物质科学研究院 基于加密数字货币公开账本技术的用户公钥地址绑定、检索和校验的方法及系统
US10484168B2 (en) * 2015-03-02 2019-11-19 Dell Products L.P. Methods and systems for obfuscating data and computations defined in a secure distributed transaction ledger
CN105719185B (zh) * 2016-01-22 2019-02-15 杭州复杂美科技有限公司 区块链的数据对比及共识方法

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105790954A (zh) * 2016-03-02 2016-07-20 布比(北京)网络技术有限公司 一种构建电子证据的方法和系统
CN105975868A (zh) * 2016-04-29 2016-09-28 杭州云象网络技术有限公司 一种基于区块链的证据保全方法及装置
CN106100847A (zh) * 2016-06-14 2016-11-09 惠众商务顾问(北京)有限公司 非对称加密区块链身份信息验证方法及装置
CN106126722A (zh) * 2016-06-30 2016-11-16 中国科学院计算技术研究所 一种基于验证的前缀混合树及设计方法

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200059510A1 (en) * 2018-08-14 2020-02-20 Microsoft Technology Licensing, Llc Blockchain digital twin
WO2020036682A1 (fr) * 2018-08-14 2020-02-20 Microsoft Technology Licensing, Llc Jumeau numérique de chaîne de blocs
CN112567712A (zh) * 2018-08-14 2021-03-26 微软技术许可有限责任公司 区块链数字孪生
US11038950B2 (en) 2018-08-14 2021-06-15 Microsoft Technology Licensing, Llc Blockchain digital twin for transactions on behalf of limited capability devices
CN112567712B (zh) * 2018-08-14 2023-09-01 微软技术许可有限责任公司 区块链数字孪生
CN112116475A (zh) * 2020-09-22 2020-12-22 中国科学院沈阳计算技术研究所有限公司 一种基于区块链的分散式数据交易方法及系统
CN112116475B (zh) * 2020-09-22 2023-07-04 中国科学院沈阳计算技术研究所有限公司 一种基于区块链的分散式数据交易方法及系统
DE102022106864A1 (de) 2022-03-23 2023-09-28 Dr. Ing. H.C. F. Porsche Aktiengesellschaft Verfahren zum Feststellen einer Zugehörigkeit eines tragbaren Gerätes zu einer assoziierten Gruppe von tragbaren Geräten auf Basis einer Blockchain

Also Published As

Publication number Publication date
CN110121860A (zh) 2019-08-13
CN110121860B (zh) 2021-08-13

Similar Documents

Publication Publication Date Title
WO2018126340A1 (fr) Procédé, dispositif et système de traitement de données basé sur une chaîne de blocs
WO2018126837A1 (fr) Système, dispositif et procédé de traitement de données basés sur une chaîne de blocs
CN109559122B (zh) 区块链数据传输方法及区块链数据传输系统
US11038682B2 (en) Communication method, apparatus and system, electronic device, and computer readable storage medium
CN111797415A (zh) 基于区块链的数据共享方法、电子设备和存储介质
CN107454079B (zh) 基于物联网平台的轻量级设备认证及共享密钥协商方法
CN108400872B (zh) 一种基于星地协同的区块链信息传输方法和系统
US20210143986A1 (en) Method for securely sharing data under certain conditions on a distributed ledger
WO2022111102A1 (fr) Procédé, système et appareil permettant d'établir une connexion sécurisée, dispositif électronique et support de stockage lisible par machine
CN103873487A (zh) 一种基于智能家居设备安全挂件的家居信任组网的实现方法
WO2019110018A1 (fr) Procédé d'authentification de messages pour système de réseau de communication, procédé de communication et système de réseau de communication
CN112311543B (zh) Gba的密钥生成方法、终端和naf网元
CN103905384A (zh) 基于安全数字证书的嵌入式终端间会话握手的实现方法
WO2022068356A1 (fr) Procédé et appareil de chiffrement d'informations basés sur une chaîne de blocs, dispositif, et support
WO2023283789A1 (fr) Procédé et appareil de communication sécurisée, dispositif terminal et périphérique de réseau
WO2024032289A1 (fr) Procédé et système de lecture vidéo, plateforme de sécurité vidéo, et dispositif de communication
WO2023236551A1 (fr) Procédé d'accès de confiance décentralisé pour station de base cellulaire
CN114039753A (zh) 一种访问控制方法、装置、存储介质及电子设备
CN114143108A (zh) 一种会话加密方法、装置、设备及存储介质
CN112866981B (zh) 一种签约数据的管理方法、装置
CN111709053B (zh) 基于松散耦合交易网络的作业方法及作业装置
CN111768189B (zh) 基于区块链的充电桩运营方法、装置及系统
CN105471657A (zh) 一种虚拟机域间通信日志管理方法、装置及系统
Gao et al. Bc-aka: Blockchain based asymmetric authentication and key agreement protocol for distributed 5g core network
US9979539B2 (en) Method and system of authenticating a network device in a location based verification framework

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17889553

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17889553

Country of ref document: EP

Kind code of ref document: A1